| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/users/multi_profile_user_controller.h" | 5 #include "chrome/browser/chromeos/login/users/multi_profile_user_controller.h" |
| 6 | 6 |
| 7 #include "base/memory/scoped_ptr.h" | 7 #include "base/memory/scoped_ptr.h" |
| 8 #include "base/run_loop.h" | 8 #include "base/run_loop.h" |
| 9 #include "base/strings/utf_string_conversions.h" | 9 #include "base/strings/utf_string_conversions.h" |
| 10 #include "chrome/browser/chromeos/login/users/fake_chrome_user_manager.h" | 10 #include "chrome/browser/chromeos/login/users/fake_chrome_user_manager.h" |
| (...skipping 98 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 109 | 109 |
| 110 } // namespace | 110 } // namespace |
| 111 | 111 |
| 112 class MultiProfileUserControllerTest | 112 class MultiProfileUserControllerTest |
| 113 : public testing::Test, | 113 : public testing::Test, |
| 114 public MultiProfileUserControllerDelegate { | 114 public MultiProfileUserControllerDelegate { |
| 115 public: | 115 public: |
| 116 MultiProfileUserControllerTest() | 116 MultiProfileUserControllerTest() |
| 117 : fake_user_manager_(new FakeChromeUserManager), | 117 : fake_user_manager_(new FakeChromeUserManager), |
| 118 user_manager_enabler_(fake_user_manager_), | 118 user_manager_enabler_(fake_user_manager_), |
| 119 user_not_allowed_count_(0) { | 119 user_not_allowed_count_(0) {} |
| 120 for (size_t i = 0; i < arraysize(kUsers); ++i) { | |
| 121 test_users_.push_back(AccountId::FromUserEmail(kUsers[i])); | |
| 122 } | |
| 123 } | |
| 124 | |
| 125 ~MultiProfileUserControllerTest() override {} | 120 ~MultiProfileUserControllerTest() override {} |
| 126 | 121 |
| 127 void SetUp() override { | 122 void SetUp() override { |
| 128 profile_manager_.reset( | 123 profile_manager_.reset( |
| 129 new TestingProfileManager(TestingBrowserProcess::GetGlobal())); | 124 new TestingProfileManager(TestingBrowserProcess::GetGlobal())); |
| 130 ASSERT_TRUE(profile_manager_->SetUp()); | 125 ASSERT_TRUE(profile_manager_->SetUp()); |
| 131 controller_.reset(new MultiProfileUserController( | 126 controller_.reset(new MultiProfileUserController( |
| 132 this, TestingBrowserProcess::GetGlobal()->local_state())); | 127 this, TestingBrowserProcess::GetGlobal()->local_state())); |
| 133 | 128 |
| 134 for (size_t i = 0; i < test_users_.size(); ++i) { | 129 for (size_t i = 0; i < arraysize(kUsers); ++i) { |
| 135 const AccountId account_id(test_users_[i]); | 130 const std::string user_email(kUsers[i]); |
| 136 const user_manager::User* user = | 131 const user_manager::User* user = fake_user_manager_->AddUser(user_email); |
| 137 fake_user_manager_->AddUser(test_users_[i]); | |
| 138 | 132 |
| 139 // Note that user profiles are created after user login in reality. | 133 // Note that user profiles are created after user login in reality. |
| 140 TestingProfile* user_profile = | 134 TestingProfile* user_profile = |
| 141 profile_manager_->CreateTestingProfile(account_id.GetUserEmail()); | 135 profile_manager_->CreateTestingProfile(user_email); |
| 142 user_profile->set_profile_name(account_id.GetUserEmail()); | 136 user_profile->set_profile_name(user_email); |
| 143 user_profiles_.push_back(user_profile); | 137 user_profiles_.push_back(user_profile); |
| 144 | 138 |
| 145 ProfileHelper::Get()->SetUserToProfileMappingForTesting(user, | 139 ProfileHelper::Get()->SetUserToProfileMappingForTesting(user, |
| 146 user_profile); | 140 user_profile); |
| 147 } | 141 } |
| 148 } | 142 } |
| 149 | 143 |
| 150 void TearDown() override { | 144 void TearDown() override { |
| 151 // Clear our cached pointer to the PolicyCertVerifier. | 145 // Clear our cached pointer to the PolicyCertVerifier. |
