search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Disable view source for Developer Tools.
[chromium-blink-merge.git] / chrome / browser / chromeos / settings / session_manager_operation_unittest.cc
blob980399c3fa415495ffed927ac6a1c53c2cde4c2b
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/chromeos/settings/session_manager_operation.h"
6
7 #include "base/basictypes.h"
8 #include "base/bind.h"
9 #include "base/bind_helpers.h"
10 #include "base/memory/ref_counted.h"
11 #include "base/memory/scoped_ptr.h"
12 #include "base/message_loop/message_loop.h"
13 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h"
14 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h"
15 #include "chrome/browser/chromeos/settings/mock_owner_key_util.h"
16 #include "components/policy/core/common/cloud/cloud_policy_constants.h"
17 #include "components/policy/core/common/cloud/cloud_policy_validator.h"
18 #include "components/policy/core/common/cloud/policy_builder.h"
19 #include "content/public/test/test_browser_thread.h"
20 #include "crypto/rsa_private_key.h"
21 #include "policy/proto/device_management_backend.pb.h"
22 #include "testing/gmock/include/gmock/gmock.h"
23 #include "testing/gtest/include/gtest/gtest.h"
24
25 namespace em = enterprise_management;
26
27 using testing::Mock;
28 using testing::_;
29
30 namespace chromeos {
31
32 class SessionManagerOperationTest : public testing::Test {
33 public:
34 SessionManagerOperationTest()
35 : ui_thread_(content::BrowserThread::UI, &message_loop_),
36 file_thread_(content::BrowserThread::FILE, &message_loop_),
37 owner_key_util_(new MockOwnerKeyUtil()),
38 validated_(false) {}
39
40 virtual void SetUp() OVERRIDE {
41 policy_.payload().mutable_pinned_apps()->add_app_id("fake-app");
42 policy_.Build();
43 }
44
45 MOCK_METHOD2(OnOperationCompleted,
46 void(SessionManagerOperation*, DeviceSettingsService::Status));
47
48 void CheckSuccessfulValidation(
49 policy::DeviceCloudPolicyValidator* validator) {
50 EXPECT_TRUE(validator->success());
51 EXPECT_TRUE(validator->payload().get());
52 EXPECT_EQ(validator->payload()->SerializeAsString(),
53 policy_.payload().SerializeAsString());
54 validated_ = true;
55 }
56
57 void CheckPublicKeyLoaded(SessionManagerOperation* op) {
58 ASSERT_TRUE(op->owner_key().get());
59 ASSERT_TRUE(op->owner_key()->public_key());
60 std::vector<uint8> public_key;
61 ASSERT_TRUE(policy_.GetSigningKey()->ExportPublicKey(&public_key));
62 EXPECT_EQ(public_key, *op->owner_key()->public_key());
63 }
64
65 void CheckPrivateKeyLoaded(SessionManagerOperation* op) {
66 ASSERT_TRUE(op->owner_key().get());
67 ASSERT_TRUE(op->owner_key()->private_key());
68 std::vector<uint8> expected_key;
69 ASSERT_TRUE(policy_.GetSigningKey()->ExportPrivateKey(&expected_key));
70 std::vector<uint8> actual_key;
71 ASSERT_TRUE(op->owner_key()->private_key()->ExportPrivateKey(&actual_key));
72 EXPECT_EQ(expected_key, actual_key);
73 }
74
75 protected:
76 base::MessageLoop message_loop_;
77 content::TestBrowserThread ui_thread_;
78 content::TestBrowserThread file_thread_;
79
80 policy::DevicePolicyBuilder policy_;
81 DeviceSettingsTestHelper device_settings_test_helper_;
82 scoped_refptr<MockOwnerKeyUtil> owner_key_util_;
83
84 bool validated_;
85
86 private:
87 DISALLOW_COPY_AND_ASSIGN(SessionManagerOperationTest);
88 };
89
90 TEST_F(SessionManagerOperationTest, LoadNoPolicyNoKey) {
91 LoadSettingsOperation op(
92 base::Bind(&SessionManagerOperationTest::OnOperationCompleted,
93 base::Unretained(this)));
94
95 EXPECT_CALL(*this,
96 OnOperationCompleted(
97 &op, DeviceSettingsService::STORE_KEY_UNAVAILABLE));
98 op.Start(&device_settings_test_helper_, owner_key_util_, NULL);
99 device_settings_test_helper_.Flush();
