1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/ui/ash/session_state_delegate_chromeos.h"
10 #include "base/run_loop.h"
11 #include "chrome/browser/chromeos/login/users/fake_user_manager.h"
12 #include "chrome/browser/chromeos/login/users/multi_profile_user_controller.h"
13 #include "chrome/browser/chromeos/login/users/scoped_user_manager_enabler.h"
14 #include "chrome/browser/chromeos/policy/policy_cert_service.h"
15 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h"
16 #include "chrome/browser/chromeos/policy/policy_cert_verifier.h"
17 #include "chrome/browser/chromeos/profiles/profile_helper.h"
18 #include "chrome/common/pref_names.h"
19 #include "chrome/test/base/testing_browser_process.h"
20 #include "chrome/test/base/testing_profile_manager.h"
21 #include "components/user_manager/user_manager.h"
22 #include "content/public/test/test_browser_thread_bundle.h"
23 #include "net/cert/x509_certificate.h"
24 #include "testing/gtest/include/gtest/gtest.h"
30 const char* kUser
= "user@test.com";
32 // Weak ptr to PolicyCertVerifier - object is freed in test destructor once
33 // we've ensured the profile has been shut down.
34 policy::PolicyCertVerifier
* g_policy_cert_verifier_for_factory
= NULL
;
36 KeyedService
* CreateTestPolicyCertService(content::BrowserContext
* context
) {
37 return policy::PolicyCertService::CreateForTesting(
39 g_policy_cert_verifier_for_factory
,
40 user_manager::UserManager::Get()).release();
45 class SessionStateDelegateChromeOSTest
: public testing::Test
{
47 SessionStateDelegateChromeOSTest() : user_manager_(NULL
) {
50 virtual ~SessionStateDelegateChromeOSTest() {
53 virtual void SetUp() override
{
54 // Initialize the UserManager singleton to a fresh FakeUserManager instance.
55 user_manager_
= new chromeos::FakeUserManager
;
56 user_manager_enabler_
.reset(
57 new chromeos::ScopedUserManagerEnabler(user_manager_
));
59 // Create our SessionStateDelegate to experiment with.
60 session_state_delegate_
.reset(new SessionStateDelegateChromeos());
61 testing::Test::SetUp();
64 virtual void TearDown() override
{
65 testing::Test::TearDown();
66 session_state_delegate_
.reset();
67 user_manager_enabler_
.reset();
69 // Clear our cached pointer to the PolicyCertVerifier.
70 g_policy_cert_verifier_for_factory
= NULL
;
71 profile_manager_
.reset();
73 // We must ensure that the PolicyCertVerifier outlives the
74 // PolicyCertService so shutdown the profile here. Additionally, we need
75 // to run the message loop between freeing the PolicyCertService and
76 // freeing the PolicyCertVerifier (see
77 // PolicyCertService::OnTrustAnchorsChanged() which is called from
78 // PolicyCertService::Shutdown()).
79 base::RunLoop().RunUntilIdle();
82 // Add and log in a user to the session.
83 void UserAddedToSession(std::string user
) {
84 user_manager()->AddUser(user
);
85 user_manager()->LoginUser(user
);
88 // Get the active user.
89 const std::string
& GetActiveUser() {
90 return user_manager::UserManager::Get()->GetActiveUser()->email();
93 chromeos::FakeUserManager
* user_manager() { return user_manager_
; }
94 SessionStateDelegateChromeos
* session_state_delegate() {
95 return session_state_delegate_
.get();
98 void InitForMultiProfile() {
99 profile_manager_
.reset(
100 new TestingProfileManager(TestingBrowserProcess::GetGlobal()));
101 ASSERT_TRUE(profile_manager_
->SetUp());
103 const std::string
user_email(kUser
);
104 const user_manager::User
* user
= user_manager()->AddUser(user_email
);
106 // Note that user profiles are created after user login in reality.
