OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h" | 5 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h" |
6 | 6 |
| 7 #include <stdint.h> |
| 8 |
7 #include <vector> | 9 #include <vector> |
8 | 10 |
9 #include "base/basictypes.h" | |
10 #include "base/bind.h" | 11 #include "base/bind.h" |
11 #include "base/files/file_util.h" | 12 #include "base/files/file_util.h" |
12 #include "base/files/scoped_temp_dir.h" | 13 #include "base/files/scoped_temp_dir.h" |
| 14 #include "base/macros.h" |
13 #include "base/memory/scoped_ptr.h" | 15 #include "base/memory/scoped_ptr.h" |
14 #include "base/message_loop/message_loop.h" | 16 #include "base/message_loop/message_loop.h" |
15 #include "base/threading/sequenced_worker_pool.h" | 17 #include "base/threading/sequenced_worker_pool.h" |
16 #include "chromeos/dbus/mock_cryptohome_client.h" | 18 #include "chromeos/dbus/mock_cryptohome_client.h" |
17 #include "chromeos/dbus/mock_session_manager_client.h" | 19 #include "chromeos/dbus/mock_session_manager_client.h" |
18 #include "components/policy/core/common/cloud/cloud_policy_constants.h" | 20 #include "components/policy/core/common/cloud/cloud_policy_constants.h" |
19 #include "components/policy/core/common/cloud/mock_cloud_policy_store.h" | 21 #include "components/policy/core/common/cloud/mock_cloud_policy_store.h" |
20 #include "components/policy/core/common/cloud/policy_builder.h" | 22 #include "components/policy/core/common/cloud/policy_builder.h" |
21 #include "components/policy/core/common/policy_types.h" | 23 #include "components/policy/core/common/policy_types.h" |
22 #include "policy/policy_constants.h" | 24 #include "policy/policy_constants.h" |
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
65 | 67 |
66 ASSERT_TRUE(tmp_dir_.CreateUniqueTempDir()); | 68 ASSERT_TRUE(tmp_dir_.CreateUniqueTempDir()); |
67 store_.reset(new UserCloudPolicyStoreChromeOS( | 69 store_.reset(new UserCloudPolicyStoreChromeOS( |
68 &cryptohome_client_, &session_manager_client_, loop_.task_runner(), | 70 &cryptohome_client_, &session_manager_client_, loop_.task_runner(), |
69 PolicyBuilder::kFakeUsername, user_policy_dir(), token_file(), | 71 PolicyBuilder::kFakeUsername, user_policy_dir(), token_file(), |
70 policy_file())); | 72 policy_file())); |
71 store_->AddObserver(&observer_); | 73 store_->AddObserver(&observer_); |
72 | 74 |
73 // Install the initial public key, so that by default the validation of | 75 // Install the initial public key, so that by default the validation of |
74 // the stored/loaded policy blob succeeds. | 76 // the stored/loaded policy blob succeeds. |
75 std::vector<uint8> public_key; | 77 std::vector<uint8_t> public_key; |
76 ASSERT_TRUE(policy_.GetSigningKey()->ExportPublicKey(&public_key)); | 78 ASSERT_TRUE(policy_.GetSigningKey()->ExportPublicKey(&public_key)); |
77 StoreUserPolicyKey(public_key); | 79 StoreUserPolicyKey(public_key); |
78 | 80 |
79 policy_.payload().mutable_homepagelocation()->set_value(kDefaultHomepage); | 81 policy_.payload().mutable_homepagelocation()->set_value(kDefaultHomepage); |
80 policy_.Build(); | 82 policy_.Build(); |
81 } | 83 } |
82 | 84 |
83 void TearDown() override { | 85 void TearDown() override { |
84 store_->RemoveObserver(&observer_); | 86 store_->RemoveObserver(&observer_); |
