Chromium Code Reviews Chromium Code Reviews
Issue 547553005:
Make ONCCertificateImporter async. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@nss_util_deadcode| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/bind.h" | 5 #include "base/bind.h" |
| 6 #include "base/bind_helpers.h" | 6 #include "base/bind_helpers.h" |
| 7 #include "base/callback.h" | 7 #include "base/callback.h" |
| 8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
| 9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "base/run_loop.h" | 10 #include "base/run_loop.h" |
| 11 #include "base/values.h" | 11 #include "base/values.h" |
| 12 #include "chrome/browser/chromeos/policy/device_network_configuration_updater.h" | 12 #include "chrome/browser/chromeos/policy/device_network_configuration_updater.h" |
| 13 #include "chrome/browser/chromeos/policy/user_network_configuration_updater.h" | 13 #include "chrome/browser/chromeos/policy/user_network_configuration_updater.h" |
| 14 #include "chrome/browser/chromeos/settings/cros_settings.h" | 14 #include "chrome/browser/chromeos/settings/cros_settings.h" |
| 15 #include "chrome/browser/chromeos/settings/device_settings_service.h" | 15 #include "chrome/browser/chromeos/settings/device_settings_service.h" |
| 16 #include "chrome/browser/chromeos/settings/stub_cros_settings_provider.h" | 16 #include "chrome/browser/chromeos/settings/stub_cros_settings_provider.h" |
| 17 #include "chrome/test/base/testing_profile.h" | 17 #include "chrome/test/base/testing_profile.h" |
| 18 #include "chromeos/network/fake_network_device_handler.h" | 18 #include "chromeos/network/fake_network_device_handler.h" |
| 19 #include "chromeos/network/mock_managed_network_configuration_handler.h" | 19 #include "chromeos/network/mock_managed_network_configuration_handler.h" |
| 20 #include "chromeos/network/onc/mock_certificate_importer.h" | 20 #include "chromeos/network/onc/onc_certificate_importer.h" |
| 21 #include "chromeos/network/onc/onc_test_utils.h" | 21 #include "chromeos/network/onc/onc_test_utils.h" |
| 22 #include "chromeos/network/onc/onc_utils.h" | 22 #include "chromeos/network/onc/onc_utils.h" |
| 23 #include "components/onc/onc_constants.h" | 23 #include "components/onc/onc_constants.h" |
| 24 #include "components/policy/core/common/external_data_fetcher.h" | 24 #include "components/policy/core/common/external_data_fetcher.h" |
| 25 #include "components/policy/core/common/mock_configuration_policy_provider.h" | 25 #include "components/policy/core/common/mock_configuration_policy_provider.h" |
| 26 #include "components/policy/core/common/policy_map.h" | 26 #include "components/policy/core/common/policy_map.h" |
| 27 #include "components/policy/core/common/policy_service_impl.h" | 27 #include "components/policy/core/common/policy_service_impl.h" |
| 28 #include "components/user_manager/user.h" | 28 #include "components/user_manager/user.h" |
| 29 #include "components/user_manager/user_type.h" | 29 #include "components/user_manager/user_type.h" |
| 30 #include "content/public/test/test_browser_thread_bundle.h" | 30 #include "content/public/test/test_browser_thread_bundle.h" |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 82 public: | 82 public: |
| 83 FakeNetworkDeviceHandler() : allow_roaming_(false) {} | 83 FakeNetworkDeviceHandler() : allow_roaming_(false) {} |
| 84 | 84 |
| 85 virtual void SetCellularAllowRoaming(bool allow_roaming) OVERRIDE { | 85 virtual void SetCellularAllowRoaming(bool allow_roaming) OVERRIDE { |
| 86 allow_roaming_ = allow_roaming; | 86 allow_roaming_ = allow_roaming; |
| 87 } | 87 } |
| 88 | 88 |
| 89 bool allow_roaming_; | 89 bool allow_roaming_; |
| 90 }; | 90 }; |
| 91 | 91 |
| 92 class FakeCertificateImporter : public chromeos::onc::CertificateImporter { | |
| 93 public: | |
| 94 FakeCertificateImporter() | |
| 95 : expected_onc_source_(::onc::ONC_SOURCE_UNKNOWN), call_count_(0) {} | |
| 96 virtual ~FakeCertificateImporter() {} | |
| 97 | |
| 98 void SetTrustedCertificatesResult( | |
| 99 net::CertificateList onc_trusted_certificates) { | |
| 100 onc_trusted_certificates_ = onc_trusted_certificates; | |
| 101 } | |
| 102 | |
| 103 void SetExpectedONCCertificates(const base::ListValue& certificates) { | |
| 104 expected_onc_certificates_.reset(certificates.DeepCopy()); | |
| 105 } | |
| 106 | |
| 107 void SetExpectedONCSource(::onc::ONCSource source) { | |
| 108 expected_onc_source_ = source; | |
| 109 } | |
| 110 | |
| 111 unsigned int GetAndResetImportCount() { | |
| 112 unsigned int count = call_count_; | |
| 113 call_count_ = 0; | |
| 114 return count; | |
| 115 } | |
| 116 | |
| 117 virtual void ImportCertificates(const base::ListValue& certificates, | |
| 118 ::onc::ONCSource source, | |
| 119 const DoneCallback& done_callback) OVERRIDE { | |
| 120 if (expected_onc_source_ != ::onc::ONC_SOURCE_UNKNOWN) | |
| 121 EXPECT_EQ(expected_onc_source_, source); | |
| 122 if (expected_onc_certificates_) { | |
| 123 EXPECT_TRUE(chromeos::onc::test_utils::Equals( | |
| 124 expected_onc_certificates_.get(), &certificates)); | |
| 125 } | |
| 126 ++call_count_; | |
| 127 done_callback.Run(true, onc_trusted_certificates_); | |
| 128 } | |
| 129 | |
| 130 private: | |
| 131 ::onc::ONCSource expected_onc_source_; | |
| 132 scoped_ptr<base::ListValue> expected_onc_certificates_; | |
| 133 net::CertificateList onc_trusted_certificates_; | |
| 134 unsigned int call_count_; | |
|
Joao da Silva
2014/09/15 12:38:24
DISALLOW_COPY_AND_ASSIGN
pneubeck (no reviews)
2014/09/17 12:44:21
Done.
