| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include <memory> | |
| 6 #include <string> | |
| 7 | |
| 8 #include "base/macros.h" | |
| 9 #include "base/memory/ptr_util.h" | |
| 10 #include "base/message_loop/message_loop.h" | |
| 11 #include "base/values.h" | |
| 12 #include "chrome/browser/chromeos/arc/arc_policy_bridge.h" | |
| 13 #include "components/arc/test/fake_arc_bridge_service.h" | |
| 14 #include "components/arc/test/fake_policy_instance.h" | |
| 15 #include "components/policy/core/common/mock_policy_service.h" | |
| 16 #include "components/policy/core/common/policy_map.h" | |
| 17 #include "components/policy/core/common/policy_namespace.h" | |
| 18 #include "components/policy/core/common/policy_types.h" | |
| 19 #include "components/policy/policy_constants.h" | |
| 20 #include "mojo/public/cpp/bindings/string.h" | |
| 21 #include "testing/gmock/include/gmock/gmock.h" | |
| 22 #include "testing/gtest/include/gtest/gtest.h" | |
| 23 | |
| 24 namespace { | |
| 25 | |
| 26 char kFakeONC[] = | |
| 27 "{\"NetworkConfigurations\":[" | |
| 28 "{\"GUID\":\"{485d6076-dd44-6b6d-69787465725f5040}\"," | |
| 29 "\"Type\":\"WiFi\"," | |
| 30 "\"Name\":\"My WiFi Network\"," | |
| 31 "\"WiFi\":{" | |
| 32 "\"HexSSID\":\"737369642D6E6F6E65\"," // "ssid-none" | |
| 33 "\"Security\":\"None\"}" | |
| 34 "}" | |
| 35 "]," | |
| 36 "\"GlobalNetworkConfiguration\":{" | |
| 37 "\"AllowOnlyPolicyNetworksToAutoconnect\":true," | |
| 38 "}," | |
| 39 "\"Certificates\":[" | |
| 40 "{ \"GUID\":\"{f998f760-272b-6939-4c2beffe428697ac}\"," | |
| 41 "\"PKCS12\":\"abc\"," | |
| 42 "\"Type\":\"Client\"}," | |
| 43 "{\"Type\":\"Authority\"," | |
| 44 "\"TrustBits\":[\"Web\"]," | |
| 45 "\"X509\":\"TWFuIGlzIGRpc3Rpbmd1aXNoZWQsIG5vdCBvbmx5IGJ5IGhpcyByZWFzb24sIGJ" | |
| 46 "1dCBieSB0aGlzIHNpbmd1bGFyIHBhc3Npb24gZnJvbSBvdGhlciBhbmltYWxzLCB3aGljaCBpc" | |
| 47 "yBhIGx1c3Qgb2YgdGhlIG1pbmQsIHRoYXQgYnkgYSBwZXJzZXZlcmFuY2Ugb2YgZGVsaWdodCB" | |
| 48 "pbiB0aGUgY29udGludWVkIGFuZCBpbmRlZmF0aWdhYmxlIGdlbmVyYXRpb24gb2Yga25vd2xlZ" | |
| 49 "GdlLCBleGNlZWRzIHRoZSBzaG9ydCB2ZWhlbWVuY2Ugb2YgYW55IGNhcm5hbCBwbGVhc3VyZS4" | |
| 50 "=\"," | |
| 51 "\"GUID\":\"{00f79111-51e0-e6e0-76b3b55450d80a1b}\"}" | |
| 52 "]}"; | |
| 53 | |
| 54 // Helper class to define a PolicyStringCallback which verifies that it was run. | |
| 55 // Wraps a bool initially set to |false| and verifies that it's been set to | |
| 56 // |true| before destruction. | |
| 57 class CheckedBoolean { | |
| 58 public: | |
| 59 CheckedBoolean() {} | |
| 60 ~CheckedBoolean() { EXPECT_TRUE(value_); } | |
| 61 | |
| 62 void set_value(bool value) { value_ = value; } | |
| 63 | |
| 64 private: | |
| 65 bool value_ = false; | |
| 66 | |
| 67 DISALLOW_COPY_AND_ASSIGN(CheckedBoolean); | |
| 68 }; | |
| 69 | |
| 70 void ExpectPolicyString(std::unique_ptr<CheckedBoolean> was_run, | |
| 71 mojo::String expected, | |
| 72 mojo::String policies) { | |
| 73 EXPECT_EQ(expected, policies); | |
| 74 was_run->set_value(true); | |
| 75 } | |
| 76 | |
| 77 arc::ArcPolicyBridge::GetPoliciesCallback PolicyStringCallback( | |
| 78 mojo::String expected) { | |
