1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/chromeos/settings/device_settings_service.h"
7 #include "base/basictypes.h"
9 #include "base/bind_helpers.h"
10 #include "base/compiler_specific.h"
11 #include "base/time/time.h"
12 #include "chrome/browser/chromeos/ownership/owner_settings_service_chromeos.h"
13 #include "chrome/browser/chromeos/ownership/owner_settings_service_chromeos_factory.h"
14 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h"
15 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h"
16 #include "chrome/test/base/testing_profile.h"
17 #include "components/policy/core/common/cloud/cloud_policy_constants.h"
18 #include "policy/proto/device_management_backend.pb.h"
19 #include "testing/gmock/include/gmock/gmock.h"
20 #include "testing/gtest/include/gtest/gtest.h"
22 namespace em = enterprise_management;
24 using ::testing::Mock;
30 class MockDeviceSettingsObserver : public DeviceSettingsService::Observer {
32 virtual ~MockDeviceSettingsObserver() {}
34 MOCK_METHOD0(OwnershipStatusChanged, void());
35 MOCK_METHOD0(DeviceSettingsUpdated, void());
40 class DeviceSettingsServiceTest : public DeviceSettingsTestBase {
42 void SetOperationCompleted() {
43 operation_completed_ = true;
46 void SetOwnershipStatus(
47 DeviceSettingsService::OwnershipStatus ownership_status) {
48 ownership_status_ = ownership_status;
51 void OnIsOwner(bool is_owner) {
57 DeviceSettingsServiceTest()
58 : operation_completed_(false),
61 ownership_status_(DeviceSettingsService::OWNERSHIP_UNKNOWN) {}
63 virtual void SetUp() OVERRIDE {
64 device_policy_.payload().mutable_device_policy_refresh_rate()->
65 set_device_policy_refresh_rate(120);
66 DeviceSettingsTestBase::SetUp();
70 ASSERT_TRUE(device_settings_service_.policy_data());
71 EXPECT_EQ(device_policy_.policy_data().SerializeAsString(),
72 device_settings_service_.policy_data()->SerializeAsString());
73 ASSERT_TRUE(device_settings_service_.device_settings());
74 EXPECT_EQ(device_policy_.payload().SerializeAsString(),
75 device_settings_service_.device_settings()->SerializeAsString());
78 bool operation_completed_;
81 DeviceSettingsService::OwnershipStatus ownership_status_;
84 DISALLOW_COPY_AND_ASSIGN(DeviceSettingsServiceTest);
87 TEST_F(DeviceSettingsServiceTest, LoadNoKey) {
88 owner_key_util_->Clear();
89 ReloadDeviceSettings();
91 EXPECT_EQ(DeviceSettingsService::STORE_KEY_UNAVAILABLE,
92 device_settings_service_.status());
93 EXPECT_FALSE(device_settings_service_.policy_data());
94 EXPECT_FALSE(device_settings_service_.device_settings());
97 TEST_F(DeviceSettingsServiceTest, LoadNoPolicy) {
98 device_settings_test_helper_.set_policy_blob(std::string());
99 ReloadDeviceSettings();
101 EXPECT_EQ(DeviceSettingsService::STORE_NO_POLICY,
102 device_settings_service_.status());
103 EXPECT_FALSE(device_settings_service_.policy_data());
104 EXPECT_FALSE(device_settings_service_.device_settings());
107 TEST_F(DeviceSettingsServiceTest, LoadValidationError) {
108 device_policy_.policy().set_policy_data_signature("bad");
109 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
110 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
111 ReloadDeviceSettings();
113 EXPECT_EQ(DeviceSettingsService::STORE_VALIDATION_ERROR,
114 device_settings_service_.status());
115 EXPECT_FALSE(device_settings_service_.policy_data());
116 EXPECT_FALSE(device_settings_service_.device_settings());
119 TEST_F(DeviceSettingsServiceTest, LoadValidationErrorFutureTimestamp) {
120 base::Time timestamp(base::Time::NowFromSystemTime() +
121 base::TimeDelta::FromDays(5000));
122 device_policy_.policy_data().set_timestamp(
123 (timestamp - base::Time::UnixEpoch()).InMilliseconds());
124 device_policy_.Build();
125 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
126 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
127 ReloadDeviceSettings();
129 // Loading a cached device policy with a timestamp in the future should work,
130 // since this may be due to a broken clock on the client device.
