| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/device_local_account_policy_service.h" | 5 #include "chrome/browser/chromeos/policy/device_local_account_policy_service.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/callback.h" | 9 #include "base/callback.h" |
| 10 #include "base/file_util.h" |
| 11 #include "base/files/file_path.h" |
| 12 #include "base/files/scoped_temp_dir.h" |
| 13 #include "base/path_service.h" |
| 14 #include "base/run_loop.h" |
| 15 #include "base/strings/string_number_conversions.h" |
| 16 #include "base/strings/stringprintf.h" |
| 17 #include "base/test/scoped_path_override.h" |
| 18 #include "base/test/test_simple_task_runner.h" |
| 10 #include "chrome/browser/chromeos/policy/device_local_account.h" | 19 #include "chrome/browser/chromeos/policy/device_local_account.h" |
| 11 #include "chrome/browser/chromeos/policy/device_local_account_policy_provider.h" | 20 #include "chrome/browser/chromeos/policy/device_local_account_policy_provider.h" |
| 12 #include "chrome/browser/chromeos/settings/cros_settings.h" | 21 #include "chrome/browser/chromeos/settings/cros_settings.h" |
| 13 #include "chrome/browser/chromeos/settings/device_settings_service.h" | 22 #include "chrome/browser/chromeos/settings/device_settings_service.h" |
| 14 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h" | 23 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h" |
| 15 #include "chrome/browser/policy/cloud/cloud_policy_client.h" | 24 #include "chrome/browser/policy/cloud/cloud_policy_client.h" |
| 16 #include "chrome/browser/policy/cloud/cloud_policy_constants.h" | 25 #include "chrome/browser/policy/cloud/cloud_policy_constants.h" |
| 17 #include "chrome/browser/policy/cloud/cloud_policy_service.h" | 26 #include "chrome/browser/policy/cloud/cloud_policy_service.h" |
| 18 #include "chrome/browser/policy/cloud/mock_device_management_service.h" | 27 #include "chrome/browser/policy/cloud/mock_device_management_service.h" |
| 19 #include "chrome/browser/policy/cloud/policy_builder.h" | 28 #include "chrome/browser/policy/cloud/policy_builder.h" |
| 20 #include "chrome/browser/policy/external_data_fetcher.h" | 29 #include "chrome/browser/policy/external_data_fetcher.h" |
| 21 #include "chrome/browser/policy/mock_configuration_policy_provider.h" | 30 #include "chrome/browser/policy/mock_configuration_policy_provider.h" |
| 22 #include "chrome/browser/policy/proto/chromeos/chrome_device_policy.pb.h" | 31 #include "chrome/browser/policy/proto/chromeos/chrome_device_policy.pb.h" |
| 32 #include "chrome/common/chrome_paths.h" |
| 33 #include "chromeos/chromeos_paths.h" |
| 23 #include "chromeos/dbus/power_policy_controller.h" | 34 #include "chromeos/dbus/power_policy_controller.h" |
| 24 #include "policy/policy_constants.h" | 35 #include "policy/policy_constants.h" |
| 36 #include "policy/proto/cloud_policy.pb.h" |
| 25 #include "testing/gtest/include/gtest/gtest.h" | 37 #include "testing/gtest/include/gtest/gtest.h" |
| 26 | 38 |
| 27 using testing::AnyNumber; | 39 using testing::AnyNumber; |
| 28 using testing::AtLeast; | 40 using testing::AtLeast; |
| 29 using testing::Mock; | 41 using testing::Mock; |
| 30 using testing::SaveArg; | 42 using testing::SaveArg; |
| 31 using testing::_; | 43 using testing::_; |
| 32 | 44 |
| 33 namespace em = enterprise_management; | 45 namespace em = enterprise_management; |
| 34 | 46 |
| 35 namespace policy { | 47 namespace policy { |
| 36 | 48 |
| 49 namespace { |
| 50 |
| 51 const char kAccount1[] = "account1@localhost"; |
| 52 const char kAccount2[] = "account2@localhost"; |
| 53 const char kAccount3[] = "account3@localhost"; |
| 54 |
| 55 const char kExtensionID[] = "kbmnembihfiondgfjekmnmcbddelicoi"; |
| 56 const char kExtensionVersion[] = "1.0.0.0"; |
| 57 const char kExtensionCRXPath[] = "extensions/hosted_app.crx"; |
| 58 const char kUpdateURL[] = "https://clients2.google.com/service/update2/crx"; |
| 59 |
| 60 } // namespace |
| 61 |
| 37 class MockDeviceLocalAccountPolicyServiceObserver | 62 class MockDeviceLocalAccountPolicyServiceObserver |
| 38 : public DeviceLocalAccountPolicyService::Observer { | 63 : public DeviceLocalAccountPolicyService::Observer { |
| 39 public: | 64 public: |
| 40 MOCK_METHOD1(OnPolicyUpdated, void(const std::string&)); | 65 MOCK_METHOD1(OnPolicyUpdated, void(const std::string&)); |
| 41 MOCK_METHOD0(OnDeviceLocalAccountsChanged, void(void)); | 66 MOCK_METHOD0(OnDeviceLocalAccountsChanged, void(void)); |
| 42 }; | 67 }; |
| 43 | 68 |
| 44 class DeviceLocalAccountPolicyServiceTest | 69 class DeviceLocalAccountPolicyServiceTestBase |
| 45 : public chromeos::DeviceSettingsTestBase { | 70 : public chromeos::DeviceSettingsTestBase { |
| 46 public: | 71 public: |
| 47 DeviceLocalAccountPolicyServiceTest() | 72 DeviceLocalAccountPolicyServiceTestBase(); |
| 48 : public_session_user_id_(GenerateDeviceLocalAccountUserId( | 73 |
| 49 PolicyBuilder::kFakeUsername, | 74 virtual void SetUp() OVERRIDE; |
| 50 DeviceLocalAccount::TYPE_PUBLIC_SESSION)), | 75 |
| 51 cros_settings_(&device_settings_service_), | 76 void CreatePolicyService(); |
| 52 service_(&device_settings_test_helper_, | 77 |
| 53 &device_settings_service_, | 78 void InstallDeviceLocalAccountPolicy(const std::string& account_id); |
| 54 &cros_settings_) {} | 79 void AddDeviceLocalAccountToPolicy(const std::string& account_id); |
| 55 | 80 virtual void InstallDevicePolicy(); |
| 56 virtual void SetUp() OVERRIDE { | 81 |
| 57 DeviceSettingsTestBase::SetUp(); | 82 const std::string account_1_user_id_; |
| 58 | 83 const std::string account_2_user_id_; |
| 59 // Values implicitly enforced for public accounts. | |
| 60 expected_policy_map_.Set(key::kLidCloseAction, | |
| 61 POLICY_LEVEL_MANDATORY, | |
| 62 POLICY_SCOPE_USER, | |
| 63 base::Value::CreateIntegerValue( | |
| 64 chromeos::PowerPolicyController:: | |
| 65 ACTION_STOP_SESSION), | |
| 66 NULL); | |
| 67 expected_policy_map_.Set(key::kShelfAutoHideBehavior, | |
| 68 POLICY_LEVEL_MANDATORY, | |
| 69 POLICY_SCOPE_USER, | |
| 70 Value::CreateStringValue("Never"), | |
| 71 NULL); | |
| 72 expected_policy_map_.Set(key::kShowLogoutButtonInTray, | |
| 73 POLICY_LEVEL_MANDATORY, | |
| 74 POLICY_SCOPE_USER, | |
| 75 Value::CreateBooleanValue(true), | |
| 76 NULL); | |
| 77 expected_policy_map_.Set(key::kFullscreenAllowed, | |
| 78 POLICY_LEVEL_MANDATORY, | |
| 79 POLICY_SCOPE_USER, | |
| 80 Value::CreateBooleanValue(false), | |
| 81 NULL); | |
| 82 | |
| 83 // Explicitly set value. | |
| 84 expected_policy_map_.Set(key::kDisableSpdy, | |
| 85 POLICY_LEVEL_MANDATORY, | |
| 86 POLICY_SCOPE_USER, | |
| 87 Value::CreateBooleanValue(true), | |
| 88 NULL); | |
| 89 | |
| 90 device_local_account_policy_.payload().mutable_disablespdy()->set_value( | |
| 91 true); | |
| 92 device_local_account_policy_.policy_data().set_policy_type( | |
| 93 dm_protocol::kChromePublicAccountPolicyType); | |
| 94 device_local_account_policy_.policy_data().set_settings_entity_id( | |
| 95 PolicyBuilder::kFakeUsername); | |
| 96 device_local_account_policy_.Build(); | |
| 97 | |
| 98 em::DeviceLocalAccountInfoProto* account = | |
| 99 device_policy_.payload().mutable_device_local_accounts()->add_account(); | |
| 100 account->set_account_id(PolicyBuilder::kFakeUsername); | |
| 101 account->set_type( | |
| 102 em::DeviceLocalAccountInfoProto::ACCOUNT_TYPE_PUBLIC_SESSION); | |
| 103 device_policy_.Build(); | |
| 104 | |
| 105 service_.AddObserver(&service_observer_); | |
| 106 } | |
| 107 | |
| 108 virtual void TearDown() OVERRIDE { | |
| 109 service_.RemoveObserver(&service_observer_); | |
| 110 | |
| 111 DeviceSettingsTestBase::TearDown(); | |
| 112 } | |
| 113 | |
| 114 void InstallDevicePolicy() { | |
| 115 EXPECT_CALL(service_observer_, OnDeviceLocalAccountsChanged()); | |
| 116 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); | |
| 117 ReloadDeviceSettings(); | |
| 118 Mock::VerifyAndClearExpectations(&service_observer_); | |
| 119 } | |
| 120 | |
| 121 MOCK_METHOD1(OnRefreshDone, void(bool)); | |
| 122 | |
| 123 const std::string public_session_user_id_; | |
| 124 | 84 |
| 125 PolicyMap expected_policy_map_; | 85 PolicyMap expected_policy_map_; |
| 126 UserPolicyBuilder device_local_account_policy_; | 86 UserPolicyBuilder device_local_account_policy_; |
| 127 chromeos::CrosSettings cros_settings_; | 87 chromeos::CrosSettings cros_settings_; |
| 88 scoped_refptr<base::TestSimpleTaskRunner> extension_cache_task_runner_; |
