1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/chromeos/settings/device_settings_provider.h"
10 #include "base/callback.h"
11 #include "base/files/file_util.h"
12 #include "base/path_service.h"
13 #include "base/test/scoped_path_override.h"
14 #include "base/values.h"
15 #include "chrome/browser/chromeos/login/users/fake_user_manager.h"
16 #include "chrome/browser/chromeos/policy/device_local_account.h"
17 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h"
18 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h"
19 #include "chrome/common/chrome_paths.h"
20 #include "chrome/test/base/scoped_testing_local_state.h"
21 #include "chrome/test/base/testing_browser_process.h"
22 #include "chrome/test/base/testing_profile.h"
23 #include "chromeos/settings/cros_settings_names.h"
24 #include "components/user_manager/user.h"
25 #include "policy/proto/device_management_backend.pb.h"
26 #include "testing/gmock/include/gmock/gmock.h"
27 #include "testing/gtest/include/gtest/gtest.h"
29 namespace em = enterprise_management;
33 using ::testing::AtLeast;
34 using ::testing::AnyNumber;
35 using ::testing::Mock;
40 const char kDisabledMessage[] = "This device has been disabled.";
44 class DeviceSettingsProviderTest : public DeviceSettingsTestBase {
46 MOCK_METHOD1(SettingChanged, void(const std::string&));
47 MOCK_METHOD0(GetTrustedCallback, void(void));
50 DeviceSettingsProviderTest()
51 : local_state_(TestingBrowserProcess::GetGlobal()),
52 user_data_dir_override_(chrome::DIR_USER_DATA) {}
54 virtual void SetUp() override {
55 DeviceSettingsTestBase::SetUp();
57 EXPECT_CALL(*this, SettingChanged(_)).Times(AnyNumber());
59 new DeviceSettingsProvider(
60 base::Bind(&DeviceSettingsProviderTest::SettingChanged,
61 base::Unretained(this)),
62 &device_settings_service_));
63 Mock::VerifyAndClearExpectations(this);
66 virtual void TearDown() override {
67 DeviceSettingsTestBase::TearDown();
70 ScopedTestingLocalState local_state_;
72 scoped_ptr<DeviceSettingsProvider> provider_;
74 base::ScopedPathOverride user_data_dir_override_;
77 DISALLOW_COPY_AND_ASSIGN(DeviceSettingsProviderTest);
80 TEST_F(DeviceSettingsProviderTest, InitializationTest) {
81 // Have the service load a settings blob.
82 EXPECT_CALL(*this, SettingChanged(_)).Times(AnyNumber());
83 ReloadDeviceSettings();
84 Mock::VerifyAndClearExpectations(this);
86 // Verify that the policy blob has been correctly parsed and trusted.
87 // The trusted flag should be set before the call to PrepareTrustedValues.
88 EXPECT_EQ(CrosSettingsProvider::TRUSTED,
89 provider_->PrepareTrustedValues(base::Closure()));
90 const base::Value* value = provider_->Get(kStatsReportingPref);
93 EXPECT_TRUE(value->GetAsBoolean(&bool_value));
94 EXPECT_FALSE(bool_value);
97 TEST_F(DeviceSettingsProviderTest, InitializationTestUnowned) {
98 // Have the service check the key.
99 owner_key_util_->Clear();
100 ReloadDeviceSettings();
102 // The trusted flag should be set before the call to PrepareTrustedValues.
103 EXPECT_EQ(CrosSettingsProvider::TRUSTED,
104 provider_->PrepareTrustedValues(base::Closure()));
105 const base::Value* value = provider_->Get(kReleaseChannel);
107 std::string string_value;
108 EXPECT_TRUE(value->GetAsString(&string_value));
109 EXPECT_TRUE(string_value.empty());
111 // Sets should succeed though and be readable from the cache.
112 EXPECT_CALL(*this, SettingChanged(_)).Times(AnyNumber());
113 EXPECT_CALL(*this, SettingChanged(kReleaseChannel)).Times(1);
114 base::StringValue new_value("stable-channel");
115 provider_->Set(kReleaseChannel, new_value);
116 Mock::VerifyAndClearExpectations(this);
118 // This shouldn't trigger a write.
119 device_settings_test_helper_.set_policy_blob(std::string());
120 FlushDeviceSettings();
121 EXPECT_EQ(std::string(), device_settings_test_helper_.policy_blob());
123 // Verify the change has been applied.
124 const base::Value* saved_value = provider_->Get(kReleaseChannel);
125 ASSERT_TRUE(saved_value);
126 EXPECT_TRUE(saved_value->GetAsString(&string_value));
127 ASSERT_EQ("stable-channel", string_value);
130 TEST_F(DeviceSettingsProviderTest, SetPrefFailed) {
131 // If we are not the owner no sets should work.
