| Index: chrome/browser/ui/ash/session_state_delegate_chromeos_unittest.cc
|
| diff --git a/chrome/browser/ui/ash/session_state_delegate_chromeos_unittest.cc b/chrome/browser/ui/ash/session_state_delegate_chromeos_unittest.cc
|
| index d0bd6bfae1e7a3fc158a78e97f7e0513a040d7a0..2bf05dddb6c5899a23859c5b4fb16375a3d88778 100644
|
| --- a/chrome/browser/ui/ash/session_state_delegate_chromeos_unittest.cc
|
| +++ b/chrome/browser/ui/ash/session_state_delegate_chromeos_unittest.cc
|
| @@ -7,10 +7,38 @@
|
| #include <string>
|
| #include <vector>
|
|
|
| +#include "base/run_loop.h"
|
| #include "chrome/browser/chromeos/login/users/fake_user_manager.h"
|
| +#include "chrome/browser/chromeos/login/users/multi_profile_user_controller.h"
|
| +#include "chrome/browser/chromeos/policy/policy_cert_service.h"
|
| +#include "chrome/browser/chromeos/policy/policy_cert_service_factory.h"
|
| +#include "chrome/browser/chromeos/policy/policy_cert_verifier.h"
|
| +#include "chrome/browser/chromeos/profiles/profile_helper.h"
|
| +#include "chrome/common/pref_names.h"
|
| +#include "chrome/test/base/testing_browser_process.h"
|
| #include "chrome/test/base/testing_profile_manager.h"
|
| +#include "content/public/test/test_browser_thread_bundle.h"
|
| +#include "net/cert/x509_certificate.h"
|
| #include "testing/gtest/include/gtest/gtest.h"
|
|
|
| +namespace chromeos {
|
| +
|
| +namespace {
|
| +
|
| +const char* kUser = "user@test.com";
|
| +
|
| +// Weak ptr to PolicyCertVerifier - object is freed in test destructor once
|
| +// we've ensured the profile has been shut down.
|
| +policy::PolicyCertVerifier* g_policy_cert_verifier_for_factory = NULL;
|
| +
|
| +KeyedService* CreateTestPolicyCertService(content::BrowserContext* context) {
|
| + return policy::PolicyCertService::CreateForTesting(
|
| + kUser,
|
| + g_policy_cert_verifier_for_factory,
|
| + chromeos::UserManager::Get()).release();
|
| +}
|
| +
|
| +} // namespace
|
|
|
| class SessionStateDelegateChromeOSTest : public testing::Test {
|
| protected:
|
| @@ -36,6 +64,17 @@ class SessionStateDelegateChromeOSTest : public testing::Test {
|
| session_state_delegate_.reset();
|
| user_manager_enabler_.reset();
|
| user_manager_ = NULL;
|
| + // Clear our cached pointer to the PolicyCertVerifier.
|
| + g_policy_cert_verifier_for_factory = NULL;
|
| + profile_manager_.reset();
|
| +
|
| + // We must ensure that the PolicyCertVerifier outlives the
|
| + // PolicyCertService so shutdown the profile here. Additionally, we need
|
| + // to run the message loop between freeing the PolicyCertService and
|
| + // freeing the PolicyCertVerifier (see
|
| + // PolicyCertService::OnTrustAnchorsChanged() which is called from
|
| + // PolicyCertService::Shutdown()).
|
| + base::RunLoop().RunUntilIdle();
|
| }
|
|
|
| // Add and log in a user to the session.
|
| @@ -54,6 +93,26 @@ class SessionStateDelegateChromeOSTest : public testing::Test {
|
| return session_state_delegate_.get();
|
| }
|
|
|
| + void InitForMultiProfile() {
|
| + profile_manager_.reset(
|
| + new TestingProfileManager(TestingBrowserProcess::GetGlobal()));
|
| + ASSERT_TRUE(profile_manager_->SetUp());
|
| +
|
| + const std::string user_email(kUser);
|
| + const user_manager::User* user = user_manager()->AddUser(user_email);
|
| +
|
| + // Note that user profiles are created after user login in reality.
