| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <stddef.h> | 5 #include <stddef.h> |
| 6 | 6 |
| 7 #include <map> | 7 #include <map> |
| 8 #include <memory> | 8 #include <memory> |
| 9 #include <string> | 9 #include <string> |
| 10 #include <utility> | 10 #include <utility> |
| 11 | 11 |
| 12 #include "base/bind.h" | 12 #include "base/bind.h" |
| 13 #include "base/command_line.h" | 13 #include "base/command_line.h" |
| 14 #include "base/feature_list.h" |
| 14 #include "base/files/file_util.h" | 15 #include "base/files/file_util.h" |
| 15 #include "base/macros.h" | 16 #include "base/macros.h" |
| 16 #include "base/memory/ptr_util.h" | 17 #include "base/memory/ptr_util.h" |
| 17 #include "base/memory/weak_ptr.h" | 18 #include "base/memory/weak_ptr.h" |
| 18 #include "base/metrics/field_trial.h" | 19 #include "base/metrics/field_trial.h" |
| 19 #include "base/test/mock_entropy_provider.h" | 20 #include "base/test/mock_entropy_provider.h" |
| 20 #include "chrome/browser/extensions/component_loader.h" | 21 #include "chrome/browser/extensions/component_loader.h" |
| 21 #include "chrome/browser/extensions/extension_service.h" | 22 #include "chrome/browser/extensions/extension_service.h" |
| 22 #include "chrome/browser/extensions/extension_service_test_with_install.h" | 23 #include "chrome/browser/extensions/extension_service_test_with_install.h" |
| 23 #include "chrome/browser/extensions/extension_sync_data.h" | 24 #include "chrome/browser/extensions/extension_sync_data.h" |
| (...skipping 21 matching lines...) Expand all Loading... |
| 45 #include "extensions/common/value_builder.h" | 46 #include "extensions/common/value_builder.h" |
| 46 #include "sync/api/fake_sync_change_processor.h" | 47 #include "sync/api/fake_sync_change_processor.h" |
| 47 #include "sync/api/sync_change_processor_wrapper_for_test.h" | 48 #include "sync/api/sync_change_processor_wrapper_for_test.h" |
| 48 #include "sync/api/sync_data.h" | 49 #include "sync/api/sync_data.h" |
| 49 #include "sync/api/sync_error_factory_mock.h" | 50 #include "sync/api/sync_error_factory_mock.h" |
| 50 #include "testing/gtest/include/gtest/gtest.h" | 51 #include "testing/gtest/include/gtest/gtest.h" |
| 51 | 52 |
| 52 #if defined(ENABLE_SUPERVISED_USERS) | 53 #if defined(ENABLE_SUPERVISED_USERS) |
| 53 #include "chrome/browser/supervised_user/permission_request_creator.h" | 54 #include "chrome/browser/supervised_user/permission_request_creator.h" |
| 54 #include "chrome/browser/supervised_user/supervised_user_constants.h" | 55 #include "chrome/browser/supervised_user/supervised_user_constants.h" |
| 56 #include "chrome/browser/supervised_user/supervised_user_features.h" |
| 55 #include "chrome/browser/supervised_user/supervised_user_service.h" | 57 #include "chrome/browser/supervised_user/supervised_user_service.h" |
| 56 #include "chrome/browser/supervised_user/supervised_user_service_factory.h" | 58 #include "chrome/browser/supervised_user/supervised_user_service_factory.h" |
| 59 #include "chrome/browser/supervised_user/supervised_user_settings_service.h" |
| 60 #include "chrome/browser/supervised_user/supervised_user_settings_service_factor
y.h" |
| 61 #include "chrome/common/pref_names.h" |
| 57 #endif | 62 #endif |
| 58 | 63 |
| 59 using extensions::AppSorting; | 64 using extensions::AppSorting; |
| 60 using extensions::Extension; | 65 using extensions::Extension; |
| 61 using extensions::ExtensionPrefs; | 66 using extensions::ExtensionPrefs; |
| 62 using extensions::ExtensionSyncData; | 67 using extensions::ExtensionSyncData; |
| 63 using extensions::ExtensionSystem; | 68 using extensions::ExtensionSystem; |
| 64 using extensions::Manifest; | 69 using extensions::Manifest; |
| 65 using extensions::PermissionSet; | 70 using extensions::PermissionSet; |
| 66 using syncer::SyncChange; | 71 using syncer::SyncChange; |
| 67 using syncer::SyncChangeList; | 72 using syncer::SyncChangeList; |
| 73 using testing::Mock; |
| 68 | 74 |
| 69 namespace { | 75 namespace { |
| 70 | 76 |
| 71 const char good0[] = "behllobkkfkfnphdnhnkndlbkcpglgmj"; | 77 const char good0[] = "behllobkkfkfnphdnhnkndlbkcpglgmj"; |
| 72 const char good2[] = "bjafgdebaacbbbecmhlhpofkepfkgcpa"; | 78 const char good2[] = "bjafgdebaacbbbecmhlhpofkepfkgcpa"; |
| 73 const char good_crx[] = "ldnnhddmnhbkjipkidpdiheffobcpfmf"; | 79 const char good_crx[] = "ldnnhddmnhbkjipkidpdiheffobcpfmf"; |
| 74 const char page_action[] = "obcimlgaoabeegjmmpldobjndiealpln"; | 80 const char page_action[] = "obcimlgaoabeegjmmpldobjndiealpln"; |
| 75 const char theme2_crx[] = "pjpgmfcmabopnnfonnhmdjglfpjjfkbf"; | 81 const char theme2_crx[] = "pjpgmfcmabopnnfonnhmdjglfpjjfkbf"; |
| 76 | 82 |
| 77 SyncChangeList MakeSyncChangeList(const std::string& id, | 83 SyncChangeList MakeSyncChangeList(const std::string& id, |
| (...skipping 1484 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1562 // Group name doesn't matter. | 1568 // Group name doesn't matter. |
| 1563 base::FieldTrialList::CreateFieldTrial( | 1569 base::FieldTrialList::CreateFieldTrial( |
| 1564 "SupervisedUserExtensionPermissionIncrease", "group"); | 1570 "SupervisedUserExtensionPermissionIncrease", "group"); |
