| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium OS Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium OS Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "login_manager/device_policy.h" | 5 #include "login_manager/device_policy.h" |
| 6 | 6 |
| 7 #include <base/file_util.h> | 7 #include <base/file_util.h> |
| 8 #include <base/file_path.h> | 8 #include <base/file_path.h> |
| 9 #include <base/logging.h> | 9 #include <base/logging.h> |
| 10 #include <base/scoped_temp_dir.h> | 10 #include <base/scoped_temp_dir.h> |
| 11 #include <gtest/gtest.h> | 11 #include <gtest/gtest.h> |
| 12 | 12 |
| 13 #include "login_manager/bindings/chrome_device_policy.pb.h" |
| 13 #include "login_manager/bindings/device_management_backend.pb.h" | 14 #include "login_manager/bindings/device_management_backend.pb.h" |
| 15 #include "login_manager/mock_owner_key.h" |
| 16 |
| 17 namespace em = enterprise_management; |
| 14 | 18 |
| 15 namespace login_manager { | 19 namespace login_manager { |
| 20 using google::protobuf::RepeatedPtrField; |
| 21 using std::string; |
| 22 using ::testing::Return; |
| 23 using ::testing::_; |
| 16 | 24 |
| 17 class DevicePolicyTest : public ::testing::Test { | 25 class DevicePolicyTest : public ::testing::Test { |
| 18 public: | 26 public: |
| 19 DevicePolicyTest() {} | 27 DevicePolicyTest() {} |
| 20 | 28 |
| 21 virtual ~DevicePolicyTest() {} | 29 virtual ~DevicePolicyTest() {} |
| 22 | 30 |
| 23 bool StartFresh() { | 31 bool StartFresh() { |
| 24 return file_util::Delete(tmpfile_, false); | 32 return file_util::Delete(tmpfile_, false); |
| 25 } | 33 } |
| (...skipping 16 matching lines...) Expand all Loading... |
| 42 ASSERT_TRUE(store_->Persist()); | 50 ASSERT_TRUE(store_->Persist()); |
| 43 } | 51 } |
| 44 | 52 |
| 45 virtual void TearDown() { | 53 virtual void TearDown() { |
| 46 } | 54 } |
| 47 | 55 |
| 48 void CheckExpectedPolicy(DevicePolicy* store) { | 56 void CheckExpectedPolicy(DevicePolicy* store) { |
| 49 std::string serialized; | 57 std::string serialized; |
| 50 ASSERT_TRUE(policy_.SerializeToString(&serialized)); | 58 ASSERT_TRUE(policy_.SerializeToString(&serialized)); |
| 51 std::string serialized_from; | 59 std::string serialized_from; |
| 52 ASSERT_TRUE(store->Get(&serialized_from)); | 60 ASSERT_TRUE(store->SerializeToString(&serialized_from)); |
| 53 EXPECT_EQ(serialized, serialized_from); | 61 EXPECT_EQ(serialized, serialized_from); |
| 54 } | 62 } |
| 55 | 63 |
| 64 void ExtractPolicyValue(const DevicePolicy& pol, |
| 65 em::ChromeDeviceSettingsProto* polval) { |
| 66 em::PolicyData poldata; |
| 67 ASSERT_TRUE(pol.Get().has_policy_data()); |
| 68 ASSERT_TRUE(poldata.ParseFromString(pol.Get().policy_data())); |
| 69 ASSERT_TRUE(poldata.has_policy_type()); |
| 70 ASSERT_EQ(poldata.policy_type(), DevicePolicy::kDevicePolicyType); |
| 71 ASSERT_TRUE(poldata.has_policy_value()); |
| 72 ASSERT_TRUE(polval->ParseFromString(poldata.policy_value())); |
| 73 } |
| 74 |
| 75 int CountOwnerInWhitelist(const DevicePolicy& pol, const std::string& owner) { |
| 76 em::ChromeDeviceSettingsProto polval; |
| 77 ExtractPolicyValue(pol, &polval); |
| 78 const em::UserWhitelistProto& whitelist_proto = polval.user_whitelist(); |
| 79 int whitelist_count = 0; |
| 80 const RepeatedPtrField<std::string>& whitelist = |
| 81 whitelist_proto.user_whitelist(); |
| 82 for (RepeatedPtrField<std::string>::const_iterator it = whitelist.begin(); |
