| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <stddef.h> | 5 #include <stddef.h> |
| 6 | 6 |
| 7 #include <map> | 7 #include <map> |
| 8 #include <memory> | 8 #include <memory> |
| 9 #include <string> | 9 #include <string> |
| 10 #include <utility> | 10 #include <utility> |
| 11 | 11 |
| 12 #include "base/bind.h" | 12 #include "base/bind.h" |
| 13 #include "base/command_line.h" | 13 #include "base/command_line.h" |
| 14 #include "base/feature_list.h" |
| 14 #include "base/files/file_util.h" | 15 #include "base/files/file_util.h" |
| 15 #include "base/macros.h" | 16 #include "base/macros.h" |
| 16 #include "base/memory/ptr_util.h" | 17 #include "base/memory/ptr_util.h" |
| 17 #include "base/memory/weak_ptr.h" | 18 #include "base/memory/weak_ptr.h" |
| 18 #include "base/metrics/field_trial.h" | 19 #include "base/metrics/field_trial.h" |
| 19 #include "base/test/mock_entropy_provider.h" | 20 #include "base/test/mock_entropy_provider.h" |
| 20 #include "chrome/browser/extensions/component_loader.h" | 21 #include "chrome/browser/extensions/component_loader.h" |
| 21 #include "chrome/browser/extensions/extension_service.h" | 22 #include "chrome/browser/extensions/extension_service.h" |
| 22 #include "chrome/browser/extensions/extension_service_test_with_install.h" | 23 #include "chrome/browser/extensions/extension_service_test_with_install.h" |
| 23 #include "chrome/browser/extensions/extension_sync_data.h" | 24 #include "chrome/browser/extensions/extension_sync_data.h" |
| (...skipping 21 matching lines...) Expand all Loading... |
| 45 #include "extensions/common/value_builder.h" | 46 #include "extensions/common/value_builder.h" |
| 46 #include "sync/api/fake_sync_change_processor.h" | 47 #include "sync/api/fake_sync_change_processor.h" |
| 47 #include "sync/api/sync_change_processor_wrapper_for_test.h" | 48 #include "sync/api/sync_change_processor_wrapper_for_test.h" |
| 48 #include "sync/api/sync_data.h" | 49 #include "sync/api/sync_data.h" |
| 49 #include "sync/api/sync_error_factory_mock.h" | 50 #include "sync/api/sync_error_factory_mock.h" |
| 50 #include "testing/gtest/include/gtest/gtest.h" | 51 #include "testing/gtest/include/gtest/gtest.h" |
| 51 | 52 |
| 52 #if defined(ENABLE_SUPERVISED_USERS) | 53 #if defined(ENABLE_SUPERVISED_USERS) |
| 53 #include "chrome/browser/supervised_user/permission_request_creator.h" | 54 #include "chrome/browser/supervised_user/permission_request_creator.h" |
| 54 #include "chrome/browser/supervised_user/supervised_user_constants.h" | 55 #include "chrome/browser/supervised_user/supervised_user_constants.h" |
| 56 #include "chrome/browser/supervised_user/supervised_user_features.h" |
| 55 #include "chrome/browser/supervised_user/supervised_user_service.h" | 57 #include "chrome/browser/supervised_user/supervised_user_service.h" |
| 56 #include "chrome/browser/supervised_user/supervised_user_service_factory.h" | 58 #include "chrome/browser/supervised_user/supervised_user_service_factory.h" |
| 59 #include "chrome/browser/supervised_user/supervised_user_settings_service.h" |
| 60 #include "chrome/browser/supervised_user/supervised_user_settings_service_factor
y.h" |
| 57 #endif | 61 #endif |
| 58 | 62 |
| 59 using extensions::AppSorting; | 63 using extensions::AppSorting; |
| 60 using extensions::Extension; | 64 using extensions::Extension; |
| 61 using extensions::ExtensionPrefs; | 65 using extensions::ExtensionPrefs; |
| 62 using extensions::ExtensionSyncData; | 66 using extensions::ExtensionSyncData; |
| 63 using extensions::ExtensionSystem; | 67 using extensions::ExtensionSystem; |
| 64 using extensions::Manifest; | 68 using extensions::Manifest; |
| 65 using extensions::PermissionSet; | 69 using extensions::PermissionSet; |
| 66 using syncer::SyncChange; | 70 using syncer::SyncChange; |
| 67 using syncer::SyncChangeList; | 71 using syncer::SyncChangeList; |
| 72 using testing::Mock; |
| 68 | 73 |
| 69 namespace { | 74 namespace { |
| 70 | 75 |
| 71 const char good0[] = "behllobkkfkfnphdnhnkndlbkcpglgmj"; | 76 const char good0[] = "behllobkkfkfnphdnhnkndlbkcpglgmj"; |
| 72 const char good2[] = "bjafgdebaacbbbecmhlhpofkepfkgcpa"; | 77 const char good2[] = "bjafgdebaacbbbecmhlhpofkepfkgcpa"; |
| 73 const char good_crx[] = "ldnnhddmnhbkjipkidpdiheffobcpfmf"; | 78 const char good_crx[] = "ldnnhddmnhbkjipkidpdiheffobcpfmf"; |
| 74 const char page_action[] = "obcimlgaoabeegjmmpldobjndiealpln"; | 79 const char page_action[] = "obcimlgaoabeegjmmpldobjndiealpln"; |
| 75 const char theme2_crx[] = "pjpgmfcmabopnnfonnhmdjglfpjjfkbf"; | 80 const char theme2_crx[] = "pjpgmfcmabopnnfonnhmdjglfpjjfkbf"; |
| 76 | 81 |
| 77 SyncChangeList MakeSyncChangeList(const std::string& id, | 82 SyncChangeList MakeSyncChangeList(const std::string& id, |
| (...skipping 1484 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1562 // Group name doesn't matter. | 1567 // Group name doesn't matter. |
| 1563 base::FieldTrialList::CreateFieldTrial( | 1568 base::FieldTrialList::CreateFieldTrial( |
