Only grant permissions to new extensions from sync if they have the expected version
[chromium-blink-merge.git] / chrome / browser / extensions / policy_handlers_unittest.cc
bloba5fb83045a566ad9f5fbce5126ea7006f872aad3
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "base/json/json_reader.h"
6 #include "base/prefs/pref_value_map.h"
7 #include "chrome/browser/extensions/external_policy_loader.h"
8 #include "chrome/browser/extensions/policy_handlers.h"
9 #include "components/policy/core/browser/policy_error_map.h"
10 #include "components/policy/core/common/policy_map.h"
11 #include "components/policy/core/common/schema.h"
12 #include "extensions/browser/pref_names.h"
13 #include "policy/policy_constants.h"
14 #include "testing/gtest/include/gtest/gtest.h"
16 namespace extensions {
18 const char kTestPref[] = "unit_test.test_pref";
19 const char kTestManagementPolicy1[] =
20 "{"
21 " \"abcdefghijklmnopabcdefghijklmnop\": {"
22 " \"installation_mode\": \"force_installed\","
23 " },"
24 "}";
25 const char kTestManagementPolicy2[] =
26 "{"
27 " \"abcdefghijklmnopabcdefghijklmnop\": {"
28 " \"installation_mode\": \"force_installed\","
29 " \"update_url\": \"http://example.com/app\","
30 " },"
31 " \"*\": {"
32 " \"installation_mode\": \"blocked\","
33 " },"
34 "}";
36 TEST(ExtensionListPolicyHandlerTest, CheckPolicySettings) {
37 base::ListValue list;
38 policy::PolicyMap policy_map;
39 policy::PolicyErrorMap errors;
40 ExtensionListPolicyHandler handler(
41 policy::key::kExtensionInstallBlacklist, kTestPref, true);
43 policy_map.Set(policy::key::kExtensionInstallBlacklist,
44 policy::POLICY_LEVEL_MANDATORY,
45 policy::POLICY_SCOPE_USER,
46 list.DeepCopy(),
47 NULL);
48 errors.Clear();
49 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
50 EXPECT_TRUE(errors.empty());
52 list.Append(new base::StringValue("abcdefghijklmnopabcdefghijklmnop"));
53 policy_map.Set(policy::key::kExtensionInstallBlacklist,
54 policy::POLICY_LEVEL_MANDATORY,
55 policy::POLICY_SCOPE_USER,
56 list.DeepCopy(),
57 NULL);
58 errors.Clear();
59 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
60 EXPECT_TRUE(errors.empty());
62 list.Append(new base::StringValue("*"));
63 policy_map.Set(policy::key::kExtensionInstallBlacklist,
64 policy::POLICY_LEVEL_MANDATORY,
65 policy::POLICY_SCOPE_USER,
66 list.DeepCopy(),
67 NULL);
68 errors.Clear();
69 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
70 EXPECT_TRUE(errors.empty());
72 list.Append(new base::StringValue("invalid"));
73 policy_map.Set(policy::key::kExtensionInstallBlacklist,
74 policy::POLICY_LEVEL_MANDATORY,
75 policy::POLICY_SCOPE_USER,
76 list.DeepCopy(),
77 NULL);
78 errors.Clear();
79 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
80 EXPECT_FALSE(errors.empty());
81 EXPECT_FALSE(
82 errors.GetErrors(policy::key::kExtensionInstallBlacklist).empty());
85 TEST(ExtensionListPolicyHandlerTest, ApplyPolicySettings) {
