1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "base/basictypes.h"
7 #include "base/message_loop/message_loop.h"
8 #include "base/run_loop.h"
9 #include "base/synchronization/waitable_event.h"
10 #include "remoting/host/dns_blackhole_checker.h"
11 #include "remoting/host/policy_hack/fake_policy_watcher.h"
12 #include "remoting/host/policy_hack/mock_policy_callback.h"
13 #include "remoting/host/policy_hack/policy_watcher.h"
14 #include "testing/gmock/include/gmock/gmock.h"
15 #include "testing/gtest/include/gtest/gtest.h"
18 namespace policy_hack
{
20 class PolicyWatcherTest
: public testing::Test
{
25 void SetUp() override
{
26 message_loop_proxy_
= base::MessageLoopProxy::current();
27 policy_updated_callback_
= base::Bind(
28 &MockPolicyCallback::OnPolicyUpdate
,
29 base::Unretained(&mock_policy_callback_
));
30 policy_error_callback_
= base::Bind(
31 &MockPolicyCallback::OnPolicyError
,
32 base::Unretained(&mock_policy_callback_
));
33 policy_watcher_
.reset(new FakePolicyWatcher(message_loop_proxy_
));
34 nat_true_
.SetBoolean(PolicyWatcher::kNatPolicyName
, true);
35 nat_false_
.SetBoolean(PolicyWatcher::kNatPolicyName
, false);
36 nat_one_
.SetInteger(PolicyWatcher::kNatPolicyName
, 1);
37 domain_empty_
.SetString(PolicyWatcher::kHostDomainPolicyName
,
39 domain_full_
.SetString(PolicyWatcher::kHostDomainPolicyName
, kHostDomain
);
40 SetDefaults(nat_true_others_default_
);
41 nat_true_others_default_
.SetBoolean(PolicyWatcher::kNatPolicyName
, true);
42 SetDefaults(nat_false_others_default_
);
43 nat_false_others_default_
.SetBoolean(PolicyWatcher::kNatPolicyName
, false);
44 SetDefaults(domain_empty_others_default_
);
45 domain_empty_others_default_
.SetString(PolicyWatcher::kHostDomainPolicyName
,
47 SetDefaults(domain_full_others_default_
);
48 domain_full_others_default_
.SetString(PolicyWatcher::kHostDomainPolicyName
,
50 nat_true_domain_empty_
.SetBoolean(PolicyWatcher::kNatPolicyName
, true);
51 nat_true_domain_empty_
.SetString(PolicyWatcher::kHostDomainPolicyName
,
53 nat_true_domain_full_
.SetBoolean(PolicyWatcher::kNatPolicyName
, true);
54 nat_true_domain_full_
.SetString(PolicyWatcher::kHostDomainPolicyName
,
56 nat_false_domain_empty_
.SetBoolean(PolicyWatcher::kNatPolicyName
, false);
57 nat_false_domain_empty_
.SetString(PolicyWatcher::kHostDomainPolicyName
,
59 nat_false_domain_full_
.SetBoolean(PolicyWatcher::kNatPolicyName
, false);
60 nat_false_domain_full_
.SetString(PolicyWatcher::kHostDomainPolicyName
,
62 SetDefaults(nat_true_domain_empty_others_default_
);
63 nat_true_domain_empty_others_default_
.SetBoolean(
64 PolicyWatcher::kNatPolicyName
, true);
65 nat_true_domain_empty_others_default_
.SetString(
66 PolicyWatcher::kHostDomainPolicyName
, std::string());
67 unknown_policies_
.SetString("UnknownPolicyOne", std::string());
68 unknown_policies_
.SetString("UnknownPolicyTwo", std::string());
70 const char kOverrideNatTraversalToFalse
[] =
71 "{ \"RemoteAccessHostFirewallTraversal\": false }";
72 nat_true_and_overridden_
.SetBoolean(PolicyWatcher::kNatPolicyName
, true);
73 nat_true_and_overridden_
