Chromium Code Reviews Chromium Code Reviews
Issue 9404011:
Explicitly wait for user policy before completing login. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/policy/cloud_policy_controller.h" | 5 #include "chrome/browser/policy/cloud_policy_controller.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | |
| 8 #include "base/callback.h" | |
| 7 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 8 #include "base/message_loop.h" | 10 #include "base/message_loop.h" |
| 9 #include "base/scoped_temp_dir.h" | 11 #include "base/scoped_temp_dir.h" |
| 10 #include "chrome/browser/policy/cloud_policy_data_store.h" | 12 #include "chrome/browser/policy/cloud_policy_data_store.h" |
| 11 #include "chrome/browser/policy/device_token_fetcher.h" | 13 #include "chrome/browser/policy/device_token_fetcher.h" |
| 12 #include "chrome/browser/policy/logging_work_scheduler.h" | 14 #include "chrome/browser/policy/logging_work_scheduler.h" |
| 13 #include "chrome/browser/policy/mock_device_management_service.h" | 15 #include "chrome/browser/policy/mock_device_management_service.h" |
| 14 #include "chrome/browser/policy/policy_notifier.h" | 16 #include "chrome/browser/policy/policy_notifier.h" |
| 15 #include "chrome/browser/policy/proto/cloud_policy.pb.h" | 17 #include "chrome/browser/policy/proto/cloud_policy.pb.h" |
| 16 #include "chrome/browser/policy/proto/device_management_backend.pb.h" | 18 #include "chrome/browser/policy/proto/device_management_backend.pb.h" |
| (...skipping 24 matching lines...) Expand all Loading... | |
| 41 MOCK_METHOD0(SetUnmanagedState, void()); | 43 MOCK_METHOD0(SetUnmanagedState, void()); |
| 42 MOCK_METHOD0(SetSerialNumberInvalidState, void()); | 44 MOCK_METHOD0(SetSerialNumberInvalidState, void()); |
| 43 | 45 |
| 44 private: | 46 private: |
| 45 DISALLOW_COPY_AND_ASSIGN(MockDeviceTokenFetcher); | 47 DISALLOW_COPY_AND_ASSIGN(MockDeviceTokenFetcher); |
| 46 }; | 48 }; |
| 47 | 49 |
| 48 class CloudPolicyControllerTest : public testing::Test { | 50 class CloudPolicyControllerTest : public testing::Test { |
| 49 public: | 51 public: |
| 50 CloudPolicyControllerTest() | 52 CloudPolicyControllerTest() |
| 51 : ui_thread_(BrowserThread::UI, &loop_), | 53 : ready_callback_was_invoked_(false), |
| 54 ui_thread_(BrowserThread::UI, &loop_), | |
| 52 file_thread_(BrowserThread::FILE, &loop_) { | 55 file_thread_(BrowserThread::FILE, &loop_) { |
| 53 em::PolicyData signed_response; | 56 em::PolicyData signed_response; |
| 54 em::CloudPolicySettings settings; | 57 em::CloudPolicySettings settings; |
| 55 em::DisableSpdyProto* spdy_proto = settings.mutable_disablespdy(); | 58 em::DisableSpdyProto* spdy_proto = settings.mutable_disablespdy(); |
| 56 spdy_proto->set_disablespdy(true); | 59 spdy_proto->set_disablespdy(true); |
| 57 spdy_proto->mutable_policy_options()->set_mode( | 60 spdy_proto->mutable_policy_options()->set_mode( |
| 58 em::PolicyOptions::MANDATORY); | 61 em::PolicyOptions::MANDATORY); |
| 59 EXPECT_TRUE( | 62 EXPECT_TRUE( |
| 60 settings.SerializeToString(signed_response.mutable_policy_value())); | 63 settings.SerializeToString(signed_response.mutable_policy_value())); |
| 61 base::TimeDelta timestamp = | 64 base::TimeDelta timestamp = |
