Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(309)

Unified Diff: remoting/host/it2me/it2me_host_unittest.cc

Issue 2682473003: Add support for multiple allowed domains (Closed)
Patch Set: Rework to follow a deprecation approach Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: remoting/host/it2me/it2me_host_unittest.cc
diff --git a/remoting/host/it2me/it2me_host_unittest.cc b/remoting/host/it2me/it2me_host_unittest.cc
index 38cafc4f50e3e2cd3422416805f054458125c91a..f307e6c925712e4edd6f1ba0ec80eb8752176f99 100644
--- a/remoting/host/it2me/it2me_host_unittest.cc
+++ b/remoting/host/it2me/it2me_host_unittest.cc
@@ -354,6 +354,80 @@ TEST_F(It2MeHostTest, HostValidation_HostDomainPolicy_MatchEnd) {
ASSERT_EQ(It2MeHostState::kDisconnected, last_host_state_);
}
+TEST_F(It2MeHostTest, HostValidation_HostDomainListPolicy_MatchFirst) {
+ base::ListValue domains;
+ domains.AppendString(kMatchingDomain);
+ domains.AppendString(kMismatchedDomain1);
+ SetPolicies({{policy::key::kRemoteAccessHostDomainList, domains}});
+ StartHost();
+ ASSERT_EQ(It2MeHostState::kReceivedAccessCode, last_host_state_);
+ ShutdownHost();
+ ASSERT_EQ(It2MeHostState::kDisconnected, last_host_state_);
+}
+
+TEST_F(It2MeHostTest, HostValidation_HostDomainListPolicy_MatchSecond) {
+ base::ListValue domains;
+ domains.AppendString(kMismatchedDomain1);
+ domains.AppendString(kMatchingDomain);
+ SetPolicies({{policy::key::kRemoteAccessHostDomainList, domains}});
+ StartHost();
+ ASSERT_EQ(It2MeHostState::kReceivedAccessCode, last_host_state_);
+ ShutdownHost();
+ ASSERT_EQ(It2MeHostState::kDisconnected, last_host_state_);
+}
+
+TEST_F(It2MeHostTest, HostValidation_HostDomainListPolicy_NoMatch) {
+ base::ListValue domains;
+ domains.AppendString(kMismatchedDomain1);
+ domains.AppendString(kMismatchedDomain2);
+ SetPolicies({{policy::key::kRemoteAccessHostDomainList, domains}});
+ StartHost();
+ ASSERT_EQ(It2MeHostState::kInvalidDomainError, last_host_state_);
+ ShutdownHost();
+ ASSERT_EQ(It2MeHostState::kDisconnected, last_host_state_);
+}
+
+TEST_F(It2MeHostTest, HostValidation_HostDomainBothPolicies_BothMatch) {
+ base::ListValue domains;
+ domains.AppendString(kMatchingDomain);
+ domains.AppendString(kMismatchedDomain1);
+ SetPolicies(
+ {{policy::key::kRemoteAccessHostDomain, base::Value(kMatchingDomain)},
+ {policy::key::kRemoteAccessHostDomainList, domains}});
+ StartHost();
+ ASSERT_EQ(It2MeHostState::kReceivedAccessCode, last_host_state_);
+ ShutdownHost();
+ ASSERT_EQ(It2MeHostState::kDisconnected, last_host_state_);
+}
+
+TEST_F(It2MeHostTest, HostValidation_HostDomainBothPolicies_ListMatch) {
+ base::ListValue domains;
+ domains.AppendString(kMismatchedDomain1);
+ domains.AppendString(kMatchingDomain);
+ SetPolicies(
+ {{policy::key::kRemoteAccessHostDomain, base::Value(kMismatchedDomain1)},
+ {policy::key::kRemoteAccessHostDomainList, domains}});
+ // Should succeed even though the legacy policy would deny.
+ StartHost();
+ ASSERT_EQ(It2MeHostState::kReceivedAccessCode, last_host_state_);
+ ShutdownHost();
+ ASSERT_EQ(It2MeHostState::kDisconnected, last_host_state_);
+}
+
+TEST_F(It2MeHostTest, HostValidation_HostDomainBothPolicies_LegacyMatch) {
+ base::ListValue domains;
+ domains.AppendString(kMismatchedDomain1);
+ domains.AppendString(kMismatchedDomain2);
+ SetPolicies(
+ {{policy::key::kRemoteAccessHostDomain, base::Value(kMatchingDomain)},
+ {policy::key::kRemoteAccessHostDomainList, domains}});
+ // Should fail even though the legacy policy would allow.
+ StartHost();
+ ASSERT_EQ(It2MeHostState::kInvalidDomainError, last_host_state_);
+ ShutdownHost();
+ ASSERT_EQ(It2MeHostState::kDisconnected, last_host_state_);
+}
+
TEST_F(It2MeHostTest, ConnectionValidation_NoClientDomainPolicy_ValidJid) {
StartHost();
RunValidationCallback(kTestClientJid);
