| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h" | 5 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h" |
| 6 | 6 |
| 7 #include <stdint.h> | 7 #include <stdint.h> |
| 8 | 8 |
| 9 #include <memory> | 9 #include <memory> |
| 10 #include <string> | 10 #include <string> |
| (...skipping 16 matching lines...) Expand all Loading... |
| 27 #include "components/policy/core/common/cloud/policy_builder.h" | 27 #include "components/policy/core/common/cloud/policy_builder.h" |
| 28 #include "components/policy/core/common/policy_types.h" | 28 #include "components/policy/core/common/policy_types.h" |
| 29 #include "components/policy/policy_constants.h" | 29 #include "components/policy/policy_constants.h" |
| 30 #include "components/policy/proto/cloud_policy.pb.h" | 30 #include "components/policy/proto/cloud_policy.pb.h" |
| 31 #include "crypto/rsa_private_key.h" | 31 #include "crypto/rsa_private_key.h" |
| 32 #include "testing/gmock/include/gmock/gmock.h" | 32 #include "testing/gmock/include/gmock/gmock.h" |
| 33 #include "testing/gtest/include/gtest/gtest.h" | 33 #include "testing/gtest/include/gtest/gtest.h" |
| 34 | 34 |
| 35 namespace em = enterprise_management; | 35 namespace em = enterprise_management; |
| 36 | 36 |
| 37 using RetrievePolicyResponseType = |
| 38 chromeos::SessionManagerClient::RetrievePolicyResponseType; |
| 39 |
| 37 using testing::AllOf; | 40 using testing::AllOf; |
| 38 using testing::AnyNumber; | 41 using testing::AnyNumber; |
| 39 using testing::Eq; | 42 using testing::Eq; |
| 40 using testing::Mock; | 43 using testing::Mock; |
| 41 using testing::Property; | 44 using testing::Property; |
| 42 using testing::Return; | 45 using testing::Return; |
| 43 using testing::SaveArg; | 46 using testing::SaveArg; |
| 47 using testing::SetArgPointee; |
| 44 using testing::_; | 48 using testing::_; |
| 45 | 49 |
| 46 namespace policy { | 50 namespace policy { |
| 47 | 51 |
| 48 namespace { | 52 namespace { |
| 49 | 53 |
| 50 const char kSanitizedUsername[] = | 54 const char kSanitizedUsername[] = |
| 51 "0123456789ABCDEF0123456789ABCDEF012345678@example.com"; | 55 "0123456789ABCDEF0123456789ABCDEF012345678@example.com"; |
| 52 const char kDefaultHomepage[] = "http://chromium.org"; | 56 const char kDefaultHomepage[] = "http://chromium.org"; |
| 53 | 57 |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 103 chromeos::SessionManagerClient::RetrievePolicyCallback retrieve_callback; | 107 chromeos::SessionManagerClient::RetrievePolicyCallback retrieve_callback; |
| 104 EXPECT_CALL(session_manager_client_, | 108 EXPECT_CALL(session_manager_client_, |
| 105 RetrievePolicyForUser(cryptohome_id_, _)) | 109 RetrievePolicyForUser(cryptohome_id_, _)) |
| 106 .WillOnce(SaveArg<1>(&retrieve_callback)); | 110 .WillOnce(SaveArg<1>(&retrieve_callback)); |
| 107 store_->Load(); | 111 store_->Load(); |
| 108 base::RunLoop().RunUntilIdle(); | 112 base::RunLoop().RunUntilIdle(); |
| 109 Mock::VerifyAndClearExpectations(&session_manager_client_); | 113 Mock::VerifyAndClearExpectations(&session_manager_client_); |
| 110 ASSERT_FALSE(retrieve_callback.is_null()); | 114 ASSERT_FALSE(retrieve_callback.is_null()); |
| 111 | 115 |
| 112 // Run the callback. | 116 // Run the callback. |
| 113 retrieve_callback.Run(response); | 117 retrieve_callback.Run(response, RetrievePolicyResponseType::SUCCESS); |