| 89 MockDeviceManagementService mock_device_management_service_; |
| 90 scoped_ptr<DeviceLocalAccountPolicyService> service_; |
| 91 |
| 92 private: |
| 93 DISALLOW_COPY_AND_ASSIGN(DeviceLocalAccountPolicyServiceTestBase); |
| 94 }; |
| 95 |
| 96 class DeviceLocalAccountPolicyServiceTest |
| 97 : public DeviceLocalAccountPolicyServiceTestBase { |
| 98 public: |
| 99 MOCK_METHOD1(OnRefreshDone, void(bool)); |
| 100 |
| 101 protected: |
| 102 DeviceLocalAccountPolicyServiceTest(); |
| 103 |
| 104 virtual void SetUp() OVERRIDE; |
| 105 virtual void TearDown() OVERRIDE; |
| 106 |
| 107 void InstallDevicePolicy() OVERRIDE; |
| 108 |
| 128 MockDeviceLocalAccountPolicyServiceObserver service_observer_; | 109 MockDeviceLocalAccountPolicyServiceObserver service_observer_; |
| 129 MockDeviceManagementService mock_device_management_service_; | |
| 130 DeviceLocalAccountPolicyService service_; | |
| 131 | 110 |
| 132 private: | 111 private: |
| 133 DISALLOW_COPY_AND_ASSIGN(DeviceLocalAccountPolicyServiceTest); | 112 DISALLOW_COPY_AND_ASSIGN(DeviceLocalAccountPolicyServiceTest); |
| 134 }; | 113 }; |
| 135 | 114 |
| 115 DeviceLocalAccountPolicyServiceTestBase:: |
| 116 DeviceLocalAccountPolicyServiceTestBase() |
| 117 : account_1_user_id_(GenerateDeviceLocalAccountUserId( |
| 118 kAccount1, |
| 119 DeviceLocalAccount::TYPE_PUBLIC_SESSION)), |
| 120 account_2_user_id_(GenerateDeviceLocalAccountUserId( |
| 121 kAccount2, |
| 122 DeviceLocalAccount::TYPE_PUBLIC_SESSION)), |
| 123 cros_settings_(&device_settings_service_), |
| 124 extension_cache_task_runner_(new base::TestSimpleTaskRunner) { |
| 125 } |
| 126 |
| 127 void DeviceLocalAccountPolicyServiceTestBase::SetUp() { |
| 128 chromeos::DeviceSettingsTestBase::SetUp(); |
| 129 |
| 130 // Values implicitly enforced for public accounts. |
| 131 expected_policy_map_.Set(key::kLidCloseAction, |
| 132 POLICY_LEVEL_MANDATORY, |
| 133 POLICY_SCOPE_USER, |
| 134 base::Value::CreateIntegerValue( |
| 135 chromeos::PowerPolicyController:: |
| 136 ACTION_STOP_SESSION), |
| 137 NULL); |
| 138 expected_policy_map_.Set(key::kShelfAutoHideBehavior, |
| 139 POLICY_LEVEL_MANDATORY, |
| 140 POLICY_SCOPE_USER, |
| 141 Value::CreateStringValue("Never"), |
| 142 NULL); |
| 143 expected_policy_map_.Set(key::kShowLogoutButtonInTray, |
| 144 POLICY_LEVEL_MANDATORY, |
| 145 POLICY_SCOPE_USER, |
| 146 Value::CreateBooleanValue(true), |
| 147 NULL); |
| 148 expected_policy_map_.Set(key::kFullscreenAllowed, |
| 149 POLICY_LEVEL_MANDATORY, |
| 150 POLICY_SCOPE_USER, |
| 151 Value::CreateBooleanValue(false), |
| 152 NULL); |
| 153 |
| 154 // Explicitly set value. |
| 155 expected_policy_map_.Set(key::kDisableSpdy, |
| 156 POLICY_LEVEL_MANDATORY, |
| 157 POLICY_SCOPE_USER, |
| 158 Value::CreateBooleanValue(true), |
| 159 NULL); |
| 160 |
| 161 device_local_account_policy_.payload().mutable_disablespdy()->set_value( |
| 162 true); |
| 163 device_local_account_policy_.policy_data().set_policy_type( |
| 164 dm_protocol::kChromePublicAccountPolicyType); |
| 165 } |
| 166 |
| 167 void DeviceLocalAccountPolicyServiceTestBase::CreatePolicyService() { |
| 168 service_.reset(new DeviceLocalAccountPolicyService( |
| 169 &device_settings_test_helper_, |
| 170 &device_settings_service_, |
| 171 &cros_settings_, |
| 172 extension_cache_task_runner_)); |
| 173 } |
| 174 |
| 175 void DeviceLocalAccountPolicyServiceTestBase:: |
| 176 InstallDeviceLocalAccountPolicy(const std::string& account_id) { |
| 177 device_local_account_policy_.policy_data().set_settings_entity_id(account_id); |
| 178 device_local_account_policy_.policy_data().set_username(account_id); |
| 179 device_local_account_policy_.Build(); |
| 180 device_settings_test_helper_.set_device_local_account_policy_blob( |
| 181 account_id, device_local_account_policy_.GetBlob()); |
| 182 } |
| 183 |
| 184 void DeviceLocalAccountPolicyServiceTestBase::AddDeviceLocalAccountToPolicy( |
| 185 const std::string& account_id) { |
| 186 em::DeviceLocalAccountInfoProto* account = |
| 187 device_policy_.payload().mutable_device_local_accounts()->add_account(); |
| 188 account->set_account_id(account_id); |
| 189 account->set_type( |
| 190 em::DeviceLocalAccountInfoProto::ACCOUNT_TYPE_PUBLIC_SESSION); |
| 191 } |
| 192 |
| 193 void DeviceLocalAccountPolicyServiceTestBase::InstallDevicePolicy() { |
| 194 device_policy_.Build(); |
| 195 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); |
| 196 ReloadDeviceSettings(); |
| 197 } |
| 198 |
| 199 DeviceLocalAccountPolicyServiceTest::DeviceLocalAccountPolicyServiceTest() { |
| 200 CreatePolicyService(); |
| 201 } |
| 202 |
| 203 void DeviceLocalAccountPolicyServiceTest::SetUp() { |
| 204 DeviceLocalAccountPolicyServiceTestBase::SetUp(); |
| 205 service_->AddObserver(&service_observer_); |
| 206 } |
| 207 |
| 208 void DeviceLocalAccountPolicyServiceTest::TearDown() { |
| 209 service_->RemoveObserver(&service_observer_); |
| 210 DeviceLocalAccountPolicyServiceTestBase::TearDown(); |
| 211 } |
| 212 |
| 213 void DeviceLocalAccountPolicyServiceTest::InstallDevicePolicy() { |
| 214 EXPECT_CALL(service_observer_, OnDeviceLocalAccountsChanged()); |
| 215 DeviceLocalAccountPolicyServiceTestBase::InstallDevicePolicy(); |
| 216 Mock::VerifyAndClearExpectations(&service_observer_); |
| 217 } |
| 218 |
| 136 TEST_F(DeviceLocalAccountPolicyServiceTest, NoAccounts) { | 219 TEST_F(DeviceLocalAccountPolicyServiceTest, NoAccounts) { |
| 137 EXPECT_FALSE(service_.GetBrokerForUser(public_session_user_id_)); | 220 EXPECT_FALSE(service_->GetBrokerForUser(account_1_user_id_)); |
| 138 } | 221 } |
| 139 | 222 |
| 140 TEST_F(DeviceLocalAccountPolicyServiceTest, GetBroker) { | 223 TEST_F(DeviceLocalAccountPolicyServiceTest, GetBroker) { |
| 141 InstallDevicePolicy(); | 224 InstallDeviceLocalAccountPolicy(kAccount1); |
| 142 | 225 AddDeviceLocalAccountToPolicy(kAccount1); |
| 143 DeviceLocalAccountPolicyBroker* broker = | 226 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 144 service_.GetBrokerForUser(public_session_user_id_); | 227 InstallDevicePolicy(); |
| 145 ASSERT_TRUE(broker); | 228 |
| 146 EXPECT_EQ(public_session_user_id_, broker->user_id()); | 229 DeviceLocalAccountPolicyBroker* broker = |
| 230 service_->GetBrokerForUser(account_1_user_id_); |
| 231 ASSERT_TRUE(broker); |
| 232 EXPECT_EQ(account_1_user_id_, broker->user_id()); |
| 147 ASSERT_TRUE(broker->core()->store()); | 233 ASSERT_TRUE(broker->core()->store()); |
| 148 EXPECT_EQ(CloudPolicyStore::STATUS_OK, broker->core()->store()->status()); | 234 EXPECT_EQ(CloudPolicyStore::STATUS_OK, broker->core()->store()->status()); |
| 149 EXPECT_FALSE(broker->core()->client()); | 235 EXPECT_FALSE(broker->core()->client()); |
| 150 EXPECT_TRUE(broker->core()->store()->policy_map().empty()); | 236 EXPECT_FALSE(broker->core()->store()->policy_map().empty()); |
| 151 } | 237 } |
| 152 | 238 |
| 153 TEST_F(DeviceLocalAccountPolicyServiceTest, LoadNoPolicy) { | 239 TEST_F(DeviceLocalAccountPolicyServiceTest, LoadNoPolicy) { |
| 154 InstallDevicePolicy(); | 240 AddDeviceLocalAccountToPolicy(kAccount1); |
| 155 | 241 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 156 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); | 242 InstallDevicePolicy(); |
| 157 DeviceLocalAccountPolicyBroker* broker = | 243 |
| 158 service_.GetBrokerForUser(public_session_user_id_); | 244 DeviceLocalAccountPolicyBroker* broker = |
| 159 ASSERT_TRUE(broker); | 245 service_->GetBrokerForUser(account_1_user_id_); |
| 160 FlushDeviceSettings(); | 246 ASSERT_TRUE(broker); |
| 161 Mock::VerifyAndClearExpectations(&service_observer_); | 247 EXPECT_EQ(account_1_user_id_, broker->user_id()); |
| 162 | |
| 163 ASSERT_TRUE(broker->core()->store()); | 248 ASSERT_TRUE(broker->core()->store()); |
| 164 EXPECT_EQ(CloudPolicyStore::STATUS_LOAD_ERROR, | 249 EXPECT_EQ(CloudPolicyStore::STATUS_LOAD_ERROR, |
| 165 broker->core()->store()->status()); | 250 broker->core()->store()->status()); |
| 166 EXPECT_TRUE(broker->core()->store()->policy_map().empty()); | 251 EXPECT_TRUE(broker->core()->store()->policy_map().empty()); |
| 167 EXPECT_FALSE(service_.IsPolicyAvailableForUser(public_session_user_id_)); | 252 EXPECT_FALSE(service_->IsPolicyAvailableForUser(account_1_user_id_)); |
| 168 } | 253 } |
| 169 | 254 |
| 170 TEST_F(DeviceLocalAccountPolicyServiceTest, LoadValidationFailure) { | 255 TEST_F(DeviceLocalAccountPolicyServiceTest, LoadValidationFailure) { |
