src/chrome/browser/chromeos/policy/enterprise_install_attributes_unittest.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h"
   6
   7 #include "base/bind.h"
   8 #include "base/bind_helpers.h"
   9 #include "base/files/file_util.h"
  10 #include "base/files/scoped_temp_dir.h"
  11 #include "base/memory/scoped_ptr.h"
  12 #include "base/path_service.h"
  13 #include "base/run_loop.h"
  14 #include "chrome/browser/chromeos/policy/proto/install_attributes.pb.h"
  15 #include "chromeos/chromeos_paths.h"
  16 #include "chromeos/cryptohome/cryptohome_util.h"
  17 #include "chromeos/dbus/cryptohome_client.h"
  18 #include "chromeos/dbus/dbus_thread_manager.h"
  19 #include "google_apis/gaia/gaia_auth_util.h"
  20 #include "testing/gtest/include/gtest/gtest.h"
  21
  22 namespace policy {
  23
  24 namespace cryptohome_util = chromeos::cryptohome_util;
  25
  26 namespace {
  27
  28 void CopyLockResult(base::RunLoop* loop,
  29                     EnterpriseInstallAttributes::LockResult* out,
  30                     EnterpriseInstallAttributes::LockResult result) {
  31   *out = result;
  32   loop->Quit();
  33 }
  34
  35 }  // namespace
  36
  37 static const char kTestUser[] = "test@example.com";
  38 static const char kTestUserCanonicalize[] = "UPPER.CASE@example.com";
  39 static const char kTestDomain[] = "example.com";
  40 static const char kTestDeviceId[] = "133750519";
  41
  42 class EnterpriseInstallAttributesTest : public testing::Test {
  43  protected:
  44   EnterpriseInstallAttributesTest() {}
  45
  46   virtual void SetUp() OVERRIDE {
  47     ASSERT_TRUE(temp_dir_.CreateUniqueTempDir());
  48     ASSERT_TRUE(PathService::OverrideAndCreateIfNeeded(
  49         chromeos::FILE_INSTALL_ATTRIBUTES, GetTempPath(), true, false));
  50     chromeos::DBusThreadManager::Initialize();
  51     install_attributes_.reset(new EnterpriseInstallAttributes(
  52         chromeos::DBusThreadManager::Get()->GetCryptohomeClient()));
  53   }
  54
  55   virtual void TearDown() OVERRIDE {
  56     chromeos::DBusThreadManager::Shutdown();
  57   }
  58
  59   base::FilePath GetTempPath() const {
  60     base::FilePath temp_path = base::MakeAbsoluteFilePath(temp_dir_.path());
  61     return temp_path.Append("install_attrs_test");
  62   }
  63
  64   void SetAttribute(
  65       cryptohome::SerializedInstallAttributes* install_attrs_proto,
  66       const std::string& name,
  67       const std::string& value) {
  68     cryptohome::SerializedInstallAttributes::Attribute* attribute;
  69     attribute = install_attrs_proto->add_attributes();
  70     attribute->set_name(name);
  71     attribute->set_value(value);
  72   }
  73
  74   base::MessageLoopForUI message_loop_;
  75   base::ScopedTempDir temp_dir_;
  76   scoped_ptr<EnterpriseInstallAttributes> install_attributes_;
  77
  78   EnterpriseInstallAttributes::LockResult LockDeviceAndWaitForResult(
  79       const std::string& user,
  80       DeviceMode device_mode,
  81       const std::string& device_id) {
  82     base::RunLoop loop;
  83     EnterpriseInstallAttributes::LockResult result;
  84     install_attributes_->LockDevice(
  85         user,
  86         device_mode,
  87         device_id,
  88         base::Bind(&CopyLockResult, &loop, &result));
  89     loop.Run();
  90     return result;
  91   }
  92 };
  93
  94 TEST_F(EnterpriseInstallAttributesTest, Lock) {
  95   EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
  96             LockDeviceAndWaitForResult(
  97                 kTestUser,
  98                 DEVICE_MODE_ENTERPRISE,
  99                 kTestDeviceId));
 100
 101   EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
 102             LockDeviceAndWaitForResult(
 103                 kTestUser,
 104                 DEVICE_MODE_ENTERPRISE,
 105                 kTestDeviceId));
 106   // Another user from the same domain should also succeed.
 107   EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
 108             LockDeviceAndWaitForResult(
 109                 "test1@example.com",
 110                 DEVICE_MODE_ENTERPRISE,
 111                 kTestDeviceId));
 112   // But another domain should fail.