| 79 std::unique_ptr<CheckedBoolean> was_run(new CheckedBoolean); | |
| 80 return base::Bind(&ExpectPolicyString, base::Passed(&was_run), | |
| 81 base::Passed(&expected)); | |
| 82 } | |
| 83 | |
| 84 } // namespace | |
| 85 | |
| 86 using testing::_; | |
| 87 using testing::ReturnRef; | |
| 88 | |
| 89 namespace arc { | |
| 90 | |
| 91 class ArcPolicyBridgeTest : public testing::Test { | |
| 92 public: | |
| 93 ArcPolicyBridgeTest() {} | |
| 94 | |
| 95 void SetUp() override { | |
| 96 bridge_service_.reset(new FakeArcBridgeService()); | |
| 97 policy_bridge_.reset( | |
| 98 new ArcPolicyBridge(bridge_service_.get(), &policy_service_)); | |
| 99 policy_bridge_->OverrideIsManagedForTesting(true); | |
| 100 | |
| 101 EXPECT_CALL(policy_service_, | |
| 102 GetPolicies(policy::PolicyNamespace( | |
| 103 policy::POLICY_DOMAIN_CHROME, std::string()))) | |
| 104 .WillRepeatedly(ReturnRef(policy_map_)); | |
| 105 EXPECT_CALL(policy_service_, AddObserver(policy::POLICY_DOMAIN_CHROME, _)) | |
| 106 .Times(1); | |
| 107 | |
| 108 policy_instance_.reset(new FakePolicyInstance); | |
| 109 bridge_service_->policy()->SetInstance(policy_instance_.get()); | |
| 110 } | |
| 111 | |
| 112 protected: | |
| 113 ArcPolicyBridge* policy_bridge() { return policy_bridge_.get(); } | |
| 114 FakePolicyInstance* policy_instance() { return policy_instance_.get(); } | |
| 115 policy::PolicyMap& policy_map() { return policy_map_; } | |
| 116 | |
| 117 private: | |
| 118 // Not an unused variable. Unit tests do not have a message loop by themselves | |
| 119 // and mojo needs a message loop for communication. | |
| 120 base::MessageLoop loop_; | |
| 121 std::unique_ptr<FakeArcBridgeService> bridge_service_; | |
| 122 std::unique_ptr<ArcPolicyBridge> policy_bridge_; | |
| 123 // Always keep policy_instance_ below bridge_service_, so that | |
| 124 // policy_instance_ is destructed first. It needs to remove itself as | |
| 125 // observer. | |
| 126 std::unique_ptr<FakePolicyInstance> policy_instance_; | |
| 127 policy::PolicyMap policy_map_; | |
| 128 policy::MockPolicyService policy_service_; | |
| 129 | |
| 130 DISALLOW_COPY_AND_ASSIGN(ArcPolicyBridgeTest); | |
| 131 }; | |
| 132 | |
| 133 TEST_F(ArcPolicyBridgeTest, UnmanagedTest) { | |
| 134 policy_bridge()->OverrideIsManagedForTesting(false); | |
| 135 policy_bridge()->GetPolicies(PolicyStringCallback("")); | |
| 136 } | |
| 137 | |
| 138 TEST_F(ArcPolicyBridgeTest, EmptyPolicyTest) { | |
| 139 // No policy is set, result should be empty. | |
| 140 policy_bridge()->GetPolicies(PolicyStringCallback("{}")); | |
| 141 } | |
| 142 | |
| 143 TEST_F(ArcPolicyBridgeTest, ArcPolicyTest) { | |
| 144 policy_map().Set( | |
| 145 policy::key::kArcPolicy, policy::POLICY_LEVEL_MANDATORY, | |
| 146 policy::POLICY_SCOPE_USER, policy::POLICY_SOURCE_CLOUD, | |
| 147 base::MakeUnique<base::StringValue>( | |
| 148 "{\"applications\":" | |
| 149 "[{\"packageName\":\"com.google.android.apps.youtube.kids\"," | |
| 150 "\"installType\":\"REQUIRED\"," | |
| 151 "\"lockTaskAllowed\":false," | |
| 152 "\"permissionGrants\":[]" | |
| 153 "}]," | |