| |
| 135 }; | |
| 136 | |
| 92 const char kFakeONC[] = | 137 const char kFakeONC[] = |
| 93 "{ \"NetworkConfigurations\": [" | 138 "{ \"NetworkConfigurations\": [" |
| 94 " { \"GUID\": \"{485d6076-dd44-6b6d-69787465725f5040}\"," | 139 " { \"GUID\": \"{485d6076-dd44-6b6d-69787465725f5040}\"," |
| 95 " \"Type\": \"WiFi\"," | 140 " \"Type\": \"WiFi\"," |
| 96 " \"Name\": \"My WiFi Network\"," | 141 " \"Name\": \"My WiFi Network\"," |
| 97 " \"WiFi\": {" | 142 " \"WiFi\": {" |
| 98 " \"SSID\": \"ssid-none\"," | 143 " \"SSID\": \"ssid-none\"," |
| 99 " \"Security\": \"None\" }" | 144 " \"Security\": \"None\" }" |
| 100 " }" | 145 " }" |
| 101 " ]," | 146 " ]," |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 138 ACTION_P(SetCertificateList, list) { | 183 ACTION_P(SetCertificateList, list) { |
| 139 if (arg2) | 184 if (arg2) |
| 140 *arg2 = list; | 185 *arg2 = list; |
| 141 return true; | 186 return true; |
| 142 } | 187 } |
| 143 | 188 |
| 144 } // namespace | 189 } // namespace |
| 145 | 190 |
| 146 class NetworkConfigurationUpdaterTest : public testing::Test { | 191 class NetworkConfigurationUpdaterTest : public testing::Test { |
| 147 protected: | 192 protected: |
| 148 NetworkConfigurationUpdaterTest() { | 193 NetworkConfigurationUpdaterTest() : certificate_importer_(NULL) {} |
| 149 } | |
| 150 | 194 |
| 151 virtual void SetUp() OVERRIDE { | 195 virtual void SetUp() OVERRIDE { |
| 152 EXPECT_CALL(provider_, IsInitializationComplete(_)) | 196 EXPECT_CALL(provider_, IsInitializationComplete(_)) |
| 153 .WillRepeatedly(Return(false)); | 197 .WillRepeatedly(Return(false)); |
| 154 provider_.Init(); | 198 provider_.Init(); |
| 155 PolicyServiceImpl::Providers providers; | 199 PolicyServiceImpl::Providers providers; |
| 156 providers.push_back(&provider_); | 200 providers.push_back(&provider_); |
| 157 policy_service_.reset(new PolicyServiceImpl(providers)); | 201 policy_service_.reset(new PolicyServiceImpl(providers)); |
| 158 | 202 |
| 159 scoped_ptr<base::DictionaryValue> fake_toplevel_onc = | 203 scoped_ptr<base::DictionaryValue> fake_toplevel_onc = |
| 160 chromeos::onc::ReadDictionaryFromJson(kFakeONC); | 204 chromeos::onc::ReadDictionaryFromJson(kFakeONC); |
| 161 | 205 |
| 162 base::ListValue* network_configs = NULL; | 206 base::ListValue* network_configs = NULL; |
| 163 fake_toplevel_onc->GetListWithoutPathExpansion( | 207 fake_toplevel_onc->GetListWithoutPathExpansion( |
| 164 onc::toplevel_config::kNetworkConfigurations, &network_configs); | 208 onc::toplevel_config::kNetworkConfigurations, &network_configs); |
| 165 AppendAll(*network_configs, &fake_network_configs_); | 209 AppendAll(*network_configs, &fake_network_configs_); |
| 166 | 210 |
| 167 base::DictionaryValue* global_config = NULL; | 211 base::DictionaryValue* global_config = NULL; |
| 168 fake_toplevel_onc->GetDictionaryWithoutPathExpansion( | 212 fake_toplevel_onc->GetDictionaryWithoutPathExpansion( |
| 169 onc::toplevel_config::kGlobalNetworkConfiguration, &global_config); | 213 onc::toplevel_config::kGlobalNetworkConfiguration, &global_config); |
| 170 fake_global_network_config_.MergeDictionary(global_config); | 214 fake_global_network_config_.MergeDictionary(global_config); |
| 171 | 215 |
| 172 base::ListValue* certs = NULL; | 216 base::ListValue* certs = NULL; |
| 173 fake_toplevel_onc->GetListWithoutPathExpansion( | 217 fake_toplevel_onc->GetListWithoutPathExpansion( |
| 174 onc::toplevel_config::kCertificates, &certs); | 218 onc::toplevel_config::kCertificates, &certs); |
| 175 AppendAll(*certs, &fake_certificates_); | 219 AppendAll(*certs, &fake_certificates_); |
| 176 | 220 |
| 177 certificate_importer_ = | 221 certificate_importer_ = new FakeCertificateImporter; |
| 178 new StrictMock<chromeos::onc::MockCertificateImporter>(); | |
| 179 certificate_importer_owned_.reset(certificate_importer_); | 222 certificate_importer_owned_.reset(certificate_importer_); |
| 180 } | 223 } |
| 181 | 224 |
| 182 virtual void TearDown() OVERRIDE { | 225 virtual void TearDown() OVERRIDE { |
| 183 network_configuration_updater_.reset(); | 226 network_configuration_updater_.reset(); |