| 171 device_local_account_policy_.policy_data().set_policy_type( | 256 device_local_account_policy_.policy_data().set_policy_type( |
| 172 dm_protocol::kChromeUserPolicyType); | 257 dm_protocol::kChromeUserPolicyType); |
| 173 device_local_account_policy_.Build(); | 258 InstallDeviceLocalAccountPolicy(kAccount1); |
| 174 device_settings_test_helper_.set_device_local_account_policy_blob( | 259 AddDeviceLocalAccountToPolicy(kAccount1); |
| 175 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | 260 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 176 InstallDevicePolicy(); | 261 InstallDevicePolicy(); |
| 177 | 262 |
| 178 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); | 263 DeviceLocalAccountPolicyBroker* broker = |
| 179 DeviceLocalAccountPolicyBroker* broker = | 264 service_->GetBrokerForUser(account_1_user_id_); |
| 180 service_.GetBrokerForUser(public_session_user_id_); | 265 ASSERT_TRUE(broker); |
| 181 ASSERT_TRUE(broker); | 266 EXPECT_EQ(account_1_user_id_, broker->user_id()); |
| 182 FlushDeviceSettings(); | |
| 183 Mock::VerifyAndClearExpectations(&service_observer_); | |
| 184 | |
| 185 ASSERT_TRUE(broker->core()->store()); | 267 ASSERT_TRUE(broker->core()->store()); |
| 186 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, | 268 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, |
| 187 broker->core()->store()->status()); | 269 broker->core()->store()->status()); |
| 188 EXPECT_TRUE(broker->core()->store()->policy_map().empty()); | 270 EXPECT_TRUE(broker->core()->store()->policy_map().empty()); |
| 189 EXPECT_FALSE(service_.IsPolicyAvailableForUser(public_session_user_id_)); | 271 EXPECT_FALSE(service_->IsPolicyAvailableForUser(account_1_user_id_)); |
| 190 } | 272 } |
| 191 | 273 |
| 192 TEST_F(DeviceLocalAccountPolicyServiceTest, LoadPolicy) { | 274 TEST_F(DeviceLocalAccountPolicyServiceTest, LoadPolicy) { |
| 193 device_settings_test_helper_.set_device_local_account_policy_blob( | 275 InstallDeviceLocalAccountPolicy(kAccount1); |
| 194 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | 276 AddDeviceLocalAccountToPolicy(kAccount1); |
| 195 InstallDevicePolicy(); | 277 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 196 | 278 InstallDevicePolicy(); |
| 197 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); | 279 |
| 198 DeviceLocalAccountPolicyBroker* broker = | 280 DeviceLocalAccountPolicyBroker* broker = |
| 199 service_.GetBrokerForUser(public_session_user_id_); | 281 service_->GetBrokerForUser(account_1_user_id_); |
| 200 ASSERT_TRUE(broker); | 282 ASSERT_TRUE(broker); |
| 201 FlushDeviceSettings(); | 283 EXPECT_EQ(account_1_user_id_, broker->user_id()); |
| 202 Mock::VerifyAndClearExpectations(&service_observer_); | 284 ASSERT_TRUE(broker->core()->store()); |
| 203 | 285 EXPECT_EQ(CloudPolicyStore::STATUS_OK, broker->core()->store()->status()); |
| 204 ASSERT_TRUE(broker->core()->store()); | |
| 205 EXPECT_EQ(CloudPolicyStore::STATUS_OK, | |
| 206 broker->core()->store()->status()); | |
| 207 ASSERT_TRUE(broker->core()->store()->policy()); | 286 ASSERT_TRUE(broker->core()->store()->policy()); |
| 208 EXPECT_EQ(device_local_account_policy_.policy_data().SerializeAsString(), | 287 EXPECT_EQ(device_local_account_policy_.policy_data().SerializeAsString(), |
| 209 broker->core()->store()->policy()->SerializeAsString()); | 288 broker->core()->store()->policy()->SerializeAsString()); |
| 210 EXPECT_TRUE(expected_policy_map_.Equals( | 289 EXPECT_TRUE(expected_policy_map_.Equals( |
| 211 broker->core()->store()->policy_map())); | 290 broker->core()->store()->policy_map())); |
| 212 EXPECT_TRUE(service_.IsPolicyAvailableForUser(public_session_user_id_)); | 291 EXPECT_TRUE(service_->IsPolicyAvailableForUser(account_1_user_id_)); |
| 213 } | 292 } |
| 214 | 293 |
| 215 TEST_F(DeviceLocalAccountPolicyServiceTest, StoreValidationFailure) { | 294 TEST_F(DeviceLocalAccountPolicyServiceTest, StoreValidationFailure) { |
| 295 AddDeviceLocalAccountToPolicy(kAccount1); |
| 296 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 297 InstallDevicePolicy(); |
| 298 Mock::VerifyAndClearExpectations(&service_observer_); |
| 299 |
| 300 DeviceLocalAccountPolicyBroker* broker = |
| 301 service_->GetBrokerForUser(account_1_user_id_); |
| 302 ASSERT_TRUE(broker); |
| 303 EXPECT_EQ(account_1_user_id_, broker->user_id()); |
| 304 ASSERT_TRUE(broker->core()->store()); |
| 305 |
| 216 device_local_account_policy_.policy_data().set_policy_type( | 306 device_local_account_policy_.policy_data().set_policy_type( |
| 217 dm_protocol::kChromeUserPolicyType); | 307 dm_protocol::kChromeUserPolicyType); |
| 218 device_local_account_policy_.Build(); | 308 device_local_account_policy_.Build(); |
| 219 InstallDevicePolicy(); | |
| 220 | |
| 221 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); | |
| 222 DeviceLocalAccountPolicyBroker* broker = | |
| 223 service_.GetBrokerForUser(public_session_user_id_); | |
| 224 ASSERT_TRUE(broker); | |
| 225 ASSERT_TRUE(broker->core()->store()); | |
| 226 broker->core()->store()->Store(device_local_account_policy_.policy()); | 309 broker->core()->store()->Store(device_local_account_policy_.policy()); |
| 310 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 227 FlushDeviceSettings(); | 311 FlushDeviceSettings(); |
| 228 Mock::VerifyAndClearExpectations(&service_observer_); | 312 |
| 229 | |
| 230 ASSERT_TRUE(broker->core()->store()); | |
| 231 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, | 313 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, |
| 232 broker->core()->store()->status()); | 314 broker->core()->store()->status()); |
| 233 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_WRONG_POLICY_TYPE, | 315 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_WRONG_POLICY_TYPE, |
| 234 broker->core()->store()->validation_status()); | 316 broker->core()->store()->validation_status()); |
| 235 EXPECT_FALSE(service_.IsPolicyAvailableForUser(public_session_user_id_)); | 317 EXPECT_FALSE(service_->IsPolicyAvailableForUser(account_1_user_id_)); |
| 236 } | 318 } |
| 237 | 319 |
| 238 TEST_F(DeviceLocalAccountPolicyServiceTest, StorePolicy) { | 320 TEST_F(DeviceLocalAccountPolicyServiceTest, StorePolicy) { |
| 239 InstallDevicePolicy(); | 321 AddDeviceLocalAccountToPolicy(kAccount1); |
| 240 | 322 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 241 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); | 323 InstallDevicePolicy(); |
| 242 DeviceLocalAccountPolicyBroker* broker = | 324 Mock::VerifyAndClearExpectations(&service_observer_); |
| 243 service_.GetBrokerForUser(public_session_user_id_); | 325 |
| 244 ASSERT_TRUE(broker); | 326 DeviceLocalAccountPolicyBroker* broker = |
| 245 ASSERT_TRUE(broker->core()->store()); | 327 service_->GetBrokerForUser(account_1_user_id_); |
| 328 ASSERT_TRUE(broker); |
| 329 EXPECT_EQ(account_1_user_id_, broker->user_id()); |
| 330 ASSERT_TRUE(broker->core()->store()); |
| 331 |
| 332 device_local_account_policy_.policy_data().set_settings_entity_id(kAccount1); |
| 333 device_local_account_policy_.policy_data().set_username(kAccount1); |
| 334 device_local_account_policy_.Build(); |
| 246 broker->core()->store()->Store(device_local_account_policy_.policy()); | 335 broker->core()->store()->Store(device_local_account_policy_.policy()); |
| 336 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 247 FlushDeviceSettings(); | 337 FlushDeviceSettings(); |
| 338 |
| 339 EXPECT_EQ(CloudPolicyStore::STATUS_OK, broker->core()->store()->status()); |
| 340 ASSERT_TRUE(broker->core()->store()->policy()); |
| 341 EXPECT_EQ(device_local_account_policy_.policy_data().SerializeAsString(), |
| 342 broker->core()->store()->policy()->SerializeAsString()); |
| 343 EXPECT_TRUE(expected_policy_map_.Equals( |
| 344 broker->core()->store()->policy_map())); |
| 345 EXPECT_TRUE(service_->IsPolicyAvailableForUser(account_1_user_id_)); |
| 346 } |
| 347 |
| 348 TEST_F(DeviceLocalAccountPolicyServiceTest, DevicePolicyChange) { |
| 349 InstallDeviceLocalAccountPolicy(kAccount1); |
| 350 AddDeviceLocalAccountToPolicy(kAccount1); |
| 351 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 352 InstallDevicePolicy(); |
| 353 |
| 354 device_policy_.payload().mutable_device_local_accounts()->clear_account(); |
| 355 InstallDevicePolicy(); |
| 356 |
| 357 EXPECT_FALSE(service_->GetBrokerForUser(account_1_user_id_)); |
| 358 } |
| 359 |
