| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/users/multi_profile_user_controller.h" | 5 #include "chrome/browser/chromeos/login/users/multi_profile_user_controller.h" |
| 6 | 6 |
| 7 #include "base/memory/scoped_ptr.h" | 7 #include "base/memory/scoped_ptr.h" |
| 8 #include "base/run_loop.h" | 8 #include "base/run_loop.h" |
| 9 #include "base/strings/utf_string_conversions.h" | 9 #include "base/strings/utf_string_conversions.h" |
| 10 #include "chrome/browser/chromeos/login/users/fake_user_manager.h" | 10 #include "chrome/browser/chromeos/login/users/fake_user_manager.h" |
| (...skipping 16 matching lines...) Expand all Loading... |
| 27 | 27 |
| 28 namespace chromeos { | 28 namespace chromeos { |
| 29 | 29 |
| 30 namespace { | 30 namespace { |
| 31 | 31 |
| 32 const char* kUsers[] = {"a@gmail.com", "b@gmail.com" }; | 32 const char* kUsers[] = {"a@gmail.com", "b@gmail.com" }; |
| 33 | 33 |
| 34 struct BehaviorTestCase { | 34 struct BehaviorTestCase { |
| 35 const char* primary; | 35 const char* primary; |
| 36 const char* secondary; | 36 const char* secondary; |
| 37 MultiProfileUserController::UserAllowedInSessionReason expected_allowed; | 37 MultiProfileUserController::UserAllowedInSessionReason |
| 38 expected_primary_policy; |
| 39 MultiProfileUserController::UserAllowedInSessionReason |
| 40 expected_secondary_allowed; |
| 38 }; | 41 }; |
| 39 | 42 |
| 40 const BehaviorTestCase kBehaviorTestCases[] = { | 43 const BehaviorTestCase kBehaviorTestCases[] = { |
| 41 { | 44 { |
| 42 MultiProfileUserController::kBehaviorUnrestricted, | 45 MultiProfileUserController::kBehaviorUnrestricted, |
| 43 MultiProfileUserController::kBehaviorUnrestricted, | 46 MultiProfileUserController::kBehaviorUnrestricted, |
| 44 MultiProfileUserController::ALLOWED, | 47 MultiProfileUserController::ALLOWED, MultiProfileUserController::ALLOWED, |
| 45 }, | 48 }, |
| 46 { | 49 { |
| 47 MultiProfileUserController::kBehaviorUnrestricted, | 50 MultiProfileUserController::kBehaviorUnrestricted, |
| 48 MultiProfileUserController::kBehaviorPrimaryOnly, | 51 MultiProfileUserController::kBehaviorPrimaryOnly, |
| 49 MultiProfileUserController::NOT_ALLOWED_POLICY_FORBIDS, | 52 MultiProfileUserController::ALLOWED, |
| 50 }, | 53 MultiProfileUserController::NOT_ALLOWED_POLICY_FORBIDS, |
| 51 { | 54 }, |
| 52 MultiProfileUserController::kBehaviorUnrestricted, | 55 { |
| 53 MultiProfileUserController::kBehaviorNotAllowed, | 56 MultiProfileUserController::kBehaviorUnrestricted, |
| 54 MultiProfileUserController::NOT_ALLOWED_POLICY_FORBIDS, | 57 MultiProfileUserController::kBehaviorNotAllowed, |
| 55 }, | 58 MultiProfileUserController::ALLOWED, |
| 56 { | 59 MultiProfileUserController::NOT_ALLOWED_POLICY_FORBIDS, |
| 57 MultiProfileUserController::kBehaviorPrimaryOnly, | 60 }, |
| 58 MultiProfileUserController::kBehaviorUnrestricted, | 61 { |
| 59 MultiProfileUserController::ALLOWED, | 62 MultiProfileUserController::kBehaviorPrimaryOnly, |
| 60 }, | 63 MultiProfileUserController::kBehaviorUnrestricted, |
| 61 { | 64 MultiProfileUserController::ALLOWED, MultiProfileUserController::ALLOWED, |
| 62 MultiProfileUserController::kBehaviorPrimaryOnly, | 65 }, |
| 63 MultiProfileUserController::kBehaviorPrimaryOnly, | 66 { |
| 64 MultiProfileUserController::NOT_ALLOWED_POLICY_FORBIDS, | 67 MultiProfileUserController::kBehaviorPrimaryOnly, |
| 65 }, | 68 MultiProfileUserController::kBehaviorPrimaryOnly, |
| 66 { | 69 MultiProfileUserController::ALLOWED, |
