Replace c/b/nss_context by a KeyedService.

chrome/browser/chromeos/policy/network_configuration_updater_unittest.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/bind.h"
 #include "base/bind_helpers.h"
 #include "base/callback.h"
 #include "base/files/file_path.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/run_loop.h"
 #include "base/values.h"
 #include "chrome/browser/chromeos/policy/device_network_configuration_updater.h"
 #include "chrome/browser/chromeos/policy/user_network_configuration_updater.h"
 #include "chrome/browser/chromeos/settings/cros_settings.h"
 #include "chrome/browser/chromeos/settings/device_settings_service.h"
 #include "chrome/browser/chromeos/settings/stub_cros_settings_provider.h"
-#include "chrome/test/base/testing_profile.h"
 #include "chromeos/network/fake_network_device_handler.h"
 #include "chromeos/network/mock_managed_network_configuration_handler.h"
 #include "chromeos/network/onc/onc_certificate_importer.h"
 #include "chromeos/network/onc/onc_test_utils.h"
 #include "chromeos/network/onc/onc_utils.h"
 #include "components/onc/onc_constants.h"
 #include "components/policy/core/common/external_data_fetcher.h"
 #include "components/policy/core/common/mock_configuration_policy_provider.h"
 #include "components/policy/core/common/policy_map.h"
 #include "components/policy/core/common/policy_service_impl.h"
@@ skipping 219 matching lines @@
     base::RunLoop().RunUntilIdle();
   }
 
   void UpdateProviderPolicy(const PolicyMap& policy) {
     provider_.UpdateChromePolicy(policy);
     base::RunLoop().RunUntilIdle();
   }
 
   UserNetworkConfigurationUpdater*
   CreateNetworkConfigurationUpdaterForUserPolicy(
-      bool allow_trusted_certs_from_policy,
-      bool set_cert_importer) {
+      bool allow_trusted_certs_from_policy) {
     UserNetworkConfigurationUpdater* updater =
         UserNetworkConfigurationUpdater::CreateForUserPolicy(
-            &profile_,
             allow_trusted_certs_from_policy,
             fake_user_,
             policy_service_.get(),
+            certificate_importer_owned_.Pass(),
             &network_config_handler_).release();
-    if (set_cert_importer) {
-      EXPECT_TRUE(certificate_importer_owned_);
-      updater->SetCertificateImporterForTest(
-          certificate_importer_owned_.Pass());
-    }
     network_configuration_updater_.reset(updater);
     return updater;
   }
 
   void CreateNetworkConfigurationUpdaterForDevicePolicy() {
     network_configuration_updater_ =
         DeviceNetworkConfigurationUpdater::CreateForDevicePolicy(
             policy_service_.get(),
             &network_config_handler_,
             &network_device_handler_,
             chromeos::CrosSettings::Get());
   }
 
   base::ListValue fake_network_configs_;
   base::DictionaryValue fake_global_network_config_;
   base::ListValue fake_certificates_;
   StrictMock<chromeos::MockManagedNetworkConfigurationHandler>
       network_config_handler_;
   FakeNetworkDeviceHandler network_device_handler_;
 
   // Not used directly. Required for CrosSettings.
   chromeos::ScopedTestDeviceSettingsService scoped_device_settings_service_;
   chromeos::ScopedTestCrosSettings scoped_cros_settings_;
 
-  // Ownership of certificate_importer_owned_ is passed to the
-  // NetworkConfigurationUpdater. When that happens, |certificate_importer_|
-  // continues to point to that instance but |certificate_importer_owned_| is
-  // released.
   FakeCertificateImporter* certificate_importer_;
   scoped_ptr<chromeos::onc::CertificateImporter> certificate_importer_owned_;
 
   StrictMock<MockConfigurationPolicyProvider> provider_;
   scoped_ptr<PolicyServiceImpl> policy_service_;
   FakeUser fake_user_;
 
-  TestingProfile profile_;
-
   scoped_ptr<NetworkConfigurationUpdater> network_configuration_updater_;
   content::TestBrowserThreadBundle thread_bundle_;
 };
 