131 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
132 device_settings_service_.status());
136 TEST_F(DeviceSettingsServiceTest, LoadSuccess) {
137 ReloadDeviceSettings();
139 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
140 device_settings_service_.status());
144 TEST_F(DeviceSettingsServiceTest, SignAndStoreNoKey) {
145 ReloadDeviceSettings();
146 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
147 device_settings_service_.status());
149 scoped_ptr<em::ChromeDeviceSettingsProto> new_device_settings(
150 new em::ChromeDeviceSettingsProto(device_policy_.payload()));
151 new_device_settings->mutable_device_policy_refresh_rate()->
152 set_device_policy_refresh_rate(300);
153 device_settings_service_.SignAndStore(
154 new_device_settings.Pass(),
155 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted,
156 base::Unretained(this)));
157 FlushDeviceSettings();
158 EXPECT_TRUE(operation_completed_);
159 EXPECT_EQ(DeviceSettingsService::STORE_KEY_UNAVAILABLE,
160 device_settings_service_.status());
164 TEST_F(DeviceSettingsServiceTest, SignAndStoreFailure) {
165 ReloadDeviceSettings();
166 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
167 device_settings_service_.status());
169 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
170 InitOwner(device_policy_.policy_data().username(), true);
171 FlushDeviceSettings();
173 scoped_ptr<em::ChromeDeviceSettingsProto> new_device_settings(
174 new em::ChromeDeviceSettingsProto(device_policy_.payload()));
175 new_device_settings->mutable_device_policy_refresh_rate()->
176 set_device_policy_refresh_rate(300);
177 device_settings_test_helper_.set_store_result(false);
178 device_settings_service_.SignAndStore(
179 new_device_settings.Pass(),
180 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted,
181 base::Unretained(this)));
182 FlushDeviceSettings();
183 EXPECT_TRUE(operation_completed_);
184 EXPECT_EQ(DeviceSettingsService::STORE_OPERATION_FAILED,
185 device_settings_service_.status());
189 TEST_F(DeviceSettingsServiceTest, SignAndStoreSuccess) {
190 const base::Time before(base::Time::Now());
191 ReloadDeviceSettings();
192 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
193 device_settings_service_.status());
195 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
196 InitOwner(device_policy_.policy_data().username(), true);
197 FlushDeviceSettings();
199 device_policy_.payload().mutable_device_policy_refresh_rate()->
200 set_device_policy_refresh_rate(300);
201 device_policy_.Build();
202 device_settings_service_.SignAndStore(
203 scoped_ptr<em::ChromeDeviceSettingsProto>(
204 new em::ChromeDeviceSettingsProto(device_policy_.payload())),
205 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted,
206 base::Unretained(this)));
207 FlushDeviceSettings();
208 const base::Time after(base::Time::Now());
210 EXPECT_TRUE(operation_completed_);
211 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
212 device_settings_service_.status());
213 ASSERT_TRUE(device_settings_service_.device_settings());
214 EXPECT_EQ(device_policy_.payload().SerializeAsString(),
215 device_settings_service_.device_settings()->SerializeAsString());
217 // Check that the loaded policy_data contains the expected values.
218 const em::PolicyData* policy_data = device_settings_service_.policy_data();
219 EXPECT_EQ(policy::dm_protocol::kChromeDevicePolicyType,
220 policy_data->policy_type());
221 EXPECT_LE((before - base::Time::UnixEpoch()).InMilliseconds(),
222 policy_data->timestamp());
223 EXPECT_GE((after - base::Time::UnixEpoch()).InMilliseconds(),
224 policy_data->timestamp());
225 EXPECT_EQ(device_settings_service_.GetUsername(),
226 policy_data->username());
229 TEST_F(DeviceSettingsServiceTest, SetManagementSettingsModeTransition) {
230 ReloadDeviceSettings();
231 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
232 device_settings_service_.status());
234 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
235 InitOwner(device_policy_.policy_data().username(), true);
236 FlushDeviceSettings();
238 // The initial management mode should be NOT_MANAGED.