| 154 "\"defaultPermissionPolicy\":\"GRANT\"" | |
| 155 "}"), | |
| 156 nullptr); | |
| 157 policy_bridge()->GetPolicies(PolicyStringCallback( | |
| 158 "{\"applications\":" | |
| 159 "[{\"installType\":\"REQUIRED\"," | |
| 160 "\"lockTaskAllowed\":false," | |
| 161 "\"packageName\":\"com.google.android.apps.youtube.kids\"," | |
| 162 "\"permissionGrants\":[]" | |
| 163 "}]," | |
| 164 "\"defaultPermissionPolicy\":\"GRANT\"" | |
| 165 "}")); | |
| 166 } | |
| 167 | |
| 168 TEST_F(ArcPolicyBridgeTest, HompageLocationTest) { | |
| 169 // This policy will not be passed on, result should be empty. | |
| 170 policy_map().Set( | |
| 171 policy::key::kHomepageLocation, policy::POLICY_LEVEL_MANDATORY, | |
| 172 policy::POLICY_SCOPE_USER, policy::POLICY_SOURCE_CLOUD, | |
| 173 base::MakeUnique<base::StringValue>("http://chromium.org"), nullptr); | |
| 174 policy_bridge()->GetPolicies(PolicyStringCallback("{}")); | |
| 175 } | |
| 176 | |
| 177 TEST_F(ArcPolicyBridgeTest, DisableScreenshotsTest) { | |
| 178 policy_map().Set(policy::key::kDisableScreenshots, | |
| 179 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER, | |
| 180 policy::POLICY_SOURCE_CLOUD, | |
| 181 base::MakeUnique<base::FundamentalValue>(true), nullptr); | |
| 182 policy_bridge()->GetPolicies( | |
| 183 PolicyStringCallback("{\"screenCaptureDisabled\":true}")); | |
| 184 } | |
| 185 | |
| 186 TEST_F(ArcPolicyBridgeTest, VideoCaptureAllowedTest) { | |
| 187 policy_map().Set(policy::key::kVideoCaptureAllowed, | |
| 188 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER, | |
| 189 policy::POLICY_SOURCE_CLOUD, | |
| 190 base::MakeUnique<base::FundamentalValue>(false), nullptr); | |
| 191 policy_bridge()->GetPolicies( | |
| 192 PolicyStringCallback("{\"cameraDisabled\":true}")); | |
| 193 } | |
| 194 | |
| 195 TEST_F(ArcPolicyBridgeTest, AudioCaptureAllowedTest) { | |
| 196 policy_map().Set(policy::key::kAudioCaptureAllowed, | |
| 197 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER, | |
| 198 policy::POLICY_SOURCE_CLOUD, | |
| 199 base::MakeUnique<base::FundamentalValue>(false), nullptr); | |
| 200 policy_bridge()->GetPolicies( | |
| 201 PolicyStringCallback("{\"unmuteMicrophoneDisabled\":true}")); | |
| 202 } | |
| 203 | |
| 204 TEST_F(ArcPolicyBridgeTest, DefaultGeolocationSettingTest) { | |
| 205 policy_map().Set(policy::key::kDefaultGeolocationSetting, | |
| 206 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER, | |
| 207 policy::POLICY_SOURCE_CLOUD, | |
| 208 base::MakeUnique<base::FundamentalValue>(1), nullptr); | |
| 209 policy_bridge()->GetPolicies( | |
| 210 PolicyStringCallback("{\"shareLocationDisabled\":false}")); | |
| 211 policy_map().Set(policy::key::kDefaultGeolocationSetting, | |
| 212 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER, | |
| 213 policy::POLICY_SOURCE_CLOUD, | |
| 214 base::MakeUnique<base::FundamentalValue>(2), nullptr); | |
| 215 policy_bridge()->GetPolicies( | |
| 216 PolicyStringCallback("{\"shareLocationDisabled\":true}")); | |
| 217 policy_map().Set(policy::key::kDefaultGeolocationSetting, | |
| 218 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER, | |