| 114 base::RunLoop().RunUntilIdle(); | 118 base::RunLoop().RunUntilIdle(); |
| 115 } | 119 } |
| 116 | 120 |
| 117 // Verifies that store_->policy_map() has the HomepageLocation entry with | 121 // Verifies that store_->policy_map() has the HomepageLocation entry with |
| 118 // the |expected_value|. | 122 // the |expected_value|. |
| 119 void VerifyPolicyMap(const char* expected_value) { | 123 void VerifyPolicyMap(const char* expected_value) { |
| 120 EXPECT_EQ(1U, store_->policy_map().size()); | 124 EXPECT_EQ(1U, store_->policy_map().size()); |
| 121 const PolicyMap::Entry* entry = | 125 const PolicyMap::Entry* entry = |
| 122 store_->policy_map().Get(key::kHomepageLocation); | 126 store_->policy_map().Get(key::kHomepageLocation); |
| 123 ASSERT_TRUE(entry); | 127 ASSERT_TRUE(entry); |
| (...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 176 .WillOnce(SaveArg<1>(&retrieve_callback)); | 180 .WillOnce(SaveArg<1>(&retrieve_callback)); |
| 177 store_callback.Run(true); | 181 store_callback.Run(true); |
| 178 base::RunLoop().RunUntilIdle(); | 182 base::RunLoop().RunUntilIdle(); |
| 179 EXPECT_TRUE(previous_policy.Equals(store_->policy_map())); | 183 EXPECT_TRUE(previous_policy.Equals(store_->policy_map())); |
| 180 EXPECT_EQ(initial_status, store_->status()); | 184 EXPECT_EQ(initial_status, store_->status()); |
| 181 Mock::VerifyAndClearExpectations(&session_manager_client_); | 185 Mock::VerifyAndClearExpectations(&session_manager_client_); |
| 182 ASSERT_FALSE(retrieve_callback.is_null()); | 186 ASSERT_FALSE(retrieve_callback.is_null()); |
| 183 | 187 |
| 184 // Finish the retrieve callback. | 188 // Finish the retrieve callback. |
| 185 EXPECT_CALL(observer_, OnStoreLoaded(store_.get())); | 189 EXPECT_CALL(observer_, OnStoreLoaded(store_.get())); |
| 186 retrieve_callback.Run(policy_.GetBlob()); | 190 retrieve_callback.Run(policy_.GetBlob(), |
| 191 RetrievePolicyResponseType::SUCCESS); |
| 187 base::RunLoop().RunUntilIdle(); | 192 base::RunLoop().RunUntilIdle(); |
| 188 ASSERT_TRUE(store_->policy()); | 193 ASSERT_TRUE(store_->policy()); |
| 189 EXPECT_EQ(policy_.policy_data().SerializeAsString(), | 194 EXPECT_EQ(policy_.policy_data().SerializeAsString(), |
| 190 store_->policy()->SerializeAsString()); | 195 store_->policy()->SerializeAsString()); |
| 191 VerifyPolicyMap(new_value); | 196 VerifyPolicyMap(new_value); |
| 192 EXPECT_EQ(CloudPolicyStore::STATUS_OK, store_->status()); | 197 EXPECT_EQ(CloudPolicyStore::STATUS_OK, store_->status()); |
| 193 } | 198 } |
| 194 | 199 |
| 195 void VerifyStoreHasValidationError() { | 200 void VerifyStoreHasValidationError() { |
| 196 EXPECT_FALSE(store_->policy()); | 201 EXPECT_FALSE(store_->policy()); |
| (...skipping 288 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 485 policy_.policy().mutable_policy_data_signature()->append("garbage"); | 490 policy_.policy().mutable_policy_data_signature()->append("garbage"); |
| 486 ExpectError(CloudPolicyStore::STATUS_VALIDATION_ERROR); | 491 ExpectError(CloudPolicyStore::STATUS_VALIDATION_ERROR); |
| 487 ASSERT_NO_FATAL_FAILURE(PerformPolicyLoad(policy_.GetBlob())); | 492 ASSERT_NO_FATAL_FAILURE(PerformPolicyLoad(policy_.GetBlob())); |
| 488 VerifyStoreHasValidationError(); | 493 VerifyStoreHasValidationError(); |