| 184 provider_.Shutdown(); | 227 provider_.Shutdown(); |
| 185 base::RunLoop().RunUntilIdle(); | 228 base::RunLoop().RunUntilIdle(); |
| 186 } | 229 } |
| 187 | 230 |
| 188 void MarkPolicyProviderInitialized() { | 231 void MarkPolicyProviderInitialized() { |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 236 FakeNetworkDeviceHandler network_device_handler_; | 279 FakeNetworkDeviceHandler network_device_handler_; |
| 237 | 280 |
| 238 // Not used directly. Required for CrosSettings. | 281 // Not used directly. Required for CrosSettings. |
| 239 chromeos::ScopedTestDeviceSettingsService scoped_device_settings_service_; | 282 chromeos::ScopedTestDeviceSettingsService scoped_device_settings_service_; |
| 240 chromeos::ScopedTestCrosSettings scoped_cros_settings_; | 283 chromeos::ScopedTestCrosSettings scoped_cros_settings_; |
| 241 | 284 |
| 242 // Ownership of certificate_importer_owned_ is passed to the | 285 // Ownership of certificate_importer_owned_ is passed to the |
| 243 // NetworkConfigurationUpdater. When that happens, |certificate_importer_| | 286 // NetworkConfigurationUpdater. When that happens, |certificate_importer_| |
| 244 // continues to point to that instance but |certificate_importer_owned_| is | 287 // continues to point to that instance but |certificate_importer_owned_| is |
| 245 // released. | 288 // released. |
| 246 StrictMock<chromeos::onc::MockCertificateImporter>* certificate_importer_; | 289 FakeCertificateImporter* certificate_importer_; |
| 247 scoped_ptr<chromeos::onc::CertificateImporter> certificate_importer_owned_; | 290 scoped_ptr<chromeos::onc::CertificateImporter> certificate_importer_owned_; |
| 248 | 291 |
| 249 StrictMock<MockConfigurationPolicyProvider> provider_; | 292 StrictMock<MockConfigurationPolicyProvider> provider_; |
| 250 scoped_ptr<PolicyServiceImpl> policy_service_; | 293 scoped_ptr<PolicyServiceImpl> policy_service_; |
| 251 FakeUser fake_user_; | 294 FakeUser fake_user_; |
| 252 | 295 |
| 253 TestingProfile profile_; | 296 TestingProfile profile_; |
| 254 | 297 |
| 255 scoped_ptr<NetworkConfigurationUpdater> network_configuration_updater_; | 298 scoped_ptr<NetworkConfigurationUpdater> network_configuration_updater_; |
| 256 content::TestBrowserThreadBundle thread_bundle_; | 299 content::TestBrowserThreadBundle thread_bundle_; |
| (...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 309 POLICY_SCOPE_USER, | 352 POLICY_SCOPE_USER, |
| 310 new base::StringValue(onc_policy), | 353 new base::StringValue(onc_policy), |
| 311 NULL); | 354 NULL); |
| 312 UpdateProviderPolicy(policy); | 355 UpdateProviderPolicy(policy); |
| 313 | 356 |
| 314 EXPECT_CALL(network_config_handler_, | 357 EXPECT_CALL(network_config_handler_, |
| 315 SetPolicy(onc::ONC_SOURCE_USER_POLICY, | 358 SetPolicy(onc::ONC_SOURCE_USER_POLICY, |
| 316 _, | 359 _, |
| 317 IsEqualTo(network_configs_repaired), | 360 IsEqualTo(network_configs_repaired), |
| 318 IsEqualTo(global_config_repaired))); | 361 IsEqualTo(global_config_repaired))); |
| 319 EXPECT_CALL(*certificate_importer_, | 362 certificate_importer_->SetExpectedONCSource(onc::ONC_SOURCE_USER_POLICY); |
| 320 ImportCertificates(_, onc::ONC_SOURCE_USER_POLICY, _)); | |
| 321 | 363 |
| 322 CreateNetworkConfigurationUpdaterForUserPolicy( | 364 CreateNetworkConfigurationUpdaterForUserPolicy( |
| 323 false /* do not allow trusted certs from policy */, | 365 false /* do not allow trusted certs from policy */, |
| 324 true /* set certificate importer */); | 366 true /* set certificate importer */); |
| 325 MarkPolicyProviderInitialized(); | 367 MarkPolicyProviderInitialized(); |
| 368 EXPECT_EQ(1u, certificate_importer_->GetAndResetImportCount()); | |
| 326 } | 369 } |
| 327 | 370 |
| 328 TEST_F(NetworkConfigurationUpdaterTest, | 371 TEST_F(NetworkConfigurationUpdaterTest, |
| 329 DoNotAllowTrustedCertificatesFromPolicy) { | 372 DoNotAllowTrustedCertificatesFromPolicy) { |
| 330 net::CertificateList cert_list; | 373 net::CertificateList cert_list; |
| 331 cert_list = | 374 cert_list = |
