| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h" | 5 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h" |
| 6 | 6 |
| 7 #include <stdint.h> | 7 #include <stdint.h> |
| 8 | 8 |
| 9 #include <memory> | 9 #include <memory> |
| 10 #include <string> | 10 #include <string> |
| (...skipping 17 matching lines...) Expand all Loading... |
| 28 #include "components/policy/core/common/policy_types.h" | 28 #include "components/policy/core/common/policy_types.h" |
| 29 #include "components/policy/policy_constants.h" | 29 #include "components/policy/policy_constants.h" |
| 30 #include "components/policy/proto/cloud_policy.pb.h" | 30 #include "components/policy/proto/cloud_policy.pb.h" |
| 31 #include "components/policy/proto/device_management_local.pb.h" | 31 #include "components/policy/proto/device_management_local.pb.h" |
| 32 #include "crypto/rsa_private_key.h" | 32 #include "crypto/rsa_private_key.h" |
| 33 #include "testing/gmock/include/gmock/gmock.h" | 33 #include "testing/gmock/include/gmock/gmock.h" |
| 34 #include "testing/gtest/include/gtest/gtest.h" | 34 #include "testing/gtest/include/gtest/gtest.h" |
| 35 | 35 |
| 36 namespace em = enterprise_management; | 36 namespace em = enterprise_management; |
| 37 | 37 |
| 38 using RetrievePolicyResponseType = |
| 39 chromeos::SessionManagerClient::RetrievePolicyResponseType; |
| 40 |
| 38 using testing::AllOf; | 41 using testing::AllOf; |
| 39 using testing::AnyNumber; | 42 using testing::AnyNumber; |
| 40 using testing::Eq; | 43 using testing::Eq; |
| 41 using testing::Mock; | 44 using testing::Mock; |
| 42 using testing::Property; | 45 using testing::Property; |
| 43 using testing::Return; | 46 using testing::Return; |
| 44 using testing::SaveArg; | 47 using testing::SaveArg; |
| 48 using testing::SetArgPointee; |
| 45 using testing::_; | 49 using testing::_; |
| 46 | 50 |
| 47 namespace policy { | 51 namespace policy { |
| 48 | 52 |
| 49 namespace { | 53 namespace { |
| 50 | 54 |
| 51 const char kSanitizedUsername[] = | 55 const char kSanitizedUsername[] = |
| 52 "0123456789ABCDEF0123456789ABCDEF012345678@example.com"; | 56 "0123456789ABCDEF0123456789ABCDEF012345678@example.com"; |
| 53 const char kDefaultHomepage[] = "http://chromium.org"; | 57 const char kDefaultHomepage[] = "http://chromium.org"; |
| 54 | 58 |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 104 chromeos::SessionManagerClient::RetrievePolicyCallback retrieve_callback; | 108 chromeos::SessionManagerClient::RetrievePolicyCallback retrieve_callback; |
| 105 EXPECT_CALL(session_manager_client_, | 109 EXPECT_CALL(session_manager_client_, |
| 106 RetrievePolicyForUser(cryptohome_id_, _)) | 110 RetrievePolicyForUser(cryptohome_id_, _)) |
| 107 .WillOnce(SaveArg<1>(&retrieve_callback)); | 111 .WillOnce(SaveArg<1>(&retrieve_callback)); |
| 108 store_->Load(); | 112 store_->Load(); |
| 109 base::RunLoop().RunUntilIdle(); | 113 base::RunLoop().RunUntilIdle(); |
| 110 Mock::VerifyAndClearExpectations(&session_manager_client_); | 114 Mock::VerifyAndClearExpectations(&session_manager_client_); |
| 111 ASSERT_FALSE(retrieve_callback.is_null()); | 115 ASSERT_FALSE(retrieve_callback.is_null()); |
| 112 | 116 |
| 113 // Run the callback. | 117 // Run the callback. |
| 114 retrieve_callback.Run(response); | 118 retrieve_callback.Run(response, RetrievePolicyResponseType::SUCCESS); |
