Only grant permissions to new extensions from sync if they have the expected version
[chromium-blink-merge.git] / chrome / browser / chromeos / settings / device_settings_service_unittest.cc
blob78cd3f9057ac104f252ae8abafb4e07e51d21902
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/chromeos/settings/device_settings_service.h"
7 #include "base/basictypes.h"
8 #include "base/bind.h"
9 #include "base/bind_helpers.h"
10 #include "base/compiler_specific.h"
11 #include "base/time/time.h"
12 #include "chrome/browser/chromeos/ownership/owner_settings_service_chromeos.h"
13 #include "chrome/browser/chromeos/ownership/owner_settings_service_chromeos.h"
14 #include "chrome/browser/chromeos/ownership/owner_settings_service_chromeos_factory.h"
15 #include "chrome/browser/chromeos/ownership/owner_settings_service_chromeos_factory.h"
16 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h"
17 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h"
18 #include "chrome/test/base/testing_profile.h"
19 #include "components/policy/core/common/cloud/cloud_policy_constants.h"
20 #include "policy/proto/device_management_backend.pb.h"
21 #include "testing/gmock/include/gmock/gmock.h"
22 #include "testing/gtest/include/gtest/gtest.h"
24 namespace em = enterprise_management;
26 using ::testing::Mock;
28 namespace chromeos {
30 namespace {
32 class MockDeviceSettingsObserver : public DeviceSettingsService::Observer {
33 public:
34 virtual ~MockDeviceSettingsObserver() {}
36 MOCK_METHOD0(OwnershipStatusChanged, void());
37 MOCK_METHOD0(DeviceSettingsUpdated, void());
38 MOCK_METHOD0(OnDeviceSettingsServiceShutdown, void());
41 } // namespace
43 class DeviceSettingsServiceTest : public DeviceSettingsTestBase {
44 public:
45 void SetOperationCompleted() {
46 operation_completed_ = true;
49 void SetOwnershipStatus(
50 DeviceSettingsService::OwnershipStatus ownership_status) {
51 ownership_status_ = ownership_status;
54 void OnIsOwner(bool is_owner) {
55 is_owner_ = is_owner;
56 is_owner_set_ = true;
59 protected:
60 DeviceSettingsServiceTest()
61 : operation_completed_(false),
62 is_owner_(true),
63 is_owner_set_(false),
64 ownership_status_(DeviceSettingsService::OWNERSHIP_UNKNOWN) {}
66 void SetUp() override {
67 device_policy_.payload().mutable_device_policy_refresh_rate()->
68 set_device_policy_refresh_rate(120);
69 DeviceSettingsTestBase::SetUp();
72 void CheckPolicy() {
73 ASSERT_TRUE(device_settings_service_.policy_data());
74 EXPECT_EQ(device_policy_.policy_data().SerializeAsString(),
75 device_settings_service_.policy_data()->SerializeAsString());
76 ASSERT_TRUE(device_settings_service_.device_settings());
77 EXPECT_EQ(device_policy_.payload().SerializeAsString(),
78 device_settings_service_.device_settings()->SerializeAsString());
81 bool operation_completed_;
82 bool is_owner_;
83 bool is_owner_set_;
84 DeviceSettingsService::OwnershipStatus ownership_status_;
86 private:
87 DISALLOW_COPY_AND_ASSIGN(DeviceSettingsServiceTest);
90 TEST_F(DeviceSettingsServiceTest, LoadNoKey) {
91 owner_key_util_->Clear();
92 ReloadDeviceSettings();
94 EXPECT_EQ(DeviceSettingsService::STORE_KEY_UNAVAILABLE,
95 device_settings_service_.status());
96 EXPECT_FALSE(device_settings_service_.policy_data());
97 EXPECT_FALSE(device_settings_service_.device_settings());
100 TEST_F(DeviceSettingsServiceTest, LoadNoPolicy) {
101 device_settings_test_helper_.set_policy_blob(std::string());
102 ReloadDeviceSettings();
104 EXPECT_EQ(DeviceSettingsService::STORE_NO_POLICY,
105 device_settings_service_.status());
106 EXPECT_FALSE(device_settings_service_.policy_data());
107 EXPECT_FALSE(device_settings_service_.device_settings());
110 TEST_F(DeviceSettingsServiceTest, LoadValidationError) {
111 device_policy_.policy().set_policy_data_signature("bad");
112 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
113 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
114 ReloadDeviceSettings();
116 EXPECT_EQ(DeviceSettingsService::STORE_VALIDATION_ERROR,
117 device_settings_service_.status());
118 EXPECT_FALSE(device_settings_service_.policy_data());
119 EXPECT_FALSE(device_settings_service_.device_settings());
122 TEST_F(DeviceSettingsServiceTest, LoadValidationErrorFutureTimestamp) {
123 base::Time timestamp(base::Time::NowFromSystemTime() +
124 base::TimeDelta::FromDays(5000));
125 device_policy_.policy_data().set_timestamp(
126 (timestamp - base::Time::UnixEpoch()).InMilliseconds());
127 device_policy_.Build();
128 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
129 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
130 ReloadDeviceSettings();
132 // Loading a cached device policy with a timestamp in the future should work,
133 // since this may be due to a broken clock on the client device.
