| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.h" | 5 #include "chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/callback.h" | 9 #include "base/callback.h" |
| 10 #include "base/macros.h" | 10 #include "base/macros.h" |
| 11 #include "base/memory/ref_counted.h" | 11 #include "base/memory/ref_counted.h" |
| 12 #include "base/message_loop/message_loop.h" | 12 #include "base/message_loop/message_loop.h" |
| 13 #include "base/run_loop.h" | 13 #include "base/run_loop.h" |
| 14 #include "base/sequenced_task_runner.h" | 14 #include "base/sequenced_task_runner.h" |
| 15 #include "base/strings/string_util.h" | 15 #include "base/strings/string_util.h" |
| 16 #include "base/strings/utf_string_conversions.h" | 16 #include "base/strings/utf_string_conversions.h" |
| 17 #include "base/test/test_simple_task_runner.h" | 17 #include "base/test/test_simple_task_runner.h" |
| 18 #include "chrome/browser/chromeos/login/users/fake_chrome_user_manager.h" | 18 #include "chrome/browser/chromeos/login/users/fake_chrome_user_manager.h" |
| 19 #include "chrome/browser/chromeos/login/users/scoped_user_manager_enabler.h" | 19 #include "chrome/browser/chromeos/login/users/scoped_user_manager_enabler.h" |
| 20 #include "chrome/browser/chromeos/policy/user_cloud_policy_token_forwarder.h" | 20 #include "chrome/browser/chromeos/policy/user_cloud_policy_token_forwarder.h" |
| 21 #include "chrome/browser/chromeos/profiles/profile_helper.h" | 21 #include "chrome/browser/chromeos/profiles/profile_helper.h" |
| 22 #include "chrome/browser/policy/cloud/cloud_policy_test_utils.h" |
| 22 #include "chrome/browser/prefs/browser_prefs.h" | 23 #include "chrome/browser/prefs/browser_prefs.h" |
| 23 #include "chrome/browser/signin/fake_profile_oauth2_token_service_builder.h" | 24 #include "chrome/browser/signin/fake_profile_oauth2_token_service_builder.h" |
| 24 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h" | 25 #include "chrome/browser/signin/profile_oauth2_token_service_factory.h" |
| 25 #include "chrome/browser/signin/signin_manager_factory.h" | 26 #include "chrome/browser/signin/signin_manager_factory.h" |
| 26 #include "chrome/common/chrome_constants.h" | 27 #include "chrome/common/chrome_constants.h" |
| 27 #include "chrome/test/base/testing_browser_process.h" | 28 #include "chrome/test/base/testing_browser_process.h" |
| 28 #include "chrome/test/base/testing_profile.h" | 29 #include "chrome/test/base/testing_profile.h" |
| 29 #include "chrome/test/base/testing_profile_manager.h" | 30 #include "chrome/test/base/testing_profile_manager.h" |
| 30 #include "components/policy/core/common/cloud/cloud_external_data_manager.h" | 31 #include "components/policy/core/common/cloud/cloud_external_data_manager.h" |
| 31 #include "components/policy/core/common/cloud/mock_cloud_external_data_manager.h
" | 32 #include "components/policy/core/common/cloud/mock_cloud_external_data_manager.h
" |
| (...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 106 base::UTF8ToUTF16(""), 0, std::string(), factories); | 107 base::UTF8ToUTF16(""), 0, std::string(), factories); |
| 107 // Usually the signin Profile and the main Profile are separate, but since | 108 // Usually the signin Profile and the main Profile are separate, but since |
| 108 // the signin Profile is an OTR Profile then for this test it suffices to | 109 // the signin Profile is an OTR Profile then for this test it suffices to |
| 109 // attach it to the main Profile. | 110 // attach it to the main Profile. |
| 110 signin_profile_ = TestingProfile::Builder().BuildIncognito(profile_); | 111 signin_profile_ = TestingProfile::Builder().BuildIncognito(profile_); |