| 332 net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), | 375 net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), |
| 333 "ok_cert.pem", | 376 "ok_cert.pem", |
| 334 net::X509Certificate::FORMAT_AUTO); | 377 net::X509Certificate::FORMAT_AUTO); |
| 335 ASSERT_EQ(1u, cert_list.size()); | 378 ASSERT_EQ(1u, cert_list.size()); |
| 336 | 379 |
| 337 EXPECT_CALL(network_config_handler_, | 380 EXPECT_CALL(network_config_handler_, |
| 338 SetPolicy(onc::ONC_SOURCE_USER_POLICY, _, _, _)); | 381 SetPolicy(onc::ONC_SOURCE_USER_POLICY, _, _, _)); |
| 339 EXPECT_CALL(*certificate_importer_, ImportCertificates(_, _, _)) | 382 certificate_importer_->SetTrustedCertificatesResult(cert_list); |
| 340 .WillRepeatedly(SetCertificateList(cert_list)); | |
| 341 | 383 |
| 342 UserNetworkConfigurationUpdater* updater = | 384 UserNetworkConfigurationUpdater* updater = |
| 343 CreateNetworkConfigurationUpdaterForUserPolicy( | 385 CreateNetworkConfigurationUpdaterForUserPolicy( |
| 344 false /* do not allow trusted certs from policy */, | 386 false /* do not allow trusted certs from policy */, |
| 345 true /* set certificate importer */); | 387 true /* set certificate importer */); |
| 346 MarkPolicyProviderInitialized(); | 388 MarkPolicyProviderInitialized(); |
| 347 | 389 |
| 348 // Certificates with the "Web" trust flag set should not be forwarded to | 390 // Certificates with the "Web" trust flag set should not be forwarded to |
| 349 // observers. | 391 // observers. |
| 350 FakeWebTrustedCertsObserver observer; | 392 FakeWebTrustedCertsObserver observer; |
| (...skipping 15 matching lines...) Expand all Loading... | |
| 366 EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)) | 408 EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)) |
| 367 .Times(AnyNumber()); | 409 .Times(AnyNumber()); |
| 368 | 410 |
| 369 net::CertificateList cert_list; | 411 net::CertificateList cert_list; |
| 370 cert_list = | 412 cert_list = |
| 371 net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), | 413 net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), |
| 372 "ok_cert.pem", | 414 "ok_cert.pem", |
| 373 net::X509Certificate::FORMAT_AUTO); | 415 net::X509Certificate::FORMAT_AUTO); |
| 374 ASSERT_EQ(1u, cert_list.size()); | 416 ASSERT_EQ(1u, cert_list.size()); |
| 375 | 417 |
| 376 EXPECT_CALL(*certificate_importer_, | 418 certificate_importer_->SetExpectedONCSource(onc::ONC_SOURCE_USER_POLICY); |
| 377 ImportCertificates(_, onc::ONC_SOURCE_USER_POLICY, _)) | 419 certificate_importer_->SetTrustedCertificatesResult(cert_list); |
| 378 .WillRepeatedly(SetCertificateList(cert_list)); | |
| 379 | 420 |
| 380 UserNetworkConfigurationUpdater* updater = | 421 UserNetworkConfigurationUpdater* updater = |
| 381 CreateNetworkConfigurationUpdaterForUserPolicy( | 422 CreateNetworkConfigurationUpdaterForUserPolicy( |
| 382 true /* allow trusted certs from policy */, | 423 true /* allow trusted certs from policy */, |
| 383 true /* set certificate importer */); | 424 true /* set certificate importer */); |
| 384 MarkPolicyProviderInitialized(); | 425 MarkPolicyProviderInitialized(); |
| 385 | 426 |
| 386 base::RunLoop().RunUntilIdle(); | 427 base::RunLoop().RunUntilIdle(); |
| 387 | 428 |
| 388 // Certificates with the "Web" trust flag set will be returned. | 429 // Certificates with the "Web" trust flag set will be returned. |
| 389 net::CertificateList trust_anchors; | 430 net::CertificateList trust_anchors; |
| 390 updater->GetWebTrustedCertificates(&trust_anchors); | 431 updater->GetWebTrustedCertificates(&trust_anchors); |
| 391 EXPECT_EQ(1u, trust_anchors.size()); | 432 EXPECT_EQ(1u, trust_anchors.size()); |
| 392 } | 433 } |
| 393 | 434 |
| 394 TEST_F(NetworkConfigurationUpdaterTest, | 435 TEST_F(NetworkConfigurationUpdaterTest, |
| 395 AllowTrustedCertificatesFromPolicyOnUpdate) { | 436 AllowTrustedCertificatesFromPolicyOnUpdate) { |
| 396 // Ignore network configuration changes. | 437 // Ignore network configuration changes. |
| 397 EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)) | 438 EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)) |
