| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/device_local_account_policy_service.h" | 5 #include "chrome/browser/chromeos/policy/device_local_account_policy_service.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/callback.h" | 9 #include "base/callback.h" |
| 10 #include "base/file_util.h" |
| 11 #include "base/files/file_path.h" |
| 12 #include "base/files/scoped_temp_dir.h" |
| 13 #include "base/path_service.h" |
| 14 #include "base/run_loop.h" |
| 15 #include "base/strings/string_number_conversions.h" |
| 16 #include "base/strings/stringprintf.h" |
| 17 #include "base/test/scoped_path_override.h" |
| 18 #include "base/test/test_simple_task_runner.h" |
| 10 #include "chrome/browser/chromeos/policy/device_local_account.h" | 19 #include "chrome/browser/chromeos/policy/device_local_account.h" |
| 11 #include "chrome/browser/chromeos/policy/device_local_account_policy_provider.h" | 20 #include "chrome/browser/chromeos/policy/device_local_account_policy_provider.h" |
| 12 #include "chrome/browser/chromeos/settings/cros_settings.h" | 21 #include "chrome/browser/chromeos/settings/cros_settings.h" |
| 13 #include "chrome/browser/chromeos/settings/device_settings_service.h" | 22 #include "chrome/browser/chromeos/settings/device_settings_service.h" |
| 14 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h" | 23 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h" |
| 15 #include "chrome/browser/policy/cloud/cloud_policy_client.h" | 24 #include "chrome/browser/policy/cloud/cloud_policy_client.h" |
| 16 #include "chrome/browser/policy/cloud/cloud_policy_constants.h" | 25 #include "chrome/browser/policy/cloud/cloud_policy_constants.h" |
| 26 #include "chrome/browser/policy/cloud/cloud_policy_core.h" |
| 17 #include "chrome/browser/policy/cloud/cloud_policy_service.h" | 27 #include "chrome/browser/policy/cloud/cloud_policy_service.h" |
| 18 #include "chrome/browser/policy/cloud/mock_device_management_service.h" | 28 #include "chrome/browser/policy/cloud/mock_device_management_service.h" |
| 19 #include "chrome/browser/policy/cloud/policy_builder.h" | 29 #include "chrome/browser/policy/cloud/policy_builder.h" |
| 20 #include "chrome/browser/policy/external_data_fetcher.h" | 30 #include "chrome/browser/policy/external_data_fetcher.h" |
| 21 #include "chrome/browser/policy/mock_configuration_policy_provider.h" | 31 #include "chrome/browser/policy/mock_configuration_policy_provider.h" |
| 22 #include "chrome/browser/policy/proto/chromeos/chrome_device_policy.pb.h" | 32 #include "chrome/browser/policy/proto/chromeos/chrome_device_policy.pb.h" |
| 33 #include "chrome/common/chrome_paths.h" |
| 34 #include "chromeos/chromeos_paths.h" |
| 23 #include "chromeos/dbus/power_policy_controller.h" | 35 #include "chromeos/dbus/power_policy_controller.h" |
| 24 #include "policy/policy_constants.h" | 36 #include "policy/policy_constants.h" |
| 37 #include "policy/proto/cloud_policy.pb.h" |
| 25 #include "testing/gtest/include/gtest/gtest.h" | 38 #include "testing/gtest/include/gtest/gtest.h" |
| 26 | 39 |
| 27 using testing::AnyNumber; | 40 using testing::AnyNumber; |
| 28 using testing::AtLeast; | 41 using testing::AtLeast; |
| 29 using testing::Mock; | 42 using testing::Mock; |
| 30 using testing::SaveArg; | 43 using testing::SaveArg; |
| 31 using testing::_; | 44 using testing::_; |
| 32 | 45 |
| 33 namespace em = enterprise_management; | 46 namespace em = enterprise_management; |
| 34 | 47 |
| 35 namespace policy { | 48 namespace policy { |
| 36 | 49 |
| 50 namespace { |
| 51 |
| 52 const char kAccount1[] = "account1@localhost"; |
| 53 const char kAccount2[] = "account2@localhost"; |
| 54 const char kAccount3[] = "account3@localhost"; |
| 55 |
| 56 const char kExtensionID[] = "kbmnembihfiondgfjekmnmcbddelicoi"; |
| 57 const char kExtensionVersion[] = "1.0.0.0"; |
| 58 const char kExtensionCRXPath[] = "extensions/hosted_app.crx"; |
| 59 const char kUpdateURL[] = "https://clients2.google.com/service/update2/crx"; |
| 60 |
| 61 } // namespace |
| 62 |
| 37 class MockDeviceLocalAccountPolicyServiceObserver | 63 class MockDeviceLocalAccountPolicyServiceObserver |
| 38 : public DeviceLocalAccountPolicyService::Observer { | 64 : public DeviceLocalAccountPolicyService::Observer { |
| 39 public: | 65 public: |
| 40 MOCK_METHOD1(OnPolicyUpdated, void(const std::string&)); | 66 MOCK_METHOD1(OnPolicyUpdated, void(const std::string&)); |
| 41 MOCK_METHOD0(OnDeviceLocalAccountsChanged, void(void)); | 67 MOCK_METHOD0(OnDeviceLocalAccountsChanged, void(void)); |
| 42 }; | 68 }; |
| 43 | 69 |
| 44 class DeviceLocalAccountPolicyServiceTest | 70 class DeviceLocalAccountPolicyServiceTestBase |
| 45 : public chromeos::DeviceSettingsTestBase { | 71 : public chromeos::DeviceSettingsTestBase { |
| 46 public: | 72 public: |
| 47 DeviceLocalAccountPolicyServiceTest() | 73 DeviceLocalAccountPolicyServiceTestBase(); |
| 48 : public_session_user_id_(GenerateDeviceLocalAccountUserId( | 74 |
| 49 PolicyBuilder::kFakeUsername, | 75 virtual void SetUp() OVERRIDE; |
| 50 DeviceLocalAccount::TYPE_PUBLIC_SESSION)), | 76 |
| 51 cros_settings_(&device_settings_service_), | 77 void CreatePolicyService(); |
| 52 service_(&device_settings_test_helper_, | 78 |
| 53 &device_settings_service_, | 79 void InstallDeviceLocalAccountPolicy(const std::string& account_id); |
| 54 &cros_settings_) {} | 80 void AddDeviceLocalAccountToPolicy(const std::string& account_id); |
| 55 | 81 virtual void InstallDevicePolicy(); |
| 56 virtual void SetUp() OVERRIDE { | 82 |
| 57 DeviceSettingsTestBase::SetUp(); | 83 const std::string account_1_user_id_; |
| 58 | 84 const std::string account_2_user_id_; |
| 59 // Values implicitly enforced for public accounts. | |
| 60 expected_policy_map_.Set(key::kLidCloseAction, | |
| 61 POLICY_LEVEL_MANDATORY, | |
| 62 POLICY_SCOPE_USER, | |
| 63 base::Value::CreateIntegerValue( | |
| 64 chromeos::PowerPolicyController:: | |
| 65 ACTION_STOP_SESSION), | |
| 66 NULL); | |
| 67 expected_policy_map_.Set(key::kShelfAutoHideBehavior, | |
| 68 POLICY_LEVEL_MANDATORY, | |
| 69 POLICY_SCOPE_USER, | |
| 70 Value::CreateStringValue("Never"), | |
| 71 NULL); | |
| 72 expected_policy_map_.Set(key::kShowLogoutButtonInTray, | |
| 73 POLICY_LEVEL_MANDATORY, | |
| 74 POLICY_SCOPE_USER, | |
| 75 Value::CreateBooleanValue(true), | |
| 76 NULL); | |
| 77 expected_policy_map_.Set(key::kFullscreenAllowed, | |
| 78 POLICY_LEVEL_MANDATORY, | |
| 79 POLICY_SCOPE_USER, | |
| 80 Value::CreateBooleanValue(false), | |
| 81 NULL); | |
| 82 | |
| 83 // Explicitly set value. | |
| 84 expected_policy_map_.Set(key::kDisableSpdy, | |
| 85 POLICY_LEVEL_MANDATORY, | |
| 86 POLICY_SCOPE_USER, | |
| 87 Value::CreateBooleanValue(true), | |
| 88 NULL); | |
| 89 | |
| 90 device_local_account_policy_.payload().mutable_disablespdy()->set_value( | |
| 91 true); | |
| 92 device_local_account_policy_.policy_data().set_policy_type( | |
| 93 dm_protocol::kChromePublicAccountPolicyType); | |
| 94 device_local_account_policy_.policy_data().set_settings_entity_id( | |
| 95 PolicyBuilder::kFakeUsername); | |
| 96 device_local_account_policy_.Build(); | |
| 97 | |
| 98 em::DeviceLocalAccountInfoProto* account = | |
| 99 device_policy_.payload().mutable_device_local_accounts()->add_account(); | |
| 100 account->set_account_id(PolicyBuilder::kFakeUsername); | |
| 101 account->set_type( | |
| 102 em::DeviceLocalAccountInfoProto::ACCOUNT_TYPE_PUBLIC_SESSION); | |
| 103 device_policy_.Build(); | |
| 104 | |
| 105 service_.AddObserver(&service_observer_); | |
| 106 } | |
| 107 | |
| 108 virtual void TearDown() OVERRIDE { | |
| 109 service_.RemoveObserver(&service_observer_); | |
| 110 | |
| 111 DeviceSettingsTestBase::TearDown(); | |
| 112 } | |
| 113 | |
| 114 void InstallDevicePolicy() { | |
| 115 EXPECT_CALL(service_observer_, OnDeviceLocalAccountsChanged()); | |
| 116 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); | |
| 117 ReloadDeviceSettings(); | |
| 118 Mock::VerifyAndClearExpectations(&service_observer_); | |
| 119 } | |
| 120 | |
| 121 MOCK_METHOD1(OnRefreshDone, void(bool)); | |
| 122 | |
| 123 const std::string public_session_user_id_; | |
| 124 | 85 |
| 125 PolicyMap expected_policy_map_; | 86 PolicyMap expected_policy_map_; |
| 126 UserPolicyBuilder device_local_account_policy_; | 87 UserPolicyBuilder device_local_account_policy_; |
| 127 chromeos::CrosSettings cros_settings_; | 88 chromeos::CrosSettings cros_settings_; |