| 62 base::Time::NowFromSystemTime() - base::Time::UnixEpoch(); | 65 base::Time::NowFromSystemTime() - base::Time::UnixEpoch(); |
| 63 signed_response.set_timestamp(timestamp.InMilliseconds()); | 66 signed_response.set_timestamp(timestamp.InMilliseconds()); |
| 64 std::string serialized_signed_response; | 67 std::string serialized_signed_response; |
| 65 EXPECT_TRUE(signed_response.SerializeToString(&serialized_signed_response)); | 68 EXPECT_TRUE(signed_response.SerializeToString(&serialized_signed_response)); |
| 66 em::PolicyFetchResponse* fetch_response = | 69 em::PolicyFetchResponse* fetch_response = |
| 67 spdy_policy_response_.mutable_policy_response()->add_response(); | 70 spdy_policy_response_.mutable_policy_response()->add_response(); |
| 68 fetch_response->set_policy_data(serialized_signed_response); | 71 fetch_response->set_policy_data(serialized_signed_response); |
| 69 } | 72 } |
| 70 | 73 |
| 71 virtual ~CloudPolicyControllerTest() {} | 74 virtual ~CloudPolicyControllerTest() {} |
| 72 | 75 |
| 73 virtual void SetUp() { | 76 virtual void SetUp() { |
| 74 ASSERT_TRUE(temp_user_data_dir_.CreateUniqueTempDir()); | 77 ASSERT_TRUE(temp_user_data_dir_.CreateUniqueTempDir()); |
| 75 cache_.reset(new UserPolicyCache( | 78 cache_.reset(new UserPolicyCache( |
| 76 temp_user_data_dir_.path().AppendASCII("CloudPolicyControllerTest"), | 79 temp_user_data_dir_.path().AppendASCII("CloudPolicyControllerTest"), |
| 77 false /* wait_for_policy_fetch */)); | 80 false, /* wait_for_policy_fetch */ |
| 81 base::Closure() /* ready_callback */)); | |
| 78 token_fetcher_.reset(new MockDeviceTokenFetcher(cache_.get())); | 82 token_fetcher_.reset(new MockDeviceTokenFetcher(cache_.get())); |
| 79 EXPECT_CALL(service_, StartJob(_)).Times(AnyNumber()); | 83 EXPECT_CALL(service_, StartJob(_)).Times(AnyNumber()); |
| 80 data_store_.reset(CloudPolicyDataStore::CreateForUserPolicies()); | 84 data_store_.reset(CloudPolicyDataStore::CreateForUserPolicies()); |
| 81 } | 85 } |
| 82 | 86 |
| 83 virtual void TearDown() { | 87 virtual void TearDown() { |
| 84 controller_.reset(); // Unregisters observers. | 88 controller_.reset(); // Unregisters observers. |
| 85 data_store_.reset(); | 89 data_store_.reset(); |
| 86 } | 90 } |
| 87 | 91 |
| 88 void CreateNewController() { | 92 void CreateNewController() { |
| 89 controller_.reset(new CloudPolicyController( | 93 controller_.reset(new CloudPolicyController( |
| 90 &service_, cache_.get(), token_fetcher_.get(), data_store_.get(), | 94 &service_, cache_.get(), token_fetcher_.get(), data_store_.get(), |
| 91 ¬ifier_, new DummyWorkScheduler)); | 95 ¬ifier_, new DummyWorkScheduler)); |
| 92 } | 96 } |
| 93 | 97 |
| 94 void CreateNewWaitingCache() { | 98 void CreateNewWaitingCache() { |
| 99 ready_callback_was_invoked_ = false; | |
| 95 cache_.reset(new UserPolicyCache( | 100 cache_.reset(new UserPolicyCache( |
| 96 temp_user_data_dir_.path().AppendASCII("CloudPolicyControllerTest"), | 101 temp_user_data_dir_.path().AppendASCII("CloudPolicyControllerTest"), |
| 97 true /* wait_for_policy_fetch */)); | 102 true, // wait_for_policy_fetch |
| 103 base::Bind(&CloudPolicyControllerTest::ReadyCallback, | |
| 104 base::Unretained(this)))); | |