| 1564 "SupervisedUserExtensionPermissionIncrease", "group"); | 1569 "SupervisedUserExtensionPermissionIncrease", "group"); |
| 1565 std::map<std::string, std::string> params; | 1570 std::map<std::string, std::string> params; |
| 1566 params["legacy_supervised_user"] = enabled ? "true" : "false"; | 1571 params["legacy_supervised_user"] = enabled ? "true" : "false"; |
| 1567 params["child_account"] = enabled ? "true" : "false"; | 1572 params["child_account"] = enabled ? "true" : "false"; |
| 1568 variations::AssociateVariationParams( | 1573 variations::AssociateVariationParams( |
| 1569 "SupervisedUserExtensionPermissionIncrease", "group", params); | 1574 "SupervisedUserExtensionPermissionIncrease", "group", params); |
| 1570 } | 1575 } |
| 1571 | 1576 |
| 1577 void InitSupervisedUserInitiatedExtensionInstallFeature(bool enabled) { |
| 1578 base::FeatureList::ClearInstanceForTesting(); |
| 1579 std::unique_ptr<base::FeatureList> feature_list(new base::FeatureList); |
| 1580 if (enabled) { |
| 1581 feature_list->InitializeFromCommandLine( |
| 1582 "SupervisedUserInitiatedExtensionInstall", std::string()); |
| 1583 } |
| 1584 base::FeatureList::SetInstance(std::move(feature_list)); |
| 1585 } |
| 1586 |
| 1572 void InitServices(bool profile_is_supervised) { | 1587 void InitServices(bool profile_is_supervised) { |
| 1573 ExtensionServiceInitParams params = CreateDefaultInitParams(); | 1588 ExtensionServiceInitParams params = CreateDefaultInitParams(); |
| 1574 params.profile_is_supervised = profile_is_supervised; | 1589 params.profile_is_supervised = profile_is_supervised; |
| 1590 // If profile is supervised, don't pass a pref file such that the testing |
| 1591 // profile creates a pref service that uses SupervisedUserPrefStore. |
| 1592 if (profile_is_supervised) { |
| 1593 params.pref_file = base::FilePath(); |
| 1594 } |
| 1575 InitializeExtensionService(params); | 1595 InitializeExtensionService(params); |
| 1576 StartSyncing(syncer::EXTENSIONS); | 1596 StartSyncing(syncer::EXTENSIONS); |
| 1577 | 1597 |
| 1578 supervised_user_service()->SetDelegate(this); | 1598 supervised_user_service()->SetDelegate(this); |
| 1579 supervised_user_service()->Init(); | 1599 supervised_user_service()->Init(); |
| 1580 } | 1600 } |
| 1581 | 1601 |
| 1582 std::string InstallPermissionsTestExtension() { | 1602 std::string InstallPermissionsTestExtension(bool by_custodian) { |
| 1583 const std::string version("1"); | 1603 const std::string version("1"); |
| 1584 | 1604 |
| 1585 const Extension* extension = | 1605 int creation_flags = 0; |
| 1586 PackAndInstallCRX(dir_path(version), pem_path(), INSTALL_NEW, | 1606 InstallState expected_state = INSTALL_WITHOUT_LOAD; |
| 1587 Extension::WAS_INSTALLED_BY_CUSTODIAN); | 1607 if (by_custodian) { |
| 1588 // The extension must now be installed and enabled. | 1608 creation_flags = Extension::WAS_INSTALLED_BY_CUSTODIAN; |
| 1609 expected_state = INSTALL_NEW; |
| 1610 } |
| 1611 const Extension* extension = PackAndInstallCRX( |
| 1612 dir_path(version), pem_path(), expected_state, creation_flags); |
| 1613 // The extension must now be installed. |
| 1589 EXPECT_TRUE(extension); | 1614 EXPECT_TRUE(extension); |
| 1590 EXPECT_TRUE(registry()->enabled_extensions().Contains(extension->id())); | 1615 |
| 1616 if (by_custodian) |
| 1617 EXPECT_TRUE(registry()->enabled_extensions().Contains(extension->id())); |
| 1618 else |
| 1619 EXPECT_TRUE(registry()->disabled_extensions().Contains(extension->id())); |
| 1620 |
| 1591 EXPECT_EQ(version, extension->VersionString()); | 1621 EXPECT_EQ(version, extension->VersionString()); |
| 1592 | 1622 |
| 1593 return extension->id(); | 1623 return extension->id(); |
| 1594 } | 1624 } |
| 1595 | 1625 |
| 1596 void UpdatePermissionsTestExtension(const std::string& id, | 1626 void UpdatePermissionsTestExtension(const std::string& id, |
| 1597 const std::string& version, | 1627 const std::string& version, |
| 1598 UpdateState expected_state) { | 1628 UpdateState expected_state) { |
| 1599 PackCRXAndUpdateExtension(id, dir_path(version), pem_path(), | 1629 PackCRXAndUpdateExtension(id, dir_path(version), pem_path(), |
| 1600 expected_state); | 1630 expected_state); |
| 1601 const Extension* extension = registry()->GetInstalledExtension(id); | 1631 const Extension* extension = registry()->GetInstalledExtension(id); |
| 1602 ASSERT_TRUE(extension); | 1632 ASSERT_TRUE(extension); |
| 1603 // The version should have been updated. | 1633 // The version should have been updated. |
| 1604 EXPECT_EQ(version, extension->VersionString()); | 1634 EXPECT_EQ(version, extension->VersionString()); |
| 1605 } | 1635 } |
| 1606 | 1636 |
| 1637 // Simulate a custodian approval for enabling the extension coming in |
| 1638 // through Sync by adding the approved version to the map of approved |
| 1639 // extensions. It doesn't change the disable reasons. |
| 1640 void SimulateCustodianApprovalViaSync(const std::string& extension_id, |
| 1641 const std::string& version) { |
| 1642 std::string key = SupervisedUserSettingsService::MakeSplitSettingKey( |
| 1643 supervised_users::kApprovedExtensions, extension_id); |