| 89 scoped_refptr<base::TestSimpleTaskRunner> extension_cache_task_runner_; |
| 90 MockDeviceManagementService mock_device_management_service_; |
| 91 scoped_ptr<DeviceLocalAccountPolicyService> service_; |
| 92 |
| 93 private: |
| 94 DISALLOW_COPY_AND_ASSIGN(DeviceLocalAccountPolicyServiceTestBase); |
| 95 }; |
| 96 |
| 97 class DeviceLocalAccountPolicyServiceTest |
| 98 : public DeviceLocalAccountPolicyServiceTestBase { |
| 99 public: |
| 100 MOCK_METHOD1(OnRefreshDone, void(bool)); |
| 101 |
| 102 protected: |
| 103 DeviceLocalAccountPolicyServiceTest(); |
| 104 |
| 105 virtual void SetUp() OVERRIDE; |
| 106 virtual void TearDown() OVERRIDE; |
| 107 |
| 108 void InstallDevicePolicy() OVERRIDE; |
| 109 |
| 128 MockDeviceLocalAccountPolicyServiceObserver service_observer_; | 110 MockDeviceLocalAccountPolicyServiceObserver service_observer_; |
| 129 MockDeviceManagementService mock_device_management_service_; | |
| 130 DeviceLocalAccountPolicyService service_; | |
| 131 | 111 |
| 132 private: | 112 private: |
| 133 DISALLOW_COPY_AND_ASSIGN(DeviceLocalAccountPolicyServiceTest); | 113 DISALLOW_COPY_AND_ASSIGN(DeviceLocalAccountPolicyServiceTest); |
| 134 }; | 114 }; |
| 135 | 115 |
| 116 DeviceLocalAccountPolicyServiceTestBase:: |
| 117 DeviceLocalAccountPolicyServiceTestBase() |
| 118 : account_1_user_id_(GenerateDeviceLocalAccountUserId( |
| 119 kAccount1, |
| 120 DeviceLocalAccount::TYPE_PUBLIC_SESSION)), |
| 121 account_2_user_id_(GenerateDeviceLocalAccountUserId( |
| 122 kAccount2, |
| 123 DeviceLocalAccount::TYPE_PUBLIC_SESSION)), |
| 124 cros_settings_(&device_settings_service_), |
| 125 extension_cache_task_runner_(new base::TestSimpleTaskRunner) { |
| 126 } |
| 127 |
| 128 void DeviceLocalAccountPolicyServiceTestBase::SetUp() { |
| 129 chromeos::DeviceSettingsTestBase::SetUp(); |
| 130 |
| 131 // Values implicitly enforced for public accounts. |
| 132 expected_policy_map_.Set(key::kLidCloseAction, |
| 133 POLICY_LEVEL_MANDATORY, |
| 134 POLICY_SCOPE_USER, |
| 135 base::Value::CreateIntegerValue( |
| 136 chromeos::PowerPolicyController:: |
| 137 ACTION_STOP_SESSION), |
| 138 NULL); |
| 139 expected_policy_map_.Set(key::kShelfAutoHideBehavior, |
| 140 POLICY_LEVEL_MANDATORY, |
| 141 POLICY_SCOPE_USER, |
| 142 Value::CreateStringValue("Never"), |
| 143 NULL); |
| 144 expected_policy_map_.Set(key::kShowLogoutButtonInTray, |
| 145 POLICY_LEVEL_MANDATORY, |
| 146 POLICY_SCOPE_USER, |
| 147 Value::CreateBooleanValue(true), |
| 148 NULL); |
| 149 expected_policy_map_.Set(key::kFullscreenAllowed, |
| 150 POLICY_LEVEL_MANDATORY, |
| 151 POLICY_SCOPE_USER, |
| 152 Value::CreateBooleanValue(false), |
| 153 NULL); |
| 154 |
| 155 // Explicitly set value. |
| 156 expected_policy_map_.Set(key::kDisableSpdy, |
| 157 POLICY_LEVEL_MANDATORY, |
| 158 POLICY_SCOPE_USER, |
| 159 Value::CreateBooleanValue(true), |
| 160 NULL); |
| 161 |
| 162 device_local_account_policy_.payload().mutable_disablespdy()->set_value( |
| 163 true); |
| 164 device_local_account_policy_.policy_data().set_policy_type( |
| 165 dm_protocol::kChromePublicAccountPolicyType); |
| 166 } |
| 167 |
| 168 void DeviceLocalAccountPolicyServiceTestBase::CreatePolicyService() { |
| 169 service_.reset(new DeviceLocalAccountPolicyService( |
| 170 &device_settings_test_helper_, |
| 171 &device_settings_service_, |
| 172 &cros_settings_, |
| 173 extension_cache_task_runner_)); |
| 174 } |
| 175 |
| 176 void DeviceLocalAccountPolicyServiceTestBase:: |
| 177 InstallDeviceLocalAccountPolicy(const std::string& account_id) { |
| 178 device_local_account_policy_.policy_data().set_settings_entity_id(account_id); |
| 179 device_local_account_policy_.policy_data().set_username(account_id); |
| 180 device_local_account_policy_.Build(); |
| 181 device_settings_test_helper_.set_device_local_account_policy_blob( |
| 182 account_id, device_local_account_policy_.GetBlob()); |
| 183 } |
| 184 |
| 185 void DeviceLocalAccountPolicyServiceTestBase::AddDeviceLocalAccountToPolicy( |
| 186 const std::string& account_id) { |
| 187 em::DeviceLocalAccountInfoProto* account = |
| 188 device_policy_.payload().mutable_device_local_accounts()->add_account(); |
| 189 account->set_account_id(account_id); |
| 190 account->set_type( |
| 191 em::DeviceLocalAccountInfoProto::ACCOUNT_TYPE_PUBLIC_SESSION); |
| 192 } |
| 193 |
| 194 void DeviceLocalAccountPolicyServiceTestBase::InstallDevicePolicy() { |
| 195 device_policy_.Build(); |
| 196 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); |
| 197 ReloadDeviceSettings(); |
| 198 } |
| 199 |
| 200 DeviceLocalAccountPolicyServiceTest::DeviceLocalAccountPolicyServiceTest() { |
| 201 CreatePolicyService(); |
| 202 } |
| 203 |
| 204 void DeviceLocalAccountPolicyServiceTest::SetUp() { |
| 205 DeviceLocalAccountPolicyServiceTestBase::SetUp(); |
| 206 service_->AddObserver(&service_observer_); |
| 207 } |
| 208 |
| 209 void DeviceLocalAccountPolicyServiceTest::TearDown() { |
| 210 service_->RemoveObserver(&service_observer_); |
| 211 DeviceLocalAccountPolicyServiceTestBase::TearDown(); |
| 212 } |
| 213 |
| 214 void DeviceLocalAccountPolicyServiceTest::InstallDevicePolicy() { |
| 215 EXPECT_CALL(service_observer_, OnDeviceLocalAccountsChanged()); |
| 216 DeviceLocalAccountPolicyServiceTestBase::InstallDevicePolicy(); |
| 217 Mock::VerifyAndClearExpectations(&service_observer_); |
| 218 } |
| 219 |
| 136 TEST_F(DeviceLocalAccountPolicyServiceTest, NoAccounts) { | 220 TEST_F(DeviceLocalAccountPolicyServiceTest, NoAccounts) { |
| 137 EXPECT_FALSE(service_.GetBrokerForUser(public_session_user_id_)); | 221 EXPECT_FALSE(service_->GetBrokerForUser(account_1_user_id_)); |
| 138 } | 222 } |
| 139 | 223 |
| 140 TEST_F(DeviceLocalAccountPolicyServiceTest, GetBroker) { | 224 TEST_F(DeviceLocalAccountPolicyServiceTest, GetBroker) { |
| 141 InstallDevicePolicy(); | 225 InstallDeviceLocalAccountPolicy(kAccount1); |
| 142 | 226 AddDeviceLocalAccountToPolicy(kAccount1); |
| 143 DeviceLocalAccountPolicyBroker* broker = | 227 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 144 service_.GetBrokerForUser(public_session_user_id_); | 228 InstallDevicePolicy(); |
| 145 ASSERT_TRUE(broker); | 229 |
| 146 EXPECT_EQ(public_session_user_id_, broker->user_id()); | 230 DeviceLocalAccountPolicyBroker* broker = |
| 231 service_->GetBrokerForUser(account_1_user_id_); |
| 232 ASSERT_TRUE(broker); |
| 233 EXPECT_EQ(account_1_user_id_, broker->user_id()); |
| 147 ASSERT_TRUE(broker->core()->store()); | 234 ASSERT_TRUE(broker->core()->store()); |
| 148 EXPECT_EQ(CloudPolicyStore::STATUS_OK, broker->core()->store()->status()); | 235 EXPECT_EQ(CloudPolicyStore::STATUS_OK, broker->core()->store()->status()); |
| 149 EXPECT_FALSE(broker->core()->client()); | 236 EXPECT_FALSE(broker->core()->client()); |
| 150 EXPECT_TRUE(broker->core()->store()->policy_map().empty()); | 237 EXPECT_FALSE(broker->core()->store()->policy_map().empty()); |
| 151 } | 238 } |
| 152 | 239 |
| 153 TEST_F(DeviceLocalAccountPolicyServiceTest, LoadNoPolicy) { | 240 TEST_F(DeviceLocalAccountPolicyServiceTest, LoadNoPolicy) { |
| 154 InstallDevicePolicy(); | 241 AddDeviceLocalAccountToPolicy(kAccount1); |
| 155 | 242 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 156 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); | 243 InstallDevicePolicy(); |
| 157 DeviceLocalAccountPolicyBroker* broker = | 244 |
| 158 service_.GetBrokerForUser(public_session_user_id_); | 245 DeviceLocalAccountPolicyBroker* broker = |
| 159 ASSERT_TRUE(broker); | 246 service_->GetBrokerForUser(account_1_user_id_); |
| 160 FlushDeviceSettings(); | 247 ASSERT_TRUE(broker); |
| 161 Mock::VerifyAndClearExpectations(&service_observer_); | 248 EXPECT_EQ(account_1_user_id_, broker->user_id()); |
| 162 | |
| 163 ASSERT_TRUE(broker->core()->store()); | 249 ASSERT_TRUE(broker->core()->store()); |
| 164 EXPECT_EQ(CloudPolicyStore::STATUS_LOAD_ERROR, | 250 EXPECT_EQ(CloudPolicyStore::STATUS_LOAD_ERROR, |
| 165 broker->core()->store()->status()); | 251 broker->core()->store()->status()); |
| 166 EXPECT_TRUE(broker->core()->store()->policy_map().empty()); | 252 EXPECT_TRUE(broker->core()->store()->policy_map().empty()); |
| 167 EXPECT_FALSE(service_.IsPolicyAvailableForUser(public_session_user_id_)); | 253 EXPECT_FALSE(service_->IsPolicyAvailableForUser(account_1_user_id_)); |
| 168 } | 254 } |
| 169 | 255 |
| 170 TEST_F(DeviceLocalAccountPolicyServiceTest, LoadValidationFailure) { | 256 TEST_F(DeviceLocalAccountPolicyServiceTest, LoadValidationFailure) { |