.SetString(
74 PolicyWatcher::kHostDebugOverridePoliciesName
,
75 kOverrideNatTraversalToFalse
);
76 pairing_true_
.SetBoolean(PolicyWatcher::kHostAllowClientPairing
, true);
77 pairing_false_
.SetBoolean(PolicyWatcher::kHostAllowClientPairing
, false);
78 gnubby_auth_true_
.SetBoolean(PolicyWatcher::kHostAllowGnubbyAuthPolicyName
,
80 gnubby_auth_false_
.SetBoolean(PolicyWatcher::kHostAllowGnubbyAuthPolicyName
,
82 relay_true_
.SetBoolean(PolicyWatcher::kRelayPolicyName
, true);
83 relay_false_
.SetBoolean(PolicyWatcher::kRelayPolicyName
, false);
84 port_range_full_
.SetString(PolicyWatcher::kUdpPortRangePolicyName
,
86 port_range_empty_
.SetString(PolicyWatcher::kUdpPortRangePolicyName
,
90 SetDefaults(nat_false_overridden_others_default_
);
91 nat_false_overridden_others_default_
.SetBoolean(
92 PolicyWatcher::kNatPolicyName
, false);
93 nat_false_overridden_others_default_
.SetString(
94 PolicyWatcher::kHostDebugOverridePoliciesName
,
95 kOverrideNatTraversalToFalse
);
100 void StartWatching() {
101 policy_watcher_
->StartWatching(
102 policy_updated_callback_
,
103 policy_error_callback_
);
104 base::RunLoop().RunUntilIdle();
107 void StopWatching() {
108 EXPECT_CALL(*this, PostPolicyWatcherShutdown()).Times(1);
109 policy_watcher_
->StopWatching(base::Bind(
110 &PolicyWatcherTest::PostPolicyWatcherShutdown
, base::Unretained(this)));
111 base::RunLoop().RunUntilIdle();
114 MOCK_METHOD0(PostPolicyWatcherShutdown
, void());
116 static const char* kHostDomain
;
117 static const char* kPortRange
;
118 base::MessageLoop message_loop_
;
119 scoped_refptr
<base::MessageLoopProxy
> message_loop_proxy_
;
120 MockPolicyCallback mock_policy_callback_
;
121 PolicyWatcher::PolicyUpdatedCallback policy_updated_callback_
;
122 PolicyWatcher::PolicyErrorCallback policy_error_callback_
;
123 scoped_ptr
<FakePolicyWatcher
> policy_watcher_
;
124 base::DictionaryValue empty_
;
125 base::DictionaryValue nat_true_
;
126 base::DictionaryValue nat_false_
;
127 base::DictionaryValue nat_one_
;
128 base::DictionaryValue domain_empty_
;
129 base::DictionaryValue domain_full_
;
130 base::DictionaryValue nat_true_others_default_
;
131 base::DictionaryValue nat_false_others_default_
;
132 base::DictionaryValue domain_empty_others_default_
;
133 base::DictionaryValue domain_full_others_default_
;
134 base::DictionaryValue nat_true_domain_empty_
;
135 base::DictionaryValue nat_true_domain_full_
;
136 base::DictionaryValue nat_false_domain_empty_
;
137 base::DictionaryValue nat_false_domain_full_
;
138 base::DictionaryValue nat_true_domain_empty_others_default_
;
139 base::DictionaryValue unknown_policies_
;
140 base::DictionaryValue nat_true_and_overridden_
;
141 base::DictionaryValue nat_false_overridden_others_default_
;
142 base::DictionaryValue pairing_true_
;
143 base::DictionaryValue pairing_false_
;
144 base::DictionaryValue gnubby_auth_true_
;
145 base::DictionaryValue gnubby_auth_false_
;
146 base::DictionaryValue relay_true_
;
147 base::DictionaryValue relay_false_
;
148 base::DictionaryValue port_range_full_
;
149 base::DictionaryValue port_range_empty_