239 EXPECT_EQ(em::PolicyData::NOT_MANAGED,
240 device_settings_service_.policy_data()->management_mode());
242 // NOT_MANAGED -> CONSUMER_MANAGED: Okay.
243 device_settings_service_.SetManagementSettings(
244 em::PolicyData::CONSUMER_MANAGED,
245 "fake_request_token",
247 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted,
248 base::Unretained(this)));
249 FlushDeviceSettings();
251 EXPECT_TRUE(operation_completed_);
252 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
253 device_settings_service_.status());
254 EXPECT_EQ(em::PolicyData::CONSUMER_MANAGED,
255 device_settings_service_.policy_data()->management_mode());
257 // CONSUMER_MANAGED -> ENTERPRISE_MANAGED: Invalid.
258 device_settings_service_.SetManagementSettings(
259 em::PolicyData::ENTERPRISE_MANAGED,
260 "fake_request_token",
262 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted,
263 base::Unretained(this)));
264 FlushDeviceSettings();
266 EXPECT_TRUE(operation_completed_);
267 EXPECT_EQ(DeviceSettingsService::STORE_POLICY_ERROR,
268 device_settings_service_.status());
269 EXPECT_EQ(em::PolicyData::CONSUMER_MANAGED,
270 device_settings_service_.policy_data()->management_mode());
272 // CONSUMER_MANAGED -> NOT_MANAGED: Okay.
273 device_settings_service_.SetManagementSettings(
274 em::PolicyData::NOT_MANAGED,
275 "fake_request_token",
277 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted,
278 base::Unretained(this)));
279 FlushDeviceSettings();
281 EXPECT_TRUE(operation_completed_);
282 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
283 device_settings_service_.status());
284 EXPECT_EQ(em::PolicyData::NOT_MANAGED,
285 device_settings_service_.policy_data()->management_mode());
287 // NOT_MANAGED -> ENTERPRISE_MANAGED: Invalid.
288 device_settings_service_.SetManagementSettings(
289 em::PolicyData::ENTERPRISE_MANAGED,
290 "fake_request_token",
292 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted,
293 base::Unretained(this)));
294 FlushDeviceSettings();
296 EXPECT_TRUE(operation_completed_);
297 EXPECT_EQ(DeviceSettingsService::STORE_POLICY_ERROR,
298 device_settings_service_.status());
299 EXPECT_EQ(em::PolicyData::NOT_MANAGED,
300 device_settings_service_.policy_data()->management_mode());
302 // Inject a policy data with management mode set to ENTERPRISE_MANAGED.
303 device_policy_.policy_data().set_management_mode(
304 em::PolicyData::ENTERPRISE_MANAGED);
305 device_policy_.Build();
306 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
307 ReloadDeviceSettings();
308 EXPECT_EQ(em::PolicyData::ENTERPRISE_MANAGED,
309 device_settings_service_.policy_data()->management_mode());
311 // ENTERPRISE_MANAGED -> NOT_MANAGED: Invalid.
312 device_settings_service_.SetManagementSettings(
313 em::PolicyData::NOT_MANAGED,
314 "fake_request_token",
316 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted,
317 base::Unretained(this)));
318 FlushDeviceSettings();
320 EXPECT_TRUE(operation_completed_);
321 EXPECT_EQ(DeviceSettingsService::STORE_POLICY_ERROR,
322 device_settings_service_.status());
323 EXPECT_EQ(em::PolicyData::ENTERPRISE_MANAGED,
324 device_settings_service_.policy_data()->management_mode());
326 // ENTERPRISE_MANAGED -> CONSUMER_MANAGED: Invalid.