| 152 g_policy_cert_verifier_for_factory = NULL; | 146 g_policy_cert_verifier_for_factory = NULL; |
| 153 | 147 |
| 154 // We must ensure that the PolicyCertVerifier outlives the | 148 // We must ensure that the PolicyCertVerifier outlives the |
| 155 // PolicyCertService so shutdown the profile here. Additionally, we need | 149 // PolicyCertService so shutdown the profile here. Additionally, we need |
| 156 // to run the message loop between freeing the PolicyCertService and | 150 // to run the message loop between freeing the PolicyCertService and |
| 157 // freeing the PolicyCertVerifier (see | 151 // freeing the PolicyCertVerifier (see |
| 158 // PolicyCertService::OnTrustAnchorsChanged() which is called from | 152 // PolicyCertService::OnTrustAnchorsChanged() which is called from |
| 159 // PolicyCertService::Shutdown()). | 153 // PolicyCertService::Shutdown()). |
| 160 controller_.reset(); | 154 controller_.reset(); |
| 161 profile_manager_.reset(); | 155 profile_manager_.reset(); |
| 162 base::RunLoop().RunUntilIdle(); | 156 base::RunLoop().RunUntilIdle(); |
| 163 } | 157 } |
| 164 | 158 |
| 165 void LoginUser(size_t user_index) { | 159 void LoginUser(size_t user_index) { |
| 166 ASSERT_LT(user_index, test_users_.size()); | 160 ASSERT_LT(user_index, arraysize(kUsers)); |
| 167 fake_user_manager_->LoginUser(test_users_[user_index]); | 161 fake_user_manager_->LoginUser(kUsers[user_index]); |
| 168 controller_->StartObserving(user_profiles_[user_index]); | 162 controller_->StartObserving(user_profiles_[user_index]); |
| 169 } | 163 } |
| 170 | 164 |
| 171 void SetOwner(size_t user_index) { | 165 void SetOwner(size_t user_index) { |
| 172 fake_user_manager_->set_owner_id(test_users_[user_index]); | 166 fake_user_manager_->set_owner_email(kUsers[user_index]); |
| 173 } | 167 } |
| 174 | 168 |
| 175 PrefService* GetUserPrefs(size_t user_index) { | 169 PrefService* GetUserPrefs(size_t user_index) { |
| 176 return user_profiles_[user_index]->GetPrefs(); | 170 return user_profiles_[user_index]->GetPrefs(); |
| 177 } | 171 } |
| 178 | 172 |
| 179 void SetPrefBehavior(size_t user_index, const std::string& behavior) { | 173 void SetPrefBehavior(size_t user_index, const std::string& behavior) { |
| 180 GetUserPrefs(user_index)->SetString(prefs::kMultiProfileUserBehavior, | 174 GetUserPrefs(user_index)->SetString(prefs::kMultiProfileUserBehavior, |
| 181 behavior); | 175 behavior); |
| 182 } | 176 } |
| 183 | 177 |
| 184 std::string GetCachedBehavior(size_t user_index) { | 178 std::string GetCachedBehavior(size_t user_index) { |
| 185 return controller_->GetCachedValue(test_users_[user_index].GetUserEmail()); | 179 return controller_->GetCachedValue(kUsers[user_index]); |
| 186 } | 180 } |
| 187 | 181 |
| 188 void SetCachedBehavior(size_t user_index, | 182 void SetCachedBehavior(size_t user_index, |
| 189 const std::string& behavior) { | 183 const std::string& behavior) { |
| 190 controller_->SetCachedValue(test_users_[user_index].GetUserEmail(), | 184 controller_->SetCachedValue(kUsers[user_index], behavior); |
| 191 behavior); | |
| 192 } | 185 } |
| 193 | 186 |
| 194 void ResetCounts() { | 187 void ResetCounts() { |
| 195 user_not_allowed_count_ = 0; | 188 user_not_allowed_count_ = 0; |
| 196 } | 189 } |
| 197 | 190 |
| 198 // MultiProfileUserControllerDeleagte overrides: | 191 // MultiProfileUserControllerDeleagte overrides: |
| 199 void OnUserNotAllowed(const std::string& user_email) override { | 192 void OnUserNotAllowed(const std::string& user_email) override { |
| 200 ++user_not_allowed_count_; | 193 ++user_not_allowed_count_; |
| 201 } | 194 } |
| (...skipping 10 matching lines...) Expand all Loading... |
| 212 scoped_ptr<TestingProfileManager> profile_manager_; | 205 scoped_ptr<TestingProfileManager> profile_manager_; |