134 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
135 device_settings_service_.status());
136 CheckPolicy();
139 TEST_F(DeviceSettingsServiceTest, LoadSuccess) {
140 ReloadDeviceSettings();
142 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
143 device_settings_service_.status());
144 CheckPolicy();
147 TEST_F(DeviceSettingsServiceTest, StoreFailure) {
148 owner_key_util_->Clear();
149 device_settings_test_helper_.set_policy_blob(std::string());
150 ReloadDeviceSettings();
151 EXPECT_EQ(DeviceSettingsService::STORE_KEY_UNAVAILABLE,
152 device_settings_service_.status());
154 device_settings_test_helper_.set_store_result(false);
155 device_settings_service_.Store(
156 device_policy_.GetCopy(),
157 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted,
158 base::Unretained(this)));
159 FlushDeviceSettings();
160 EXPECT_TRUE(operation_completed_);
161 EXPECT_EQ(DeviceSettingsService::STORE_OPERATION_FAILED,
162 device_settings_service_.status());
165 TEST_F(DeviceSettingsServiceTest, StoreSuccess) {
166 owner_key_util_->Clear();
167 device_settings_test_helper_.set_policy_blob(std::string());
168 ReloadDeviceSettings();
169 EXPECT_EQ(DeviceSettingsService::STORE_KEY_UNAVAILABLE,
170 device_settings_service_.status());
172 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
173 InitOwner(device_policy_.policy_data().username(), true);
174 device_settings_service_.Store(
175 device_policy_.GetCopy(),
176 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted,
177 base::Unretained(this)));
178 FlushDeviceSettings();
179 EXPECT_TRUE(operation_completed_);
180 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
181 device_settings_service_.status());
182 CheckPolicy();
185 TEST_F(DeviceSettingsServiceTest, StoreRotation) {
186 ReloadDeviceSettings();
187 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
188 device_settings_service_.status());
190 device_policy_.payload().mutable_device_policy_refresh_rate()->
191 set_device_policy_refresh_rate(300);
192 device_policy_.SetDefaultNewSigningKey();
193 device_policy_.Build();
194 device_settings_service_.Store(device_policy_.GetCopy(), base::Closure());
195 FlushDeviceSettings();
196 owner_key_util_->SetPublicKeyFromPrivateKey(
197 *device_policy_.GetNewSigningKey());
198 device_settings_service_.OwnerKeySet(true);
199 FlushDeviceSettings();
200 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
201 device_settings_service_.status());
202 CheckPolicy();
204 // Check the new key has been loaded.