| 111 ASSERT_EQ(signin_profile_, chromeos::ProfileHelper::GetSigninProfile()); | 112 ASSERT_EQ(signin_profile_, chromeos::ProfileHelper::GetSigninProfile()); |
| 112 | 113 |
| 113 chrome::RegisterLocalState(prefs_.registry()); | 114 chrome::RegisterLocalState(prefs_.registry()); |
| 114 | 115 |
| 115 // Set up a policy map for testing. | 116 // Set up a policy map for testing. |
| 117 GetExpectedDefaultPolicy(&policy_map_); |
| 116 policy_map_.Set(key::kHomepageLocation, POLICY_LEVEL_MANDATORY, | 118 policy_map_.Set(key::kHomepageLocation, POLICY_LEVEL_MANDATORY, |
| 117 POLICY_SCOPE_USER, POLICY_SOURCE_CLOUD, | 119 POLICY_SCOPE_USER, POLICY_SOURCE_CLOUD, |
| 118 base::MakeUnique<base::StringValue>("http://chromium.org"), | 120 base::MakeUnique<base::StringValue>("http://chromium.org"), |
| 119 nullptr); | 121 nullptr); |
| 120 policy_map_.Set( | |
| 121 key::kChromeOsMultiProfileUserBehavior, POLICY_LEVEL_MANDATORY, | |
| 122 POLICY_SCOPE_USER, POLICY_SOURCE_ENTERPRISE_DEFAULT, | |
| 123 base::MakeUnique<base::StringValue>("primary-only"), nullptr); | |
| 124 policy_map_.Set(key::kEasyUnlockAllowed, POLICY_LEVEL_MANDATORY, | |
| 125 POLICY_SCOPE_USER, POLICY_SOURCE_CLOUD, | |
| 126 base::MakeUnique<base::FundamentalValue>(false), nullptr); | |
| 127 policy_map_.Set(key::kCaptivePortalAuthenticationIgnoresProxy, | |
| 128 POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, | |
| 129 POLICY_SOURCE_CLOUD, | |
| 130 base::MakeUnique<base::FundamentalValue>(false), nullptr); | |
| 131 policy_map_.Set(key::kAllowDinosaurEasterEgg, POLICY_LEVEL_MANDATORY, | |
| 132 POLICY_SCOPE_USER, POLICY_SOURCE_ENTERPRISE_DEFAULT, | |
| 133 base::MakeUnique<base::FundamentalValue>(false), nullptr); | |
| 134 expected_bundle_.Get(PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())) | 122 expected_bundle_.Get(PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())) |
| 135 .CopyFrom(policy_map_); | 123 .CopyFrom(policy_map_); |
| 136 | 124 |
| 137 // Create fake policy blobs to deliver to the client. | 125 // Create fake policy blobs to deliver to the client. |
| 138 em::DeviceRegisterResponse* register_response = | 126 em::DeviceRegisterResponse* register_response = |
| 139 register_blob_.mutable_register_response(); | 127 register_blob_.mutable_register_response(); |
| 140 register_response->set_device_management_token("dmtoken123"); | 128 register_response->set_device_management_token("dmtoken123"); |
| 141 | 129 |
| 142 em::CloudPolicySettings policy_proto; | 130 em::CloudPolicySettings policy_proto; |
| 143 policy_proto.mutable_homepagelocation()->set_value("http://chromium.org"); | 131 policy_proto.mutable_homepagelocation()->set_value("http://chromium.org"); |
| 144 ASSERT_TRUE( | 132 ASSERT_TRUE( |
| 145 policy_proto.SerializeToString(policy_data_.mutable_policy_value())); | 133 policy_proto.SerializeToString(policy_data_.mutable_policy_value())); |
| 146 policy_data_.set_policy_type(dm_protocol::kChromeUserPolicyType); | 134 policy_data_.set_policy_type(dm_protocol::kChromeUserPolicyType); |
| 147 policy_data_.set_request_token("dmtoken123"); | 135 policy_data_.set_request_token("dmtoken123"); |
| 148 policy_data_.set_device_id("id987"); | 136 policy_data_.set_device_id("id987"); |
| 137 policy_data_.set_username("user@example.com"); |
| 149 em::PolicyFetchResponse* policy_response = | 138 em::PolicyFetchResponse* policy_response = |
| 150 policy_blob_.mutable_policy_response()->add_response(); | 139 policy_blob_.mutable_policy_response()->add_response(); |
| 151 ASSERT_TRUE(policy_data_.SerializeToString( | 140 ASSERT_TRUE(policy_data_.SerializeToString( |