85 store_.reset(); | 87 store_.reset(); |
(...skipping 29 matching lines...) Expand all Loading... |
115 // Verifies that store_->policy_map() has the HomepageLocation entry with | 117 // Verifies that store_->policy_map() has the HomepageLocation entry with |
116 // the |expected_value|. | 118 // the |expected_value|. |
117 void VerifyPolicyMap(const char* expected_value) { | 119 void VerifyPolicyMap(const char* expected_value) { |
118 EXPECT_EQ(1U, store_->policy_map().size()); | 120 EXPECT_EQ(1U, store_->policy_map().size()); |
119 const PolicyMap::Entry* entry = | 121 const PolicyMap::Entry* entry = |
120 store_->policy_map().Get(key::kHomepageLocation); | 122 store_->policy_map().Get(key::kHomepageLocation); |
121 ASSERT_TRUE(entry); | 123 ASSERT_TRUE(entry); |
122 EXPECT_TRUE(base::StringValue(expected_value).Equals(entry->value)); | 124 EXPECT_TRUE(base::StringValue(expected_value).Equals(entry->value)); |
123 } | 125 } |
124 | 126 |
125 void StoreUserPolicyKey(const std::vector<uint8>& public_key) { | 127 void StoreUserPolicyKey(const std::vector<uint8_t>& public_key) { |
126 ASSERT_TRUE(base::CreateDirectory(user_policy_key_file().DirName())); | 128 ASSERT_TRUE(base::CreateDirectory(user_policy_key_file().DirName())); |
127 ASSERT_TRUE( | 129 ASSERT_TRUE( |
128 base::WriteFile(user_policy_key_file(), | 130 base::WriteFile(user_policy_key_file(), |
129 reinterpret_cast<const char*>(public_key.data()), | 131 reinterpret_cast<const char*>(public_key.data()), |
130 public_key.size())); | 132 public_key.size())); |
131 } | 133 } |
132 | 134 |
133 // Stores the current |policy_| and verifies that it is published. | 135 // Stores the current |policy_| and verifies that it is published. |
134 // If |new_public_key| is set then it will be persisted after storing but | 136 // If |new_public_key| is set then it will be persisted after storing but |
135 // before loading the policy, so that the signature validation can succeed. | 137 // before loading the policy, so that the signature validation can succeed. |
136 // If |previous_value| is set then a previously existing policy with that | 138 // If |previous_value| is set then a previously existing policy with that |
137 // value will be expected; otherwise no previous policy is expected. | 139 // value will be expected; otherwise no previous policy is expected. |
138 // If |new_value| is set then a new policy with that value is expected after | 140 // If |new_value| is set then a new policy with that value is expected after |
139 // storing the |policy_| blob. | 141 // storing the |policy_| blob. |
140 void PerformStorePolicy(const std::vector<uint8>* new_public_key, | 142 void PerformStorePolicy(const std::vector<uint8_t>* new_public_key, |
141 const char* previous_value, | 143 const char* previous_value, |
142 const char* new_value) { | 144 const char* new_value) { |
143 chromeos::SessionManagerClient::StorePolicyCallback store_callback; | 145 chromeos::SessionManagerClient::StorePolicyCallback store_callback; |
144 EXPECT_CALL(session_manager_client_, | 146 EXPECT_CALL(session_manager_client_, |
145 StorePolicyForUser(PolicyBuilder::kFakeUsername, | 147 StorePolicyForUser(PolicyBuilder::kFakeUsername, |
146 policy_.GetBlob(), _)) | 148 policy_.GetBlob(), _)) |
