Chromium Code Reviews Chromium Code Reviews
Issue 2701753004:
Don't let creating Google accounts on the Active Directory devices. (Closed)
| Index: chrome/browser/chromeos/login/existing_user_controller_browsertest.cc |
| diff --git a/chrome/browser/chromeos/login/existing_user_controller_browsertest.cc b/chrome/browser/chromeos/login/existing_user_controller_browsertest.cc |
| index 3ea594b057ee2c30140cd5a45e63d916b2c07e71..bad9f8b9973b015a3369c3329ae80f499704cdb4 100644 |
| --- a/chrome/browser/chromeos/login/existing_user_controller_browsertest.cc |
| +++ b/chrome/browser/chromeos/login/existing_user_controller_browsertest.cc |
| @@ -78,6 +78,7 @@ const char kGaiaID[] = "12345"; |
| const char kUsername[] = "test_user@gmail.com"; |
| const char kSupervisedUserID[] = "supervised_user@locally-managed.localhost"; |
| const char kPassword[] = "test_password"; |
| +const char kActiveDirectoryRealm[] = "active.directory.realm"; |
| const char kPublicSessionUserEmail[] = "public_session_user@localhost"; |
| const int kAutoLoginNoDelay = 0; |
| @@ -230,23 +231,25 @@ class ExistingUserControllerTest : public policy::DevicePolicyCrosBrowserTest { |
| // Mock URLFetcher. |
| MockURLFetcherFactory<SuccessFetcher> factory_; |
| - const AccountId account_id_ = |
| + const AccountId google_account_id_ = |
|
achuithb
2017/02/17 13:03:49
I think gaia_account_id_ is a better name, and mor
Roman Sorokin (ftl)
2017/02/17 14:28:43
Done.
|
| AccountId::FromUserEmailGaiaId(kUsername, kGaiaID); |
| + const AccountId ad_account_id_ = |
| + AccountId::AdFromUserEmailObjGuid(kUsername, kGaiaID); |
| private: |
| DISALLOW_COPY_AND_ASSIGN(ExistingUserControllerTest); |
| }; |
| IN_PROC_BROWSER_TEST_F(ExistingUserControllerTest, PRE_ExistingUserLogin) { |
| - RegisterUser(account_id_.GetUserEmail()); |
| + RegisterUser(google_account_id_.GetUserEmail()); |
| } |
| IN_PROC_BROWSER_TEST_F(ExistingUserControllerTest, DISABLED_ExistingUserLogin) { |
| EXPECT_CALL(*mock_login_display_, SetUIEnabled(false)) |
| .Times(2); |
| - UserContext user_context(account_id_); |
| + UserContext user_context(google_account_id_); |
| user_context.SetKey(Key(kPassword)); |
| - user_context.SetUserIDHash(account_id_.GetUserEmail()); |
| + user_context.SetUserIDHash(google_account_id_.GetUserEmail()); |
| test::UserSessionManagerTestApi session_manager_test_api( |
| UserSessionManager::GetInstance()); |
| session_manager_test_api.InjectStubUserContext(user_context); |
| @@ -297,9 +300,9 @@ void ExistingUserControllerUntrustedTest::SetUpSessionManager() { |
| IN_PROC_BROWSER_TEST_F(ExistingUserControllerUntrustedTest, |
| ExistingUserLoginForbidden) { |
| - UserContext user_context(account_id_); |
| + UserContext user_context(google_account_id_); |
| user_context.SetKey(Key(kPassword)); |
| - user_context.SetUserIDHash(account_id_.GetUserEmail()); |
| + user_context.SetUserIDHash(google_account_id_.GetUserEmail()); |
| existing_user_controller()->Login(user_context, SigninSpecifics()); |
| } |
| @@ -311,9 +314,9 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerUntrustedTest, |
| #endif |
| IN_PROC_BROWSER_TEST_F(ExistingUserControllerUntrustedTest, |
| MAYBE_NewUserLoginForbidden) { |
| - UserContext user_context(account_id_); |
| + UserContext user_context(google_account_id_); |
| user_context.SetKey(Key(kPassword)); |
| - user_context.SetUserIDHash(account_id_.GetUserEmail()); |
| + user_context.SetUserIDHash(google_account_id_.GetUserEmail()); |
