1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h"
8 #include "base/bind_helpers.h"
9 #include "base/files/file_util.h"
10 #include "base/files/scoped_temp_dir.h"
11 #include "base/memory/scoped_ptr.h"
12 #include "base/path_service.h"
13 #include "base/run_loop.h"
14 #include "chrome/browser/chromeos/policy/proto/install_attributes.pb.h"
15 #include "chromeos/chromeos_paths.h"
16 #include "chromeos/cryptohome/cryptohome_util.h"
17 #include "chromeos/dbus/cryptohome_client.h"
18 #include "chromeos/dbus/dbus_thread_manager.h"
19 #include "google_apis/gaia/gaia_auth_util.h"
20 #include "testing/gtest/include/gtest/gtest.h"
24 namespace cryptohome_util
= chromeos::cryptohome_util
;
28 void CopyLockResult(base::RunLoop
* loop
,
29 EnterpriseInstallAttributes::LockResult
* out
,
30 EnterpriseInstallAttributes::LockResult result
) {
37 static const char kTestUser
[] = "test@example.com";
38 static const char kTestUserCanonicalize
[] = "UPPER.CASE@example.com";
39 static const char kTestDomain
[] = "example.com";
40 static const char kTestDeviceId
[] = "133750519";
42 class EnterpriseInstallAttributesTest
: public testing::Test
{
44 EnterpriseInstallAttributesTest() {}
46 void SetUp() override
{
47 ASSERT_TRUE(temp_dir_
.CreateUniqueTempDir());
48 ASSERT_TRUE(PathService::OverrideAndCreateIfNeeded(
49 chromeos::FILE_INSTALL_ATTRIBUTES
, GetTempPath(), true, false));
50 chromeos::DBusThreadManager::Initialize();
51 install_attributes_
.reset(new EnterpriseInstallAttributes(
52 chromeos::DBusThreadManager::Get()->GetCryptohomeClient()));
55 void TearDown() override
{ chromeos::DBusThreadManager::Shutdown(); }
57 base::FilePath
GetTempPath() const {
58 base::FilePath temp_path
= base::MakeAbsoluteFilePath(temp_dir_
.path());
59 return temp_path
.Append("install_attrs_test");
63 cryptohome::SerializedInstallAttributes
* install_attrs_proto
,
64 const std::string
& name
,
65 const std::string
& value
) {
66 cryptohome::SerializedInstallAttributes::Attribute
* attribute
;
67 attribute
= install_attrs_proto
->add_attributes();
68 attribute
->set_name(name
);
69 attribute
->set_value(value
);
72 base::MessageLoopForUI message_loop_
;
73 base::ScopedTempDir temp_dir_
;
74 scoped_ptr
<EnterpriseInstallAttributes
> install_attributes_
;
76 EnterpriseInstallAttributes::LockResult
LockDeviceAndWaitForResult(
77 const std::string
& user
,
78 DeviceMode device_mode
,
79 const std::string
& device_id
) {
81 EnterpriseInstallAttributes::LockResult result
;
82 install_attributes_
->LockDevice(
86 base::Bind(&CopyLockResult
, &loop
, &result
));
92 TEST_F(EnterpriseInstallAttributesTest
, Lock
) {
93 EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS
,
94 LockDeviceAndWaitForResult(
96 DEVICE_MODE_ENTERPRISE
,
99 EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS
,
100 LockDeviceAndWaitForResult(
102 DEVICE_MODE_ENTERPRISE
,
104 // Another user from the same domain should also succeed.
105 EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS
,
106 LockDeviceAndWaitForResult(
108 DEVICE_MODE_ENTERPRISE
,
110 // But another domain should fail.