| 171 device_local_account_policy_.policy_data().set_policy_type( | 257 device_local_account_policy_.policy_data().set_policy_type( |
| 172 dm_protocol::kChromeUserPolicyType); | 258 dm_protocol::kChromeUserPolicyType); |
| 173 device_local_account_policy_.Build(); | 259 InstallDeviceLocalAccountPolicy(kAccount1); |
| 174 device_settings_test_helper_.set_device_local_account_policy_blob( | 260 AddDeviceLocalAccountToPolicy(kAccount1); |
| 175 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | 261 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 176 InstallDevicePolicy(); | 262 InstallDevicePolicy(); |
| 177 | 263 |
| 178 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); | 264 DeviceLocalAccountPolicyBroker* broker = |
| 179 DeviceLocalAccountPolicyBroker* broker = | 265 service_->GetBrokerForUser(account_1_user_id_); |
| 180 service_.GetBrokerForUser(public_session_user_id_); | 266 ASSERT_TRUE(broker); |
| 181 ASSERT_TRUE(broker); | 267 EXPECT_EQ(account_1_user_id_, broker->user_id()); |
| 182 FlushDeviceSettings(); | |
| 183 Mock::VerifyAndClearExpectations(&service_observer_); | |
| 184 | |
| 185 ASSERT_TRUE(broker->core()->store()); | 268 ASSERT_TRUE(broker->core()->store()); |
| 186 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, | 269 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, |
| 187 broker->core()->store()->status()); | 270 broker->core()->store()->status()); |
| 188 EXPECT_TRUE(broker->core()->store()->policy_map().empty()); | 271 EXPECT_TRUE(broker->core()->store()->policy_map().empty()); |
| 189 EXPECT_FALSE(service_.IsPolicyAvailableForUser(public_session_user_id_)); | 272 EXPECT_FALSE(service_->IsPolicyAvailableForUser(account_1_user_id_)); |
| 190 } | 273 } |
| 191 | 274 |
| 192 TEST_F(DeviceLocalAccountPolicyServiceTest, LoadPolicy) { | 275 TEST_F(DeviceLocalAccountPolicyServiceTest, LoadPolicy) { |
| 193 device_settings_test_helper_.set_device_local_account_policy_blob( | 276 InstallDeviceLocalAccountPolicy(kAccount1); |
| 194 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | 277 AddDeviceLocalAccountToPolicy(kAccount1); |
| 195 InstallDevicePolicy(); | 278 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 196 | 279 InstallDevicePolicy(); |
| 197 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); | 280 |
| 198 DeviceLocalAccountPolicyBroker* broker = | 281 DeviceLocalAccountPolicyBroker* broker = |
| 199 service_.GetBrokerForUser(public_session_user_id_); | 282 service_->GetBrokerForUser(account_1_user_id_); |
| 200 ASSERT_TRUE(broker); | 283 ASSERT_TRUE(broker); |
| 201 FlushDeviceSettings(); | 284 EXPECT_EQ(account_1_user_id_, broker->user_id()); |
| 202 Mock::VerifyAndClearExpectations(&service_observer_); | 285 ASSERT_TRUE(broker->core()->store()); |
| 203 | 286 EXPECT_EQ(CloudPolicyStore::STATUS_OK, broker->core()->store()->status()); |
| 204 ASSERT_TRUE(broker->core()->store()); | |
| 205 EXPECT_EQ(CloudPolicyStore::STATUS_OK, | |
| 206 broker->core()->store()->status()); | |
| 207 ASSERT_TRUE(broker->core()->store()->policy()); | 287 ASSERT_TRUE(broker->core()->store()->policy()); |
| 208 EXPECT_EQ(device_local_account_policy_.policy_data().SerializeAsString(), | 288 EXPECT_EQ(device_local_account_policy_.policy_data().SerializeAsString(), |
| 209 broker->core()->store()->policy()->SerializeAsString()); | 289 broker->core()->store()->policy()->SerializeAsString()); |
| 210 EXPECT_TRUE(expected_policy_map_.Equals( | 290 EXPECT_TRUE(expected_policy_map_.Equals( |
| 211 broker->core()->store()->policy_map())); | 291 broker->core()->store()->policy_map())); |
| 212 EXPECT_TRUE(service_.IsPolicyAvailableForUser(public_session_user_id_)); | 292 EXPECT_TRUE(service_->IsPolicyAvailableForUser(account_1_user_id_)); |
| 213 } | 293 } |
| 214 | 294 |
| 215 TEST_F(DeviceLocalAccountPolicyServiceTest, StoreValidationFailure) { | 295 TEST_F(DeviceLocalAccountPolicyServiceTest, StoreValidationFailure) { |
| 296 AddDeviceLocalAccountToPolicy(kAccount1); |
| 297 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 298 InstallDevicePolicy(); |
| 299 Mock::VerifyAndClearExpectations(&service_observer_); |
| 300 |
| 301 DeviceLocalAccountPolicyBroker* broker = |
| 302 service_->GetBrokerForUser(account_1_user_id_); |
| 303 ASSERT_TRUE(broker); |
| 304 EXPECT_EQ(account_1_user_id_, broker->user_id()); |
| 305 ASSERT_TRUE(broker->core()->store()); |
| 306 |
| 216 device_local_account_policy_.policy_data().set_policy_type( | 307 device_local_account_policy_.policy_data().set_policy_type( |
| 217 dm_protocol::kChromeUserPolicyType); | 308 dm_protocol::kChromeUserPolicyType); |
| 218 device_local_account_policy_.Build(); | 309 device_local_account_policy_.Build(); |
| 219 InstallDevicePolicy(); | |
| 220 | |
| 221 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); | |
| 222 DeviceLocalAccountPolicyBroker* broker = | |
| 223 service_.GetBrokerForUser(public_session_user_id_); | |
| 224 ASSERT_TRUE(broker); | |
| 225 ASSERT_TRUE(broker->core()->store()); | |
| 226 broker->core()->store()->Store(device_local_account_policy_.policy()); | 310 broker->core()->store()->Store(device_local_account_policy_.policy()); |
| 311 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 227 FlushDeviceSettings(); | 312 FlushDeviceSettings(); |
| 228 Mock::VerifyAndClearExpectations(&service_observer_); | 313 |
| 229 | |
| 230 ASSERT_TRUE(broker->core()->store()); | |
| 231 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, | 314 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, |
| 232 broker->core()->store()->status()); | 315 broker->core()->store()->status()); |
| 233 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_WRONG_POLICY_TYPE, | 316 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_WRONG_POLICY_TYPE, |
| 234 broker->core()->store()->validation_status()); | 317 broker->core()->store()->validation_status()); |
| 235 EXPECT_FALSE(service_.IsPolicyAvailableForUser(public_session_user_id_)); | 318 EXPECT_FALSE(service_->IsPolicyAvailableForUser(account_1_user_id_)); |
| 236 } | 319 } |
| 237 | 320 |
| 238 TEST_F(DeviceLocalAccountPolicyServiceTest, StorePolicy) { | 321 TEST_F(DeviceLocalAccountPolicyServiceTest, StorePolicy) { |
| 239 InstallDevicePolicy(); | 322 AddDeviceLocalAccountToPolicy(kAccount1); |
| 240 | 323 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 241 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); | 324 InstallDevicePolicy(); |
| 242 DeviceLocalAccountPolicyBroker* broker = | 325 Mock::VerifyAndClearExpectations(&service_observer_); |
| 243 service_.GetBrokerForUser(public_session_user_id_); | 326 |
| 244 ASSERT_TRUE(broker); | 327 DeviceLocalAccountPolicyBroker* broker = |
| 245 ASSERT_TRUE(broker->core()->store()); | 328 service_->GetBrokerForUser(account_1_user_id_); |
| 329 ASSERT_TRUE(broker); |
| 330 EXPECT_EQ(account_1_user_id_, broker->user_id()); |
| 331 ASSERT_TRUE(broker->core()->store()); |
| 332 |
| 333 device_local_account_policy_.policy_data().set_settings_entity_id(kAccount1); |
| 334 device_local_account_policy_.policy_data().set_username(kAccount1); |
| 335 device_local_account_policy_.Build(); |
| 246 broker->core()->store()->Store(device_local_account_policy_.policy()); | 336 broker->core()->store()->Store(device_local_account_policy_.policy()); |
| 337 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 247 FlushDeviceSettings(); | 338 FlushDeviceSettings(); |
| 339 |
| 340 EXPECT_EQ(CloudPolicyStore::STATUS_OK, broker->core()->store()->status()); |
| 341 ASSERT_TRUE(broker->core()->store()->policy()); |
| 342 EXPECT_EQ(device_local_account_policy_.policy_data().SerializeAsString(), |
| 343 broker->core()->store()->policy()->SerializeAsString()); |
| 344 EXPECT_TRUE(expected_policy_map_.Equals( |
| 345 broker->core()->store()->policy_map())); |
| 346 EXPECT_TRUE(service_->IsPolicyAvailableForUser(account_1_user_id_)); |
| 347 } |
| 348 |
| 349 TEST_F(DeviceLocalAccountPolicyServiceTest, DevicePolicyChange) { |
| 350 InstallDeviceLocalAccountPolicy(kAccount1); |
| 351 AddDeviceLocalAccountToPolicy(kAccount1); |
| 352 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 353 InstallDevicePolicy(); |
| 354 |
| 355 device_policy_.payload().mutable_device_local_accounts()->clear_account(); |
| 356 InstallDevicePolicy(); |
| 357 |
| 358 EXPECT_FALSE(service_->GetBrokerForUser(account_1_user_id_)); |