| 489 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); | 494 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); |
| 490 } | 495 } |
| 491 | 496 |
| 492 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediately) { | 497 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediately) { |
| 493 EXPECT_CALL(observer_, OnStoreLoaded(store_.get())); | 498 EXPECT_CALL(observer_, OnStoreLoaded(store_.get())); |
| 494 EXPECT_CALL(session_manager_client_, | 499 EXPECT_CALL(session_manager_client_, |
| 495 BlockingRetrievePolicyForUser(cryptohome_id_)) | 500 BlockingRetrievePolicyForUser(cryptohome_id_, _)) |
| 496 .WillOnce(Return(policy_.GetBlob())); | 501 .WillOnce(DoAll(SetArgPointee<1>(policy_.GetBlob()), |
| 502 Return(RetrievePolicyResponseType::SUCCESS))); |
| 497 EXPECT_CALL(cryptohome_client_, BlockingGetSanitizedUsername(cryptohome_id_)) | 503 EXPECT_CALL(cryptohome_client_, BlockingGetSanitizedUsername(cryptohome_id_)) |
| 498 .WillOnce(Return(kSanitizedUsername)); | 504 .WillOnce(Return(kSanitizedUsername)); |
| 499 | 505 |
| 500 EXPECT_FALSE(store_->policy()); | 506 EXPECT_FALSE(store_->policy()); |
| 501 store_->LoadImmediately(); | 507 store_->LoadImmediately(); |
| 502 // Note: verify that the |observer_| got notified synchronously, without | 508 // Note: verify that the |observer_| got notified synchronously, without |
| 503 // having to spin the current loop. TearDown() will flush the loop so this | 509 // having to spin the current loop. TearDown() will flush the loop so this |
| 504 // must be done within the test. | 510 // must be done within the test. |
| 505 Mock::VerifyAndClearExpectations(&observer_); | 511 Mock::VerifyAndClearExpectations(&observer_); |
| 506 Mock::VerifyAndClearExpectations(&session_manager_client_); | 512 Mock::VerifyAndClearExpectations(&session_manager_client_); |
| 507 Mock::VerifyAndClearExpectations(&cryptohome_client_); | 513 Mock::VerifyAndClearExpectations(&cryptohome_client_); |
| 508 | 514 |
| 509 // The policy should become available without having to spin any loops. | 515 // The policy should become available without having to spin any loops. |
| 510 ASSERT_TRUE(store_->policy()); | 516 ASSERT_TRUE(store_->policy()); |
| 511 EXPECT_EQ(policy_.policy_data().SerializeAsString(), | 517 EXPECT_EQ(policy_.policy_data().SerializeAsString(), |
| 512 store_->policy()->SerializeAsString()); | 518 store_->policy()->SerializeAsString()); |
| 513 VerifyPolicyMap(kDefaultHomepage); | 519 VerifyPolicyMap(kDefaultHomepage); |
| 514 EXPECT_EQ(CloudPolicyStore::STATUS_OK, store_->status()); | 520 EXPECT_EQ(CloudPolicyStore::STATUS_OK, store_->status()); |
| 515 EXPECT_EQ(policy_.GetPublicSigningKeyAsString(), | 521 EXPECT_EQ(policy_.GetPublicSigningKeyAsString(), |
| 516 store_->policy_signature_public_key()); | 522 store_->policy_signature_public_key()); |
| 517 } | 523 } |
| 518 | 524 |
| 519 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyNoPolicy) { | 525 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyNoPolicy) { |
| 520 EXPECT_CALL(observer_, OnStoreLoaded(store_.get())); | 526 EXPECT_CALL(observer_, OnStoreLoaded(store_.get())); |
| 521 EXPECT_CALL(session_manager_client_, | 527 EXPECT_CALL(session_manager_client_, |
| 522 BlockingRetrievePolicyForUser(cryptohome_id_)) | 528 BlockingRetrievePolicyForUser(cryptohome_id_, _)) |