111 EXPECT_EQ(EnterpriseInstallAttributes::LOCK_WRONG_DOMAIN
,
112 LockDeviceAndWaitForResult(
113 "test@bluebears.com",
114 DEVICE_MODE_ENTERPRISE
,
118 TEST_F(EnterpriseInstallAttributesTest
, LockCanonicalize
) {
119 EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS
,
120 LockDeviceAndWaitForResult(
121 kTestUserCanonicalize
,
122 DEVICE_MODE_ENTERPRISE
,
124 EXPECT_EQ(gaia::CanonicalizeEmail(kTestUserCanonicalize
),
125 install_attributes_
->GetRegistrationUser());
128 TEST_F(EnterpriseInstallAttributesTest
, IsEnterpriseDevice
) {
129 install_attributes_
->ReadCacheFile(GetTempPath());
130 EXPECT_FALSE(install_attributes_
->IsEnterpriseDevice());
131 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS
,
132 LockDeviceAndWaitForResult(
134 DEVICE_MODE_ENTERPRISE
,
136 EXPECT_TRUE(install_attributes_
->IsEnterpriseDevice());
139 TEST_F(EnterpriseInstallAttributesTest
, GetDomain
) {
140 install_attributes_
->ReadCacheFile(GetTempPath());
141 EXPECT_EQ(std::string(), install_attributes_
->GetDomain());
142 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS
,
143 LockDeviceAndWaitForResult(
145 DEVICE_MODE_ENTERPRISE
,
147 EXPECT_EQ(kTestDomain
, install_attributes_
->GetDomain());
150 TEST_F(EnterpriseInstallAttributesTest
, GetRegistrationUser
) {
151 install_attributes_
->ReadCacheFile(GetTempPath());
152 EXPECT_EQ(std::string(), install_attributes_
->GetRegistrationUser());
153 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS
,
154 LockDeviceAndWaitForResult(
156 DEVICE_MODE_ENTERPRISE
,
158 EXPECT_EQ(kTestUser
, install_attributes_
->GetRegistrationUser());
161 TEST_F(EnterpriseInstallAttributesTest
, GetDeviceId
) {
162 install_attributes_
->ReadCacheFile(GetTempPath());
163 EXPECT_EQ(std::string(), install_attributes_
->GetDeviceId());
164 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS
,
165 LockDeviceAndWaitForResult(
167 DEVICE_MODE_ENTERPRISE
,
169 EXPECT_EQ(kTestDeviceId
, install_attributes_
->GetDeviceId());
172 TEST_F(EnterpriseInstallAttributesTest
, GetMode
) {
173 install_attributes_
->ReadCacheFile(GetTempPath());
174 EXPECT_EQ(DEVICE_MODE_PENDING
, install_attributes_
->GetMode());
175 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS
,
176 LockDeviceAndWaitForResult(kTestUser
, DEVICE_MODE_ENTERPRISE
,
178 EXPECT_EQ(DEVICE_MODE_ENTERPRISE
, install_attributes_
->GetMode());
181 TEST_F(EnterpriseInstallAttributesTest
, ConsumerDevice
) {
182 install_attributes_
->ReadCacheFile(GetTempPath());
183 EXPECT_EQ(DEVICE_MODE_PENDING
, install_attributes_
->GetMode());
184 // Lock the attributes empty.
185 ASSERT_TRUE(cryptohome_util::InstallAttributesFinalize());
187 install_attributes_
->ReadImmutableAttributes(loop
.QuitClosure());
190 ASSERT_FALSE(cryptohome_util::InstallAttributesIsFirstInstall());
191 EXPECT_EQ(DEVICE_MODE_CONSUMER
, install_attributes_
->GetMode());
194 TEST_F(EnterpriseInstallAttributesTest
, ConsumerKioskDevice
) {
195 install_attributes_
->ReadCacheFile(GetTempPath());
196 EXPECT_EQ(DEVICE_MODE_PENDING
, install_attributes_
->GetMode());
197 // Lock the attributes for consumer kiosk.
198 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS
,
199 LockDeviceAndWaitForResult(
201 DEVICE_MODE_CONSUMER_KIOSK_AUTOLAUNCH
,
204 ASSERT_FALSE(cryptohome_util::InstallAttributesIsFirstInstall());
205 EXPECT_EQ(DEVICE_MODE_CONSUMER_KIOSK_AUTOLAUNCH
,
206 install_attributes_
->GetMode());
207 ASSERT_TRUE(install_attributes_
->IsConsumerKioskDeviceWithAutoLaunch());
210 TEST_F(EnterpriseInstallAttributesTest
, DeviceLockedFromOlderVersion
) {
211 install_attributes_
->ReadCacheFile(GetTempPath());
212 EXPECT_EQ(DEVICE_MODE_PENDING
, install_attributes_
->GetMode());
213 // Lock the attributes as if it was done from older Chrome version.