132 base::FundamentalValue value(true);
133 EXPECT_CALL(*this, SettingChanged(kStatsReportingPref)).Times(1);
134 provider_->Set(kStatsReportingPref, value);
135 Mock::VerifyAndClearExpectations(this);
137 // This shouldn't trigger a write.
138 device_settings_test_helper_.set_policy_blob(std::string());
139 FlushDeviceSettings();
140 EXPECT_EQ(std::string(), device_settings_test_helper_.policy_blob());
142 // Verify the change has not been applied.
143 const base::Value* saved_value = provider_->Get(kStatsReportingPref);
144 ASSERT_TRUE(saved_value);
146 EXPECT_TRUE(saved_value->GetAsBoolean(&bool_value));
147 EXPECT_FALSE(bool_value);
150 TEST_F(DeviceSettingsProviderTest, SetPrefSucceed) {
151 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
152 InitOwner(device_policy_.policy_data().username(), true);
153 FlushDeviceSettings();
155 base::FundamentalValue value(true);
156 EXPECT_CALL(*this, SettingChanged(_)).Times(AnyNumber());
157 EXPECT_CALL(*this, SettingChanged(kStatsReportingPref)).Times(1);
158 provider_->Set(kStatsReportingPref, value);
159 Mock::VerifyAndClearExpectations(this);
161 // Process the store.
162 device_settings_test_helper_.set_policy_blob(std::string());
163 FlushDeviceSettings();
165 // Verify that the device policy has been adjusted.
166 ASSERT_TRUE(device_settings_service_.device_settings());
167 EXPECT_TRUE(device_settings_service_.device_settings()->
168 metrics_enabled().metrics_enabled());
170 // Verify the change has been applied.
171 const base::Value* saved_value = provider_->Get(kStatsReportingPref);
172 ASSERT_TRUE(saved_value);
174 EXPECT_TRUE(saved_value->GetAsBoolean(&bool_value));
175 EXPECT_TRUE(bool_value);
178 TEST_F(DeviceSettingsProviderTest, SetPrefTwice) {
179 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
180 InitOwner(device_policy_.policy_data().username(), true);
181 FlushDeviceSettings();
183 EXPECT_CALL(*this, SettingChanged(_)).Times(AnyNumber());
185 base::StringValue value1("beta");
186 provider_->Set(kReleaseChannel, value1);
187 base::StringValue value2("dev");
188 provider_->Set(kReleaseChannel, value2);
190 // Let the changes propagate through the system.
191 device_settings_test_helper_.set_policy_blob(std::string());
192 FlushDeviceSettings();
194 // Verify the second change has been applied.
195 const base::Value* saved_value = provider_->Get(kReleaseChannel);
196 EXPECT_TRUE(value2.Equals(saved_value));
198 Mock::VerifyAndClearExpectations(this);
201 TEST_F(DeviceSettingsProviderTest, PolicyRetrievalFailedBadSignature) {
202 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
203 device_policy_.policy().set_policy_data_signature("bad signature");
204 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
205 ReloadDeviceSettings();
207 // Verify that the cached settings blob is not "trusted".
208 EXPECT_EQ(DeviceSettingsService::STORE_VALIDATION_ERROR,
209 device_settings_service_.status());
210 EXPECT_EQ(CrosSettingsProvider::PERMANENTLY_UNTRUSTED,
211 provider_->PrepareTrustedValues(base::Closure()));
214 TEST_F(DeviceSettingsProviderTest, PolicyRetrievalNoPolicy) {
215 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
216 device_settings_test_helper_.set_policy_blob(std::string());
217 ReloadDeviceSettings();
219 // Verify that the cached settings blob is not "trusted".
220 EXPECT_EQ(DeviceSettingsService::STORE_NO_POLICY,
221 device_settings_service_.status());
222 EXPECT_EQ(CrosSettingsProvider::PERMANENTLY_UNTRUSTED,
223 provider_->PrepareTrustedValues(base::Closure()));
226 TEST_F(DeviceSettingsProviderTest, PolicyFailedPermanentlyNotification) {
227 device_settings_test_helper_.set_policy_blob(std::string());
229 EXPECT_CALL(*this, GetTrustedCallback());
230 EXPECT_EQ(CrosSettingsProvider::TEMPORARILY_UNTRUSTED,
231 provider_->PrepareTrustedValues(
232 base::Bind(&DeviceSettingsProviderTest::GetTrustedCallback,
233 base::Unretained(this))));
235 ReloadDeviceSettings();
236 Mock::VerifyAndClearExpectations(this);
238 EXPECT_EQ(CrosSettingsProvider::PERMANENTLY_UNTRUSTED,
239 provider_->PrepareTrustedValues(base::Closure()));
242 TEST_F(DeviceSettingsProviderTest, PolicyLoadNotification) {
243 EXPECT_CALL(*this, GetTrustedCallback());
245 EXPECT_EQ(CrosSettingsProvider::TEMPORARILY_UNTRUSTED,
246 provider_->PrepareTrustedValues(
247 base::Bind(&DeviceSettingsProviderTest::GetTrustedCallback,
248 base::Unretained(this))));
250 ReloadDeviceSettings();
251 Mock::VerifyAndClearExpectations(this);
254 TEST_F(DeviceSettingsProviderTest, StatsReportingMigration) {
255 // Create the legacy consent file.