| 398 .Times(AnyNumber()); | 439 .Times(AnyNumber()); |
| 399 | 440 |
| 400 // Start with an empty certificate list. | 441 // Start with an empty certificate list. |
| 401 EXPECT_CALL(*certificate_importer_, | |
| 402 ImportCertificates(_, onc::ONC_SOURCE_USER_POLICY, _)) | |
| 403 .WillRepeatedly(SetCertificateList(net::CertificateList())); | |
| 404 | |
| 405 UserNetworkConfigurationUpdater* updater = | 442 UserNetworkConfigurationUpdater* updater = |
| 406 CreateNetworkConfigurationUpdaterForUserPolicy( | 443 CreateNetworkConfigurationUpdaterForUserPolicy( |
| 407 true /* allow trusted certs from policy */, | 444 true /* allow trusted certs from policy */, |
| 408 true /* set certificate importer */); | 445 true /* set certificate importer */); |
| 409 MarkPolicyProviderInitialized(); | 446 MarkPolicyProviderInitialized(); |
| 410 | 447 |
| 411 FakeWebTrustedCertsObserver observer; | 448 FakeWebTrustedCertsObserver observer; |
| 412 updater->AddTrustedCertsObserver(&observer); | 449 updater->AddTrustedCertsObserver(&observer); |
| 413 | 450 |
| 414 base::RunLoop().RunUntilIdle(); | 451 base::RunLoop().RunUntilIdle(); |
| 415 | 452 |
| 416 // Verify that the returned certificate list is empty. | 453 // Verify that the returned certificate list is empty. |
| 417 Mock::VerifyAndClearExpectations(certificate_importer_); | |
| 418 { | 454 { |
| 419 net::CertificateList trust_anchors; | 455 net::CertificateList trust_anchors; |
| 420 updater->GetWebTrustedCertificates(&trust_anchors); | 456 updater->GetWebTrustedCertificates(&trust_anchors); |
| 421 EXPECT_TRUE(trust_anchors.empty()); | 457 EXPECT_TRUE(trust_anchors.empty()); |
| 422 } | 458 } |
| 423 EXPECT_TRUE(observer.trust_anchors_.empty()); | 459 EXPECT_TRUE(observer.trust_anchors_.empty()); |
| 424 | 460 |
| 425 // Now use a non-empty certificate list to test the observer notification. | 461 // Now use a non-empty certificate list to test the observer notification. |
| 426 net::CertificateList cert_list; | 462 net::CertificateList cert_list; |
| 427 cert_list = | 463 cert_list = |
| 428 net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), | 464 net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), |
| 429 "ok_cert.pem", | 465 "ok_cert.pem", |
| 430 net::X509Certificate::FORMAT_AUTO); | 466 net::X509Certificate::FORMAT_AUTO); |
| 431 ASSERT_EQ(1u, cert_list.size()); | 467 ASSERT_EQ(1u, cert_list.size()); |
| 432 | 468 certificate_importer_->SetTrustedCertificatesResult(cert_list); |
| 433 EXPECT_CALL(*certificate_importer_, | |
| 434 ImportCertificates(_, onc::ONC_SOURCE_USER_POLICY, _)) | |
| 435 .WillOnce(SetCertificateList(cert_list)); | |
| 436 | 469 |
| 437 // Change to any non-empty policy, so that updates are triggered. The actual | 470 // Change to any non-empty policy, so that updates are triggered. The actual |
| 438 // content of the policy is irrelevant. | 471 // content of the policy is irrelevant. |
| 439 PolicyMap policy; | 472 PolicyMap policy; |
| 440 policy.Set(key::kOpenNetworkConfiguration, | 473 policy.Set(key::kOpenNetworkConfiguration, |
| 441 POLICY_LEVEL_MANDATORY, | 474 POLICY_LEVEL_MANDATORY, |
| 442 POLICY_SCOPE_USER, | 475 POLICY_SCOPE_USER, |
| 443 new base::StringValue(kFakeONC), | 476 new base::StringValue(kFakeONC), |
| 444 NULL); | 477 NULL); |
| 445 UpdateProviderPolicy(policy); | 478 UpdateProviderPolicy(policy); |
| (...skipping 16 matching lines...) Expand all Loading... | |
| 462 PolicyMap policy; | 495 PolicyMap policy; |
| 463 policy.Set(key::kOpenNetworkConfiguration, POLICY_LEVEL_MANDATORY, | 496 policy.Set(key::kOpenNetworkConfiguration, POLICY_LEVEL_MANDATORY, |
| 464 POLICY_SCOPE_USER, new base::StringValue(kFakeONC), NULL); | 497 POLICY_SCOPE_USER, new base::StringValue(kFakeONC), NULL); |
| 465 UpdateProviderPolicy(policy); | 498 UpdateProviderPolicy(policy); |
| 466 | 499 |
| 467 EXPECT_CALL(network_config_handler_, | 500 EXPECT_CALL(network_config_handler_, |
| 468 SetPolicy(onc::ONC_SOURCE_USER_POLICY, | 501 SetPolicy(onc::ONC_SOURCE_USER_POLICY, |
| 469 kFakeUsernameHash, | 502 kFakeUsernameHash, |