205 std::vector<uint8> key;
206 ASSERT_TRUE(device_policy_.GetNewSigningKey()->ExportPublicKey(&key));
207 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
210 TEST_F(DeviceSettingsServiceTest, OwnershipStatus) {
211 owner_key_util_->Clear();
213 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
214 EXPECT_FALSE(device_settings_service_.GetPublicKey().get());
215 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_UNKNOWN,
216 device_settings_service_.GetOwnershipStatus());
218 device_settings_service_.GetOwnershipStatusAsync(
219 base::Bind(&DeviceSettingsServiceTest::SetOwnershipStatus,
220 base::Unretained(this)));
221 FlushDeviceSettings();
222 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
223 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
224 EXPECT_FALSE(device_settings_service_.GetPublicKey()->is_loaded());
225 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_NONE,
226 device_settings_service_.GetOwnershipStatus());
227 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_NONE, ownership_status_);
229 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
230 ReloadDeviceSettings();
231 device_settings_service_.GetOwnershipStatusAsync(
232 base::Bind(&DeviceSettingsServiceTest::SetOwnershipStatus,
233 base::Unretained(this)));
234 FlushDeviceSettings();
235 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
236 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
237 ASSERT_TRUE(device_settings_service_.GetPublicKey()->is_loaded());
238 std::vector<uint8> key;
239 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
240 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
241 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
242 device_settings_service_.GetOwnershipStatus());
243 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN, ownership_status_);
245 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
246 InitOwner(device_policy_.policy_data().username(), true);
247 device_settings_service_.GetOwnershipStatusAsync(
248 base::Bind(&DeviceSettingsServiceTest::SetOwnershipStatus,
249 base::Unretained(this)));
250 FlushDeviceSettings();
251 EXPECT_TRUE(device_settings_service_.HasPrivateOwnerKey());
252 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
253 ASSERT_TRUE(device_settings_service_.GetPublicKey()->is_loaded());
254 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
255 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
256 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
257 device_settings_service_.GetOwnershipStatus());
258 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN, ownership_status_);
261 TEST_F(DeviceSettingsServiceTest, OnTPMTokenReadyForNonOwner) {
262 owner_key_util_->Clear();
264 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
265 EXPECT_FALSE(device_settings_service_.GetPublicKey().get());
266 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_UNKNOWN,
267 device_settings_service_.GetOwnershipStatus());
269 const std::string& user_id = device_policy_.policy_data().username();
270 InitOwner(user_id, false);
271 OwnerSettingsServiceChromeOS* service =
272 OwnerSettingsServiceChromeOSFactory::GetForBrowserContext(profile_.get());
273 ASSERT_TRUE(service);
274 service->IsOwnerAsync(base::Bind(&DeviceSettingsServiceTest::OnIsOwner,
275 base::Unretained(this)));
277 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
278 ReloadDeviceSettings();
280 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
281 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
282 ASSERT_TRUE(device_settings_service_.GetPublicKey()->is_loaded());
283 std::vector<uint8> key;
284 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
285 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
286 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
287 device_settings_service_.GetOwnershipStatus());
288 EXPECT_FALSE(is_owner_set_);
290 service->OnTPMTokenReady(true /* is ready */);
291 FlushDeviceSettings();
293 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
294 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
295 ASSERT_TRUE(device_settings_service_.GetPublicKey()->is_loaded());
296 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
297 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
298 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
299 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
300 device_settings_service_.GetOwnershipStatus());
301 EXPECT_TRUE(is_owner_set_);
302 EXPECT_FALSE(is_owner_);
305 TEST_F(DeviceSettingsServiceTest, OwnerPrivateKeyInTPMToken) {
306 owner_key_util_->Clear();
308 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
309 EXPECT_FALSE(device_settings_service_.GetPublicKey().get());
310 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_UNKNOWN,
311 device_settings_service_.GetOwnershipStatus());
313 const std::string& user_id = device_policy_.policy_data().username();
314 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
315 InitOwner(user_id, false);
316 OwnerSettingsServiceChromeOS* service =
317 OwnerSettingsServiceChromeOSFactory::GetForBrowserContext(profile_.get());
318 ASSERT_TRUE(service);
319 ReloadDeviceSettings();
321 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
322 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
323 ASSERT_TRUE(device_settings_service_.GetPublicKey()->is_loaded());
324 std::vector<uint8> key;
325 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
326 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
327 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