|
| + user_profile_ = profile_manager_->CreateTestingProfile(user_email);
|
| + user_profile_->set_profile_name(user_email);
|
| + chromeos::ProfileHelper::Get()->SetUserToProfileMappingForTesting(
|
| + user, user_profile_);
|
| + }
|
| +
|
| + content::TestBrowserThreadBundle threads_;
|
| + scoped_ptr<policy::PolicyCertVerifier> cert_verifier_;
|
| + scoped_ptr<TestingProfileManager> profile_manager_;
|
| + TestingProfile* user_profile_;
|
| +
|
| private:
|
| scoped_ptr<chromeos::ScopedUserManagerEnabler> user_manager_enabler_;
|
| scoped_ptr<SessionStateDelegateChromeos> session_state_delegate_;
|
| @@ -104,3 +163,68 @@ TEST_F(SessionStateDelegateChromeOSTest, CyclingThreeUsers) {
|
| session_state_delegate()->CycleActiveUser(backward);
|
| EXPECT_EQ("firstuser@test.com", GetActiveUser());
|
| }
|
| +
|
| +// Make sure MultiProfile disabled by primary user policy.
|
| +TEST_F(SessionStateDelegateChromeOSTest, MultiProfileDisallowedByUserPolicy) {
|
| + InitForMultiProfile();
|
| + EXPECT_TRUE(
|
| + session_state_delegate()->IsMultiProfileAllowedByPrimaryUserPolicy());
|
| + const std::string user_email(kUser);
|
| + user_manager()->LoginUser(user_email);
|
| + EXPECT_TRUE(
|
| + session_state_delegate()->IsMultiProfileAllowedByPrimaryUserPolicy());
|
| +
|
| + user_profile_->GetPrefs()->SetString(
|
| + prefs::kMultiProfileUserBehavior,
|
| + chromeos::MultiProfileUserController::kBehaviorNotAllowed);
|
| + EXPECT_FALSE(
|
| + session_state_delegate()->IsMultiProfileAllowedByPrimaryUserPolicy());
|
| +}
|
| +
|
| +// Make sure MultiProfile disabled by primary user policy certificates.
|
| +TEST_F(SessionStateDelegateChromeOSTest,
|
| + MultiProfileDisallowedByPolicyCertificates) {
|
| + InitForMultiProfile();
|
| + const std::string user_email(kUser);
|
| + user_manager()->LoginUser(user_email);
|
| + EXPECT_TRUE(
|
| + session_state_delegate()->IsMultiProfileAllowedByPrimaryUserPolicy());
|
| + policy::PolicyCertServiceFactory::SetUsedPolicyCertificates(user_email);
|
| + EXPECT_FALSE(
|
| + session_state_delegate()->IsMultiProfileAllowedByPrimaryUserPolicy());
|
| +
|
| + // Flush tasks posted to IO.
|
| + base::RunLoop().RunUntilIdle();
|
| +}
|
| +
|
| +// Make sure MultiProfile disabled by primary user certificates in memory.
|
| +TEST_F(SessionStateDelegateChromeOSTest,
|
| + MultiProfileDisallowedByPrimaryUserCertificatesInMemory) {
|
| + InitForMultiProfile();
|
| + const std::string user_email(kUser);
|
| + user_manager()->LoginUser(user_email);
|
| + EXPECT_TRUE(
|
| + session_state_delegate()->IsMultiProfileAllowedByPrimaryUserPolicy());
|
| + cert_verifier_.reset(new policy::PolicyCertVerifier(base::Closure()));
|
| + g_policy_cert_verifier_for_factory = cert_verifier_.get();
|
| + ASSERT_TRUE(
|
| + policy::PolicyCertServiceFactory::GetInstance()->SetTestingFactoryAndUse(
|
| + user_profile_, CreateTestPolicyCertService));
|
| + policy::PolicyCertService* service =
|
| + policy::PolicyCertServiceFactory::GetForProfile(user_profile_);
|
| + ASSERT_TRUE(service);
|
| +
|
| + EXPECT_FALSE(service->has_policy_certificates());
|
| + net::CertificateList certificates;
|
| + certificates.push_back(new net::X509Certificate(
|
| + "subject", "issuer", base::Time(), base::Time()));
|
| + service->OnTrustAnchorsChanged(certificates);
|
| + EXPECT_TRUE(service->has_policy_certificates());
|
| + EXPECT_FALSE(
|
| + session_state_delegate()->IsMultiProfileAllowedByPrimaryUserPolicy());
|
| +
|
| + // Flush tasks posted to IO.
|
| + base::RunLoop().RunUntilIdle();
|
| +}
|
| +
|
| +} // namespace chromeos
|
|
|
Chromium Code Reviews
Issue 374853002:
Providing more information on why certain users can't be added to multi-profile (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master