| 470 IsEqualTo(&fake_network_configs_), | 503 IsEqualTo(&fake_network_configs_), |
| 471 IsEqualTo(&fake_global_network_config_))); | 504 IsEqualTo(&fake_global_network_config_))); |
| 472 EXPECT_CALL(*certificate_importer_, ImportCertificates(_, _ , _)).Times(0); | |
| 473 | 505 |
| 474 UserNetworkConfigurationUpdater* updater = | 506 UserNetworkConfigurationUpdater* updater = |
| 475 CreateNetworkConfigurationUpdaterForUserPolicy( | 507 CreateNetworkConfigurationUpdaterForUserPolicy( |
| 476 true /* allow trusted certs from policy */, | 508 true /* allow trusted certs from policy */, |
| 477 false /* do not set certificate importer */); | 509 false /* do not set certificate importer */); |
| 478 MarkPolicyProviderInitialized(); | 510 MarkPolicyProviderInitialized(); |
| 479 | 511 |
| 480 Mock::VerifyAndClearExpectations(&network_config_handler_); | 512 Mock::VerifyAndClearExpectations(&network_config_handler_); |
| 481 Mock::VerifyAndClearExpectations(certificate_importer_); | 513 EXPECT_EQ(0u, certificate_importer_->GetAndResetImportCount()); |
| 482 | 514 |
| 483 EXPECT_CALL(network_config_handler_, | 515 certificate_importer_->SetExpectedONCCertificates(fake_certificates_); |
| 484 SetPolicy(onc::ONC_SOURCE_USER_POLICY, | 516 certificate_importer_->SetExpectedONCSource(onc::ONC_SOURCE_USER_POLICY); |
| 485 kFakeUsernameHash, | |
| 486 IsEqualTo(&fake_network_configs_), | |
| 487 IsEqualTo(&fake_global_network_config_))) | |
| 488 .Times(0); | |
| 489 EXPECT_CALL(*certificate_importer_, | |
| 490 ImportCertificates(IsEqualTo(&fake_certificates_), | |
| 491 onc::ONC_SOURCE_USER_POLICY, | |
| 492 _)); | |
| 493 | 517 |
| 494 ASSERT_TRUE(certificate_importer_owned_); | 518 ASSERT_TRUE(certificate_importer_owned_); |
| 495 updater->SetCertificateImporterForTest(certificate_importer_owned_.Pass()); | 519 updater->SetCertificateImporterForTest(certificate_importer_owned_.Pass()); |
| 520 EXPECT_EQ(1u, certificate_importer_->GetAndResetImportCount()); | |
| 496 } | 521 } |
| 497 | 522 |
| 498 class NetworkConfigurationUpdaterTestWithParam | 523 class NetworkConfigurationUpdaterTestWithParam |
| 499 : public NetworkConfigurationUpdaterTest, | 524 : public NetworkConfigurationUpdaterTest, |
| 500 public testing::WithParamInterface<const char*> { | 525 public testing::WithParamInterface<const char*> { |
| 501 protected: | 526 protected: |
| 502 // Returns the currently tested ONC source. | 527 // Returns the currently tested ONC source. |
| 503 onc::ONCSource CurrentONCSource() { | 528 onc::ONCSource CurrentONCSource() { |
| 504 if (GetParam() == key::kOpenNetworkConfiguration) | 529 if (GetParam() == key::kOpenNetworkConfiguration) |
| 505 return onc::ONC_SOURCE_USER_POLICY; | 530 return onc::ONC_SOURCE_USER_POLICY; |
| (...skipping 30 matching lines...) Expand all Loading... | |
| 536 PolicyMap policy; | 561 PolicyMap policy; |
| 537 policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, | 562 policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, |
| 538 new base::StringValue(kFakeONC), NULL); | 563 new base::StringValue(kFakeONC), NULL); |
| 539 UpdateProviderPolicy(policy); | 564 UpdateProviderPolicy(policy); |
| 540 | 565 |
| 541 EXPECT_CALL(network_config_handler_, | 566 EXPECT_CALL(network_config_handler_, |
| 542 SetPolicy(CurrentONCSource(), | 567 SetPolicy(CurrentONCSource(), |
| 543 ExpectedUsernameHash(), | 568 ExpectedUsernameHash(), |
| 544 IsEqualTo(&fake_network_configs_), | 569 IsEqualTo(&fake_network_configs_), |
| 545 IsEqualTo(&fake_global_network_config_))); | 570 IsEqualTo(&fake_global_network_config_))); |
| 546 EXPECT_CALL(*certificate_importer_, | 571 certificate_importer_->SetExpectedONCCertificates(fake_certificates_); |
| 547 ImportCertificates(IsEqualTo(&fake_certificates_), | 572 certificate_importer_->SetExpectedONCSource(CurrentONCSource()); |
| 548 CurrentONCSource(), | |
| 549 _)) | |
| 550 .Times(ExpectedImportCertificatesCallCount()); | |
| 551 | 573 |
| 552 CreateNetworkConfigurationUpdater(); | 574 CreateNetworkConfigurationUpdater(); |
| 553 MarkPolicyProviderInitialized(); | 575 MarkPolicyProviderInitialized(); |