| 523 .WillOnce(Return("")); | 529 .WillOnce(DoAll(SetArgPointee<1>(""), |
| 530 Return(RetrievePolicyResponseType::SUCCESS))); |
| 524 | 531 |
| 525 EXPECT_FALSE(store_->policy()); | 532 EXPECT_FALSE(store_->policy()); |
| 526 store_->LoadImmediately(); | 533 store_->LoadImmediately(); |
| 527 Mock::VerifyAndClearExpectations(&observer_); | 534 Mock::VerifyAndClearExpectations(&observer_); |
| 528 Mock::VerifyAndClearExpectations(&session_manager_client_); | 535 Mock::VerifyAndClearExpectations(&session_manager_client_); |
| 529 | 536 |
| 530 EXPECT_FALSE(store_->policy()); | 537 EXPECT_FALSE(store_->policy()); |
| 531 EXPECT_TRUE(store_->policy_map().empty()); | 538 EXPECT_TRUE(store_->policy_map().empty()); |
| 532 EXPECT_EQ(CloudPolicyStore::STATUS_OK, store_->status()); | 539 EXPECT_EQ(CloudPolicyStore::STATUS_OK, store_->status()); |
| 533 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); | 540 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); |
| 534 } | 541 } |
| 535 | 542 |
| 536 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyInvalidBlob) { | 543 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyInvalidBlob) { |
| 537 EXPECT_CALL(observer_, OnStoreError(store_.get())); | 544 EXPECT_CALL(observer_, OnStoreError(store_.get())); |
| 538 EXPECT_CALL(session_manager_client_, | 545 EXPECT_CALL(session_manager_client_, |
| 539 BlockingRetrievePolicyForUser(cryptohome_id_)) | 546 BlockingRetrievePolicyForUser(cryptohome_id_, _)) |
| 540 .WillOnce(Return("le blob")); | 547 .WillOnce(DoAll(SetArgPointee<1>("le blob"), |
| 548 Return(RetrievePolicyResponseType::SUCCESS))); |
| 541 | 549 |
| 542 EXPECT_FALSE(store_->policy()); | 550 EXPECT_FALSE(store_->policy()); |
| 543 store_->LoadImmediately(); | 551 store_->LoadImmediately(); |
| 544 Mock::VerifyAndClearExpectations(&observer_); | 552 Mock::VerifyAndClearExpectations(&observer_); |
| 545 Mock::VerifyAndClearExpectations(&session_manager_client_); | 553 Mock::VerifyAndClearExpectations(&session_manager_client_); |
| 546 | 554 |
| 547 EXPECT_FALSE(store_->policy()); | 555 EXPECT_FALSE(store_->policy()); |
| 548 EXPECT_TRUE(store_->policy_map().empty()); | 556 EXPECT_TRUE(store_->policy_map().empty()); |
| 549 EXPECT_EQ(CloudPolicyStore::STATUS_PARSE_ERROR, store_->status()); | 557 EXPECT_EQ(CloudPolicyStore::STATUS_PARSE_ERROR, store_->status()); |
| 550 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); | 558 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); |
| 551 } | 559 } |
| 552 | 560 |
| 553 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyDBusFailure) { | 561 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyDBusFailure) { |
| 554 EXPECT_CALL(observer_, OnStoreError(store_.get())); | 562 EXPECT_CALL(observer_, OnStoreError(store_.get())); |
| 555 EXPECT_CALL(session_manager_client_, | 563 EXPECT_CALL(session_manager_client_, |
| 556 BlockingRetrievePolicyForUser(cryptohome_id_)) | 564 BlockingRetrievePolicyForUser(cryptohome_id_, _)) |
| 557 .WillOnce(Return(policy_.GetBlob())); | 565 .WillOnce(DoAll(SetArgPointee<1>(policy_.GetBlob()), |
| 566 Return(RetrievePolicyResponseType::SUCCESS))); |
| 558 EXPECT_CALL(cryptohome_client_, BlockingGetSanitizedUsername(cryptohome_id_)) | 567 EXPECT_CALL(cryptohome_client_, BlockingGetSanitizedUsername(cryptohome_id_)) |