| 360 TEST_F(DeviceLocalAccountPolicyServiceTest, DuplicateAccounts) { |
| 361 InstallDeviceLocalAccountPolicy(kAccount1); |
| 362 AddDeviceLocalAccountToPolicy(kAccount1); |
| 363 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 364 InstallDevicePolicy(); |
| 248 Mock::VerifyAndClearExpectations(&service_observer_); | 365 Mock::VerifyAndClearExpectations(&service_observer_); |
| 249 | 366 |
| 250 EXPECT_EQ(device_local_account_policy_.GetBlob(), | |
| 251 device_settings_test_helper_.device_local_account_policy_blob( | |
| 252 PolicyBuilder::kFakeUsername)); | |
| 253 EXPECT_TRUE(service_.IsPolicyAvailableForUser(public_session_user_id_)); | |
| 254 } | |
| 255 | |
| 256 TEST_F(DeviceLocalAccountPolicyServiceTest, DevicePolicyChange) { | |
| 257 device_settings_test_helper_.set_device_local_account_policy_blob( | |
| 258 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | |
| 259 InstallDevicePolicy(); | |
| 260 | |
| 261 EXPECT_CALL(service_observer_, OnDeviceLocalAccountsChanged()); | |
| 262 device_policy_.payload().mutable_device_local_accounts()->clear_account(); | |
| 263 device_policy_.Build(); | |
| 264 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); | |
| 265 device_settings_service_.PropertyChangeComplete(true); | |
| 266 FlushDeviceSettings(); | |
| 267 EXPECT_FALSE(service_.GetBrokerForUser(public_session_user_id_)); | |
| 268 Mock::VerifyAndClearExpectations(&service_observer_); | |
| 269 } | |
| 270 | |
| 271 TEST_F(DeviceLocalAccountPolicyServiceTest, DuplicateAccounts) { | |
| 272 InstallDevicePolicy(); | |
| 273 DeviceLocalAccountPolicyBroker* broker = | |
| 274 service_.GetBrokerForUser(public_session_user_id_); | |
| 275 ASSERT_TRUE(broker); | |
| 276 | |
| 277 // Add a second entry with a duplicate account name to device policy. | 367 // Add a second entry with a duplicate account name to device policy. |
| 278 em::DeviceLocalAccountInfoProto* account = | 368 AddDeviceLocalAccountToPolicy(kAccount1); |
| 279 device_policy_.payload().mutable_device_local_accounts()->add_account(); | 369 InstallDevicePolicy(); |
| 280 account->set_account_id(PolicyBuilder::kFakeUsername); | |
| 281 account->set_type( | |
| 282 em::DeviceLocalAccountInfoProto::ACCOUNT_TYPE_PUBLIC_SESSION); | |
| 283 device_policy_.Build(); | |
| 284 device_settings_test_helper_.set_device_local_account_policy_blob( | |
| 285 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | |
| 286 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); | |
| 287 | |
| 288 EXPECT_CALL(service_observer_, OnDeviceLocalAccountsChanged()); | |
| 289 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); | |
| 290 device_settings_service_.PropertyChangeComplete(true); | |
| 291 FlushDeviceSettings(); | |
| 292 Mock::VerifyAndClearExpectations(&service_observer_); | |
| 293 | 370 |
| 294 // Make sure the broker is accessible and policy got loaded. | 371 // Make sure the broker is accessible and policy got loaded. |
| 295 broker = service_.GetBrokerForUser(public_session_user_id_); | 372 DeviceLocalAccountPolicyBroker* broker = |
| 296 ASSERT_TRUE(broker); | 373 service_->GetBrokerForUser(account_1_user_id_); |
| 297 EXPECT_EQ(public_session_user_id_, broker->user_id()); | 374 ASSERT_TRUE(broker); |
| 298 EXPECT_TRUE(broker->core()->store()->policy()); | 375 EXPECT_EQ(account_1_user_id_, broker->user_id()); |
| 376 ASSERT_TRUE(broker->core()->store()); |
| 377 EXPECT_EQ(CloudPolicyStore::STATUS_OK, broker->core()->store()->status()); |
| 378 ASSERT_TRUE(broker->core()->store()->policy()); |
| 379 EXPECT_EQ(device_local_account_policy_.policy_data().SerializeAsString(), |
| 380 broker->core()->store()->policy()->SerializeAsString()); |
| 381 EXPECT_TRUE(expected_policy_map_.Equals( |
| 382 broker->core()->store()->policy_map())); |
| 383 EXPECT_TRUE(service_->IsPolicyAvailableForUser(account_1_user_id_)); |
| 299 } | 384 } |
| 300 | 385 |
| 301 TEST_F(DeviceLocalAccountPolicyServiceTest, FetchPolicy) { | 386 TEST_F(DeviceLocalAccountPolicyServiceTest, FetchPolicy) { |
| 302 device_settings_test_helper_.set_device_local_account_policy_blob( | 387 InstallDeviceLocalAccountPolicy(kAccount1); |
| 303 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | 388 AddDeviceLocalAccountToPolicy(kAccount1); |
| 304 InstallDevicePolicy(); | 389 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 305 | 390 InstallDevicePolicy(); |
| 306 DeviceLocalAccountPolicyBroker* broker = | 391 |
| 307 service_.GetBrokerForUser(public_session_user_id_); | 392 DeviceLocalAccountPolicyBroker* broker = |
| 308 ASSERT_TRUE(broker); | 393 service_->GetBrokerForUser(account_1_user_id_); |
| 309 | 394 ASSERT_TRUE(broker); |
| 310 service_.Connect(&mock_device_management_service_); | 395 |
| 396 service_->Connect(&mock_device_management_service_); |
| 311 EXPECT_TRUE(broker->core()->client()); | 397 EXPECT_TRUE(broker->core()->client()); |
| 312 | 398 |
| 313 em::DeviceManagementRequest request; | 399 em::DeviceManagementRequest request; |
| 314 em::DeviceManagementResponse response; | 400 em::DeviceManagementResponse response; |
| 315 response.mutable_policy_response()->add_response()->CopyFrom( | 401 response.mutable_policy_response()->add_response()->CopyFrom( |
| 316 device_local_account_policy_.policy()); | 402 device_local_account_policy_.policy()); |
| 317 EXPECT_CALL(mock_device_management_service_, | 403 EXPECT_CALL(mock_device_management_service_, |
| 318 CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH)) | 404 CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH)) |
| 319 .WillOnce(mock_device_management_service_.SucceedJob(response)); | 405 .WillOnce(mock_device_management_service_.SucceedJob(response)); |
| 320 EXPECT_CALL(mock_device_management_service_, | 406 EXPECT_CALL(mock_device_management_service_, |
| 321 StartJob(dm_protocol::kValueRequestPolicy, | 407 StartJob(dm_protocol::kValueRequestPolicy, |
| 322 std::string(), std::string(), | 408 std::string(), std::string(), |
| 323 device_policy_.policy_data().request_token(), | 409 device_policy_.policy_data().request_token(), |
| 324 dm_protocol::kValueUserAffiliationManaged, | 410 dm_protocol::kValueUserAffiliationManaged, |
| 325 device_policy_.policy_data().device_id(), | 411 device_policy_.policy_data().device_id(), |
| 326 _)) | 412 _)) |
| 327 .WillOnce(SaveArg<6>(&request)); | 413 .WillOnce(SaveArg<6>(&request)); |
| 328 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); | 414 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 329 broker->core()->client()->FetchPolicy(); | 415 broker->core()->client()->FetchPolicy(); |
| 330 FlushDeviceSettings(); | 416 FlushDeviceSettings(); |
| 331 Mock::VerifyAndClearExpectations(&service_observer_); | 417 Mock::VerifyAndClearExpectations(&service_observer_); |
| 332 Mock::VerifyAndClearExpectations(&mock_device_management_service_); | 418 Mock::VerifyAndClearExpectations(&mock_device_management_service_); |
| 333 EXPECT_TRUE(request.has_policy_request()); | 419 EXPECT_TRUE(request.has_policy_request()); |
| 334 EXPECT_EQ(1, request.policy_request().request_size()); | 420 EXPECT_EQ(1, request.policy_request().request_size()); |
| 335 EXPECT_EQ(dm_protocol::kChromePublicAccountPolicyType, | 421 EXPECT_EQ(dm_protocol::kChromePublicAccountPolicyType, |
| 336 request.policy_request().request(0).policy_type()); | 422 request.policy_request().request(0).policy_type()); |
| 337 EXPECT_FALSE(request.policy_request().request(0).has_machine_id()); | 423 EXPECT_FALSE(request.policy_request().request(0).has_machine_id()); |
| 338 EXPECT_EQ(PolicyBuilder::kFakeUsername, | 424 EXPECT_EQ(kAccount1, |
| 339 request.policy_request().request(0).settings_entity_id()); | 425 request.policy_request().request(0).settings_entity_id()); |
| 340 | 426 |
| 341 ASSERT_TRUE(broker->core()->store()); | 427 ASSERT_TRUE(broker->core()->store()); |
| 342 EXPECT_EQ(CloudPolicyStore::STATUS_OK, | 428 EXPECT_EQ(CloudPolicyStore::STATUS_OK, |
| 343 broker->core()->store()->status()); | 429 broker->core()->store()->status()); |
| 344 ASSERT_TRUE(broker->core()->store()->policy()); | 430 ASSERT_TRUE(broker->core()->store()->policy()); |
| 345 EXPECT_EQ(device_local_account_policy_.policy_data().SerializeAsString(), | 431 EXPECT_EQ(device_local_account_policy_.policy_data().SerializeAsString(), |
| 346 broker->core()->store()->policy()->SerializeAsString()); | 432 broker->core()->store()->policy()->SerializeAsString()); |