| existing_user_controller()->CompleteLogin(user_context); |
| } |
| @@ -328,7 +331,7 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerUntrustedTest, |
| SupervisedUserLoginForbidden) { |
| UserContext user_context(AccountId::FromUserEmail(kSupervisedUserID)); |
| user_context.SetKey(Key(kPassword)); |
| - user_context.SetUserIDHash(account_id_.GetUserEmail()); |
| + user_context.SetUserIDHash(google_account_id_.GetUserEmail()); |
| existing_user_controller()->Login(user_context, SigninSpecifics()); |
| } |
| @@ -339,7 +342,8 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerUntrustedTest, |
| SupervisedUserCreationScreen supervised_user_creation_screen( |
| &mock_base_screen_delegate, &supervised_user_creation_screen_handler); |
| - supervised_user_creation_screen.AuthenticateManager(account_id_, kPassword); |
| + supervised_user_creation_screen.AuthenticateManager(google_account_id_, |
| + kPassword); |
| } |
| MATCHER_P(HasDetails, expected, "") { |
| @@ -597,7 +601,7 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerPublicSessionTest, |
| IN_PROC_BROWSER_TEST_F(ExistingUserControllerPublicSessionTest, |
| DISABLED_LoginStopsAutoLogin) { |
| // Set up mocks to check login success. |
| - UserContext user_context(account_id_); |
| + UserContext user_context(google_account_id_); |
| user_context.SetKey(Key(kPassword)); |
| user_context.SetUserIDHash(user_context.GetAccountId().GetUserEmail()); |
| ExpectSuccessfulLogin(user_context); |
| @@ -632,7 +636,7 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerPublicSessionTest, |
| GuestModeLoginStopsAutoLogin) { |
| EXPECT_CALL(*mock_login_display_, SetUIEnabled(false)) |
| .Times(2); |
| - UserContext user_context(account_id_); |
| + UserContext user_context(google_account_id_); |
| user_context.SetKey(Key(kPassword)); |
| test::UserSessionManagerTestApi session_manager_test_api( |
| UserSessionManager::GetInstance()); |
| @@ -661,7 +665,7 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerPublicSessionTest, |
| IN_PROC_BROWSER_TEST_F(ExistingUserControllerPublicSessionTest, |
| CompleteLoginStopsAutoLogin) { |
| // Set up mocks to check login success. |
| - UserContext user_context(account_id_); |
| + UserContext user_context(google_account_id_); |
| user_context.SetKey(Key(kPassword)); |
| user_context.SetUserIDHash(user_context.GetAccountId().GetUserEmail()); |
| ExpectSuccessfulLogin(user_context); |
| @@ -733,7 +737,7 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerPublicSessionTest, |
| // Check that the attempt to start a public session fails with an error. |
| ExpectLoginFailure(); |
| - UserContext user_context(account_id_); |
| + UserContext user_context(google_account_id_); |
| user_context.SetKey(Key(kPassword)); |
| user_context.SetUserIDHash(user_context.GetAccountId().GetUserEmail()); |
| existing_user_controller()->Login(user_context, SigninSpecifics()); |
| @@ -764,4 +768,74 @@ IN_PROC_BROWSER_TEST_F(ExistingUserControllerPublicSessionTest, |
| // Second run loads list of public accounts from Local State. |
| } |
| +class ExistingUserControllerActiveDirectoryTest |
| + : public ExistingUserControllerTest { |
| + public: |
| + ExistingUserControllerActiveDirectoryTest() = default; |
| + |
| + void MarkOwnership() override { |
|
achuithb
2017/02/17 13:03:49
comment about class whose methods are being overri
Roman Sorokin (ftl)
2017/02/17 14:28:43
Done.