| 1565 std::map<std::string, std::string> params; | 1571 std::map<std::string, std::string> params; |
| 1566 params["legacy_supervised_user"] = enabled ? "true" : "false"; | 1572 params["legacy_supervised_user"] = enabled ? "true" : "false"; |
| 1567 params["child_account"] = enabled ? "true" : "false"; | 1573 params["child_account"] = enabled ? "true" : "false"; |
| 1568 variations::AssociateVariationParams( | 1574 variations::AssociateVariationParams( |
| 1569 "SupervisedUserExtensionPermissionIncrease", "group", params); | 1575 "SupervisedUserExtensionPermissionIncrease", "group", params); |
| 1570 } | 1576 } |
| 1571 | 1577 |
| 1578 void InitSupervisedUserInitiatedExtensionInstallFeature(bool enabled) { |
| 1579 base::FeatureList::ClearInstanceForTesting(); |
| 1580 std::unique_ptr<base::FeatureList> feature_list(new base::FeatureList); |
| 1581 if (enabled) { |
| 1582 feature_list->InitializeFromCommandLine( |
| 1583 "SupervisedUserInitiatedExtensionInstall", std::string()); |
| 1584 } |
| 1585 base::FeatureList::SetInstance(std::move(feature_list)); |
| 1586 } |
| 1587 |
| 1572 void InitServices(bool profile_is_supervised) { | 1588 void InitServices(bool profile_is_supervised) { |
| 1573 ExtensionServiceInitParams params = CreateDefaultInitParams(); | 1589 ExtensionServiceInitParams params = CreateDefaultInitParams(); |
| 1574 params.profile_is_supervised = profile_is_supervised; | 1590 params.profile_is_supervised = profile_is_supervised; |
| 1591 // If profile is supervised, don't pass a pref file such that the testing |
| 1592 // profile creates a pref service that uses SupervisedUserPrefStore. |
| 1593 if (profile_is_supervised) { |
| 1594 params.pref_file = base::FilePath(); |
| 1595 } |
| 1575 InitializeExtensionService(params); | 1596 InitializeExtensionService(params); |
| 1576 StartSyncing(syncer::EXTENSIONS); | 1597 StartSyncing(syncer::EXTENSIONS); |
| 1577 | 1598 |
| 1578 supervised_user_service()->SetDelegate(this); | 1599 supervised_user_service()->SetDelegate(this); |
| 1579 supervised_user_service()->Init(); | 1600 supervised_user_service()->Init(); |
| 1580 } | 1601 } |
| 1581 | 1602 |
| 1582 std::string InstallPermissionsTestExtension() { | 1603 std::string InstallPermissionsTestExtension(bool by_custodian) { |
| 1583 const std::string version("1"); | 1604 const std::string version("1"); |
| 1584 | 1605 |
| 1585 const Extension* extension = | 1606 int creation_flags = 0; |
| 1586 PackAndInstallCRX(dir_path(version), pem_path(), INSTALL_NEW, | 1607 InstallState expected_state = INSTALL_WITHOUT_LOAD; |
| 1587 Extension::WAS_INSTALLED_BY_CUSTODIAN); | 1608 if (by_custodian) { |
| 1588 // The extension must now be installed and enabled. | 1609 creation_flags = Extension::WAS_INSTALLED_BY_CUSTODIAN; |
| 1610 expected_state = INSTALL_NEW; |
| 1611 } |
| 1612 const Extension* extension = PackAndInstallCRX( |
| 1613 dir_path(version), pem_path(), expected_state, creation_flags); |
| 1614 // The extension must now be installed. |
| 1589 EXPECT_TRUE(extension); | 1615 EXPECT_TRUE(extension); |
| 1590 EXPECT_TRUE(registry()->enabled_extensions().Contains(extension->id())); | 1616 |
| 1617 if (by_custodian) |
| 1618 EXPECT_TRUE(registry()->enabled_extensions().Contains(extension->id())); |
| 1619 else |
| 1620 EXPECT_TRUE(registry()->disabled_extensions().Contains(extension->id())); |
| 1621 |
| 1591 EXPECT_EQ(version, extension->VersionString()); | 1622 EXPECT_EQ(version, extension->VersionString()); |
| 1592 | 1623 |
| 1593 return extension->id(); | 1624 return extension->id(); |
| 1594 } | 1625 } |
| 1595 | 1626 |
| 1596 void UpdatePermissionsTestExtension(const std::string& id, | 1627 void UpdatePermissionsTestExtension(const std::string& id, |
| 1597 const std::string& version, | 1628 const std::string& version, |
| 1598 UpdateState expected_state) { | 1629 UpdateState expected_state) { |
| 1599 PackCRXAndUpdateExtension(id, dir_path(version), pem_path(), | 1630 PackCRXAndUpdateExtension(id, dir_path(version), pem_path(), |
| 1600 expected_state); | 1631 expected_state); |
| 1601 const Extension* extension = registry()->GetInstalledExtension(id); | 1632 const Extension* extension = registry()->GetInstalledExtension(id); |
| 1602 ASSERT_TRUE(extension); | 1633 ASSERT_TRUE(extension); |
| 1603 // The version should have been updated. | 1634 // The version should have been updated. |
| 1604 EXPECT_EQ(version, extension->VersionString()); | 1635 EXPECT_EQ(version, extension->VersionString()); |
| 1605 } | 1636 } |
| 1606 | 1637 |
| 1638 // Simulate a custodian approval for enabling the extension coming in |
| 1639 // through Sync by adding the approved version to the map of approved |
| 1640 // extensions. It doesn't change the disable reasons. |
| 1641 void SimulateCustodianApprovalViaSync(const std::string& extension_id, |
| 1642 const std::string& version) { |
| 1643 std::string key = SupervisedUserSettingsService::MakeSplitSettingKey( |
| 1644 supervised_users::kApprovedExtensions, extension_id); |
| 1645 syncer::SyncData sync_data = |
| 1646 SupervisedUserSettingsService::CreateSyncDataForSetting( |