| 347 EXPECT_TRUE(expected_policy_map_.Equals( | 433 EXPECT_TRUE(expected_policy_map_.Equals( |
| 348 broker->core()->store()->policy_map())); | 434 broker->core()->store()->policy_map())); |
| 349 EXPECT_TRUE(service_.IsPolicyAvailableForUser(public_session_user_id_)); | 435 EXPECT_TRUE(service_->IsPolicyAvailableForUser(account_1_user_id_)); |
| 350 | 436 |
| 351 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)) | 437 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)) |
| 352 .Times(0); | 438 .Times(0); |
| 353 service_.Disconnect(); | 439 service_->Disconnect(); |
| 354 EXPECT_FALSE(broker->core()->client()); | 440 EXPECT_FALSE(broker->core()->client()); |
| 355 Mock::VerifyAndClearExpectations(&service_observer_); | 441 Mock::VerifyAndClearExpectations(&service_observer_); |
| 356 EXPECT_TRUE(service_.IsPolicyAvailableForUser(public_session_user_id_)); | 442 EXPECT_TRUE(service_->IsPolicyAvailableForUser(account_1_user_id_)); |
| 357 } | 443 } |
| 358 | 444 |
| 359 TEST_F(DeviceLocalAccountPolicyServiceTest, RefreshPolicy) { | 445 TEST_F(DeviceLocalAccountPolicyServiceTest, RefreshPolicy) { |
| 360 device_settings_test_helper_.set_device_local_account_policy_blob( | 446 InstallDeviceLocalAccountPolicy(kAccount1); |
| 361 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | 447 AddDeviceLocalAccountToPolicy(kAccount1); |
| 448 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 362 InstallDevicePolicy(); | 449 InstallDevicePolicy(); |
| 363 | 450 |
| 364 DeviceLocalAccountPolicyBroker* broker = | 451 DeviceLocalAccountPolicyBroker* broker = |
| 365 service_.GetBrokerForUser(public_session_user_id_); | 452 service_->GetBrokerForUser(account_1_user_id_); |
| 366 ASSERT_TRUE(broker); | 453 ASSERT_TRUE(broker); |
| 367 | 454 |
| 368 service_.Connect(&mock_device_management_service_); | 455 service_->Connect(&mock_device_management_service_); |
| 369 ASSERT_TRUE(broker->core()->service()); | 456 ASSERT_TRUE(broker->core()->service()); |
| 370 | 457 |
| 371 em::DeviceManagementResponse response; | 458 em::DeviceManagementResponse response; |
| 372 response.mutable_policy_response()->add_response()->CopyFrom( | 459 response.mutable_policy_response()->add_response()->CopyFrom( |
| 373 device_local_account_policy_.policy()); | 460 device_local_account_policy_.policy()); |
| 374 EXPECT_CALL(mock_device_management_service_, CreateJob(_)) | 461 EXPECT_CALL(mock_device_management_service_, CreateJob(_)) |
| 375 .WillOnce(mock_device_management_service_.SucceedJob(response)); | 462 .WillOnce(mock_device_management_service_.SucceedJob(response)); |
| 376 EXPECT_CALL(mock_device_management_service_, StartJob(_, _, _, _, _, _, _)); | 463 EXPECT_CALL(mock_device_management_service_, StartJob(_, _, _, _, _, _, _)); |
| 377 EXPECT_CALL(*this, OnRefreshDone(true)).Times(1); | 464 EXPECT_CALL(*this, OnRefreshDone(true)).Times(1); |
| 378 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); | 465 EXPECT_CALL(service_observer_, OnPolicyUpdated(account_1_user_id_)); |
| 379 broker->core()->service()->RefreshPolicy( | 466 broker->core()->service()->RefreshPolicy( |
| 380 base::Bind(&DeviceLocalAccountPolicyServiceTest::OnRefreshDone, | 467 base::Bind(&DeviceLocalAccountPolicyServiceTest::OnRefreshDone, |
| 381 base::Unretained(this))); | 468 base::Unretained(this))); |
| 382 FlushDeviceSettings(); | 469 FlushDeviceSettings(); |
| 383 Mock::VerifyAndClearExpectations(&service_observer_); | 470 Mock::VerifyAndClearExpectations(&service_observer_); |
| 384 Mock::VerifyAndClearExpectations(this); | 471 Mock::VerifyAndClearExpectations(this); |
| 385 Mock::VerifyAndClearExpectations(&mock_device_management_service_); | 472 Mock::VerifyAndClearExpectations(&mock_device_management_service_); |
| 386 | 473 |
| 387 ASSERT_TRUE(broker->core()->store()); | 474 ASSERT_TRUE(broker->core()->store()); |
| 388 EXPECT_EQ(CloudPolicyStore::STATUS_OK, | 475 EXPECT_EQ(CloudPolicyStore::STATUS_OK, |
| 389 broker->core()->store()->status()); | 476 broker->core()->store()->status()); |
| 390 EXPECT_TRUE(expected_policy_map_.Equals( | 477 EXPECT_TRUE(expected_policy_map_.Equals( |
| 391 broker->core()->store()->policy_map())); | 478 broker->core()->store()->policy_map())); |
| 392 EXPECT_TRUE(service_.IsPolicyAvailableForUser(public_session_user_id_)); | 479 EXPECT_TRUE(service_->IsPolicyAvailableForUser(account_1_user_id_)); |
| 480 } |
| 481 |
| 482 class DeviceLocalAccountPolicyExtensionCacheTest |
| 483 : public DeviceLocalAccountPolicyServiceTestBase { |
| 484 protected: |
| 485 DeviceLocalAccountPolicyExtensionCacheTest(); |
| 486 |
| 487 virtual void SetUp() OVERRIDE; |
| 488 |
| 489 base::FilePath GetCacheDirectoryForAccountID(const std::string& account_id); |
| 490 |
| 491 base::ScopedTempDir cache_root_dir_; |
| 492 scoped_ptr<base::ScopedPathOverride> cache_root_dir_override_; |
| 493 |
| 494 base::FilePath cache_dir_1_; |
| 495 base::FilePath cache_dir_2_; |
| 496 base::FilePath cache_dir_3_; |
| 497 |
| 498 private: |
| 499 DISALLOW_COPY_AND_ASSIGN(DeviceLocalAccountPolicyExtensionCacheTest); |
| 500 }; |
| 501 |
| 502 DeviceLocalAccountPolicyExtensionCacheTest:: |
| 503 DeviceLocalAccountPolicyExtensionCacheTest() { |
| 504 } |
| 505 |
| 506 void DeviceLocalAccountPolicyExtensionCacheTest::SetUp() { |
| 507 DeviceLocalAccountPolicyServiceTestBase::SetUp(); |
| 508 ASSERT_TRUE(cache_root_dir_.CreateUniqueTempDir()); |
| 509 cache_root_dir_override_.reset(new base::ScopedPathOverride( |
| 510 chromeos::DIR_DEVICE_LOCAL_ACCOUNT_CACHE, |
| 511 cache_root_dir_.path())); |
| 512 |
| 513 cache_dir_1_ = GetCacheDirectoryForAccountID(kAccount1); |
| 514 cache_dir_2_ = GetCacheDirectoryForAccountID(kAccount2); |
| 515 cache_dir_3_ = GetCacheDirectoryForAccountID(kAccount3); |
| 516 |
| 517 em::StringList* forcelist = device_local_account_policy_.payload() |
| 518 .mutable_extensioninstallforcelist()->mutable_value(); |
| 519 forcelist->add_entries(base::StringPrintf("%s;%s", kExtensionID, kUpdateURL)); |
| 520 } |
| 521 |
| 522 base::FilePath DeviceLocalAccountPolicyExtensionCacheTest:: |
| 523 GetCacheDirectoryForAccountID(const std::string& account_id) { |
| 524 return cache_root_dir_.path().Append(base::HexEncode(account_id.c_str(), |
| 525 account_id.size())); |
| 526 } |
| 527 |
| 528 // Verifies that during startup, orphaned cache directories are deleted, |
| 529 // cache directories belonging to an existing account are preserved and missing |
| 530 // cache directories are created. Also verifies that when startup is complete, |
| 531 // the caches for all existing accounts are running. |
| 532 TEST_F(DeviceLocalAccountPolicyExtensionCacheTest, Startup) { |
| 533 base::FilePath test_data_dir; |
| 534 ASSERT_TRUE(PathService::Get(chrome::DIR_TEST_DATA, &test_data_dir)); |
| 535 const base::FilePath source_crx_file = |
| 536 test_data_dir.Append(kExtensionCRXPath); |
| 537 const std::string target_crx_file_name = |
| 538 base::StringPrintf("%s-%s.crx", kExtensionID, kExtensionVersion); |
| 539 |
| 540 // Create and pre-populate a cache directory for account 1. |
| 541 EXPECT_TRUE(file_util::CreateDirectory(cache_dir_1_)); |
| 542 EXPECT_TRUE(CopyFile(source_crx_file, |
| 543 cache_dir_1_.Append(target_crx_file_name))); |
| 544 |
| 545 // Create and pre-populate a cache directory for account 3. |
| 546 EXPECT_TRUE(file_util::CreateDirectory(cache_dir_3_)); |
| 547 EXPECT_TRUE(CopyFile(source_crx_file, |
| 548 cache_dir_3_.Append(target_crx_file_name))); |
| 549 |
| 550 // Add accounts 1 and 2 to device policy. |
| 551 InstallDeviceLocalAccountPolicy(kAccount1); |
| 552 InstallDeviceLocalAccountPolicy(kAccount2); |
| 553 AddDeviceLocalAccountToPolicy(kAccount1); |
| 554 AddDeviceLocalAccountToPolicy(kAccount2); |
| 555 InstallDevicePolicy(); |
| 556 |
| 557 // Create the DeviceLocalAccountPolicyService, allowing it to finish the |
| 558 // deletion of orphaned cache directories. |
| 559 CreatePolicyService(); |
| 560 FlushDeviceSettings(); |
| 561 extension_cache_task_runner_->RunUntilIdle(); |
| 562 |
| 563 // Verify that the cache directory for account 1 and its contents still exist. |
| 564 EXPECT_TRUE(base::DirectoryExists(cache_dir_1_)); |
| 565 EXPECT_TRUE(ContentsEqual(source_crx_file, |
| 566 cache_dir_1_.Append(target_crx_file_name))); |
| 567 |
| 568 // Verify that a cache directory for account 2 was created. |
| 569 EXPECT_TRUE(base::DirectoryExists(cache_dir_2_)); |
| 570 |