| 115 base::RunLoop().RunUntilIdle(); | 119 base::RunLoop().RunUntilIdle(); |
| 116 } | 120 } |
| 117 | 121 |
| 118 // Verifies that store_->policy_map() has the HomepageLocation entry with | 122 // Verifies that store_->policy_map() has the HomepageLocation entry with |
| 119 // the |expected_value|. | 123 // the |expected_value|. |
| 120 void VerifyPolicyMap(const char* expected_value) { | 124 void VerifyPolicyMap(const char* expected_value) { |
| 121 EXPECT_EQ(1U, store_->policy_map().size()); | 125 EXPECT_EQ(1U, store_->policy_map().size()); |
| 122 const PolicyMap::Entry* entry = | 126 const PolicyMap::Entry* entry = |
| 123 store_->policy_map().Get(key::kHomepageLocation); | 127 store_->policy_map().Get(key::kHomepageLocation); |
| 124 ASSERT_TRUE(entry); | 128 ASSERT_TRUE(entry); |
| (...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 177 .WillOnce(SaveArg<1>(&retrieve_callback)); | 181 .WillOnce(SaveArg<1>(&retrieve_callback)); |
| 178 store_callback.Run(true); | 182 store_callback.Run(true); |
| 179 base::RunLoop().RunUntilIdle(); | 183 base::RunLoop().RunUntilIdle(); |
| 180 EXPECT_TRUE(previous_policy.Equals(store_->policy_map())); | 184 EXPECT_TRUE(previous_policy.Equals(store_->policy_map())); |
| 181 EXPECT_EQ(initial_status, store_->status()); | 185 EXPECT_EQ(initial_status, store_->status()); |
| 182 Mock::VerifyAndClearExpectations(&session_manager_client_); | 186 Mock::VerifyAndClearExpectations(&session_manager_client_); |
| 183 ASSERT_FALSE(retrieve_callback.is_null()); | 187 ASSERT_FALSE(retrieve_callback.is_null()); |
| 184 | 188 |
| 185 // Finish the retrieve callback. | 189 // Finish the retrieve callback. |
| 186 EXPECT_CALL(observer_, OnStoreLoaded(store_.get())); | 190 EXPECT_CALL(observer_, OnStoreLoaded(store_.get())); |
| 187 retrieve_callback.Run(policy_.GetBlob()); | 191 retrieve_callback.Run(policy_.GetBlob(), |
| 192 RetrievePolicyResponseType::SUCCESS); |
| 188 base::RunLoop().RunUntilIdle(); | 193 base::RunLoop().RunUntilIdle(); |
| 189 ASSERT_TRUE(store_->policy()); | 194 ASSERT_TRUE(store_->policy()); |
| 190 EXPECT_EQ(policy_.policy_data().SerializeAsString(), | 195 EXPECT_EQ(policy_.policy_data().SerializeAsString(), |
| 191 store_->policy()->SerializeAsString()); | 196 store_->policy()->SerializeAsString()); |
| 192 VerifyPolicyMap(new_value); | 197 VerifyPolicyMap(new_value); |
| 193 EXPECT_EQ(CloudPolicyStore::STATUS_OK, store_->status()); | 198 EXPECT_EQ(CloudPolicyStore::STATUS_OK, store_->status()); |
| 194 } | 199 } |
| 195 | 200 |
| 196 void VerifyStoreHasValidationError() { | 201 void VerifyStoreHasValidationError() { |
| 197 EXPECT_FALSE(store_->policy()); | 202 EXPECT_FALSE(store_->policy()); |
| (...skipping 288 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 486 policy_.policy().mutable_policy_data_signature()->append("garbage"); | 491 policy_.policy().mutable_policy_data_signature()->append("garbage"); |
| 487 ExpectError(CloudPolicyStore::STATUS_VALIDATION_ERROR); | 492 ExpectError(CloudPolicyStore::STATUS_VALIDATION_ERROR); |
| 488 ASSERT_NO_FATAL_FAILURE(PerformPolicyLoad(policy_.GetBlob())); | 493 ASSERT_NO_FATAL_FAILURE(PerformPolicyLoad(policy_.GetBlob())); |
| 489 VerifyStoreHasValidationError(); | 494 VerifyStoreHasValidationError(); |