| 213 FakeChromeUserManager* fake_user_manager_; // Not owned | 206 FakeChromeUserManager* fake_user_manager_; // Not owned |
| 214 ScopedUserManagerEnabler user_manager_enabler_; | 207 ScopedUserManagerEnabler user_manager_enabler_; |
| 215 | 208 |
| 216 scoped_ptr<MultiProfileUserController> controller_; | 209 scoped_ptr<MultiProfileUserController> controller_; |
| 217 | 210 |
| 218 std::vector<TestingProfile*> user_profiles_; | 211 std::vector<TestingProfile*> user_profiles_; |
| 219 | 212 |
| 220 int user_not_allowed_count_; | 213 int user_not_allowed_count_; |
| 221 | 214 |
| 222 std::vector<AccountId> test_users_; | |
| 223 | |
| 224 private: | 215 private: |
| 225 DISALLOW_COPY_AND_ASSIGN(MultiProfileUserControllerTest); | 216 DISALLOW_COPY_AND_ASSIGN(MultiProfileUserControllerTest); |
| 226 }; | 217 }; |
| 227 | 218 |
| 228 // Tests that everyone is allowed before a session starts. | 219 // Tests that everyone is allowed before a session starts. |
| 229 TEST_F(MultiProfileUserControllerTest, AllAllowedBeforeLogin) { | 220 TEST_F(MultiProfileUserControllerTest, AllAllowedBeforeLogin) { |
| 230 const char* const kTestCases[] = { | 221 const char* const kTestCases[] = { |
| 231 MultiProfileUserController::kBehaviorUnrestricted, | 222 MultiProfileUserController::kBehaviorUnrestricted, |
| 232 MultiProfileUserController::kBehaviorPrimaryOnly, | 223 MultiProfileUserController::kBehaviorPrimaryOnly, |
| 233 MultiProfileUserController::kBehaviorNotAllowed, | 224 MultiProfileUserController::kBehaviorNotAllowed, |
| 234 }; | 225 }; |
| 235 for (size_t i = 0; i < arraysize(kTestCases); ++i) { | 226 for (size_t i = 0; i < arraysize(kTestCases); ++i) { |
| 236 SetCachedBehavior(0, kTestCases[i]); | 227 SetCachedBehavior(0, kTestCases[i]); |
| 237 MultiProfileUserController::UserAllowedInSessionReason reason; | 228 MultiProfileUserController::UserAllowedInSessionReason reason; |
| 238 EXPECT_TRUE(controller()->IsUserAllowedInSession( | 229 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[0], &reason)) |
| 239 test_users_[0].GetUserEmail(), &reason)) | |
| 240 << "Case " << i; | 230 << "Case " << i; |
| 241 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason) << "Case " << i; | 231 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason) << "Case " << i; |
| 242 EXPECT_EQ(MultiProfileUserController::ALLOWED, | 232 EXPECT_EQ(MultiProfileUserController::ALLOWED, |
| 243 MultiProfileUserController::GetPrimaryUserPolicy()) | 233 MultiProfileUserController::GetPrimaryUserPolicy()) |
| 244 << "Case " << i; | 234 << "Case " << i; |
| 245 } | 235 } |
| 246 } | 236 } |
| 247 | 237 |
| 248 // Tests that invalid cache value would become the default "unrestricted". | 238 // Tests that invalid cache value would become the default "unrestricted". |
| 249 TEST_F(MultiProfileUserControllerTest, InvalidCacheBecomesDefault) { | 239 TEST_F(MultiProfileUserControllerTest, InvalidCacheBecomesDefault) { |
| (...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 295 TEST_F(MultiProfileUserControllerTest, IsSecondaryAllowed) { | 285 TEST_F(MultiProfileUserControllerTest, IsSecondaryAllowed) { |
| 296 LoginUser(0); | 286 LoginUser(0); |
| 297 | 287 |
| 298 for (size_t i = 0; i < arraysize(kBehaviorTestCases); ++i) { | 288 for (size_t i = 0; i < arraysize(kBehaviorTestCases); ++i) { |
| 299 SetPrefBehavior(0, kBehaviorTestCases[i].primary); | 289 SetPrefBehavior(0, kBehaviorTestCases[i].primary); |
| 300 SetCachedBehavior(1, kBehaviorTestCases[i].secondary); | 290 SetCachedBehavior(1, kBehaviorTestCases[i].secondary); |
| 301 EXPECT_EQ(kBehaviorTestCases[i].expected_primary_policy, | 291 EXPECT_EQ(kBehaviorTestCases[i].expected_primary_policy, |