107 user_profile_
= profile_manager_
->CreateTestingProfile(user_email
);
108 user_profile_
->set_profile_name(user_email
);
109 chromeos::ProfileHelper::Get()->SetUserToProfileMappingForTesting(
110 user
, user_profile_
);
113 content::TestBrowserThreadBundle threads_
;
114 scoped_ptr
<policy::PolicyCertVerifier
> cert_verifier_
;
115 scoped_ptr
<TestingProfileManager
> profile_manager_
;
116 TestingProfile
* user_profile_
;
119 scoped_ptr
<chromeos::ScopedUserManagerEnabler
> user_manager_enabler_
;
120 scoped_ptr
<SessionStateDelegateChromeos
> session_state_delegate_
;
123 chromeos::FakeUserManager
* user_manager_
;
125 DISALLOW_COPY_AND_ASSIGN(SessionStateDelegateChromeOSTest
);
128 // Make sure that cycling one user does not cause any harm.
129 TEST_F(SessionStateDelegateChromeOSTest
, CyclingOneUser
) {
130 UserAddedToSession("firstuser@test.com");
132 EXPECT_EQ("firstuser@test.com", GetActiveUser());
133 session_state_delegate()->CycleActiveUser(
134 ash::SessionStateDelegate::CYCLE_TO_NEXT_USER
);
135 EXPECT_EQ("firstuser@test.com", GetActiveUser());
136 session_state_delegate()->CycleActiveUser(
137 ash::SessionStateDelegate::CYCLE_TO_PREVIOUS_USER
);
138 EXPECT_EQ("firstuser@test.com", GetActiveUser());
141 // Cycle three users forwards and backwards to see that it works.
142 TEST_F(SessionStateDelegateChromeOSTest
, CyclingThreeUsers
) {
143 UserAddedToSession("firstuser@test.com");
144 UserAddedToSession("seconduser@test.com");
145 UserAddedToSession("thirduser@test.com");
146 const ash::SessionStateDelegate::CycleUser forward
=
147 ash::SessionStateDelegate::CYCLE_TO_NEXT_USER
;
150 EXPECT_EQ("firstuser@test.com", GetActiveUser());
151 session_state_delegate()->CycleActiveUser(forward
);
152 EXPECT_EQ("seconduser@test.com", GetActiveUser());
153 session_state_delegate()->CycleActiveUser(forward
);
154 EXPECT_EQ("thirduser@test.com", GetActiveUser());
155 session_state_delegate()->CycleActiveUser(forward
);
156 EXPECT_EQ("firstuser@test.com", GetActiveUser());
159 const ash::SessionStateDelegate::CycleUser backward
=
160 ash::SessionStateDelegate::CYCLE_TO_PREVIOUS_USER
;
161 session_state_delegate()->CycleActiveUser(backward
);
162 EXPECT_EQ("thirduser@test.com", GetActiveUser());
163 session_state_delegate()->CycleActiveUser(backward
);
164 EXPECT_EQ("seconduser@test.com", GetActiveUser());
165 session_state_delegate()->CycleActiveUser(backward
);
166 EXPECT_EQ("firstuser@test.com", GetActiveUser());
169 // Make sure MultiProfile disabled by primary user policy.
170 TEST_F(SessionStateDelegateChromeOSTest
, MultiProfileDisallowedByUserPolicy
) {
171 InitForMultiProfile();
173 session_state_delegate()->IsMultiProfileAllowedByPrimaryUserPolicy());
174 const std::string
user_email(kUser
);
175 user_manager()->LoginUser(user_email
);
177 session_state_delegate()->IsMultiProfileAllowedByPrimaryUserPolicy());
179 user_profile_
->GetPrefs()->SetString(
180 prefs::kMultiProfileUserBehavior
,
181 chromeos::MultiProfileUserController::kBehaviorNotAllowed
);
183 session_state_delegate()->IsMultiProfileAllowedByPrimaryUserPolicy());
186 // Make sure MultiProfile disabled by primary user policy certificates.
187 TEST_F(SessionStateDelegateChromeOSTest
,
188 MultiProfileDisallowedByPolicyCertificates
) {
189 InitForMultiProfile();
190 const std::string
user_email(kUser
);
191 user_manager()->LoginUser(user_email
);
193 session_state_delegate()->IsMultiProfileAllowedByPrimaryUserPolicy());
194 policy::PolicyCertServiceFactory::SetUsedPolicyCertificates(user_email
);
196 session_state_delegate()->IsMultiProfileAllowedByPrimaryUserPolicy());
198 // Flush tasks posted to IO.
