1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h"
8 #include "base/bind_helpers.h"
9 #include "base/files/file_util.h"
10 #include "base/files/scoped_temp_dir.h"
11 #include "base/memory/scoped_ptr.h"
12 #include "base/path_service.h"
13 #include "base/run_loop.h"
14 #include "chrome/browser/chromeos/policy/proto/install_attributes.pb.h"
15 #include "chromeos/chromeos_paths.h"
16 #include "chromeos/cryptohome/cryptohome_util.h"
17 #include "chromeos/dbus/cryptohome_client.h"
18 #include "chromeos/dbus/dbus_thread_manager.h"
19 #include "google_apis/gaia/gaia_auth_util.h"
20 #include "testing/gtest/include/gtest/gtest.h"
24 namespace cryptohome_util = chromeos::cryptohome_util;
28 void CopyLockResult(base::RunLoop* loop,
29 EnterpriseInstallAttributes::LockResult* out,
30 EnterpriseInstallAttributes::LockResult result) {
37 static const char kTestUser[] = "test@example.com";
38 static const char kTestUserCanonicalize[] = "UPPER.CASE@example.com";
39 static const char kTestDomain[] = "example.com";
40 static const char kTestDeviceId[] = "133750519";
42 class EnterpriseInstallAttributesTest : public testing::Test {
44 EnterpriseInstallAttributesTest() {}
46 virtual void SetUp() OVERRIDE {
47 ASSERT_TRUE(temp_dir_.CreateUniqueTempDir());
48 ASSERT_TRUE(PathService::OverrideAndCreateIfNeeded(
49 chromeos::FILE_INSTALL_ATTRIBUTES, GetTempPath(), true, false));
50 chromeos::DBusThreadManager::Initialize();
51 install_attributes_.reset(new EnterpriseInstallAttributes(
52 chromeos::DBusThreadManager::Get()->GetCryptohomeClient()));
55 virtual void TearDown() OVERRIDE {
56 chromeos::DBusThreadManager::Shutdown();
59 base::FilePath GetTempPath() const {
60 base::FilePath temp_path = base::MakeAbsoluteFilePath(temp_dir_.path());
61 return temp_path.Append("install_attrs_test");
65 cryptohome::SerializedInstallAttributes* install_attrs_proto,
66 const std::string& name,
67 const std::string& value) {
68 cryptohome::SerializedInstallAttributes::Attribute* attribute;
69 attribute = install_attrs_proto->add_attributes();
70 attribute->set_name(name);
71 attribute->set_value(value);
74 base::MessageLoopForUI message_loop_;
75 base::ScopedTempDir temp_dir_;
76 scoped_ptr<EnterpriseInstallAttributes> install_attributes_;
78 EnterpriseInstallAttributes::LockResult LockDeviceAndWaitForResult(
79 const std::string& user,
80 DeviceMode device_mode,
81 const std::string& device_id) {
83 EnterpriseInstallAttributes::LockResult result;
84 install_attributes_->LockDevice(
88 base::Bind(&CopyLockResult, &loop, &result));
94 TEST_F(EnterpriseInstallAttributesTest, Lock) {
95 EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
96 LockDeviceAndWaitForResult(
98 DEVICE_MODE_ENTERPRISE,
101 EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
102 LockDeviceAndWaitForResult(
104 DEVICE_MODE_ENTERPRISE,
106 // Another user from the same domain should also succeed.
107 EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
108 LockDeviceAndWaitForResult(
110 DEVICE_MODE_ENTERPRISE,
112 // But another domain should fail.
