| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/callback.h" | 5 #include "base/callback.h" |
| 6 #include "base/values.h" | 6 #include "base/values.h" |
| 7 #include "chrome/browser/browser_process.h" | 7 #include "chrome/browser/browser_process.h" |
| 8 #include "chrome/browser/ui/browser.h" | 8 #include "chrome/browser/ui/browser.h" |
| 9 #include "chrome/browser/ui/tabs/tab_strip_model.h" | 9 #include "chrome/browser/ui/tabs/tab_strip_model.h" |
| 10 #include "chrome/browser/ui/webui/options/options_ui_browsertest.h" | 10 #include "chrome/browser/ui/webui/options/options_ui_browsertest.h" |
| 11 #include "components/policy/core/browser/browser_policy_connector.h" | 11 #include "components/policy/core/browser/browser_policy_connector.h" |
| 12 #include "components/policy/core/common/external_data_fetcher.h" | 12 #include "components/policy/core/common/external_data_fetcher.h" |
| 13 #include "components/policy/core/common/mock_configuration_policy_provider.h" | 13 #include "components/policy/core/common/mock_configuration_policy_provider.h" |
| 14 #include "components/policy/core/common/policy_map.h" | 14 #include "components/policy/core/common/policy_map.h" |
| 15 #include "components/policy/core/common/policy_types.h" | 15 #include "components/policy/core/common/policy_types.h" |
| 16 #include "content/public/browser/web_contents.h" | 16 #include "content/public/browser/web_contents.h" |
| 17 #include "content/public/test/browser_test_utils.h" | 17 #include "content/public/test/browser_test_utils.h" |
| 18 #include "content/public/test/test_utils.h" | 18 #include "content/public/test/test_utils.h" |
| 19 #include "policy/policy_constants.h" | 19 #include "policy/policy_constants.h" |
| 20 #include "testing/gmock/include/gmock/gmock.h" | 20 #include "testing/gmock/include/gmock/gmock.h" |
| 21 #include "testing/gtest/include/gtest/gtest.h" | 21 #include "testing/gtest/include/gtest/gtest.h" |
| 22 | 22 |
| 23 #if defined(OS_CHROMEOS) | 23 #if defined(OS_CHROMEOS) |
| 24 #include "chrome/browser/chromeos/policy/device_policy_cros_browser_test.h" | 24 #include "chrome/browser/chromeos/policy/device_policy_cros_browser_test.h" |
| 25 #include "chrome/browser/chromeos/policy/network_configuration_updater.h" | 25 #include "chrome/browser/chromeos/policy/user_network_configuration_updater.h" |
| 26 #include "chrome/browser/chromeos/policy/user_network_configuration_updater_fact
ory.h" |
| 27 #include "chrome/browser/net/nss_context.h" |
| 28 #include "chromeos/network/onc/onc_certificate_importer_impl.h" |
| 26 #include "chromeos/network/onc/onc_test_utils.h" | 29 #include "chromeos/network/onc/onc_test_utils.h" |
| 27 #include "crypto/nss_util.h" | 30 #include "crypto/nss_util.h" |
| 28 #endif | 31 #endif |
| 29 | 32 |
| 30 using testing::Return; | 33 using testing::Return; |
| 31 using testing::_; | 34 using testing::_; |
| 32 | 35 |
| 33 class CertificateManagerBrowserTest : public options::OptionsUIBrowserTest { | 36 class CertificateManagerBrowserTest : public options::OptionsUIBrowserTest { |
| 34 public: | 37 public: |
| 35 CertificateManagerBrowserTest() {} | 38 CertificateManagerBrowserTest() {} |
| 36 virtual ~CertificateManagerBrowserTest() {} | 39 virtual ~CertificateManagerBrowserTest() {} |
| 37 | 40 |
| 38 protected: | 41 protected: |
| 42 virtual void SetUp() OVERRIDE { |
| 43 #if defined(OS_CHROMEOS) |