;
152 void SetDefaults(base::DictionaryValue
& dict
) {
153 dict
.SetBoolean(PolicyWatcher::kNatPolicyName
, true);
154 dict
.SetBoolean(PolicyWatcher::kRelayPolicyName
, true);
155 dict
.SetString(PolicyWatcher::kUdpPortRangePolicyName
, "");
156 dict
.SetBoolean(PolicyWatcher::kHostRequireTwoFactorPolicyName
, false);
157 dict
.SetString(PolicyWatcher::kHostDomainPolicyName
, std::string());
158 dict
.SetBoolean(PolicyWatcher::kHostMatchUsernamePolicyName
, false);
159 dict
.SetString(PolicyWatcher::kHostTalkGadgetPrefixPolicyName
,
160 kDefaultHostTalkGadgetPrefix
);
161 dict
.SetBoolean(PolicyWatcher::kHostRequireCurtainPolicyName
, false);
162 dict
.SetString(PolicyWatcher::kHostTokenUrlPolicyName
, std::string());
163 dict
.SetString(PolicyWatcher::kHostTokenValidationUrlPolicyName
,
165 dict
.SetString(PolicyWatcher::kHostTokenValidationCertIssuerPolicyName
,
167 dict
.SetBoolean(PolicyWatcher::kHostAllowClientPairing
, true);
168 dict
.SetBoolean(PolicyWatcher::kHostAllowGnubbyAuthPolicyName
, true);
170 dict
.SetString(PolicyWatcher::kHostDebugOverridePoliciesName
, "");
175 const char* PolicyWatcherTest::kHostDomain
= "google.com";
176 const char* PolicyWatcherTest::kPortRange
= "12400-12409";
178 MATCHER_P(IsPolicies
, dict
, "") {
179 return arg
->Equals(dict
);
182 TEST_F(PolicyWatcherTest
, None
) {
183 EXPECT_CALL(mock_policy_callback_
,
184 OnPolicyUpdatePtr(IsPolicies(&nat_true_others_default_
)));
187 policy_watcher_
->SetPolicies(&empty_
);
191 TEST_F(PolicyWatcherTest
, NatTrue
) {
192 EXPECT_CALL(mock_policy_callback_
,
193 OnPolicyUpdatePtr(IsPolicies(&nat_true_others_default_
)));
196 policy_watcher_
->SetPolicies(&nat_true_
);
200 TEST_F(PolicyWatcherTest
, NatFalse
) {
201 EXPECT_CALL(mock_policy_callback_
,
202 OnPolicyUpdatePtr(IsPolicies(&nat_false_others_default_
)));
205 policy_watcher_
->SetPolicies(&nat_false_
);
209 TEST_F(PolicyWatcherTest
, NatOne
) {
210 EXPECT_CALL(mock_policy_callback_
,
211 OnPolicyUpdatePtr(IsPolicies(&nat_false_others_default_
)));
214 policy_watcher_
->SetPolicies(&nat_one_
);
218 TEST_F(PolicyWatcherTest
, DomainEmpty
) {
219 EXPECT_CALL(mock_policy_callback_
,
220 OnPolicyUpdatePtr(IsPolicies(&domain_empty_others_default_
)));
223 policy_watcher_
->SetPolicies(&domain_empty_
);
227 TEST_F(PolicyWatcherTest
, DomainFull
) {
228 EXPECT_CALL(mock_policy_callback_
,
229 OnPolicyUpdatePtr(IsPolicies(&domain_full_others_default_
)));
232 policy_watcher_
->SetPolicies(&domain_full_
);
236 TEST_F(PolicyWatcherTest
, NatNoneThenTrue
) {
237 EXPECT_CALL(mock_policy_callback_
,
238 OnPolicyUpdatePtr(IsPolicies(&nat_true_others_default_
)));
241 policy_watcher_
->SetPolicies(&empty_
);
242 policy_watcher_
->SetPolicies(&nat_true_
);
246 TEST_F(PolicyWatcherTest
, NatNoneThenTrueThenTrue
) {
247 EXPECT_CALL(mock_policy_callback_
,
248 OnPolicyUpdatePtr(IsPolicies(&nat_true_others_default_
)));
251 policy_watcher_
->SetPolicies(&empty_
);
252 policy_watcher_
->SetPolicies(&nat_true_
);
253 policy_watcher_
->SetPolicies(&nat_true_
);
257 TEST_F(PolicyWatcherTest