| 1644 syncer::SyncData sync_data = |
| 1645 SupervisedUserSettingsService::CreateSyncDataForSetting( |
| 1646 key, base::StringValue(version)); |
| 1647 |
| 1648 SyncChangeList list( |
| 1649 1, SyncChange(FROM_HERE, SyncChange::ACTION_ADD, sync_data)); |
| 1650 |
| 1651 SupervisedUserSettingsService* supervised_user_settings_service = |
| 1652 SupervisedUserSettingsServiceFactory::GetForProfile(profile()); |
| 1653 supervised_user_settings_service->ProcessSyncChanges(FROM_HERE, list); |
| 1654 } |
| 1655 |
| 1607 SupervisedUserService* supervised_user_service() { | 1656 SupervisedUserService* supervised_user_service() { |
| 1608 return SupervisedUserServiceFactory::GetForProfile(profile()); | 1657 return SupervisedUserServiceFactory::GetForProfile(profile()); |
| 1609 } | 1658 } |
| 1610 | 1659 |
| 1611 static std::string UpdateRequestId(const std::string& extension_id, | 1660 static std::string RequestId(const std::string& extension_id, |
| 1612 const std::string& version) { | 1661 const std::string& version) { |
| 1613 return SupervisedUserService::GetExtensionUpdateRequestId( | 1662 return SupervisedUserService::GetExtensionRequestId( |
| 1614 extension_id, base::Version(version)); | 1663 extension_id, base::Version(version)); |
| 1615 } | 1664 } |
| 1616 | 1665 |
| 1617 private: | 1666 private: |
| 1618 // This prevents the legacy supervised user init code from running. | 1667 // This prevents the legacy supervised user init code from running. |
| 1619 bool SetActive(bool active) override { return true; } | 1668 bool SetActive(bool active) override { return true; } |
| 1620 | 1669 |
| 1621 base::FilePath base_path() const { | 1670 base::FilePath base_path() const { |
| 1622 return data_dir().AppendASCII("permissions_increase"); | 1671 return data_dir().AppendASCII("permissions_increase"); |
| 1623 } | 1672 } |
| (...skipping 12 matching lines...) Expand all Loading... |
| 1636 MockPermissionRequestCreator() {} | 1685 MockPermissionRequestCreator() {} |
| 1637 ~MockPermissionRequestCreator() override {} | 1686 ~MockPermissionRequestCreator() override {} |
| 1638 | 1687 |
| 1639 bool IsEnabled() const override { return true; } | 1688 bool IsEnabled() const override { return true; } |
| 1640 | 1689 |
| 1641 void CreateURLAccessRequest(const GURL& url_requested, | 1690 void CreateURLAccessRequest(const GURL& url_requested, |
| 1642 const SuccessCallback& callback) override { | 1691 const SuccessCallback& callback) override { |
| 1643 FAIL(); | 1692 FAIL(); |
| 1644 } | 1693 } |
| 1645 | 1694 |
| 1695 MOCK_METHOD2(CreateExtensionInstallRequest, |
| 1696 void(const std::string& id, |
| 1697 const SupervisedUserService::SuccessCallback& callback)); |
| 1698 |
| 1646 MOCK_METHOD2(CreateExtensionUpdateRequest, | 1699 MOCK_METHOD2(CreateExtensionUpdateRequest, |
| 1647 void(const std::string& id, | 1700 void(const std::string& id, |
| 1648 const SupervisedUserService::SuccessCallback& callback)); | 1701 const SupervisedUserService::SuccessCallback& callback)); |
| 1649 | 1702 |
| 1650 private: | 1703 private: |
| 1651 DISALLOW_COPY_AND_ASSIGN(MockPermissionRequestCreator); | 1704 DISALLOW_COPY_AND_ASSIGN(MockPermissionRequestCreator); |
| 1652 }; | 1705 }; |
| 1653 | 1706 |
| 1654 TEST_F(ExtensionServiceTestSupervised, InstallOnlyAllowedByCustodian) { | 1707 TEST_F(ExtensionServiceTestSupervised, InstallOnlyAllowedByCustodian) { |
| 1655 InitServices(true /* profile_is_supervised */); | 1708 InitServices(true /* profile_is_supervised */); |
| 1709 InitSupervisedUserInitiatedExtensionInstallFeature(false); |
| 1656 | 1710 |
| 1657 base::FilePath path1 = data_dir().AppendASCII("good.crx"); | 1711 base::FilePath path1 = data_dir().AppendASCII("good.crx"); |
| 1658 base::FilePath path2 = data_dir().AppendASCII("good2048.crx"); | 1712 base::FilePath path2 = data_dir().AppendASCII("good2048.crx"); |
| 1659 const Extension* extensions[] = { | 1713 const Extension* extensions[] = { |
| 1660 InstallCRX(path1, INSTALL_FAILED), | 1714 InstallCRX(path1, INSTALL_FAILED), |
| 1661 InstallCRX(path2, INSTALL_NEW, Extension::WAS_INSTALLED_BY_CUSTODIAN) | 1715 InstallCRX(path2, INSTALL_NEW, Extension::WAS_INSTALLED_BY_CUSTODIAN) |
| 1662 }; | 1716 }; |
| 1663 | 1717 |
| 1664 // Only the extension with the "installed by custodian" flag should have been | 1718 // Only the extension with the "installed by custodian" flag should have been |
| 1665 // installed and enabled. | 1719 // installed and enabled. |
| 1666 EXPECT_FALSE(extensions[0]); | 1720 EXPECT_FALSE(extensions[0]); |
| 1667 ASSERT_TRUE(extensions[1]); | 1721 ASSERT_TRUE(extensions[1]); |
| 1668 EXPECT_TRUE(registry()->enabled_extensions().Contains(extensions[1]->id())); | 1722 EXPECT_TRUE(registry()->enabled_extensions().Contains(extensions[1]->id())); |
| 1669 } | 1723 } |
| 1670 | 1724 |
| 1671 TEST_F(ExtensionServiceTestSupervised, PreinstalledExtension) { | 1725 TEST_F(ExtensionServiceTestSupervised, |
| 1726 InstallAllowedByCustodianAndSupervisedUser) { |
| 1727 InitServices(true /* profile_is_supervised */); |