| 571 // Verify that the cache directory for account 3 was deleted. |
| 572 EXPECT_FALSE(base::DirectoryExists(cache_dir_3_)); |
| 573 |
| 574 // Verify that the cache for account 1 has been started. |
| 575 DeviceLocalAccountPolicyBroker* broker = |
| 576 service_->GetBrokerForUser(account_1_user_id_); |
| 577 ASSERT_TRUE(broker); |
| 578 EXPECT_TRUE(broker->extension_loader()->IsCacheRunning()); |
| 579 |
| 580 // Verify that the cache for account 2 has been started. |
| 581 broker = service_->GetBrokerForUser(account_2_user_id_); |
| 582 ASSERT_TRUE(broker); |
| 583 EXPECT_TRUE(broker->extension_loader()->IsCacheRunning()); |
| 584 } |
| 585 |
| 586 // Verifies that while the deletion of orphaned cache directories is in |
| 587 // progress, the caches for accounts which existed before the deletion started |
| 588 // are running but caches for newly added accounts are not started. |
| 589 TEST_F(DeviceLocalAccountPolicyExtensionCacheTest, RaceAgainstOrphanDeletion) { |
| 590 // Add account 1 to device policy. |
| 591 InstallDeviceLocalAccountPolicy(kAccount1); |
| 592 AddDeviceLocalAccountToPolicy(kAccount1); |
| 593 InstallDevicePolicy(); |
| 594 |
| 595 // Create the DeviceLocalAccountPolicyService, triggering the deletion of |
| 596 // orphaned cache directories. |
| 597 CreatePolicyService(); |
| 598 FlushDeviceSettings(); |
| 599 |
| 600 // Verify that the cache for account 1 has been started as it is unaffected by |
| 601 // the orphan deletion. |
| 602 DeviceLocalAccountPolicyBroker* broker = |
| 603 service_->GetBrokerForUser(account_1_user_id_); |
| 604 ASSERT_TRUE(broker); |
| 605 EXPECT_TRUE(broker->extension_loader()->IsCacheRunning()); |
| 606 |
| 607 // Add account 2 to device policy. |
| 608 InstallDeviceLocalAccountPolicy(kAccount2); |
| 609 AddDeviceLocalAccountToPolicy(kAccount2); |
| 610 InstallDevicePolicy(); |
| 611 |
| 612 // Verify that the cache for account 2 has not been started yet as the orphan |
| 613 // deletion is still in progress. |
| 614 broker = service_->GetBrokerForUser(account_2_user_id_); |
| 615 ASSERT_TRUE(broker); |
| 616 EXPECT_FALSE(broker->extension_loader()->IsCacheRunning()); |
| 617 |
| 618 // Allow the orphan deletion to finish. |
| 619 extension_cache_task_runner_->RunUntilIdle(); |
| 620 base::RunLoop().RunUntilIdle(); |
| 621 |
| 622 // Verify that the cache for account 2 has been started. |
| 623 EXPECT_TRUE(broker->extension_loader()->IsCacheRunning()); |
| 624 } |
| 625 |
| 626 // Verifies that while the shutdown of a cache is in progress, no new cache is |
| 627 // started if an account with the same ID is re-added. |
| 628 TEST_F(DeviceLocalAccountPolicyExtensionCacheTest, RaceAgainstCacheShutdown) { |
| 629 // Add account 1 to device policy. |
| 630 InstallDeviceLocalAccountPolicy(kAccount1); |
| 631 AddDeviceLocalAccountToPolicy(kAccount1); |
| 632 InstallDevicePolicy(); |
| 633 |
| 634 // Create the DeviceLocalAccountPolicyService, allowing it to finish the |
| 635 // deletion of orphaned cache directories. |
| 636 CreatePolicyService(); |
| 637 FlushDeviceSettings(); |
| 638 extension_cache_task_runner_->RunUntilIdle(); |
| 639 |
| 640 // Remove account 1 from device policy, triggering a shutdown of its cache. |
| 641 device_policy_.payload().mutable_device_local_accounts()->clear_account(); |
| 642 InstallDevicePolicy(); |
| 643 |
| 644 // Re-add account 1 to device policy. |
| 645 AddDeviceLocalAccountToPolicy(kAccount1); |
| 646 InstallDevicePolicy(); |
| 647 |
| 648 // Verify that the cache for account 1 has not been started yet as the |
| 649 // shutdown of a previous cache for this account ID is still in progress. |
| 650 DeviceLocalAccountPolicyBroker* broker = |
| 651 service_->GetBrokerForUser(account_1_user_id_); |
| 652 ASSERT_TRUE(broker); |
| 653 EXPECT_FALSE(broker->extension_loader()->IsCacheRunning()); |
| 654 |
| 655 // Allow the cache shutdown to finish. |
| 656 extension_cache_task_runner_->RunUntilIdle(); |
| 657 base::RunLoop().RunUntilIdle(); |
| 658 |
| 659 // Verify that the cache directory for account 1 still exists. |
| 660 EXPECT_TRUE(base::DirectoryExists(cache_dir_1_)); |
| 661 |
| 662 // Verify that the cache for account 1 has been started, reusing the existing |
| 663 // cache directory. |
| 664 EXPECT_TRUE(broker->extension_loader()->IsCacheRunning()); |
| 665 } |
| 666 |
| 667 // Verifies that while the deletion of an obsolete cache directory is in |
| 668 // progress, no new cache is started if an account with the same ID is re-added. |
| 669 TEST_F(DeviceLocalAccountPolicyExtensionCacheTest, |
| 670 RaceAgainstObsoleteDeletion) { |
| 671 // Add account 1 to device policy. |
| 672 InstallDeviceLocalAccountPolicy(kAccount1); |
| 673 AddDeviceLocalAccountToPolicy(kAccount1); |
| 674 InstallDevicePolicy(); |
| 675 |
| 676 // Create the DeviceLocalAccountPolicyService, allowing it to finish the |
| 677 // deletion of orphaned cache directories. |
| 678 CreatePolicyService(); |
| 679 FlushDeviceSettings(); |
| 680 extension_cache_task_runner_->RunUntilIdle(); |
| 681 |
| 682 // Remove account 1 from device policy, allowing the shutdown of its cache to |
| 683 // finish and the deletion of its now obsolete cache directory to begin. |
| 684 device_policy_.payload().mutable_device_local_accounts()->clear_account(); |
| 685 InstallDevicePolicy(); |
| 686 extension_cache_task_runner_->RunUntilIdle(); |
| 687 base::RunLoop().RunUntilIdle(); |
| 688 |
| 689 // Re-add account 1 to device policy. |
| 690 AddDeviceLocalAccountToPolicy(kAccount1); |
| 691 InstallDevicePolicy(); |
| 692 |
| 693 // Verify that the cache for account 1 has not been started yet as the |
| 694 // deletion of the cache directory for this account ID is still in progress. |
| 695 DeviceLocalAccountPolicyBroker* broker = |
| 696 service_->GetBrokerForUser(account_1_user_id_); |
| 697 ASSERT_TRUE(broker); |
| 698 EXPECT_FALSE(broker->extension_loader()->IsCacheRunning()); |
| 699 |
| 700 // Allow the deletion to finish. |
| 701 extension_cache_task_runner_->RunUntilIdle(); |
| 702 base::RunLoop().RunUntilIdle(); |
| 703 |
| 704 // Verify that the cache directory for account 1 was deleted. |
| 705 EXPECT_FALSE(base::DirectoryExists(cache_dir_1_)); |
| 706 |
| 707 // Verify that the cache for account 1 has been started. |
| 708 EXPECT_TRUE(broker->extension_loader()->IsCacheRunning()); |
| 709 } |
| 710 |
| 711 // Verifies that when an account is added and no deletion of cache directories |
| 712 // affecting this account is in progress, its cache is started immediately. |
| 713 TEST_F(DeviceLocalAccountPolicyExtensionCacheTest, AddAccount) { |
| 714 // Create the DeviceLocalAccountPolicyService, allowing it to finish the |
| 715 // deletion of orphaned cache directories. |
| 716 InstallDevicePolicy(); |
| 717 CreatePolicyService(); |
| 718 FlushDeviceSettings(); |
| 719 extension_cache_task_runner_->RunUntilIdle(); |
| 720 |
| 721 // Add account 1 to device policy. |
| 722 InstallDeviceLocalAccountPolicy(kAccount1); |
| 723 AddDeviceLocalAccountToPolicy(kAccount1); |
| 724 InstallDevicePolicy(); |
| 725 |
| 726 // Verify that the cache for account 1 has been started. |
| 727 DeviceLocalAccountPolicyBroker* broker = |
| 728 service_->GetBrokerForUser(account_1_user_id_); |
| 729 ASSERT_TRUE(broker); |
| 730 EXPECT_TRUE(broker->extension_loader()->IsCacheRunning()); |
| 731 } |
| 732 |
| 733 // Verifies that when an account is removed, its cache directory is deleted. |
| 734 TEST_F(DeviceLocalAccountPolicyExtensionCacheTest, RemoveAccount) { |
| 735 // Add account 1 to device policy. |
| 736 InstallDeviceLocalAccountPolicy(kAccount1); |
| 737 AddDeviceLocalAccountToPolicy(kAccount1); |
| 738 InstallDevicePolicy(); |
| 739 |
| 740 // Create the DeviceLocalAccountPolicyService, allowing it to finish the |
| 741 // deletion of orphaned cache directories. |
| 742 CreatePolicyService(); |
| 743 FlushDeviceSettings(); |
| 744 extension_cache_task_runner_->RunUntilIdle(); |
| 745 |
| 746 // Verify that a cache directory has been created for account 1. |
| 747 EXPECT_TRUE(base::DirectoryExists(cache_dir_1_)); |
| 748 |
| 749 // Remove account 1 from device policy, allowing the deletion of its now |
| 750 // obsolete cache directory to finish. |
| 751 device_policy_.payload().mutable_device_local_accounts()->clear_account(); |
| 752 InstallDevicePolicy(); |
| 753 extension_cache_task_runner_->RunUntilIdle(); |