| 359 } |
| 360 |
| 361 TEST_F(DeviceLocalAccountPolicyServiceTest, DuplicateAccounts) { |
| 362 InstallDeviceLocalAccountPolicy(kAccount1); |
| 363 AddDeviceLocalAccountToPolicy(kAccount1); |
| 364 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 365 InstallDevicePolicy(); |
| 248 Mock::VerifyAndClearExpectations(&service_observer_); | 366 Mock::VerifyAndClearExpectations(&service_observer_); |
| 249 | 367 |
| 250 EXPECT_EQ(device_local_account_policy_.GetBlob(), | |
| 251 device_settings_test_helper_.device_local_account_policy_blob( | |
| 252 PolicyBuilder::kFakeUsername)); | |
| 253 EXPECT_TRUE(service_.IsPolicyAvailableForUser(public_session_user_id_)); | |
| 254 } | |
| 255 | |
| 256 TEST_F(DeviceLocalAccountPolicyServiceTest, DevicePolicyChange) { | |
| 257 device_settings_test_helper_.set_device_local_account_policy_blob( | |
| 258 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | |
| 259 InstallDevicePolicy(); | |
| 260 | |
| 261 EXPECT_CALL(service_observer_, OnDeviceLocalAccountsChanged()); | |
| 262 device_policy_.payload().mutable_device_local_accounts()->clear_account(); | |
| 263 device_policy_.Build(); | |
| 264 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); | |
| 265 device_settings_service_.PropertyChangeComplete(true); | |
| 266 FlushDeviceSettings(); | |
| 267 EXPECT_FALSE(service_.GetBrokerForUser(public_session_user_id_)); | |
| 268 Mock::VerifyAndClearExpectations(&service_observer_); | |
| 269 } | |
| 270 | |
| 271 TEST_F(DeviceLocalAccountPolicyServiceTest, DuplicateAccounts) { | |
| 272 InstallDevicePolicy(); | |
| 273 DeviceLocalAccountPolicyBroker* broker = | |
| 274 service_.GetBrokerForUser(public_session_user_id_); | |
| 275 ASSERT_TRUE(broker); | |
| 276 | |
| 277 // Add a second entry with a duplicate account name to device policy. | 368 // Add a second entry with a duplicate account name to device policy. |
| 278 em::DeviceLocalAccountInfoProto* account = | 369 AddDeviceLocalAccountToPolicy(kAccount1); |
| 279 device_policy_.payload().mutable_device_local_accounts()->add_account(); | 370 InstallDevicePolicy(); |
| 280 account->set_account_id(PolicyBuilder::kFakeUsername); | |
| 281 account->set_type( | |
| 282 em::DeviceLocalAccountInfoProto::ACCOUNT_TYPE_PUBLIC_SESSION); | |
| 283 device_policy_.Build(); | |
| 284 device_settings_test_helper_.set_device_local_account_policy_blob( | |
| 285 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | |
| 286 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); | |
| 287 | |
| 288 EXPECT_CALL(service_observer_, OnDeviceLocalAccountsChanged()); | |
| 289 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); | |
| 290 device_settings_service_.PropertyChangeComplete(true); | |
| 291 FlushDeviceSettings(); | |
| 292 Mock::VerifyAndClearExpectations(&service_observer_); | |
| 293 | 371 |
| 294 // Make sure the broker is accessible and policy got loaded. | 372 // Make sure the broker is accessible and policy got loaded. |
| 295 broker = service_.GetBrokerForUser(public_session_user_id_); | 373 DeviceLocalAccountPolicyBroker* broker = |
| 296 ASSERT_TRUE(broker); | 374 service_->GetBrokerForUser(account_1_user_id_); |
| 297 EXPECT_EQ(public_session_user_id_, broker->user_id()); | 375 ASSERT_TRUE(broker); |
| 298 EXPECT_TRUE(broker->core()->store()->policy()); | 376 EXPECT_EQ(account_1_user_id_, broker->user_id()); |
| 377 ASSERT_TRUE(broker->core()->store()); |
| 378 EXPECT_EQ(CloudPolicyStore::STATUS_OK, broker->core()->store()->status()); |
| 379 ASSERT_TRUE(broker->core()->store()->policy()); |
| 380 EXPECT_EQ(device_local_account_policy_.policy_data().SerializeAsString(), |
| 381 broker->core()->store()->policy()->SerializeAsString()); |
| 382 EXPECT_TRUE(expected_policy_map_.Equals( |
| 383 broker->core()->store()->policy_map())); |
| 384 EXPECT_TRUE(service_->IsPolicyAvailableForUser(account_1_user_id_)); |
| 299 } | 385 } |
| 300 | 386 |
| 301 TEST_F(DeviceLocalAccountPolicyServiceTest, FetchPolicy) { | 387 TEST_F(DeviceLocalAccountPolicyServiceTest, FetchPolicy) { |
| 302 device_settings_test_helper_.set_device_local_account_policy_blob( | 388 InstallDeviceLocalAccountPolicy(kAccount1); |
| 303 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | 389 AddDeviceLocalAccountToPolicy(kAccount1); |
| 304 InstallDevicePolicy(); | 390 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 305 | 391 InstallDevicePolicy(); |
| 306 DeviceLocalAccountPolicyBroker* broker = | 392 |
| 307 service_.GetBrokerForUser(public_session_user_id_); | 393 DeviceLocalAccountPolicyBroker* broker = |
| 308 ASSERT_TRUE(broker); | 394 service_->GetBrokerForUser(account_1_user_id_); |
| 309 | 395 ASSERT_TRUE(broker); |
| 310 service_.Connect(&mock_device_management_service_); | 396 |
| 397 service_->Connect(&mock_device_management_service_); |
| 311 EXPECT_TRUE(broker->core()->client()); | 398 EXPECT_TRUE(broker->core()->client()); |
| 312 | 399 |
| 313 em::DeviceManagementRequest request; | 400 em::DeviceManagementRequest request; |
| 314 em::DeviceManagementResponse response; | 401 em::DeviceManagementResponse response; |
| 315 response.mutable_policy_response()->add_response()->CopyFrom( | 402 response.mutable_policy_response()->add_response()->CopyFrom( |
| 316 device_local_account_policy_.policy()); | 403 device_local_account_policy_.policy()); |
| 317 EXPECT_CALL(mock_device_management_service_, | 404 EXPECT_CALL(mock_device_management_service_, |
| 318 CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH)) | 405 CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH)) |
| 319 .WillOnce(mock_device_management_service_.SucceedJob(response)); | 406 .WillOnce(mock_device_management_service_.SucceedJob(response)); |
| 320 EXPECT_CALL(mock_device_management_service_, | 407 EXPECT_CALL(mock_device_management_service_, |
| 321 StartJob(dm_protocol::kValueRequestPolicy, | 408 StartJob(dm_protocol::kValueRequestPolicy, |
| 322 std::string(), std::string(), | 409 std::string(), std::string(), |
| 323 device_policy_.policy_data().request_token(), | 410 device_policy_.policy_data().request_token(), |
| 324 dm_protocol::kValueUserAffiliationManaged, | 411 dm_protocol::kValueUserAffiliationManaged, |
| 325 device_policy_.policy_data().device_id(), | 412 device_policy_.policy_data().device_id(), |
| 326 _)) | 413 _)) |
| 327 .WillOnce(SaveArg<6>(&request)); | 414 .WillOnce(SaveArg<6>(&request)); |
| 328 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); | 415 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 329 broker->core()->client()->FetchPolicy(); | 416 broker->core()->client()->FetchPolicy(); |
| 330 FlushDeviceSettings(); | 417 FlushDeviceSettings(); |
| 331 Mock::VerifyAndClearExpectations(&service_observer_); | 418 Mock::VerifyAndClearExpectations(&service_observer_); |
| 332 Mock::VerifyAndClearExpectations(&mock_device_management_service_); | 419 Mock::VerifyAndClearExpectations(&mock_device_management_service_); |
| 333 EXPECT_TRUE(request.has_policy_request()); | 420 EXPECT_TRUE(request.has_policy_request()); |
| 334 EXPECT_EQ(1, request.policy_request().request_size()); | 421 EXPECT_EQ(1, request.policy_request().request_size()); |
| 335 EXPECT_EQ(dm_protocol::kChromePublicAccountPolicyType, | 422 EXPECT_EQ(dm_protocol::kChromePublicAccountPolicyType, |
| 336 request.policy_request().request(0).policy_type()); | 423 request.policy_request().request(0).policy_type()); |
| 337 EXPECT_FALSE(request.policy_request().request(0).has_machine_id()); | 424 EXPECT_FALSE(request.policy_request().request(0).has_machine_id()); |
| 338 EXPECT_EQ(PolicyBuilder::kFakeUsername, | 425 EXPECT_EQ(kAccount1, |
| 339 request.policy_request().request(0).settings_entity_id()); | 426 request.policy_request().request(0).settings_entity_id()); |
| 340 | 427 |
| 341 ASSERT_TRUE(broker->core()->store()); | 428 ASSERT_TRUE(broker->core()->store()); |
| 342 EXPECT_EQ(CloudPolicyStore::STATUS_OK, | 429 EXPECT_EQ(CloudPolicyStore::STATUS_OK, |
| 343 broker->core()->store()->status()); | 430 broker->core()->store()->status()); |
| 344 ASSERT_TRUE(broker->core()->store()->policy()); | 431 ASSERT_TRUE(broker->core()->store()->policy()); |
| 345 EXPECT_EQ(device_local_account_policy_.policy_data().SerializeAsString(), | 432 EXPECT_EQ(device_local_account_policy_.policy_data().SerializeAsString(), |
| 346 broker->core()->store()->policy()->SerializeAsString()); | 433 broker->core()->store()->policy()->SerializeAsString()); |
