1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h"
8 #include "base/bind_helpers.h"
9 #include "base/file_util.h"
10 #include "base/files/scoped_temp_dir.h"
11 #include "base/memory/scoped_ptr.h"
12 #include "base/path_service.h"
13 #include "base/run_loop.h"
14 #include "base/threading/worker_pool.h"
15 #include "chrome/browser/chromeos/policy/proto/install_attributes.pb.h"
16 #include "chromeos/chromeos_paths.h"
17 #include "chromeos/cryptohome/cryptohome_util.h"
18 #include "chromeos/dbus/cryptohome_client.h"
19 #include "chromeos/dbus/dbus_thread_manager.h"
20 #include "google_apis/gaia/gaia_auth_util.h"
21 #include "testing/gtest/include/gtest/gtest.h"
25 namespace cryptohome_util = chromeos::cryptohome_util;
29 void CopyLockResult(base::RunLoop* loop,
30 EnterpriseInstallAttributes::LockResult* out,
31 EnterpriseInstallAttributes::LockResult result) {
38 static const char kTestUser[] = "test@example.com";
39 static const char kTestUserCanonicalize[] = "UPPER.CASE@example.com";
40 static const char kTestDomain[] = "example.com";
41 static const char kTestDeviceId[] = "133750519";
43 class EnterpriseInstallAttributesTest : public testing::Test {
45 EnterpriseInstallAttributesTest() {}
47 virtual void SetUp() OVERRIDE {
48 ASSERT_TRUE(temp_dir_.CreateUniqueTempDir());
49 ASSERT_TRUE(PathService::OverrideAndCreateIfNeeded(
50 chromeos::FILE_INSTALL_ATTRIBUTES, GetTempPath(), true, false));
51 chromeos::DBusThreadManager::InitializeWithStub();
52 install_attributes_.reset(new EnterpriseInstallAttributes(
53 chromeos::DBusThreadManager::Get()->GetCryptohomeClient()));
56 virtual void TearDown() OVERRIDE {
57 chromeos::DBusThreadManager::Shutdown();
60 base::FilePath GetTempPath() const {
61 base::FilePath temp_path = base::MakeAbsoluteFilePath(temp_dir_.path());
62 return temp_path.Append("install_attrs_test");
66 cryptohome::SerializedInstallAttributes* install_attrs_proto,
67 const std::string& name,
68 const std::string& value) {
69 cryptohome::SerializedInstallAttributes::Attribute* attribute;
70 attribute = install_attrs_proto->add_attributes();
71 attribute->set_name(name);
72 attribute->set_value(value);
75 base::MessageLoopForUI message_loop_;
76 base::ScopedTempDir temp_dir_;
77 scoped_ptr<EnterpriseInstallAttributes> install_attributes_;
79 EnterpriseInstallAttributes::LockResult LockDeviceAndWaitForResult(
80 const std::string& user,
81 DeviceMode device_mode,
82 const std::string& device_id) {
84 EnterpriseInstallAttributes::LockResult result;
85 install_attributes_->LockDevice(
89 base::Bind(&CopyLockResult, &loop, &result));
95 TEST_F(EnterpriseInstallAttributesTest, Lock) {
96 EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
97 LockDeviceAndWaitForResult(
99 DEVICE_MODE_ENTERPRISE,
102 EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
103 LockDeviceAndWaitForResult(
105 DEVICE_MODE_ENTERPRISE,
107 // Another user from the same domain should also succeed.
108 EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
109 LockDeviceAndWaitForResult(
111 DEVICE_MODE_ENTERPRISE,
113 // But another domain should fail.