, NatNoneThenTrueThenTrueThenFalse
) {
258 testing::InSequence sequence
;
259 EXPECT_CALL(mock_policy_callback_
,
260 OnPolicyUpdatePtr(IsPolicies(&nat_true_others_default_
)));
261 EXPECT_CALL(mock_policy_callback_
,
262 OnPolicyUpdatePtr(IsPolicies(&nat_false_
)));
265 policy_watcher_
->SetPolicies(&empty_
);
266 policy_watcher_
->SetPolicies(&nat_true_
);
267 policy_watcher_
->SetPolicies(&nat_true_
);
268 policy_watcher_
->SetPolicies(&nat_false_
);
272 TEST_F(PolicyWatcherTest
, NatNoneThenFalse
) {
273 testing::InSequence sequence
;
274 EXPECT_CALL(mock_policy_callback_
,
275 OnPolicyUpdatePtr(IsPolicies(&nat_true_others_default_
)));
276 EXPECT_CALL(mock_policy_callback_
,
277 OnPolicyUpdatePtr(IsPolicies(&nat_false_
)));
280 policy_watcher_
->SetPolicies(&empty_
);
281 policy_watcher_
->SetPolicies(&nat_false_
);
285 TEST_F(PolicyWatcherTest
, NatNoneThenFalseThenTrue
) {
286 testing::InSequence sequence
;
287 EXPECT_CALL(mock_policy_callback_
,
288 OnPolicyUpdatePtr(IsPolicies(&nat_true_others_default_
)));
289 EXPECT_CALL(mock_policy_callback_
,
290 OnPolicyUpdatePtr(IsPolicies(&nat_false_
)));
291 EXPECT_CALL(mock_policy_callback_
,
292 OnPolicyUpdatePtr(IsPolicies(&nat_true_
)));
295 policy_watcher_
->SetPolicies(&empty_
);
296 policy_watcher_
->SetPolicies(&nat_false_
);
297 policy_watcher_
->SetPolicies(&nat_true_
);
301 TEST_F(PolicyWatcherTest
, ChangeOneRepeatedlyThenTwo
) {
302 testing::InSequence sequence
;
303 EXPECT_CALL(mock_policy_callback_
,
304 OnPolicyUpdatePtr(IsPolicies(
305 &nat_true_domain_empty_others_default_
)));
306 EXPECT_CALL(mock_policy_callback_
,
307 OnPolicyUpdatePtr(IsPolicies(&domain_full_
)));
308 EXPECT_CALL(mock_policy_callback_
,
309 OnPolicyUpdatePtr(IsPolicies(&nat_false_
)));
310 EXPECT_CALL(mock_policy_callback_
,
311 OnPolicyUpdatePtr(IsPolicies(&domain_empty_
)));
312 EXPECT_CALL(mock_policy_callback_
,
313 OnPolicyUpdatePtr(IsPolicies(&nat_true_domain_full_
)));
316 policy_watcher_
->SetPolicies(&nat_true_domain_empty_
);
317 policy_watcher_
->SetPolicies(&nat_true_domain_full_
);
318 policy_watcher_
->SetPolicies(&nat_false_domain_full_
);
319 policy_watcher_
->SetPolicies(&nat_false_domain_empty_
);
320 policy_watcher_
->SetPolicies(&nat_true_domain_full_
);
324 TEST_F(PolicyWatcherTest
, FilterUnknownPolicies
) {
325 testing::InSequence sequence
;
326 EXPECT_CALL(mock_policy_callback_
,
327 OnPolicyUpdatePtr(IsPolicies(&nat_true_others_default_
)));
330 policy_watcher_
->SetPolicies(&empty_
);
331 policy_watcher_
->SetPolicies(&unknown_policies_
);
332 policy_watcher_
->SetPolicies(&empty_
);
336 TEST_F(PolicyWatcherTest
, DebugOverrideNatPolicy
) {
338 EXPECT_CALL(mock_policy_callback_
,
339 OnPolicyUpdatePtr(IsPolicies(&nat_false_overridden_others_default_
)));
341 EXPECT_CALL(mock_policy_callback_
,
342 OnPolicyUpdatePtr(IsPolicies(&nat_true_others_default_
)));
346 policy_watcher_
->SetPolicies(&nat_true_and_overridden_
);
350 TEST_F(PolicyWatcherTest
, PairingFalseThenTrue
) {
351 testing::InSequence sequence
;
352 EXPECT_CALL(mock_policy_callback_
,