147 .WillOnce(SaveArg<2>(&store_callback)); | 149 .WillOnce(SaveArg<2>(&store_callback)); |
148 store_->Store(policy_.policy()); | 150 store_->Store(policy_.policy()); |
149 RunUntilIdle(); | 151 RunUntilIdle(); |
150 Mock::VerifyAndClearExpectations(&session_manager_client_); | 152 Mock::VerifyAndClearExpectations(&session_manager_client_); |
(...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
231 | 233 |
232 DISALLOW_COPY_AND_ASSIGN(UserCloudPolicyStoreChromeOSTest); | 234 DISALLOW_COPY_AND_ASSIGN(UserCloudPolicyStoreChromeOSTest); |
233 }; | 235 }; |
234 | 236 |
235 TEST_F(UserCloudPolicyStoreChromeOSTest, InitialStore) { | 237 TEST_F(UserCloudPolicyStoreChromeOSTest, InitialStore) { |
236 // Start without any public key to trigger the initial key checks. | 238 // Start without any public key to trigger the initial key checks. |
237 ASSERT_TRUE(base::DeleteFile(user_policy_key_file(), false)); | 239 ASSERT_TRUE(base::DeleteFile(user_policy_key_file(), false)); |
238 // Make the policy blob contain a new public key. | 240 // Make the policy blob contain a new public key. |
239 policy_.SetDefaultNewSigningKey(); | 241 policy_.SetDefaultNewSigningKey(); |
240 policy_.Build(); | 242 policy_.Build(); |
241 std::vector<uint8> new_public_key; | 243 std::vector<uint8_t> new_public_key; |
242 ASSERT_TRUE(policy_.GetNewSigningKey()->ExportPublicKey(&new_public_key)); | 244 ASSERT_TRUE(policy_.GetNewSigningKey()->ExportPublicKey(&new_public_key)); |
243 ASSERT_NO_FATAL_FAILURE( | 245 ASSERT_NO_FATAL_FAILURE( |
244 PerformStorePolicy(&new_public_key, NULL, kDefaultHomepage)); | 246 PerformStorePolicy(&new_public_key, NULL, kDefaultHomepage)); |
245 } | 247 } |
246 | 248 |
247 TEST_F(UserCloudPolicyStoreChromeOSTest, InitialStoreValidationFail) { | 249 TEST_F(UserCloudPolicyStoreChromeOSTest, InitialStoreValidationFail) { |
248 // Start without any public key to trigger the initial key checks. | 250 // Start without any public key to trigger the initial key checks. |
249 ASSERT_TRUE(base::DeleteFile(user_policy_key_file(), false)); | 251 ASSERT_TRUE(base::DeleteFile(user_policy_key_file(), false)); |
250 // Make the policy blob contain a new public key. | 252 // Make the policy blob contain a new public key. |
251 policy_.SetDefaultSigningKey(); | 253 policy_.SetDefaultSigningKey(); |
(...skipping 26 matching lines...) Expand all Loading... |
278 | 280 |
279 TEST_F(UserCloudPolicyStoreChromeOSTest, StoreWithExistingKey) { | 281 TEST_F(UserCloudPolicyStoreChromeOSTest, StoreWithExistingKey) { |
280 ASSERT_NO_FATAL_FAILURE( | 282 ASSERT_NO_FATAL_FAILURE( |
281 PerformStorePolicy(NULL, NULL, kDefaultHomepage)); | 283 PerformStorePolicy(NULL, NULL, kDefaultHomepage)); |
282 } | 284 } |
283 | 285 |
284 TEST_F(UserCloudPolicyStoreChromeOSTest, StoreWithRotation) { | 286 TEST_F(UserCloudPolicyStoreChromeOSTest, StoreWithRotation) { |
285 // Make the policy blob contain a new public key. | 287 // Make the policy blob contain a new public key. |
286 policy_.SetDefaultNewSigningKey(); | 288 policy_.SetDefaultNewSigningKey(); |
287 policy_.Build(); | 289 policy_.Build(); |
288 std::vector<uint8> new_public_key; | 290 std::vector<uint8_t> new_public_key; |
289 ASSERT_TRUE(policy_.GetNewSigningKey()->ExportPublicKey(&new_public_key)); | 291 ASSERT_TRUE(policy_.GetNewSigningKey()->ExportPublicKey(&new_public_key)); |
