Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(575)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/chromeos/extensions/signin_screen_policy_provider_unittest.cc

Issue 2159103006: Add policy provider that would filter extensions/apps allowed on the (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: . Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« chrome/browser/chromeos/extensions/signin_screen_policy_provider.cc ('K') | « chrome/browser/chromeos/extensions/signin_screen_policy_provider.cc ('k') | chrome/browser/extensions/extension_system_impl.h » ('j') | chrome/browser/extensions/extension_system_impl.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/chromeos/extensions/signin_screen_policy_provider.h"
6
7 #include <string>
8
9 #include "base/files/file_path.h"
10 #include "base/memory/ref_counted.h"
11 #include "base/strings/string16.h"
12 #include "base/values.h"
13 #include "extensions/common/extension.h"
14 #include "extensions/common/manifest.h"
15 #include "extensions/common/manifest_constants.h"
16 #include "testing/gtest/include/gtest/gtest.h"
17
18 namespace chromeos {
19
20 namespace {
21
22 const char kWhitelistedId[] = "kmendfapggjehodndflmmgagdbamhnfd";
23
24 scoped_refptr<const extensions::Extension> CreateExtensionFromValues(
25 const std::string& id,
26 extensions::Manifest::Location location,
27 base::DictionaryValue* values,
28 int flags) {
29 values->SetString(extensions::manifest_keys::kName, "test");
30 values->SetString(extensions::manifest_keys::kVersion, "0.1");
31 std::string error;
32 auto result = extensions::Extension::Create(base::FilePath(), location,
33 *values, flags, id, &error);
34
35 LOG(ERROR) << error;
36 return result;
37 }
38
39 scoped_refptr<const extensions::Extension> CreateRegularExtension(
40 const std::string& id) {
41 base::DictionaryValue values;
42 return CreateExtensionFromValues(id, extensions::Manifest::INTERNAL, &values,
43 extensions::Extension::NO_FLAGS);
44 }
45
46 scoped_refptr<const extensions::Extension> CreatePlatformAppWithExtraValues(
47 const base::DictionaryValue* extra_values,
48 extensions::Manifest::Location location,
49 int flags) {
50 base::DictionaryValue values;
51 values.SetString("app.background.page", "background.html");
52 values.MergeDictionary(extra_values);
53 return CreateExtensionFromValues(std::string(), location, &values, flags);
54 }
55
56 scoped_refptr<const extensions::Extension> CreatePlatformApp(
57 extensions::Manifest::Location location) {
58 base::DictionaryValue values;
59 return CreatePlatformAppWithExtraValues(&values, location,
60 extensions::Extension::NO_FLAGS);
61 }
62 } // namespace
63
64 TEST(SigninScreenPolicyProviderTest, SigninScreen) {
65 SigninScreenPolicyProvider provider;
66 scoped_refptr<const extensions::Extension> extension;
67 base::string16 error;
68
69 // Verify that if an extension's ID has been explicitly whitelisted for use on
70 // signin screen, the extension can be installed.
71 extension = CreateRegularExtension(kWhitelistedId);
72 ASSERT_TRUE(extension.get());
73 EXPECT_TRUE(provider.UserMayLoad(extension.get(), &error));
74 EXPECT_EQ(base::string16(), error);
75 error.clear();
76
77 // Verify that if an extensions location has been whitelisted for use on
78 // sign-in screen, the extension can be installed.
79 extension = CreatePlatformApp(extensions::Manifest::EXTERNAL_POLICY);
80 ASSERT_TRUE(extension.get());
81 EXPECT_TRUE(provider.UserMayLoad(extension.get(), &error));
82 EXPECT_EQ(base::string16(), error);
83 error.clear();
84
85 // Verify that if an extensions location has been whitelisted for use on
86 // sign-in screen, the extension can be installed.
87 extension = CreatePlatformApp(extensions::Manifest::EXTERNAL_POLICY_DOWNLOAD);
88 ASSERT_TRUE(extension.get());
89 EXPECT_TRUE(provider.UserMayLoad(extension.get(), &error));
90 EXPECT_EQ(base::string16(), error);
91 error.clear();
92
93 // Verify that if an extension's location has not been whitelisted for use on
94 // signin screen, the extension can no be installed.
95 extension = CreatePlatformApp(extensions::Manifest::INTERNAL);
96 LOG(ERROR) << extension->location();
97 ASSERT_TRUE(extension.get());
98 EXPECT_FALSE(provider.UserMayLoad(extension.get(), &error));
99 EXPECT_NE(base::string16(), error);
100 error.clear();
101
102 // Verify that a minimal platform app cannot be installed from location
103 // UNPACKED.