@@ -451,6 +525,91 @@ TEST_F(It2MeHostTest, ConnectionValidation_WrongClientDomain_MatchEnd) {
ASSERT_EQ(It2MeHostState::kDisconnected, last_host_state_);
}
+TEST_F(It2MeHostTest, ConnectionValidation_ClientDomainListPolicy_MatchFirst) {
+ base::ListValue domains;
+ domains.AppendString(kMatchingDomain);
+ domains.AppendString(kMismatchedDomain1);
+ SetPolicies({{policy::key::kRemoteAccessHostClientDomainList, domains}});
+ StartHost();
+ RunValidationCallback(kTestClientJid);
+ ASSERT_EQ(ValidationResult::SUCCESS, validation_result_);
+ ASSERT_EQ(It2MeHostState::kConnecting, last_host_state_);
+ ShutdownHost();
+ ASSERT_EQ(It2MeHostState::kDisconnected, last_host_state_);
+}
+
+TEST_F(It2MeHostTest, ConnectionValidation_ClientDomainListPolicy_MatchSecond) {
+ base::ListValue domains;
+ domains.AppendString(kMismatchedDomain1);
+ domains.AppendString(kMatchingDomain);
+ SetPolicies({{policy::key::kRemoteAccessHostClientDomainList, domains}});
+ StartHost();
+ RunValidationCallback(kTestClientJid);
+ ASSERT_EQ(ValidationResult::SUCCESS, validation_result_);
+ ASSERT_EQ(It2MeHostState::kConnecting, last_host_state_);
+ ShutdownHost();
+ ASSERT_EQ(It2MeHostState::kDisconnected, last_host_state_);
+}
+
+TEST_F(It2MeHostTest, ConnectionValidation_ClientDomainListPolicy_NoMatch) {
+ base::ListValue domains;
+ domains.AppendString(kMismatchedDomain1);
+ domains.AppendString(kMismatchedDomain2);
+ SetPolicies({{policy::key::kRemoteAccessHostClientDomainList, domains}});
+ StartHost();
+ RunValidationCallback(kTestClientJid);
+ ASSERT_EQ(ValidationResult::ERROR_INVALID_ACCOUNT, validation_result_);
+ RunUntilStateChanged(It2MeHostState::kDisconnected);
+ ASSERT_EQ(It2MeHostState::kDisconnected, last_host_state_);
+}
+
+TEST_F(It2MeHostTest, ConnectionValidation_ClientDomainBothPolicies_BothMatch) {
+ base::ListValue domains;
+ domains.AppendString(kMatchingDomain);
+ domains.AppendString(kMismatchedDomain1);
+ SetPolicies({{policy::key::kRemoteAccessHostClientDomain,
+ base::Value(kMatchingDomain)},
+ {policy::key::kRemoteAccessHostClientDomainList, domains}});
+ StartHost();
+ RunValidationCallback(kTestClientJid);
+ ASSERT_EQ(ValidationResult::SUCCESS, validation_result_);
+ ASSERT_EQ(It2MeHostState::kConnecting, last_host_state_);
+ ShutdownHost();
+ ASSERT_EQ(It2MeHostState::kDisconnected, last_host_state_);
+}
+
+TEST_F(It2MeHostTest, ConnectionValidation_ClientDomainBothPolicies_ListMatch) {
+ base::ListValue domains;
+ domains.AppendString(kMismatchedDomain1);
+ domains.AppendString(kMatchingDomain);
+ SetPolicies({{policy::key::kRemoteAccessHostClientDomain,
+ base::Value(kMismatchedDomain1)},
+ {policy::key::kRemoteAccessHostClientDomainList, domains}});
+ // Should succeed even though the legacy policy would deny.
+ StartHost();
+ RunValidationCallback(kTestClientJid);
+ ASSERT_EQ(ValidationResult::SUCCESS, validation_result_);
+ ASSERT_EQ(It2MeHostState::kConnecting, last_host_state_);
+ ShutdownHost();
+ ASSERT_EQ(It2MeHostState::kDisconnected, last_host_state_);
+}
+
+TEST_F(It2MeHostTest,
+ ConnectionValidation_ClientDomainBothPolicies_LegacyMatch) {
+ base::ListValue domains;
+ domains.AppendString(kMismatchedDomain1);
+ domains.AppendString(kMismatchedDomain2);
+ SetPolicies({{policy::key::kRemoteAccessHostClientDomain,
+ base::Value(kMatchingDomain)},
+ {policy::key::kRemoteAccessHostClientDomainList, domains}});
+ // Should fail even though the legacy policy would allow.
+ StartHost();
+ RunValidationCallback(kTestClientJid);
+ ASSERT_EQ(ValidationResult::ERROR_INVALID_ACCOUNT, validation_result_);
+ RunUntilStateChanged(It2MeHostState::kDisconnected);
+ ASSERT_EQ(It2MeHostState::kDisconnected, last_host_state_);
+}
+
TEST_F(It2MeHostTest, ConnectionValidation_ConfirmationDialog_Accept) {
StartHost();
RunValidationCallback(kTestClientJid);

Powered by Google App Engine
This is Rietveld 408576698