114 EXPECT_EQ(EnterpriseInstallAttributes::LOCK_WRONG_USER,
115 LockDeviceAndWaitForResult(
116 "test@bluebears.com",
117 DEVICE_MODE_ENTERPRISE,
121 TEST_F(EnterpriseInstallAttributesTest, LockCanonicalize) {
122 EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
123 LockDeviceAndWaitForResult(
124 kTestUserCanonicalize,
125 DEVICE_MODE_ENTERPRISE,
127 EXPECT_EQ(gaia::CanonicalizeEmail(kTestUserCanonicalize),
128 install_attributes_->GetRegistrationUser());
131 TEST_F(EnterpriseInstallAttributesTest, IsEnterpriseDevice) {
132 install_attributes_->ReadCacheFile(GetTempPath());
133 EXPECT_FALSE(install_attributes_->IsEnterpriseDevice());
134 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
135 LockDeviceAndWaitForResult(
137 DEVICE_MODE_ENTERPRISE,
139 EXPECT_TRUE(install_attributes_->IsEnterpriseDevice());
142 TEST_F(EnterpriseInstallAttributesTest, GetDomain) {
143 install_attributes_->ReadCacheFile(GetTempPath());
144 EXPECT_EQ(std::string(), install_attributes_->GetDomain());
145 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
146 LockDeviceAndWaitForResult(
148 DEVICE_MODE_ENTERPRISE,
150 EXPECT_EQ(kTestDomain, install_attributes_->GetDomain());
153 TEST_F(EnterpriseInstallAttributesTest, GetRegistrationUser) {
154 install_attributes_->ReadCacheFile(GetTempPath());
155 EXPECT_EQ(std::string(), install_attributes_->GetRegistrationUser());
156 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
157 LockDeviceAndWaitForResult(
159 DEVICE_MODE_ENTERPRISE,
161 EXPECT_EQ(kTestUser, install_attributes_->GetRegistrationUser());
164 TEST_F(EnterpriseInstallAttributesTest, GetDeviceId) {
165 install_attributes_->ReadCacheFile(GetTempPath());
166 EXPECT_EQ(std::string(), install_attributes_->GetDeviceId());
167 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
168 LockDeviceAndWaitForResult(
170 DEVICE_MODE_ENTERPRISE,
172 EXPECT_EQ(kTestDeviceId, install_attributes_->GetDeviceId());
175 TEST_F(EnterpriseInstallAttributesTest, GetMode) {
176 install_attributes_->ReadCacheFile(GetTempPath());
177 EXPECT_EQ(DEVICE_MODE_PENDING, install_attributes_->GetMode());
178 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
179 LockDeviceAndWaitForResult(
181 DEVICE_MODE_RETAIL_KIOSK,
183 EXPECT_EQ(DEVICE_MODE_RETAIL_KIOSK,
184 install_attributes_->GetMode());
187 TEST_F(EnterpriseInstallAttributesTest, ConsumerDevice) {
188 install_attributes_->ReadCacheFile(GetTempPath());
189 EXPECT_EQ(DEVICE_MODE_PENDING, install_attributes_->GetMode());
190 // Lock the attributes empty.
191 ASSERT_TRUE(cryptohome_util::InstallAttributesFinalize());
193 install_attributes_->ReadImmutableAttributes(loop.QuitClosure());
196 ASSERT_FALSE(cryptohome_util::InstallAttributesIsFirstInstall());
197 EXPECT_EQ(DEVICE_MODE_CONSUMER, install_attributes_->GetMode());
200 TEST_F(EnterpriseInstallAttributesTest, ConsumerKioskDevice) {
201 install_attributes_->ReadCacheFile(GetTempPath());
202 EXPECT_EQ(DEVICE_MODE_PENDING, install_attributes_->GetMode());
203 // Lock the attributes for consumer kiosk.
204 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
205 LockDeviceAndWaitForResult(
207 DEVICE_MODE_CONSUMER_KIOSK_AUTOLAUNCH,
210 ASSERT_FALSE(cryptohome_util::InstallAttributesIsFirstInstall());
211 EXPECT_EQ(DEVICE_MODE_CONSUMER_KIOSK_AUTOLAUNCH,
212 install_attributes_->GetMode());
213 ASSERT_TRUE(install_attributes_->IsConsumerKioskDeviceWithAutoLaunch());
216 TEST_F(EnterpriseInstallAttributesTest, DeviceLockedFromOlderVersion) {
217 install_attributes_->ReadCacheFile(GetTempPath());
218 EXPECT_EQ(DEVICE_MODE_PENDING, install_attributes_->GetMode());
219 // Lock the attributes as if it was done from older Chrome version.