| 1647 key, base::StringValue(version)); |
| 1648 |
| 1649 SyncChangeList list( |
| 1650 1, SyncChange(FROM_HERE, SyncChange::ACTION_ADD, sync_data)); |
| 1651 |
| 1652 SupervisedUserSettingsService* supervised_user_settings_service = |
| 1653 SupervisedUserSettingsServiceFactory::GetForProfile(profile()); |
| 1654 supervised_user_settings_service->ProcessSyncChanges(FROM_HERE, list); |
| 1655 } |
| 1656 |
| 1607 SupervisedUserService* supervised_user_service() { | 1657 SupervisedUserService* supervised_user_service() { |
| 1608 return SupervisedUserServiceFactory::GetForProfile(profile()); | 1658 return SupervisedUserServiceFactory::GetForProfile(profile()); |
| 1609 } | 1659 } |
| 1610 | 1660 |
| 1611 static std::string UpdateRequestId(const std::string& extension_id, | 1661 static std::string RequestId(const std::string& extension_id, |
| 1612 const std::string& version) { | 1662 const std::string& version) { |
| 1613 return SupervisedUserService::GetExtensionUpdateRequestId( | 1663 return SupervisedUserService::GetExtensionRequestId( |
| 1614 extension_id, base::Version(version)); | 1664 extension_id, base::Version(version)); |
| 1615 } | 1665 } |
| 1616 | 1666 |
| 1617 private: | 1667 private: |
| 1618 // This prevents the legacy supervised user init code from running. | 1668 // This prevents the legacy supervised user init code from running. |
| 1619 bool SetActive(bool active) override { return true; } | 1669 bool SetActive(bool active) override { return true; } |
| 1620 | 1670 |
| 1621 base::FilePath base_path() const { | 1671 base::FilePath base_path() const { |
| 1622 return data_dir().AppendASCII("permissions_increase"); | 1672 return data_dir().AppendASCII("permissions_increase"); |
| 1623 } | 1673 } |
| (...skipping 12 matching lines...) Expand all Loading... |
| 1636 MockPermissionRequestCreator() {} | 1686 MockPermissionRequestCreator() {} |
| 1637 ~MockPermissionRequestCreator() override {} | 1687 ~MockPermissionRequestCreator() override {} |
| 1638 | 1688 |
| 1639 bool IsEnabled() const override { return true; } | 1689 bool IsEnabled() const override { return true; } |
| 1640 | 1690 |
| 1641 void CreateURLAccessRequest(const GURL& url_requested, | 1691 void CreateURLAccessRequest(const GURL& url_requested, |
| 1642 const SuccessCallback& callback) override { | 1692 const SuccessCallback& callback) override { |
| 1643 FAIL(); | 1693 FAIL(); |
| 1644 } | 1694 } |
| 1645 | 1695 |
| 1696 MOCK_METHOD2(CreateExtensionInstallRequest, |
| 1697 void(const std::string& id, |
| 1698 const SupervisedUserService::SuccessCallback& callback)); |
| 1699 |
| 1646 MOCK_METHOD2(CreateExtensionUpdateRequest, | 1700 MOCK_METHOD2(CreateExtensionUpdateRequest, |
| 1647 void(const std::string& id, | 1701 void(const std::string& id, |
| 1648 const SupervisedUserService::SuccessCallback& callback)); | 1702 const SupervisedUserService::SuccessCallback& callback)); |
| 1649 | 1703 |
| 1650 private: | 1704 private: |
| 1651 DISALLOW_COPY_AND_ASSIGN(MockPermissionRequestCreator); | 1705 DISALLOW_COPY_AND_ASSIGN(MockPermissionRequestCreator); |
| 1652 }; | 1706 }; |
| 1653 | 1707 |
| 1654 TEST_F(ExtensionServiceTestSupervised, InstallOnlyAllowedByCustodian) { | 1708 TEST_F(ExtensionServiceTestSupervised, InstallOnlyAllowedByCustodian) { |
| 1655 InitServices(true /* profile_is_supervised */); | 1709 InitServices(true /* profile_is_supervised */); |
| 1710 InitSupervisedUserInitiatedExtensionInstallFeature(false); |
| 1656 | 1711 |
| 1657 base::FilePath path1 = data_dir().AppendASCII("good.crx"); | 1712 base::FilePath path1 = data_dir().AppendASCII("good.crx"); |
| 1658 base::FilePath path2 = data_dir().AppendASCII("good2048.crx"); | 1713 base::FilePath path2 = data_dir().AppendASCII("good2048.crx"); |
| 1659 const Extension* extensions[] = { | 1714 const Extension* extensions[] = { |
| 1660 InstallCRX(path1, INSTALL_FAILED), | 1715 InstallCRX(path1, INSTALL_FAILED), |
| 1661 InstallCRX(path2, INSTALL_NEW, Extension::WAS_INSTALLED_BY_CUSTODIAN) | 1716 InstallCRX(path2, INSTALL_NEW, Extension::WAS_INSTALLED_BY_CUSTODIAN) |
| 1662 }; | 1717 }; |
| 1663 | 1718 |
| 1664 // Only the extension with the "installed by custodian" flag should have been | 1719 // Only the extension with the "installed by custodian" flag should have been |
| 1665 // installed and enabled. | 1720 // installed and enabled. |
| 1666 EXPECT_FALSE(extensions[0]); | 1721 EXPECT_FALSE(extensions[0]); |
| 1667 ASSERT_TRUE(extensions[1]); | 1722 ASSERT_TRUE(extensions[1]); |
| 1668 EXPECT_TRUE(registry()->enabled_extensions().Contains(extensions[1]->id())); | 1723 EXPECT_TRUE(registry()->enabled_extensions().Contains(extensions[1]->id())); |
| 1669 } | 1724 } |
| 1670 | 1725 |
| 1671 TEST_F(ExtensionServiceTestSupervised, PreinstalledExtension) { | 1726 TEST_F(ExtensionServiceTestSupervised, |
| 1727 InstallAllowedByCustodianAndSupervisedUser) { |
| 1728 InitServices(true /* profile_is_supervised */); |
| 1729 InitSupervisedUserInitiatedExtensionInstallFeature(true); |
| 1730 |
| 1731 base::FilePath path1 = data_dir().AppendASCII("good.crx"); |
| 1732 base::FilePath path2 = data_dir().AppendASCII("good2048.crx"); |
