PasswordStoreMac::RemoveLoginsCreatedBetween() shouldn't affect other profiles.

chrome/browser/password_manager/password_store_mac_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "testing/gmock/include/gmock/gmock.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 #include "base/basictypes.h"
 #include "base/files/scoped_temp_dir.h"
+#include "base/memory/scoped_vector.h"
 #include "base/path_service.h"
 #include "base/stl_util.h"
 #include "base/strings/string_util.h"
 #include "base/strings/utf_string_conversions.h"
 #include "chrome/browser/password_manager/password_store_mac.h"
 #include "chrome/browser/password_manager/password_store_mac_internal.h"
 #include "chrome/common/chrome_paths.h"
 #include "components/password_manager/core/browser/password_store_consumer.h"
 #include "content/public/test/test_browser_thread.h"
 #include "crypto/mock_apple_keychain.h"
@@ skipping 1052 matching lines @@
         keychain_,
         login_db_);
     ASSERT_TRUE(store_->Init(syncer::SyncableService::StartSyncFlare()));
   }
 
   virtual void TearDown() {
     store_->Shutdown();
     EXPECT_FALSE(store_->GetBackgroundTaskRunner());
   }
 
-  void WaitForStoreUpdate() {
+  void WaitForStoreUpdate(scoped_refptr<TestPasswordStoreMac> store) {

[vabr (Chromium), 2014/07/02 07:41:49]

It looks like you always call this with |store_|, so maybe revert back to a
single WaitForStoreUpdate()?

[vasilii, 2014/07/02 12:34:03]

Done.

     // Do a store-level query to wait for all the operations above to be done.
     MockPasswordStoreConsumer consumer;
     EXPECT_CALL(consumer, OnGetPasswordStoreResults(_))
         .WillOnce(DoAll(WithArg<0>(STLDeleteElements0()), QuitUIMessageLoop()));
-    store_->GetLogins(PasswordForm(), PasswordStore::ALLOW_PROMPT, &consumer);
+    store->GetLogins(PasswordForm(), PasswordStore::ALLOW_PROMPT, &consumer);
     base::MessageLoop::current()->Run();
   }
 
+  void WaitForStoreUpdate() {
+    return WaitForStoreUpdate(store_);
+  }
+
  protected:
   base::MessageLoopForUI message_loop_;
   content::TestBrowserThread ui_thread_;
 
   MockAppleKeychain* keychain_;  // Owned by store_.
   LoginDatabase* login_db_;  // Owned by store_.
   scoped_refptr<TestPasswordStoreMac> store_;
   base::ScopedTempDir db_dir_;
 };
 
@@ skipping 146 matching lines @@
   EXPECT_EQ(0u, matching_items.size());
   login_db_->GetLogins(*www_form, &matching_items);
   EXPECT_EQ(0u, matching_items.size());
   // No trace of m.facebook.com.
   matching_items = owned_keychain_adapter.PasswordsFillingForm(
       m_form.signon_realm, m_form.scheme);
   EXPECT_EQ(0u, matching_items.size());
   login_db_->GetLogins(m_form, &matching_items);
   EXPECT_EQ(0u, matching_items.size());
 }
+
+TEST_F(PasswordStoreMacTest, TestRemoveLoginsCreatedBetween) {
+  // Make sure that RemoveLoginsCreatedBetween does affect only the correct
+  // profile.
+
+  // Add a third-party password.
+  MockAppleKeychain::KeychainTestData joint_keychain_data = {
+      kSecAuthenticationTypeHTMLForm, "some.domain.com",
+      kSecProtocolTypeHTTP, "/insecure.html", 0, NULL, "20020601171500Z",
+      "joe_user", "sekrit", false };
+  keychain_->AddTestItem(joint_keychain_data);
+
+  // Add a password from another profile.
+  MacKeychainPasswordFormAdapter owned_keychain_adapter(keychain_);
+  owned_keychain_adapter.SetFindsOnlyOwnedItems(true);
+  PasswordFormData www_form_data1 = {
+      PasswordForm::SCHEME_HTML, "http://www.facebook.com/",
+      "http://www.facebook.com/index.html", "login", L"username", L"password",
+      L"submit", L"joe_user", L"sekrit", true, false, 1 };
+  scoped_ptr<PasswordForm> www_form(CreatePasswordFormFromData(www_form_data1));
+  EXPECT_TRUE(owned_keychain_adapter.AddPassword(*www_form));
+
+  // Add a password from the current profile.
+  PasswordFormData www_form_data2 = {
+      PasswordForm::SCHEME_HTML, "http://www.facebook.com/",
+      "http://www.facebook.com/index.html", "login", L"username", L"password",
+      L"submit", L"not_joe_user", L"12345", true, false, 1 };
+  www_form.reset(CreatePasswordFormFromData(www_form_data2));
+  store_->AddLogin(*www_form);
+  WaitForStoreUpdate();
+
+  ScopedVector<PasswordForm> matching_items;
+  login_db_->GetLogins(*www_form, &matching_items.get());
+  EXPECT_EQ(1u, matching_items.size());
+  matching_items.clear();
+
+  store_->RemoveLoginsCreatedBetween(base::Time(), base::Time());
+  WaitForStoreUpdate();
+
+  // Check the second facebook form is gone.
+  login_db_->GetLogins(*www_form, &matching_items.get());
+  EXPECT_EQ(0u, matching_items.size());
+
+  // Check the first facebook form is still there.
+  matching_items.get() = owned_keychain_adapter.PasswordsFillingForm(
+      www_form->signon_realm, www_form->scheme);
+  ASSERT_EQ(1u, matching_items.size());
+  EXPECT_EQ(ASCIIToUTF16("joe_user"), matching_items[0]->username_value);
+  matching_items.clear();
+
+  // Check the third-party password is still there.
+  owned_keychain_adapter.SetFindsOnlyOwnedItems(false);
+  matching_items.get() = owned_keychain_adapter.PasswordsFillingForm(
+      "http://some.domain.com/insecure.html", PasswordForm::SCHEME_HTML);
+  ASSERT_EQ(1u, matching_items.size());
+}