| 302 MultiProfileUserController::GetPrimaryUserPolicy()) | 292 MultiProfileUserController::GetPrimaryUserPolicy()) |
| 303 << "Case " << i; | 293 << "Case " << i; |
| 304 MultiProfileUserController::UserAllowedInSessionReason reason; | 294 MultiProfileUserController::UserAllowedInSessionReason reason; |
| 305 controller()->IsUserAllowedInSession(test_users_[1].GetUserEmail(), | 295 controller()->IsUserAllowedInSession(kUsers[1], &reason); |
| 306 &reason); | |
| 307 EXPECT_EQ(kBehaviorTestCases[i].expected_secondary_allowed, reason) | 296 EXPECT_EQ(kBehaviorTestCases[i].expected_secondary_allowed, reason) |
| 308 << "Case " << i; | 297 << "Case " << i; |
| 309 } | 298 } |
| 310 } | 299 } |
| 311 | 300 |
| 312 // Tests user behavior changes within a two-user session. | 301 // Tests user behavior changes within a two-user session. |
| 313 TEST_F(MultiProfileUserControllerTest, PrimaryBehaviorChange) { | 302 TEST_F(MultiProfileUserControllerTest, PrimaryBehaviorChange) { |
| 314 LoginUser(0); | 303 LoginUser(0); |
| 315 LoginUser(1); | 304 LoginUser(1); |
| 316 | 305 |
| (...skipping 13 matching lines...) Expand all Loading... |
| 330 MultiProfileUserController::ALLOWED) | 319 MultiProfileUserController::ALLOWED) |
| 331 << "Case " << i; | 320 << "Case " << i; |
| 332 } | 321 } |
| 333 } | 322 } |
| 334 } | 323 } |
| 335 | 324 |
| 336 TEST_F(MultiProfileUserControllerTest, | 325 TEST_F(MultiProfileUserControllerTest, |
| 337 UsedPolicyCertificatesAllowedForPrimary) { | 326 UsedPolicyCertificatesAllowedForPrimary) { |
| 338 // Verifies that any user can sign-in as the primary user, regardless of the | 327 // Verifies that any user can sign-in as the primary user, regardless of the |
| 339 // tainted state. | 328 // tainted state. |
| 340 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates( | 329 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates(kUsers[0]); |
| 341 test_users_[0].GetUserEmail()); | |
| 342 MultiProfileUserController::UserAllowedInSessionReason reason; | 330 MultiProfileUserController::UserAllowedInSessionReason reason; |
| 343 EXPECT_TRUE(controller()->IsUserAllowedInSession( | 331 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[0], &reason)); |
| 344 test_users_[0].GetUserEmail(), &reason)); | |
| 345 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); | 332 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); |
| 346 EXPECT_TRUE(controller()->IsUserAllowedInSession( | 333 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); |
| 347 test_users_[1].GetUserEmail(), &reason)); | |
| 348 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); | 334 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); |
| 349 EXPECT_EQ(MultiProfileUserController::ALLOWED, | 335 EXPECT_EQ(MultiProfileUserController::ALLOWED, |
| 350 MultiProfileUserController::GetPrimaryUserPolicy()); | 336 MultiProfileUserController::GetPrimaryUserPolicy()); |
| 351 } | 337 } |
| 352 | 338 |
| 353 TEST_F(MultiProfileUserControllerTest, | 339 TEST_F(MultiProfileUserControllerTest, |
| 354 UsedPolicyCertificatesDisallowedForSecondary) { | 340 UsedPolicyCertificatesDisallowedForSecondary) { |
| 355 // Verifies that if a regular user is signed-in then other regular users can | 341 // Verifies that if a regular user is signed-in then other regular users can |
| 356 // be added but tainted users can't. | 342 // be added but tainted users can't. |
| 357 LoginUser(1); | 343 LoginUser(1); |
| 358 | 344 |
| 359 // TODO(xiyuan): Remove the following SetPrefBehavor when default is | 345 // TODO(xiyuan): Remove the following SetPrefBehavor when default is |
| 360 // changed back to enabled. | 346 // changed back to enabled. |