| 1733 const Extension* extensions[] = { |
| 1734 InstallCRX(path1, INSTALL_WITHOUT_LOAD), |
| 1735 InstallCRX(path2, INSTALL_NEW, Extension::WAS_INSTALLED_BY_CUSTODIAN)}; |
| 1736 |
| 1737 // Only the extension with the "installed by custodian" flag should have been |
| 1738 // installed and enabled. |
| 1739 // The extension missing the "installed by custodian" flag is a |
| 1740 // supervised user initiated install and hence not enabled. |
| 1741 ASSERT_TRUE(extensions[0]); |
| 1742 ASSERT_TRUE(extensions[1]); |
| 1743 EXPECT_TRUE(registry()->disabled_extensions().Contains(extensions[0]->id())); |
| 1744 EXPECT_TRUE(registry()->enabled_extensions().Contains(extensions[1]->id())); |
| 1745 } |
| 1746 |
| 1747 TEST_F(ExtensionServiceTestSupervised, |
| 1748 PreinstalledExtensionWithSUInitiatedInstalls) { |
| 1672 InitServices(false /* profile_is_supervised */); | 1749 InitServices(false /* profile_is_supervised */); |
| 1750 InitSupervisedUserInitiatedExtensionInstallFeature(true); |
| 1673 | 1751 |
| 1674 // Install an extension. | 1752 // Install an extension. |
| 1675 base::FilePath path = data_dir().AppendASCII("good.crx"); | 1753 base::FilePath path = data_dir().AppendASCII("good.crx"); |
| 1676 const Extension* extension = InstallCRX(path, INSTALL_NEW); | 1754 const Extension* extension = InstallCRX(path, INSTALL_NEW); |
| 1677 std::string id = extension->id(); | 1755 std::string id = extension->id(); |
| 1756 // Make sure it's enabled. |
| 1757 EXPECT_TRUE(registry()->enabled_extensions().Contains(id)); |
| 1758 |
| 1759 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; |
| 1760 supervised_user_service()->AddPermissionRequestCreator( |
| 1761 base::WrapUnique(creator)); |
| 1762 const std::string version("1.0.0.0"); |
| 1763 |
| 1764 EXPECT_CALL(*creator, CreateExtensionInstallRequest( |
| 1765 RequestId(good_crx, version), testing::_)); |
| 1678 | 1766 |
| 1679 // Now make the profile supervised. | 1767 // Now make the profile supervised. |
| 1680 profile()->AsTestingProfile()->SetSupervisedUserId( | 1768 profile()->AsTestingProfile()->SetSupervisedUserId( |
| 1769 supervised_users::kChildAccountSUID); |
| 1770 |
| 1771 Mock::VerifyAndClearExpectations(creator); |
| 1772 |
| 1773 // The extension should not be enabled anymore. |
| 1774 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); |
| 1775 |
| 1776 extensions::ExtensionPrefs* extension_prefs = |
| 1777 extensions::ExtensionPrefs::Get(profile()); |
| 1778 EXPECT_TRUE(extension_prefs->HasDisableReason( |
| 1779 id, extensions::Extension::DISABLE_CUSTODIAN_APPROVAL_REQUIRED)); |
| 1780 } |
| 1781 |
| 1782 TEST_F(ExtensionServiceTestSupervised, |
| 1783 PreinstalledExtensionWithoutSUInitiatedInstalls) { |
| 1784 InitServices(false /* profile_is_supervised */); |
| 1785 InitSupervisedUserInitiatedExtensionInstallFeature(false); |
| 1786 |
| 1787 // Install an extension. |
| 1788 base::FilePath path = data_dir().AppendASCII("good.crx"); |
| 1789 const Extension* extension = InstallCRX(path, INSTALL_NEW); |
| 1790 std::string id = extension->id(); |
| 1791 // Make sure it's enabled. |
| 1792 EXPECT_TRUE(registry()->enabled_extensions().Contains(id)); |
| 1793 |
| 1794 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; |
| 1795 supervised_user_service()->AddPermissionRequestCreator( |
| 1796 base::WrapUnique(creator)); |
| 1797 const std::string version("1.0.0.0"); |
| 1798 |
| 1799 // No request should be sent because supervised user initiated installs |
| 1800 // are disabled. |
| 1801 EXPECT_CALL(*creator, CreateExtensionInstallRequest( |
| 1802 RequestId(good_crx, version), testing::_)) |
| 1803 .Times(0); |
| 1804 |
| 1805 // Now make the profile supervised. |
| 1806 profile()->AsTestingProfile()->SetSupervisedUserId( |
| 1681 supervised_users::kChildAccountSUID); | 1807 supervised_users::kChildAccountSUID); |
| 1682 | 1808 |
| 1683 // The extension should not be enabled anymore. | 1809 // The extension should not be enabled anymore. |
| 1684 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); | 1810 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); |
| 1811 |
| 1812 extensions::ExtensionPrefs* extension_prefs = |
| 1813 extensions::ExtensionPrefs::Get(profile()); |
| 1814 EXPECT_TRUE(extension_prefs->HasDisableReason( |
| 1815 id, extensions::Extension::DISABLE_CUSTODIAN_APPROVAL_REQUIRED)); |
| 1685 } | 1816 } |
| 1686 | 1817 |
| 1687 TEST_F(ExtensionServiceTestSupervised, UpdateWithoutPermissionIncrease) { | 1818 TEST_F(ExtensionServiceTestSupervised, UpdateWithoutPermissionIncrease) { |
| 1688 InitServices(true /* profile_is_supervised */); | 1819 InitServices(true /* profile_is_supervised */); |
| 1689 | 1820 |
| 1690 base::FilePath base_path = data_dir().AppendASCII("autoupdate"); | 1821 base::FilePath base_path = data_dir().AppendASCII("autoupdate"); |
| 1691 base::FilePath pem_path = base_path.AppendASCII("key.pem"); | 1822 base::FilePath pem_path = base_path.AppendASCII("key.pem"); |
| 1692 | 1823 |
| 1693 const Extension* extension = | 1824 const Extension* extension = |