| 152 policy_response->mutable_policy_data())); | 141 policy_response->mutable_policy_data())); |
| 153 | 142 |
| 154 EXPECT_CALL(device_management_service_, StartJob(_, _, _, _, _, _)) | 143 EXPECT_CALL(device_management_service_, StartJob(_, _, _, _, _, _)) |
| 155 .Times(AnyNumber()); | 144 .Times(AnyNumber()); |
| 156 } | 145 } |
| 157 | 146 |
| 158 void TearDown() override { | 147 void TearDown() override { |
| (...skipping 209 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 368 MockDeviceManagementJob* register_request = IssueOAuthToken(false); | 357 MockDeviceManagementJob* register_request = IssueOAuthToken(false); |
| 369 ASSERT_TRUE(register_request); | 358 ASSERT_TRUE(register_request); |
| 370 | 359 |
| 371 // Reply with a valid registration response. This triggers the initial policy | 360 // Reply with a valid registration response. This triggers the initial policy |
| 372 // fetch. | 361 // fetch. |
| 373 FetchPolicy(base::Bind(&MockDeviceManagementJob::SendResponse, | 362 FetchPolicy(base::Bind(&MockDeviceManagementJob::SendResponse, |
| 374 base::Unretained(register_request), | 363 base::Unretained(register_request), |
| 375 DM_STATUS_SUCCESS, register_blob_)); | 364 DM_STATUS_SUCCESS, register_blob_)); |
| 376 } | 365 } |
| 377 | 366 |
| 378 // Test disabled. See crbug.com/534733. | 367 TEST_F(UserCloudPolicyManagerChromeOSTest, BlockingRefreshFetch) { |
| 379 TEST_F(UserCloudPolicyManagerChromeOSTest, DISABLED_BlockingRefreshFetch) { | |
| 380 // Tests the initialization of a manager whose Profile is waiting for the | 368 // Tests the initialization of a manager whose Profile is waiting for the |
| 381 // initial fetch, when a previously cached policy and DMToken already exist. | 369 // initial fetch, when a previously cached policy and DMToken already exist. |
| 382 ASSERT_NO_FATAL_FAILURE(CreateManager(true, 1000)); | 370 ASSERT_NO_FATAL_FAILURE(CreateManager(true, 1000)); |
| 383 | 371 |
| 384 // Set the initially cached data and initialize the CloudPolicyService. | 372 // Set the initially cached data and initialize the CloudPolicyService. |
| 385 // The initial policy fetch is issued using the cached DMToken. | 373 // The initial policy fetch is issued using the cached DMToken. |
| 386 store_->policy_.reset(new em::PolicyData(policy_data_)); | 374 store_->policy_.reset(new em::PolicyData(policy_data_)); |
| 387 FetchPolicy(base::Bind(&MockCloudPolicyStore::NotifyStoreLoaded, | 375 FetchPolicy(base::Bind(&MockCloudPolicyStore::NotifyStoreLoaded, |
| 388 base::Unretained(store_))); | 376 base::Unretained(store_))); |
| 389 } | 377 } |
| (...skipping 110 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 500 // also correct and makes the implementation simpler. | 488 // also correct and makes the implementation simpler. |
| 501 EXPECT_CALL(observer_, OnUpdatePolicy(manager_.get())).Times(AtLeast(1)); | 489 EXPECT_CALL(observer_, OnUpdatePolicy(manager_.get())).Times(AtLeast(1)); |
| 502 EXPECT_FALSE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); | 490 EXPECT_FALSE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); |
| 503 policy_request->SendResponse(DM_STATUS_TEMPORARY_UNAVAILABLE, | 491 policy_request->SendResponse(DM_STATUS_TEMPORARY_UNAVAILABLE, |
| 504 em::DeviceManagementResponse()); | 492 em::DeviceManagementResponse()); |
| 505 Mock::VerifyAndClearExpectations(&observer_); | 493 Mock::VerifyAndClearExpectations(&observer_); |
| 506 EXPECT_TRUE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); | 494 EXPECT_TRUE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); |
| 507 EXPECT_TRUE(PolicyBundle().Equals(manager_->policies())); | 495 EXPECT_TRUE(PolicyBundle().Equals(manager_->policies())); |