| 347 EXPECT_TRUE(expected_policy_map_.Equals( | 434 EXPECT_TRUE(expected_policy_map_.Equals( |
| 348 broker->core()->store()->policy_map())); | 435 broker->core()->store()->policy_map())); |
| 349 EXPECT_TRUE(service_.IsPolicyAvailableForUser(public_session_user_id_)); | 436 EXPECT_TRUE(service_->IsPolicyAvailableForUser(account_1_user_id_)); |
| 350 | 437 |
| 351 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)) | 438 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)) |
| 352 .Times(0); | 439 .Times(0); |
| 353 service_.Disconnect(); | 440 service_->Disconnect(); |
| 354 EXPECT_FALSE(broker->core()->client()); | 441 EXPECT_FALSE(broker->core()->client()); |
| 355 Mock::VerifyAndClearExpectations(&service_observer_); | 442 Mock::VerifyAndClearExpectations(&service_observer_); |
| 356 EXPECT_TRUE(service_.IsPolicyAvailableForUser(public_session_user_id_)); | 443 EXPECT_TRUE(service_->IsPolicyAvailableForUser(account_1_user_id_)); |
| 357 } | 444 } |
| 358 | 445 |
| 359 TEST_F(DeviceLocalAccountPolicyServiceTest, RefreshPolicy) { | 446 TEST_F(DeviceLocalAccountPolicyServiceTest, RefreshPolicy) { |
| 360 device_settings_test_helper_.set_device_local_account_policy_blob( | 447 InstallDeviceLocalAccountPolicy(kAccount1); |
| 361 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | 448 AddDeviceLocalAccountToPolicy(kAccount1); |
| 449 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 362 InstallDevicePolicy(); | 450 InstallDevicePolicy(); |
| 363 | 451 |
| 364 DeviceLocalAccountPolicyBroker* broker = | 452 DeviceLocalAccountPolicyBroker* broker = |
| 365 service_.GetBrokerForUser(public_session_user_id_); | 453 service_->GetBrokerForUser(account_1_user_id_); |
| 366 ASSERT_TRUE(broker); | 454 ASSERT_TRUE(broker); |
| 367 | 455 |
| 368 service_.Connect(&mock_device_management_service_); | 456 service_->Connect(&mock_device_management_service_); |
| 369 ASSERT_TRUE(broker->core()->service()); | 457 ASSERT_TRUE(broker->core()->service()); |
| 370 | 458 |
| 371 em::DeviceManagementResponse response; | 459 em::DeviceManagementResponse response; |
| 372 response.mutable_policy_response()->add_response()->CopyFrom( | 460 response.mutable_policy_response()->add_response()->CopyFrom( |
| 373 device_local_account_policy_.policy()); | 461 device_local_account_policy_.policy()); |
| 374 EXPECT_CALL(mock_device_management_service_, CreateJob(_)) | 462 EXPECT_CALL(mock_device_management_service_, CreateJob(_)) |
| 375 .WillOnce(mock_device_management_service_.SucceedJob(response)); | 463 .WillOnce(mock_device_management_service_.SucceedJob(response)); |
| 376 EXPECT_CALL(mock_device_management_service_, StartJob(_, _, _, _, _, _, _)); | 464 EXPECT_CALL(mock_device_management_service_, StartJob(_, _, _, _, _, _, _)); |
| 377 EXPECT_CALL(*this, OnRefreshDone(true)).Times(1); | 465 EXPECT_CALL(*this, OnRefreshDone(true)).Times(1); |
| 378 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); | 466 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 379 broker->core()->service()->RefreshPolicy( | 467 broker->core()->service()->RefreshPolicy( |
| 380 base::Bind(&DeviceLocalAccountPolicyServiceTest::OnRefreshDone, | 468 base::Bind(&DeviceLocalAccountPolicyServiceTest::OnRefreshDone, |
| 381 base::Unretained(this))); | 469 base::Unretained(this))); |
| 382 FlushDeviceSettings(); | 470 FlushDeviceSettings(); |
| 383 Mock::VerifyAndClearExpectations(&service_observer_); | 471 Mock::VerifyAndClearExpectations(&service_observer_); |
| 384 Mock::VerifyAndClearExpectations(this); | 472 Mock::VerifyAndClearExpectations(this); |
| 385 Mock::VerifyAndClearExpectations(&mock_device_management_service_); | 473 Mock::VerifyAndClearExpectations(&mock_device_management_service_); |
| 386 | 474 |
| 387 ASSERT_TRUE(broker->core()->store()); | 475 ASSERT_TRUE(broker->core()->store()); |
| 388 EXPECT_EQ(CloudPolicyStore::STATUS_OK, | 476 EXPECT_EQ(CloudPolicyStore::STATUS_OK, |
| 389 broker->core()->store()->status()); | 477 broker->core()->store()->status()); |
| 390 EXPECT_TRUE(expected_policy_map_.Equals( | 478 EXPECT_TRUE(expected_policy_map_.Equals( |
| 391 broker->core()->store()->policy_map())); | 479 broker->core()->store()->policy_map())); |
| 392 EXPECT_TRUE(service_.IsPolicyAvailableForUser(public_session_user_id_)); | 480 EXPECT_TRUE(service_->IsPolicyAvailableForUser(account_1_user_id_)); |
| 481 } |
| 482 |
| 483 class DeviceLocalAccountPolicyExtensionCacheTest |
| 484 : public DeviceLocalAccountPolicyServiceTestBase { |
| 485 protected: |
| 486 DeviceLocalAccountPolicyExtensionCacheTest(); |
| 487 |
| 488 virtual void SetUp() OVERRIDE; |
| 489 |
| 490 base::FilePath GetCacheDirectoryForAccountID(const std::string& account_id); |
| 491 |
| 492 base::ScopedTempDir cache_root_dir_; |
| 493 scoped_ptr<base::ScopedPathOverride> cache_root_dir_override_; |
| 494 |
| 495 base::FilePath cache_dir_1_; |
| 496 base::FilePath cache_dir_2_; |
| 497 base::FilePath cache_dir_3_; |
| 498 |
| 499 private: |
| 500 DISALLOW_COPY_AND_ASSIGN(DeviceLocalAccountPolicyExtensionCacheTest); |
| 501 }; |
| 502 |
| 503 DeviceLocalAccountPolicyExtensionCacheTest:: |
| 504 DeviceLocalAccountPolicyExtensionCacheTest() { |
| 505 } |
| 506 |
| 507 void DeviceLocalAccountPolicyExtensionCacheTest::SetUp() { |
| 508 DeviceLocalAccountPolicyServiceTestBase::SetUp(); |
| 509 ASSERT_TRUE(cache_root_dir_.CreateUniqueTempDir()); |
| 510 cache_root_dir_override_.reset(new base::ScopedPathOverride( |
| 511 chromeos::DIR_DEVICE_LOCAL_ACCOUNT_CACHE, |
| 512 cache_root_dir_.path())); |
| 513 |
| 514 cache_dir_1_ = GetCacheDirectoryForAccountID(kAccount1); |
| 515 cache_dir_2_ = GetCacheDirectoryForAccountID(kAccount2); |
| 516 cache_dir_3_ = GetCacheDirectoryForAccountID(kAccount3); |
| 517 |
| 518 em::StringList* forcelist = device_local_account_policy_.payload() |
| 519 .mutable_extensioninstallforcelist()->mutable_value(); |
| 520 forcelist->add_entries(base::StringPrintf("%s;%s", kExtensionID, kUpdateURL)); |
| 521 } |
| 522 |
| 523 base::FilePath DeviceLocalAccountPolicyExtensionCacheTest:: |
| 524 GetCacheDirectoryForAccountID(const std::string& account_id) { |
| 525 return cache_root_dir_.path().Append(base::HexEncode(account_id.c_str(), |
| 526 account_id.size())); |
| 527 } |
| 528 |
| 529 // Verifies that during startup, orphaned cache directories are deleted, |
| 530 // cache directories belonging to an existing account are preserved and missing |
| 531 // cache directories are created. Also verifies that when startup is complete, |
| 532 // the caches for all existing accounts are running. |
| 533 TEST_F(DeviceLocalAccountPolicyExtensionCacheTest, Startup) { |
| 534 base::FilePath test_data_dir; |
| 535 ASSERT_TRUE(PathService::Get(chrome::DIR_TEST_DATA, &test_data_dir)); |
| 536 const base::FilePath source_crx_file = |
| 537 test_data_dir.Append(kExtensionCRXPath); |
| 538 const std::string target_crx_file_name = |
| 539 base::StringPrintf("%s-%s.crx", kExtensionID, kExtensionVersion); |
| 540 |
| 541 // Create and pre-populate a cache directory for account 1. |
| 542 EXPECT_TRUE(file_util::CreateDirectory(cache_dir_1_)); |
| 543 EXPECT_TRUE(CopyFile(source_crx_file, |
| 544 cache_dir_1_.Append(target_crx_file_name))); |
| 545 |
| 546 // Create and pre-populate a cache directory for account 3. |
| 547 EXPECT_TRUE(file_util::CreateDirectory(cache_dir_3_)); |
| 548 EXPECT_TRUE(CopyFile(source_crx_file, |
| 549 cache_dir_3_.Append(target_crx_file_name))); |
| 550 |
| 551 // Add accounts 1 and 2 to device policy. |
| 552 InstallDeviceLocalAccountPolicy(kAccount1); |
| 553 InstallDeviceLocalAccountPolicy(kAccount2); |
| 554 AddDeviceLocalAccountToPolicy(kAccount1); |
| 555 AddDeviceLocalAccountToPolicy(kAccount2); |
| 556 InstallDevicePolicy(); |
| 557 |
| 558 // Create the DeviceLocalAccountPolicyService, allowing it to finish the |
| 559 // deletion of orphaned cache directories. |
| 560 CreatePolicyService(); |
| 561 FlushDeviceSettings(); |
| 562 extension_cache_task_runner_->RunUntilIdle(); |
| 563 |
| 564 // Verify that the cache directory for account 1 and its contents still exist. |
| 565 EXPECT_TRUE(base::DirectoryExists(cache_dir_1_)); |
| 566 EXPECT_TRUE(ContentsEqual(source_crx_file, |
| 567 cache_dir_1_.Append(target_crx_file_name))); |
| 568 |
| 569 // Verify that a cache directory for account 2 was created. |
| 570 EXPECT_TRUE(base::DirectoryExists(cache_dir_2_)); |