| 754 base::RunLoop().RunUntilIdle(); |
| 755 extension_cache_task_runner_->RunUntilIdle(); |
| 756 |
| 757 // Verify that the cache directory for account 1 was deleted. |
| 758 EXPECT_FALSE(base::DirectoryExists(cache_dir_1_)); |
| 393 } | 759 } |
| 394 | 760 |
| 395 class DeviceLocalAccountPolicyProviderTest | 761 class DeviceLocalAccountPolicyProviderTest |
| 396 : public DeviceLocalAccountPolicyServiceTest { | 762 : public DeviceLocalAccountPolicyServiceTestBase { |
| 397 protected: | 763 protected: |
| 398 DeviceLocalAccountPolicyProviderTest() | 764 DeviceLocalAccountPolicyProviderTest(); |
| 399 : provider_( | 765 |
| 400 GenerateDeviceLocalAccountUserId( | 766 virtual void SetUp() OVERRIDE; |
| 401 PolicyBuilder::kFakeUsername, | 767 virtual void TearDown() OVERRIDE; |
| 402 DeviceLocalAccount::TYPE_PUBLIC_SESSION), | 768 |
| 403 &service_) {} | 769 scoped_ptr<DeviceLocalAccountPolicyProvider> provider_; |
| 404 | |
| 405 virtual void SetUp() OVERRIDE { | |
| 406 DeviceLocalAccountPolicyServiceTest::SetUp(); | |
| 407 provider_.Init(); | |
| 408 provider_.AddObserver(&provider_observer_); | |
| 409 | |
| 410 EXPECT_CALL(service_observer_, OnPolicyUpdated(_)).Times(AnyNumber()); | |
| 411 EXPECT_CALL(service_observer_, OnDeviceLocalAccountsChanged()) | |
| 412 .Times(AnyNumber()); | |
| 413 } | |
| 414 | |
| 415 virtual void TearDown() OVERRIDE { | |
| 416 provider_.RemoveObserver(&provider_observer_); | |
| 417 provider_.Shutdown(); | |
| 418 DeviceLocalAccountPolicyServiceTest::TearDown(); | |
| 419 } | |
| 420 | |
| 421 DeviceLocalAccountPolicyProvider provider_; | |
| 422 MockConfigurationPolicyObserver provider_observer_; | 770 MockConfigurationPolicyObserver provider_observer_; |
| 423 | 771 |
| 424 private: | 772 private: |
| 425 DISALLOW_COPY_AND_ASSIGN(DeviceLocalAccountPolicyProviderTest); | 773 DISALLOW_COPY_AND_ASSIGN(DeviceLocalAccountPolicyProviderTest); |
| 426 }; | 774 }; |
| 427 | 775 |
| 776 DeviceLocalAccountPolicyProviderTest::DeviceLocalAccountPolicyProviderTest() { |
| 777 CreatePolicyService(); |
| 778 provider_.reset(new DeviceLocalAccountPolicyProvider( |
| 779 GenerateDeviceLocalAccountUserId(kAccount1, |
| 780 DeviceLocalAccount::TYPE_PUBLIC_SESSION), |
| 781 service_.get())); |
| 782 } |
| 783 |
| 784 void DeviceLocalAccountPolicyProviderTest::SetUp() { |
| 785 DeviceLocalAccountPolicyServiceTestBase::SetUp(); |
| 786 provider_->Init(); |
| 787 provider_->AddObserver(&provider_observer_); |
| 788 } |
| 789 |
| 790 void DeviceLocalAccountPolicyProviderTest::TearDown() { |
| 791 provider_->RemoveObserver(&provider_observer_); |
| 792 provider_->Shutdown(); |
| 793 DeviceLocalAccountPolicyServiceTestBase::TearDown(); |
| 794 } |
| 795 |
| 428 TEST_F(DeviceLocalAccountPolicyProviderTest, Initialization) { | 796 TEST_F(DeviceLocalAccountPolicyProviderTest, Initialization) { |
| 429 EXPECT_FALSE(provider_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); | 797 EXPECT_FALSE(provider_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); |
| 430 | 798 |
| 431 // Policy change should complete initialization. | 799 // Policy change should complete initialization. |
| 432 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); | 800 InstallDeviceLocalAccountPolicy(kAccount1); |
| 433 device_settings_test_helper_.set_device_local_account_policy_blob( | 801 AddDeviceLocalAccountToPolicy(kAccount1); |
| 434 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | 802 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 435 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); | 803 .Times(AtLeast(1)); |
| 436 ReloadDeviceSettings(); | 804 InstallDevicePolicy(); |
| 437 Mock::VerifyAndClearExpectations(&provider_observer_); | 805 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 438 | 806 |
| 439 EXPECT_TRUE(provider_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); | 807 EXPECT_TRUE(provider_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); |
| 440 | 808 |
| 441 // The account disappearing should *not* flip the initialization flag back. | 809 // The account disappearing should *not* flip the initialization flag back. |
| 442 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)) | 810 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 443 .Times(AnyNumber()); | 811 .Times(AnyNumber()); |
| 444 device_policy_.payload().mutable_device_local_accounts()->clear_account(); | 812 device_policy_.payload().mutable_device_local_accounts()->clear_account(); |
| 445 device_policy_.Build(); | 813 InstallDevicePolicy(); |
| 446 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); | |
| 447 ReloadDeviceSettings(); | |
| 448 Mock::VerifyAndClearExpectations(&provider_observer_); | 814 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 449 | 815 |
| 450 EXPECT_TRUE(provider_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); | 816 EXPECT_TRUE(provider_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); |
| 451 } | 817 } |
| 452 | 818 |
| 453 TEST_F(DeviceLocalAccountPolicyProviderTest, Policy) { | 819 TEST_F(DeviceLocalAccountPolicyProviderTest, Policy) { |
| 454 // Policy should load successfully. | 820 // Policy should load successfully. |
| 455 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); | 821 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 456 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); | 822 .Times(AtLeast(1)); |
| 457 device_settings_test_helper_.set_device_local_account_policy_blob( | 823 InstallDeviceLocalAccountPolicy(kAccount1); |
| 458 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | 824 AddDeviceLocalAccountToPolicy(kAccount1); |
| 459 ReloadDeviceSettings(); | 825 InstallDevicePolicy(); |
| 460 Mock::VerifyAndClearExpectations(&provider_observer_); | 826 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 461 | 827 |
| 462 PolicyBundle expected_policy_bundle; | 828 PolicyBundle expected_policy_bundle; |
| 463 expected_policy_bundle.Get(PolicyNamespace( | 829 expected_policy_bundle.Get(PolicyNamespace( |
| 464 POLICY_DOMAIN_CHROME, std::string())).CopyFrom(expected_policy_map_); | 830 POLICY_DOMAIN_CHROME, std::string())).CopyFrom(expected_policy_map_); |
| 465 EXPECT_TRUE(expected_policy_bundle.Equals(provider_.policies())); | 831 EXPECT_TRUE(expected_policy_bundle.Equals(provider_->policies())); |
| 466 | 832 |
| 467 // Policy change should be reported. | 833 // Policy change should be reported. |
| 468 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); | 834 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 835 .Times(AtLeast(1)); |
| 469 device_local_account_policy_.payload().mutable_disablespdy()->set_value( | 836 device_local_account_policy_.payload().mutable_disablespdy()->set_value( |
| 470 false); | 837 false); |
| 471 device_local_account_policy_.Build(); | 838 InstallDeviceLocalAccountPolicy(kAccount1); |
| 472 device_settings_test_helper_.set_device_local_account_policy_blob( | 839 DeviceLocalAccountPolicyBroker* broker = |
| 473 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | 840 service_->GetBrokerForUser(account_1_user_id_); |
| 474 DeviceLocalAccountPolicyBroker* broker = | |
| 475 service_.GetBrokerForUser(public_session_user_id_); | |
| 476 ASSERT_TRUE(broker); | 841 ASSERT_TRUE(broker); |
| 477 broker->core()->store()->Load(); | 842 broker->core()->store()->Load(); |
| 478 FlushDeviceSettings(); | 843 FlushDeviceSettings(); |
| 479 Mock::VerifyAndClearExpectations(&provider_observer_); | 844 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 480 | 845 |
| 481 expected_policy_bundle.Get( | 846 expected_policy_bundle.Get( |
| 482 PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())) | 847 PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())) |
| 483 .Set(key::kDisableSpdy, | 848 .Set(key::kDisableSpdy, |
| 484 POLICY_LEVEL_MANDATORY, | 849 POLICY_LEVEL_MANDATORY, |
| 485 POLICY_SCOPE_USER, | 850 POLICY_SCOPE_USER, |
| 486 Value::CreateBooleanValue(false), | 851 Value::CreateBooleanValue(false), |
| 487 NULL); | 852 NULL); |
| 488 EXPECT_TRUE(expected_policy_bundle.Equals(provider_.policies())); | 853 EXPECT_TRUE(expected_policy_bundle.Equals(provider_->policies())); |
| 489 | 854 |
| 490 // Any values set for the |ShelfAutoHideBehavior|, |ShowLogoutButtonInTray| | 855 // Any values set for the |ShelfAutoHideBehavior|, |ShowLogoutButtonInTray| |
