src/chrome/browser/chromeos/policy/enterprise_install_attributes_unittest.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h"
   6
   7 #include "base/bind.h"
   8 #include "base/bind_helpers.h"
   9 #include "base/file_util.h"
  10 #include "base/files/scoped_temp_dir.h"
  11 #include "base/memory/scoped_ptr.h"
  12 #include "base/path_service.h"
  13 #include "base/run_loop.h"
  14 #include "base/threading/worker_pool.h"
  15 #include "chrome/browser/chromeos/policy/proto/install_attributes.pb.h"
  16 #include "chromeos/chromeos_paths.h"
  17 #include "chromeos/cryptohome/cryptohome_util.h"
  18 #include "chromeos/dbus/cryptohome_client.h"
  19 #include "chromeos/dbus/dbus_thread_manager.h"
  20 #include "google_apis/gaia/gaia_auth_util.h"
  21 #include "testing/gtest/include/gtest/gtest.h"
  22
  23 namespace policy {
  24
  25 namespace cryptohome_util = chromeos::cryptohome_util;
  26
  27 namespace {
  28
  29 void CopyLockResult(base::RunLoop* loop,
  30                     EnterpriseInstallAttributes::LockResult* out,
  31                     EnterpriseInstallAttributes::LockResult result) {
  32   *out = result;
  33   loop->Quit();
  34 }
  35
  36 }  // namespace
  37
  38 static const char kTestUser[] = "test@example.com";
  39 static const char kTestUserCanonicalize[] = "UPPER.CASE@example.com";
  40 static const char kTestDomain[] = "example.com";
  41 static const char kTestDeviceId[] = "133750519";
  42
  43 class EnterpriseInstallAttributesTest : public testing::Test {
  44  protected:
  45   EnterpriseInstallAttributesTest() {}
  46
  47   virtual void SetUp() OVERRIDE {
  48     ASSERT_TRUE(temp_dir_.CreateUniqueTempDir());
  49     ASSERT_TRUE(PathService::OverrideAndCreateIfNeeded(
  50         chromeos::FILE_INSTALL_ATTRIBUTES, GetTempPath(), true, false));
  51     chromeos::DBusThreadManager::InitializeWithStub();
  52     install_attributes_.reset(new EnterpriseInstallAttributes(
  53         chromeos::DBusThreadManager::Get()->GetCryptohomeClient()));
  54   }
  55
  56   virtual void TearDown() OVERRIDE {
  57     chromeos::DBusThreadManager::Shutdown();
  58   }
  59
  60   base::FilePath GetTempPath() const {
  61     base::FilePath temp_path = base::MakeAbsoluteFilePath(temp_dir_.path());
  62     return temp_path.Append("install_attrs_test");
  63   }
  64
  65   void SetAttribute(
  66       cryptohome::SerializedInstallAttributes* install_attrs_proto,
  67       const std::string& name,
  68       const std::string& value) {
  69     cryptohome::SerializedInstallAttributes::Attribute* attribute;
  70     attribute = install_attrs_proto->add_attributes();
  71     attribute->set_name(name);
  72     attribute->set_value(value);
  73   }
  74
  75   base::MessageLoopForUI message_loop_;
  76   base::ScopedTempDir temp_dir_;
  77   scoped_ptr<EnterpriseInstallAttributes> install_attributes_;
  78
  79   EnterpriseInstallAttributes::LockResult LockDeviceAndWaitForResult(
  80       const std::string& user,
  81       DeviceMode device_mode,
  82       const std::string& device_id) {
  83     base::RunLoop loop;
  84     EnterpriseInstallAttributes::LockResult result;
  85     install_attributes_->LockDevice(
  86         user,
  87         device_mode,
  88         device_id,
  89         base::Bind(&CopyLockResult, &loop, &result));
  90     loop.Run();
  91     return result;
  92   }
  93 };
  94
  95 TEST_F(EnterpriseInstallAttributesTest, Lock) {
  96   EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
  97             LockDeviceAndWaitForResult(
  98                 kTestUser,
  99                 DEVICE_MODE_ENTERPRISE,
 100                 kTestDeviceId));
 101
 102   EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
 103             LockDeviceAndWaitForResult(
 104                 kTestUser,
 105                 DEVICE_MODE_ENTERPRISE,
 106                 kTestDeviceId));
 107   // Another user from the same domain should also succeed.
 108   EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
 109             LockDeviceAndWaitForResult(
 110                 "test1@example.com",
 111                 DEVICE_MODE_ENTERPRISE,
 112                 kTestDeviceId));
 113   // But another domain should fail.