| 98 // Make this cache's disk cache ready, but have it still waiting for a | 105 // Make this cache's disk cache ready, but have it still waiting for a |
| 99 // policy fetch. | 106 // policy fetch. |
| 100 cache_->Load(); | 107 cache_->Load(); |
| 101 loop_.RunAllPending(); | 108 loop_.RunAllPending(); |
| 102 ASSERT_TRUE(cache_->last_policy_refresh_time().is_null()); | 109 ASSERT_TRUE(cache_->last_policy_refresh_time().is_null()); |
| 103 ASSERT_FALSE(cache_->IsReady()); | 110 ASSERT_FALSE(cache_->IsReady()); |
| 111 ASSERT_FALSE(ready_callback_was_invoked_); | |
| 104 } | 112 } |
| 105 | 113 |
| 106 void ExpectHasSpdyPolicy() { | 114 void ExpectHasSpdyPolicy() { |
| 107 base::FundamentalValue expected(true); | 115 base::FundamentalValue expected(true); |
| 108 ASSERT_TRUE(Value::Equals(&expected, | 116 ASSERT_TRUE(Value::Equals(&expected, |
| 109 cache_->policy()->GetValue(key::kDisableSpdy))); | 117 cache_->policy()->GetValue(key::kDisableSpdy))); |
| 110 } | 118 } |
| 111 | 119 |
| 120 void ReadyCallback() { | |
|
Mattias Nissler (ping if slow)
2012/02/16 10:24:11
Suggestion: You can actually declare this as a MOC
| |
| 121 ready_callback_was_invoked_ = true; | |
| 122 } | |
| 123 | |
| 112 protected: | 124 protected: |
| 113 scoped_ptr<CloudPolicyCacheBase> cache_; | 125 scoped_ptr<CloudPolicyCacheBase> cache_; |
| 114 scoped_ptr<CloudPolicyController> controller_; | 126 scoped_ptr<CloudPolicyController> controller_; |
| 115 scoped_ptr<MockDeviceTokenFetcher> token_fetcher_; | 127 scoped_ptr<MockDeviceTokenFetcher> token_fetcher_; |
| 116 scoped_ptr<CloudPolicyDataStore> data_store_; | 128 scoped_ptr<CloudPolicyDataStore> data_store_; |
| 117 MockDeviceManagementService service_; | 129 MockDeviceManagementService service_; |
| 118 PolicyNotifier notifier_; | 130 PolicyNotifier notifier_; |
| 119 ScopedTempDir temp_user_data_dir_; | 131 ScopedTempDir temp_user_data_dir_; |
| 120 MessageLoop loop_; | 132 MessageLoop loop_; |
| 121 em::DeviceManagementResponse spdy_policy_response_; | 133 em::DeviceManagementResponse spdy_policy_response_; |
| 134 bool ready_callback_was_invoked_; | |
| 122 | 135 |
| 123 private: | 136 private: |
| 124 content::TestBrowserThread ui_thread_; | 137 content::TestBrowserThread ui_thread_; |
| 125 content::TestBrowserThread file_thread_; | 138 content::TestBrowserThread file_thread_; |
| 126 | 139 |
| 127 DISALLOW_COPY_AND_ASSIGN(CloudPolicyControllerTest); | 140 DISALLOW_COPY_AND_ASSIGN(CloudPolicyControllerTest); |
| 128 }; | 141 }; |
| 129 | 142 |
| 130 // If a device token is present when the controller starts up, it should | 143 // If a device token is present when the controller starts up, it should |
| 131 // fetch and apply policy. | 144 // fetch and apply policy. |
| (...skipping 137 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 269 loop_.RunAllPending(); | 282 loop_.RunAllPending(); |
| 270 } | 283 } |
| 271 | 284 |
| 272 TEST_F(CloudPolicyControllerTest, DontSetFetchingDoneWithoutTokens) { | 285 TEST_F(CloudPolicyControllerTest, DontSetFetchingDoneWithoutTokens) { |
| 273 CreateNewWaitingCache(); | 286 CreateNewWaitingCache(); |
| 274 CreateNewController(); | 287 CreateNewController(); |