86 base::ListValue policy;
87 base::ListValue expected;
88 policy::PolicyMap policy_map;
89 PrefValueMap prefs;
90 base::Value* value = NULL;
91 ExtensionListPolicyHandler handler(
92 policy::key::kExtensionInstallBlacklist, kTestPref, false);
94 policy.Append(new base::StringValue("abcdefghijklmnopabcdefghijklmnop"));
95 expected.Append(new base::StringValue("abcdefghijklmnopabcdefghijklmnop"));
97 policy_map.Set(policy::key::kExtensionInstallBlacklist,
98 policy::POLICY_LEVEL_MANDATORY,
99 policy::POLICY_SCOPE_USER,
100 policy.DeepCopy(),
101 NULL);
102 handler.ApplyPolicySettings(policy_map, &prefs);
103 EXPECT_TRUE(prefs.GetValue(kTestPref, &value));
104 EXPECT_TRUE(base::Value::Equals(&expected, value));
106 policy.Append(new base::StringValue("invalid"));
107 policy_map.Set(policy::key::kExtensionInstallBlacklist,
108 policy::POLICY_LEVEL_MANDATORY,
109 policy::POLICY_SCOPE_USER,
110 policy.DeepCopy(),
111 NULL);
112 handler.ApplyPolicySettings(policy_map, &prefs);
113 EXPECT_TRUE(prefs.GetValue(kTestPref, &value));
114 EXPECT_TRUE(base::Value::Equals(&expected, value));
117 TEST(ExtensionInstallForcelistPolicyHandlerTest, CheckPolicySettings) {
118 base::ListValue list;
119 policy::PolicyMap policy_map;
120 policy::PolicyErrorMap errors;
121 ExtensionInstallForcelistPolicyHandler handler;
123 policy_map.Set(policy::key::kExtensionInstallForcelist,
124 policy::POLICY_LEVEL_MANDATORY,
125 policy::POLICY_SCOPE_USER,
126 list.DeepCopy(),
127 NULL);
128 errors.Clear();
129 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
130 EXPECT_TRUE(errors.empty());
132 list.AppendString("abcdefghijklmnopabcdefghijklmnop;http://example.com");
133 policy_map.Set(policy::key::kExtensionInstallForcelist,
134 policy::POLICY_LEVEL_MANDATORY,
135 policy::POLICY_SCOPE_USER,
136 list.DeepCopy(),
137 NULL);
138 errors.Clear();
139 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
140 EXPECT_TRUE(errors.empty());
142 // Add an erroneous entry. This should generate an error, but the good
143 // entry should still be translated successfully.
144 list.AppendString("adfasdf;http://example.com");
145 policy_map.Set(policy::key::kExtensionInstallForcelist,
146 policy::POLICY_LEVEL_MANDATORY,
147 policy::POLICY_SCOPE_USER,
148 list.DeepCopy(),
149 NULL);
150 errors.Clear();
151 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
152 EXPECT_EQ(1U, errors.size());
154 // Add an entry with bad URL, which should generate another error.
155 list.AppendString("abcdefghijklmnopabcdefghijklmnop;nourl");
156 policy_map.Set(policy::key::kExtensionInstallForcelist,
157 policy::POLICY_LEVEL_MANDATORY,
158 policy::POLICY_SCOPE_USER,
159 list.DeepCopy(),
160 NULL);
161 errors.Clear();
162 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
163 EXPECT_EQ(2U, errors.size());
165 // Just an extension ID should also generate an error.