 TEST_F(NetworkConfigurationUpdaterTest, CellularAllowRoaming) {
   // Ignore network config updates.
   EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)).Times(AtLeast(1));
 
   // Setup the DataRoaming device setting.
   chromeos::CrosSettings* cros_settings = chromeos::CrosSettings::Get();
@@ skipping 47 matching lines @@
   UpdateProviderPolicy(policy);
 
   EXPECT_CALL(network_config_handler_,
               SetPolicy(onc::ONC_SOURCE_USER_POLICY,
                         _,
                         IsEqualTo(network_configs_repaired),
                         IsEqualTo(global_config_repaired)));
   certificate_importer_->SetExpectedONCSource(onc::ONC_SOURCE_USER_POLICY);
 
   CreateNetworkConfigurationUpdaterForUserPolicy(
-      false /* do not allow trusted certs from policy */,
-      true /* set certificate importer */);
+      false /* do not allow trusted certs from policy */);
   MarkPolicyProviderInitialized();
   EXPECT_EQ(1u, certificate_importer_->GetAndResetImportCount());
 }
 
 TEST_F(NetworkConfigurationUpdaterTest,
        DoNotAllowTrustedCertificatesFromPolicy) {
   net::CertificateList cert_list;
   cert_list =
       net::CreateCertificateListFromFile(net::GetTestCertsDirectory(),
                                          "ok_cert.pem",
                                          net::X509Certificate::FORMAT_AUTO);
   ASSERT_EQ(1u, cert_list.size());
 
   EXPECT_CALL(network_config_handler_,
               SetPolicy(onc::ONC_SOURCE_USER_POLICY, _, _, _));
   certificate_importer_->SetTrustedCertificatesResult(cert_list);
 
   UserNetworkConfigurationUpdater* updater =
       CreateNetworkConfigurationUpdaterForUserPolicy(
-          false /* do not allow trusted certs from policy */,
-          true /* set certificate importer */);
+          false /* do not allow trusted certs from policy */);
   MarkPolicyProviderInitialized();
 
   // Certificates with the "Web" trust flag set should not be forwarded to
   // observers.
   FakeWebTrustedCertsObserver observer;
   updater->AddTrustedCertsObserver(&observer);
 
   base::RunLoop().RunUntilIdle();
 
   net::CertificateList trust_anchors;
@@ skipping 15 matching lines @@
       net::CreateCertificateListFromFile(net::GetTestCertsDirectory(),
                                          "ok_cert.pem",
                                          net::X509Certificate::FORMAT_AUTO);
   ASSERT_EQ(1u, cert_list.size());
 
   certificate_importer_->SetExpectedONCSource(onc::ONC_SOURCE_USER_POLICY);
   certificate_importer_->SetTrustedCertificatesResult(cert_list);
 
   UserNetworkConfigurationUpdater* updater =
       CreateNetworkConfigurationUpdaterForUserPolicy(
-          true /* allow trusted certs from policy */,
-          true /* set certificate importer */);
+          true /* allow trusted certs from policy */);
   MarkPolicyProviderInitialized();
 
   base::RunLoop().RunUntilIdle();
 
   // Certificates with the "Web" trust flag set will be returned.
   net::CertificateList trust_anchors;
   updater->GetWebTrustedCertificates(&trust_anchors);
   EXPECT_EQ(1u, trust_anchors.size());
 }
 
 TEST_F(NetworkConfigurationUpdaterTest,
        AllowTrustedCertificatesFromPolicyOnUpdate) {
   // Ignore network configuration changes.
   EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _))
       .Times(AnyNumber());
 
   // Start with an empty certificate list.
   UserNetworkConfigurationUpdater* updater =
       CreateNetworkConfigurationUpdaterForUserPolicy(
-          true /* allow trusted certs from policy */,
-          true /* set certificate importer */);
+          true /* allow trusted certs from policy */);
   MarkPolicyProviderInitialized();
 
   FakeWebTrustedCertsObserver observer;
   updater->AddTrustedCertsObserver(&observer);
 
   base::RunLoop().RunUntilIdle();
 
