1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/chromeos/settings/device_settings_service.h"
7 #include "base/basictypes.h"
9 #include "base/bind_helpers.h"
10 #include "base/compiler_specific.h"
11 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h"
12 #include "chrome/browser/chromeos/settings/device_settings_test_helper.h"
13 #include "policy/proto/device_management_backend.pb.h"
14 #include "testing/gmock/include/gmock/gmock.h"
15 #include "testing/gtest/include/gtest/gtest.h"
17 namespace em = enterprise_management;
19 using ::testing::Mock;
25 class MockDeviceSettingsObserver : public DeviceSettingsService::Observer {
27 virtual ~MockDeviceSettingsObserver() {}
29 MOCK_METHOD0(OwnershipStatusChanged, void());
30 MOCK_METHOD0(DeviceSettingsUpdated, void());
35 class DeviceSettingsServiceTest : public DeviceSettingsTestBase {
37 void SetOperationCompleted() {
38 operation_completed_ = true;
41 void SetOwnershipStatus(
42 DeviceSettingsService::OwnershipStatus ownership_status) {
43 ownership_status_ = ownership_status;
46 void OnIsOwner(bool is_owner) {
52 DeviceSettingsServiceTest()
53 : operation_completed_(false),
56 ownership_status_(DeviceSettingsService::OWNERSHIP_UNKNOWN) {}
58 virtual void SetUp() OVERRIDE {
59 device_policy_.payload().mutable_device_policy_refresh_rate()->
60 set_device_policy_refresh_rate(120);
61 DeviceSettingsTestBase::SetUp();
65 ASSERT_TRUE(device_settings_service_.policy_data());
66 EXPECT_EQ(device_policy_.policy_data().SerializeAsString(),
67 device_settings_service_.policy_data()->SerializeAsString());
68 ASSERT_TRUE(device_settings_service_.device_settings());
69 EXPECT_EQ(device_policy_.payload().SerializeAsString(),
70 device_settings_service_.device_settings()->SerializeAsString());
73 bool operation_completed_;
76 DeviceSettingsService::OwnershipStatus ownership_status_;
79 DISALLOW_COPY_AND_ASSIGN(DeviceSettingsServiceTest);
82 TEST_F(DeviceSettingsServiceTest, LoadNoKey) {
83 owner_key_util_->Clear();
84 ReloadDeviceSettings();
86 EXPECT_EQ(DeviceSettingsService::STORE_KEY_UNAVAILABLE,
87 device_settings_service_.status());
88 EXPECT_FALSE(device_settings_service_.policy_data());
89 EXPECT_FALSE(device_settings_service_.device_settings());
92 TEST_F(DeviceSettingsServiceTest, LoadNoPolicy) {
93 device_settings_test_helper_.set_policy_blob(std::string());
94 ReloadDeviceSettings();
96 EXPECT_EQ(DeviceSettingsService::STORE_NO_POLICY,
97 device_settings_service_.status());
98 EXPECT_FALSE(device_settings_service_.policy_data());
99 EXPECT_FALSE(device_settings_service_.device_settings());
102 TEST_F(DeviceSettingsServiceTest, LoadValidationError) {
103 device_policy_.policy().set_policy_data_signature("bad");
104 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
105 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
106 ReloadDeviceSettings();
108 EXPECT_EQ(DeviceSettingsService::STORE_VALIDATION_ERROR,
109 device_settings_service_.status());
110 EXPECT_FALSE(device_settings_service_.policy_data());
111 EXPECT_FALSE(device_settings_service_.device_settings());
114 TEST_F(DeviceSettingsServiceTest, LoadValidationErrorFutureTimestamp) {
115 base::Time timestamp(base::Time::NowFromSystemTime() +
116 base::TimeDelta::FromDays(5000));
117 device_policy_.policy_data().set_timestamp(
118 (timestamp - base::Time::UnixEpoch()).InMilliseconds());
119 device_policy_.Build();
120 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob());
121 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
122 ReloadDeviceSettings();
124 // Loading a cached device policy with a timestamp in the future should work,
125 // since this may be due to a broken clock on the client device.