| 361 SetPrefBehavior(1, MultiProfileUserController::kBehaviorUnrestricted); | 347 SetPrefBehavior(1, MultiProfileUserController::kBehaviorUnrestricted); |
| 362 | 348 |
| 363 MultiProfileUserController::UserAllowedInSessionReason reason; | 349 MultiProfileUserController::UserAllowedInSessionReason reason; |
| 364 EXPECT_TRUE(controller()->IsUserAllowedInSession( | 350 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[0], &reason)); |
| 365 test_users_[0].GetUserEmail(), &reason)); | |
| 366 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); | 351 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); |
| 367 | 352 |
| 368 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates( | 353 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates(kUsers[0]); |
| 369 test_users_[0].GetUserEmail()); | 354 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[0], &reason)); |
| 370 EXPECT_FALSE(controller()->IsUserAllowedInSession( | |
| 371 test_users_[0].GetUserEmail(), &reason)); | |
| 372 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_POLICY_CERT_TAINTED, | 355 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_POLICY_CERT_TAINTED, |
| 373 reason); | 356 reason); |
| 374 } | 357 } |
| 375 | 358 |
| 376 TEST_F(MultiProfileUserControllerTest, | 359 TEST_F(MultiProfileUserControllerTest, |
| 377 UsedPolicyCertificatesDisallowsSecondaries) { | 360 UsedPolicyCertificatesDisallowsSecondaries) { |
| 378 // Verifies that if a tainted user is signed-in then no other users can | 361 // Verifies that if a tainted user is signed-in then no other users can |
| 379 // be added. | 362 // be added. |
| 380 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates( | 363 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates(kUsers[0]); |
| 381 test_users_[0].GetUserEmail()); | |
| 382 LoginUser(0); | 364 LoginUser(0); |
| 383 | 365 |
| 384 cert_verifier_.reset(new policy::PolicyCertVerifier(base::Closure())); | 366 cert_verifier_.reset(new policy::PolicyCertVerifier(base::Closure())); |
| 385 g_policy_cert_verifier_for_factory = cert_verifier_.get(); | 367 g_policy_cert_verifier_for_factory = cert_verifier_.get(); |
| 386 ASSERT_TRUE( | 368 ASSERT_TRUE( |
| 387 policy::PolicyCertServiceFactory::GetInstance()->SetTestingFactoryAndUse( | 369 policy::PolicyCertServiceFactory::GetInstance()->SetTestingFactoryAndUse( |
| 388 profile(0), TestPolicyCertServiceFactory)); | 370 profile(0), TestPolicyCertServiceFactory)); |
| 389 | 371 |
| 390 MultiProfileUserController::UserAllowedInSessionReason reason; | 372 MultiProfileUserController::UserAllowedInSessionReason reason; |
| 391 EXPECT_FALSE(controller()->IsUserAllowedInSession( | 373 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); |
| 392 test_users_[1].GetUserEmail(), &reason)); | |
| 393 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, | 374 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, |
| 394 reason); | 375 reason); |
| 395 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, | 376 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, |
| 396 MultiProfileUserController::GetPrimaryUserPolicy()); | 377 MultiProfileUserController::GetPrimaryUserPolicy()); |
| 397 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates( | 378 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates(kUsers[1]); |
| 398 test_users_[1].GetUserEmail()); | 379 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); |
| 399 EXPECT_FALSE(controller()->IsUserAllowedInSession( | |
| 400 test_users_[1].GetUserEmail(), &reason)); | |
| 401 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_POLICY_CERT_TAINTED, | 380 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_POLICY_CERT_TAINTED, |
| 402 reason); | 381 reason); |