220 ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
221 EnterpriseInstallAttributes::kAttrEnterpriseOwned, "true"));
222 ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
223 EnterpriseInstallAttributes::kAttrEnterpriseUser, kTestUser));
224 ASSERT_TRUE(cryptohome_util::InstallAttributesFinalize());
226 install_attributes_->ReadImmutableAttributes(loop.QuitClosure());
229 ASSERT_FALSE(cryptohome_util::InstallAttributesIsFirstInstall());
230 EXPECT_EQ(DEVICE_MODE_ENTERPRISE, install_attributes_->GetMode());
231 EXPECT_EQ(kTestDomain, install_attributes_->GetDomain());
232 EXPECT_EQ(kTestUser, install_attributes_->GetRegistrationUser());
233 EXPECT_EQ("", install_attributes_->GetDeviceId());
236 TEST_F(EnterpriseInstallAttributesTest, ReadCacheFile) {
237 cryptohome::SerializedInstallAttributes install_attrs_proto;
238 SetAttribute(&install_attrs_proto,
239 EnterpriseInstallAttributes::kAttrEnterpriseOwned, "true");
240 SetAttribute(&install_attrs_proto,
241 EnterpriseInstallAttributes::kAttrEnterpriseUser, kTestUser);
242 const std::string blob(install_attrs_proto.SerializeAsString());
243 ASSERT_EQ(static_cast<int>(blob.size()),
244 base::WriteFile(GetTempPath(), blob.c_str(), blob.size()));
245 install_attributes_->ReadCacheFile(GetTempPath());
246 EXPECT_EQ(DEVICE_MODE_ENTERPRISE, install_attributes_->GetMode());
247 EXPECT_EQ(kTestDomain, install_attributes_->GetDomain());
248 EXPECT_EQ(kTestUser, install_attributes_->GetRegistrationUser());
249 EXPECT_EQ("", install_attributes_->GetDeviceId());
252 TEST_F(EnterpriseInstallAttributesTest, ReadCacheFileForConsumerKiosk) {
253 cryptohome::SerializedInstallAttributes install_attrs_proto;
254 SetAttribute(&install_attrs_proto,
255 EnterpriseInstallAttributes::kAttrConsumerKioskEnabled, "true");
256 const std::string blob(install_attrs_proto.SerializeAsString());
257 ASSERT_EQ(static_cast<int>(blob.size()),
258 base::WriteFile(GetTempPath(), blob.c_str(), blob.size()));
259 install_attributes_->ReadCacheFile(GetTempPath());
260 EXPECT_EQ(DEVICE_MODE_CONSUMER_KIOSK_AUTOLAUNCH,
261 install_attributes_->GetMode());
262 EXPECT_EQ("", install_attributes_->GetDomain());
263 EXPECT_EQ("", install_attributes_->GetRegistrationUser());
264 EXPECT_EQ("", install_attributes_->GetDeviceId());
267 TEST_F(EnterpriseInstallAttributesTest, VerifyFakeInstallAttributesCache) {
268 // This test verifies that FakeCryptohomeClient::InstallAttributesFinalize
269 // writes a cache that EnterpriseInstallAttributes::ReadCacheFile accepts.
271 // Verify that no attributes are initially set.
272 install_attributes_->ReadCacheFile(GetTempPath());
273 EXPECT_EQ("", install_attributes_->GetRegistrationUser());
275 // Write test values.
276 ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
277 EnterpriseInstallAttributes::kAttrEnterpriseOwned, "true"));
278 ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
279 EnterpriseInstallAttributes::kAttrEnterpriseUser, kTestUser));
280 ASSERT_TRUE(cryptohome_util::InstallAttributesFinalize());
281 // Wait for the async write.
283 base::WorkerPool::PostTaskAndReply(
284 FROM_HERE, base::Bind(&base::DoNothing), loop.QuitClosure(), false);
287 // Verify that EnterpriseInstallAttributes correctly decodes the stub
289 install_attributes_->ReadCacheFile(GetTempPath());
290 EXPECT_EQ(kTestUser, install_attributes_->GetRegistrationUser());
293 } // namespace policy