Add new certificateProvider extension API.
[chromium-blink-merge.git] / chrome / browser / chromeos / settings / device_settings_provider_unittest.cc
blobe02000cb55667939bea3334d9a10f28f836f6258
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/chromeos/settings/device_settings_provider.h"
7 #include <string>
9 #include "base/bind.h"
10 #include "base/callback.h"
11 #include "base/files/file_util.h"
12 #include "base/path_service.h"
13 #include "base/test/scoped_path_override.h"
14 #include "base/values.h"
15 #include "chrome/browser/chromeos/policy/device_local_account.h"
16 #include "chrome/browser/chromeos/policy/device_policy_builder.h"
17 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h"
18 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h"
19 #include "chrome/common/chrome_paths.h"
20 #include "chrome/test/base/scoped_testing_local_state.h"
21 #include "chrome/test/base/testing_browser_process.h"
22 #include "chrome/test/base/testing_profile.h"
23 #include "chromeos/settings/cros_settings_names.h"
24 #include "components/user_manager/fake_user_manager.h"
25 #include "components/user_manager/user.h"
26 #include "policy/proto/device_management_backend.pb.h"
27 #include "testing/gmock/include/gmock/gmock.h"
28 #include "testing/gtest/include/gtest/gtest.h"
30 namespace em = enterprise_management;
32 namespace chromeos {
34 using ::testing::AtLeast;
35 using ::testing::AnyNumber;
36 using ::testing::Mock;
37 using ::testing::_;
39 namespace {
41 const char kDisabledMessage[] = "This device has been disabled.";
43 } // namespace
45 class DeviceSettingsProviderTest : public DeviceSettingsTestBase {
46 public:
47 MOCK_METHOD1(SettingChanged, void(const std::string&));
48 MOCK_METHOD0(GetTrustedCallback, void(void));
50 protected:
51 DeviceSettingsProviderTest()
52 : local_state_(TestingBrowserProcess::GetGlobal()),
53 user_data_dir_override_(chrome::DIR_USER_DATA) {}
55 void SetUp() override {
56 DeviceSettingsTestBase::SetUp();
58 EXPECT_CALL(*this, SettingChanged(_)).Times(AnyNumber());
59 provider_.reset(
60 new DeviceSettingsProvider(
61 base::Bind(&DeviceSettingsProviderTest::SettingChanged,
62 base::Unretained(this)),
63 &device_settings_service_));
64 Mock::VerifyAndClearExpectations(this);
67 void TearDown() override { DeviceSettingsTestBase::TearDown(); }
69 // Helper routine to enable/disable all reporting settings in policy.
70 void SetReportingSettings(bool enable_reporting, int frequency) {
71 EXPECT_CALL(*this, SettingChanged(_)).Times(AtLeast(1));
72 em::DeviceReportingProto* proto =
73 device_policy_.payload().mutable_device_reporting();
74 proto->set_report_version_info(enable_reporting);
75 proto->set_report_activity_times(enable_reporting);
76 proto->set_report_boot_mode(enable_reporting);
77 proto->set_report_location(enable_reporting);
78 proto->set_report_network_interfaces(enable_reporting);
79 proto->set_report_users(enable_reporting);
80 proto->set_report_hardware_status(enable_reporting);
81 proto->set_report_session_status(enable_reporting);
82 proto->set_device_status_frequency(frequency);
83 device_policy_.Build();
84 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
85 ReloadDeviceSettings();
86 Mock::VerifyAndClearExpectations(this);
89 // Helper routine to enable/disable all reporting settings in policy.
90 void SetHeartbeatSettings(bool enable_heartbeat, int frequency) {
91 EXPECT_CALL(*this, SettingChanged(_)).Times(AtLeast(1));
92 em::DeviceHeartbeatSettingsProto* proto =
93 device_policy_.payload().mutable_device_heartbeat_settings();
94 proto->set_heartbeat_enabled(enable_heartbeat);
95 proto->set_heartbeat_frequency(frequency);
96 device_policy_.Build();
97 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
98 ReloadDeviceSettings();
99 Mock::VerifyAndClearExpectations(this);
102 // Helper routine to enable/disable log upload settings in policy.
103 void SetLogUploadSettings(bool enable_system_log_upload) {
104 EXPECT_CALL(*this, SettingChanged(_)).Times(AtLeast(1));
105 em::DeviceLogUploadSettingsProto* proto =
106 device_policy_.payload().mutable_device_log_upload_settings();
107 proto->set_system_log_upload_enabled(enable_system_log_upload);
108 device_policy_.Build();
109 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
110 ReloadDeviceSettings();
111 Mock::VerifyAndClearExpectations(this);
114 // Helper routine to ensure all heartbeat policies have been correctly
115 // decoded.