214 ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
215 EnterpriseInstallAttributes::kAttrEnterpriseOwned
, "true"));
216 ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
217 EnterpriseInstallAttributes::kAttrEnterpriseUser
, kTestUser
));
218 ASSERT_TRUE(cryptohome_util::InstallAttributesFinalize());
220 install_attributes_
->ReadImmutableAttributes(loop
.QuitClosure());
223 ASSERT_FALSE(cryptohome_util::InstallAttributesIsFirstInstall());
224 EXPECT_EQ(DEVICE_MODE_ENTERPRISE
, install_attributes_
->GetMode());
225 EXPECT_EQ(kTestDomain
, install_attributes_
->GetDomain());
226 EXPECT_EQ(kTestUser
, install_attributes_
->GetRegistrationUser());
227 EXPECT_EQ("", install_attributes_
->GetDeviceId());
230 TEST_F(EnterpriseInstallAttributesTest
, ReadCacheFile
) {
231 cryptohome::SerializedInstallAttributes install_attrs_proto
;
232 SetAttribute(&install_attrs_proto
,
233 EnterpriseInstallAttributes::kAttrEnterpriseOwned
, "true");
234 SetAttribute(&install_attrs_proto
,
235 EnterpriseInstallAttributes::kAttrEnterpriseUser
, kTestUser
);
236 const std::string
blob(install_attrs_proto
.SerializeAsString());
237 ASSERT_EQ(static_cast<int>(blob
.size()),
238 base::WriteFile(GetTempPath(), blob
.c_str(), blob
.size()));
239 install_attributes_
->ReadCacheFile(GetTempPath());
240 EXPECT_EQ(DEVICE_MODE_ENTERPRISE
, install_attributes_
->GetMode());
241 EXPECT_EQ(kTestDomain
, install_attributes_
->GetDomain());
242 EXPECT_EQ(kTestUser
, install_attributes_
->GetRegistrationUser());
243 EXPECT_EQ("", install_attributes_
->GetDeviceId());
246 TEST_F(EnterpriseInstallAttributesTest
, ReadCacheFileForConsumerKiosk
) {
247 cryptohome::SerializedInstallAttributes install_attrs_proto
;
248 SetAttribute(&install_attrs_proto
,
249 EnterpriseInstallAttributes::kAttrConsumerKioskEnabled
, "true");
250 const std::string
blob(install_attrs_proto
.SerializeAsString());
251 ASSERT_EQ(static_cast<int>(blob
.size()),
252 base::WriteFile(GetTempPath(), blob
.c_str(), blob
.size()));
253 install_attributes_
->ReadCacheFile(GetTempPath());
254 EXPECT_EQ(DEVICE_MODE_CONSUMER_KIOSK_AUTOLAUNCH
,
255 install_attributes_
->GetMode());
256 EXPECT_EQ("", install_attributes_
->GetDomain());
257 EXPECT_EQ("", install_attributes_
->GetRegistrationUser());
258 EXPECT_EQ("", install_attributes_
->GetDeviceId());
261 TEST_F(EnterpriseInstallAttributesTest
, VerifyFakeInstallAttributesCache
) {
262 // This test verifies that FakeCryptohomeClient::InstallAttributesFinalize
263 // writes a cache that EnterpriseInstallAttributes::ReadCacheFile accepts.
265 // Verify that no attributes are initially set.
266 install_attributes_
->ReadCacheFile(GetTempPath());
267 EXPECT_EQ("", install_attributes_
->GetRegistrationUser());
269 // Write test values.
270 ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
271 EnterpriseInstallAttributes::kAttrEnterpriseOwned
, "true"));
272 ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
273 EnterpriseInstallAttributes::kAttrEnterpriseUser
, kTestUser
));
274 ASSERT_TRUE(cryptohome_util::InstallAttributesFinalize());
276 // Verify that EnterpriseInstallAttributes correctly decodes the stub
278 install_attributes_
->ReadCacheFile(GetTempPath());
279 EXPECT_EQ(kTestUser
, install_attributes_
->GetRegistrationUser());
282 } // namespace policy