chrome/browser/chromeos/settings/session_manager_operation_unittest.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "chrome/browser/chromeos/settings/session_manager_operation.h"
   6
   7 #include <string>
   8 #include <vector>
   9
  10 #include "base/basictypes.h"
  11 #include "base/bind.h"
  12 #include "base/bind_helpers.h"
  13 #include "base/memory/ref_counted.h"
  14 #include "base/memory/scoped_ptr.h"
  15 #include "base/message_loop/message_loop.h"
  16 #include "base/time/time.h"
  17 #include "chrome/browser/chromeos/login/users/scoped_user_manager_enabler.h"
  18 #include "chrome/browser/chromeos/ownership/owner_settings_service_chromeos.h"
  19 #include "chrome/browser/chromeos/ownership/owner_settings_service_chromeos_factory.h"
  20 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h"
  21 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h"
  22 #include "chrome/test/base/testing_profile.h"
  23 #include "components/ownership/mock_owner_key_util.h"
  24 #include "components/policy/core/common/cloud/cloud_policy_constants.h"
  25 #include "components/policy/core/common/cloud/cloud_policy_validator.h"
  26 #include "components/policy/core/common/cloud/policy_builder.h"
  27 #include "components/user_manager/fake_user_manager.h"
  28 #include "content/public/test/test_browser_thread.h"
  29 #include "content/public/test/test_utils.h"
  30 #include "crypto/rsa_private_key.h"
  31 #include "policy/proto/device_management_backend.pb.h"
  32 #include "testing/gmock/include/gmock/gmock.h"
  33 #include "testing/gtest/include/gtest/gtest.h"
  34
  35 namespace em = enterprise_management;
  36
  37 using testing::Mock;
  38 using testing::_;
  39
  40 namespace chromeos {
  41
  42 class SessionManagerOperationTest : public testing::Test {
  43  public:
  44   SessionManagerOperationTest()
  45       : ui_thread_(content::BrowserThread::UI, &message_loop_),
  46         file_thread_(content::BrowserThread::FILE, &message_loop_),
  47         owner_key_util_(new ownership::MockOwnerKeyUtil()),
  48         user_manager_(new user_manager::FakeUserManager()),
  49         user_manager_enabler_(user_manager_),
  50         validated_(false) {
  51     OwnerSettingsServiceChromeOSFactory::GetInstance()
  52         ->SetOwnerKeyUtilForTesting(owner_key_util_);
  53   }
  54
  55   virtual void SetUp() override {
  56     policy_.payload().mutable_user_whitelist()->add_user_whitelist(
  57         "fake-whitelist");
  58     policy_.Build();
  59
  60     profile_.reset(new TestingProfile());
  61     service_ = OwnerSettingsServiceChromeOSFactory::GetForBrowserContext(
  62         profile_.get());
  63   }
  64
  65   MOCK_METHOD2(OnOperationCompleted,
  66                void(SessionManagerOperation*, DeviceSettingsService::Status));
  67
  68   void CheckSuccessfulValidation(
  69       policy::DeviceCloudPolicyValidator* validator) {
  70     EXPECT_TRUE(validator->success());
  71     EXPECT_TRUE(validator->payload().get());
  72     EXPECT_EQ(validator->payload()->SerializeAsString(),
  73               policy_.payload().SerializeAsString());
  74     validated_ = true;
  75   }
  76
  77   void CheckPublicKeyLoaded(SessionManagerOperation* op) {
  78     ASSERT_TRUE(op->public_key().get());
  79     ASSERT_TRUE(op->public_key()->is_loaded());
  80     std::vector<uint8> public_key;
  81     ASSERT_TRUE(policy_.GetSigningKey()->ExportPublicKey(&public_key));
  82     EXPECT_EQ(public_key, op->public_key()->data());
  83   }
  84
  85  protected:
  86   base::MessageLoop message_loop_;
  87   content::TestBrowserThread ui_thread_;
  88   content::TestBrowserThread file_thread_;
  89
  90   policy::DevicePolicyBuilder policy_;
  91   DeviceSettingsTestHelper device_settings_test_helper_;
  92   scoped_refptr<ownership::MockOwnerKeyUtil> owner_key_util_;
  93
  94   user_manager::FakeUserManager* user_manager_;
  95   ScopedUserManagerEnabler user_manager_enabler_;
  96
  97   scoped_ptr<TestingProfile> profile_;
  98   OwnerSettingsServiceChromeOS* service_;
  99
 100   bool validated_;
 101
 102  private:
 103   DISALLOW_COPY_AND_ASSIGN(SessionManagerOperationTest);
 104 };
 105
 106 TEST_F(SessionManagerOperationTest, LoadNoPolicyNoKey) {
 107   LoadSettingsOperation op(
 108       base::Bind(&SessionManagerOperationTest::OnOperationCompleted,
 109                  base::Unretained(this)));
 110
 111   EXPECT_CALL(*this,
 112               OnOperationCompleted(
 113                   &op, DeviceSettingsService::STORE_KEY_UNAVAILABLE));
 114   op.Start(&device_settings_test_helper_, owner_key_util_, NULL);
 115   device_settings_test_helper_.Flush();
 116   Mock::VerifyAndClearExpectations(this);
 117
 118   EXPECT_FALSE(op.policy_data().get());