| 83 it != whitelist.end(); |
| 84 ++it) { |
| 85 whitelist_count += (owner == *it ? 1 : 0); |
| 86 } |
| 87 return whitelist_count; |
| 88 } |
| 89 |
| 90 em::PolicyFetchResponse Wrap(const em::ChromeDeviceSettingsProto& polval) { |
| 91 em::PolicyData new_poldata; |
| 92 new_poldata.set_policy_type(DevicePolicy::kDevicePolicyType); |
| 93 new_poldata.set_policy_value(polval.SerializeAsString()); |
| 94 em::PolicyFetchResponse new_policy; |
| 95 new_policy.set_policy_data(new_poldata.SerializeAsString()); |
| 96 return new_policy; |
| 97 } |
| 98 |
| 99 em::PolicyFetchResponse CreateWithOwner(const std::string& owner) { |
| 100 em::ChromeDeviceSettingsProto new_polval; |
| 101 new_polval.mutable_user_whitelist()->add_user_whitelist(owner); |
| 102 return Wrap(new_polval); |
| 103 } |
| 104 |
| 105 em::PolicyFetchResponse CreateWithWhitelist( |
| 106 const std::vector<std::string>& users) { |
| 107 em::ChromeDeviceSettingsProto polval; |
| 108 em::UserWhitelistProto* whitelist_proto = polval.mutable_user_whitelist(); |
| 109 for(std::vector<std::string>::const_iterator it = users.begin(); |
| 110 it != users.end(); |
| 111 ++it) { |
| 112 whitelist_proto->add_user_whitelist(*it); |
| 113 } |
| 114 return Wrap(polval); |
| 115 } |
| 116 |
| 56 static const char kDefaultPolicy[]; | 117 static const char kDefaultPolicy[]; |
| 57 | 118 |
| 58 ScopedTempDir tmpdir_; | 119 ScopedTempDir tmpdir_; |
| 59 FilePath tmpfile_; | 120 FilePath tmpfile_; |
| 60 scoped_ptr<DevicePolicy> store_; | 121 scoped_ptr<DevicePolicy> store_; |
| 61 enterprise_management::PolicyFetchResponse policy_; | 122 enterprise_management::PolicyFetchResponse policy_; |
| 62 | 123 |
| 63 private: | 124 private: |
| 64 DISALLOW_COPY_AND_ASSIGN(DevicePolicyTest); | 125 DISALLOW_COPY_AND_ASSIGN(DevicePolicyTest); |
| 65 }; | 126 }; |
| 66 | 127 |
| 67 // static | 128 // static |
| 68 const char DevicePolicyTest::kDefaultPolicy[] = "the policy"; | 129 const char DevicePolicyTest::kDefaultPolicy[] = "the policy"; |
| 69 | 130 |
| 70 TEST_F(DevicePolicyTest, CreateEmptyStore) { | 131 TEST_F(DevicePolicyTest, CreateEmptyStore) { |
| 71 StartFresh(); | 132 StartFresh(); |
| 72 DevicePolicy store(tmpfile_); | 133 DevicePolicy store(tmpfile_); |
| 73 ASSERT_TRUE(store.LoadOrCreate()); // Should create an empty DictionaryValue. | 134 ASSERT_TRUE(store.LoadOrCreate()); // Should create an empty policy. |
| 74 std::string serialized; | 135 std::string serialized; |
| 75 EXPECT_TRUE(store.Get(&serialized)); | 136 EXPECT_TRUE(store.SerializeToString(&serialized)); |
| 76 EXPECT_TRUE(serialized.empty()); | 137 EXPECT_TRUE(serialized.empty()); |
| 77 } | 138 } |
| 78 | 139 |
| 79 TEST_F(DevicePolicyTest, FailBrokenStore) { | 140 TEST_F(DevicePolicyTest, FailBrokenStore) { |
| 80 FilePath bad_file; | 141 FilePath bad_file; |
| 81 ASSERT_TRUE(file_util::CreateTemporaryFileInDir(tmpdir_.path(), &bad_file)); | 142 ASSERT_TRUE(file_util::CreateTemporaryFileInDir(tmpdir_.path(), &bad_file)); |
| 82 DevicePolicy store(bad_file); | 143 DevicePolicy store(bad_file); |
| 83 ASSERT_FALSE(store.LoadOrCreate()); | 144 ASSERT_FALSE(store.LoadOrCreate()); |
| 84 } | 145 } |
| 85 | 146 |
| 86 TEST_F(DevicePolicyTest, VerifyPolicyStorage) { | 147 TEST_F(DevicePolicyTest, VerifyPolicyStorage) { |
| 87 CheckExpectedPolicy(store_.get()); | 148 CheckExpectedPolicy(store_.get()); |