328 device_settings_service_.GetOwnershipStatus());
330 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
331 service->OnTPMTokenReady(true /* is ready */);
332 FlushDeviceSettings();
334 EXPECT_TRUE(device_settings_service_.HasPrivateOwnerKey());
335 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
336 ASSERT_TRUE(device_settings_service_.GetPublicKey()->is_loaded());
337 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
338 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
341 TEST_F(DeviceSettingsServiceTest, OnTPMTokenReadyForOwner) {
342 owner_key_util_->Clear();
344 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
345 EXPECT_FALSE(device_settings_service_.GetPublicKey().get());
346 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_UNKNOWN,
347 device_settings_service_.GetOwnershipStatus());
349 const std::string& user_id = device_policy_.policy_data().username();
350 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
351 InitOwner(user_id, false);
352 OwnerSettingsServiceChromeOS* service =
353 OwnerSettingsServiceChromeOSFactory::GetForBrowserContext(profile_.get());
354 ASSERT_TRUE(service);
355 service->IsOwnerAsync(base::Bind(&DeviceSettingsServiceTest::OnIsOwner,
356 base::Unretained(this)));
357 ReloadDeviceSettings();
359 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
360 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
361 ASSERT_TRUE(device_settings_service_.GetPublicKey()->is_loaded());
362 std::vector<uint8> key;
363 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
364 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
365 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
366 device_settings_service_.GetOwnershipStatus());
367 EXPECT_FALSE(is_owner_set_);
369 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
370 service->OnTPMTokenReady(true /* is ready */);
371 FlushDeviceSettings();
373 EXPECT_TRUE(device_settings_service_.HasPrivateOwnerKey());
374 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
375 ASSERT_TRUE(device_settings_service_.GetPublicKey()->is_loaded());
376 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
377 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
378 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
379 device_settings_service_.GetOwnershipStatus());
380 EXPECT_TRUE(is_owner_set_);
381 EXPECT_TRUE(is_owner_);
384 TEST_F(DeviceSettingsServiceTest, IsCurrentUserOwnerAsyncWithLoadedCerts) {
385 owner_key_util_->Clear();
387 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
388 EXPECT_FALSE(device_settings_service_.GetPublicKey().get());
389 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_UNKNOWN,
390 device_settings_service_.GetOwnershipStatus());
392 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
393 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
395 InitOwner(device_policy_.policy_data().username(), true);
396 ReloadDeviceSettings();
397 FlushDeviceSettings();
399 EXPECT_TRUE(device_settings_service_.HasPrivateOwnerKey());
400 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
401 ASSERT_TRUE(device_settings_service_.GetPublicKey()->is_loaded());
402 std::vector<uint8> key;
403 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
404 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
405 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
406 device_settings_service_.GetOwnershipStatus());
407 EXPECT_FALSE(is_owner_set_);
409 OwnerSettingsServiceChromeOS* service =
410 OwnerSettingsServiceChromeOSFactory::GetForBrowserContext(profile_.get());
411 ASSERT_TRUE(service);
412 service->IsOwnerAsync(base::Bind(&DeviceSettingsServiceTest::OnIsOwner,
413 base::Unretained(this)));
414 // The callback should be called immediately.
415 base::MessageLoop::current()->RunUntilIdle();
417 EXPECT_TRUE(device_settings_service_.HasPrivateOwnerKey());
418 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
419 ASSERT_TRUE(device_settings_service_.GetPublicKey()->is_loaded());
420 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
421 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
422 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
423 device_settings_service_.GetOwnershipStatus());
424 EXPECT_TRUE(is_owner_set_);
425 EXPECT_TRUE(is_owner_);
428 TEST_F(DeviceSettingsServiceTest, Observer) {
429 owner_key_util_->Clear();
430 MockDeviceSettingsObserver observer_;
431 device_settings_service_.AddObserver(&observer_);
433 EXPECT_CALL(observer_, OwnershipStatusChanged()).Times(1);
434 EXPECT_CALL(observer_, DeviceSettingsUpdated()).Times(1);
435 ReloadDeviceSettings();
436 Mock::VerifyAndClearExpectations(&observer_);
438 EXPECT_CALL(observer_, OwnershipStatusChanged()).Times(1);
439 EXPECT_CALL(observer_, DeviceSettingsUpdated()).Times(1);
440 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
441 InitOwner(device_policy_.policy_data().username(), true);
442 ReloadDeviceSettings();
443 Mock::VerifyAndClearExpectations(&observer_);
445 EXPECT_CALL(observer_, OwnershipStatusChanged()).Times(0);
446 EXPECT_CALL(observer_, DeviceSettingsUpdated()).Times(1);
447 device_settings_service_.Store(device_policy_.GetCopy(), base::Closure());
448 FlushDeviceSettings();
449 Mock::VerifyAndClearExpectations(&observer_);
451 EXPECT_CALL(observer_, OwnershipStatusChanged()).Times(0);
452 EXPECT_CALL(observer_, DeviceSettingsUpdated()).Times(1);
453 device_settings_service_.PropertyChangeComplete(true);
454 FlushDeviceSettings();
455 Mock::VerifyAndClearExpectations(&observer_);
457 device_settings_service_.RemoveObserver(&observer_);
460 } // namespace chromeos