166 list.AppendString("abcdefghijklmnopabcdefghijklmnop");
167 policy_map.Set(policy::key::kExtensionInstallForcelist,
168 policy::POLICY_LEVEL_MANDATORY,
169 policy::POLICY_SCOPE_USER,
170 list.DeepCopy(),
171 NULL);
172 errors.Clear();
173 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
174 EXPECT_EQ(3U, errors.size());
177 TEST(ExtensionInstallForcelistPolicyHandlerTest, ApplyPolicySettings) {
178 base::ListValue policy;
179 base::DictionaryValue expected;
180 policy::PolicyMap policy_map;
181 PrefValueMap prefs;
182 base::Value* value = NULL;
183 ExtensionInstallForcelistPolicyHandler handler;
185 handler.ApplyPolicySettings(policy_map, &prefs);
186 EXPECT_FALSE(prefs.GetValue(pref_names::kInstallForceList, &value));
187 EXPECT_FALSE(value);
189 policy_map.Set(policy::key::kExtensionInstallForcelist,
190 policy::POLICY_LEVEL_MANDATORY,
191 policy::POLICY_SCOPE_USER,
192 policy.DeepCopy(),
193 NULL);
194 handler.ApplyPolicySettings(policy_map, &prefs);
195 EXPECT_TRUE(prefs.GetValue(pref_names::kInstallForceList, &value));
196 EXPECT_TRUE(base::Value::Equals(&expected, value));
198 policy.AppendString("abcdefghijklmnopabcdefghijklmnop;http://example.com");
199 extensions::ExternalPolicyLoader::AddExtension(
200 &expected, "abcdefghijklmnopabcdefghijklmnop", "http://example.com");
201 policy_map.Set(policy::key::kExtensionInstallForcelist,
202 policy::POLICY_LEVEL_MANDATORY,
203 policy::POLICY_SCOPE_USER,
204 policy.DeepCopy(),
205 NULL);
206 handler.ApplyPolicySettings(policy_map, &prefs);
207 EXPECT_TRUE(prefs.GetValue(pref_names::kInstallForceList, &value));
208 EXPECT_TRUE(base::Value::Equals(&expected, value));
210 policy.AppendString("invalid");
211 policy_map.Set(policy::key::kExtensionInstallForcelist,
212 policy::POLICY_LEVEL_MANDATORY,
213 policy::POLICY_SCOPE_USER,
214 policy.DeepCopy(),
215 NULL);
216 handler.ApplyPolicySettings(policy_map, &prefs);
217 EXPECT_TRUE(prefs.GetValue(pref_names::kInstallForceList, &value));
218 EXPECT_TRUE(base::Value::Equals(&expected, value));
221 TEST(ExtensionURLPatternListPolicyHandlerTest, CheckPolicySettings) {
222 base::ListValue list;
223 policy::PolicyMap policy_map;
224 policy::PolicyErrorMap errors;
225 ExtensionURLPatternListPolicyHandler handler(
226 policy::key::kExtensionInstallSources, kTestPref);
228 policy_map.Set(policy::key::kExtensionInstallSources,
229 policy::POLICY_LEVEL_MANDATORY,
230 policy::POLICY_SCOPE_USER,
231 list.DeepCopy(),
232 NULL);
233 errors.Clear();
234 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
235 EXPECT_TRUE(errors.empty());
237 list.Append(new base::StringValue("http://*.google.com/*"));
238 policy_map.Set(policy::key::kExtensionInstallSources,
239 policy::POLICY_LEVEL_MANDATORY,
240 policy::POLICY_SCOPE_USER,
241 list.DeepCopy(),
242 NULL);
243 errors.Clear();
244 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
245 EXPECT_TRUE(errors.empty());
247 list.Append(new base::StringValue("<all_urls>"));
248 policy_map.Set(policy::key::kExtensionInstallSources,
249 policy::POLICY_LEVEL_MANDATORY,
250 policy::POLICY_SCOPE_USER,
251 list.DeepCopy(),
252 NULL);
253 errors.Clear();
254 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
255 EXPECT_TRUE(errors.empty());
257 list.Append(new base::StringValue("invalid"));
258 policy_map.Set(policy::key::kExtensionInstallSources,
259 policy::POLICY_LEVEL_MANDATORY,
260 policy::POLICY_SCOPE_USER,
261 list.DeepCopy(),
262 NULL);
263 errors.Clear();
264 EXPECT_FALSE(handler.CheckPolicySettings(policy_map, &errors));
265 EXPECT_FALSE(errors.empty());
266 EXPECT_FALSE(errors.GetErrors(policy::key::kExtensionInstallSources).empty());
268 // URLPattern syntax has a different way to express 'all urls'. Though '*'
269 // would be compatible today, it would be brittle, so we disallow.