116 void VerifyHeartbeatSettings(bool expected_enable_state,
117 int expected_frequency) {
119 const base::FundamentalValue expected_enabled_value(expected_enable_state);
120 EXPECT_TRUE(base::Value::Equals(provider_->Get(kHeartbeatEnabled),
121 &expected_enabled_value));
123 const base::FundamentalValue expected_frequency_value(expected_frequency);
124 EXPECT_TRUE(base::Value::Equals(provider_->Get(kHeartbeatFrequency),
125 &expected_frequency_value));
128 // Helper routine to ensure all reporting policies have been correctly
129 // decoded.
130 void VerifyReportingSettings(bool expected_enable_state,
131 int expected_frequency) {
132 const char* reporting_settings[] = {
133 kReportDeviceVersionInfo,
134 kReportDeviceActivityTimes,
135 kReportDeviceBootMode,
136 // Device location reporting is not currently supported.
137 // kReportDeviceLocation,
138 kReportDeviceNetworkInterfaces,
139 kReportDeviceUsers,
140 kReportDeviceHardwareStatus,
141 kReportDeviceSessionStatus
144 const base::FundamentalValue expected_enable_value(expected_enable_state);
145 for (const auto& setting : reporting_settings) {
146 EXPECT_TRUE(base::Value::Equals(provider_->Get(setting),
147 &expected_enable_value))
148 << "Value for " << setting << " does not match expected";
150 const base::FundamentalValue expected_frequency_value(expected_frequency);
151 EXPECT_TRUE(base::Value::Equals(provider_->Get(kReportUploadFrequency),
152 &expected_frequency_value));
155 // Helper routine to ensure log upload policy has been correctly
156 // decoded.
157 void VerifyLogUploadSettings(bool expected_enable_state) {
158 const base::FundamentalValue expected_enabled_value(expected_enable_state);
159 EXPECT_TRUE(base::Value::Equals(provider_->Get(kSystemLogUploadEnabled),
160 &expected_enabled_value));
163 // Helper routine to set LoginScreenDomainAutoComplete policy.
164 void SetDomainAutoComplete(const std::string& domain) {
165 EXPECT_CALL(*this, SettingChanged(_)).Times(AtLeast(1));
166 em::LoginScreenDomainAutoCompleteProto* proto =
167 device_policy_.payload().mutable_login_screen_domain_auto_complete();
168 proto->set_login_screen_domain_auto_complete(domain);
169 device_policy_.Build();
170 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
171 ReloadDeviceSettings();
172 Mock::VerifyAndClearExpectations(this);
175 // Helper routine to check value of the LoginScreenDomainAutoComplete policy.
176 void VerifyDomainAutoComplete(
177 const base::StringValue* const ptr_to_expected_value) {
178 EXPECT_TRUE(base::Value::Equals(
179 provider_->Get(kAccountsPrefLoginScreenDomainAutoComplete),
180 ptr_to_expected_value));
183 ScopedTestingLocalState local_state_;
185 scoped_ptr<DeviceSettingsProvider> provider_;
187 base::ScopedPathOverride user_data_dir_override_;
189 private:
190 DISALLOW_COPY_AND_ASSIGN(DeviceSettingsProviderTest);
193 TEST_F(DeviceSettingsProviderTest, InitializationTest) {
194 // Have the service load a settings blob.
195 EXPECT_CALL(*this, SettingChanged(_)).Times(AnyNumber());
196 ReloadDeviceSettings();
197 Mock::VerifyAndClearExpectations(this);
199 // Verify that the policy blob has been correctly parsed and trusted.
200 // The trusted flag should be set before the call to PrepareTrustedValues.
201 EXPECT_EQ(CrosSettingsProvider::TRUSTED,
202 provider_->PrepareTrustedValues(base::Closure()));
203 const base::Value* value = provider_->Get(kStatsReportingPref);
204 ASSERT_TRUE(value);
205 bool bool_value;
206 EXPECT_TRUE(value->GetAsBoolean(&bool_value));
207 EXPECT_FALSE(bool_value);
210 TEST_F(DeviceSettingsProviderTest, InitializationTestUnowned) {
211 // Have the service check the key.