100 Mock::VerifyAndClearExpectations(this);
101
102 EXPECT_FALSE(op.policy_data().get());
103 EXPECT_FALSE(op.device_settings().get());
104 ASSERT_TRUE(op.owner_key().get());
105 EXPECT_FALSE(op.owner_key()->public_key());
106 EXPECT_FALSE(op.owner_key()->private_key());
107 }
108
109 TEST_F(SessionManagerOperationTest, LoadOwnerKey) {
110 owner_key_util_->SetPublicKeyFromPrivateKey(*policy_.GetSigningKey());
111 LoadSettingsOperation op(
112 base::Bind(&SessionManagerOperationTest::OnOperationCompleted,
113 base::Unretained(this)));
114
115 EXPECT_CALL(*this,
116 OnOperationCompleted(
117 &op, DeviceSettingsService::STORE_NO_POLICY));
118 op.Start(&device_settings_test_helper_, owner_key_util_, NULL);
119 device_settings_test_helper_.Flush();
120 Mock::VerifyAndClearExpectations(this);
121
122 CheckPublicKeyLoaded(&op);
123 }
124
125 TEST_F(SessionManagerOperationTest, LoadPolicy) {
126 owner_key_util_->SetPublicKeyFromPrivateKey(*policy_.GetSigningKey());
127 device_settings_test_helper_.set_policy_blob(policy_.GetBlob());
128 LoadSettingsOperation op(
129 base::Bind(&SessionManagerOperationTest::OnOperationCompleted,
130 base::Unretained(this)));
131
132 EXPECT_CALL(*this,
133 OnOperationCompleted(
134 &op, DeviceSettingsService::STORE_SUCCESS));
135 op.Start(&device_settings_test_helper_, owner_key_util_, NULL);
136 device_settings_test_helper_.Flush();
137 Mock::VerifyAndClearExpectations(this);
138
139 ASSERT_TRUE(op.policy_data().get());
140 EXPECT_EQ(policy_.policy_data().SerializeAsString(),
141 op.policy_data()->SerializeAsString());
142 ASSERT_TRUE(op.device_settings().get());
143 EXPECT_EQ(policy_.payload().SerializeAsString(),
144 op.device_settings()->SerializeAsString());
145 }
146
147 TEST_F(SessionManagerOperationTest, LoadPrivateOwnerKey) {
148 owner_key_util_->SetPrivateKey(policy_.GetSigningKey());
149 LoadSettingsOperation op(
150 base::Bind(&SessionManagerOperationTest::OnOperationCompleted,
151 base::Unretained(this)));
152
153 EXPECT_CALL(*this,
154 OnOperationCompleted(
155 &op, DeviceSettingsService::STORE_NO_POLICY));
156 op.Start(&device_settings_test_helper_, owner_key_util_, NULL);
157 device_settings_test_helper_.Flush();
158 Mock::VerifyAndClearExpectations(this);
159
160 CheckPublicKeyLoaded(&op);
161 CheckPrivateKeyLoaded(&op);
162 }
163
164 TEST_F(SessionManagerOperationTest, RestartLoad) {
165 owner_key_util_->SetPrivateKey(policy_.GetSigningKey());
166 device_settings_test_helper_.set_policy_blob(policy_.GetBlob());
167 LoadSettingsOperation op(
168 base::Bind(&SessionManagerOperationTest::OnOperationCompleted,
169 base::Unretained(this)));
170
171 EXPECT_CALL(*this, OnOperationCompleted(&op, _)).Times(0);
172 op.Start(&device_settings_test_helper_, owner_key_util_, NULL);
173 device_settings_test_helper_.FlushLoops();
174 device_settings_test_helper_.FlushRetrieve();
175 EXPECT_TRUE(op.owner_key().get());
176 EXPECT_TRUE(op.owner_key()->public_key());
177 Mock::VerifyAndClearExpectations(this);
178
179 // Now install a different key and policy and restart the operation.
180 policy_.SetSigningKey(*policy::PolicyBuilder::CreateTestOtherSigningKey());
181 policy_.payload().mutable_metrics_enabled()->set_metrics_enabled(true);
182 policy_.Build();
183 device_settings_test_helper_.set_policy_blob(policy_.GetBlob());
184 owner_key_util_->SetPrivateKey(policy_.GetSigningKey());
185
186 EXPECT_CALL(*this,
187 OnOperationCompleted(
188 &op, DeviceSettingsService::STORE_SUCCESS));
189 op.RestartLoad(true);
190 device_settings_test_helper_.Flush();
191 Mock::VerifyAndClearExpectations(this);
192
193 // Check that the new keys have been loaded.
194 CheckPublicKeyLoaded(&op);
195 CheckPrivateKeyLoaded(&op);
196
197 // Verify the new policy.