| 571 |
| 572 // Verify that the cache directory for account 3 was deleted. |
| 573 EXPECT_FALSE(base::DirectoryExists(cache_dir_3_)); |
| 574 |
| 575 // Verify that the cache for account 1 has been started. |
| 576 DeviceLocalAccountPolicyBroker* broker = |
| 577 service_->GetBrokerForUser(account_1_user_id_); |
| 578 ASSERT_TRUE(broker); |
| 579 EXPECT_TRUE(broker->extension_loader()->IsCacheRunning()); |
| 580 |
| 581 // Verify that the cache for account 2 has been started. |
| 582 broker = service_->GetBrokerForUser(account_2_user_id_); |
| 583 ASSERT_TRUE(broker); |
| 584 EXPECT_TRUE(broker->extension_loader()->IsCacheRunning()); |
| 585 } |
| 586 |
| 587 // Verifies that while the deletion of orphaned cache directories is in |
| 588 // progress, the caches for accounts which existed before the deletion started |
| 589 // are running but caches for newly added accounts are not started. |
| 590 TEST_F(DeviceLocalAccountPolicyExtensionCacheTest, RaceAgainstOrphanDeletion) { |
| 591 // Add account 1 to device policy. |
| 592 InstallDeviceLocalAccountPolicy(kAccount1); |
| 593 AddDeviceLocalAccountToPolicy(kAccount1); |
| 594 InstallDevicePolicy(); |
| 595 |
| 596 // Create the DeviceLocalAccountPolicyService, triggering the deletion of |
| 597 // orphaned cache directories. |
| 598 CreatePolicyService(); |
| 599 FlushDeviceSettings(); |
| 600 |
| 601 // Verify that the cache for account 1 has been started as it is unaffected by |
| 602 // the orphan deletion. |
| 603 DeviceLocalAccountPolicyBroker* broker = |
| 604 service_->GetBrokerForUser(account_1_user_id_); |
| 605 ASSERT_TRUE(broker); |
| 606 EXPECT_TRUE(broker->extension_loader()->IsCacheRunning()); |
| 607 |
| 608 // Add account 2 to device policy. |
| 609 InstallDeviceLocalAccountPolicy(kAccount2); |
| 610 AddDeviceLocalAccountToPolicy(kAccount2); |
| 611 InstallDevicePolicy(); |
| 612 |
| 613 // Verify that the cache for account 2 has not been started yet as the orphan |
| 614 // deletion is still in progress. |
| 615 broker = service_->GetBrokerForUser(account_2_user_id_); |
| 616 ASSERT_TRUE(broker); |
| 617 EXPECT_FALSE(broker->extension_loader()->IsCacheRunning()); |
| 618 |
| 619 // Allow the orphan deletion to finish. |
| 620 extension_cache_task_runner_->RunUntilIdle(); |
| 621 base::RunLoop().RunUntilIdle(); |
| 622 |
| 623 // Verify that the cache for account 2 has been started. |
| 624 EXPECT_TRUE(broker->extension_loader()->IsCacheRunning()); |
| 625 } |
| 626 |
| 627 // Verifies that while the shutdown of a cache is in progress, no new cache is |
| 628 // started if an account with the same ID is re-added. |
| 629 TEST_F(DeviceLocalAccountPolicyExtensionCacheTest, RaceAgainstCacheShutdown) { |
| 630 // Add account 1 to device policy. |
| 631 InstallDeviceLocalAccountPolicy(kAccount1); |
| 632 AddDeviceLocalAccountToPolicy(kAccount1); |
| 633 InstallDevicePolicy(); |
| 634 |
| 635 // Create the DeviceLocalAccountPolicyService, allowing it to finish the |
| 636 // deletion of orphaned cache directories. |
| 637 CreatePolicyService(); |
| 638 FlushDeviceSettings(); |
| 639 extension_cache_task_runner_->RunUntilIdle(); |
| 640 |
| 641 // Remove account 1 from device policy, triggering a shutdown of its cache. |
| 642 device_policy_.payload().mutable_device_local_accounts()->clear_account(); |
| 643 InstallDevicePolicy(); |
| 644 |
| 645 // Re-add account 1 to device policy. |
| 646 AddDeviceLocalAccountToPolicy(kAccount1); |
| 647 InstallDevicePolicy(); |
| 648 |
| 649 // Verify that the cache for account 1 has not been started yet as the |
| 650 // shutdown of a previous cache for this account ID is still in progress. |
| 651 DeviceLocalAccountPolicyBroker* broker = |
| 652 service_->GetBrokerForUser(account_1_user_id_); |
| 653 ASSERT_TRUE(broker); |
| 654 EXPECT_FALSE(broker->extension_loader()->IsCacheRunning()); |
| 655 |
| 656 // Allow the cache shutdown to finish. |
| 657 extension_cache_task_runner_->RunUntilIdle(); |
| 658 base::RunLoop().RunUntilIdle(); |
| 659 |
| 660 // Verify that the cache directory for account 1 still exists. |
| 661 EXPECT_TRUE(base::DirectoryExists(cache_dir_1_)); |
| 662 |
| 663 // Verify that the cache for account 1 has been started, reusing the existing |
| 664 // cache directory. |
| 665 EXPECT_TRUE(broker->extension_loader()->IsCacheRunning()); |
| 666 } |
| 667 |
| 668 // Verifies that while the deletion of an obsolete cache directory is in |
| 669 // progress, no new cache is started if an account with the same ID is re-added. |
| 670 TEST_F(DeviceLocalAccountPolicyExtensionCacheTest, |
| 671 RaceAgainstObsoleteDeletion) { |
| 672 // Add account 1 to device policy. |
| 673 InstallDeviceLocalAccountPolicy(kAccount1); |
| 674 AddDeviceLocalAccountToPolicy(kAccount1); |
| 675 InstallDevicePolicy(); |
| 676 |
| 677 // Create the DeviceLocalAccountPolicyService, allowing it to finish the |
| 678 // deletion of orphaned cache directories. |
| 679 CreatePolicyService(); |
| 680 FlushDeviceSettings(); |
| 681 extension_cache_task_runner_->RunUntilIdle(); |
| 682 |
| 683 // Remove account 1 from device policy, allowing the shutdown of its cache to |
| 684 // finish and the deletion of its now obsolete cache directory to begin. |
| 685 device_policy_.payload().mutable_device_local_accounts()->clear_account(); |
| 686 InstallDevicePolicy(); |
| 687 extension_cache_task_runner_->RunUntilIdle(); |
| 688 base::RunLoop().RunUntilIdle(); |
| 689 |
| 690 // Re-add account 1 to device policy. |
| 691 AddDeviceLocalAccountToPolicy(kAccount1); |
| 692 InstallDevicePolicy(); |
| 693 |
| 694 // Verify that the cache for account 1 has not been started yet as the |
| 695 // deletion of the cache directory for this account ID is still in progress. |
| 696 DeviceLocalAccountPolicyBroker* broker = |
| 697 service_->GetBrokerForUser(account_1_user_id_); |
| 698 ASSERT_TRUE(broker); |
| 699 EXPECT_FALSE(broker->extension_loader()->IsCacheRunning()); |
| 700 |
| 701 // Allow the deletion to finish. |
| 702 extension_cache_task_runner_->RunUntilIdle(); |
| 703 base::RunLoop().RunUntilIdle(); |
| 704 |
| 705 // Verify that the cache directory for account 1 was deleted. |
| 706 EXPECT_FALSE(base::DirectoryExists(cache_dir_1_)); |
| 707 |
| 708 // Verify that the cache for account 1 has been started. |
| 709 EXPECT_TRUE(broker->extension_loader()->IsCacheRunning()); |
| 710 } |
| 711 |
| 712 // Verifies that when an account is added and no deletion of cache directories |
| 713 // affecting this account is in progress, its cache is started immediately. |
| 714 TEST_F(DeviceLocalAccountPolicyExtensionCacheTest, AddAccount) { |
| 715 // Create the DeviceLocalAccountPolicyService, allowing it to finish the |
| 716 // deletion of orphaned cache directories. |
| 717 InstallDevicePolicy(); |
| 718 CreatePolicyService(); |
| 719 FlushDeviceSettings(); |
| 720 extension_cache_task_runner_->RunUntilIdle(); |
| 721 |
| 722 // Add account 1 to device policy. |
| 723 InstallDeviceLocalAccountPolicy(kAccount1); |
| 724 AddDeviceLocalAccountToPolicy(kAccount1); |
| 725 InstallDevicePolicy(); |
| 726 |
| 727 // Verify that the cache for account 1 has been started. |
| 728 DeviceLocalAccountPolicyBroker* broker = |
| 729 service_->GetBrokerForUser(account_1_user_id_); |
| 730 ASSERT_TRUE(broker); |
| 731 EXPECT_TRUE(broker->extension_loader()->IsCacheRunning()); |
| 732 } |
| 733 |
| 734 // Verifies that when an account is removed, its cache directory is deleted. |
| 735 TEST_F(DeviceLocalAccountPolicyExtensionCacheTest, RemoveAccount) { |
| 736 // Add account 1 to device policy. |
| 737 InstallDeviceLocalAccountPolicy(kAccount1); |
| 738 AddDeviceLocalAccountToPolicy(kAccount1); |
| 739 InstallDevicePolicy(); |
| 740 |
| 741 // Create the DeviceLocalAccountPolicyService, allowing it to finish the |
| 742 // deletion of orphaned cache directories. |
| 743 CreatePolicyService(); |
| 744 FlushDeviceSettings(); |
| 745 extension_cache_task_runner_->RunUntilIdle(); |
| 746 |
| 747 // Verify that a cache directory has been created for account 1. |
| 748 EXPECT_TRUE(base::DirectoryExists(cache_dir_1_)); |
| 749 |
| 750 // Remove account 1 from device policy, allowing the deletion of its now |
| 751 // obsolete cache directory to finish. |
| 752 device_policy_.payload().mutable_device_local_accounts()->clear_account(); |
| 753 InstallDevicePolicy(); |