| 559 .WillOnce(Return("")); | 568 .WillOnce(Return("")); |
| 560 | 569 |
| 561 EXPECT_FALSE(store_->policy()); | 570 EXPECT_FALSE(store_->policy()); |
| 562 store_->LoadImmediately(); | 571 store_->LoadImmediately(); |
| 563 Mock::VerifyAndClearExpectations(&observer_); | 572 Mock::VerifyAndClearExpectations(&observer_); |
| 564 Mock::VerifyAndClearExpectations(&session_manager_client_); | 573 Mock::VerifyAndClearExpectations(&session_manager_client_); |
| 565 Mock::VerifyAndClearExpectations(&cryptohome_client_); | 574 Mock::VerifyAndClearExpectations(&cryptohome_client_); |
| 566 | 575 |
| 567 EXPECT_FALSE(store_->policy()); | 576 EXPECT_FALSE(store_->policy()); |
| 568 EXPECT_TRUE(store_->policy_map().empty()); | 577 EXPECT_TRUE(store_->policy_map().empty()); |
| 569 EXPECT_EQ(CloudPolicyStore::STATUS_LOAD_ERROR, store_->status()); | 578 EXPECT_EQ(CloudPolicyStore::STATUS_LOAD_ERROR, store_->status()); |
| 570 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); | 579 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); |
| 571 } | 580 } |
| 572 | 581 |
| 573 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyNoUserPolicyKey) { | 582 TEST_F(UserCloudPolicyStoreChromeOSTest, LoadImmediatelyNoUserPolicyKey) { |
| 574 EXPECT_CALL(observer_, OnStoreError(store_.get())); | 583 EXPECT_CALL(observer_, OnStoreError(store_.get())); |
| 575 EXPECT_CALL(session_manager_client_, | 584 EXPECT_CALL(session_manager_client_, |
| 576 BlockingRetrievePolicyForUser(cryptohome_id_)) | 585 BlockingRetrievePolicyForUser(cryptohome_id_, _)) |
| 577 .WillOnce(Return(policy_.GetBlob())); | 586 .WillOnce(DoAll(SetArgPointee<1>(policy_.GetBlob()), |
| 587 Return(RetrievePolicyResponseType::SUCCESS))); |
| 578 EXPECT_CALL(cryptohome_client_, BlockingGetSanitizedUsername(cryptohome_id_)) | 588 EXPECT_CALL(cryptohome_client_, BlockingGetSanitizedUsername(cryptohome_id_)) |
| 579 .WillOnce(Return("wrong@example.com")); | 589 .WillOnce(Return("wrong@example.com")); |
| 580 | 590 |
| 581 EXPECT_FALSE(store_->policy()); | 591 EXPECT_FALSE(store_->policy()); |
| 582 store_->LoadImmediately(); | 592 store_->LoadImmediately(); |
| 583 Mock::VerifyAndClearExpectations(&observer_); | 593 Mock::VerifyAndClearExpectations(&observer_); |
| 584 Mock::VerifyAndClearExpectations(&session_manager_client_); | 594 Mock::VerifyAndClearExpectations(&session_manager_client_); |
| 585 Mock::VerifyAndClearExpectations(&cryptohome_client_); | 595 Mock::VerifyAndClearExpectations(&cryptohome_client_); |
| 586 | 596 |
| 587 EXPECT_FALSE(store_->policy()); | 597 EXPECT_FALSE(store_->policy()); |
| 588 EXPECT_TRUE(store_->policy_map().empty()); | 598 EXPECT_TRUE(store_->policy_map().empty()); |
| 589 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, store_->status()); | 599 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, store_->status()); |
| 590 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); | 600 EXPECT_EQ(std::string(), store_->policy_signature_public_key()); |
| 591 } | 601 } |
| 592 | 602 |
| 593 } // namespace | 603 } // namespace |
| 594 | 604 |
| 595 } // namespace policy | 605 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2801993002:
Abandon user sign in when policy is retrieved before session started (Closed)