 119   EXPECT_FALSE(op.device_settings().get());
 120   ASSERT_TRUE(op.public_key().get());
 121   EXPECT_FALSE(op.public_key()->is_loaded());
 122 }
 123
 124 TEST_F(SessionManagerOperationTest, LoadOwnerKey) {
 125   owner_key_util_->SetPublicKeyFromPrivateKey(*policy_.GetSigningKey());
 126   LoadSettingsOperation op(
 127       base::Bind(&SessionManagerOperationTest::OnOperationCompleted,
 128                  base::Unretained(this)));
 129
 130   EXPECT_CALL(*this,
 131               OnOperationCompleted(
 132                   &op, DeviceSettingsService::STORE_NO_POLICY));
 133   op.Start(&device_settings_test_helper_, owner_key_util_, NULL);
 134   device_settings_test_helper_.Flush();
 135   Mock::VerifyAndClearExpectations(this);
 136
 137   CheckPublicKeyLoaded(&op);
 138 }
 139
 140 TEST_F(SessionManagerOperationTest, LoadPolicy) {
 141   owner_key_util_->SetPublicKeyFromPrivateKey(*policy_.GetSigningKey());
 142   device_settings_test_helper_.set_policy_blob(policy_.GetBlob());
 143   LoadSettingsOperation op(
 144       base::Bind(&SessionManagerOperationTest::OnOperationCompleted,
 145                  base::Unretained(this)));
 146
 147   EXPECT_CALL(*this,
 148               OnOperationCompleted(
 149                   &op, DeviceSettingsService::STORE_SUCCESS));
 150   op.Start(&device_settings_test_helper_, owner_key_util_, NULL);
 151   device_settings_test_helper_.Flush();
 152   Mock::VerifyAndClearExpectations(this);
 153
 154   ASSERT_TRUE(op.policy_data().get());
 155   EXPECT_EQ(policy_.policy_data().SerializeAsString(),
 156             op.policy_data()->SerializeAsString());
 157   ASSERT_TRUE(op.device_settings().get());
 158   EXPECT_EQ(policy_.payload().SerializeAsString(),
 159             op.device_settings()->SerializeAsString());
 160 }
 161
 162 TEST_F(SessionManagerOperationTest, RestartLoad) {
 163   owner_key_util_->SetPrivateKey(policy_.GetSigningKey());
 164   device_settings_test_helper_.set_policy_blob(policy_.GetBlob());
 165   LoadSettingsOperation op(
 166       base::Bind(&SessionManagerOperationTest::OnOperationCompleted,
 167                  base::Unretained(this)));
 168
 169   EXPECT_CALL(*this, OnOperationCompleted(&op, _)).Times(0);
 170   op.Start(&device_settings_test_helper_, owner_key_util_, NULL);
 171   content::RunAllBlockingPoolTasksUntilIdle();
 172   device_settings_test_helper_.FlushRetrieve();
 173   EXPECT_TRUE(op.public_key().get());
 174   EXPECT_TRUE(op.public_key()->is_loaded());
 175   Mock::VerifyAndClearExpectations(this);
 176
 177   // Now install a different key and policy and restart the operation.
 178   policy_.SetSigningKey(*policy::PolicyBuilder::CreateTestOtherSigningKey());
 179   policy_.payload().mutable_metrics_enabled()->set_metrics_enabled(true);
 180   policy_.Build();
 181   device_settings_test_helper_.set_policy_blob(policy_.GetBlob());
 182   owner_key_util_->SetPrivateKey(policy_.GetSigningKey());
 183
 184   EXPECT_CALL(*this,
 185               OnOperationCompleted(
 186                   &op, DeviceSettingsService::STORE_SUCCESS));
 187   op.RestartLoad(true);
 188   device_settings_test_helper_.Flush();
 189   Mock::VerifyAndClearExpectations(this);
 190
 191   // Check that the new keys have been loaded.
 192   CheckPublicKeyLoaded(&op);
 193
 194   // Verify the new policy.
 195   ASSERT_TRUE(op.policy_data().get());
 196   EXPECT_EQ(policy_.policy_data().SerializeAsString(),
 197             op.policy_data()->SerializeAsString());
 198   ASSERT_TRUE(op.device_settings().get());
 199   EXPECT_EQ(policy_.payload().SerializeAsString(),
 200             op.device_settings()->SerializeAsString());
 201 }
 202
 203 TEST_F(SessionManagerOperationTest, StoreSettings) {
 204   owner_key_util_->SetPublicKeyFromPrivateKey(*policy_.GetSigningKey());
 205   StoreSettingsOperation op(
 206       base::Bind(&SessionManagerOperationTest::OnOperationCompleted,
 207                  base::Unretained(this)),
 208       policy_.GetCopy());
 209
 210   EXPECT_CALL(*this,
 211               OnOperationCompleted(
 212                   &op, DeviceSettingsService::STORE_SUCCESS));
 213   op.Start(&device_settings_test_helper_, owner_key_util_, NULL);
 214   device_settings_test_helper_.Flush();
 215   Mock::VerifyAndClearExpectations(this);
 216
 217   EXPECT_EQ(device_settings_test_helper_.policy_blob(),
 218             policy_.GetBlob());
 219   ASSERT_TRUE(op.policy_data().get());
 220   EXPECT_EQ(policy_.policy_data().SerializeAsString(),
 221             op.policy_data()->SerializeAsString());
 222   ASSERT_TRUE(op.device_settings().get());
 223   EXPECT_EQ(policy_.payload().SerializeAsString(),
 224             op.device_settings()->SerializeAsString());
 225 }
 226
 227 }  // namespace chromeos