126 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
127 device_settings_service_.status());
131 TEST_F(DeviceSettingsServiceTest, LoadSuccess) {
132 ReloadDeviceSettings();
134 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
135 device_settings_service_.status());
139 TEST_F(DeviceSettingsServiceTest, SignAndStoreNoKey) {
140 ReloadDeviceSettings();
141 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
142 device_settings_service_.status());
144 scoped_ptr<em::ChromeDeviceSettingsProto> new_device_settings(
145 new em::ChromeDeviceSettingsProto(device_policy_.payload()));
146 new_device_settings->mutable_device_policy_refresh_rate()->
147 set_device_policy_refresh_rate(300);
148 device_settings_service_.SignAndStore(
149 new_device_settings.Pass(),
150 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted,
151 base::Unretained(this)));
152 FlushDeviceSettings();
153 EXPECT_TRUE(operation_completed_);
154 EXPECT_EQ(DeviceSettingsService::STORE_KEY_UNAVAILABLE,
155 device_settings_service_.status());
159 TEST_F(DeviceSettingsServiceTest, SignAndStoreFailure) {
160 ReloadDeviceSettings();
161 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
162 device_settings_service_.status());
164 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
165 device_settings_service_.SetUsername(device_policy_.policy_data().username());
166 FlushDeviceSettings();
168 scoped_ptr<em::ChromeDeviceSettingsProto> new_device_settings(
169 new em::ChromeDeviceSettingsProto(device_policy_.payload()));
170 new_device_settings->mutable_device_policy_refresh_rate()->
171 set_device_policy_refresh_rate(300);
172 device_settings_test_helper_.set_store_result(false);
173 device_settings_service_.SignAndStore(
174 new_device_settings.Pass(),
175 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted,
176 base::Unretained(this)));
177 FlushDeviceSettings();
178 EXPECT_TRUE(operation_completed_);
179 EXPECT_EQ(DeviceSettingsService::STORE_OPERATION_FAILED,
180 device_settings_service_.status());
184 TEST_F(DeviceSettingsServiceTest, SignAndStoreSuccess) {
185 ReloadDeviceSettings();
186 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
187 device_settings_service_.status());
189 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
190 device_settings_service_.SetUsername(device_policy_.policy_data().username());
191 FlushDeviceSettings();
193 device_policy_.payload().mutable_device_policy_refresh_rate()->
194 set_device_policy_refresh_rate(300);
195 device_policy_.Build();
196 device_settings_service_.SignAndStore(
197 scoped_ptr<em::ChromeDeviceSettingsProto>(
198 new em::ChromeDeviceSettingsProto(device_policy_.payload())),
199 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted,
200 base::Unretained(this)));
201 FlushDeviceSettings();
202 EXPECT_TRUE(operation_completed_);
203 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
204 device_settings_service_.status());
205 ASSERT_TRUE(device_settings_service_.device_settings());
206 EXPECT_EQ(device_policy_.payload().SerializeAsString(),
207 device_settings_service_.device_settings()->SerializeAsString());
210 TEST_F(DeviceSettingsServiceTest, StoreFailure) {
211 owner_key_util_->Clear();
212 device_settings_test_helper_.set_policy_blob(std::string());
213 ReloadDeviceSettings();
214 EXPECT_EQ(DeviceSettingsService::STORE_KEY_UNAVAILABLE,
215 device_settings_service_.status());
217 device_settings_test_helper_.set_store_result(false);
218 device_settings_service_.Store(
219 device_policy_.GetCopy(),
220 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted,
221 base::Unretained(this)));
222 FlushDeviceSettings();
223 EXPECT_TRUE(operation_completed_);
224 EXPECT_EQ(DeviceSettingsService::STORE_OPERATION_FAILED,
225 device_settings_service_.status());