| 508 } | 496 } |
| 509 | 497 |
| 510 // Test disabled. See crbug.com/534733. | 498 TEST_F(UserCloudPolicyManagerChromeOSTest, BlockingFetchTimeout) { |
| 511 TEST_F(UserCloudPolicyManagerChromeOSTest, DISABLED_BlockingFetchTimeout) { | 499 ASSERT_NO_FATAL_FAILURE(CreateManager(true, 1000)); |
| 512 // The blocking fetch should be abandoned after the timeout. | |
| 513 ASSERT_NO_FATAL_FAILURE(CreateManager(true, 0)); | |
| 514 | 500 |
| 515 // Initialize the CloudPolicyService without any stored data. | 501 // Initialize the CloudPolicyService without any stored data. |
| 516 EXPECT_FALSE(manager_->core()->service()->IsInitializationComplete()); | 502 EXPECT_FALSE(manager_->core()->service()->IsInitializationComplete()); |
| 517 store_->NotifyStoreLoaded(); | 503 store_->NotifyStoreLoaded(); |
| 518 EXPECT_TRUE(manager_->core()->service()->IsInitializationComplete()); | 504 EXPECT_TRUE(manager_->core()->service()->IsInitializationComplete()); |
| 519 EXPECT_FALSE(manager_->core()->client()->is_registered()); | 505 EXPECT_FALSE(manager_->core()->client()->is_registered()); |
| 520 | 506 |
| 521 // Running the message loop should trigger the timeout. | 507 // Triggering the timeout should invoke our callback. |
| 522 EXPECT_CALL(observer_, OnUpdatePolicy(manager_.get())).Times(AtLeast(1)); | 508 EXPECT_CALL(observer_, OnUpdatePolicy(manager_.get())).Times(AtLeast(1)); |
| 523 EXPECT_FALSE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); | 509 EXPECT_FALSE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); |
| 524 base::RunLoop().RunUntilIdle(); | 510 manager_->ForceTimeoutForTest(); |
| 525 Mock::VerifyAndClearExpectations(&observer_); | 511 Mock::VerifyAndClearExpectations(&observer_); |
| 526 EXPECT_TRUE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); | 512 EXPECT_TRUE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); |
| 527 EXPECT_TRUE(PolicyBundle().Equals(manager_->policies())); | 513 EXPECT_TRUE(PolicyBundle().Equals(manager_->policies())); |
| 528 } | 514 } |
| 529 | 515 |
| 530 // Test disabled. See crbug.com/534733. | 516 TEST_F(UserCloudPolicyManagerChromeOSTest, NonBlockingFirstFetch) { |
| 531 TEST_F(UserCloudPolicyManagerChromeOSTest, DISABLED_NonBlockingFirstFetch) { | |
| 532 // Tests the first policy fetch request by a Profile that isn't managed. | 517 // Tests the first policy fetch request by a Profile that isn't managed. |
| 533 ASSERT_NO_FATAL_FAILURE(CreateManager(false, 1000)); | 518 ASSERT_NO_FATAL_FAILURE(CreateManager(false, 0)); |
| 534 | 519 |
| 535 // Initialize the CloudPolicyService without any stored data. Since the | 520 // Initialize the CloudPolicyService without any stored data. Since the |
| 536 // manager is not waiting for the initial fetch, it will become initialized | 521 // manager is not waiting for the initial fetch, it will become initialized |
| 537 // once the store is ready. | 522 // once the store is ready. |
| 538 EXPECT_FALSE(manager_->core()->service()->IsInitializationComplete()); | 523 EXPECT_FALSE(manager_->core()->service()->IsInitializationComplete()); |
| 539 EXPECT_FALSE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); | 524 EXPECT_FALSE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); |
| 540 EXPECT_CALL(observer_, OnUpdatePolicy(manager_.get())); | 525 EXPECT_CALL(observer_, OnUpdatePolicy(manager_.get())); |
| 541 store_->NotifyStoreLoaded(); | 526 store_->NotifyStoreLoaded(); |
| 542 Mock::VerifyAndClearExpectations(&observer_); | 527 Mock::VerifyAndClearExpectations(&observer_); |
| 543 EXPECT_TRUE(manager_->core()->service()->IsInitializationComplete()); | 528 EXPECT_TRUE(manager_->core()->service()->IsInitializationComplete()); |