256 base::FilePath consent_file;
257 ASSERT_TRUE(PathService::Get(chrome::DIR_USER_DATA, &consent_file));
258 consent_file = consent_file.AppendASCII("Consent To Send Stats");
259 ASSERT_EQ(1, base::WriteFile(consent_file, "0", 1));
261 // This should trigger migration because the metrics policy isn't in the blob.
262 device_settings_test_helper_.set_policy_blob(std::string());
263 FlushDeviceSettings();
264 EXPECT_EQ(std::string(), device_settings_test_helper_.policy_blob());
266 // Verify that migration has kicked in.
267 const base::Value* saved_value = provider_->Get(kStatsReportingPref);
268 ASSERT_TRUE(saved_value);
270 EXPECT_TRUE(saved_value->GetAsBoolean(&bool_value));
271 EXPECT_FALSE(bool_value);
274 TEST_F(DeviceSettingsProviderTest, LegacyDeviceLocalAccounts) {
275 EXPECT_CALL(*this, SettingChanged(_)).Times(AnyNumber());
276 em::DeviceLocalAccountInfoProto* account =
277 device_policy_.payload().mutable_device_local_accounts()->add_account();
278 account->set_deprecated_public_session_id(
279 policy::PolicyBuilder::kFakeUsername);
280 device_policy_.Build();
281 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
282 ReloadDeviceSettings();
283 Mock::VerifyAndClearExpectations(this);
285 // On load, the deprecated spec should have been converted to the new format.
286 base::ListValue expected_accounts;
287 scoped_ptr<base::DictionaryValue> entry_dict(new base::DictionaryValue());
288 entry_dict->SetString(kAccountsPrefDeviceLocalAccountsKeyId,
289 policy::PolicyBuilder::kFakeUsername);
290 entry_dict->SetInteger(kAccountsPrefDeviceLocalAccountsKeyType,
291 policy::DeviceLocalAccount::TYPE_PUBLIC_SESSION);
292 expected_accounts.Append(entry_dict.release());
293 const base::Value* actual_accounts =
294 provider_->Get(kAccountsPrefDeviceLocalAccounts);
295 EXPECT_TRUE(base::Value::Equals(&expected_accounts, actual_accounts));
298 TEST_F(DeviceSettingsProviderTest, OwnerIsStillSetWhenDeviceIsConsumerManaged) {
299 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
300 InitOwner(device_policy_.policy_data().username(), true);
301 device_policy_.policy_data().set_management_mode(
302 em::PolicyData::CONSUMER_MANAGED);
303 device_policy_.policy_data().set_request_token("test request token");
304 device_policy_.Build();
305 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
306 FlushDeviceSettings();
308 // Expect that kDeviceOwner is not empty.
309 const base::Value* value = provider_->Get(kDeviceOwner);
311 std::string string_value;
312 EXPECT_TRUE(value->GetAsString(&string_value));
313 EXPECT_FALSE(string_value.empty());
316 TEST_F(DeviceSettingsProviderTest, DecodeDeviceState) {
317 EXPECT_CALL(*this, SettingChanged(_)).Times(AtLeast(1));
318 device_policy_.policy_data().mutable_device_state()->set_device_mode(
319 em::DeviceState::DEVICE_MODE_DISABLED);
320 device_policy_.policy_data().mutable_device_state()->
321 mutable_disabled_state()->set_message(kDisabledMessage);
322 device_policy_.Build();
323 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
324 ReloadDeviceSettings();
325 Mock::VerifyAndClearExpectations(this);
327 // Verify that the device state has been decoded correctly.
328 const base::FundamentalValue expected_disabled_value(true);
329 EXPECT_TRUE(base::Value::Equals(provider_->Get(kDeviceDisabled),
330 &expected_disabled_value));
331 const base::StringValue expected_disabled_message_value(kDisabledMessage);
332 EXPECT_TRUE(base::Value::Equals(provider_->Get(kDeviceDisabledMessage),
333 &expected_disabled_message_value));
335 // Verify that a change to the device state triggers a notification.
336 EXPECT_CALL(*this, SettingChanged(_)).Times(AtLeast(1));
337 device_policy_.policy_data().mutable_device_state()->clear_device_mode();
338 device_policy_.Build();
339 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
340 ReloadDeviceSettings();
341 Mock::VerifyAndClearExpectations(this);
343 // Verify that the updated state has been decoded correctly.
344 EXPECT_FALSE(provider_->Get(kDeviceDisabled));
347 } // namespace chromeos