353 OnPolicyUpdatePtr(IsPolicies(&nat_true_others_default_
)));
354 EXPECT_CALL(mock_policy_callback_
,
355 OnPolicyUpdatePtr(IsPolicies(&pairing_false_
)));
356 EXPECT_CALL(mock_policy_callback_
,
357 OnPolicyUpdatePtr(IsPolicies(&pairing_true_
)));
360 policy_watcher_
->SetPolicies(&empty_
);
361 policy_watcher_
->SetPolicies(&pairing_false_
);
362 policy_watcher_
->SetPolicies(&pairing_true_
);
366 TEST_F(PolicyWatcherTest
, GnubbyAuth
) {
367 testing::InSequence sequence
;
368 EXPECT_CALL(mock_policy_callback_
,
369 OnPolicyUpdatePtr(IsPolicies(&nat_true_others_default_
)));
370 EXPECT_CALL(mock_policy_callback_
,
371 OnPolicyUpdatePtr(IsPolicies(&gnubby_auth_false_
)));
372 EXPECT_CALL(mock_policy_callback_
,
373 OnPolicyUpdatePtr(IsPolicies(&gnubby_auth_true_
)));
376 policy_watcher_
->SetPolicies(&empty_
);
377 policy_watcher_
->SetPolicies(&gnubby_auth_false_
);
378 policy_watcher_
->SetPolicies(&gnubby_auth_true_
);
382 TEST_F(PolicyWatcherTest
, Relay
) {
383 testing::InSequence sequence
;
384 EXPECT_CALL(mock_policy_callback_
,
385 OnPolicyUpdatePtr(IsPolicies(&nat_true_others_default_
)));
386 EXPECT_CALL(mock_policy_callback_
,
387 OnPolicyUpdatePtr(IsPolicies(&relay_false_
)));
388 EXPECT_CALL(mock_policy_callback_
,
389 OnPolicyUpdatePtr(IsPolicies(&relay_true_
)));
392 policy_watcher_
->SetPolicies(&empty_
);
393 policy_watcher_
->SetPolicies(&relay_false_
);
394 policy_watcher_
->SetPolicies(&relay_true_
);
398 TEST_F(PolicyWatcherTest
, UdpPortRange
) {
399 testing::InSequence sequence
;
400 EXPECT_CALL(mock_policy_callback_
,
401 OnPolicyUpdatePtr(IsPolicies(&nat_true_others_default_
)));
402 EXPECT_CALL(mock_policy_callback_
,
403 OnPolicyUpdatePtr(IsPolicies(&port_range_full_
)));
404 EXPECT_CALL(mock_policy_callback_
,
405 OnPolicyUpdatePtr(IsPolicies(&port_range_empty_
)));
408 policy_watcher_
->SetPolicies(&empty_
);
409 policy_watcher_
->SetPolicies(&port_range_full_
);
410 policy_watcher_
->SetPolicies(&port_range_empty_
);
414 const int kMaxTransientErrorRetries
= 5;
416 TEST_F(PolicyWatcherTest
, SingleTransientErrorDoesntTriggerErrorCallback
) {
417 EXPECT_CALL(mock_policy_callback_
, OnPolicyErrorPtr()).Times(0);
420 policy_watcher_
->SignalTransientErrorForTest();
424 TEST_F(PolicyWatcherTest
, MultipleTransientErrorsTriggerErrorCallback
) {
425 EXPECT_CALL(mock_policy_callback_
, OnPolicyErrorPtr());
428 for (int i
= 0; i
< kMaxTransientErrorRetries
; i
++) {
429 policy_watcher_
->SignalTransientErrorForTest();
434 TEST_F(PolicyWatcherTest
, PolicyUpdateResetsTransientErrorsCounter
) {
435 testing::InSequence s
;
436 EXPECT_CALL(mock_policy_callback_
,
437 OnPolicyUpdatePtr(IsPolicies(&nat_true_others_default_
)));
438 EXPECT_CALL(mock_policy_callback_
, OnPolicyErrorPtr()).Times(0);
441 for (int i
= 0; i
< (kMaxTransientErrorRetries
- 1); i
++) {
442 policy_watcher_
->SignalTransientErrorForTest();
444 policy_watcher_
->SetPolicies(&nat_true_
);
445 for (int i
= 0; i
< (kMaxTransientErrorRetries
- 1); i
++) {
446 policy_watcher_
->SignalTransientErrorForTest();
451 } // namespace policy_hack
452 } // namespace remoting