104 {
105 base::DictionaryValue values;
106 extension = CreatePlatformAppWithExtraValues(
107 &values, extensions::Manifest::UNPACKED,
108 extensions::Extension::NO_FLAGS);
109 ASSERT_TRUE(extension);
110
111 EXPECT_FALSE(provider.UserMayLoad(extension.get(), &error));
112 EXPECT_NE(base::string16(), error);
113 error.clear();
114 }
115
116 // Verify that a platform app with all safe manifest entries can be installed.
117 {
118 base::DictionaryValue values;
119 values.SetString(extensions::manifest_keys::kDescription, "something");
120 values.SetString(extensions::manifest_keys::kShortName, "something else");
121 base::ListValue* permissions = new base::ListValue();
122 permissions->AppendString("usb");
123 values.Set(extensions::manifest_keys::kPermissions, permissions);
124 base::ListValue* optional_permissions = new base::ListValue();
125 optional_permissions->AppendString("usb");
126 values.Set(extensions::manifest_keys::kOptionalPermissions,
127 optional_permissions);
128 extension = CreatePlatformAppWithExtraValues(
129 &values, extensions::Manifest::EXTERNAL_POLICY,
130 extensions::Extension::NO_FLAGS);
131 ASSERT_TRUE(extension);
132
133 EXPECT_TRUE(provider.UserMayLoad(extension.get(), &error));
134 EXPECT_EQ(base::string16(), error);
135 error.clear();
136 }
137
138 // Verify that a platform app with an unknown manifest entry under "app"
139 // cannot be installed.
140 {
141 base::DictionaryValue values;
142 values.SetString("app.not_whitelisted2", "something2");
143 extension = CreatePlatformAppWithExtraValues(
144 &values, extensions::Manifest::EXTERNAL_POLICY,
145 extensions::Extension::NO_FLAGS);
146 ASSERT_TRUE(extension);
147
148 EXPECT_FALSE(provider.UserMayLoad(extension.get(), &error));
149 EXPECT_NE(base::string16(), error);
150 error.clear();
151 }
152
153 // Verify that a platform app with an unknown permission entry cannot be
154 // installed.
155 {
156 base::ListValue* const permissions = new base::ListValue();
157 permissions->AppendString("not_whitelisted_permission");
158 base::DictionaryValue values;
159 values.Set(extensions::manifest_keys::kPermissions, permissions);
160
161 extension = CreatePlatformAppWithExtraValues(
162 &values, extensions::Manifest::EXTERNAL_POLICY,
163 extensions::Extension::NO_FLAGS);
164 ASSERT_TRUE(extension);
165
166 EXPECT_FALSE(provider.UserMayLoad(extension.get(), &error));
167 EXPECT_NE(base::string16(), error);
168 error.clear();
169 }
170
171 // Verify that a platform app with remote URL permissions can not be
172 // installed.
173 {
174 base::ListValue* const permissions = new base::ListValue();
175 permissions->AppendString("https://example.com/");
176 permissions->AppendString("http://example.com/");
177 permissions->AppendString("ftp://example.com/");
178 base::DictionaryValue values;
179 values.Set(extensions::manifest_keys::kPermissions, permissions);
180
181 extension = CreatePlatformAppWithExtraValues(
182 &values, extensions::Manifest::EXTERNAL_POLICY,
183 extensions::Extension::NO_FLAGS);
184 ASSERT_TRUE(extension);
185
186 EXPECT_FALSE(provider.UserMayLoad(extension.get(), &error));
187 EXPECT_NE(base::string16(), error);
188 error.clear();
189 }
190
191 // Verify that a platform app with unknown dictionary permission cannot be
192 // installed.
193 {
194 base::DictionaryValue* const socket = new base::DictionaryValue();
195 base::ListValue* const tcp_list = new base::ListValue();
196 tcp_list->AppendString("unknown_value");
197 socket->Set("unknown_key", tcp_list);
198 base::ListValue* const permissions = new base::ListValue();
199 permissions->Append(socket);
200 base::DictionaryValue values;
201 values.Set(extensions::manifest_keys::kPermissions, permissions);
202
203 extension = CreatePlatformAppWithExtraValues(
204 &values, extensions::Manifest::EXTERNAL_POLICY,
205 extensions::Extension::NO_FLAGS);
206 ASSERT_TRUE(extension);
207
208 EXPECT_FALSE(provider.UserMayLoad(extension.get(), &error));
209 EXPECT_NE(base::string16(), error);
210 error.clear();
211 }
212 }
213
214 } // namespace chromeos
OLDNEW
« chrome/browser/chromeos/extensions/signin_screen_policy_provider.cc ('K') | « chrome/browser/chromeos/extensions/signin_screen_policy_provider.cc ('k') | chrome/browser/extensions/extension_system_impl.h » ('j') | chrome/browser/extensions/extension_system_impl.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698