| 403 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, | 382 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, |
| 404 MultiProfileUserController::GetPrimaryUserPolicy()); | 383 MultiProfileUserController::GetPrimaryUserPolicy()); |
| 405 | 384 |
| 406 // Flush tasks posted to IO. | 385 // Flush tasks posted to IO. |
| 407 base::RunLoop().RunUntilIdle(); | 386 base::RunLoop().RunUntilIdle(); |
| 408 } | 387 } |
| 409 | 388 |
| 410 TEST_F(MultiProfileUserControllerTest, | 389 TEST_F(MultiProfileUserControllerTest, |
| (...skipping 10 matching lines...) Expand all Loading... |
| 421 g_policy_cert_verifier_for_factory = cert_verifier_.get(); | 400 g_policy_cert_verifier_for_factory = cert_verifier_.get(); |
| 422 ASSERT_TRUE( | 401 ASSERT_TRUE( |
| 423 policy::PolicyCertServiceFactory::GetInstance()->SetTestingFactoryAndUse( | 402 policy::PolicyCertServiceFactory::GetInstance()->SetTestingFactoryAndUse( |
| 424 profile(0), TestPolicyCertServiceFactory)); | 403 profile(0), TestPolicyCertServiceFactory)); |
| 425 policy::PolicyCertService* service = | 404 policy::PolicyCertService* service = |
| 426 policy::PolicyCertServiceFactory::GetForProfile(profile(0)); | 405 policy::PolicyCertServiceFactory::GetForProfile(profile(0)); |
| 427 ASSERT_TRUE(service); | 406 ASSERT_TRUE(service); |
| 428 | 407 |
| 429 EXPECT_FALSE(service->has_policy_certificates()); | 408 EXPECT_FALSE(service->has_policy_certificates()); |
| 430 MultiProfileUserController::UserAllowedInSessionReason reason; | 409 MultiProfileUserController::UserAllowedInSessionReason reason; |
| 431 EXPECT_TRUE(controller()->IsUserAllowedInSession( | 410 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); |
| 432 test_users_[1].GetUserEmail(), &reason)); | |
| 433 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); | 411 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); |
| 434 EXPECT_EQ(MultiProfileUserController::ALLOWED, | 412 EXPECT_EQ(MultiProfileUserController::ALLOWED, |
| 435 MultiProfileUserController::GetPrimaryUserPolicy()); | 413 MultiProfileUserController::GetPrimaryUserPolicy()); |
| 436 | 414 |
| 437 net::CertificateList certificates; | 415 net::CertificateList certificates; |
| 438 certificates.push_back(new net::X509Certificate( | 416 certificates.push_back(new net::X509Certificate( |
| 439 "subject", "issuer", base::Time(), base::Time())); | 417 "subject", "issuer", base::Time(), base::Time())); |
| 440 service->OnTrustAnchorsChanged(certificates); | 418 service->OnTrustAnchorsChanged(certificates); |
| 441 EXPECT_TRUE(service->has_policy_certificates()); | 419 EXPECT_TRUE(service->has_policy_certificates()); |
| 442 EXPECT_FALSE(controller()->IsUserAllowedInSession( | 420 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); |
| 443 test_users_[1].GetUserEmail(), &reason)); | |
| 444 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, | 421 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, |
| 445 reason); | 422 reason); |
| 446 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, | 423 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, |
| 447 MultiProfileUserController::GetPrimaryUserPolicy()); | 424 MultiProfileUserController::GetPrimaryUserPolicy()); |
| 448 | 425 |
| 449 // Flush tasks posted to IO. | 426 // Flush tasks posted to IO. |
| 450 base::RunLoop().RunUntilIdle(); | 427 base::RunLoop().RunUntilIdle(); |
| 451 } | 428 } |
| 452 | 429 |
| 453 } // namespace chromeos | 430 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1425093004:
Revert of This CL replaces user_manager::UserID with AccountId. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@468875--Chrome-OS-handles-deletion-of-Gmail-account-poorly--Create-AccountID-structure-part2--user_names