| 754 extension_cache_task_runner_->RunUntilIdle(); |
| 755 base::RunLoop().RunUntilIdle(); |
| 756 extension_cache_task_runner_->RunUntilIdle(); |
| 757 |
| 758 // Verify that the cache directory for account 1 was deleted. |
| 759 EXPECT_FALSE(base::DirectoryExists(cache_dir_1_)); |
| 393 } | 760 } |
| 394 | 761 |
| 395 class DeviceLocalAccountPolicyProviderTest | 762 class DeviceLocalAccountPolicyProviderTest |
| 396 : public DeviceLocalAccountPolicyServiceTest { | 763 : public DeviceLocalAccountPolicyServiceTestBase { |
| 397 protected: | 764 protected: |
| 398 DeviceLocalAccountPolicyProviderTest() | 765 DeviceLocalAccountPolicyProviderTest(); |
| 399 : provider_( | 766 |
| 400 GenerateDeviceLocalAccountUserId( | 767 virtual void SetUp() OVERRIDE; |
| 401 PolicyBuilder::kFakeUsername, | 768 virtual void TearDown() OVERRIDE; |
| 402 DeviceLocalAccount::TYPE_PUBLIC_SESSION), | 769 |
| 403 &service_) {} | 770 scoped_ptr<DeviceLocalAccountPolicyProvider> provider_; |
| 404 | |
| 405 virtual void SetUp() OVERRIDE { | |
| 406 DeviceLocalAccountPolicyServiceTest::SetUp(); | |
| 407 provider_.Init(); | |
| 408 provider_.AddObserver(&provider_observer_); | |
| 409 | |
| 410 EXPECT_CALL(service_observer_, OnPolicyUpdated(_)).Times(AnyNumber()); | |
| 411 EXPECT_CALL(service_observer_, OnDeviceLocalAccountsChanged()) | |
| 412 .Times(AnyNumber()); | |
| 413 } | |
| 414 | |
| 415 virtual void TearDown() OVERRIDE { | |
| 416 provider_.RemoveObserver(&provider_observer_); | |
| 417 provider_.Shutdown(); | |
| 418 DeviceLocalAccountPolicyServiceTest::TearDown(); | |
| 419 } | |
| 420 | |
| 421 DeviceLocalAccountPolicyProvider provider_; | |
| 422 MockConfigurationPolicyObserver provider_observer_; | 771 MockConfigurationPolicyObserver provider_observer_; |
| 423 | 772 |
| 424 private: | 773 private: |
| 425 DISALLOW_COPY_AND_ASSIGN(DeviceLocalAccountPolicyProviderTest); | 774 DISALLOW_COPY_AND_ASSIGN(DeviceLocalAccountPolicyProviderTest); |
| 426 }; | 775 }; |
| 427 | 776 |
| 777 DeviceLocalAccountPolicyProviderTest::DeviceLocalAccountPolicyProviderTest() { |
| 778 CreatePolicyService(); |
| 779 provider_.reset(new DeviceLocalAccountPolicyProvider( |
| 780 GenerateDeviceLocalAccountUserId(kAccount1, |
| 781 DeviceLocalAccount::TYPE_PUBLIC_SESSION), |
| 782 service_.get())); |
| 783 } |
| 784 |
| 785 void DeviceLocalAccountPolicyProviderTest::SetUp() { |
| 786 DeviceLocalAccountPolicyServiceTestBase::SetUp(); |
| 787 provider_->Init(); |
| 788 provider_->AddObserver(&provider_observer_); |
| 789 } |
| 790 |
| 791 void DeviceLocalAccountPolicyProviderTest::TearDown() { |
| 792 provider_->RemoveObserver(&provider_observer_); |
| 793 provider_->Shutdown(); |
| 794 DeviceLocalAccountPolicyServiceTestBase::TearDown(); |
| 795 } |
| 796 |
| 428 TEST_F(DeviceLocalAccountPolicyProviderTest, Initialization) { | 797 TEST_F(DeviceLocalAccountPolicyProviderTest, Initialization) { |
| 429 EXPECT_FALSE(provider_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); | 798 EXPECT_FALSE(provider_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); |
| 430 | 799 |
| 431 // Policy change should complete initialization. | 800 // Policy change should complete initialization. |
| 432 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); | 801 InstallDeviceLocalAccountPolicy(kAccount1); |
| 433 device_settings_test_helper_.set_device_local_account_policy_blob( | 802 AddDeviceLocalAccountToPolicy(kAccount1); |
| 434 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | 803 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 435 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); | 804 .Times(AtLeast(1)); |
| 436 ReloadDeviceSettings(); | 805 InstallDevicePolicy(); |
| 437 Mock::VerifyAndClearExpectations(&provider_observer_); | 806 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 438 | 807 |
| 439 EXPECT_TRUE(provider_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); | 808 EXPECT_TRUE(provider_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); |
| 440 | 809 |
| 441 // The account disappearing should *not* flip the initialization flag back. | 810 // The account disappearing should *not* flip the initialization flag back. |
| 442 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)) | 811 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 443 .Times(AnyNumber()); | 812 .Times(AnyNumber()); |
| 444 device_policy_.payload().mutable_device_local_accounts()->clear_account(); | 813 device_policy_.payload().mutable_device_local_accounts()->clear_account(); |
| 445 device_policy_.Build(); | 814 InstallDevicePolicy(); |
| 446 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); | |
| 447 ReloadDeviceSettings(); | |
| 448 Mock::VerifyAndClearExpectations(&provider_observer_); | 815 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 449 | 816 |
| 450 EXPECT_TRUE(provider_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); | 817 EXPECT_TRUE(provider_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); |
| 451 } | 818 } |
| 452 | 819 |
| 453 TEST_F(DeviceLocalAccountPolicyProviderTest, Policy) { | 820 TEST_F(DeviceLocalAccountPolicyProviderTest, Policy) { |
| 454 // Policy should load successfully. | 821 // Policy should load successfully. |
| 455 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); | 822 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 456 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); | 823 .Times(AtLeast(1)); |
| 457 device_settings_test_helper_.set_device_local_account_policy_blob( | 824 InstallDeviceLocalAccountPolicy(kAccount1); |
| 458 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | 825 AddDeviceLocalAccountToPolicy(kAccount1); |
| 459 ReloadDeviceSettings(); | 826 InstallDevicePolicy(); |
| 460 Mock::VerifyAndClearExpectations(&provider_observer_); | 827 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 461 | 828 |
| 462 PolicyBundle expected_policy_bundle; | 829 PolicyBundle expected_policy_bundle; |
| 463 expected_policy_bundle.Get(PolicyNamespace( | 830 expected_policy_bundle.Get(PolicyNamespace( |
| 464 POLICY_DOMAIN_CHROME, std::string())).CopyFrom(expected_policy_map_); | 831 POLICY_DOMAIN_CHROME, std::string())).CopyFrom(expected_policy_map_); |
| 465 EXPECT_TRUE(expected_policy_bundle.Equals(provider_.policies())); | 832 EXPECT_TRUE(expected_policy_bundle.Equals(provider_->policies())); |
| 466 | 833 |
| 467 // Policy change should be reported. | 834 // Policy change should be reported. |
| 468 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); | 835 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 836 .Times(AtLeast(1)); |
| 469 device_local_account_policy_.payload().mutable_disablespdy()->set_value( | 837 device_local_account_policy_.payload().mutable_disablespdy()->set_value( |
| 470 false); | 838 false); |
| 471 device_local_account_policy_.Build(); | 839 InstallDeviceLocalAccountPolicy(kAccount1); |
| 472 device_settings_test_helper_.set_device_local_account_policy_blob( | 840 DeviceLocalAccountPolicyBroker* broker = |
| 473 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | 841 service_->GetBrokerForUser(account_1_user_id_); |
| 474 DeviceLocalAccountPolicyBroker* broker = | |
| 475 service_.GetBrokerForUser(public_session_user_id_); | |
| 476 ASSERT_TRUE(broker); | 842 ASSERT_TRUE(broker); |
| 477 broker->core()->store()->Load(); | 843 broker->core()->store()->Load(); |
| 478 FlushDeviceSettings(); | 844 FlushDeviceSettings(); |
| 479 Mock::VerifyAndClearExpectations(&provider_observer_); | 845 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 480 | 846 |
| 481 expected_policy_bundle.Get( | 847 expected_policy_bundle.Get( |
| 482 PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())) | 848 PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())) |
| 483 .Set(key::kDisableSpdy, | 849 .Set(key::kDisableSpdy, |
| 484 POLICY_LEVEL_MANDATORY, | 850 POLICY_LEVEL_MANDATORY, |
| 485 POLICY_SCOPE_USER, | 851 POLICY_SCOPE_USER, |
| 486 Value::CreateBooleanValue(false), | 852 Value::CreateBooleanValue(false), |
| 487 NULL); | 853 NULL); |
| 488 EXPECT_TRUE(expected_policy_bundle.Equals(provider_.policies())); | 854 EXPECT_TRUE(expected_policy_bundle.Equals(provider_->policies())); |
| 489 | 855 |
| 490 // Any values set for the |ShelfAutoHideBehavior|, |ShowLogoutButtonInTray| | 856 // Any values set for the |ShelfAutoHideBehavior|, |ShowLogoutButtonInTray| |