| 1694 PackAndInstallCRX(base_path.AppendASCII("v1"), pem_path, INSTALL_NEW, | 1825 PackAndInstallCRX(base_path.AppendASCII("v1"), pem_path, INSTALL_NEW, |
| (...skipping 19 matching lines...) Expand all Loading... |
| 1714 | 1845 |
| 1715 TEST_F(ExtensionServiceTestSupervised, UpdateWithPermissionIncreaseNoApproval) { | 1846 TEST_F(ExtensionServiceTestSupervised, UpdateWithPermissionIncreaseNoApproval) { |
| 1716 InitNeedCustodianApprovalFieldTrial(false); | 1847 InitNeedCustodianApprovalFieldTrial(false); |
| 1717 | 1848 |
| 1718 InitServices(true /* profile_is_supervised */); | 1849 InitServices(true /* profile_is_supervised */); |
| 1719 | 1850 |
| 1720 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; | 1851 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; |
| 1721 supervised_user_service()->AddPermissionRequestCreator( | 1852 supervised_user_service()->AddPermissionRequestCreator( |
| 1722 base::WrapUnique(creator)); | 1853 base::WrapUnique(creator)); |
| 1723 | 1854 |
| 1724 std::string id = InstallPermissionsTestExtension(); | 1855 std::string id = InstallPermissionsTestExtension(true /* by_custodian */); |
| 1725 | 1856 |
| 1726 // Update to a new version with increased permissions. | 1857 // Update to a new version with increased permissions. |
| 1727 // Since we don't require the custodian's approval, no permission request | 1858 // Since we don't require the custodian's approval, no permission request |
| 1728 // should be created. | 1859 // should be created. |
| 1729 const std::string version2("2"); | 1860 const std::string version2("2"); |
| 1730 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( | 1861 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( |
| 1731 UpdateRequestId(id, version2), testing::_)) | 1862 RequestId(id, version2), testing::_)) |
| 1732 .Times(0); | 1863 .Times(0); |
| 1733 UpdatePermissionsTestExtension(id, version2, DISABLED); | 1864 UpdatePermissionsTestExtension(id, version2, DISABLED); |
| 1734 } | 1865 } |
| 1735 | 1866 |
| 1736 TEST_F(ExtensionServiceTestSupervised, | 1867 TEST_F(ExtensionServiceTestSupervised, |
| 1737 UpdateWithPermissionIncreaseApprovalOldVersion) { | 1868 UpdateWithPermissionIncreaseApprovalOldVersion) { |
| 1738 InitNeedCustodianApprovalFieldTrial(true); | 1869 InitNeedCustodianApprovalFieldTrial(true); |
| 1739 | 1870 |
| 1740 InitServices(true /* profile_is_supervised */); | 1871 InitServices(true /* profile_is_supervised */); |
| 1741 | 1872 |
| 1742 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; | 1873 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; |
| 1743 supervised_user_service()->AddPermissionRequestCreator( | 1874 supervised_user_service()->AddPermissionRequestCreator( |
| 1744 base::WrapUnique(creator)); | 1875 base::WrapUnique(creator)); |
| 1745 | 1876 |
| 1746 const std::string version1("1"); | 1877 const std::string version1("1"); |
| 1747 const std::string version2("2"); | 1878 const std::string version2("2"); |
| 1748 | 1879 |
| 1749 std::string id = InstallPermissionsTestExtension(); | 1880 std::string id = InstallPermissionsTestExtension(true /* by_custodian */); |
| 1750 | 1881 |
| 1751 // Update to a new version with increased permissions. | 1882 // Update to a new version with increased permissions. |
| 1752 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( | 1883 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( |
| 1753 UpdateRequestId(id, version2), testing::_)); | 1884 RequestId(id, version2), testing::_)); |
| 1754 UpdatePermissionsTestExtension(id, version2, DISABLED); | 1885 UpdatePermissionsTestExtension(id, version2, DISABLED); |
| 1886 Mock::VerifyAndClearExpectations(creator); |
| 1755 | 1887 |
| 1756 // Simulate a custodian approval for re-enabling the extension coming in | 1888 // Simulate a custodian approval for re-enabling the extension coming in |
| 1757 // through Sync, but set the old version. This can happen when there already | 1889 // through Sync, but set the old version. This can happen when there already |
| 1758 // was a pending request for an earlier version of the extension. | 1890 // was a pending request for an earlier version of the extension. |
| 1759 sync_pb::EntitySpecifics specifics; | 1891 sync_pb::EntitySpecifics specifics; |
| 1760 sync_pb::ExtensionSpecifics* ext_specifics = specifics.mutable_extension(); | 1892 sync_pb::ExtensionSpecifics* ext_specifics = specifics.mutable_extension(); |
| 1761 ext_specifics->set_id(id); | 1893 ext_specifics->set_id(id); |
| 1762 ext_specifics->set_enabled(true); | 1894 ext_specifics->set_enabled(true); |
| 1763 ext_specifics->set_disable_reasons(Extension::DISABLE_NONE); | 1895 ext_specifics->set_disable_reasons(Extension::DISABLE_NONE); |
| 1764 ext_specifics->set_installed_by_custodian(true); | 1896 ext_specifics->set_installed_by_custodian(true); |
| 1765 ext_specifics->set_version(version1); | 1897 ext_specifics->set_version(version1); |
| 1766 | 1898 |
| 1767 // Attempting to re-enable an old version should result in a permission | 1899 // Attempting to re-enable an old version should result in a permission |
| 1768 // request for the current version. | 1900 // request for the current version. |