212 owner_key_util_->Clear();
213 ReloadDeviceSettings();
215 // The trusted flag should be set before the call to PrepareTrustedValues.
216 EXPECT_EQ(CrosSettingsProvider::TRUSTED,
217 provider_->PrepareTrustedValues(base::Closure()));
218 const base::Value* value = provider_->Get(kReleaseChannel);
219 ASSERT_TRUE(value);
220 std::string string_value;
221 EXPECT_TRUE(value->GetAsString(&string_value));
222 EXPECT_TRUE(string_value.empty());
224 // Sets should succeed though and be readable from the cache.
225 EXPECT_CALL(*this, SettingChanged(_)).Times(AnyNumber());
226 EXPECT_CALL(*this, SettingChanged(kReleaseChannel)).Times(1);
227 base::StringValue new_value("stable-channel");
228 provider_->Set(kReleaseChannel, new_value);
229 Mock::VerifyAndClearExpectations(this);
231 // This shouldn't trigger a write.
232 device_settings_test_helper_.set_policy_blob(std::string());
233 FlushDeviceSettings();
234 EXPECT_EQ(std::string(), device_settings_test_helper_.policy_blob());
236 // Verify the change has been applied.
237 const base::Value* saved_value = provider_->Get(kReleaseChannel);
238 ASSERT_TRUE(saved_value);
239 EXPECT_TRUE(saved_value->GetAsString(&string_value));
240 ASSERT_EQ("stable-channel", string_value);
243 TEST_F(DeviceSettingsProviderTest, SetPrefFailed) {
244 // If we are not the owner no sets should work.
245 base::FundamentalValue value(true);
246 EXPECT_CALL(*this, SettingChanged(kStatsReportingPref)).Times(1);
247 provider_->Set(kStatsReportingPref, value);
248 Mock::VerifyAndClearExpectations(this);
250 // This shouldn't trigger a write.
251 device_settings_test_helper_.set_policy_blob(std::string());
252 FlushDeviceSettings();
253 EXPECT_EQ(std::string(), device_settings_test_helper_.policy_blob());
255 // Verify the change has not been applied.
256 const base::Value* saved_value = provider_->Get(kStatsReportingPref);
257 ASSERT_TRUE(saved_value);
258 bool bool_value;
259 EXPECT_TRUE(saved_value->GetAsBoolean(&bool_value));
260 EXPECT_FALSE(bool_value);
263 TEST_F(DeviceSettingsProviderTest, SetPrefSucceed) {
264 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
265 InitOwner(device_policy_.policy_data().username(), true);
266 FlushDeviceSettings();
268 base::FundamentalValue value(true);
269 EXPECT_CALL(*this, SettingChanged(_)).Times(AnyNumber());
270 EXPECT_CALL(*this, SettingChanged(kStatsReportingPref)).Times(1);
271 provider_->Set(kStatsReportingPref, value);
272 Mock::VerifyAndClearExpectations(this);
274 // Process the store.
275 device_settings_test_helper_.set_policy_blob(std::string());
276 FlushDeviceSettings();
278 // Verify that the device policy has been adjusted.
279 ASSERT_TRUE(device_settings_service_.device_settings());
280 EXPECT_TRUE(device_settings_service_.device_settings()->
281 metrics_enabled().metrics_enabled());
283 // Verify the change has been applied.
284 const base::Value* saved_value = provider_->Get(kStatsReportingPref);
285 ASSERT_TRUE(saved_value);
286 bool bool_value;
287 EXPECT_TRUE(saved_value->GetAsBoolean(&bool_value));
288 EXPECT_TRUE(bool_value);
291 TEST_F(DeviceSettingsProviderTest, SetPrefTwice) {
292 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
293 InitOwner(device_policy_.policy_data().username(), true);
294 FlushDeviceSettings();
296 EXPECT_CALL(*this, SettingChanged(_)).Times(AnyNumber());
298 base::StringValue value1("beta");
299 provider_->Set(kReleaseChannel, value1);
300 base::StringValue value2("dev");
301 provider_->Set(kReleaseChannel, value2);
303 // Let the changes propagate through the system.
304 device_settings_test_helper_.set_policy_blob(std::string());
305 FlushDeviceSettings();
307 // Verify the second change has been applied.
308 const base::Value* saved_value = provider_->Get(kReleaseChannel);
309 EXPECT_TRUE(value2.Equals(saved_value));
311 Mock::VerifyAndClearExpectations(this);
314 TEST_F(DeviceSettingsProviderTest, PolicyRetrievalFailedBadSignature) {
315 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
316 device_policy_.policy().set_policy_data_signature("bad signature");
317 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
318 ReloadDeviceSettings();
320 // Verify that the cached settings blob is not "trusted".