228 TEST_F(DeviceSettingsServiceTest, StoreSuccess) {
229 owner_key_util_->Clear();
230 device_settings_test_helper_.set_policy_blob(std::string());
231 ReloadDeviceSettings();
232 EXPECT_EQ(DeviceSettingsService::STORE_KEY_UNAVAILABLE,
233 device_settings_service_.status());
235 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
236 device_settings_service_.Store(
237 device_policy_.GetCopy(),
238 base::Bind(&DeviceSettingsServiceTest::SetOperationCompleted,
239 base::Unretained(this)));
240 FlushDeviceSettings();
241 EXPECT_TRUE(operation_completed_);
242 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
243 device_settings_service_.status());
247 TEST_F(DeviceSettingsServiceTest, StoreRotation) {
248 ReloadDeviceSettings();
249 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
250 device_settings_service_.status());
252 device_policy_.payload().mutable_device_policy_refresh_rate()->
253 set_device_policy_refresh_rate(300);
254 device_policy_.SetDefaultNewSigningKey();
255 device_policy_.Build();
256 device_settings_service_.Store(device_policy_.GetCopy(), base::Closure());
257 FlushDeviceSettings();
258 owner_key_util_->SetPublicKeyFromPrivateKey(
259 *device_policy_.GetNewSigningKey());
260 device_settings_service_.OwnerKeySet(true);
261 FlushDeviceSettings();
262 EXPECT_EQ(DeviceSettingsService::STORE_SUCCESS,
263 device_settings_service_.status());
266 // Check the new key has been loaded.
267 std::vector<uint8> key;
268 ASSERT_TRUE(device_policy_.GetNewSigningKey()->ExportPublicKey(&key));
269 EXPECT_EQ(*device_settings_service_.GetOwnerKey()->public_key(), key);
272 TEST_F(DeviceSettingsServiceTest, OwnershipStatus) {
273 owner_key_util_->Clear();
275 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
276 EXPECT_FALSE(device_settings_service_.GetOwnerKey().get());
277 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_UNKNOWN,
278 device_settings_service_.GetOwnershipStatus());
280 device_settings_service_.GetOwnershipStatusAsync(
281 base::Bind(&DeviceSettingsServiceTest::SetOwnershipStatus,
282 base::Unretained(this)));
283 FlushDeviceSettings();
284 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
285 ASSERT_TRUE(device_settings_service_.GetOwnerKey().get());
286 EXPECT_FALSE(device_settings_service_.GetOwnerKey()->public_key());
287 EXPECT_FALSE(device_settings_service_.GetOwnerKey()->private_key());
288 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_NONE,
289 device_settings_service_.GetOwnershipStatus());
290 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_NONE, ownership_status_);
292 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
293 ReloadDeviceSettings();
294 device_settings_service_.GetOwnershipStatusAsync(
295 base::Bind(&DeviceSettingsServiceTest::SetOwnershipStatus,
296 base::Unretained(this)));
297 FlushDeviceSettings();
298 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
299 ASSERT_TRUE(device_settings_service_.GetOwnerKey().get());
300 ASSERT_TRUE(device_settings_service_.GetOwnerKey()->public_key());
301 std::vector<uint8> key;
302 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
303 EXPECT_EQ(*device_settings_service_.GetOwnerKey()->public_key(), key);
304 EXPECT_FALSE(device_settings_service_.GetOwnerKey()->private_key());
305 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
306 device_settings_service_.GetOwnershipStatus());
307 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN, ownership_status_);
309 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
310 device_settings_service_.SetUsername(device_policy_.policy_data().username());
311 device_settings_service_.GetOwnershipStatusAsync(
312 base::Bind(&DeviceSettingsServiceTest::SetOwnershipStatus,
313 base::Unretained(this)));
314 FlushDeviceSettings();
315 EXPECT_TRUE(device_settings_service_.HasPrivateOwnerKey());