   // Verify that the returned certificate list is empty.
   {
     net::CertificateList trust_anchors;
@@ skipping 27 matching lines @@
   {
     net::CertificateList trust_anchors;
     updater->GetWebTrustedCertificates(&trust_anchors);
     EXPECT_EQ(1u, trust_anchors.size());
   }
   EXPECT_EQ(1u, observer.trust_anchors_.size());
 
   updater->RemoveTrustedCertsObserver(&observer);
 }
 
-TEST_F(NetworkConfigurationUpdaterTest,
-       DontImportCertificateBeforeCertificateImporterSet) {
-  PolicyMap policy;
-  policy.Set(key::kOpenNetworkConfiguration, POLICY_LEVEL_MANDATORY,
-             POLICY_SCOPE_USER, new base::StringValue(kFakeONC), NULL);
-  UpdateProviderPolicy(policy);
-
-  EXPECT_CALL(network_config_handler_,
-              SetPolicy(onc::ONC_SOURCE_USER_POLICY,
-                        kFakeUsernameHash,
-                        IsEqualTo(&fake_network_configs_),
-                        IsEqualTo(&fake_global_network_config_)));
-
-  UserNetworkConfigurationUpdater* updater =
-      CreateNetworkConfigurationUpdaterForUserPolicy(
-          true /* allow trusted certs from policy */,
-          false /* do not set certificate importer */);
-  MarkPolicyProviderInitialized();
-
-  Mock::VerifyAndClearExpectations(&network_config_handler_);
-  EXPECT_EQ(0u, certificate_importer_->GetAndResetImportCount());
-
-  certificate_importer_->SetExpectedONCCertificates(fake_certificates_);
-  certificate_importer_->SetExpectedONCSource(onc::ONC_SOURCE_USER_POLICY);
-
-  ASSERT_TRUE(certificate_importer_owned_);
-  updater->SetCertificateImporterForTest(certificate_importer_owned_.Pass());
-  EXPECT_EQ(1u, certificate_importer_->GetAndResetImportCount());
-}
-
 class NetworkConfigurationUpdaterTestWithParam
     : public NetworkConfigurationUpdaterTest,
       public testing::WithParamInterface<const char*> {
  protected:
   // Returns the currently tested ONC source.
   onc::ONCSource CurrentONCSource() {
     if (GetParam() == key::kOpenNetworkConfiguration)
       return onc::ONC_SOURCE_USER_POLICY;
     DCHECK(GetParam() == key::kDeviceOpenNetworkConfiguration);
     return onc::ONC_SOURCE_DEVICE_POLICY;
   }
 
   // Returns the expected username hash to push policies to
   // ManagedNetworkConfigurationHandler.
   std::string ExpectedUsernameHash() {
     if (GetParam() == key::kOpenNetworkConfiguration)
       return kFakeUsernameHash;
     return std::string();
   }
 
   size_t ExpectedImportCertificatesCallCount() {
     if (GetParam() == key::kOpenNetworkConfiguration)
       return 1u;
     return 0u;
   }
 
   void CreateNetworkConfigurationUpdater() {
     if (GetParam() == key::kOpenNetworkConfiguration) {
       CreateNetworkConfigurationUpdaterForUserPolicy(
-          false /* do not allow trusted certs from policy */,
-          true /* set certificate importer */);
+          false /* do not allow trusted certs from policy */);
     } else {
       CreateNetworkConfigurationUpdaterForDevicePolicy();
     }
   }
 };
 
 TEST_P(NetworkConfigurationUpdaterTestWithParam, InitialUpdates) {
   PolicyMap policy;
   policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER,
              new base::StringValue(kFakeONC), NULL);
@@ skipping 99 matching lines @@
   EXPECT_EQ(ExpectedImportCertificatesCallCount(),
             certificate_importer_->GetAndResetImportCount());
 }
 
 INSTANTIATE_TEST_CASE_P(NetworkConfigurationUpdaterTestWithParamInstance,
                         NetworkConfigurationUpdaterTestWithParam,
                         testing::Values(key::kDeviceOpenNetworkConfiguration,
                                         key::kOpenNetworkConfiguration));
 
 }  // namespace policy