Chromium Code Reviews Chromium Code Reviews
Issue 2387253002:
cros: Added policies for screen unlock. (Closed)
| Index: chrome/browser/chromeos/login/quick_unlock/pin_storage_unittest.cc |
| diff --git a/chrome/browser/chromeos/login/quick_unlock/pin_storage_unittest.cc b/chrome/browser/chromeos/login/quick_unlock/pin_storage_unittest.cc |
| index d0266f8f59eb96504b8a62f03f17a92a790002c5..ff4064d22ab3318a9a79b6aec1e59fc1a12365c0 100644 |
| --- a/chrome/browser/chromeos/login/quick_unlock/pin_storage_unittest.cc |
| +++ b/chrome/browser/chromeos/login/quick_unlock/pin_storage_unittest.cc |
| @@ -8,6 +8,7 @@ |
| #include "chrome/common/pref_names.h" |
| #include "chrome/test/base/testing_profile.h" |
| #include "components/prefs/pref_service.h" |
| +#include "components/prefs/scoped_user_pref_update.h" |
| #include "content/public/test/test_browser_thread_bundle.h" |
| #include "testing/gtest/include/gtest/gtest.h" |
| @@ -19,7 +20,9 @@ class PinStorageUnitTest : public testing::Test { |
| ~PinStorageUnitTest() override {} |
| // testing::Test: |
| - void SetUp() override { chromeos::EnableQuickUnlockForTesting(); } |
| + void SetUp() override { |
| + chromeos::quick_unlock::EnableQuickUnlockForTesting(); |
| + } |
| content::TestBrowserThreadBundle thread_bundle_; |
| std::unique_ptr<TestingProfile> profile_; |
| @@ -41,6 +44,10 @@ class PinStorageTestApi { |
| pin_storage_->last_strong_auth_ -= time_delta; |
| } |
| + bool HasStrongAuthInfo() { |
| + return !pin_storage_->last_strong_auth_.is_null(); |
| + } |
| + |
| std::string PinSalt() const { return pin_storage_->PinSalt(); } |
| std::string PinSecret() const { return pin_storage_->PinSecret(); } |
| @@ -106,11 +113,11 @@ TEST_F(PinStorageUnitTest, TimeSinceLastStrongAuthReturnsPositiveValue) { |
| chromeos::PinStorageFactory::GetForProfile(profile_.get()); |
| PinStorageTestApi pin_storage_test(pin_storage); |
| - EXPECT_FALSE(pin_storage->HasStrongAuth()); |
| + EXPECT_FALSE(pin_storage_test.HasStrongAuthInfo()); |
| pin_storage->MarkStrongAuth(); |
| - EXPECT_TRUE(pin_storage->HasStrongAuth()); |
| + EXPECT_TRUE(pin_storage_test.HasStrongAuthInfo()); |
| pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
| base::TimeDelta::FromSeconds(60)); |
| @@ -118,6 +125,71 @@ TEST_F(PinStorageUnitTest, TimeSinceLastStrongAuthReturnsPositiveValue) { |
| base::TimeDelta::FromSeconds(30)); |
| } |
| +// Verifies altering the password confirmation preference produces the expected |
| +// results. |
|
jdufault
2016/10/31 22:22:01
What are the expected results?
sammiequon
2016/11/01 04:33:17
Done.
|
| +TEST_F(PinStorageUnitTest, PasswordConfirmationFrequencyPreference) { |
| + chromeos::PinStorage* pin_storage = |
| + chromeos::PinStorageFactory::GetForProfile(profile_.get()); |
| + PrefService* pref_service = profile_->GetPrefs(); |
| + PinStorageTestApi pin_storage_test(pin_storage); |
| + |
| + // The default is one day, so verify moving time back 13 hours should not |
| + // request strong auth. |
| + pin_storage->MarkStrongAuth(); |
| + pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
| + base::TimeDelta::FromHours(13)); |
| + EXPECT_TRUE(pin_storage->HasStrongAuth()); |
| + |
| + // Verify moving time back another 13 hours should request strong auth. |
| + pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
| + base::TimeDelta::FromHours(13)); |
| + EXPECT_FALSE(pin_storage->HasStrongAuth()); |
| + |
| + // Reset the time since last strong auth. |
| + pin_storage->MarkStrongAuth(); |
| + |
| + // Verify that by changing the frequency of required password confirmation to |
| + // six hours, moving interval by 4 hours will not trigger a request for strong |
| + // auth, but moving interval by an additional 4 hours will. |
| + pref_service->SetInteger( |
|
jdufault
2016/10/31 22:22:02
Write a helper method to do this.
SetConfirmation
sammiequon
2016/11/01 04:33:17
Done.
|
| + prefs::kQuickUnlockTimeout, |
| + static_cast<int>( |
| + chromeos::quick_unlock::PasswordConfirmationFrequency::SIX_HOURS)); |
| + pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
| + base::TimeDelta::FromHours(4)); |
| + EXPECT_TRUE(pin_storage->HasStrongAuth()); |
| + pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
| + base::TimeDelta::FromHours(4)); |
| + EXPECT_FALSE(pin_storage->HasStrongAuth()); |
| + |
| + // Verify that by changing the frequency of required password confirmation to |
| + // twelve hours, the current interval of 8 hours will not trigger a request |
| + // for strong auth, but moving interval by an additional 5 hours will. |
| + pref_service->SetInteger( |
| + prefs::kQuickUnlockTimeout, |
| + static_cast<int>( |
| + chromeos::quick_unlock::PasswordConfirmationFrequency::TWELVE_HOURS)); |
| + EXPECT_TRUE(pin_storage->HasStrongAuth()); |
| + pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
|
jdufault
2016/10/31 22:22:01
What about renaming pin_storage_test to test_api?
sammiequon
2016/11/01 04:33:17
Done.
|
| + base::TimeDelta::FromHours(5)); |
| + EXPECT_FALSE(pin_storage->HasStrongAuth()); |
| + |
| + pin_storage->MarkStrongAuth(); |
| + // Verify that by changing the frequency of required password confirmation to |
| + // one week, moving interval by 3 days will not trigger a request for strong |
|
jdufault
2016/10/31 22:22:01
This is the same test four times over. I would eli
sammiequon
2016/11/01 04:33:17
Done.
|
| + // auth, but moving interval by an addition 5 days will. |
| + pref_service->SetInteger( |
| + prefs::kQuickUnlockTimeout, |
| + static_cast<int>( |
| + chromeos::quick_unlock::PasswordConfirmationFrequency::WEEK)); |
| + pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
| + base::TimeDelta::FromDays(3)); |
| + EXPECT_TRUE(pin_storage->HasStrongAuth()); |
| + pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
| + base::TimeDelta::FromDays(5)); |
| + EXPECT_FALSE(pin_storage->HasStrongAuth()); |
| +} |
| + |
| // Verifies that the correct pin can be used to authenticate. |
| TEST_F(PinStorageUnitTest, AuthenticationSucceedsWithRightPin) { |
| chromeos::PinStorage* pin_storage = |
| @@ -161,7 +233,7 @@ TEST_F(PinStorageUnitTest, AuthenticationFailsFromTimeout) { |
| // Remove all of the strong auth time so that we have a strong auth timeout. |
| pin_storage_test.ReduceRemainingStrongAuthTimeBy( |
| - chromeos::PinStorage::kStrongAuthTimeout + base::TimeDelta::FromHours(1)); |
| + base::TimeDelta::FromDays(10)); |
| EXPECT_FALSE(pin_storage->IsPinAuthenticationAvailable()); |
| } |