| 88 } | 149 } |
| 89 | 150 |
| 90 TEST_F(DevicePolicyTest, VerifyPolicyUpdate) { | 151 TEST_F(DevicePolicyTest, VerifyPolicyUpdate) { |
| 91 CheckExpectedPolicy(store_.get()); | 152 CheckExpectedPolicy(store_.get()); |
| 92 | 153 |
| 93 enterprise_management::PolicyFetchResponse new_policy; | 154 enterprise_management::PolicyFetchResponse new_policy; |
| 94 new_policy.set_error_message("new policy"); | 155 new_policy.set_error_message("new policy"); |
| 95 store_->Set(new_policy); | 156 store_->Set(new_policy); |
| 96 | 157 |
| 97 std::string new_out; | 158 std::string new_out; |
| 98 ASSERT_TRUE(store_->Get(&new_out)); | 159 ASSERT_TRUE(store_->SerializeToString(&new_out)); |
| 99 std::string new_value; | 160 std::string new_value; |
| 100 ASSERT_TRUE(new_policy.SerializeToString(&new_value)); | 161 ASSERT_TRUE(new_policy.SerializeToString(&new_value)); |
| 101 EXPECT_EQ(new_value, new_out); | 162 EXPECT_EQ(new_value, new_out); |
| 102 } | 163 } |
| 103 | 164 |
| 104 TEST_F(DevicePolicyTest, LoadStoreFromDisk) { | 165 TEST_F(DevicePolicyTest, LoadStoreFromDisk) { |
| 105 DevicePolicy store2(tmpfile_); | 166 DevicePolicy store2(tmpfile_); |
| 106 ASSERT_TRUE(store2.LoadOrCreate()); | 167 ASSERT_TRUE(store2.LoadOrCreate()); |
| 107 CheckExpectedPolicy(&store2); | 168 CheckExpectedPolicy(&store2); |
| 108 } | 169 } |
| 109 | 170 |
| 171 TEST_F(DevicePolicyTest, FreshPolicy) { |
| 172 StartFresh(); |
| 173 DevicePolicy pol(tmpfile_); |
| 174 ASSERT_TRUE(pol.LoadOrCreate()); // Should create an empty policy. |
| 175 |
| 176 std::string current_user("me"); |
| 177 scoped_ptr<MockOwnerKey> key(new MockOwnerKey); |
| 178 EXPECT_CALL(*key.get(), Sign(_, _, _)) |
| 179 .WillOnce(Return(true)); |
| 180 pol.StoreOwnerProperties(key.get(), current_user, NULL); |
| 181 |
| 182 ASSERT_EQ(CountOwnerInWhitelist(pol, current_user), 1); |
| 183 } |
| 184 |
| 185 TEST_F(DevicePolicyTest, OwnerAlreadyInPolicy) { |
| 186 StartFresh(); |
| 187 DevicePolicy pol(tmpfile_); |
| 188 ASSERT_TRUE(pol.LoadOrCreate()); // Should create an empty policy. |
| 189 |
| 190 std::string current_user("me"); |
| 191 pol.Set(CreateWithOwner(current_user)); |
| 192 |
| 193 scoped_ptr<MockOwnerKey> key(new MockOwnerKey); |
| 194 pol.StoreOwnerProperties(key.get(), current_user, NULL); |
| 195 |
| 196 ASSERT_EQ(CountOwnerInWhitelist(pol, current_user), 1); |
| 197 } |
| 198 |
| 199 TEST_F(DevicePolicyTest, ExistingPolicy) { |
| 200 StartFresh(); |
| 201 DevicePolicy pol(tmpfile_); |
| 202 ASSERT_TRUE(pol.LoadOrCreate()); // Should create an empty policy. |
| 203 |
| 204 std::string current_user("me"); |
| 205 const char* users[] = { "you", "him", "her" }; |
| 206 std::vector<std::string> default_whitelist(users, users + arraysize(users)); |
| 207 pol.Set(CreateWithWhitelist(default_whitelist)); |
| 208 |
| 209 scoped_ptr<MockOwnerKey> key(new MockOwnerKey); |
| 210 EXPECT_CALL(*key.get(), Sign(_, _, _)) |
| 211 .WillOnce(Return(true)); |
| 212 pol.StoreOwnerProperties(key.get(), current_user, NULL); |
| 213 |
| 214 ASSERT_EQ(CountOwnerInWhitelist(pol, current_user), 1); |
| 215 } |
| 216 |
| 110 } // namespace login_manager | 217 } // namespace login_manager |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6815021:
[login_manager] Code to add the owner to the whitelist in a device policy (Closed)
Base URL: http://git.chromium.org/git/login_manager.git@master