| 44 policy::UserNetworkConfigurationUpdater:: |
| 45 SetSkipCertificateImporterCreationForTest(true); |
| 46 #endif |
| 47 options::OptionsUIBrowserTest::SetUp(); |
| 48 } |
| 49 |
| 50 virtual void TearDown() OVERRIDE { |
| 51 #if defined(OS_CHROMEOS) |
| 52 policy::UserNetworkConfigurationUpdater:: |
| 53 SetSkipCertificateImporterCreationForTest(false); |
| 54 #endif |
| 55 options::OptionsUIBrowserTest::TearDown(); |
| 56 } |
| 57 |
| 39 virtual void SetUpInProcessBrowserTestFixture() OVERRIDE { | 58 virtual void SetUpInProcessBrowserTestFixture() OVERRIDE { |
| 40 #if defined(OS_CHROMEOS) | 59 #if defined(OS_CHROMEOS) |
| 41 device_policy_test_helper_.MarkAsEnterpriseOwned(); | 60 device_policy_test_helper_.MarkAsEnterpriseOwned(); |
| 42 #endif | 61 #endif |
| 43 // Setup the policy provider for injecting certs through ONC policy. | 62 // Setup the policy provider for injecting certs through ONC policy. |
| 44 EXPECT_CALL(provider_, IsInitializationComplete(_)) | 63 EXPECT_CALL(provider_, IsInitializationComplete(_)) |
| 45 .WillRepeatedly(Return(true)); | 64 .WillRepeatedly(Return(true)); |
| 46 policy::BrowserPolicyConnector::SetPolicyProviderForTesting(&provider_); | 65 policy::BrowserPolicyConnector::SetPolicyProviderForTesting(&provider_); |
| 47 } | 66 } |
| 48 | 67 |
| 49 void SetUpOnIOThread() { | 68 void SetUpOnIOThread() { |
| 50 #if defined(OS_CHROMEOS) | 69 #if defined(OS_CHROMEOS) |
| 51 test_nssdb_.reset(new crypto::ScopedTestNSSDB()); | 70 test_nssdb_.reset(new crypto::ScopedTestNSSDB()); |
| 52 #endif | 71 #endif |
| 53 } | 72 } |
| 54 | 73 |
| 55 void TearDownOnIOThread() { | 74 void TearDownOnIOThread() { |
| 56 #if defined(OS_CHROMEOS) | 75 #if defined(OS_CHROMEOS) |
| 57 test_nssdb_.reset(); | 76 test_nssdb_.reset(); |
| 58 #endif | 77 #endif |
| 59 } | 78 } |
| 60 | 79 |
| 61 virtual void SetUpOnMainThread() OVERRIDE { | 80 virtual void SetUpOnMainThread() OVERRIDE { |
| 62 content::BrowserThread::PostTask( | 81 content::BrowserThread::PostTask( |
| 63 content::BrowserThread::IO, | 82 content::BrowserThread::IO, |
| 64 FROM_HERE, | 83 FROM_HERE, |
| 65 base::Bind(&CertificateManagerBrowserTest::SetUpOnIOThread, this)); | 84 base::Bind(&CertificateManagerBrowserTest::SetUpOnIOThread, this)); |
| 85 |
| 66 content::RunAllPendingInMessageLoop(content::BrowserThread::IO); | 86 content::RunAllPendingInMessageLoop(content::BrowserThread::IO); |
| 87 content::RunAllPendingInMessageLoop(); |
| 67 | 88 |
| 89 #if defined(OS_CHROMEOS) |
| 90 // UserNetworkConfigurationUpdater's onc::CertificateImporter is usually |
| 91 // passed the NSSCertDatabase fetched during testing profile |
| 92 // constrution. Unfortunately, test database gets setup after that, so we |
| 93 // would end up with |PK11_GetInternalKeySlot|. The cause of this is in |
| 94 // |crypto::InitializeNSSForChromeOSUser|, which does not open new |
| 95 // database slot for primary user, but it just uses the singleton one (which |
| 96 // is not set in tests before |test_nssdb_| is created). To handle this, |
| 97 // creating certificate importer during the UserNetworkConfiguirationUpdater |
| 98 // service creation is set to be skipped (see |SetUp|), and cert importer |
| 99 // is set up here. |
| 100 // Note that creating |test_nssdb_| sooner (in SetUp) would break thread |
| 101 // restrictions, which require it to be used on IO thread only. |