| 67 MultiProfileUserController::kBehaviorPrimaryOnly, | 70 MultiProfileUserController::NOT_ALLOWED_POLICY_FORBIDS, |
| 68 MultiProfileUserController::kBehaviorNotAllowed, | 71 }, |
| 69 MultiProfileUserController::NOT_ALLOWED_POLICY_FORBIDS, | 72 { |
| 70 }, | 73 MultiProfileUserController::kBehaviorPrimaryOnly, |
| 71 { | 74 MultiProfileUserController::kBehaviorNotAllowed, |
| 72 MultiProfileUserController::kBehaviorNotAllowed, | 75 MultiProfileUserController::ALLOWED, |
| 73 MultiProfileUserController::kBehaviorUnrestricted, | 76 MultiProfileUserController::NOT_ALLOWED_POLICY_FORBIDS, |
| 74 MultiProfileUserController::NOT_ALLOWED_PRIMARY_USER_POLICY_FORBIDS, | 77 }, |
| 75 }, | 78 { |
| 76 { | 79 MultiProfileUserController::kBehaviorNotAllowed, |
| 77 MultiProfileUserController::kBehaviorNotAllowed, | 80 MultiProfileUserController::kBehaviorUnrestricted, |
| 78 MultiProfileUserController::kBehaviorPrimaryOnly, | 81 MultiProfileUserController::NOT_ALLOWED_PRIMARY_USER_POLICY_FORBIDS, |
| 79 MultiProfileUserController::NOT_ALLOWED_PRIMARY_USER_POLICY_FORBIDS, | 82 MultiProfileUserController::NOT_ALLOWED_PRIMARY_USER_POLICY_FORBIDS, |
| 80 }, | 83 }, |
| 81 { | 84 { |
| 82 MultiProfileUserController::kBehaviorNotAllowed, | 85 MultiProfileUserController::kBehaviorNotAllowed, |
| 83 MultiProfileUserController::kBehaviorNotAllowed, | 86 MultiProfileUserController::kBehaviorPrimaryOnly, |
| 84 MultiProfileUserController::NOT_ALLOWED_PRIMARY_USER_POLICY_FORBIDS, | 87 MultiProfileUserController::NOT_ALLOWED_PRIMARY_USER_POLICY_FORBIDS, |
| 85 }, | 88 MultiProfileUserController::NOT_ALLOWED_PRIMARY_USER_POLICY_FORBIDS, |
| 89 }, |
| 90 { |
| 91 MultiProfileUserController::kBehaviorNotAllowed, |
| 92 MultiProfileUserController::kBehaviorNotAllowed, |
| 93 MultiProfileUserController::NOT_ALLOWED_PRIMARY_USER_POLICY_FORBIDS, |
| 94 MultiProfileUserController::NOT_ALLOWED_PRIMARY_USER_POLICY_FORBIDS, |
| 95 }, |
| 86 }; | 96 }; |
| 87 | 97 |
| 88 // Weak ptr to PolicyCertVerifier - object is freed in test destructor once | 98 // Weak ptr to PolicyCertVerifier - object is freed in test destructor once |
| 89 // we've ensured the profile has been shut down. | 99 // we've ensured the profile has been shut down. |
| 90 policy::PolicyCertVerifier* g_policy_cert_verifier_for_factory = NULL; | 100 policy::PolicyCertVerifier* g_policy_cert_verifier_for_factory = NULL; |
| 91 | 101 |
| 92 KeyedService* TestPolicyCertServiceFactory(content::BrowserContext* context) { | 102 KeyedService* TestPolicyCertServiceFactory(content::BrowserContext* context) { |
| 93 return policy::PolicyCertService::CreateForTesting( | 103 return policy::PolicyCertService::CreateForTesting( |
| 94 kUsers[0], g_policy_cert_verifier_for_factory, UserManager::Get()) | 104 kUsers[0], g_policy_cert_verifier_for_factory, UserManager::Get()) |
| 95 .release(); | 105 .release(); |
| (...skipping 113 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 209 MultiProfileUserController::kBehaviorUnrestricted, | 219 MultiProfileUserController::kBehaviorUnrestricted, |
| 210 MultiProfileUserController::kBehaviorPrimaryOnly, | 220 MultiProfileUserController::kBehaviorPrimaryOnly, |
| 211 MultiProfileUserController::kBehaviorNotAllowed, | 221 MultiProfileUserController::kBehaviorNotAllowed, |
| 212 }; | 222 }; |
| 213 for (size_t i = 0; i < arraysize(kTestCases); ++i) { | 223 for (size_t i = 0; i < arraysize(kTestCases); ++i) { |