316 ASSERT_TRUE(device_settings_service_.GetOwnerKey().get());
317 ASSERT_TRUE(device_settings_service_.GetOwnerKey()->public_key());
318 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
319 EXPECT_EQ(*device_settings_service_.GetOwnerKey()->public_key(), key);
320 EXPECT_TRUE(device_settings_service_.GetOwnerKey()->private_key());
321 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
322 device_settings_service_.GetOwnershipStatus());
323 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN, ownership_status_);
326 TEST_F(DeviceSettingsServiceTest, OnTPMTokenReadyForNonOwner) {
327 owner_key_util_->Clear();
329 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
330 EXPECT_FALSE(device_settings_service_.GetOwnerKey().get());
331 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_UNKNOWN,
332 device_settings_service_.GetOwnershipStatus());
334 device_settings_service_.IsCurrentUserOwnerAsync(
335 base::Bind(&DeviceSettingsServiceTest::OnIsOwner,
336 base::Unretained(this)));
338 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
339 ReloadDeviceSettings();
341 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
342 ASSERT_TRUE(device_settings_service_.GetOwnerKey().get());
343 ASSERT_TRUE(device_settings_service_.GetOwnerKey()->public_key());
344 std::vector<uint8> key;
345 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
346 EXPECT_EQ(*device_settings_service_.GetOwnerKey()->public_key(), key);
347 EXPECT_FALSE(device_settings_service_.GetOwnerKey()->private_key());
348 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
349 device_settings_service_.GetOwnershipStatus());
350 EXPECT_FALSE(is_owner_set_);
352 device_settings_service_.OnTPMTokenReady();
353 FlushDeviceSettings();
355 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
356 ASSERT_TRUE(device_settings_service_.GetOwnerKey().get());
357 ASSERT_TRUE(device_settings_service_.GetOwnerKey()->public_key());
358 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
359 EXPECT_EQ(*device_settings_service_.GetOwnerKey()->public_key(), key);
360 EXPECT_FALSE(device_settings_service_.GetOwnerKey()->private_key());
361 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
362 device_settings_service_.GetOwnershipStatus());
363 EXPECT_TRUE(is_owner_set_);
364 EXPECT_FALSE(is_owner_);
367 TEST_F(DeviceSettingsServiceTest, OnTPMTokenReadyForOwner) {
368 owner_key_util_->Clear();
370 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
371 EXPECT_FALSE(device_settings_service_.GetOwnerKey().get());
372 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_UNKNOWN,
373 device_settings_service_.GetOwnershipStatus());
375 device_settings_service_.IsCurrentUserOwnerAsync(
376 base::Bind(&DeviceSettingsServiceTest::OnIsOwner,
377 base::Unretained(this)));
379 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
380 ReloadDeviceSettings();
382 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
383 ASSERT_TRUE(device_settings_service_.GetOwnerKey().get());
384 ASSERT_TRUE(device_settings_service_.GetOwnerKey()->public_key());
385 std::vector<uint8> key;
386 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
387 EXPECT_EQ(*device_settings_service_.GetOwnerKey()->public_key(), key);
388 EXPECT_FALSE(device_settings_service_.GetOwnerKey()->private_key());
389 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
390 device_settings_service_.GetOwnershipStatus());
391 EXPECT_FALSE(is_owner_set_);
393 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
394 device_settings_service_.SetUsername(device_policy_.policy_data().username());
395 device_settings_service_.OnTPMTokenReady();
396 FlushDeviceSettings();
398 EXPECT_TRUE(device_settings_service_.HasPrivateOwnerKey());
399 ASSERT_TRUE(device_settings_service_.GetOwnerKey().get());