|
| + policy::DevicePolicyCrosTestHelper::MarkAsActiveDirectoryEnterpriseOwned( |
| + kActiveDirectoryRealm); |
| + } |
| + |
| + void SetUpInProcessBrowserTestFixture() override { |
| + RefreshDevicePolicy(); |
| + ExistingUserControllerTest::SetUpInProcessBrowserTestFixture(); |
| + } |
| + |
| + protected: |
| + void ExpectLoginFailure() { |
| + EXPECT_CALL(*mock_login_display_, SetUIEnabled(false)).Times(2); |
| + EXPECT_CALL(*mock_login_display_, |
| + ShowError(IDS_LOGIN_ERROR_ACTIVE_DIRECTORY_ONLY, 1, |
| + HelpAppLauncher::HELP_CANT_ACCESS_ACCOUNT)) |
| + .Times(1); |
| + EXPECT_CALL(*mock_login_display_, SetUIEnabled(true)).Times(1); |
| + } |
| + void ExpectLoginSuccess() { |
| + EXPECT_CALL(*mock_login_display_, SetUIEnabled(false)).Times(2); |
| + EXPECT_CALL(*mock_login_display_, SetUIEnabled(true)).Times(1); |
| + EXPECT_CALL(*mock_login_display_host_, OnCompleteLogin()).Times(1); |
| + } |
| +}; |
| + |
| +IN_PROC_BROWSER_TEST_F(ExistingUserControllerActiveDirectoryTest, |
|
achuithb
2017/02/17 13:03:49
Comment about what's being tested by this.
Roman Sorokin (ftl)
2017/02/17 14:28:43
Done.
|
| + ActiveDirectoryOnlineLogin_Success) { |
| + ExpectLoginSuccess(); |
| + UserContext user_context(ad_account_id_); |
| + user_context.SetKey(Key(kPassword)); |
| + user_context.SetUserIDHash(ad_account_id_.GetUserEmail()); |
| + user_context.SetAuthFlow(UserContext::AUTH_FLOW_ACTIVE_DIRECTORY); |
| + user_context.SetUserType(user_manager::UserType::USER_TYPE_ACTIVE_DIRECTORY); |
| + content::WindowedNotificationObserver profile_prepared_observer( |
| + chrome::NOTIFICATION_LOGIN_USER_PROFILE_PREPARED, |
| + content::NotificationService::AllSources()); |
| + existing_user_controller()->CompleteLogin(user_context); |
| + |
| + profile_prepared_observer.Wait(); |
| + base::ThreadTaskRunnerHandle::Get()->PostTask( |
| + FROM_HERE, base::Bind(&ClearNotifications)); |
| + content::RunAllPendingInMessageLoop(); |
| +} |
| + |
| +IN_PROC_BROWSER_TEST_F(ExistingUserControllerActiveDirectoryTest, |
|
achuithb
2017/02/17 13:03:49
Function comment
Roman Sorokin (ftl)
2017/02/17 14:28:43
Done.
|
| + ActiveDirectoryOfflineLogin_Failure) { |
| + ExpectLoginFailure(); |
| + UserContext user_context(ad_account_id_); |
| + user_context.SetKey(Key(kPassword)); |
| + user_context.SetUserIDHash(ad_account_id_.GetUserEmail()); |
| + user_context.SetUserType(user_manager::UserType::USER_TYPE_ACTIVE_DIRECTORY); |
| + existing_user_controller()->Login(user_context, SigninSpecifics()); |
| +} |
| + |
| +IN_PROC_BROWSER_TEST_F(ExistingUserControllerActiveDirectoryTest, |
|
achuithb
2017/02/17 13:03:49
Function comment
Roman Sorokin (ftl)
2017/02/17 14:28:43
Done.
|
| + GoogleAccountLogin_Failure) { |
| + ExpectLoginFailure(); |
|
achuithb
2017/02/17 13:03:49
GAIAAccountLogin_Failure
Roman Sorokin (ftl)
2017/02/17 14:28:43
Done.
|
| + EXPECT_CALL(*mock_login_display_host_, OnCompleteLogin()).Times(1); |
| + UserContext user_context(google_account_id_); |
| + user_context.SetKey(Key(kPassword)); |
| + user_context.SetUserIDHash(google_account_id_.GetUserEmail()); |
| + existing_user_controller()->CompleteLogin(user_context); |
| +} |
| + |
| } // namespace chromeos |