| 1728 InitSupervisedUserInitiatedExtensionInstallFeature(true); |
| 1729 |
| 1730 base::FilePath path1 = data_dir().AppendASCII("good.crx"); |
| 1731 base::FilePath path2 = data_dir().AppendASCII("good2048.crx"); |
| 1732 const Extension* extensions[] = { |
| 1733 InstallCRX(path1, INSTALL_WITHOUT_LOAD), |
| 1734 InstallCRX(path2, INSTALL_NEW, Extension::WAS_INSTALLED_BY_CUSTODIAN)}; |
| 1735 |
| 1736 // Only the extension with the "installed by custodian" flag should have been |
| 1737 // installed and enabled. |
| 1738 // The extension missing the "installed by custodian" flag is a |
| 1739 // supervised user initiated install and hence not enabled. |
| 1740 ASSERT_TRUE(extensions[0]); |
| 1741 ASSERT_TRUE(extensions[1]); |
| 1742 EXPECT_TRUE(registry()->disabled_extensions().Contains(extensions[0]->id())); |
| 1743 EXPECT_TRUE(registry()->enabled_extensions().Contains(extensions[1]->id())); |
| 1744 } |
| 1745 |
| 1746 TEST_F(ExtensionServiceTestSupervised, |
| 1747 PreinstalledExtensionWithSUInitiatedInstalls) { |
| 1672 InitServices(false /* profile_is_supervised */); | 1748 InitServices(false /* profile_is_supervised */); |
| 1749 InitSupervisedUserInitiatedExtensionInstallFeature(true); |
| 1673 | 1750 |
| 1674 // Install an extension. | 1751 // Install an extension. |
| 1675 base::FilePath path = data_dir().AppendASCII("good.crx"); | 1752 base::FilePath path = data_dir().AppendASCII("good.crx"); |
| 1676 const Extension* extension = InstallCRX(path, INSTALL_NEW); | 1753 const Extension* extension = InstallCRX(path, INSTALL_NEW); |
| 1677 std::string id = extension->id(); | 1754 std::string id = extension->id(); |
| 1755 // Make sure it's enabled. |
| 1756 EXPECT_TRUE(registry()->enabled_extensions().Contains(id)); |
| 1757 |
| 1758 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; |
| 1759 supervised_user_service()->AddPermissionRequestCreator( |
| 1760 base::WrapUnique(creator)); |
| 1761 const std::string version("1.0.0.0"); |
| 1762 |
| 1763 EXPECT_CALL(*creator, CreateExtensionInstallRequest( |
| 1764 RequestId(good_crx, version), testing::_)); |
| 1678 | 1765 |
| 1679 // Now make the profile supervised. | 1766 // Now make the profile supervised. |
| 1680 profile()->AsTestingProfile()->SetSupervisedUserId( | 1767 profile()->AsTestingProfile()->SetSupervisedUserId( |
| 1768 supervised_users::kChildAccountSUID); |
| 1769 |
| 1770 Mock::VerifyAndClearExpectations(creator); |
| 1771 |
| 1772 // The extension should not be enabled anymore. |
| 1773 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); |
| 1774 |
| 1775 extensions::ExtensionPrefs* extension_prefs = |
| 1776 extensions::ExtensionPrefs::Get(profile()); |
| 1777 EXPECT_TRUE(extension_prefs->HasDisableReason( |
| 1778 id, extensions::Extension::DISABLE_CUSTODIAN_APPROVAL_REQUIRED)); |
| 1779 } |
| 1780 |
| 1781 TEST_F(ExtensionServiceTestSupervised, |
| 1782 PreinstalledExtensionWithoutSUInitiatedInstalls) { |
| 1783 InitServices(false /* profile_is_supervised */); |
| 1784 InitSupervisedUserInitiatedExtensionInstallFeature(false); |
| 1785 |
| 1786 // Install an extension. |
| 1787 base::FilePath path = data_dir().AppendASCII("good.crx"); |
| 1788 const Extension* extension = InstallCRX(path, INSTALL_NEW); |
| 1789 std::string id = extension->id(); |
| 1790 // Make sure it's enabled. |
| 1791 EXPECT_TRUE(registry()->enabled_extensions().Contains(id)); |
| 1792 |
| 1793 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; |
| 1794 supervised_user_service()->AddPermissionRequestCreator( |
| 1795 base::WrapUnique(creator)); |
| 1796 const std::string version("1.0.0.0"); |
| 1797 |
| 1798 // No request should be sent because supervised user initiated installs |
| 1799 // are disabled. |
| 1800 EXPECT_CALL(*creator, CreateExtensionInstallRequest( |
| 1801 RequestId(good_crx, version), testing::_)) |
| 1802 .Times(0); |
| 1803 |
| 1804 // Now make the profile supervised. |
| 1805 profile()->AsTestingProfile()->SetSupervisedUserId( |
| 1681 supervised_users::kChildAccountSUID); | 1806 supervised_users::kChildAccountSUID); |
| 1682 | 1807 |
| 1683 // The extension should not be enabled anymore. | 1808 // The extension should not be enabled anymore. |
| 1684 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); | 1809 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); |
| 1810 |
| 1811 extensions::ExtensionPrefs* extension_prefs = |
| 1812 extensions::ExtensionPrefs::Get(profile()); |
| 1813 EXPECT_TRUE(extension_prefs->HasDisableReason( |
| 1814 id, extensions::Extension::DISABLE_CUSTODIAN_APPROVAL_REQUIRED)); |
| 1685 } | 1815 } |
| 1686 | 1816 |
| 1687 TEST_F(ExtensionServiceTestSupervised, UpdateWithoutPermissionIncrease) { | 1817 TEST_F(ExtensionServiceTestSupervised, UpdateWithoutPermissionIncrease) { |
| 1688 InitServices(true /* profile_is_supervised */); | 1818 InitServices(true /* profile_is_supervised */); |
| 1689 | 1819 |
| 1690 base::FilePath base_path = data_dir().AppendASCII("autoupdate"); | 1820 base::FilePath base_path = data_dir().AppendASCII("autoupdate"); |