 114   EXPECT_EQ(EnterpriseInstallAttributes::LOCK_WRONG_USER,
 115             LockDeviceAndWaitForResult(
 116                 "test@bluebears.com",
 117                 DEVICE_MODE_ENTERPRISE,
 118                 kTestDeviceId));
 119 }
 120
 121 TEST_F(EnterpriseInstallAttributesTest, LockCanonicalize) {
 122   EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
 123             LockDeviceAndWaitForResult(
 124                 kTestUserCanonicalize,
 125                 DEVICE_MODE_ENTERPRISE,
 126                 kTestDeviceId));
 127   EXPECT_EQ(gaia::CanonicalizeEmail(kTestUserCanonicalize),
 128             install_attributes_->GetRegistrationUser());
 129 }
 130
 131 TEST_F(EnterpriseInstallAttributesTest, IsEnterpriseDevice) {
 132   install_attributes_->ReadCacheFile(GetTempPath());
 133   EXPECT_FALSE(install_attributes_->IsEnterpriseDevice());
 134   ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
 135             LockDeviceAndWaitForResult(
 136                 kTestUser,
 137                 DEVICE_MODE_ENTERPRISE,
 138                 kTestDeviceId));
 139   EXPECT_TRUE(install_attributes_->IsEnterpriseDevice());
 140 }
 141
 142 TEST_F(EnterpriseInstallAttributesTest, GetDomain) {
 143   install_attributes_->ReadCacheFile(GetTempPath());
 144   EXPECT_EQ(std::string(), install_attributes_->GetDomain());
 145   ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
 146             LockDeviceAndWaitForResult(
 147                 kTestUser,
 148                 DEVICE_MODE_ENTERPRISE,
 149                 kTestDeviceId));
 150   EXPECT_EQ(kTestDomain, install_attributes_->GetDomain());
 151 }
 152
 153 TEST_F(EnterpriseInstallAttributesTest, GetRegistrationUser) {
 154   install_attributes_->ReadCacheFile(GetTempPath());
 155   EXPECT_EQ(std::string(), install_attributes_->GetRegistrationUser());
 156   ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
 157             LockDeviceAndWaitForResult(
 158                 kTestUser,
 159                 DEVICE_MODE_ENTERPRISE,
 160                 kTestDeviceId));
 161   EXPECT_EQ(kTestUser, install_attributes_->GetRegistrationUser());
 162 }
 163
 164 TEST_F(EnterpriseInstallAttributesTest, GetDeviceId) {
 165   install_attributes_->ReadCacheFile(GetTempPath());
 166   EXPECT_EQ(std::string(), install_attributes_->GetDeviceId());
 167   ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
 168             LockDeviceAndWaitForResult(
 169                 kTestUser,
 170                 DEVICE_MODE_ENTERPRISE,
 171                 kTestDeviceId));
 172   EXPECT_EQ(kTestDeviceId, install_attributes_->GetDeviceId());
 173 }
 174
 175 TEST_F(EnterpriseInstallAttributesTest, GetMode) {
 176   install_attributes_->ReadCacheFile(GetTempPath());
 177   EXPECT_EQ(DEVICE_MODE_PENDING, install_attributes_->GetMode());
 178   ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
 179             LockDeviceAndWaitForResult(
 180                 kTestUser,
 181                 DEVICE_MODE_RETAIL_KIOSK,
 182                 kTestDeviceId));
 183   EXPECT_EQ(DEVICE_MODE_RETAIL_KIOSK,
 184             install_attributes_->GetMode());
 185 }
 186
 187 TEST_F(EnterpriseInstallAttributesTest, ConsumerDevice) {
 188   install_attributes_->ReadCacheFile(GetTempPath());
 189   EXPECT_EQ(DEVICE_MODE_PENDING, install_attributes_->GetMode());
 190   // Lock the attributes empty.
 191   ASSERT_TRUE(cryptohome_util::InstallAttributesFinalize());
 192   base::RunLoop loop;
 193   install_attributes_->ReadImmutableAttributes(loop.QuitClosure());
 194   loop.Run();
 195
 196   ASSERT_FALSE(cryptohome_util::InstallAttributesIsFirstInstall());
 197   EXPECT_EQ(DEVICE_MODE_CONSUMER, install_attributes_->GetMode());
 198 }
 199
 200 TEST_F(EnterpriseInstallAttributesTest, ConsumerKioskDevice) {
 201   install_attributes_->ReadCacheFile(GetTempPath());
 202   EXPECT_EQ(DEVICE_MODE_PENDING, install_attributes_->GetMode());
 203   // Lock the attributes for consumer kiosk.
 204   ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
 205             LockDeviceAndWaitForResult(
 206                 std::string(),
 207                 DEVICE_MODE_CONSUMER_KIOSK_AUTOLAUNCH,
 208                 std::string()));
 209
 210   ASSERT_FALSE(cryptohome_util::InstallAttributesIsFirstInstall());
 211   EXPECT_EQ(DEVICE_MODE_CONSUMER_KIOSK_AUTOLAUNCH,
 212             install_attributes_->GetMode());
 213   ASSERT_TRUE(install_attributes_->IsConsumerKioskDeviceWithAutoLaunch());
 214 }
 215
 216 TEST_F(EnterpriseInstallAttributesTest, DeviceLockedFromOlderVersion) {
 217   install_attributes_->ReadCacheFile(GetTempPath());
 218   EXPECT_EQ(DEVICE_MODE_PENDING, install_attributes_->GetMode());
 219   // Lock the attributes as if it was done from older Chrome version.
