Add fake implementation for AuthPolicyClient::RefreshUserPolicy()

chromeos/dbus/fake_auth_policy_client.cc

-// Copyright (c) 2016 The Chromium Authors. All rights reserved.
+// Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chromeos/dbus/fake_auth_policy_client.h"
 
 #include "base/bind.h"
 #include "base/files/file_path.h"
 #include "base/files/file_util.h"
 #include "base/location.h"
 #include "base/md5.h"
 #include "base/path_service.h"
 #include "base/task_runner_util.h"
 #include "base/threading/worker_pool.h"
 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h"
 #include "chromeos/chromeos_paths.h"
+#include "chromeos/cryptohome/cryptohome_parameters.h"
+#include "chromeos/dbus/cryptohome_client.h"
+#include "components/policy/proto/cloud_policy.pb.h"
 #include "components/policy/proto/device_management_backend.pb.h"
+#include "components/signin/core/account_id/account_id.h"
 
 namespace em = enterprise_management;
 
 namespace {
 
-// Create minimal stub device policy file and drop it at the place where
-// SessionManagerClientStubImpl is looking for it.
-bool WriteDevicePolicyFile() {
-  em::ChromeDeviceSettingsProto policy;
+// Drop stub policy file of |policy_type| at |policy_path| containing
+// |serialized_payload|.
+bool WritePolicyFile(const base::FilePath& policy_path,
+                     const std::string& serialized_payload,
+                     const std::string& policy_type) {

[Roman Sorokin (ftl), 2016/12/28 10:29:38]

Maybe add 
DCHECK(base::WorkerPool::GetTaskRunner(false /* task_is_slow
*/)->RunsTasksOnCurrentThread());

[Thiemo Nagel, 2016/12/28 11:08:59]

I don't think this is necessary as the file operations blow up anyways if
they're run on the wrong thread.

   em::PolicyData data;
-  policy.SerializeToString(data.mutable_policy_value());
-  data.set_policy_type("google/chromeos/device");
+  data.set_policy_value(serialized_payload);
+  data.set_policy_type(policy_type);
 
   em::PolicyFetchResponse response;
   data.SerializeToString(response.mutable_policy_data());
   std::string serialized_response;
   response.SerializeToString(&serialized_response);
 
-  base::FilePath owner_key_path;
-  if (!PathService::Get(chromeos::FILE_OWNER_KEY, &owner_key_path))
+  if (!base::CreateDirectory(policy_path.DirName()))
     return false;
 
-  const base::FilePath device_policy_path =
-      owner_key_path.DirName().AppendASCII("stub_device_policy");
-
   // Note that in theory there could be a short time window in which a
   // concurrent reader sees a partial (and thus invalid) file, but given the
   // small file size that seems very unlikely in practice.
-  const int bytes_written =
-      base::WriteFile(device_policy_path, serialized_response.c_str(),
-                      serialized_response.size());
+  const int bytes_written = base::WriteFile(
+      policy_path, serialized_response.c_str(), serialized_response.size());
   if (bytes_written < 0)
     return false;
   return bytes_written == static_cast<int>(serialized_response.size());
 }
 
 }  // namespace
 
 namespace chromeos {
 
 FakeAuthPolicyClient::FakeAuthPolicyClient() {}
@@ skipping 12 matching lines @@
 void FakeAuthPolicyClient::AuthenticateUser(
     const std::string& user_principal_name,
     int password_fd,
     const AuthCallback& callback) {
   callback.Run(authpolicy::AUTH_USER_ERROR_NONE,
                base::MD5String(user_principal_name));
 }
 
 void FakeAuthPolicyClient::RefreshDevicePolicy(
     const RefreshPolicyCallback& callback) {
+  base::FilePath policy_path;
+  if (!PathService::Get(chromeos::FILE_OWNER_KEY, &policy_path)) {
+    callback.Run(false);
+    return;
+  }
+  policy_path = policy_path.DirName().AppendASCII("stub_device_policy");
+
+  em::ChromeDeviceSettingsProto policy;
+  std::string payload;
+  policy.SerializeToString(&payload);
+
+  // Drop file for SessionManagerClientStubImpl to read.
   if (!base::PostTaskAndReplyWithResult(
           base::WorkerPool::GetTaskRunner(false /* task_is_slow */).get(),
-          FROM_HERE, base::Bind(&WriteDevicePolicyFile), callback)) {
+          FROM_HERE, base::Bind(&WritePolicyFile, policy_path, payload,
+                                "google/chromeos/device"),
+          callback)) {
     callback.Run(false);
   }
 }
 
 void FakeAuthPolicyClient::RefreshUserPolicy(
-    const std::string& account_id,
+    const AccountId& account_id,
     const RefreshPolicyCallback& callback) {
-  callback.Run(true);
+  base::FilePath policy_path;
+  if (!PathService::Get(chromeos::DIR_USER_POLICY_KEYS, &policy_path)) {
+    callback.Run(false);
+    return;
+  }
+  const cryptohome::Identification cryptohome_identification(account_id);
+  const std::string sanitized_username =
+      chromeos::CryptohomeClient::GetStubSanitizedUsername(
+          cryptohome_identification);
+  policy_path = policy_path.AppendASCII(sanitized_username);
+  policy_path = policy_path.AppendASCII("stub_policy");
+
+  em::CloudPolicySettings policy;

[Roman Sorokin (ftl), 2016/12/28 10:29:38]

Do we write just an empty policy?

[Thiemo Nagel, 2016/12/28 11:08:59]

Yes.  I'm reluctant writing actual policy values because it might interfere with
tests or create confusion in some other way.

+  std::string payload;
+  policy.SerializeToString(&payload);

[Roman Sorokin (ftl), 2016/12/28 10:29:38]

Should we check for result here?

[Thiemo Nagel, 2016/12/28 11:08:59]

I've added CHECK()s.

+
+  // Drop file for SessionManagerClientStubImpl to read.
+  if (!base::PostTaskAndReplyWithResult(
+          base::WorkerPool::GetTaskRunner(false /* task_is_slow */).get(),
+          FROM_HERE, base::Bind(&WritePolicyFile, policy_path, payload,
+                                "google/chromeos/user"),
+          callback)) {
+    callback.Run(false);
+  }
 }
 
 }  // namespace chromeos