| 1691 base::FilePath pem_path = base_path.AppendASCII("key.pem"); | 1821 base::FilePath pem_path = base_path.AppendASCII("key.pem"); |
| 1692 | 1822 |
| 1693 const Extension* extension = | 1823 const Extension* extension = |
| 1694 PackAndInstallCRX(base_path.AppendASCII("v1"), pem_path, INSTALL_NEW, | 1824 PackAndInstallCRX(base_path.AppendASCII("v1"), pem_path, INSTALL_NEW, |
| (...skipping 19 matching lines...) Expand all Loading... |
| 1714 | 1844 |
| 1715 TEST_F(ExtensionServiceTestSupervised, UpdateWithPermissionIncreaseNoApproval) { | 1845 TEST_F(ExtensionServiceTestSupervised, UpdateWithPermissionIncreaseNoApproval) { |
| 1716 InitNeedCustodianApprovalFieldTrial(false); | 1846 InitNeedCustodianApprovalFieldTrial(false); |
| 1717 | 1847 |
| 1718 InitServices(true /* profile_is_supervised */); | 1848 InitServices(true /* profile_is_supervised */); |
| 1719 | 1849 |
| 1720 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; | 1850 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; |
| 1721 supervised_user_service()->AddPermissionRequestCreator( | 1851 supervised_user_service()->AddPermissionRequestCreator( |
| 1722 base::WrapUnique(creator)); | 1852 base::WrapUnique(creator)); |
| 1723 | 1853 |
| 1724 std::string id = InstallPermissionsTestExtension(); | 1854 std::string id = InstallPermissionsTestExtension(true /* by_custodian */); |
| 1725 | 1855 |
| 1726 // Update to a new version with increased permissions. | 1856 // Update to a new version with increased permissions. |
| 1727 // Since we don't require the custodian's approval, no permission request | 1857 // Since we don't require the custodian's approval, no permission request |
| 1728 // should be created. | 1858 // should be created. |
| 1729 const std::string version2("2"); | 1859 const std::string version2("2"); |
| 1730 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( | 1860 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( |
| 1731 UpdateRequestId(id, version2), testing::_)) | 1861 RequestId(id, version2), testing::_)) |
| 1732 .Times(0); | 1862 .Times(0); |
| 1733 UpdatePermissionsTestExtension(id, version2, DISABLED); | 1863 UpdatePermissionsTestExtension(id, version2, DISABLED); |
| 1734 } | 1864 } |
| 1735 | 1865 |
| 1736 TEST_F(ExtensionServiceTestSupervised, | 1866 TEST_F(ExtensionServiceTestSupervised, |
| 1737 UpdateWithPermissionIncreaseApprovalOldVersion) { | 1867 UpdateWithPermissionIncreaseApprovalOldVersion) { |
| 1738 InitNeedCustodianApprovalFieldTrial(true); | 1868 InitNeedCustodianApprovalFieldTrial(true); |
| 1739 | 1869 |
| 1740 InitServices(true /* profile_is_supervised */); | 1870 InitServices(true /* profile_is_supervised */); |
| 1741 | 1871 |
| 1742 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; | 1872 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; |
| 1743 supervised_user_service()->AddPermissionRequestCreator( | 1873 supervised_user_service()->AddPermissionRequestCreator( |
| 1744 base::WrapUnique(creator)); | 1874 base::WrapUnique(creator)); |
| 1745 | 1875 |
| 1746 const std::string version1("1"); | 1876 const std::string version1("1"); |
| 1747 const std::string version2("2"); | 1877 const std::string version2("2"); |
| 1748 | 1878 |
| 1749 std::string id = InstallPermissionsTestExtension(); | 1879 std::string id = InstallPermissionsTestExtension(true /* by_custodian */); |
| 1750 | 1880 |
| 1751 // Update to a new version with increased permissions. | 1881 // Update to a new version with increased permissions. |
| 1752 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( | 1882 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( |
| 1753 UpdateRequestId(id, version2), testing::_)); | 1883 RequestId(id, version2), testing::_)); |
| 1754 UpdatePermissionsTestExtension(id, version2, DISABLED); | 1884 UpdatePermissionsTestExtension(id, version2, DISABLED); |
| 1885 Mock::VerifyAndClearExpectations(creator); |
| 1755 | 1886 |
| 1756 // Simulate a custodian approval for re-enabling the extension coming in | 1887 // Simulate a custodian approval for re-enabling the extension coming in |
| 1757 // through Sync, but set the old version. This can happen when there already | 1888 // through Sync, but set the old version. This can happen when there already |
| 1758 // was a pending request for an earlier version of the extension. | 1889 // was a pending request for an earlier version of the extension. |
| 1759 sync_pb::EntitySpecifics specifics; | 1890 sync_pb::EntitySpecifics specifics; |
| 1760 sync_pb::ExtensionSpecifics* ext_specifics = specifics.mutable_extension(); | 1891 sync_pb::ExtensionSpecifics* ext_specifics = specifics.mutable_extension(); |
| 1761 ext_specifics->set_id(id); | 1892 ext_specifics->set_id(id); |
| 1762 ext_specifics->set_enabled(true); | 1893 ext_specifics->set_enabled(true); |
| 1763 ext_specifics->set_disable_reasons(Extension::DISABLE_NONE); | 1894 ext_specifics->set_disable_reasons(Extension::DISABLE_NONE); |
| 1764 ext_specifics->set_installed_by_custodian(true); | 1895 ext_specifics->set_installed_by_custodian(true); |