 113   EXPECT_EQ(EnterpriseInstallAttributes::LOCK_WRONG_USER,
 114             LockDeviceAndWaitForResult(
 115                 "test@bluebears.com",
 116                 DEVICE_MODE_ENTERPRISE,
 117                 kTestDeviceId));
 118 }
 119
 120 TEST_F(EnterpriseInstallAttributesTest, LockCanonicalize) {
 121   EXPECT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
 122             LockDeviceAndWaitForResult(
 123                 kTestUserCanonicalize,
 124                 DEVICE_MODE_ENTERPRISE,
 125                 kTestDeviceId));
 126   EXPECT_EQ(gaia::CanonicalizeEmail(kTestUserCanonicalize),
 127             install_attributes_->GetRegistrationUser());
 128 }
 129
 130 TEST_F(EnterpriseInstallAttributesTest, IsEnterpriseDevice) {
 131   install_attributes_->ReadCacheFile(GetTempPath());
 132   EXPECT_FALSE(install_attributes_->IsEnterpriseDevice());
 133   ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
 134             LockDeviceAndWaitForResult(
 135                 kTestUser,
 136                 DEVICE_MODE_ENTERPRISE,
 137                 kTestDeviceId));
 138   EXPECT_TRUE(install_attributes_->IsEnterpriseDevice());
 139 }
 140
 141 TEST_F(EnterpriseInstallAttributesTest, GetDomain) {
 142   install_attributes_->ReadCacheFile(GetTempPath());
 143   EXPECT_EQ(std::string(), install_attributes_->GetDomain());
 144   ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
 145             LockDeviceAndWaitForResult(
 146                 kTestUser,
 147                 DEVICE_MODE_ENTERPRISE,
 148                 kTestDeviceId));
 149   EXPECT_EQ(kTestDomain, install_attributes_->GetDomain());
 150 }
 151
 152 TEST_F(EnterpriseInstallAttributesTest, GetRegistrationUser) {
 153   install_attributes_->ReadCacheFile(GetTempPath());
 154   EXPECT_EQ(std::string(), install_attributes_->GetRegistrationUser());
 155   ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
 156             LockDeviceAndWaitForResult(
 157                 kTestUser,
 158                 DEVICE_MODE_ENTERPRISE,
 159                 kTestDeviceId));
 160   EXPECT_EQ(kTestUser, install_attributes_->GetRegistrationUser());
 161 }
 162
 163 TEST_F(EnterpriseInstallAttributesTest, GetDeviceId) {
 164   install_attributes_->ReadCacheFile(GetTempPath());
 165   EXPECT_EQ(std::string(), install_attributes_->GetDeviceId());
 166   ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
 167             LockDeviceAndWaitForResult(
 168                 kTestUser,
 169                 DEVICE_MODE_ENTERPRISE,
 170                 kTestDeviceId));
 171   EXPECT_EQ(kTestDeviceId, install_attributes_->GetDeviceId());
 172 }
 173
 174 TEST_F(EnterpriseInstallAttributesTest, GetMode) {
 175   install_attributes_->ReadCacheFile(GetTempPath());
 176   EXPECT_EQ(DEVICE_MODE_PENDING, install_attributes_->GetMode());
 177   ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
 178             LockDeviceAndWaitForResult(
 179                 kTestUser,
 180                 DEVICE_MODE_RETAIL_KIOSK,
 181                 kTestDeviceId));
 182   EXPECT_EQ(DEVICE_MODE_RETAIL_KIOSK,
 183             install_attributes_->GetMode());
 184 }
 185
 186 TEST_F(EnterpriseInstallAttributesTest, ConsumerDevice) {
 187   install_attributes_->ReadCacheFile(GetTempPath());
 188   EXPECT_EQ(DEVICE_MODE_PENDING, install_attributes_->GetMode());
 189   // Lock the attributes empty.
 190   ASSERT_TRUE(cryptohome_util::InstallAttributesFinalize());
 191   base::RunLoop loop;
 192   install_attributes_->ReadImmutableAttributes(loop.QuitClosure());
 193   loop.Run();
 194
 195   ASSERT_FALSE(cryptohome_util::InstallAttributesIsFirstInstall());
 196   EXPECT_EQ(DEVICE_MODE_CONSUMER, install_attributes_->GetMode());
 197 }
 198
 199 TEST_F(EnterpriseInstallAttributesTest, ConsumerKioskDevice) {
 200   install_attributes_->ReadCacheFile(GetTempPath());
 201   EXPECT_EQ(DEVICE_MODE_PENDING, install_attributes_->GetMode());
 202   // Lock the attributes for consumer kiosk.
 203   ASSERT_EQ(EnterpriseInstallAttributes::LOCK_SUCCESS,
 204             LockDeviceAndWaitForResult(
 205                 std::string(),
 206                 DEVICE_MODE_CONSUMER_KIOSK_AUTOLAUNCH,
 207                 std::string()));
 208
 209   ASSERT_FALSE(cryptohome_util::InstallAttributesIsFirstInstall());
 210   EXPECT_EQ(DEVICE_MODE_CONSUMER_KIOSK_AUTOLAUNCH,
 211             install_attributes_->GetMode());
 212   ASSERT_TRUE(install_attributes_->IsConsumerKioskDeviceWithAutoLaunch());
 213 }
 214
 215 TEST_F(EnterpriseInstallAttributesTest, DeviceLockedFromOlderVersion) {
 216   install_attributes_->ReadCacheFile(GetTempPath());
 217   EXPECT_EQ(DEVICE_MODE_PENDING, install_attributes_->GetMode());
 218   // Lock the attributes as if it was done from older Chrome version.