327 device_settings_service_.SetManagementSettings(
328 em::PolicyData::CONSUMER_MANAGED,
329 "fake_request_token",
331 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted,
332 base::Unretained(this)));
333 FlushDeviceSettings();
335 EXPECT_TRUE(operation_completed_);
336 EXPECT_EQ(DeviceSettingsService::STORE_POLICY_ERROR,
337 device_settings_service_.status());
338 EXPECT_EQ(em::PolicyData::ENTERPRISE_MANAGED,
339 device_settings_service_.policy_data()->management_mode());
343 TEST_F(DeviceSettingsServiceTest, SetManagementSettingsSuccess) {
344 ReloadDeviceSettings();
345 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
346 device_settings_service_.status());
348 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
349 InitOwner(device_policy_.policy_data().username(), true);
350 FlushDeviceSettings();
352 device_settings_service_.SetManagementSettings(
353 em::PolicyData::CONSUMER_MANAGED,
354 "fake_request_token",
356 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted,
357 base::Unretained(this)));
358 FlushDeviceSettings();
360 EXPECT_TRUE(operation_completed_);
361 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
362 device_settings_service_.status());
363 ASSERT_TRUE(device_settings_service_.device_settings());
365 // Check that the loaded policy_data contains the expected values.
366 const em::PolicyData* policy_data = device_settings_service_.policy_data();
367 EXPECT_EQ(policy::dm_protocol::kChromeDevicePolicyType,
368 policy_data->policy_type());
369 EXPECT_EQ(device_settings_service_.GetUsername(),
370 policy_data->username());
371 EXPECT_EQ(em::PolicyData::CONSUMER_MANAGED, policy_data->management_mode());
372 EXPECT_EQ("fake_request_token", policy_data->request_token());
373 EXPECT_EQ("fake_device_id", policy_data->device_id());
376 TEST_F(DeviceSettingsServiceTest, StoreFailure) {
377 owner_key_util_->Clear();
378 device_settings_test_helper_.set_policy_blob(std::string());
379 ReloadDeviceSettings();
380 EXPECT_EQ(DeviceSettingsService::STORE_KEY_UNAVAILABLE,
381 device_settings_service_.status());
383 device_settings_test_helper_.set_store_result(false);
384 device_settings_service_.Store(
385 device_policy_.GetCopy(),
386 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted,
387 base::Unretained(this)));
388 FlushDeviceSettings();
389 EXPECT_TRUE(operation_completed_);
390 EXPECT_EQ(DeviceSettingsService::STORE_OPERATION_FAILED,
391 device_settings_service_.status());
394 TEST_F(DeviceSettingsServiceTest, StoreSuccess) {
395 owner_key_util_->Clear();
396 device_settings_test_helper_.set_policy_blob(std::string());
397 ReloadDeviceSettings();
398 EXPECT_EQ(DeviceSettingsService::STORE_KEY_UNAVAILABLE,
399 device_settings_service_.status());
401 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
402 InitOwner(device_policy_.policy_data().username(), true);
403 device_settings_service_.Store(
404 device_policy_.GetCopy(),
405 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted,
406 base::Unretained(this)));
407 FlushDeviceSettings();
408 EXPECT_TRUE(operation_completed_);
409 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
410 device_settings_service_.status());
414 TEST_F(DeviceSettingsServiceTest, StoreRotation) {
415 ReloadDeviceSettings();
416 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
417 device_settings_service_.status());
419 device_policy_.payload().mutable_device_policy_refresh_rate()->
420 set_device_policy_refresh_rate(300);
421 device_policy_.SetDefaultNewSigningKey();
422 device_policy_.Build();
423 device_settings_service_.Store(device_policy_.GetCopy(), base::Closure());
424 FlushDeviceSettings();
425 owner_key_util_->SetPublicKeyFromPrivateKey(
426 *device_policy_.GetNewSigningKey());
427 device_settings_service_.OwnerKeySet(true);
428 FlushDeviceSettings();
429 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
430 device_settings_service_.status());
433 // Check the new key has been loaded.