| 1765 ext_specifics->set_version(version1); | 1896 ext_specifics->set_version(version1); |
| 1766 | 1897 |
| 1767 // Attempting to re-enable an old version should result in a permission | 1898 // Attempting to re-enable an old version should result in a permission |
| 1768 // request for the current version. | 1899 // request for the current version. |
| 1769 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( | 1900 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( |
| 1770 UpdateRequestId(id, version2), testing::_)); | 1901 RequestId(id, version2), testing::_)); |
| 1771 | 1902 |
| 1772 SyncChangeList list = | 1903 SyncChangeList list = |
| 1773 MakeSyncChangeList(id, specifics, SyncChange::ACTION_UPDATE); | 1904 MakeSyncChangeList(id, specifics, SyncChange::ACTION_UPDATE); |
| 1774 | 1905 |
| 1775 extension_sync_service()->ProcessSyncChanges(FROM_HERE, list); | 1906 extension_sync_service()->ProcessSyncChanges(FROM_HERE, list); |
| 1776 // The re-enable should be ignored, since the version doesn't match. | 1907 // The re-enable should be ignored, since the version doesn't match. |
| 1777 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); | 1908 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); |
| 1778 EXPECT_FALSE(extension_sync_service()->HasPendingReenable( | 1909 EXPECT_FALSE(extension_sync_service()->HasPendingReenable( |
| 1779 id, base::Version(version1))); | 1910 id, base::Version(version1))); |
| 1780 EXPECT_FALSE(extension_sync_service()->HasPendingReenable( | 1911 EXPECT_FALSE(extension_sync_service()->HasPendingReenable( |
| 1781 id, base::Version(version2))); | 1912 id, base::Version(version2))); |
| 1913 Mock::VerifyAndClearExpectations(creator); |
| 1782 } | 1914 } |
| 1783 | 1915 |
| 1784 TEST_F(ExtensionServiceTestSupervised, | 1916 TEST_F(ExtensionServiceTestSupervised, |
| 1785 UpdateWithPermissionIncreaseApprovalMatchingVersion) { | 1917 UpdateWithPermissionIncreaseApprovalMatchingVersion) { |
| 1786 InitNeedCustodianApprovalFieldTrial(true); | 1918 InitNeedCustodianApprovalFieldTrial(true); |
| 1787 | 1919 |
| 1788 InitServices(true /* profile_is_supervised */); | 1920 InitServices(true /* profile_is_supervised */); |
| 1789 | 1921 |
| 1790 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; | 1922 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; |
| 1791 supervised_user_service()->AddPermissionRequestCreator( | 1923 supervised_user_service()->AddPermissionRequestCreator( |
| 1792 base::WrapUnique(creator)); | 1924 base::WrapUnique(creator)); |
| 1793 | 1925 |
| 1794 std::string id = InstallPermissionsTestExtension(); | 1926 std::string id = InstallPermissionsTestExtension(true /* by_custodian */); |
| 1795 | 1927 |
| 1796 // Update to a new version with increased permissions. | 1928 // Update to a new version with increased permissions. |
| 1797 const std::string version2("2"); | 1929 const std::string version2("2"); |
| 1798 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( | 1930 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( |
| 1799 UpdateRequestId(id, version2), testing::_)); | 1931 RequestId(id, version2), testing::_)); |
| 1800 UpdatePermissionsTestExtension(id, version2, DISABLED); | 1932 UpdatePermissionsTestExtension(id, version2, DISABLED); |
| 1933 Mock::VerifyAndClearExpectations(creator); |
| 1801 | 1934 |
| 1802 // Simulate a custodian approval for re-enabling the extension coming in | 1935 // Simulate a custodian approval for re-enabling the extension coming in |
| 1803 // through Sync. | 1936 // through Sync. |
| 1804 sync_pb::EntitySpecifics specifics; | 1937 sync_pb::EntitySpecifics specifics; |
| 1805 sync_pb::ExtensionSpecifics* ext_specifics = specifics.mutable_extension(); | 1938 sync_pb::ExtensionSpecifics* ext_specifics = specifics.mutable_extension(); |
| 1806 ext_specifics->set_id(id); | 1939 ext_specifics->set_id(id); |
| 1807 ext_specifics->set_enabled(true); | 1940 ext_specifics->set_enabled(true); |
| 1808 ext_specifics->set_disable_reasons(Extension::DISABLE_NONE); | 1941 ext_specifics->set_disable_reasons(Extension::DISABLE_NONE); |
| 1809 ext_specifics->set_installed_by_custodian(true); | 1942 ext_specifics->set_installed_by_custodian(true); |
| 1810 ext_specifics->set_version(version2); | 1943 ext_specifics->set_version(version2); |
| 1811 | 1944 |
| 1812 SyncChangeList list = | 1945 SyncChangeList list = |
| 1813 MakeSyncChangeList(id, specifics, SyncChange::ACTION_UPDATE); | 1946 MakeSyncChangeList(id, specifics, SyncChange::ACTION_UPDATE); |
| 1814 | 1947 |
| 1815 extension_sync_service()->ProcessSyncChanges(FROM_HERE, list); | 1948 extension_sync_service()->ProcessSyncChanges(FROM_HERE, list); |
| 1816 // The extension should have gotten re-enabled. | 1949 // The extension should have gotten re-enabled. |
| 1817 EXPECT_TRUE(registry()->enabled_extensions().Contains(id)); | 1950 EXPECT_TRUE(registry()->enabled_extensions().Contains(id)); |
| 1818 } | 1951 } |
| 1819 | 1952 |
| 1820 TEST_F(ExtensionServiceTestSupervised, | 1953 TEST_F(ExtensionServiceTestSupervised, |