| 275 // Initialized without an oauth token, goes into TOKEN_UNAVAILABLE state. | 288 // Initialized without an oauth token, goes into TOKEN_UNAVAILABLE state. |
| 276 // This means the controller is still waiting for an oauth token fetch. | 289 // This means the controller is still waiting for an oauth token fetch. |
| 277 loop_.RunAllPending(); | 290 loop_.RunAllPending(); |
| 278 EXPECT_FALSE(cache_->IsReady()); | 291 EXPECT_FALSE(cache_->IsReady()); |
| 292 EXPECT_FALSE(ready_callback_was_invoked_); | |
| 279 | 293 |
| 280 controller_->OnDeviceTokenChanged(); | 294 controller_->OnDeviceTokenChanged(); |
| 281 loop_.RunAllPending(); | 295 loop_.RunAllPending(); |
| 282 EXPECT_FALSE(cache_->IsReady()); | 296 EXPECT_FALSE(cache_->IsReady()); |
| 297 EXPECT_FALSE(ready_callback_was_invoked_); | |
| 283 } | 298 } |
| 284 | 299 |
| 285 TEST_F(CloudPolicyControllerTest, RefreshPoliciesWithoutMaterial) { | 300 TEST_F(CloudPolicyControllerTest, RefreshPoliciesWithoutMaterial) { |
| 286 CreateNewWaitingCache(); | 301 CreateNewWaitingCache(); |
| 287 CreateNewController(); | 302 CreateNewController(); |
| 288 loop_.RunAllPending(); | 303 loop_.RunAllPending(); |
| 289 EXPECT_FALSE(cache_->IsReady()); | 304 EXPECT_FALSE(cache_->IsReady()); |
| 305 EXPECT_FALSE(ready_callback_was_invoked_); | |
| 290 | 306 |
| 291 // Same scenario as the last test, but the RefreshPolicies call must always | 307 // Same scenario as the last test, but the RefreshPolicies call must always |
| 292 // notify the cache. | 308 // notify the cache. |
| 293 controller_->RefreshPolicies(false); | 309 controller_->RefreshPolicies(false); |
| 294 loop_.RunAllPending(); | 310 loop_.RunAllPending(); |
| 295 EXPECT_TRUE(cache_->IsReady()); | 311 EXPECT_TRUE(cache_->IsReady()); |
| 312 EXPECT_TRUE(ready_callback_was_invoked_); | |
| 296 } | 313 } |
| 297 | 314 |
| 298 TEST_F(CloudPolicyControllerTest, DontSetFetchingDoneWithoutFetching) { | 315 TEST_F(CloudPolicyControllerTest, DontSetFetchingDoneWithoutFetching) { |
| 299 CreateNewWaitingCache(); | 316 CreateNewWaitingCache(); |
| 300 data_store_->SetupForTesting("device_token", "device_id", | 317 data_store_->SetupForTesting("device_token", "device_id", |
| 301 "who@what.com", "auth", true); | 318 "who@what.com", "auth", true); |
| 302 CreateNewController(); | 319 CreateNewController(); |
| 303 // Initialized with an oauth token, goes into TOKEN_VALID state. | 320 // Initialized with an oauth token, goes into TOKEN_VALID state. |
| 304 // This means the controller has an oauth token and should fetch the next | 321 // This means the controller has an oauth token and should fetch the next |
| 305 // token, which is the dm server register token. | 322 // token, which is the dm server register token. |
| 306 EXPECT_FALSE(cache_->IsReady()); | 323 EXPECT_FALSE(cache_->IsReady()); |
| 324 EXPECT_FALSE(ready_callback_was_invoked_); | |
| 307 } | 325 } |
| 308 | 326 |
| 309 TEST_F(CloudPolicyControllerTest, SetFetchingDoneForUnmanagedUsers) { | 327 TEST_F(CloudPolicyControllerTest, SetFetchingDoneForUnmanagedUsers) { |
| 310 CreateNewWaitingCache(); | 328 CreateNewWaitingCache(); |
| 311 data_store_->SetupForTesting("", "device_id", | 329 data_store_->SetupForTesting("", "device_id", |