198 ASSERT_TRUE(op.policy_data().get());
199 EXPECT_EQ(policy_.policy_data().SerializeAsString(),
200 op.policy_data()->SerializeAsString());
201 ASSERT_TRUE(op.device_settings().get());
202 EXPECT_EQ(policy_.payload().SerializeAsString(),
203 op.device_settings()->SerializeAsString());
204 }
205
206 TEST_F(SessionManagerOperationTest, StoreSettings) {
207 owner_key_util_->SetPublicKeyFromPrivateKey(*policy_.GetSigningKey());
208 StoreSettingsOperation op(
209 base::Bind(&SessionManagerOperationTest::OnOperationCompleted,
210 base::Unretained(this)),
211 policy_.GetCopy());
212
213 EXPECT_CALL(*this,
214 OnOperationCompleted(
215 &op, DeviceSettingsService::STORE_SUCCESS));
216 op.Start(&device_settings_test_helper_, owner_key_util_, NULL);
217 device_settings_test_helper_.Flush();
218 Mock::VerifyAndClearExpectations(this);
219
220 EXPECT_EQ(device_settings_test_helper_.policy_blob(),
221 policy_.GetBlob());
222 ASSERT_TRUE(op.policy_data().get());
223 EXPECT_EQ(policy_.policy_data().SerializeAsString(),
224 op.policy_data()->SerializeAsString());
225 ASSERT_TRUE(op.device_settings().get());
226 EXPECT_EQ(policy_.payload().SerializeAsString(),
227 op.device_settings()->SerializeAsString());
228 }
229
230 TEST_F(SessionManagerOperationTest, SignAndStoreSettings) {
231 base::Time before(base::Time::NowFromSystemTime());
232 owner_key_util_->SetPrivateKey(policy_.GetSigningKey());
233 SignAndStoreSettingsOperation op(
234 base::Bind(&SessionManagerOperationTest::OnOperationCompleted,
235 base::Unretained(this)),
236 scoped_ptr<em::ChromeDeviceSettingsProto>(
237 new em::ChromeDeviceSettingsProto(policy_.payload())),
238 policy_.policy_data().username());
239
240 EXPECT_CALL(*this,
241 OnOperationCompleted(
242 &op, DeviceSettingsService::STORE_SUCCESS));
243 op.Start(&device_settings_test_helper_, owner_key_util_, NULL);
244 device_settings_test_helper_.Flush();
245 Mock::VerifyAndClearExpectations(this);
246 base::Time after(base::Time::NowFromSystemTime());
247
248 // The blob should validate.
249 scoped_ptr<em::PolicyFetchResponse> policy_response(
250 new em::PolicyFetchResponse());
251 ASSERT_TRUE(
252 policy_response->ParseFromString(
253 device_settings_test_helper_.policy_blob()));
254 policy::DeviceCloudPolicyValidator* validator =
255 policy::DeviceCloudPolicyValidator::Create(
256 policy_response.Pass(), message_loop_.message_loop_proxy());
257 validator->ValidateUsername(policy_.policy_data().username());
258 validator->ValidateTimestamp(
259 before,
260 after,
261 policy::CloudPolicyValidatorBase::TIMESTAMP_REQUIRED);
262 validator->ValidatePolicyType(policy::dm_protocol::kChromeDevicePolicyType);
263 validator->ValidatePayload();
264 std::vector<uint8> public_key;
265 policy_.GetSigningKey()->ExportPublicKey(&public_key);
266 validator->ValidateSignature(public_key, false);
267 validator->StartValidation(
268 base::Bind(&SessionManagerOperationTest::CheckSuccessfulValidation,
269 base::Unretained(this)));
270
271 message_loop_.RunUntilIdle();
272 EXPECT_TRUE(validated_);
273
274 // Check that the loaded policy_data contains the expected values.
275 EXPECT_EQ(policy::dm_protocol::kChromeDevicePolicyType,
276 op.policy_data()->policy_type());
277 EXPECT_LE((before - base::Time::UnixEpoch()).InMilliseconds(),
278 op.policy_data()->timestamp());
279 EXPECT_GE((after - base::Time::UnixEpoch()).InMilliseconds(),
280 op.policy_data()->timestamp());
281 EXPECT_FALSE(op.policy_data()->has_request_token());
282 EXPECT_EQ(policy_.policy_data().username(), op.policy_data()->username());
283
284 // Loaded device settings should match what the operation received.
285 ASSERT_TRUE(op.device_settings().get());
286 EXPECT_EQ(policy_.payload().SerializeAsString(),
287 op.device_settings()->SerializeAsString());
288 }
289
290 } // namespace chromeos