| 490 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); | 495 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); |
| 491 } | 496 } |
| 492 | 497 |
| 493 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediately) { | 498 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediately) { |
| 494 EXPECT_CALL(observer_, OnStoreLoaded(store_.get())); | 499 EXPECT_CALL(observer_, OnStoreLoaded(store_.get())); |
| 495 EXPECT_CALL(session_manager_client_, | 500 EXPECT_CALL(session_manager_client_, |
| 496 BlockingRetrievePolicyForUser(cryptohome_id_)) | 501 BlockingRetrievePolicyForUser(cryptohome_id_, _)) |
| 497 .WillOnce(Return(policy_.GetBlob())); | 502 .WillOnce(DoAll(SetArgPointee<1>(policy_.GetBlob()), |
| 503 Return(RetrievePolicyResponseType::SUCCESS))); |
| 498 EXPECT_CALL(cryptohome_client_, BlockingGetSanitizedUsername(cryptohome_id_)) | 504 EXPECT_CALL(cryptohome_client_, BlockingGetSanitizedUsername(cryptohome_id_)) |
| 499 .WillOnce(Return(kSanitizedUsername)); | 505 .WillOnce(Return(kSanitizedUsername)); |
| 500 | 506 |
| 501 EXPECT_FALSE(store_->policy()); | 507 EXPECT_FALSE(store_->policy()); |
| 502 store_->LoadImmediately(); | 508 store_->LoadImmediately(); |
| 503 // Note: verify that the |observer_| got notified synchronously, without | 509 // Note: verify that the |observer_| got notified synchronously, without |
| 504 // having to spin the current loop. TearDown() will flush the loop so this | 510 // having to spin the current loop. TearDown() will flush the loop so this |
| 505 // must be done within the test. | 511 // must be done within the test. |
| 506 Mock::VerifyAndClearExpectations(&observer_); | 512 Mock::VerifyAndClearExpectations(&observer_); |
| 507 Mock::VerifyAndClearExpectations(&session_manager_client_); | 513 Mock::VerifyAndClearExpectations(&session_manager_client_); |
| 508 Mock::VerifyAndClearExpectations(&cryptohome_client_); | 514 Mock::VerifyAndClearExpectations(&cryptohome_client_); |
| 509 | 515 |
| 510 // The policy should become available without having to spin any loops. | 516 // The policy should become available without having to spin any loops. |
| 511 ASSERT_TRUE(store_->policy()); | 517 ASSERT_TRUE(store_->policy()); |
| 512 EXPECT_EQ(policy_.policy_data().SerializeAsString(), | 518 EXPECT_EQ(policy_.policy_data().SerializeAsString(), |
| 513 store_->policy()->SerializeAsString()); | 519 store_->policy()->SerializeAsString()); |
| 514 VerifyPolicyMap(kDefaultHomepage); | 520 VerifyPolicyMap(kDefaultHomepage); |
| 515 EXPECT_EQ(CloudPolicyStore::STATUS_OK, store_->status()); | 521 EXPECT_EQ(CloudPolicyStore::STATUS_OK, store_->status()); |
| 516 EXPECT_EQ(policy_.GetPublicSigningKeyAsString(), | 522 EXPECT_EQ(policy_.GetPublicSigningKeyAsString(), |
| 517 store_->policy_signature_public_key()); | 523 store_->policy_signature_public_key()); |
| 518 } | 524 } |
| 519 | 525 |
| 520 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyNoPolicy) { | 526 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyNoPolicy) { |
| 521 EXPECT_CALL(observer_, OnStoreLoaded(store_.get())); | 527 EXPECT_CALL(observer_, OnStoreLoaded(store_.get())); |
| 522 EXPECT_CALL(session_manager_client_, | 528 EXPECT_CALL(session_manager_client_, |
| 523 BlockingRetrievePolicyForUser(cryptohome_id_)) | 529 BlockingRetrievePolicyForUser(cryptohome_id_, _)) |