 219   ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
 220       EnterpriseInstallAttributes::kAttrEnterpriseOwned, "true"));
 221   ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
 222       EnterpriseInstallAttributes::kAttrEnterpriseUser, kTestUser));
 223   ASSERT_TRUE(cryptohome_util::InstallAttributesFinalize());
 224   base::RunLoop loop;
 225   install_attributes_->ReadImmutableAttributes(loop.QuitClosure());
 226   loop.Run();
 227
 228   ASSERT_FALSE(cryptohome_util::InstallAttributesIsFirstInstall());
 229   EXPECT_EQ(DEVICE_MODE_ENTERPRISE, install_attributes_->GetMode());
 230   EXPECT_EQ(kTestDomain, install_attributes_->GetDomain());
 231   EXPECT_EQ(kTestUser, install_attributes_->GetRegistrationUser());
 232   EXPECT_EQ("", install_attributes_->GetDeviceId());
 233 }
 234
 235 TEST_F(EnterpriseInstallAttributesTest, ReadCacheFile) {
 236   cryptohome::SerializedInstallAttributes install_attrs_proto;
 237   SetAttribute(&install_attrs_proto,
 238                EnterpriseInstallAttributes::kAttrEnterpriseOwned, "true");
 239   SetAttribute(&install_attrs_proto,
 240                EnterpriseInstallAttributes::kAttrEnterpriseUser, kTestUser);
 241   const std::string blob(install_attrs_proto.SerializeAsString());
 242   ASSERT_EQ(static_cast<int>(blob.size()),
 243             base::WriteFile(GetTempPath(), blob.c_str(), blob.size()));
 244   install_attributes_->ReadCacheFile(GetTempPath());
 245   EXPECT_EQ(DEVICE_MODE_ENTERPRISE, install_attributes_->GetMode());
 246   EXPECT_EQ(kTestDomain, install_attributes_->GetDomain());
 247   EXPECT_EQ(kTestUser, install_attributes_->GetRegistrationUser());
 248   EXPECT_EQ("", install_attributes_->GetDeviceId());
 249 }
 250
 251 TEST_F(EnterpriseInstallAttributesTest, ReadCacheFileForConsumerKiosk) {
 252   cryptohome::SerializedInstallAttributes install_attrs_proto;
 253   SetAttribute(&install_attrs_proto,
 254                EnterpriseInstallAttributes::kAttrConsumerKioskEnabled, "true");
 255   const std::string blob(install_attrs_proto.SerializeAsString());
 256   ASSERT_EQ(static_cast<int>(blob.size()),
 257             base::WriteFile(GetTempPath(), blob.c_str(), blob.size()));
 258   install_attributes_->ReadCacheFile(GetTempPath());
 259   EXPECT_EQ(DEVICE_MODE_CONSUMER_KIOSK_AUTOLAUNCH,
 260             install_attributes_->GetMode());
 261   EXPECT_EQ("", install_attributes_->GetDomain());
 262   EXPECT_EQ("", install_attributes_->GetRegistrationUser());
 263   EXPECT_EQ("", install_attributes_->GetDeviceId());
 264 }
 265
 266 TEST_F(EnterpriseInstallAttributesTest, VerifyFakeInstallAttributesCache) {
 267   // This test verifies that FakeCryptohomeClient::InstallAttributesFinalize
 268   // writes a cache that EnterpriseInstallAttributes::ReadCacheFile accepts.
 269
 270   // Verify that no attributes are initially set.
 271   install_attributes_->ReadCacheFile(GetTempPath());
 272   EXPECT_EQ("", install_attributes_->GetRegistrationUser());
 273
 274   // Write test values.
 275   ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
 276       EnterpriseInstallAttributes::kAttrEnterpriseOwned, "true"));
 277   ASSERT_TRUE(cryptohome_util::InstallAttributesSet(
 278       EnterpriseInstallAttributes::kAttrEnterpriseUser, kTestUser));
 279   ASSERT_TRUE(cryptohome_util::InstallAttributesFinalize());
 280
 281   // Verify that EnterpriseInstallAttributes correctly decodes the stub
 282   // cache file.
 283   install_attributes_->ReadCacheFile(GetTempPath());
 284   EXPECT_EQ(kTestUser, install_attributes_->GetRegistrationUser());
 285 }
 286
 287 }  // namespace policy