| 312 "user@gmail.com", "auth", true); | 330 "user@gmail.com", "auth", true); |
| 313 CreateNewController(); | 331 CreateNewController(); |
| 314 loop_.RunAllPending(); | 332 loop_.RunAllPending(); |
| 315 // User is in an unmanaged domain. | 333 // User is in an unmanaged domain. |
| 316 EXPECT_TRUE(cache_->IsReady()); | 334 EXPECT_TRUE(cache_->IsReady()); |
| 335 EXPECT_TRUE(ready_callback_was_invoked_); | |
| 317 EXPECT_TRUE(cache_->last_policy_refresh_time().is_null()); | 336 EXPECT_TRUE(cache_->last_policy_refresh_time().is_null()); |
| 318 } | 337 } |
| 319 | 338 |
| 320 TEST_F(CloudPolicyControllerTest, SetFetchingDoneAfterPolicyFetch) { | 339 TEST_F(CloudPolicyControllerTest, SetFetchingDoneAfterPolicyFetch) { |
| 321 CreateNewWaitingCache(); | 340 CreateNewWaitingCache(); |
| 322 data_store_->SetupForTesting("device_token", "device_id", | 341 data_store_->SetupForTesting("device_token", "device_id", |
| 323 "user@enterprise.com", "auth", true); | 342 "user@enterprise.com", "auth", true); |
| 324 EXPECT_CALL(service_, | 343 EXPECT_CALL(service_, |
| 325 CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH)) | 344 CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH)) |
| 326 .WillOnce(DoAll(InvokeWithoutArgs(&loop_, &MessageLoop::QuitNow), | 345 .WillOnce(DoAll(InvokeWithoutArgs(&loop_, &MessageLoop::QuitNow), |
| 327 service_.SucceedJob(spdy_policy_response_))); | 346 service_.SucceedJob(spdy_policy_response_))); |
| 328 CreateNewController(); | 347 CreateNewController(); |
| 329 loop_.RunAllPending(); | 348 loop_.RunAllPending(); |
| 330 EXPECT_TRUE(cache_->IsReady()); | 349 EXPECT_TRUE(cache_->IsReady()); |
| 350 EXPECT_TRUE(ready_callback_was_invoked_); | |
| 331 EXPECT_FALSE(cache_->last_policy_refresh_time().is_null()); | 351 EXPECT_FALSE(cache_->last_policy_refresh_time().is_null()); |
| 332 } | 352 } |
| 333 | 353 |
| 334 TEST_F(CloudPolicyControllerTest, SetFetchingDoneAfterPolicyFetchFails) { | 354 TEST_F(CloudPolicyControllerTest, SetFetchingDoneAfterPolicyFetchFails) { |
| 335 CreateNewWaitingCache(); | 355 CreateNewWaitingCache(); |
| 336 data_store_->SetupForTesting("device_token", "device_id", | 356 data_store_->SetupForTesting("device_token", "device_id", |
| 337 "user@enterprise.com", "auth", true); | 357 "user@enterprise.com", "auth", true); |
| 338 EXPECT_CALL(service_, | 358 EXPECT_CALL(service_, |
| 339 CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH)) | 359 CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH)) |
| 340 .WillOnce(DoAll(InvokeWithoutArgs(&loop_, &MessageLoop::QuitNow), | 360 .WillOnce(DoAll(InvokeWithoutArgs(&loop_, &MessageLoop::QuitNow), |
| 341 service_.FailJob(DM_STATUS_REQUEST_FAILED))); | 361 service_.FailJob(DM_STATUS_REQUEST_FAILED))); |
| 342 CreateNewController(); | 362 CreateNewController(); |
| 343 loop_.RunAllPending(); | 363 loop_.RunAllPending(); |
| 344 EXPECT_TRUE(cache_->IsReady()); | 364 EXPECT_TRUE(cache_->IsReady()); |
| 365 EXPECT_TRUE(ready_callback_was_invoked_); | |
| 345 EXPECT_TRUE(cache_->last_policy_refresh_time().is_null()); | 366 EXPECT_TRUE(cache_->last_policy_refresh_time().is_null()); |
| 346 } | 367 } |
| 347 | 368 |
| 348 } // namespace policy | 369 } // namespace policy |
| OLD | NEW |