321 EXPECT_EQ(DeviceSettingsService::STORE_VALIDATION_ERROR,
322 device_settings_service_.status());
323 EXPECT_EQ(CrosSettingsProvider::PERMANENTLY_UNTRUSTED,
324 provider_->PrepareTrustedValues(base::Closure()));
327 TEST_F(DeviceSettingsProviderTest, PolicyRetrievalNoPolicy) {
328 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
329 device_settings_test_helper_.set_policy_blob(std::string());
330 ReloadDeviceSettings();
332 // Verify that the cached settings blob is not "trusted".
333 EXPECT_EQ(DeviceSettingsService::STORE_NO_POLICY,
334 device_settings_service_.status());
335 EXPECT_EQ(CrosSettingsProvider::PERMANENTLY_UNTRUSTED,
336 provider_->PrepareTrustedValues(base::Closure()));
339 TEST_F(DeviceSettingsProviderTest, PolicyFailedPermanentlyNotification) {
340 device_settings_test_helper_.set_policy_blob(std::string());
342 EXPECT_CALL(*this, GetTrustedCallback());
343 EXPECT_EQ(CrosSettingsProvider::TEMPORARILY_UNTRUSTED,
344 provider_->PrepareTrustedValues(
345 base::Bind(&DeviceSettingsProviderTest::GetTrustedCallback,
346 base::Unretained(this))));
348 ReloadDeviceSettings();
349 Mock::VerifyAndClearExpectations(this);
351 EXPECT_EQ(CrosSettingsProvider::PERMANENTLY_UNTRUSTED,
352 provider_->PrepareTrustedValues(base::Closure()));
355 TEST_F(DeviceSettingsProviderTest, PolicyLoadNotification) {
356 EXPECT_CALL(*this, GetTrustedCallback());
358 EXPECT_EQ(CrosSettingsProvider::TEMPORARILY_UNTRUSTED,
359 provider_->PrepareTrustedValues(
360 base::Bind(&DeviceSettingsProviderTest::GetTrustedCallback,
361 base::Unretained(this))));
363 ReloadDeviceSettings();
364 Mock::VerifyAndClearExpectations(this);
367 TEST_F(DeviceSettingsProviderTest, StatsReportingMigration) {
368 // Create the legacy consent file.
369 base::FilePath consent_file;
370 ASSERT_TRUE(PathService::Get(chrome::DIR_USER_DATA, &consent_file));
371 consent_file = consent_file.AppendASCII("Consent To Send Stats");
372 ASSERT_EQ(1, base::WriteFile(consent_file, "0", 1));
374 // This should trigger migration because the metrics policy isn't in the blob.
375 device_settings_test_helper_.set_policy_blob(std::string());
376 FlushDeviceSettings();
377 EXPECT_EQ(std::string(), device_settings_test_helper_.policy_blob());
379 // Verify that migration has kicked in.
380 const base::Value* saved_value = provider_->Get(kStatsReportingPref);
381 ASSERT_TRUE(saved_value);
382 bool bool_value;
383 EXPECT_TRUE(saved_value->GetAsBoolean(&bool_value));
384 EXPECT_FALSE(bool_value);
387 TEST_F(DeviceSettingsProviderTest, LegacyDeviceLocalAccounts) {
388 EXPECT_CALL(*this, SettingChanged(_)).Times(AnyNumber());
389 em::DeviceLocalAccountInfoProto* account =
390 device_policy_.payload().mutable_device_local_accounts()->add_account();
391 account->set_deprecated_public_session_id(
392 policy::PolicyBuilder::kFakeUsername);
393 device_policy_.Build();
394 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
395 ReloadDeviceSettings();
396 Mock::VerifyAndClearExpectations(this);
398 // On load, the deprecated spec should have been converted to the new format.
