| Index: chrome/browser/chromeos/extensions/signin_screen_policy_provider_unittest.cc
|
| diff --git a/chrome/browser/chromeos/extensions/signin_screen_policy_provider_unittest.cc b/chrome/browser/chromeos/extensions/signin_screen_policy_provider_unittest.cc
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..a267faf7c93fb5261e416934dc3703ddb0d32559
|
| --- /dev/null
|
| +++ b/chrome/browser/chromeos/extensions/signin_screen_policy_provider_unittest.cc
|
| @@ -0,0 +1,130 @@
|
| +// Copyright 2016 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#include "base/memory/ref_counted.h"
|
| +#include "base/strings/utf_string_conversions.h"
|
| +#include "chrome/browser/chromeos/extensions/signin_screen_policy_provider.h"
|
| +#include "components/version_info/version_info.h"
|
| +#include "extensions/common/extension_builder.h"
|
| +#include "extensions/common/features/feature_channel.h"
|
| +#include "extensions/common/features/feature_session_type.h"
|
| +#include "testing/gtest/include/gtest/gtest.h"
|
| +
|
| +using extensions::Extension;
|
| +
|
| +namespace {
|
| +
|
| +const char kRandomExtensionId[] = "abacabadabacabaeabacabadabacabaf";
|
| +// Gnubby
|
| +const char kGnubbyExtensionId[] = "beknehfpfkghjoafdifaflglpjkojoco";
|
| +// smart card connector
|
| +const char kSampleSigninExtensionId[] = "khpfeaanjngmcnplbdlpegiifgpfgdco";
|
| +
|
| +scoped_refptr<extensions::Extension> CreateTestApp(
|
| + const std::string& extension_id,
|
| + extensions::Manifest::Location location) {
|
| + return extensions::ExtensionBuilder()
|
| + .SetManifest(
|
| + extensions::DictionaryBuilder()
|
| + .Set("name", "test app")
|
| + .Set("version", "1")
|
| + .Set("manifest_version", 2)
|
| + .Set("app",
|
| + extensions::DictionaryBuilder()
|
| + .Set("background",
|
| + extensions::DictionaryBuilder()
|
| + .Set("persistent", "false")
|
| + .Set("scripts", extensions::ListBuilder()
|
| + .Append("background.js")
|
| + .Build())
|
| + .Build())
|
| + .Build())
|
| + .Set("storage",
|
| + extensions::DictionaryBuilder()
|
| + .Set("managed_schema", "managed_storage_schema.json")
|
| + .Build())
|
| + .Set("permissions", extensions::ListBuilder()
|
| + .Append("usb")
|
| + .Append("alwaysOnTopWindows")
|
| + .Build())
|
| + .Build())
|
| + .SetID(extension_id)
|
| + .SetLocation(location)
|
| + .Build();
|
| +}
|
| +
|
| +} // namespace
|
| +
|
| +class SigninScreenPolicyProviderTest : public testing::Test {
|
| + protected:
|
| + chromeos::SigninScreenPolicyProvider provider_;
|
| +};
|
| +
|
| +TEST_F(SigninScreenPolicyProviderTest, AllowPolicyExtensionOnDev) {
|
| + // On dev channel every extension installed via policy should work.
|
| + extensions::ScopedCurrentChannel channel(version_info::Channel::DEV);
|
| + scoped_refptr<extensions::Extension> extension = CreateTestApp(
|
| + kRandomExtensionId, extensions::Manifest::Location::EXTERNAL_POLICY);
|
| + base::string16 error;
|
| + EXPECT_TRUE(provider_.UserMayLoad(extension.get(), &error));
|
| + EXPECT_TRUE(error.empty());
|
| +}
|
| +
|
| +TEST_F(SigninScreenPolicyProviderTest, DenyRandomPolicyExtensionOnStable) {
|
| + // On stable channel arbitrary extension (though installed via policy)
|
| + // should be blocked.
|
| + extensions::ScopedCurrentChannel channel(version_info::Channel::STABLE);
|
| + scoped_refptr<extensions::Extension> extension = CreateTestApp(
|
| + kRandomExtensionId, extensions::Manifest::Location::EXTERNAL_POLICY);
|
| + base::string16 error;
|
| + EXPECT_FALSE(provider_.UserMayLoad(extension.get(), &error));
|
| + EXPECT_FALSE(error.empty());
|
| +}
|
| +
|
| +TEST_F(SigninScreenPolicyProviderTest, AllowEssentialExtensionOnStable) {
|
| + // Essential component extensions for the login screen should always work.
|
| + extensions::ScopedCurrentChannel channel(version_info::Channel::STABLE);
|
| + scoped_refptr<extensions::Extension> extension = CreateTestApp(
|
| + kGnubbyExtensionId, extensions::Manifest::Location::EXTERNAL_COMPONENT);
|
| + base::string16 error;
|
| + EXPECT_TRUE(provider_.UserMayLoad(extension.get(), &error));
|
| + EXPECT_TRUE(error.empty());
|
| +}
|
| +
|
| +TEST_F(SigninScreenPolicyProviderTest,
|
| + AllowWhitelistedExtensionViaPolicyOnStable) {
|
| + // Whitelisted Google-developed extensions should be available on
|
| + // stable if installed via policy.
|
| + // This test should be changed in future as we evolve feaature
|
| + // requirements.
|
| + extensions::ScopedCurrentChannel channel(version_info::Channel::STABLE);
|
| + scoped_refptr<extensions::Extension> extension =
|
| + CreateTestApp(kSampleSigninExtensionId,
|
| + extensions::Manifest::Location::EXTERNAL_POLICY);
|
| + base::string16 error;
|
| + EXPECT_TRUE(provider_.UserMayLoad(extension.get(), &error));
|
| + EXPECT_TRUE(error.empty());
|
| +}
|
| +
|
| +TEST_F(SigninScreenPolicyProviderTest,
|
| + DenyNonPolicyWhitelistedExtensionOnStable) {
|
| + // Google-developed extensions, if not installed via policy, should
|
| + // be disabled.
|
| + extensions::ScopedCurrentChannel channel(version_info::Channel::STABLE);
|
| + scoped_refptr<extensions::Extension> extension =
|
| + CreateTestApp(kSampleSigninExtensionId,
|
| + extensions::Manifest::Location::EXTERNAL_COMPONENT);
|
| + base::string16 error;
|
| + EXPECT_FALSE(provider_.UserMayLoad(extension.get(), &error));
|
| + EXPECT_FALSE(error.empty());
|
| +}
|
| +
|
| +TEST_F(SigninScreenPolicyProviderTest, DenyRandomNonPolicyExtensionOnDev) {
|
| + extensions::ScopedCurrentChannel channel(version_info::Channel::DEV);
|
| + scoped_refptr<extensions::Extension> extension = CreateTestApp(
|
| + kRandomExtensionId, extensions::Manifest::Location::EXTERNAL_COMPONENT);
|
| + base::string16 error;
|
| + EXPECT_FALSE(provider_.UserMayLoad(extension.get(), &error));
|
| + EXPECT_FALSE(error.empty());
|
| +}
|
|
|
Chromium Code Reviews
Issue 2159103006:
Add policy provider that would filter extensions/apps allowed on the (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master