| 491 // and |ExtensionAllowedTypes| policies should be overridden. | 856 // and |ExtensionAllowedTypes| policies should be overridden. |
| 492 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); | 857 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 858 .Times(AtLeast(1)); |
| 493 device_local_account_policy_.payload().mutable_shelfautohidebehavior()-> | 859 device_local_account_policy_.payload().mutable_shelfautohidebehavior()-> |
| 494 set_value("Always"); | 860 set_value("Always"); |
| 495 device_local_account_policy_.payload().mutable_showlogoutbuttonintray()-> | 861 device_local_account_policy_.payload().mutable_showlogoutbuttonintray()-> |
| 496 set_value(false); | 862 set_value(false); |
| 497 device_local_account_policy_.Build(); | 863 InstallDeviceLocalAccountPolicy(kAccount1); |
| 498 device_settings_test_helper_.set_device_local_account_policy_blob( | |
| 499 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); | |
| 500 broker->core()->store()->Load(); | 864 broker->core()->store()->Load(); |
| 501 FlushDeviceSettings(); | 865 FlushDeviceSettings(); |
| 502 Mock::VerifyAndClearExpectations(&provider_observer_); | 866 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 503 EXPECT_TRUE(expected_policy_bundle.Equals(provider_.policies())); | 867 EXPECT_TRUE(expected_policy_bundle.Equals(provider_->policies())); |
| 504 | 868 |
| 505 // Account disappears, policy should stay in effect. | 869 // Account disappears, policy should stay in effect. |
| 506 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)) | 870 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 507 .Times(AnyNumber()); | 871 .Times(AnyNumber()); |
| 508 device_policy_.payload().mutable_device_local_accounts()->clear_account(); | 872 device_policy_.payload().mutable_device_local_accounts()->clear_account(); |
| 509 device_policy_.Build(); | 873 InstallDevicePolicy(); |
| 510 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); | |
| 511 ReloadDeviceSettings(); | |
| 512 Mock::VerifyAndClearExpectations(&provider_observer_); | 874 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 513 | 875 |
| 514 EXPECT_TRUE(expected_policy_bundle.Equals(provider_.policies())); | 876 EXPECT_TRUE(expected_policy_bundle.Equals(provider_->policies())); |
| 515 } | 877 } |
| 516 | 878 |
| 517 TEST_F(DeviceLocalAccountPolicyProviderTest, RefreshPolicies) { | 879 TEST_F(DeviceLocalAccountPolicyProviderTest, RefreshPolicies) { |
| 518 // If there's no device policy, the refresh completes immediately. | 880 // If there's no device policy, the refresh completes immediately. |
| 519 EXPECT_FALSE(service_.GetBrokerForUser(public_session_user_id_)); | 881 EXPECT_FALSE(service_->GetBrokerForUser(account_1_user_id_)); |
| 520 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); | 882 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 521 provider_.RefreshPolicies(); | 883 .Times(AtLeast(1)); |
| 884 provider_->RefreshPolicies(); |
| 522 Mock::VerifyAndClearExpectations(&provider_observer_); | 885 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 523 | 886 |
| 524 // Make device settings appear. | 887 // Make device settings appear. |
| 525 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)) | 888 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 526 .Times(AnyNumber()); | 889 .Times(AnyNumber()); |
| 527 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); | 890 AddDeviceLocalAccountToPolicy(kAccount1); |
| 528 ReloadDeviceSettings(); | 891 InstallDevicePolicy(); |
| 529 Mock::VerifyAndClearExpectations(&provider_observer_); | 892 EXPECT_TRUE(service_->GetBrokerForUser(account_1_user_id_)); |
| 530 EXPECT_TRUE(service_.GetBrokerForUser(public_session_user_id_)); | |
| 531 | 893 |
| 532 // If there's no cloud connection, refreshes are still immediate. | 894 // If there's no cloud connection, refreshes are still immediate. |
| 533 DeviceLocalAccountPolicyBroker* broker = | 895 DeviceLocalAccountPolicyBroker* broker = |
| 534 service_.GetBrokerForUser(public_session_user_id_); | 896 service_->GetBrokerForUser(account_1_user_id_); |
| 535 ASSERT_TRUE(broker); | 897 ASSERT_TRUE(broker); |
| 536 EXPECT_FALSE(broker->core()->client()); | 898 EXPECT_FALSE(broker->core()->client()); |
| 537 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); | 899 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 538 provider_.RefreshPolicies(); | 900 .Times(AtLeast(1)); |
| 901 provider_->RefreshPolicies(); |
| 539 Mock::VerifyAndClearExpectations(&provider_observer_); | 902 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 540 | 903 |
| 541 // Bring up the cloud connection. The refresh scheduler may fire refreshes at | 904 // Bring up the cloud connection. The refresh scheduler may fire refreshes at |
| 542 // this point which are not relevant for the test. | 905 // this point which are not relevant for the test. |
| 543 EXPECT_CALL(mock_device_management_service_, CreateJob(_)) | 906 EXPECT_CALL(mock_device_management_service_, CreateJob(_)) |
| 544 .WillRepeatedly( | 907 .WillRepeatedly( |
| 545 mock_device_management_service_.FailJob(DM_STATUS_REQUEST_FAILED)); | 908 mock_device_management_service_.FailJob(DM_STATUS_REQUEST_FAILED)); |
| 546 EXPECT_CALL(mock_device_management_service_, StartJob(_, _, _, _, _, _, _)) | 909 EXPECT_CALL(mock_device_management_service_, StartJob(_, _, _, _, _, _, _)) |
| 547 .Times(AnyNumber()); | 910 .Times(AnyNumber()); |
| 548 service_.Connect(&mock_device_management_service_); | 911 service_->Connect(&mock_device_management_service_); |
| 549 FlushDeviceSettings(); | 912 FlushDeviceSettings(); |
| 550 Mock::VerifyAndClearExpectations(&mock_device_management_service_); | 913 Mock::VerifyAndClearExpectations(&mock_device_management_service_); |
| 551 | 914 |
| 552 // No callbacks until the refresh completes. | 915 // No callbacks until the refresh completes. |
| 553 EXPECT_CALL(provider_observer_, OnUpdatePolicy(_)).Times(0); | 916 EXPECT_CALL(provider_observer_, OnUpdatePolicy(_)).Times(0); |
| 554 MockDeviceManagementJob* request_job; | 917 MockDeviceManagementJob* request_job; |
| 555 EXPECT_CALL(mock_device_management_service_, CreateJob(_)) | 918 EXPECT_CALL(mock_device_management_service_, CreateJob(_)) |
| 556 .WillOnce(mock_device_management_service_.CreateAsyncJob(&request_job)); | 919 .WillOnce(mock_device_management_service_.CreateAsyncJob(&request_job)); |
| 557 EXPECT_CALL(mock_device_management_service_, StartJob(_, _, _, _, _, _, _)); | 920 EXPECT_CALL(mock_device_management_service_, StartJob(_, _, _, _, _, _, _)); |
| 558 provider_.RefreshPolicies(); | 921 provider_->RefreshPolicies(); |
| 559 ReloadDeviceSettings(); | 922 ReloadDeviceSettings(); |
| 560 Mock::VerifyAndClearExpectations(&provider_observer_); | 923 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 561 Mock::VerifyAndClearExpectations(&mock_device_management_service_); | 924 Mock::VerifyAndClearExpectations(&mock_device_management_service_); |
| 562 EXPECT_TRUE(provider_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); | 925 EXPECT_TRUE(provider_->IsInitializationComplete(POLICY_DOMAIN_CHROME)); |
| 563 | 926 |
| 564 // When the response comes in, it should propagate and fire the notification. | 927 // When the response comes in, it should propagate and fire the notification. |
| 565 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); | 928 EXPECT_CALL(provider_observer_, OnUpdatePolicy(provider_.get())) |
| 929 .Times(AtLeast(1)); |
| 566 ASSERT_TRUE(request_job); | 930 ASSERT_TRUE(request_job); |
| 567 em::DeviceManagementResponse response; | 931 em::DeviceManagementResponse response; |
| 932 device_local_account_policy_.Build(); |
| 568 response.mutable_policy_response()->add_response()->CopyFrom( | 933 response.mutable_policy_response()->add_response()->CopyFrom( |
| 569 device_local_account_policy_.policy()); | 934 device_local_account_policy_.policy()); |
| 570 request_job->SendResponse(DM_STATUS_SUCCESS, response); | 935 request_job->SendResponse(DM_STATUS_SUCCESS, response); |
| 571 FlushDeviceSettings(); | 936 FlushDeviceSettings(); |
| 572 Mock::VerifyAndClearExpectations(&provider_observer_); | 937 Mock::VerifyAndClearExpectations(&provider_observer_); |
| 573 } | 938 } |
| 574 | 939 |
| 575 } // namespace policy | 940 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 27548004:
Cache force-installed apps/extensions in device-local accounts (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src