| 214 SetCachedBehavior(0, kTestCases[i]); | 224 SetCachedBehavior(0, kTestCases[i]); |
| 215 MultiProfileUserController::UserAllowedInSessionReason reason; | 225 MultiProfileUserController::UserAllowedInSessionReason reason; |
| 216 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[0], &reason)) | 226 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[0], &reason)) |
| 217 << "Case " << i; | 227 << "Case " << i; |
| 218 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason) << "Case " << i; | 228 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason) << "Case " << i; |
| 229 EXPECT_EQ(MultiProfileUserController::ALLOWED, |
| 230 MultiProfileUserController::GetPrimaryUserPolicy()) |
| 231 << "Case " << i; |
| 219 } | 232 } |
| 220 } | 233 } |
| 221 | 234 |
| 222 // Tests that invalid cache value would become the default "unrestricted". | 235 // Tests that invalid cache value would become the default "unrestricted". |
| 223 TEST_F(MultiProfileUserControllerTest, InvalidCacheBecomesDefault) { | 236 TEST_F(MultiProfileUserControllerTest, InvalidCacheBecomesDefault) { |
| 224 const char kBad[] = "some invalid value"; | 237 const char kBad[] = "some invalid value"; |
| 225 SetCachedBehavior(0, kBad); | 238 SetCachedBehavior(0, kBad); |
| 226 EXPECT_EQ(MultiProfileUserController::kBehaviorUnrestricted, | 239 EXPECT_EQ(MultiProfileUserController::kBehaviorUnrestricted, |
| 227 GetCachedBehavior(0)); | 240 GetCachedBehavior(0)); |
| 228 } | 241 } |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 265 EXPECT_EQ(1, user_not_allowed_count()); | 278 EXPECT_EQ(1, user_not_allowed_count()); |
| 266 } | 279 } |
| 267 | 280 |
| 268 // Tests cases before the second user login. | 281 // Tests cases before the second user login. |
| 269 TEST_F(MultiProfileUserControllerTest, IsSecondaryAllowed) { | 282 TEST_F(MultiProfileUserControllerTest, IsSecondaryAllowed) { |
| 270 LoginUser(0); | 283 LoginUser(0); |
| 271 | 284 |
| 272 for (size_t i = 0; i < arraysize(kBehaviorTestCases); ++i) { | 285 for (size_t i = 0; i < arraysize(kBehaviorTestCases); ++i) { |
| 273 SetPrefBehavior(0, kBehaviorTestCases[i].primary); | 286 SetPrefBehavior(0, kBehaviorTestCases[i].primary); |
| 274 SetCachedBehavior(1, kBehaviorTestCases[i].secondary); | 287 SetCachedBehavior(1, kBehaviorTestCases[i].secondary); |
| 288 EXPECT_EQ(kBehaviorTestCases[i].expected_primary_policy, |
| 289 MultiProfileUserController::GetPrimaryUserPolicy()) |
| 290 << "Case " << i; |
| 275 MultiProfileUserController::UserAllowedInSessionReason reason; | 291 MultiProfileUserController::UserAllowedInSessionReason reason; |
| 276 controller()->IsUserAllowedInSession(kUsers[1], &reason); | 292 controller()->IsUserAllowedInSession(kUsers[1], &reason); |
| 277 EXPECT_EQ(kBehaviorTestCases[i].expected_allowed, reason) << "Case " << i; | 293 EXPECT_EQ(kBehaviorTestCases[i].expected_secondary_allowed, reason) |
| 294 << "Case " << i; |
| 278 } | 295 } |
| 279 } | 296 } |
| 280 | 297 |
| 281 // Tests user behavior changes within a two-user session. | 298 // Tests user behavior changes within a two-user session. |
| 282 TEST_F(MultiProfileUserControllerTest, PrimaryBehaviorChange) { | 299 TEST_F(MultiProfileUserControllerTest, PrimaryBehaviorChange) { |
| 283 LoginUser(0); | 300 LoginUser(0); |
| 284 LoginUser(1); | 301 LoginUser(1); |
| 285 | 302 |
| 286 for (size_t i = 0; i < arraysize(kBehaviorTestCases); ++i) { | 303 for (size_t i = 0; i < arraysize(kBehaviorTestCases); ++i) { |