400 ASSERT_TRUE(device_settings_service_.GetOwnerKey()->public_key());
401 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
402 EXPECT_EQ(*device_settings_service_.GetOwnerKey()->public_key(), key);
403 EXPECT_TRUE(device_settings_service_.GetOwnerKey()->private_key());
404 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
405 device_settings_service_.GetOwnershipStatus());
406 EXPECT_TRUE(is_owner_set_);
407 EXPECT_TRUE(is_owner_);
410 TEST_F(DeviceSettingsServiceTest, IsCurrentUserOwnerAsyncWithLoadedCerts) {
411 owner_key_util_->Clear();
413 EXPECT_FALSE(device_settings_service_.HasPrivateOwnerKey());
414 EXPECT_FALSE(device_settings_service_.GetOwnerKey().get());
415 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_UNKNOWN,
416 device_settings_service_.GetOwnershipStatus());
418 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
419 owner_key_util_->SetPrivateKey(device_policy_.GetSigningKey());
420 device_settings_service_.SetUsername(device_policy_.policy_data().username());
421 ReloadDeviceSettings();
423 device_settings_service_.OnTPMTokenReady();
424 FlushDeviceSettings();
426 EXPECT_TRUE(device_settings_service_.HasPrivateOwnerKey());
427 ASSERT_TRUE(device_settings_service_.GetOwnerKey().get());
428 ASSERT_TRUE(device_settings_service_.GetOwnerKey()->public_key());
429 std::vector<uint8> key;
430 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
431 EXPECT_EQ(*device_settings_service_.GetOwnerKey()->public_key(), key);
432 EXPECT_TRUE(device_settings_service_.GetOwnerKey()->private_key());
433 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
434 device_settings_service_.GetOwnershipStatus());
435 EXPECT_FALSE(is_owner_set_);
437 device_settings_service_.IsCurrentUserOwnerAsync(
438 base::Bind(&DeviceSettingsServiceTest::OnIsOwner,
439 base::Unretained(this)));
440 // The callback should be called immediately.
441 base::MessageLoop::current()->RunUntilIdle();
443 EXPECT_TRUE(device_settings_service_.HasPrivateOwnerKey());
444 ASSERT_TRUE(device_settings_service_.GetOwnerKey().get());
445 ASSERT_TRUE(device_settings_service_.GetOwnerKey()->public_key());
446 ASSERT_TRUE(device_policy_.GetSigningKey()->ExportPublicKey(&key));
447 EXPECT_EQ(*device_settings_service_.GetOwnerKey()->public_key(), key);
448 EXPECT_TRUE(device_settings_service_.GetOwnerKey()->private_key());
449 EXPECT_EQ(DeviceSettingsService::OWNERSHIP_TAKEN,
450 device_settings_service_.GetOwnershipStatus());
451 EXPECT_TRUE(is_owner_set_);
452 EXPECT_TRUE(is_owner_);
455 TEST_F(DeviceSettingsServiceTest, Observer) {
456 owner_key_util_->Clear();
457 MockDeviceSettingsObserver observer_;
458 device_settings_service_.AddObserver(&observer_);
460 EXPECT_CALL(observer_, OwnershipStatusChanged()).Times(1);
461 EXPECT_CALL(observer_, DeviceSettingsUpdated()).Times(1);
462 ReloadDeviceSettings();
463 Mock::VerifyAndClearExpectations(&observer_);
465 EXPECT_CALL(observer_, OwnershipStatusChanged()).Times(1);
466 EXPECT_CALL(observer_, DeviceSettingsUpdated()).Times(1);
467 owner_key_util_->SetPublicKeyFromPrivateKey(*device_policy_.GetSigningKey());
468 ReloadDeviceSettings();
469 Mock::VerifyAndClearExpectations(&observer_);
471 EXPECT_CALL(observer_, OwnershipStatusChanged()).Times(0);
472 EXPECT_CALL(observer_, DeviceSettingsUpdated()).Times(1);
473 device_settings_service_.Store(device_policy_.GetCopy(), base::Closure());
474 FlushDeviceSettings();
475 Mock::VerifyAndClearExpectations(&observer_);
477 EXPECT_CALL(observer_, OwnershipStatusChanged()).Times(0);
478 EXPECT_CALL(observer_, DeviceSettingsUpdated()).Times(1);
479 device_settings_service_.PropertyChangeComplete(true);
480 FlushDeviceSettings();
481 Mock::VerifyAndClearExpectations(&observer_);
483 device_settings_service_.RemoveObserver(&observer_);
486 } // namespace chromeos