199 base::RunLoop().RunUntilIdle();
202 // Make sure MultiProfile disabled by primary user certificates in memory.
203 TEST_F(SessionStateDelegateChromeOSTest
,
204 MultiProfileDisallowedByPrimaryUserCertificatesInMemory
) {
205 InitForMultiProfile();
206 const std::string
user_email(kUser
);
207 user_manager()->LoginUser(user_email
);
209 session_state_delegate()->IsMultiProfileAllowedByPrimaryUserPolicy());
210 cert_verifier_
.reset(new policy::PolicyCertVerifier(base::Closure()));
211 g_policy_cert_verifier_for_factory
= cert_verifier_
.get();
213 policy::PolicyCertServiceFactory::GetInstance()->SetTestingFactoryAndUse(
214 user_profile_
, CreateTestPolicyCertService
));
215 policy::PolicyCertService
* service
=
216 policy::PolicyCertServiceFactory::GetForProfile(user_profile_
);
217 ASSERT_TRUE(service
);
219 EXPECT_FALSE(service
->has_policy_certificates());
220 net::CertificateList certificates
;
221 certificates
.push_back(new net::X509Certificate(
222 "subject", "issuer", base::Time(), base::Time()));
223 service
->OnTrustAnchorsChanged(certificates
);
224 EXPECT_TRUE(service
->has_policy_certificates());
226 session_state_delegate()->IsMultiProfileAllowedByPrimaryUserPolicy());
228 // Flush tasks posted to IO.
229 base::RunLoop().RunUntilIdle();
232 // Make sure adding users to multiprofiles disabled by reaching maximum
233 // number of users in sessions.
234 TEST_F(SessionStateDelegateChromeOSTest
,
235 AddUserToMultiprofileDisallowedByMaximumUsers
) {
236 InitForMultiProfile();
237 ash::SessionStateDelegate::AddUserError add_user_error
;
240 session_state_delegate()->CanAddUserToMultiProfile(&add_user_error
));
241 const std::string
user_email(kUser
);
242 user_manager()->LoginUser(user_email
);
243 while (session_state_delegate()->NumberOfLoggedInUsers() <
244 session_state_delegate()->GetMaximumNumberOfLoggedInUsers()) {
245 UserAddedToSession("bb@b.b");
248 session_state_delegate()->CanAddUserToMultiProfile(&add_user_error
));
249 EXPECT_EQ(ash::SessionStateDelegate::ADD_USER_ERROR_MAXIMUM_USERS_REACHED
,
253 // Make sure adding users to multiprofiles disabled by logging in all possible
255 TEST_F(SessionStateDelegateChromeOSTest
,
256 AddUserToMultiprofileDisallowedByAllUsersLogged
) {
257 InitForMultiProfile();
258 ash::SessionStateDelegate::AddUserError add_user_error
;
261 session_state_delegate()->CanAddUserToMultiProfile(&add_user_error
));
262 const std::string
user_email(kUser
);
263 user_manager()->LoginUser(user_email
);
264 UserAddedToSession("bb@b.b");
266 session_state_delegate()->CanAddUserToMultiProfile(&add_user_error
));
267 EXPECT_EQ(ash::SessionStateDelegate::ADD_USER_ERROR_OUT_OF_USERS
,
271 // Make sure adding users to multiprofiles disabled by primary user policy.
272 TEST_F(SessionStateDelegateChromeOSTest
,
273 AddUserToMultiprofileDisallowedByPrimaryUserPolicy
) {
274 InitForMultiProfile();
275 ash::SessionStateDelegate::AddUserError add_user_error
;
278 session_state_delegate()->CanAddUserToMultiProfile(&add_user_error
));
279 const std::string
user_email(kUser
);
280 user_manager()->LoginUser(user_email
);
281 user_profile_
->GetPrefs()->SetString(
282 prefs::kMultiProfileUserBehavior
,
283 chromeos::MultiProfileUserController::kBehaviorNotAllowed
);
284 user_manager()->AddUser("bb@b.b");
286 session_state_delegate()->CanAddUserToMultiProfile(&add_user_error
));
287 EXPECT_EQ(ash::SessionStateDelegate::ADD_USER_ERROR_NOT_ALLOWED_PRIMARY_USER
,
291 } // namespace chromeos