| 1769 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( | 1901 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( |
| 1770 UpdateRequestId(id, version2), testing::_)); | 1902 RequestId(id, version2), testing::_)); |
| 1771 | 1903 |
| 1772 SyncChangeList list = | 1904 SyncChangeList list = |
| 1773 MakeSyncChangeList(id, specifics, SyncChange::ACTION_UPDATE); | 1905 MakeSyncChangeList(id, specifics, SyncChange::ACTION_UPDATE); |
| 1774 | 1906 |
| 1775 extension_sync_service()->ProcessSyncChanges(FROM_HERE, list); | 1907 extension_sync_service()->ProcessSyncChanges(FROM_HERE, list); |
| 1776 // The re-enable should be ignored, since the version doesn't match. | 1908 // The re-enable should be ignored, since the version doesn't match. |
| 1777 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); | 1909 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); |
| 1778 EXPECT_FALSE(extension_sync_service()->HasPendingReenable( | 1910 EXPECT_FALSE(extension_sync_service()->HasPendingReenable( |
| 1779 id, base::Version(version1))); | 1911 id, base::Version(version1))); |
| 1780 EXPECT_FALSE(extension_sync_service()->HasPendingReenable( | 1912 EXPECT_FALSE(extension_sync_service()->HasPendingReenable( |
| 1781 id, base::Version(version2))); | 1913 id, base::Version(version2))); |
| 1914 Mock::VerifyAndClearExpectations(creator); |
| 1782 } | 1915 } |
| 1783 | 1916 |
| 1784 TEST_F(ExtensionServiceTestSupervised, | 1917 TEST_F(ExtensionServiceTestSupervised, |
| 1785 UpdateWithPermissionIncreaseApprovalMatchingVersion) { | 1918 UpdateWithPermissionIncreaseApprovalMatchingVersion) { |
| 1786 InitNeedCustodianApprovalFieldTrial(true); | 1919 InitNeedCustodianApprovalFieldTrial(true); |
| 1787 | 1920 |
| 1788 InitServices(true /* profile_is_supervised */); | 1921 InitServices(true /* profile_is_supervised */); |
| 1789 | 1922 |
| 1790 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; | 1923 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; |
| 1791 supervised_user_service()->AddPermissionRequestCreator( | 1924 supervised_user_service()->AddPermissionRequestCreator( |
| 1792 base::WrapUnique(creator)); | 1925 base::WrapUnique(creator)); |
| 1793 | 1926 |
| 1794 std::string id = InstallPermissionsTestExtension(); | 1927 std::string id = InstallPermissionsTestExtension(true /* by_custodian */); |
| 1795 | 1928 |
| 1796 // Update to a new version with increased permissions. | 1929 // Update to a new version with increased permissions. |
| 1797 const std::string version2("2"); | 1930 const std::string version2("2"); |
| 1798 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( | 1931 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( |
| 1799 UpdateRequestId(id, version2), testing::_)); | 1932 RequestId(id, version2), testing::_)); |
| 1800 UpdatePermissionsTestExtension(id, version2, DISABLED); | 1933 UpdatePermissionsTestExtension(id, version2, DISABLED); |
| 1934 Mock::VerifyAndClearExpectations(creator); |
| 1801 | 1935 |
| 1802 // Simulate a custodian approval for re-enabling the extension coming in | 1936 // Simulate a custodian approval for re-enabling the extension coming in |
| 1803 // through Sync. | 1937 // through Sync. |
| 1804 sync_pb::EntitySpecifics specifics; | 1938 sync_pb::EntitySpecifics specifics; |
| 1805 sync_pb::ExtensionSpecifics* ext_specifics = specifics.mutable_extension(); | 1939 sync_pb::ExtensionSpecifics* ext_specifics = specifics.mutable_extension(); |
| 1806 ext_specifics->set_id(id); | 1940 ext_specifics->set_id(id); |
| 1807 ext_specifics->set_enabled(true); | 1941 ext_specifics->set_enabled(true); |
| 1808 ext_specifics->set_disable_reasons(Extension::DISABLE_NONE); | 1942 ext_specifics->set_disable_reasons(Extension::DISABLE_NONE); |
| 1809 ext_specifics->set_installed_by_custodian(true); | 1943 ext_specifics->set_installed_by_custodian(true); |
| 1810 ext_specifics->set_version(version2); | 1944 ext_specifics->set_version(version2); |
| 1811 | 1945 |
| 1812 SyncChangeList list = | 1946 SyncChangeList list = |
| 1813 MakeSyncChangeList(id, specifics, SyncChange::ACTION_UPDATE); | 1947 MakeSyncChangeList(id, specifics, SyncChange::ACTION_UPDATE); |
| 1814 | 1948 |
| 1815 extension_sync_service()->ProcessSyncChanges(FROM_HERE, list); | 1949 extension_sync_service()->ProcessSyncChanges(FROM_HERE, list); |
| 1816 // The extension should have gotten re-enabled. | 1950 // The extension should have gotten re-enabled. |
| 1817 EXPECT_TRUE(registry()->enabled_extensions().Contains(id)); | 1951 EXPECT_TRUE(registry()->enabled_extensions().Contains(id)); |
| 1818 } | 1952 } |
| 1819 | 1953 |
| 1820 TEST_F(ExtensionServiceTestSupervised, | 1954 TEST_F(ExtensionServiceTestSupervised, |
| 1821 UpdateWithPermissionIncreaseApprovalNewVersion) { | 1955 UpdateWithPermissionIncreaseApprovalNewVersion) { |
| 1822 InitNeedCustodianApprovalFieldTrial(true); | 1956 InitNeedCustodianApprovalFieldTrial(true); |
| 1823 | 1957 |
| 1824 InitServices(true /* profile_is_supervised */); | 1958 InitServices(true /* profile_is_supervised */); |
| 1825 | 1959 |
| 1826 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; | 1960 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; |