| 219 policy::POLICY_SOURCE_CLOUD, | |
| 220 base::MakeUnique<base::FundamentalValue>(3), nullptr); | |
| 221 policy_bridge()->GetPolicies( | |
| 222 PolicyStringCallback("{\"shareLocationDisabled\":false}")); | |
| 223 } | |
| 224 | |
| 225 TEST_F(ArcPolicyBridgeTest, ExternalStorageDisabledTest) { | |
| 226 policy_map().Set(policy::key::kExternalStorageDisabled, | |
| 227 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER, | |
| 228 policy::POLICY_SOURCE_CLOUD, | |
| 229 base::MakeUnique<base::FundamentalValue>(true), nullptr); | |
| 230 policy_bridge()->GetPolicies( | |
| 231 PolicyStringCallback("{\"mountPhysicalMediaDisabled\":true}")); | |
| 232 } | |
| 233 | |
| 234 TEST_F(ArcPolicyBridgeTest, URLBlacklistTest) { | |
| 235 base::ListValue blacklist; | |
| 236 blacklist.AppendString("www.blacklist1.com"); | |
| 237 blacklist.AppendString("www.blacklist2.com"); | |
| 238 policy_map().Set(policy::key::kURLBlacklist, policy::POLICY_LEVEL_MANDATORY, | |
| 239 policy::POLICY_SCOPE_USER, policy::POLICY_SOURCE_CLOUD, | |
| 240 blacklist.CreateDeepCopy(), nullptr); | |
| 241 policy_bridge()->GetPolicies( | |
| 242 PolicyStringCallback("{\"globalAppRestrictions\":" | |
| 243 "{\"com.android.browser:URLBlacklist\":" | |
| 244 "[\"www.blacklist1.com\"," | |
| 245 "\"www.blacklist2.com\"" | |
| 246 "]}}")); | |
| 247 } | |
| 248 | |
| 249 TEST_F(ArcPolicyBridgeTest, URLWhitelistTest) { | |
| 250 base::ListValue whitelist; | |
| 251 whitelist.AppendString("www.whitelist1.com"); | |
| 252 whitelist.AppendString("www.whitelist2.com"); | |
| 253 policy_map().Set(policy::key::kURLWhitelist, policy::POLICY_LEVEL_MANDATORY, | |
| 254 policy::POLICY_SCOPE_USER, policy::POLICY_SOURCE_CLOUD, | |
| 255 whitelist.CreateDeepCopy(), nullptr); | |
| 256 policy_bridge()->GetPolicies( | |
| 257 PolicyStringCallback("{\"globalAppRestrictions\":" | |
| 258 "{\"com.android.browser:URLWhitelist\":" | |
| 259 "[\"www.whitelist1.com\"," | |
| 260 "\"www.whitelist2.com\"" | |
| 261 "]}}")); | |
| 262 } | |
| 263 | |
| 264 TEST_F(ArcPolicyBridgeTest, CaCertificateTest) { | |
| 265 // Enable CA certificates sync. | |
| 266 policy_map().Set( | |
| 267 policy::key::kArcCertificatesSyncMode, policy::POLICY_LEVEL_MANDATORY, | |
| 268 policy::POLICY_SCOPE_USER, policy::POLICY_SOURCE_CLOUD, | |
| 269 base::MakeUnique<base::FundamentalValue>(ArcCertsSyncMode::COPY_CA_CERTS), | |
| 270 nullptr); | |
| 271 policy_map().Set(policy::key::kOpenNetworkConfiguration, | |
| 272 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER, | |
| 273 policy::POLICY_SOURCE_CLOUD, | |
| 274 base::MakeUnique<base::StringValue>(kFakeONC), nullptr); | |
| 275 policy_bridge()->GetPolicies(PolicyStringCallback( | |
| 276 "{\"caCerts\":" | |
| 277 "[{\"X509\":\"TWFuIGlzIGRpc3Rpbmd1aXNoZWQsIG5vdCBvbmx5IGJ5IGhpcyByZWFzb24" | |
| 278 "sIGJ1dCBieSB0aGlzIHNpbmd1bGFyIHBhc3Npb24gZnJvbSBvdGhlciBhbmltYWxzLCB3aGl" | |
| 279 "jaCBpcyBhIGx1c3Qgb2YgdGhlIG1pbmQsIHRoYXQgYnkgYSBwZXJzZXZlcmFuY2Ugb2YgZGV" | |
| 280 "saWdodCBpbiB0aGUgY29udGludWVkIGFuZCBpbmRlZmF0aWdhYmxlIGdlbmVyYXRpb24gb2Y" | |
| 281 "ga25vd2xlZGdlLCBleGNlZWRzIHRoZSBzaG9ydCB2ZWhlbWVuY2Ugb2YgYW55IGNhcm5hbCB" | |