 220   ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
 221       EnterpriseInstallAttributes::kAttrEnterpriseOwned, "true"));
 222   ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
 223       EnterpriseInstallAttributes::kAttrEnterpriseUser, kTestUser));
 224   ASSERT_TRUE(cryptohome_util::InstallAttributesFinalize());
 225   base::RunLoop loop;
 226   install_attributes_->ReadImmutableAttributes(loop.QuitClosure());
 227   loop.Run();
 228
 229   ASSERT_FALSE(cryptohome_util::InstallAttributesIsFirstInstall());
 230   EXPECT_EQ(DEVICE_MODE_ENTERPRISE, install_attributes_->GetMode());
 231   EXPECT_EQ(kTestDomain, install_attributes_->GetDomain());
 232   EXPECT_EQ(kTestUser, install_attributes_->GetRegistrationUser());
 233   EXPECT_EQ("", install_attributes_->GetDeviceId());
 234 }
 235
 236 TEST_F(EnterpriseInstallAttributesTest, ReadCacheFile) {
 237   cryptohome::SerializedInstallAttributes install_attrs_proto;
 238   SetAttribute(&install_attrs_proto,
 239                EnterpriseInstallAttributes::kAttrEnterpriseOwned, "true");
 240   SetAttribute(&install_attrs_proto,
 241                EnterpriseInstallAttributes::kAttrEnterpriseUser, kTestUser);
 242   const std::string blob(install_attrs_proto.SerializeAsString());
 243   ASSERT_EQ(static_cast<int>(blob.size()),
 244             base::WriteFile(GetTempPath(), blob.c_str(), blob.size()));
 245   install_attributes_->ReadCacheFile(GetTempPath());
 246   EXPECT_EQ(DEVICE_MODE_ENTERPRISE, install_attributes_->GetMode());
 247   EXPECT_EQ(kTestDomain, install_attributes_->GetDomain());
 248   EXPECT_EQ(kTestUser, install_attributes_->GetRegistrationUser());
 249   EXPECT_EQ("", install_attributes_->GetDeviceId());
 250 }
 251
 252 TEST_F(EnterpriseInstallAttributesTest, ReadCacheFileForConsumerKiosk) {
 253   cryptohome::SerializedInstallAttributes install_attrs_proto;
 254   SetAttribute(&install_attrs_proto,
 255                EnterpriseInstallAttributes::kAttrConsumerKioskEnabled, "true");
 256   const std::string blob(install_attrs_proto.SerializeAsString());
 257   ASSERT_EQ(static_cast<int>(blob.size()),
 258             base::WriteFile(GetTempPath(), blob.c_str(), blob.size()));
 259   install_attributes_->ReadCacheFile(GetTempPath());
 260   EXPECT_EQ(DEVICE_MODE_CONSUMER_KIOSK_AUTOLAUNCH,
 261             install_attributes_->GetMode());
 262   EXPECT_EQ("", install_attributes_->GetDomain());
 263   EXPECT_EQ("", install_attributes_->GetRegistrationUser());
 264   EXPECT_EQ("", install_attributes_->GetDeviceId());
 265 }
 266
 267 TEST_F(EnterpriseInstallAttributesTest, VerifyFakeInstallAttributesCache) {
 268   // This test verifies that FakeCryptohomeClient::InstallAttributesFinalize
 269   // writes a cache that EnterpriseInstallAttributes::ReadCacheFile accepts.
 270
 271   // Verify that no attributes are initially set.
 272   install_attributes_->ReadCacheFile(GetTempPath());
 273   EXPECT_EQ("", install_attributes_->GetRegistrationUser());
 274
 275   // Write test values.
 276   ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
 277       EnterpriseInstallAttributes::kAttrEnterpriseOwned, "true"));
 278   ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
 279       EnterpriseInstallAttributes::kAttrEnterpriseUser, kTestUser));
 280   ASSERT_TRUE(cryptohome_util::InstallAttributesFinalize());
 281   // Wait for the async write.
 282   base::RunLoop loop;
 283   base::WorkerPool::PostTaskAndReply(
 284       FROM_HERE, base::Bind(&base::DoNothing), loop.QuitClosure(), false);
 285   loop.Run();
 286
 287   // Verify that EnterpriseInstallAttributes correctly decodes the stub
 288   // cache file.
 289   install_attributes_->ReadCacheFile(GetTempPath());
 290   EXPECT_EQ(kTestUser, install_attributes_->GetRegistrationUser());
 291 }
 292
 293 }  // namespace policy