| 576 EXPECT_EQ(ExpectedImportCertificatesCallCount(), | |
| 577 certificate_importer_->GetAndResetImportCount()); | |
| 554 } | 578 } |
| 555 | 579 |
| 556 TEST_P(NetworkConfigurationUpdaterTestWithParam, | 580 TEST_P(NetworkConfigurationUpdaterTestWithParam, |
| 557 PolicyNotSetBeforePolicyProviderInitialized) { | 581 PolicyNotSetBeforePolicyProviderInitialized) { |
| 558 PolicyMap policy; | 582 PolicyMap policy; |
| 559 policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, | 583 policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, |
| 560 new base::StringValue(kFakeONC), NULL); | 584 new base::StringValue(kFakeONC), NULL); |
| 561 UpdateProviderPolicy(policy); | 585 UpdateProviderPolicy(policy); |
| 562 | 586 |
| 563 EXPECT_CALL(network_config_handler_, | |
| 564 SetPolicy(CurrentONCSource(), | |
| 565 ExpectedUsernameHash(), | |
| 566 IsEqualTo(&fake_network_configs_), | |
| 567 IsEqualTo(&fake_global_network_config_))) | |
| 568 .Times(0); | |
| 569 EXPECT_CALL(*certificate_importer_, | |
| 570 ImportCertificates(IsEqualTo(&fake_certificates_), | |
| 571 CurrentONCSource(), | |
| 572 _)) | |
| 573 .Times(0); | |
| 574 | |
| 575 CreateNetworkConfigurationUpdater(); | 587 CreateNetworkConfigurationUpdater(); |
| 576 | 588 |
| 577 Mock::VerifyAndClearExpectations(&network_config_handler_); | 589 Mock::VerifyAndClearExpectations(&network_config_handler_); |
| 578 Mock::VerifyAndClearExpectations(certificate_importer_); | 590 EXPECT_EQ(0u, certificate_importer_->GetAndResetImportCount()); |
| 579 | 591 |
| 580 EXPECT_CALL(network_config_handler_, | 592 EXPECT_CALL(network_config_handler_, |
| 581 SetPolicy(CurrentONCSource(), | 593 SetPolicy(CurrentONCSource(), |
| 582 ExpectedUsernameHash(), | 594 ExpectedUsernameHash(), |
| 583 IsEqualTo(&fake_network_configs_), | 595 IsEqualTo(&fake_network_configs_), |
| 584 IsEqualTo(&fake_global_network_config_))); | 596 IsEqualTo(&fake_global_network_config_))); |
| 585 EXPECT_CALL(*certificate_importer_, | 597 certificate_importer_->SetExpectedONCCertificates(fake_certificates_); |
| 586 ImportCertificates(IsEqualTo(&fake_certificates_), | |
| 587 CurrentONCSource(), | |
| 588 _)) | |
| 589 .Times(ExpectedImportCertificatesCallCount()); | |
| 590 | 598 |
| 591 MarkPolicyProviderInitialized(); | 599 MarkPolicyProviderInitialized(); |
| 600 EXPECT_EQ(ExpectedImportCertificatesCallCount(), | |
| 601 certificate_importer_->GetAndResetImportCount()); | |
| 592 } | 602 } |
| 593 | 603 |
| 594 TEST_P(NetworkConfigurationUpdaterTestWithParam, | 604 TEST_P(NetworkConfigurationUpdaterTestWithParam, |
| 595 PolicyAppliedImmediatelyIfProvidersInitialized) { | 605 PolicyAppliedImmediatelyIfProvidersInitialized) { |
| 596 MarkPolicyProviderInitialized(); | 606 MarkPolicyProviderInitialized(); |
| 597 | 607 |
| 598 PolicyMap policy; | 608 PolicyMap policy; |
| 599 policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, | 609 policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, |
| 600 new base::StringValue(kFakeONC), NULL); | 610 new base::StringValue(kFakeONC), NULL); |
| 601 UpdateProviderPolicy(policy); | 611 UpdateProviderPolicy(policy); |
| 602 | 612 |
| 603 EXPECT_CALL(network_config_handler_, | 613 EXPECT_CALL(network_config_handler_, |
| 604 SetPolicy(CurrentONCSource(), | 614 SetPolicy(CurrentONCSource(), |
| 605 ExpectedUsernameHash(), | 615 ExpectedUsernameHash(), |
| 606 IsEqualTo(&fake_network_configs_), | 616 IsEqualTo(&fake_network_configs_), |
| 607 IsEqualTo(&fake_global_network_config_))); | 617 IsEqualTo(&fake_global_network_config_))); |
| 608 EXPECT_CALL(*certificate_importer_, | 618 certificate_importer_->SetExpectedONCSource(CurrentONCSource()); |
| 609 ImportCertificates(IsEqualTo(&fake_certificates_), | 619 certificate_importer_->SetExpectedONCCertificates(fake_certificates_); |
| 610 CurrentONCSource(), | |
| 611 _)) | |
| 612 .Times(ExpectedImportCertificatesCallCount()); | |
| 613 | 620 |
| 614 CreateNetworkConfigurationUpdater(); | 621 CreateNetworkConfigurationUpdater(); |
| 622 | |
| 623 EXPECT_EQ(ExpectedImportCertificatesCallCount(), | |