| 1821 UpdateWithPermissionIncreaseApprovalNewVersion) { | 1954 UpdateWithPermissionIncreaseApprovalNewVersion) { |
| 1822 InitNeedCustodianApprovalFieldTrial(true); | 1955 InitNeedCustodianApprovalFieldTrial(true); |
| 1823 | 1956 |
| 1824 InitServices(true /* profile_is_supervised */); | 1957 InitServices(true /* profile_is_supervised */); |
| 1825 | 1958 |
| 1826 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; | 1959 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; |
| 1827 supervised_user_service()->AddPermissionRequestCreator( | 1960 supervised_user_service()->AddPermissionRequestCreator( |
| 1828 base::WrapUnique(creator)); | 1961 base::WrapUnique(creator)); |
| 1829 | 1962 |
| 1830 std::string id = InstallPermissionsTestExtension(); | 1963 std::string id = InstallPermissionsTestExtension(true /* by_custodian */); |
| 1831 | 1964 |
| 1832 // Update to a new version with increased permissions. | 1965 // Update to a new version with increased permissions. |
| 1833 const std::string version2("2"); | 1966 const std::string version2("2"); |
| 1834 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( | 1967 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( |
| 1835 UpdateRequestId(id, version2), testing::_)); | 1968 RequestId(id, version2), testing::_)); |
| 1836 UpdatePermissionsTestExtension(id, version2, DISABLED); | 1969 UpdatePermissionsTestExtension(id, version2, DISABLED); |
| 1970 Mock::VerifyAndClearExpectations(creator); |
| 1837 | 1971 |
| 1838 // Simulate a custodian approval for re-enabling the extension coming in | 1972 // Simulate a custodian approval for re-enabling the extension coming in |
| 1839 // through Sync. Set a newer version than we have installed. | 1973 // through Sync. Set a newer version than we have installed. |
| 1840 const std::string version3("3"); | 1974 const std::string version3("3"); |
| 1841 sync_pb::EntitySpecifics specifics; | 1975 sync_pb::EntitySpecifics specifics; |
| 1842 sync_pb::ExtensionSpecifics* ext_specifics = specifics.mutable_extension(); | 1976 sync_pb::ExtensionSpecifics* ext_specifics = specifics.mutable_extension(); |
| 1843 ext_specifics->set_id(id); | 1977 ext_specifics->set_id(id); |
| 1844 ext_specifics->set_enabled(true); | 1978 ext_specifics->set_enabled(true); |
| 1845 ext_specifics->set_disable_reasons(Extension::DISABLE_NONE); | 1979 ext_specifics->set_disable_reasons(Extension::DISABLE_NONE); |
| 1846 ext_specifics->set_installed_by_custodian(true); | 1980 ext_specifics->set_installed_by_custodian(true); |
| 1847 ext_specifics->set_version(version3); | 1981 ext_specifics->set_version(version3); |
| 1848 | 1982 |
| 1849 // This should *not* result in a new permission request. | 1983 // This should *not* result in a new permission request. |
| 1850 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( | 1984 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( |
| 1851 UpdateRequestId(id, version3), testing::_)) | 1985 RequestId(id, version3), testing::_)) |
| 1852 .Times(0); | 1986 .Times(0); |
| 1853 | 1987 |
| 1854 SyncChangeList list = | 1988 SyncChangeList list = |
| 1855 MakeSyncChangeList(id, specifics, SyncChange::ACTION_UPDATE); | 1989 MakeSyncChangeList(id, specifics, SyncChange::ACTION_UPDATE); |
| 1856 | 1990 |
| 1857 extension_sync_service()->ProcessSyncChanges(FROM_HERE, list); | 1991 extension_sync_service()->ProcessSyncChanges(FROM_HERE, list); |
| 1858 // The re-enable should be delayed until the extension is updated to the | 1992 // The re-enable should be delayed until the extension is updated to the |
| 1859 // matching version. | 1993 // matching version. |
| 1860 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); | 1994 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); |
| 1861 EXPECT_TRUE(extension_sync_service()->HasPendingReenable( | 1995 EXPECT_TRUE(extension_sync_service()->HasPendingReenable( |
| 1862 id, base::Version(version3))); | 1996 id, base::Version(version3))); |
| 1863 | 1997 |
| 1864 // Update to the matching version. Now the extension should get enabled. | 1998 // Update to the matching version. Now the extension should get enabled. |
| 1865 UpdatePermissionsTestExtension(id, version3, ENABLED); | 1999 UpdatePermissionsTestExtension(id, version3, ENABLED); |
| 1866 } | 2000 } |
| 1867 | 2001 |
| 2002 TEST_F(ExtensionServiceTestSupervised, SupervisedUserInitiatedInstalls) { |
| 2003 InitNeedCustodianApprovalFieldTrial(true); |
| 2004 InitSupervisedUserInitiatedExtensionInstallFeature(true); |
| 2005 |
| 2006 InitServices(true /* profile_is_supervised */); |
| 2007 |
| 2008 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; |
| 2009 supervised_user_service()->AddPermissionRequestCreator( |
| 2010 base::WrapUnique(creator)); |
| 2011 |
| 2012 base::FilePath path = data_dir().AppendASCII("good.crx"); |
| 2013 const std::string version("1.0.0.0"); |
| 2014 |
| 2015 EXPECT_CALL(*creator, CreateExtensionInstallRequest( |
| 2016 RequestId(good_crx, version), testing::_)); |
| 2017 |