434 std::vector<uint8> key;
435 ASSERT_TRUE(device_policy_.GetNewSigningKey()->ExportPublicKey(&key));
436 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
439 TEST_F(DeviceSettingsServiceTest, OwnershipStatus) {
440 owner_key_util_->Clear();
442 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
443 EXPECT_FALSE(device_settings_service_.GetPublicKey().get());
444 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_UNKNOWN,
445 device_settings_service_.GetOwnershipStatus());
447 device_settings_service_.GetOwnershipStatusAsync(
448 base::Bind(&DeviceSettingsServiceTest::SetOwnershipStatus,
449 base::Unretained(this)));
450 FlushDeviceSettings();
451 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
452 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
453 EXPECT_FALSE(device_settings_service_.GetPublicKey()->is_loaded());
454 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_NONE,
455 device_settings_service_.GetOwnershipStatus());
456 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_NONE, ownership_status_);
458 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
459 ReloadDeviceSettings();
460 device_settings_service_.GetOwnershipStatusAsync(
461 base::Bind(&DeviceSettingsServiceTest::SetOwnershipStatus,
462 base::Unretained(this)));
463 FlushDeviceSettings();
464 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
465 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
466 ASSERT_TRUE(device_settings_service_.GetPublicKey()->is_loaded());
467 std::vector<uint8> key;
468 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
469 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
470 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
471 device_settings_service_.GetOwnershipStatus());
472 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN, ownership_status_);
474 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
475 InitOwner(device_policy_.policy_data().username(), true);
476 device_settings_service_.GetOwnershipStatusAsync(
477 base::Bind(&DeviceSettingsServiceTest::SetOwnershipStatus,
478 base::Unretained(this)));
479 FlushDeviceSettings();
480 EXPECT_TRUE(device_settings_service_.HasPrivateOwnerKey());
481 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
482 ASSERT_TRUE(device_settings_service_.GetPublicKey()->is_loaded());
483 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
484 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
485 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
486 device_settings_service_.GetOwnershipStatus());
487 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN, ownership_status_);
490 TEST_F(DeviceSettingsServiceTest, OnTPMTokenReadyForNonOwner) {
491 owner_key_util_->Clear();
493 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
494 EXPECT_FALSE(device_settings_service_.GetPublicKey().get());
495 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_UNKNOWN,
496 device_settings_service_.GetOwnershipStatus());
498 const std::string& user_id = device_policy_.policy_data().username();
499 InitOwner(user_id, false);
500 OwnerSettingsServiceChromeOS* service =
501 OwnerSettingsServiceChromeOSFactory::GetForProfile(profile_.get());
502 ASSERT_TRUE(service);
503 service->IsOwnerAsync(base::Bind(&DeviceSettingsServiceTest::OnIsOwner,
504 base::Unretained(this)));
506 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
507 ReloadDeviceSettings();
509 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
510 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
511 ASSERT_TRUE(device_settings_service_.GetPublicKey()->is_loaded());
512 std::vector<uint8> key;
513 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
514 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
515 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
516 device_settings_service_.GetOwnershipStatus());
517 EXPECT_FALSE(is_owner_set_);
519 service->OnTPMTokenReady(true /* is ready */);
520 FlushDeviceSettings();
522 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
523 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
524 ASSERT_TRUE(device_settings_service_.GetPublicKey()->is_loaded());
525 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
526 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
527 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
528 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
529 device_settings_service_.GetOwnershipStatus());
530 EXPECT_TRUE(is_owner_set_);
531 EXPECT_FALSE(is_owner_);
534 TEST_F(DeviceSettingsServiceTest, OnTPMTokenReadyForOwner) {
535 owner_key_util_->Clear();
537 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
538 EXPECT_FALSE(device_settings_service_.GetPublicKey().get());
539 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_UNKNOWN,