| 282 "wbGVhc3VyZS4=\"}" | |
| 283 "]}")); | |
| 284 | |
| 285 // Disable CA certificates sync. | |
| 286 policy_map().Set( | |
| 287 policy::key::kArcCertificatesSyncMode, policy::POLICY_LEVEL_MANDATORY, | |
| 288 policy::POLICY_SCOPE_USER, policy::POLICY_SOURCE_CLOUD, | |
| 289 base::MakeUnique<base::FundamentalValue>(ArcCertsSyncMode::SYNC_DISABLED), | |
| 290 nullptr); | |
| 291 policy_bridge()->GetPolicies(PolicyStringCallback("{}")); | |
| 292 } | |
| 293 | |
| 294 TEST_F(ArcPolicyBridgeTest, DeveloperToolsDisabledTest) { | |
| 295 policy_map().Set(policy::key::kDeveloperToolsDisabled, | |
| 296 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER, | |
| 297 policy::POLICY_SOURCE_CLOUD, | |
| 298 base::MakeUnique<base::FundamentalValue>(true), nullptr); | |
| 299 policy_bridge()->GetPolicies( | |
| 300 PolicyStringCallback("{\"debuggingFeaturesDisabled\":true}")); | |
| 301 } | |
| 302 | |
| 303 TEST_F(ArcPolicyBridgeTest, MultiplePoliciesTest) { | |
| 304 policy_map().Set( | |
| 305 policy::key::kArcPolicy, policy::POLICY_LEVEL_MANDATORY, | |
| 306 policy::POLICY_SCOPE_USER, policy::POLICY_SOURCE_CLOUD, | |
| 307 base::MakeUnique<base::StringValue>( | |
| 308 "{\"applications\":" | |
| 309 "[{\"packageName\":\"com.google.android.apps.youtube.kids\"," | |
| 310 "\"installType\":\"REQUIRED\"," | |
| 311 "\"lockTaskAllowed\":false," | |
| 312 "\"permissionGrants\":[]" | |
| 313 "}]," | |
| 314 "\"defaultPermissionPolicy\":\"GRANT\"}"), | |
| 315 nullptr); | |
| 316 policy_map().Set( | |
| 317 policy::key::kHomepageLocation, policy::POLICY_LEVEL_MANDATORY, | |
| 318 policy::POLICY_SCOPE_USER, policy::POLICY_SOURCE_CLOUD, | |
| 319 base::MakeUnique<base::StringValue>("http://chromium.org"), nullptr); | |
| 320 policy_map().Set(policy::key::kVideoCaptureAllowed, | |
| 321 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER, | |
| 322 policy::POLICY_SOURCE_CLOUD, | |
| 323 base::MakeUnique<base::FundamentalValue>(false), nullptr); | |
| 324 policy_bridge()->GetPolicies(PolicyStringCallback( | |
| 325 "{\"applications\":" | |
| 326 "[{\"installType\":\"REQUIRED\"," | |
| 327 "\"lockTaskAllowed\":false," | |
| 328 "\"packageName\":\"com.google.android.apps.youtube.kids\"," | |
| 329 "\"permissionGrants\":[]" | |
| 330 "}]," | |
| 331 "\"cameraDisabled\":true," | |
| 332 "\"defaultPermissionPolicy\":\"GRANT\"" | |
| 333 "}")); | |
| 334 } | |
| 335 | |
| 336 // This and the following test send the policies through a mojo connection | |
| 337 // between a PolicyInstance and the PolicyBridge. | |
| 338 TEST_F(ArcPolicyBridgeTest, PolicyInstanceUnmanagedTest) { | |
| 339 policy_bridge()->OverrideIsManagedForTesting(false); | |
| 340 policy_instance()->CallGetPolicies(PolicyStringCallback("")); | |
| 341 } | |
| 342 | |
| 343 TEST_F(ArcPolicyBridgeTest, PolicyInstanceManagedTest) { | |
| 344 policy_instance()->CallGetPolicies(PolicyStringCallback("{}")); | |
| 345 } | |
| 346 | |
| 347 } // namespace arc | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2441563002:
arc: Create intermediate directories in c/b/c/arc (Closed)