| 491 // and |ExtensionAllowedTypes| policies should be overridden. | 857 // and |ExtensionAllowedTypes| policies should be overridden. |
| 492 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); | 858 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 859 .Times(AtLeast(1)); |
| 493 device_local_account_policy_.payload().mutable_shelfautohidebehavior()-> | 860 device_local_account_policy_.payload().mutable_shelfautohidebehavior()-> |
| 494 set_value("Always"); | 861 set_value("Always"); |
| 495 device_local_account_policy_.payload().mutable_showlogoutbuttonintray()-> | 862 device_local_account_policy_.payload().mutable_showlogoutbuttonintray()-> |
| 496 set_value(false); | 863 set_value(false); |
| 497 device_local_account_policy_.Build(); | 864 InstallDeviceLocalAccountPolicy(kAccount1); |
| 498 device_settings_test_helper_.set_device_local_account_policy_blob( | |
| 499 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | |
| 500 broker->core()->store()->Load(); | 865 broker->core()->store()->Load(); |
| 501 FlushDeviceSettings(); | 866 FlushDeviceSettings(); |
| 502 Mock::VerifyAndClearExpectations(&provider_observer_); | 867 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 503 EXPECT_TRUE(expected_policy_bundle.Equals(provider_.policies())); | 868 EXPECT_TRUE(expected_policy_bundle.Equals(provider_->policies())); |
| 504 | 869 |
| 505 // Account disappears, policy should stay in effect. | 870 // Account disappears, policy should stay in effect. |
| 506 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)) | 871 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 507 .Times(AnyNumber()); | 872 .Times(AnyNumber()); |
| 508 device_policy_.payload().mutable_device_local_accounts()->clear_account(); | 873 device_policy_.payload().mutable_device_local_accounts()->clear_account(); |
| 509 device_policy_.Build(); | 874 InstallDevicePolicy(); |
| 510 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); | |
| 511 ReloadDeviceSettings(); | |
| 512 Mock::VerifyAndClearExpectations(&provider_observer_); | 875 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 513 | 876 |
| 514 EXPECT_TRUE(expected_policy_bundle.Equals(provider_.policies())); | 877 EXPECT_TRUE(expected_policy_bundle.Equals(provider_->policies())); |
| 515 } | 878 } |
| 516 | 879 |
| 517 TEST_F(DeviceLocalAccountPolicyProviderTest, RefreshPolicies) { | 880 TEST_F(DeviceLocalAccountPolicyProviderTest, RefreshPolicies) { |
| 518 // If there's no device policy, the refresh completes immediately. | 881 // If there's no device policy, the refresh completes immediately. |
| 519 EXPECT_FALSE(service_.GetBrokerForUser(public_session_user_id_)); | 882 EXPECT_FALSE(service_->GetBrokerForUser(account_1_user_id_)); |
| 520 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); | 883 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 521 provider_.RefreshPolicies(); | 884 .Times(AtLeast(1)); |
| 885 provider_->RefreshPolicies(); |
| 522 Mock::VerifyAndClearExpectations(&provider_observer_); | 886 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 523 | 887 |
| 524 // Make device settings appear. | 888 // Make device settings appear. |
| 525 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)) | 889 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 526 .Times(AnyNumber()); | 890 .Times(AnyNumber()); |
| 527 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); | 891 AddDeviceLocalAccountToPolicy(kAccount1); |
| 528 ReloadDeviceSettings(); | 892 InstallDevicePolicy(); |
| 529 Mock::VerifyAndClearExpectations(&provider_observer_); | 893 EXPECT_TRUE(service_->GetBrokerForUser(account_1_user_id_)); |
| 530 EXPECT_TRUE(service_.GetBrokerForUser(public_session_user_id_)); | |
| 531 | 894 |
| 532 // If there's no cloud connection, refreshes are still immediate. | 895 // If there's no cloud connection, refreshes are still immediate. |
| 533 DeviceLocalAccountPolicyBroker* broker = | 896 DeviceLocalAccountPolicyBroker* broker = |
| 534 service_.GetBrokerForUser(public_session_user_id_); | 897 service_->GetBrokerForUser(account_1_user_id_); |
| 535 ASSERT_TRUE(broker); | 898 ASSERT_TRUE(broker); |
| 536 EXPECT_FALSE(broker->core()->client()); | 899 EXPECT_FALSE(broker->core()->client()); |
| 537 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); | 900 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 538 provider_.RefreshPolicies(); | 901 .Times(AtLeast(1)); |
| 902 provider_->RefreshPolicies(); |
| 539 Mock::VerifyAndClearExpectations(&provider_observer_); | 903 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 540 | 904 |
| 541 // Bring up the cloud connection. The refresh scheduler may fire refreshes at | 905 // Bring up the cloud connection. The refresh scheduler may fire refreshes at |
| 542 // this point which are not relevant for the test. | 906 // this point which are not relevant for the test. |
| 543 EXPECT_CALL(mock_device_management_service_, CreateJob(_)) | 907 EXPECT_CALL(mock_device_management_service_, CreateJob(_)) |
| 544 .WillRepeatedly( | 908 .WillRepeatedly( |
| 545 mock_device_management_service_.FailJob(DM_STATUS_REQUEST_FAILED)); | 909 mock_device_management_service_.FailJob(DM_STATUS_REQUEST_FAILED)); |
| 546 EXPECT_CALL(mock_device_management_service_, StartJob(_, _, _, _, _, _, _)) | 910 EXPECT_CALL(mock_device_management_service_, StartJob(_, _, _, _, _, _, _)) |
| 547 .Times(AnyNumber()); | 911 .Times(AnyNumber()); |
| 548 service_.Connect(&mock_device_management_service_); | 912 service_->Connect(&mock_device_management_service_); |
| 549 FlushDeviceSettings(); | 913 FlushDeviceSettings(); |
| 550 Mock::VerifyAndClearExpectations(&mock_device_management_service_); | 914 Mock::VerifyAndClearExpectations(&mock_device_management_service_); |
| 551 | 915 |
| 552 // No callbacks until the refresh completes. | 916 // No callbacks until the refresh completes. |
| 553 EXPECT_CALL(provider_observer_, OnUpdatePolicy(_)).Times(0); | 917 EXPECT_CALL(provider_observer_, OnUpdatePolicy(_)).Times(0); |
| 554 MockDeviceManagementJob* request_job; | 918 MockDeviceManagementJob* request_job; |
| 555 EXPECT_CALL(mock_device_management_service_, CreateJob(_)) | 919 EXPECT_CALL(mock_device_management_service_, CreateJob(_)) |
| 556 .WillOnce(mock_device_management_service_.CreateAsyncJob(&request_job)); | 920 .WillOnce(mock_device_management_service_.CreateAsyncJob(&request_job)); |
| 557 EXPECT_CALL(mock_device_management_service_, StartJob(_, _, _, _, _, _, _)); | 921 EXPECT_CALL(mock_device_management_service_, StartJob(_, _, _, _, _, _, _)); |
| 558 provider_.RefreshPolicies(); | 922 provider_->RefreshPolicies(); |
| 559 ReloadDeviceSettings(); | 923 ReloadDeviceSettings(); |
| 560 Mock::VerifyAndClearExpectations(&provider_observer_); | 924 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 561 Mock::VerifyAndClearExpectations(&mock_device_management_service_); | 925 Mock::VerifyAndClearExpectations(&mock_device_management_service_); |
| 562 EXPECT_TRUE(provider_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); | 926 EXPECT_TRUE(provider_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); |
| 563 | 927 |
| 564 // When the response comes in, it should propagate and fire the notification. | 928 // When the response comes in, it should propagate and fire the notification. |
| 565 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); | 929 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 930 .Times(AtLeast(1)); |
| 566 ASSERT_TRUE(request_job); | 931 ASSERT_TRUE(request_job); |
| 567 em::DeviceManagementResponse response; | 932 em::DeviceManagementResponse response; |
| 933 device_local_account_policy_.Build(); |
| 568 response.mutable_policy_response()->add_response()->CopyFrom( | 934 response.mutable_policy_response()->add_response()->CopyFrom( |
| 569 device_local_account_policy_.policy()); | 935 device_local_account_policy_.policy()); |
| 570 request_job->SendResponse(DM_STATUS_SUCCESS, response); | 936 request_job->SendResponse(DM_STATUS_SUCCESS, response); |
| 571 FlushDeviceSettings(); | 937 FlushDeviceSettings(); |
| 572 Mock::VerifyAndClearExpectations(&provider_observer_); | 938 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 573 } | 939 } |
| 574 | 940 |
| 575 } // namespace policy | 941 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 27548004:
Cache force-installed apps/extensions in device-local accounts (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src