| 1827 supervised_user_service()->AddPermissionRequestCreator( | 1961 supervised_user_service()->AddPermissionRequestCreator( |
| 1828 base::WrapUnique(creator)); | 1962 base::WrapUnique(creator)); |
| 1829 | 1963 |
| 1830 std::string id = InstallPermissionsTestExtension(); | 1964 std::string id = InstallPermissionsTestExtension(true /* by_custodian */); |
| 1831 | 1965 |
| 1832 // Update to a new version with increased permissions. | 1966 // Update to a new version with increased permissions. |
| 1833 const std::string version2("2"); | 1967 const std::string version2("2"); |
| 1834 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( | 1968 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( |
| 1835 UpdateRequestId(id, version2), testing::_)); | 1969 RequestId(id, version2), testing::_)); |
| 1836 UpdatePermissionsTestExtension(id, version2, DISABLED); | 1970 UpdatePermissionsTestExtension(id, version2, DISABLED); |
| 1971 Mock::VerifyAndClearExpectations(creator); |
| 1837 | 1972 |
| 1838 // Simulate a custodian approval for re-enabling the extension coming in | 1973 // Simulate a custodian approval for re-enabling the extension coming in |
| 1839 // through Sync. Set a newer version than we have installed. | 1974 // through Sync. Set a newer version than we have installed. |
| 1840 const std::string version3("3"); | 1975 const std::string version3("3"); |
| 1841 sync_pb::EntitySpecifics specifics; | 1976 sync_pb::EntitySpecifics specifics; |
| 1842 sync_pb::ExtensionSpecifics* ext_specifics = specifics.mutable_extension(); | 1977 sync_pb::ExtensionSpecifics* ext_specifics = specifics.mutable_extension(); |
| 1843 ext_specifics->set_id(id); | 1978 ext_specifics->set_id(id); |
| 1844 ext_specifics->set_enabled(true); | 1979 ext_specifics->set_enabled(true); |
| 1845 ext_specifics->set_disable_reasons(Extension::DISABLE_NONE); | 1980 ext_specifics->set_disable_reasons(Extension::DISABLE_NONE); |
| 1846 ext_specifics->set_installed_by_custodian(true); | 1981 ext_specifics->set_installed_by_custodian(true); |
| 1847 ext_specifics->set_version(version3); | 1982 ext_specifics->set_version(version3); |
| 1848 | 1983 |
| 1849 // This should *not* result in a new permission request. | 1984 // This should *not* result in a new permission request. |
| 1850 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( | 1985 EXPECT_CALL(*creator, CreateExtensionUpdateRequest( |
| 1851 UpdateRequestId(id, version3), testing::_)) | 1986 RequestId(id, version3), testing::_)) |
| 1852 .Times(0); | 1987 .Times(0); |
| 1853 | 1988 |
| 1854 SyncChangeList list = | 1989 SyncChangeList list = |
| 1855 MakeSyncChangeList(id, specifics, SyncChange::ACTION_UPDATE); | 1990 MakeSyncChangeList(id, specifics, SyncChange::ACTION_UPDATE); |
| 1856 | 1991 |
| 1857 extension_sync_service()->ProcessSyncChanges(FROM_HERE, list); | 1992 extension_sync_service()->ProcessSyncChanges(FROM_HERE, list); |
| 1858 // The re-enable should be delayed until the extension is updated to the | 1993 // The re-enable should be delayed until the extension is updated to the |
| 1859 // matching version. | 1994 // matching version. |
| 1860 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); | 1995 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); |
| 1861 EXPECT_TRUE(extension_sync_service()->HasPendingReenable( | 1996 EXPECT_TRUE(extension_sync_service()->HasPendingReenable( |
| 1862 id, base::Version(version3))); | 1997 id, base::Version(version3))); |
| 1863 | 1998 |
| 1864 // Update to the matching version. Now the extension should get enabled. | 1999 // Update to the matching version. Now the extension should get enabled. |
| 1865 UpdatePermissionsTestExtension(id, version3, ENABLED); | 2000 UpdatePermissionsTestExtension(id, version3, ENABLED); |
| 1866 } | 2001 } |
| 1867 | 2002 |
| 2003 TEST_F(ExtensionServiceTestSupervised, SupervisedUserInitiatedInstalls) { |
| 2004 InitNeedCustodianApprovalFieldTrial(true); |
| 2005 InitSupervisedUserInitiatedExtensionInstallFeature(true); |
| 2006 |
| 2007 InitServices(true /* profile_is_supervised */); |
| 2008 |
| 2009 MockPermissionRequestCreator* creator = new MockPermissionRequestCreator; |
| 2010 supervised_user_service()->AddPermissionRequestCreator( |
| 2011 base::WrapUnique(creator)); |
| 2012 |
| 2013 base::FilePath path = data_dir().AppendASCII("good.crx"); |
| 2014 const std::string version("1.0.0.0"); |
| 2015 |
| 2016 EXPECT_CALL(*creator, CreateExtensionInstallRequest( |
| 2017 RequestId(good_crx, version), testing::_)); |
| 2018 |
| 2019 // Should be installed but disabled, a request for approval should be sent. |
| 2020 const Extension* extension = InstallCRX(path, INSTALL_WITHOUT_LOAD); |
| 2021 ASSERT_EQ(extension->id(), good_crx); |
| 2022 ASSERT_TRUE(extension); |
| 2023 EXPECT_TRUE(registry()->disabled_extensions().Contains(extension->id())); |
| 2024 EXPECT_FALSE(registry()->enabled_extensions().Contains(extension->id())); |
| 2025 Mock::VerifyAndClearExpectations(creator); |
| 2026 |
| 2027 SimulateCustodianApprovalViaSync(extension->id(), version); |
| 2028 |