| 287 SetPrefBehavior(0, MultiProfileUserController::kBehaviorUnrestricted); | 304 SetPrefBehavior(0, MultiProfileUserController::kBehaviorUnrestricted); |
| 288 SetPrefBehavior(1, MultiProfileUserController::kBehaviorUnrestricted); | 305 SetPrefBehavior(1, MultiProfileUserController::kBehaviorUnrestricted); |
| 289 ResetCounts(); | 306 ResetCounts(); |
| 290 | 307 |
| 291 SetPrefBehavior(0, kBehaviorTestCases[i].primary); | 308 SetPrefBehavior(0, kBehaviorTestCases[i].primary); |
| 292 SetPrefBehavior(1, kBehaviorTestCases[i].secondary); | 309 SetPrefBehavior(1, kBehaviorTestCases[i].secondary); |
| 293 if (user_not_allowed_count() == 0) { | 310 if (user_not_allowed_count() == 0) { |
| 294 EXPECT_EQ(kBehaviorTestCases[i].expected_allowed, | 311 EXPECT_EQ(kBehaviorTestCases[i].expected_secondary_allowed, |
| 295 MultiProfileUserController::ALLOWED) << "Case " << i; | 312 MultiProfileUserController::ALLOWED) |
| 313 << "Case " << i; |
| 296 } else { | 314 } else { |
| 297 EXPECT_NE(kBehaviorTestCases[i].expected_allowed, | 315 EXPECT_NE(kBehaviorTestCases[i].expected_secondary_allowed, |
| 298 MultiProfileUserController::ALLOWED) << "Case " << i; | 316 MultiProfileUserController::ALLOWED) |
| 317 << "Case " << i; |
| 299 } | 318 } |
| 300 } | 319 } |
| 301 } | 320 } |
| 302 | 321 |
| 303 // Tests that owner could not be a secondary user. | 322 // Tests that owner could not be a secondary user. |
| 304 TEST_F(MultiProfileUserControllerTest, NoSecondaryOwner) { | 323 TEST_F(MultiProfileUserControllerTest, NoSecondaryOwner) { |
| 305 LoginUser(0); | 324 LoginUser(0); |
| 306 SetOwner(1); | 325 SetOwner(1); |
| 307 | 326 |
| 308 MultiProfileUserController::UserAllowedInSessionReason reason; | 327 MultiProfileUserController::UserAllowedInSessionReason reason; |
| 309 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); | 328 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); |
| 310 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_OWNER_AS_SECONDARY, reason); | 329 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_OWNER_AS_SECONDARY, reason); |
| 311 | 330 |
| 312 EXPECT_EQ(0, user_not_allowed_count()); | 331 EXPECT_EQ(0, user_not_allowed_count()); |
| 313 LoginUser(1); | 332 LoginUser(1); |
| 314 EXPECT_EQ(1, user_not_allowed_count()); | 333 EXPECT_EQ(1, user_not_allowed_count()); |
| 315 } | 334 } |
| 316 | 335 |
| 317 TEST_F(MultiProfileUserControllerTest, | 336 TEST_F(MultiProfileUserControllerTest, |
| 318 UsedPolicyCertificatesAllowedForPrimary) { | 337 UsedPolicyCertificatesAllowedForPrimary) { |
| 319 // Verifies that any user can sign-in as the primary user, regardless of the | 338 // Verifies that any user can sign-in as the primary user, regardless of the |
| 320 // tainted state. | 339 // tainted state. |
| 321 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates(kUsers[0]); | 340 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates(kUsers[0]); |
| 322 MultiProfileUserController::UserAllowedInSessionReason reason; | 341 MultiProfileUserController::UserAllowedInSessionReason reason; |
| 323 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[0], &reason)); | 342 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[0], &reason)); |
| 324 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); | 343 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); |
| 325 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); | 344 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); |