| 102 // TODO(tbarzic): Update InitializeNSSForChromeOSUser not to special case |
| 103 // the primary user. |
| 104 GetNSSCertDatabaseForProfile( |
| 105 browser()->profile(), |
| 106 base::Bind( |
| 107 &CertificateManagerBrowserTest::UpdateNetworkConfigurationUpdater, |
| 108 base::Unretained(this))); |
| 109 |
| 110 content::RunAllPendingInMessageLoop(content::BrowserThread::IO); |
| 68 content::RunAllPendingInMessageLoop(); | 111 content::RunAllPendingInMessageLoop(); |
| 112 #endif |
| 69 } | 113 } |
| 70 | 114 |
| 71 virtual void CleanUpOnMainThread() OVERRIDE { | 115 virtual void CleanUpOnMainThread() OVERRIDE { |
| 72 content::BrowserThread::PostTask( | 116 content::BrowserThread::PostTask( |
| 73 content::BrowserThread::IO, | 117 content::BrowserThread::IO, |
| 74 FROM_HERE, | 118 FROM_HERE, |
| 75 base::Bind(&CertificateManagerBrowserTest::TearDownOnIOThread, this)); | 119 base::Bind(&CertificateManagerBrowserTest::TearDownOnIOThread, this)); |
| 76 content::RunAllPendingInMessageLoop(content::BrowserThread::IO); | 120 content::RunAllPendingInMessageLoop(content::BrowserThread::IO); |
| 77 } | 121 } |
| 78 | 122 |
| 79 #if defined(OS_CHROMEOS) | 123 #if defined(OS_CHROMEOS) |
| 124 void UpdateNetworkConfigurationUpdater(net::NSSCertDatabase* database) { |
| 125 policy::UserNetworkConfigurationUpdaterFactory::GetForProfile( |
| 126 browser()->profile())->SetCertificateImporterForTest( |
| 127 scoped_ptr<chromeos::onc::CertificateImporter>( |
| 128 new chromeos::onc::CertificateImporterImpl(database))); |
| 129 } |
| 130 |
| 80 void LoadONCPolicy(const std::string& filename) { | 131 void LoadONCPolicy(const std::string& filename) { |
| 81 const std::string& user_policy_blob = | 132 const std::string& user_policy_blob = |
| 82 chromeos::onc::test_utils::ReadTestData(filename); | 133 chromeos::onc::test_utils::ReadTestData(filename); |
| 83 policy::PolicyMap policy; | 134 policy::PolicyMap policy; |
| 84 policy.Set(policy::key::kOpenNetworkConfiguration, | 135 policy.Set(policy::key::kOpenNetworkConfiguration, |
| 85 policy::POLICY_LEVEL_MANDATORY, | 136 policy::POLICY_LEVEL_MANDATORY, |
| 86 policy::POLICY_SCOPE_USER, | 137 policy::POLICY_SCOPE_USER, |
| 87 base::Value::CreateStringValue(user_policy_blob), | 138 base::Value::CreateStringValue(user_policy_blob), |
| 88 NULL); | 139 NULL); |
| 89 provider_.UpdateChromePolicy(policy); | 140 provider_.UpdateChromePolicy(policy); |
| (...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 153 #endif | 204 #endif |
| 154 IN_PROC_BROWSER_TEST_F(CertificateManagerBrowserTest, | 205 IN_PROC_BROWSER_TEST_F(CertificateManagerBrowserTest, |
| 155 MAYBE_PolicyCertificateWithWebTrustHasIndicator) { | 206 MAYBE_PolicyCertificateWithWebTrustHasIndicator) { |
| 156 LoadONCPolicy("certificate-web-authority.onc"); | 207 LoadONCPolicy("certificate-web-authority.onc"); |
| 157 NavigateToSettings(); | 208 NavigateToSettings(); |
| 158 ClickElement("#certificatesManageButton"); | 209 ClickElement("#certificatesManageButton"); |
| 159 ClickElement("#ca-certs-nav-tab"); | 210 ClickElement("#ca-certs-nav-tab"); |
| 160 EXPECT_TRUE(HasElement(".cert-policy")); | 211 EXPECT_TRUE(HasElement(".cert-policy")); |
| 161 } | 212 } |
| 162 #endif | 213 #endif |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 148183013:
Use per-user nssdb in onc certificate importer (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src