540 device_settings_service_.GetOwnershipStatus());
542 const std::string& user_id = device_policy_.policy_data().username();
543 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
544 InitOwner(user_id, false);
545 OwnerSettingsServiceChromeOS* service =
546 OwnerSettingsServiceChromeOSFactory::GetForProfile(profile_.get());
547 ASSERT_TRUE(service);
548 service->IsOwnerAsync(base::Bind(&DeviceSettingsServiceTest::OnIsOwner,
549 base::Unretained(this)));
550 ReloadDeviceSettings();
552 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
553 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
554 ASSERT_TRUE(device_settings_service_.GetPublicKey()->is_loaded());
555 std::vector<uint8> key;
556 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
557 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
558 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
559 device_settings_service_.GetOwnershipStatus());
560 EXPECT_FALSE(is_owner_set_);
562 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
563 service->OnTPMTokenReady(true /* is ready */);
564 FlushDeviceSettings();
566 EXPECT_TRUE(device_settings_service_.HasPrivateOwnerKey());
567 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
568 ASSERT_TRUE(device_settings_service_.GetPublicKey()->is_loaded());
569 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
570 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
571 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
572 device_settings_service_.GetOwnershipStatus());
573 EXPECT_TRUE(is_owner_set_);
574 EXPECT_TRUE(is_owner_);
577 TEST_F(DeviceSettingsServiceTest, IsCurrentUserOwnerAsyncWithLoadedCerts) {
578 owner_key_util_->Clear();
580 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
581 EXPECT_FALSE(device_settings_service_.GetPublicKey().get());
582 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_UNKNOWN,
583 device_settings_service_.GetOwnershipStatus());
585 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
586 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
588 InitOwner(device_policy_.policy_data().username(), true);
589 ReloadDeviceSettings();
590 FlushDeviceSettings();
592 EXPECT_TRUE(device_settings_service_.HasPrivateOwnerKey());
593 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
594 ASSERT_TRUE(device_settings_service_.GetPublicKey()->is_loaded());
595 std::vector<uint8> key;
596 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
597 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
598 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
599 device_settings_service_.GetOwnershipStatus());
600 EXPECT_FALSE(is_owner_set_);
602 OwnerSettingsServiceChromeOS* service =
603 OwnerSettingsServiceChromeOSFactory::GetForProfile(profile_.get());
604 ASSERT_TRUE(service);
605 service->IsOwnerAsync(base::Bind(&DeviceSettingsServiceTest::OnIsOwner,
606 base::Unretained(this)));
607 // The callback should be called immediately.
608 base::MessageLoop::current()->RunUntilIdle();
610 EXPECT_TRUE(device_settings_service_.HasPrivateOwnerKey());
611 ASSERT_TRUE(device_settings_service_.GetPublicKey().get());
612 ASSERT_TRUE(device_settings_service_.GetPublicKey()->is_loaded());
613 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
614 EXPECT_EQ(device_settings_service_.GetPublicKey()->data(), key);
615 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
616 device_settings_service_.GetOwnershipStatus());
617 EXPECT_TRUE(is_owner_set_);
618 EXPECT_TRUE(is_owner_);
621 TEST_F(DeviceSettingsServiceTest, Observer) {
622 owner_key_util_->Clear();
623 MockDeviceSettingsObserver observer_;
624 device_settings_service_.AddObserver(&observer_);
626 EXPECT_CALL(observer_, OwnershipStatusChanged()).Times(1);
627 EXPECT_CALL(observer_, DeviceSettingsUpdated()).Times(1);
628 ReloadDeviceSettings();
629 Mock::VerifyAndClearExpectations(&observer_);
631 EXPECT_CALL(observer_, OwnershipStatusChanged()).Times(1);
632 EXPECT_CALL(observer_, DeviceSettingsUpdated()).Times(1);
633 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
634 InitOwner(device_policy_.policy_data().username(), true);
635 ReloadDeviceSettings();
636 Mock::VerifyAndClearExpectations(&observer_);
638 EXPECT_CALL(observer_, OwnershipStatusChanged()).Times(0);
639 EXPECT_CALL(observer_, DeviceSettingsUpdated()).Times(1);
640 device_settings_service_.Store(device_policy_.GetCopy(), base::Closure());
641 FlushDeviceSettings();
642 Mock::VerifyAndClearExpectations(&observer_);
644 EXPECT_CALL(observer_, OwnershipStatusChanged()).Times(0);
645 EXPECT_CALL(observer_, DeviceSettingsUpdated()).Times(1);
646 device_settings_service_.PropertyChangeComplete(true);
647 FlushDeviceSettings();
648 Mock::VerifyAndClearExpectations(&observer_);
650 device_settings_service_.RemoveObserver(&observer_);
653 } // namespace chromeos