| 524 .WillOnce(Return("")); | 530 .WillOnce(DoAll(SetArgPointee<1>(""), |
| 531 Return(RetrievePolicyResponseType::SUCCESS))); |
| 525 | 532 |
| 526 EXPECT_FALSE(store_->policy()); | 533 EXPECT_FALSE(store_->policy()); |
| 527 store_->LoadImmediately(); | 534 store_->LoadImmediately(); |
| 528 Mock::VerifyAndClearExpectations(&observer_); | 535 Mock::VerifyAndClearExpectations(&observer_); |
| 529 Mock::VerifyAndClearExpectations(&session_manager_client_); | 536 Mock::VerifyAndClearExpectations(&session_manager_client_); |
| 530 | 537 |
| 531 EXPECT_FALSE(store_->policy()); | 538 EXPECT_FALSE(store_->policy()); |
| 532 EXPECT_TRUE(store_->policy_map().empty()); | 539 EXPECT_TRUE(store_->policy_map().empty()); |
| 533 EXPECT_EQ(CloudPolicyStore::STATUS_OK, store_->status()); | 540 EXPECT_EQ(CloudPolicyStore::STATUS_OK, store_->status()); |
| 534 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); | 541 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); |
| 535 } | 542 } |
| 536 | 543 |
| 537 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyInvalidBlob) { | 544 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyInvalidBlob) { |
| 538 EXPECT_CALL(observer_, OnStoreError(store_.get())); | 545 EXPECT_CALL(observer_, OnStoreError(store_.get())); |
| 539 EXPECT_CALL(session_manager_client_, | 546 EXPECT_CALL(session_manager_client_, |
| 540 BlockingRetrievePolicyForUser(cryptohome_id_)) | 547 BlockingRetrievePolicyForUser(cryptohome_id_, _)) |
| 541 .WillOnce(Return("le blob")); | 548 .WillOnce(DoAll(SetArgPointee<1>("le blob"), |
| 549 Return(RetrievePolicyResponseType::SUCCESS))); |
| 542 | 550 |
| 543 EXPECT_FALSE(store_->policy()); | 551 EXPECT_FALSE(store_->policy()); |
| 544 store_->LoadImmediately(); | 552 store_->LoadImmediately(); |
| 545 Mock::VerifyAndClearExpectations(&observer_); | 553 Mock::VerifyAndClearExpectations(&observer_); |
| 546 Mock::VerifyAndClearExpectations(&session_manager_client_); | 554 Mock::VerifyAndClearExpectations(&session_manager_client_); |
| 547 | 555 |
| 548 EXPECT_FALSE(store_->policy()); | 556 EXPECT_FALSE(store_->policy()); |
| 549 EXPECT_TRUE(store_->policy_map().empty()); | 557 EXPECT_TRUE(store_->policy_map().empty()); |
| 550 EXPECT_EQ(CloudPolicyStore::STATUS_PARSE_ERROR, store_->status()); | 558 EXPECT_EQ(CloudPolicyStore::STATUS_PARSE_ERROR, store_->status()); |
| 551 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); | 559 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); |
| 552 } | 560 } |
| 553 | 561 |
| 554 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyDBusFailure) { | 562 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyDBusFailure) { |
| 555 EXPECT_CALL(observer_, OnStoreError(store_.get())); | 563 EXPECT_CALL(observer_, OnStoreError(store_.get())); |
| 556 EXPECT_CALL(session_manager_client_, | 564 EXPECT_CALL(session_manager_client_, |
| 557 BlockingRetrievePolicyForUser(cryptohome_id_)) | 565 BlockingRetrievePolicyForUser(cryptohome_id_, _)) |
| 558 .WillOnce(Return(policy_.GetBlob())); | 566 .WillOnce(DoAll(SetArgPointee<1>(policy_.GetBlob()), |
| 567 Return(RetrievePolicyResponseType::SUCCESS))); |
| 559 EXPECT_CALL(cryptohome_client_, BlockingGetSanitizedUsername(cryptohome_id_)) | 568 EXPECT_CALL(cryptohome_client_, BlockingGetSanitizedUsername(cryptohome_id_)) |