| 326 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); | 345 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); |
| 346 EXPECT_EQ(MultiProfileUserController::ALLOWED, |
| 347 MultiProfileUserController::GetPrimaryUserPolicy()); |
| 327 } | 348 } |
| 328 | 349 |
| 329 TEST_F(MultiProfileUserControllerTest, | 350 TEST_F(MultiProfileUserControllerTest, |
| 330 UsedPolicyCertificatesDisallowedForSecondary) { | 351 UsedPolicyCertificatesDisallowedForSecondary) { |
| 331 // Verifies that if a regular user is signed-in then other regular users can | 352 // Verifies that if a regular user is signed-in then other regular users can |
| 332 // be added but tainted users can't. | 353 // be added but tainted users can't. |
| 333 LoginUser(1); | 354 LoginUser(1); |
| 334 | 355 |
| 335 // TODO(xiyuan): Remove the following SetPrefBehavor when default is | 356 // TODO(xiyuan): Remove the following SetPrefBehavor when default is |
| 336 // changed back to enabled. | 357 // changed back to enabled. |
| (...skipping 19 matching lines...) Expand all Loading... |
| 356 cert_verifier_.reset(new policy::PolicyCertVerifier(base::Closure())); | 377 cert_verifier_.reset(new policy::PolicyCertVerifier(base::Closure())); |
| 357 g_policy_cert_verifier_for_factory = cert_verifier_.get(); | 378 g_policy_cert_verifier_for_factory = cert_verifier_.get(); |
| 358 ASSERT_TRUE( | 379 ASSERT_TRUE( |
| 359 policy::PolicyCertServiceFactory::GetInstance()->SetTestingFactoryAndUse( | 380 policy::PolicyCertServiceFactory::GetInstance()->SetTestingFactoryAndUse( |
| 360 profile(0), TestPolicyCertServiceFactory)); | 381 profile(0), TestPolicyCertServiceFactory)); |
| 361 | 382 |
| 362 MultiProfileUserController::UserAllowedInSessionReason reason; | 383 MultiProfileUserController::UserAllowedInSessionReason reason; |
| 363 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); | 384 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); |
| 364 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, | 385 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, |
| 365 reason); | 386 reason); |
| 387 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, |
| 388 MultiProfileUserController::GetPrimaryUserPolicy()); |
| 366 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates(kUsers[1]); | 389 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates(kUsers[1]); |
| 367 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); | 390 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); |
| 368 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_POLICY_CERT_TAINTED, | 391 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_POLICY_CERT_TAINTED, |
| 369 reason); | 392 reason); |
| 393 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, |
| 394 MultiProfileUserController::GetPrimaryUserPolicy()); |
| 370 | 395 |
| 371 // Flush tasks posted to IO. | 396 // Flush tasks posted to IO. |
| 372 base::RunLoop().RunUntilIdle(); | 397 base::RunLoop().RunUntilIdle(); |
| 373 } | 398 } |
| 374 | 399 |
| 375 TEST_F(MultiProfileUserControllerTest, | 400 TEST_F(MultiProfileUserControllerTest, |
| 376 PolicyCertificatesInMemoryDisallowsSecondaries) { | 401 PolicyCertificatesInMemoryDisallowsSecondaries) { |
| 377 // Verifies that if a user is signed-in and has policy certificates installed | 402 // Verifies that if a user is signed-in and has policy certificates installed |