113 EXPECT_EQ(EnterpriseInstallAttributes::LOCK_WRONG_USER,
114 LockDeviceAndWaitForResult(
115 "test@bluebears.com",
116 DEVICE_MODE_ENTERPRISE,
120 TEST_F(EnterpriseInstallAttributesTest, LockCanonicalize) {
121 EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
122 LockDeviceAndWaitForResult(
123 kTestUserCanonicalize,
124 DEVICE_MODE_ENTERPRISE,
126 EXPECT_EQ(gaia::CanonicalizeEmail(kTestUserCanonicalize),
127 install_attributes_->GetRegistrationUser());
130 TEST_F(EnterpriseInstallAttributesTest, IsEnterpriseDevice) {
131 install_attributes_->ReadCacheFile(GetTempPath());
132 EXPECT_FALSE(install_attributes_->IsEnterpriseDevice());
133 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
134 LockDeviceAndWaitForResult(
136 DEVICE_MODE_ENTERPRISE,
138 EXPECT_TRUE(install_attributes_->IsEnterpriseDevice());
141 TEST_F(EnterpriseInstallAttributesTest, GetDomain) {
142 install_attributes_->ReadCacheFile(GetTempPath());
143 EXPECT_EQ(std::string(), install_attributes_->GetDomain());
144 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
145 LockDeviceAndWaitForResult(
147 DEVICE_MODE_ENTERPRISE,
149 EXPECT_EQ(kTestDomain, install_attributes_->GetDomain());
152 TEST_F(EnterpriseInstallAttributesTest, GetRegistrationUser) {
153 install_attributes_->ReadCacheFile(GetTempPath());
154 EXPECT_EQ(std::string(), install_attributes_->GetRegistrationUser());
155 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
156 LockDeviceAndWaitForResult(
158 DEVICE_MODE_ENTERPRISE,
160 EXPECT_EQ(kTestUser, install_attributes_->GetRegistrationUser());
163 TEST_F(EnterpriseInstallAttributesTest, GetDeviceId) {
164 install_attributes_->ReadCacheFile(GetTempPath());
165 EXPECT_EQ(std::string(), install_attributes_->GetDeviceId());
166 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
167 LockDeviceAndWaitForResult(
169 DEVICE_MODE_ENTERPRISE,
171 EXPECT_EQ(kTestDeviceId, install_attributes_->GetDeviceId());
174 TEST_F(EnterpriseInstallAttributesTest, GetMode) {
175 install_attributes_->ReadCacheFile(GetTempPath());
176 EXPECT_EQ(DEVICE_MODE_PENDING, install_attributes_->GetMode());
177 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
178 LockDeviceAndWaitForResult(
180 DEVICE_MODE_RETAIL_KIOSK,
182 EXPECT_EQ(DEVICE_MODE_RETAIL_KIOSK,
183 install_attributes_->GetMode());
186 TEST_F(EnterpriseInstallAttributesTest, ConsumerDevice) {
187 install_attributes_->ReadCacheFile(GetTempPath());
188 EXPECT_EQ(DEVICE_MODE_PENDING, install_attributes_->GetMode());
189 // Lock the attributes empty.
190 ASSERT_TRUE(cryptohome_util::InstallAttributesFinalize());
192 install_attributes_->ReadImmutableAttributes(loop.QuitClosure());
195 ASSERT_FALSE(cryptohome_util::InstallAttributesIsFirstInstall());
196 EXPECT_EQ(DEVICE_MODE_CONSUMER, install_attributes_->GetMode());
199 TEST_F(EnterpriseInstallAttributesTest, ConsumerKioskDevice) {
200 install_attributes_->ReadCacheFile(GetTempPath());
201 EXPECT_EQ(DEVICE_MODE_PENDING, install_attributes_->GetMode());
202 // Lock the attributes for consumer kiosk.
203 ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
204 LockDeviceAndWaitForResult(
206 DEVICE_MODE_CONSUMER_KIOSK_AUTOLAUNCH,
209 ASSERT_FALSE(cryptohome_util::InstallAttributesIsFirstInstall());
210 EXPECT_EQ(DEVICE_MODE_CONSUMER_KIOSK_AUTOLAUNCH,
211 install_attributes_->GetMode());
212 ASSERT_TRUE(install_attributes_->IsConsumerKioskDeviceWithAutoLaunch());
215 TEST_F(EnterpriseInstallAttributesTest, DeviceLockedFromOlderVersion) {
216 install_attributes_->ReadCacheFile(GetTempPath());
217 EXPECT_EQ(DEVICE_MODE_PENDING, install_attributes_->GetMode());
218 // Lock the attributes as if it was done from older Chrome version.