290 ASSERT_NO_FATAL_FAILURE( | 292 ASSERT_NO_FATAL_FAILURE( |
291 PerformStorePolicy(&new_public_key, NULL, kDefaultHomepage)); | 293 PerformStorePolicy(&new_public_key, NULL, kDefaultHomepage)); |
292 } | 294 } |
293 | 295 |
294 TEST_F(UserCloudPolicyStoreChromeOSTest, | 296 TEST_F(UserCloudPolicyStoreChromeOSTest, |
295 StoreWithRotationMissingSignatureError) { | 297 StoreWithRotationMissingSignatureError) { |
296 // Make the policy blob contain a new public key. | 298 // Make the policy blob contain a new public key. |
297 policy_.SetDefaultNewSigningKey(); | 299 policy_.SetDefaultNewSigningKey(); |
298 policy_.Build(); | 300 policy_.Build(); |
(...skipping 259 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
558 store_->policy()->SerializeAsString()); | 560 store_->policy()->SerializeAsString()); |
559 VerifyPolicyMap(kDefaultHomepage); | 561 VerifyPolicyMap(kDefaultHomepage); |
560 EXPECT_EQ(CloudPolicyStore::STATUS_OK, store_->status()); | 562 EXPECT_EQ(CloudPolicyStore::STATUS_OK, store_->status()); |
561 EXPECT_TRUE(base::PathExists(policy_file())); | 563 EXPECT_TRUE(base::PathExists(policy_file())); |
562 | 564 |
563 // Now store a new policy using the new homepage location. | 565 // Now store a new policy using the new homepage location. |
564 const char kNewHomepage[] = "http://google.com"; | 566 const char kNewHomepage[] = "http://google.com"; |
565 policy_.payload().mutable_homepagelocation()->set_value(kNewHomepage); | 567 policy_.payload().mutable_homepagelocation()->set_value(kNewHomepage); |
566 policy_.SetDefaultNewSigningKey(); | 568 policy_.SetDefaultNewSigningKey(); |
567 policy_.Build(); | 569 policy_.Build(); |
568 std::vector<uint8> new_public_key; | 570 std::vector<uint8_t> new_public_key; |
569 ASSERT_TRUE(policy_.GetNewSigningKey()->ExportPublicKey(&new_public_key)); | 571 ASSERT_TRUE(policy_.GetNewSigningKey()->ExportPublicKey(&new_public_key)); |
570 ASSERT_NO_FATAL_FAILURE( | 572 ASSERT_NO_FATAL_FAILURE( |
571 PerformStorePolicy(&new_public_key, kDefaultHomepage, kNewHomepage)); | 573 PerformStorePolicy(&new_public_key, kDefaultHomepage, kNewHomepage)); |
572 VerifyPolicyMap(kNewHomepage); | 574 VerifyPolicyMap(kNewHomepage); |
573 | 575 |
574 // Verify that the legacy cache has been removed. | 576 // Verify that the legacy cache has been removed. |
575 EXPECT_FALSE(base::PathExists(policy_file())); | 577 EXPECT_FALSE(base::PathExists(policy_file())); |
576 } | 578 } |
577 | 579 |
578 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediately) { | 580 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediately) { |
(...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
669 Mock::VerifyAndClearExpectations(&cryptohome_client_); | 671 Mock::VerifyAndClearExpectations(&cryptohome_client_); |
670 | 672 |
671 EXPECT_FALSE(store_->policy()); | 673 EXPECT_FALSE(store_->policy()); |
672 EXPECT_TRUE(store_->policy_map().empty()); | 674 EXPECT_TRUE(store_->policy_map().empty()); |
673 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, store_->status()); | 675 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, store_->status()); |
674 } | 676 } |
675 | 677 |
676 } // namespace | 678 } // namespace |
677 | 679 |
678 } // namespace policy | 680 } // namespace policy |
OLD | NEW |