| 378 // then no other users can be added. | 403 // then no other users can be added. |
| 379 LoginUser(0); | 404 LoginUser(0); |
| 380 | 405 |
| 381 // TODO(xiyuan): Remove the following SetPrefBehavor when default is | 406 // TODO(xiyuan): Remove the following SetPrefBehavor when default is |
| 382 // changed back to enabled. | 407 // changed back to enabled. |
| 383 SetPrefBehavior(0, MultiProfileUserController::kBehaviorUnrestricted); | 408 SetPrefBehavior(0, MultiProfileUserController::kBehaviorUnrestricted); |
| 384 | 409 |
| 385 cert_verifier_.reset(new policy::PolicyCertVerifier(base::Closure())); | 410 cert_verifier_.reset(new policy::PolicyCertVerifier(base::Closure())); |
| 386 g_policy_cert_verifier_for_factory = cert_verifier_.get(); | 411 g_policy_cert_verifier_for_factory = cert_verifier_.get(); |
| 387 ASSERT_TRUE( | 412 ASSERT_TRUE( |
| 388 policy::PolicyCertServiceFactory::GetInstance()->SetTestingFactoryAndUse( | 413 policy::PolicyCertServiceFactory::GetInstance()->SetTestingFactoryAndUse( |
| 389 profile(0), TestPolicyCertServiceFactory)); | 414 profile(0), TestPolicyCertServiceFactory)); |
| 390 policy::PolicyCertService* service = | 415 policy::PolicyCertService* service = |
| 391 policy::PolicyCertServiceFactory::GetForProfile(profile(0)); | 416 policy::PolicyCertServiceFactory::GetForProfile(profile(0)); |
| 392 ASSERT_TRUE(service); | 417 ASSERT_TRUE(service); |
| 393 | 418 |
| 394 EXPECT_FALSE(service->has_policy_certificates()); | 419 EXPECT_FALSE(service->has_policy_certificates()); |
| 395 MultiProfileUserController::UserAllowedInSessionReason reason; | 420 MultiProfileUserController::UserAllowedInSessionReason reason; |
| 396 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); | 421 EXPECT_TRUE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); |
| 397 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); | 422 EXPECT_EQ(MultiProfileUserController::ALLOWED, reason); |
| 423 EXPECT_EQ(MultiProfileUserController::ALLOWED, |
| 424 MultiProfileUserController::GetPrimaryUserPolicy()); |
| 398 | 425 |
| 399 net::CertificateList certificates; | 426 net::CertificateList certificates; |
| 400 certificates.push_back(new net::X509Certificate( | 427 certificates.push_back(new net::X509Certificate( |
| 401 "subject", "issuer", base::Time(), base::Time())); | 428 "subject", "issuer", base::Time(), base::Time())); |
| 402 service->OnTrustAnchorsChanged(certificates); | 429 service->OnTrustAnchorsChanged(certificates); |
| 403 EXPECT_TRUE(service->has_policy_certificates()); | 430 EXPECT_TRUE(service->has_policy_certificates()); |
| 404 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); | 431 EXPECT_FALSE(controller()->IsUserAllowedInSession(kUsers[1], &reason)); |
| 405 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, | 432 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, |
| 406 reason); | 433 reason); |
| 434 EXPECT_EQ(MultiProfileUserController::NOT_ALLOWED_PRIMARY_POLICY_CERT_TAINTED, |
| 435 MultiProfileUserController::GetPrimaryUserPolicy()); |
| 407 | 436 |
| 408 // Flush tasks posted to IO. | 437 // Flush tasks posted to IO. |
| 409 base::RunLoop().RunUntilIdle(); | 438 base::RunLoop().RunUntilIdle(); |
| 410 } | 439 } |
| 411 | 440 |
| 412 } // namespace chromeos | 441 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 374853002:
Providing more information on why certain users can't be added to multi-profile (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master