270 list.Append(new base::StringValue("*"));
271 policy_map.Set(policy::key::kExtensionInstallSources,
272 policy::POLICY_LEVEL_MANDATORY,
273 policy::POLICY_SCOPE_USER,
274 list.DeepCopy(),
275 NULL);
276 errors.Clear();
277 EXPECT_FALSE(handler.CheckPolicySettings(policy_map, &errors));
278 EXPECT_FALSE(errors.empty());
279 EXPECT_FALSE(errors.GetErrors(policy::key::kExtensionInstallSources).empty());
282 TEST(ExtensionURLPatternListPolicyHandlerTest, ApplyPolicySettings) {
283 base::ListValue list;
284 policy::PolicyMap policy_map;
285 PrefValueMap prefs;
286 base::Value* value = NULL;
287 ExtensionURLPatternListPolicyHandler handler(
288 policy::key::kExtensionInstallSources, kTestPref);
290 list.Append(new base::StringValue("https://corp.monkey.net/*"));
291 policy_map.Set(policy::key::kExtensionInstallSources,
292 policy::POLICY_LEVEL_MANDATORY,
293 policy::POLICY_SCOPE_USER,
294 list.DeepCopy(),
295 NULL);
296 handler.ApplyPolicySettings(policy_map, &prefs);
297 ASSERT_TRUE(prefs.GetValue(kTestPref, &value));
298 EXPECT_TRUE(base::Value::Equals(&list, value));
301 TEST(ExtensionSettingsPolicyHandlerTest, CheckPolicySettings) {
302 std::string error;
303 scoped_ptr<base::Value> policy_value = base::JSONReader::ReadAndReturnError(
304 kTestManagementPolicy1,
305 base::JSONParserOptions::JSON_ALLOW_TRAILING_COMMAS, NULL, &error);
306 ASSERT_TRUE(policy_value.get()) << error;
308 policy::Schema chrome_schema =
309 policy::Schema::Wrap(policy::GetChromeSchemaData());
310 policy::PolicyMap policy_map;
311 policy::PolicyErrorMap errors;
312 ExtensionSettingsPolicyHandler handler(chrome_schema);
314 policy_map.Set(policy::key::kExtensionSettings,
315 policy::POLICY_LEVEL_MANDATORY,
316 policy::POLICY_SCOPE_USER,
317 policy_value.release(),
318 NULL);
319 // CheckPolicySettings() fails due to missing update URL.
320 EXPECT_FALSE(handler.CheckPolicySettings(policy_map, &errors));
321 EXPECT_FALSE(errors.empty());
324 TEST(ExtensionSettingsPolicyHandlerTest, ApplyPolicySettings) {
325 std::string error;
326 scoped_ptr<base::Value> policy_value = base::JSONReader::ReadAndReturnError(
327 kTestManagementPolicy2,
328 base::JSONParserOptions::JSON_ALLOW_TRAILING_COMMAS, NULL, &error);
329 ASSERT_TRUE(policy_value.get()) << error;
331 policy::Schema chrome_schema =
332 policy::Schema::Wrap(policy::GetChromeSchemaData());
333 policy::PolicyMap policy_map;
334 policy::PolicyErrorMap errors;
335 PrefValueMap prefs;
336 ExtensionSettingsPolicyHandler handler(chrome_schema);
338 policy_map.Set(policy::key::kExtensionSettings,
339 policy::POLICY_LEVEL_MANDATORY,
340 policy::POLICY_SCOPE_USER,
341 policy_value->DeepCopy(),
342 NULL);
343 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
344 handler.ApplyPolicySettings(policy_map, &prefs);
345 base::Value* value = NULL;
346 ASSERT_TRUE(prefs.GetValue(pref_names::kExtensionManagement, &value));
347 EXPECT_TRUE(base::Value::Equals(policy_value.get(), value));
350 } // namespace extensions