| (...skipping 22 matching lines...) Expand all Loading... |
| 566 MockDeviceManagementJob* register_request = IssueOAuthToken(true); | 551 MockDeviceManagementJob* register_request = IssueOAuthToken(true); |
| 567 ASSERT_TRUE(register_request); | 552 ASSERT_TRUE(register_request); |
| 568 register_request->SendResponse(DM_STATUS_SUCCESS, register_blob_); | 553 register_request->SendResponse(DM_STATUS_SUCCESS, register_blob_); |
| 569 | 554 |
| 570 // The refresh scheduler takes care of the initial fetch for unmanaged users. | 555 // The refresh scheduler takes care of the initial fetch for unmanaged users. |
| 571 // Running the task runner issues the initial fetch. | 556 // Running the task runner issues the initial fetch. |
| 572 FetchPolicy( | 557 FetchPolicy( |
| 573 base::Bind(&base::TestSimpleTaskRunner::RunUntilIdle, task_runner_)); | 558 base::Bind(&base::TestSimpleTaskRunner::RunUntilIdle, task_runner_)); |
| 574 } | 559 } |
| 575 | 560 |
| 576 // Test disabled. See crbug.com/534733. | 561 TEST_F(UserCloudPolicyManagerChromeOSTest, NonBlockingRefreshFetch) { |
| 577 TEST_F(UserCloudPolicyManagerChromeOSTest, DISABLED_NonBlockingRefreshFetch) { | |
| 578 // Tests a non-blocking initial policy fetch for a Profile that already has | 562 // Tests a non-blocking initial policy fetch for a Profile that already has |
| 579 // a cached DMToken. | 563 // a cached DMToken. |
| 580 ASSERT_NO_FATAL_FAILURE(CreateManager(false, 1000)); | 564 ASSERT_NO_FATAL_FAILURE(CreateManager(false, 0)); |
| 581 | 565 |
| 582 // Set the initially cached data and initialize the CloudPolicyService. | 566 // Set the initially cached data and initialize the CloudPolicyService. |
| 583 // The initial policy fetch is issued using the cached DMToken. | 567 // The initial policy fetch is issued using the cached DMToken. |
| 584 EXPECT_FALSE(manager_->core()->service()->IsInitializationComplete()); | 568 EXPECT_FALSE(manager_->core()->service()->IsInitializationComplete()); |
| 585 EXPECT_FALSE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); | 569 EXPECT_FALSE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); |
| 586 EXPECT_CALL(observer_, OnUpdatePolicy(manager_.get())); | 570 EXPECT_CALL(observer_, OnUpdatePolicy(manager_.get())); |
| 587 store_->policy_.reset(new em::PolicyData(policy_data_)); | 571 store_->policy_.reset(new em::PolicyData(policy_data_)); |
| 588 store_->NotifyStoreLoaded(); | 572 store_->NotifyStoreLoaded(); |
| 589 Mock::VerifyAndClearExpectations(&observer_); | 573 Mock::VerifyAndClearExpectations(&observer_); |
| 590 EXPECT_TRUE(manager_->core()->service()->IsInitializationComplete()); | 574 EXPECT_TRUE(manager_->core()->service()->IsInitializationComplete()); |
| 591 EXPECT_TRUE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); | 575 EXPECT_TRUE(manager_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); |
| 592 EXPECT_TRUE(manager_->core()->client()->is_registered()); | 576 EXPECT_TRUE(manager_->core()->client()->is_registered()); |
| 593 | 577 |
| 594 // The refresh scheduler takes care of the initial fetch for unmanaged users. | 578 // The refresh scheduler takes care of the initial fetch for unmanaged users. |
| 595 // Running the task runner issues the initial fetch. | 579 // Running the task runner issues the initial fetch. |
| 596 FetchPolicy( | 580 FetchPolicy( |
| 597 base::Bind(&base::TestSimpleTaskRunner::RunUntilIdle, task_runner_)); | 581 base::Bind(&base::TestSimpleTaskRunner::RunUntilIdle, task_runner_)); |
| 598 } | 582 } |
| 599 | 583 |
| 600 } // namespace policy | 584 } // namespace policy |
| OLD | NEW |