399 base::ListValue expected_accounts;
400 scoped_ptr<base::DictionaryValue> entry_dict(new base::DictionaryValue());
401 entry_dict->SetString(kAccountsPrefDeviceLocalAccountsKeyId,
402 policy::PolicyBuilder::kFakeUsername);
403 entry_dict->SetInteger(kAccountsPrefDeviceLocalAccountsKeyType,
404 policy::DeviceLocalAccount::TYPE_PUBLIC_SESSION);
405 expected_accounts.Append(entry_dict.release());
406 const base::Value* actual_accounts =
407 provider_->Get(kAccountsPrefDeviceLocalAccounts);
408 EXPECT_TRUE(base::Value::Equals(&expected_accounts, actual_accounts));
411 TEST_F(DeviceSettingsProviderTest, OwnerIsStillSetWhenDeviceIsConsumerManaged) {
412 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
413 InitOwner(device_policy_.policy_data().username(), true);
414 device_policy_.policy_data().set_management_mode(
415 em::PolicyData::CONSUMER_MANAGED);
416 device_policy_.policy_data().set_request_token("test request token");
417 device_policy_.Build();
418 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
419 FlushDeviceSettings();
421 // Expect that kDeviceOwner is not empty.
422 const base::Value* value = provider_->Get(kDeviceOwner);
423 ASSERT_TRUE(value);
424 std::string string_value;
425 EXPECT_TRUE(value->GetAsString(&string_value));
426 EXPECT_FALSE(string_value.empty());
429 TEST_F(DeviceSettingsProviderTest, DecodeDeviceState) {
430 EXPECT_CALL(*this, SettingChanged(_)).Times(AtLeast(1));
431 device_policy_.policy_data().mutable_device_state()->set_device_mode(
432 em::DeviceState::DEVICE_MODE_DISABLED);
433 device_policy_.policy_data().mutable_device_state()->
434 mutable_disabled_state()->set_message(kDisabledMessage);
435 device_policy_.Build();
436 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
437 ReloadDeviceSettings();
438 Mock::VerifyAndClearExpectations(this);
440 // Verify that the device state has been decoded correctly.
441 const base::FundamentalValue expected_disabled_value(true);
442 EXPECT_TRUE(base::Value::Equals(provider_->Get(kDeviceDisabled),
443 &expected_disabled_value));
444 const base::StringValue expected_disabled_message_value(kDisabledMessage);
445 EXPECT_TRUE(base::Value::Equals(provider_->Get(kDeviceDisabledMessage),
446 &expected_disabled_message_value));
448 // Verify that a change to the device state triggers a notification.
449 EXPECT_CALL(*this, SettingChanged(_)).Times(AtLeast(1));
450 device_policy_.policy_data().mutable_device_state()->clear_device_mode();
451 device_policy_.Build();
452 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
453 ReloadDeviceSettings();
454 Mock::VerifyAndClearExpectations(this);
456 // Verify that the updated state has been decoded correctly.
457 EXPECT_FALSE(provider_->Get(kDeviceDisabled));
460 TEST_F(DeviceSettingsProviderTest, DecodeReportingSettings) {
461 // Turn on all reporting and verify that the reporting settings have been
462 // decoded correctly.
463 const int status_frequency = 50000;
464 SetReportingSettings(true, status_frequency);
465 VerifyReportingSettings(true, status_frequency);
467 // Turn off all reporting and verify that the settings are decoded
468 // correctly.
469 SetReportingSettings(false, status_frequency);
470 VerifyReportingSettings(false, status_frequency);
473 TEST_F(DeviceSettingsProviderTest, DecodeHeartbeatSettings) {
474 // Turn on heartbeats and verify that the heartbeat settings have been
475 // decoded correctly.
476 const int heartbeat_frequency = 50000;
477 SetHeartbeatSettings(true, heartbeat_frequency);
478 VerifyHeartbeatSettings(true, heartbeat_frequency);
480 // Turn off all reporting and verify that the settings are decoded
481 // correctly.
482 SetHeartbeatSettings(false, heartbeat_frequency);
483 VerifyHeartbeatSettings(false, heartbeat_frequency);
486 TEST_F(DeviceSettingsProviderTest, DecodeDomainAutoComplete) {
487 // By default LoginScreenDomainAutoComplete policy should not be set.
488 VerifyDomainAutoComplete(nullptr);
490 // Empty string means that the policy is not set.
491 SetDomainAutoComplete("");
492 VerifyDomainAutoComplete(nullptr);
494 // Check some meaningful value. Policy should be set.
495 const std::string domain = "domain.test";
496 const base::StringValue domain_value(domain);
497 SetDomainAutoComplete(domain);
498 VerifyDomainAutoComplete(&domain_value);
501 TEST_F(DeviceSettingsProviderTest, DecodeLogUploadSettings) {
502 SetLogUploadSettings(true);
503 VerifyLogUploadSettings(true);
505 SetLogUploadSettings(false);
506 VerifyLogUploadSettings(false);
508 } // namespace chromeos