| 2029 // The extension should be enabled now. |
| 2030 EXPECT_TRUE(registry()->enabled_extensions().Contains(extension->id())); |
| 2031 } |
| 2032 |
| 2033 TEST_F(ExtensionServiceTestSupervised, |
| 2034 UpdateSUInitiatedInstallWithoutPermissionIncrease) { |
| 2035 InitNeedCustodianApprovalFieldTrial(true); |
| 2036 InitSupervisedUserInitiatedExtensionInstallFeature(true); |
| 2037 |
| 2038 InitServices(true /* profile_is_supervised */); |
| 2039 |
| 2040 base::FilePath base_path = data_dir().AppendASCII("autoupdate"); |
| 2041 base::FilePath pem_path = base_path.AppendASCII("key.pem"); |
| 2042 |
| 2043 const Extension* extension = PackAndInstallCRX( |
| 2044 base_path.AppendASCII("v1"), pem_path, INSTALL_WITHOUT_LOAD); |
| 2045 |
| 2046 ASSERT_TRUE(extension); |
| 2047 EXPECT_FALSE(registry()->enabled_extensions().Contains(extension->id())); |
| 2048 |
| 2049 SimulateCustodianApprovalViaSync(extension->id(), extension->VersionString()); |
| 2050 |
| 2051 // The extension should be enabled now. |
| 2052 EXPECT_TRUE(registry()->enabled_extensions().Contains(extension->id())); |
| 2053 |
| 2054 // Save the id, as the extension object will be destroyed during updating. |
| 2055 std::string id = extension->id(); |
| 2056 |
| 2057 std::string old_version = extension->VersionString(); |
| 2058 |
| 2059 // Update to a new version. |
| 2060 PackCRXAndUpdateExtension(id, base_path.AppendASCII("v2"), pem_path, ENABLED); |
| 2061 |
| 2062 // The extension should still be there and enabled. |
| 2063 extension = registry()->enabled_extensions().GetByID(id); |
| 2064 ASSERT_TRUE(extension); |
| 2065 // The version should have changed. |
| 2066 EXPECT_NE(extension->VersionString(), old_version); |
| 2067 |
| 2068 // Check that the approved version has been updated in the prefs as well. |
| 2069 // Prefs are updated via Sync. If the prefs are updated, then the new |
| 2070 // approved version has been pushed to Sync as well. |
| 2071 std::string approved_version; |
| 2072 PrefService* pref_service = profile()->GetPrefs(); |
| 2073 const base::DictionaryValue* approved_extensions = |
| 2074 pref_service->GetDictionary(prefs::kSupervisedUserApprovedExtensions); |
| 2075 approved_extensions->GetStringWithoutPathExpansion(id, &approved_version); |
| 2076 |
| 2077 EXPECT_EQ(extension->VersionString(), approved_version); |
| 2078 } |
| 2079 |
| 2080 TEST_F(ExtensionServiceTestSupervised, |
| 2081 UpdateSUInitiatedInstallWithPermissionIncrease) { |
| 2082 InitNeedCustodianApprovalFieldTrial(true); |
| 2083 InitSupervisedUserInitiatedExtensionInstallFeature(true); |
| 2084 |
| 2085 InitServices(true /* profile_is_supervised */); |
| 2086 |
| 2087 std::string id = InstallPermissionsTestExtension(false /* by_custodian */); |
| 2088 const std::string version("1"); |
| 2089 |
| 2090 SimulateCustodianApprovalViaSync(id, version); |
| 2091 |
| 2092 // The extension should be enabled now. |
| 2093 EXPECT_TRUE(registry()->enabled_extensions().Contains(id)); |
| 2094 |
| 2095 const std::string version2("2"); |
| 2096 |
| 2097 UpdatePermissionsTestExtension(id, version2, DISABLED); |
| 2098 |
| 2099 // The extension should be disabled. |
| 2100 EXPECT_FALSE(registry()->enabled_extensions().Contains(id)); |
| 2101 } |
| 2102 |
| 1868 TEST_F(ExtensionServiceSyncTest, SyncUninstallByCustodianSkipsPolicy) { | 2103 TEST_F(ExtensionServiceSyncTest, SyncUninstallByCustodianSkipsPolicy) { |
| 1869 InitializeEmptyExtensionService(); | 2104 InitializeEmptyExtensionService(); |
| 1870 extension_sync_service()->MergeDataAndStartSyncing( | 2105 extension_sync_service()->MergeDataAndStartSyncing( |
| 1871 syncer::EXTENSIONS, syncer::SyncDataList(), | 2106 syncer::EXTENSIONS, syncer::SyncDataList(), |
| 1872 base::WrapUnique(new syncer::FakeSyncChangeProcessor()), | 2107 base::WrapUnique(new syncer::FakeSyncChangeProcessor()), |
| 1873 base::WrapUnique(new syncer::SyncErrorFactoryMock())); | 2108 base::WrapUnique(new syncer::SyncErrorFactoryMock())); |
| 1874 | 2109 |
| 1875 // Install two extensions. | 2110 // Install two extensions. |
| 1876 base::FilePath path1 = data_dir().AppendASCII("good.crx"); | 2111 base::FilePath path1 = data_dir().AppendASCII("good.crx"); |
| 1877 base::FilePath path2 = data_dir().AppendASCII("good2048.crx"); | 2112 base::FilePath path2 = data_dir().AppendASCII("good2048.crx"); |
| (...skipping 176 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2054 break; | 2289 break; |
| 2055 } | 2290 } |
| 2056 } | 2291 } |
| 2057 } | 2292 } |
| 2058 EXPECT_TRUE(found_delete); | 2293 EXPECT_TRUE(found_delete); |
| 2059 | 2294 |
| 2060 // Make sure there is one extension, and there are no more apps. | 2295 // Make sure there is one extension, and there are no more apps. |
| 2061 EXPECT_EQ(1u, extensions_processor.data().size()); | 2296 EXPECT_EQ(1u, extensions_processor.data().size()); |
| 2062 EXPECT_TRUE(apps_processor.data().empty()); | 2297 EXPECT_TRUE(apps_processor.data().empty()); |
| 2063 } | 2298 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2004043002:
Supervised Users Initiated Installs v2 (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@kid_initiated_install