| 2018 // Should be installed but disabled, a request for approval should be sent. |
| 2019 const Extension* extension = InstallCRX(path, INSTALL_WITHOUT_LOAD); |
| 2020 ASSERT_EQ(extension->id(), good_crx); |
| 2021 ASSERT_TRUE(extension); |
| 2022 EXPECT_TRUE(registry()->disabled_extensions().Contains(extension->id())); |
| 2023 EXPECT_FALSE(registry()->enabled_extensions().Contains(extension->id())); |
| 2024 Mock::VerifyAndClearExpectations(creator); |
| 2025 |
| 2026 SimulateCustodianApprovalViaSync(extension->id(), version); |
| 2027 |
| 2028 // The extension should be enabled now. |
| 2029 EXPECT_TRUE(registry()->enabled_extensions().Contains(extension->id())); |
| 2030 } |
| 2031 |
| 2032 TEST_F(ExtensionServiceTestSupervised, |
| 2033 UpdateSUInitiatedInstallWithoutPermissionIncrease) { |
| 2034 InitNeedCustodianApprovalFieldTrial(true); |
| 2035 InitSupervisedUserInitiatedExtensionInstallFeature(true); |
| 2036 |
| 2037 InitServices(true /* profile_is_supervised */); |
| 2038 |
| 2039 base::FilePath base_path = data_dir().AppendASCII("autoupdate"); |
| 2040 base::FilePath pem_path = base_path.AppendASCII("key.pem"); |
| 2041 |
| 2042 const Extension* extension = PackAndInstallCRX( |
| 2043 base_path.AppendASCII("v1"), pem_path, INSTALL_WITHOUT_LOAD); |
| 2044 |
| 2045 ASSERT_TRUE(extension); |
| 2046 EXPECT_FALSE(registry()->enabled_extensions().Contains(extension->id())); |
| 2047 |
| 2048 SimulateCustodianApprovalViaSync(extension->id(), extension->VersionString()); |
| 2049 |
| 2050 // The extension should be enabled now. |
| 2051 EXPECT_TRUE(registry()->enabled_extensions().Contains(extension->id())); |
| 2052 |
| 2053 // Save the id, as the extension object will be destroyed during updating. |
| 2054 std::string id = extension->id(); |
| 2055 |
| 2056 std::string old_version = extension->VersionString(); |
| 2057 |
| 2058 // Update to a new version. |
| 2059 PackCRXAndUpdateExtension(id, base_path.AppendASCII("v2"), pem_path, ENABLED); |
| 2060 |
| 2061 // The extension should still be there and enabled. |
| 2062 extension = registry()->enabled_extensions().GetByID(id); |
| 2063 ASSERT_TRUE(extension); |
| 2064 // The version should have changed. |
| 2065 EXPECT_NE(extension->VersionString(), old_version); |
| 2066 } |
| 2067 |
| 2068 TEST_F(ExtensionServiceTestSupervised, |
| 2069 UpdateSUInitiatedInstallWithPermissionIncrease) { |
| 2070 InitNeedCustodianApprovalFieldTrial(true); |
| 2071 InitSupervisedUserInitiatedExtensionInstallFeature(true); |
| 2072 |
| 2073 InitServices(true /* profile_is_supervised */); |
| 2074 |
| 2075 std::string id = InstallPermissionsTestExtension(false /* by_custodian */); |
| 2076 const std::string version("1"); |
| 2077 |
| 2078 SimulateCustodianApprovalViaSync(id, version); |
| 2079 |
| 2080 // The extension should be enabled now. |
| 2081 EXPECT_TRUE(registry()->enabled_extensions().Contains(id)); |
| 2082 |
| 2083 const std::string version2("2"); |
| 2084 |
| 2085 UpdatePermissionsTestExtension(id, version2, DISABLED); |
| 2086 |
| 2087 // The extension should be disabled. |
| 2088 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); |
| 2089 } |
| 2090 |
| 1868 TEST_F(ExtensionServiceSyncTest, SyncUninstallByCustodianSkipsPolicy) { | 2091 TEST_F(ExtensionServiceSyncTest, SyncUninstallByCustodianSkipsPolicy) { |
| 1869 InitializeEmptyExtensionService(); | 2092 InitializeEmptyExtensionService(); |
| 1870 extension_sync_service()->MergeDataAndStartSyncing( | 2093 extension_sync_service()->MergeDataAndStartSyncing( |
| 1871 syncer::EXTENSIONS, syncer::SyncDataList(), | 2094 syncer::EXTENSIONS, syncer::SyncDataList(), |
| 1872 base::WrapUnique(new syncer::FakeSyncChangeProcessor()), | 2095 base::WrapUnique(new syncer::FakeSyncChangeProcessor()), |
| 1873 base::WrapUnique(new syncer::SyncErrorFactoryMock())); | 2096 base::WrapUnique(new syncer::SyncErrorFactoryMock())); |
| 1874 | 2097 |
| 1875 // Install two extensions. | 2098 // Install two extensions. |
| 1876 base::FilePath path1 = data_dir().AppendASCII("good.crx"); | 2099 base::FilePath path1 = data_dir().AppendASCII("good.crx"); |
| 1877 base::FilePath path2 = data_dir().AppendASCII("good2048.crx"); | 2100 base::FilePath path2 = data_dir().AppendASCII("good2048.crx"); |
| (...skipping 176 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2054 break; | 2277 break; |
| 2055 } | 2278 } |
| 2056 } | 2279 } |
| 2057 } | 2280 } |
| 2058 EXPECT_TRUE(found_delete); | 2281 EXPECT_TRUE(found_delete); |
| 2059 | 2282 |
| 2060 // Make sure there is one extension, and there are no more apps. | 2283 // Make sure there is one extension, and there are no more apps. |
| 2061 EXPECT_EQ(1u, extensions_processor.data().size()); | 2284 EXPECT_EQ(1u, extensions_processor.data().size()); |
| 2062 EXPECT_TRUE(apps_processor.data().empty()); | 2285 EXPECT_TRUE(apps_processor.data().empty()); |
| 2063 } | 2286 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2004043002:
Supervised Users Initiated Installs v2 (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@kid_initiated_install