| 560 .WillOnce(Return("")); | 569 .WillOnce(Return("")); |
| 561 | 570 |
| 562 EXPECT_FALSE(store_->policy()); | 571 EXPECT_FALSE(store_->policy()); |
| 563 store_->LoadImmediately(); | 572 store_->LoadImmediately(); |
| 564 Mock::VerifyAndClearExpectations(&observer_); | 573 Mock::VerifyAndClearExpectations(&observer_); |
| 565 Mock::VerifyAndClearExpectations(&session_manager_client_); | 574 Mock::VerifyAndClearExpectations(&session_manager_client_); |
| 566 Mock::VerifyAndClearExpectations(&cryptohome_client_); | 575 Mock::VerifyAndClearExpectations(&cryptohome_client_); |
| 567 | 576 |
| 568 EXPECT_FALSE(store_->policy()); | 577 EXPECT_FALSE(store_->policy()); |
| 569 EXPECT_TRUE(store_->policy_map().empty()); | 578 EXPECT_TRUE(store_->policy_map().empty()); |
| 570 EXPECT_EQ(CloudPolicyStore::STATUS_LOAD_ERROR, store_->status()); | 579 EXPECT_EQ(CloudPolicyStore::STATUS_LOAD_ERROR, store_->status()); |
| 571 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); | 580 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); |
| 572 } | 581 } |
| 573 | 582 |
| 574 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyNoUserPolicyKey) { | 583 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyNoUserPolicyKey) { |
| 575 EXPECT_CALL(observer_, OnStoreError(store_.get())); | 584 EXPECT_CALL(observer_, OnStoreError(store_.get())); |
| 576 EXPECT_CALL(session_manager_client_, | 585 EXPECT_CALL(session_manager_client_, |
| 577 BlockingRetrievePolicyForUser(cryptohome_id_)) | 586 BlockingRetrievePolicyForUser(cryptohome_id_, _)) |
| 578 .WillOnce(Return(policy_.GetBlob())); | 587 .WillOnce(DoAll(SetArgPointee<1>(policy_.GetBlob()), |
| 588 Return(RetrievePolicyResponseType::SUCCESS))); |
| 579 EXPECT_CALL(cryptohome_client_, BlockingGetSanitizedUsername(cryptohome_id_)) | 589 EXPECT_CALL(cryptohome_client_, BlockingGetSanitizedUsername(cryptohome_id_)) |
| 580 .WillOnce(Return("wrong@example.com")); | 590 .WillOnce(Return("wrong@example.com")); |
| 581 | 591 |
| 582 EXPECT_FALSE(store_->policy()); | 592 EXPECT_FALSE(store_->policy()); |
| 583 store_->LoadImmediately(); | 593 store_->LoadImmediately(); |
| 584 Mock::VerifyAndClearExpectations(&observer_); | 594 Mock::VerifyAndClearExpectations(&observer_); |
| 585 Mock::VerifyAndClearExpectations(&session_manager_client_); | 595 Mock::VerifyAndClearExpectations(&session_manager_client_); |
| 586 Mock::VerifyAndClearExpectations(&cryptohome_client_); | 596 Mock::VerifyAndClearExpectations(&cryptohome_client_); |
| 587 | 597 |
| 588 EXPECT_FALSE(store_->policy()); | 598 EXPECT_FALSE(store_->policy()); |
| 589 EXPECT_TRUE(store_->policy_map().empty()); | 599 EXPECT_TRUE(store_->policy_map().empty()); |
| 590 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, store_->status()); | 600 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, store_->status()); |
| 591 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); | 601 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); |
| 592 } | 602 } |
| 593 | 603 |
| 594 } // namespace | 604 } // namespace |
| 595 | 605 |
| 596 } // namespace policy | 606 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2877503002:
Abandon user sign in when policy is retrieved before session started. (Closed)