| 624 certificate_importer_->GetAndResetImportCount()); | |
| 615 } | 625 } |
| 616 | 626 |
| 617 TEST_P(NetworkConfigurationUpdaterTestWithParam, PolicyChange) { | 627 TEST_P(NetworkConfigurationUpdaterTestWithParam, PolicyChange) { |
| 618 // Ignore the initial updates. | 628 // Ignore the initial updates. |
| 619 EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)).Times(AtLeast(1)); | 629 EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)).Times(AtLeast(1)); |
| 620 EXPECT_CALL(*certificate_importer_, ImportCertificates(_, _, _)) | |
| 621 .Times(AtLeast(ExpectedImportCertificatesCallCount())); | |
| 622 | 630 |
| 623 CreateNetworkConfigurationUpdater(); | 631 CreateNetworkConfigurationUpdater(); |
| 624 MarkPolicyProviderInitialized(); | 632 MarkPolicyProviderInitialized(); |
| 625 | 633 |
| 626 Mock::VerifyAndClearExpectations(&network_config_handler_); | 634 Mock::VerifyAndClearExpectations(&network_config_handler_); |
| 627 Mock::VerifyAndClearExpectations(certificate_importer_); | 635 EXPECT_LE(ExpectedImportCertificatesCallCount(), |
| 636 certificate_importer_->GetAndResetImportCount()); | |
| 628 | 637 |
| 629 // The Updater should update if policy changes. | 638 // The Updater should update if policy changes. |
| 630 EXPECT_CALL(network_config_handler_, | 639 EXPECT_CALL(network_config_handler_, |
| 631 SetPolicy(CurrentONCSource(), | 640 SetPolicy(CurrentONCSource(), |
| 632 _, | 641 _, |
| 633 IsEqualTo(&fake_network_configs_), | 642 IsEqualTo(&fake_network_configs_), |
| 634 IsEqualTo(&fake_global_network_config_))); | 643 IsEqualTo(&fake_global_network_config_))); |
| 635 EXPECT_CALL(*certificate_importer_, | 644 certificate_importer_->SetExpectedONCCertificates(fake_certificates_); |
| 636 ImportCertificates(IsEqualTo(&fake_certificates_), | 645 certificate_importer_->SetExpectedONCSource(CurrentONCSource()); |
| 637 CurrentONCSource(), | |
| 638 _)) | |
| 639 .Times(ExpectedImportCertificatesCallCount()); | |
| 640 | 646 |
| 641 PolicyMap policy; | 647 PolicyMap policy; |
| 642 policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, | 648 policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, |
| 643 new base::StringValue(kFakeONC), NULL); | 649 new base::StringValue(kFakeONC), NULL); |
| 644 UpdateProviderPolicy(policy); | 650 UpdateProviderPolicy(policy); |
| 645 Mock::VerifyAndClearExpectations(&network_config_handler_); | 651 Mock::VerifyAndClearExpectations(&network_config_handler_); |
| 646 Mock::VerifyAndClearExpectations(certificate_importer_); | 652 EXPECT_EQ(ExpectedImportCertificatesCallCount(), |
| 653 certificate_importer_->GetAndResetImportCount()); | |
| 647 | 654 |
| 648 // Another update is expected if the policy goes away. | 655 // Another update is expected if the policy goes away. |
| 649 EXPECT_CALL(network_config_handler_, | 656 EXPECT_CALL(network_config_handler_, |
| 650 SetPolicy(CurrentONCSource(), _, IsEmpty(), IsEmpty())); | 657 SetPolicy(CurrentONCSource(), _, IsEmpty(), IsEmpty())); |
| 651 EXPECT_CALL(*certificate_importer_, | 658 certificate_importer_->SetExpectedONCCertificates(base::ListValue()); |
| 652 ImportCertificates(IsEmpty(), CurrentONCSource(), _)) | |
| 653 .Times(ExpectedImportCertificatesCallCount()); | |
| 654 | 659 |
| 655 policy.Erase(GetParam()); | 660 policy.Erase(GetParam()); |
| 656 UpdateProviderPolicy(policy); | 661 UpdateProviderPolicy(policy); |
| 662 EXPECT_EQ(ExpectedImportCertificatesCallCount(), | |
| 663 certificate_importer_->GetAndResetImportCount()); | |
| 657 } | 664 } |
| 658 | 665 |
| 659 INSTANTIATE_TEST_CASE_P(NetworkConfigurationUpdaterTestWithParamInstance, | 666 INSTANTIATE_TEST_CASE_P(NetworkConfigurationUpdaterTestWithParamInstance, |
| 660 NetworkConfigurationUpdaterTestWithParam, | 667 NetworkConfigurationUpdaterTestWithParam, |
| 661 testing::Values(key::kDeviceOpenNetworkConfiguration, | 668 testing::Values(key::kDeviceOpenNetworkConfiguration, |
| 662 key::kOpenNetworkConfiguration)); | 669 key::kOpenNetworkConfiguration)); |
| 663 | 670 |
| 664 } // namespace policy | 671 } // namespace policy |
| OLD | NEW |