219 ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
220 EnterpriseInstallAttributes::kAttrEnterpriseOwned, "true"));
221 ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
222 EnterpriseInstallAttributes::kAttrEnterpriseUser, kTestUser));
223 ASSERT_TRUE(cryptohome_util::InstallAttributesFinalize());
225 install_attributes_->ReadImmutableAttributes(loop.QuitClosure());
228 ASSERT_FALSE(cryptohome_util::InstallAttributesIsFirstInstall());
229 EXPECT_EQ(DEVICE_MODE_ENTERPRISE, install_attributes_->GetMode());
230 EXPECT_EQ(kTestDomain, install_attributes_->GetDomain());
231 EXPECT_EQ(kTestUser, install_attributes_->GetRegistrationUser());
232 EXPECT_EQ("", install_attributes_->GetDeviceId());
235 TEST_F(EnterpriseInstallAttributesTest, ReadCacheFile) {
236 cryptohome::SerializedInstallAttributes install_attrs_proto;
237 SetAttribute(&install_attrs_proto,
238 EnterpriseInstallAttributes::kAttrEnterpriseOwned, "true");
239 SetAttribute(&install_attrs_proto,
240 EnterpriseInstallAttributes::kAttrEnterpriseUser, kTestUser);
241 const std::string blob(install_attrs_proto.SerializeAsString());
242 ASSERT_EQ(static_cast<int>(blob.size()),
243 base::WriteFile(GetTempPath(), blob.c_str(), blob.size()));
244 install_attributes_->ReadCacheFile(GetTempPath());
245 EXPECT_EQ(DEVICE_MODE_ENTERPRISE, install_attributes_->GetMode());
246 EXPECT_EQ(kTestDomain, install_attributes_->GetDomain());
247 EXPECT_EQ(kTestUser, install_attributes_->GetRegistrationUser());
248 EXPECT_EQ("", install_attributes_->GetDeviceId());
251 TEST_F(EnterpriseInstallAttributesTest, ReadCacheFileForConsumerKiosk) {
252 cryptohome::SerializedInstallAttributes install_attrs_proto;
253 SetAttribute(&install_attrs_proto,
254 EnterpriseInstallAttributes::kAttrConsumerKioskEnabled, "true");
255 const std::string blob(install_attrs_proto.SerializeAsString());
256 ASSERT_EQ(static_cast<int>(blob.size()),
257 base::WriteFile(GetTempPath(), blob.c_str(), blob.size()));
258 install_attributes_->ReadCacheFile(GetTempPath());
259 EXPECT_EQ(DEVICE_MODE_CONSUMER_KIOSK_AUTOLAUNCH,
260 install_attributes_->GetMode());
261 EXPECT_EQ("", install_attributes_->GetDomain());
262 EXPECT_EQ("", install_attributes_->GetRegistrationUser());
263 EXPECT_EQ("", install_attributes_->GetDeviceId());
266 TEST_F(EnterpriseInstallAttributesTest, VerifyFakeInstallAttributesCache) {
267 // This test verifies that FakeCryptohomeClient::InstallAttributesFinalize
268 // writes a cache that EnterpriseInstallAttributes::ReadCacheFile accepts.
270 // Verify that no attributes are initially set.
271 install_attributes_->ReadCacheFile(GetTempPath());
272 EXPECT_EQ("", install_attributes_->GetRegistrationUser());
274 // Write test values.
275 ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
276 EnterpriseInstallAttributes::kAttrEnterpriseOwned, "true"));
277 ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
278 EnterpriseInstallAttributes::kAttrEnterpriseUser, kTestUser));
279 ASSERT_TRUE(cryptohome_util::InstallAttributesFinalize());
281 // Verify that EnterpriseInstallAttributes correctly decodes the stub
283 install_attributes_->ReadCacheFile(GetTempPath());
284 EXPECT_EQ(kTestUser, install_attributes_->GetRegistrationUser());
287 } // namespace policy