1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
8 #include "base/json/json_parser.h"
9 #include "base/memory/scoped_ptr.h"
10 #include "base/prefs/pref_registry_simple.h"
11 #include "base/prefs/testing_pref_service.h"
12 #include "base/values.h"
13 #include "chrome/browser/extensions/extension_management.h"
14 #include "chrome/browser/extensions/extension_management_test_util.h"
15 #include "chrome/browser/extensions/external_policy_loader.h"
16 #include "extensions/browser/pref_names.h"
17 #include "extensions/common/manifest.h"
18 #include "extensions/common/manifest_constants.h"
19 #include "extensions/common/url_pattern.h"
20 #include "testing/gtest/include/gtest/gtest.h"
23 namespace extensions {
27 const char kTargetExtension[] = "abcdefghijklmnopabcdefghijklmnop";
28 const char kTargetExtension2[] = "bcdefghijklmnopabcdefghijklmnopa";
29 const char kTargetExtension3[] = "cdefghijklmnopabcdefghijklmnopab";
30 const char kOtherExtension[] = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
31 const char kExampleUpdateUrl[] = "http://example.com/update_url";
33 const char kExampleDictPreference[] =
35 " \"abcdefghijklmnopabcdefghijklmnop\": {" // kTargetExtension
36 " \"installation_mode\": \"allowed\","
38 " \"bcdefghijklmnopabcdefghijklmnopa\": {" // kTargetExtension2
39 " \"installation_mode\": \"force_installed\","
40 " \"update_url\": \"http://example.com/update_url\","
42 " \"cdefghijklmnopabcdefghijklmnopab\": {" // kTargetExtension3
43 " \"installation_mode\": \"normal_installed\","
44 " \"update_url\": \"http://example.com/update_url\","
47 " \"installation_mode\": \"blocked\","
48 " \"install_sources\": [\"*://foo.com/*\"],"
49 " \"allowed_types\": [\"theme\", \"user_script\"],"
55 class ExtensionManagementServiceTest : public testing::Test {
57 typedef ExtensionManagementPrefUpdater<TestingPrefServiceSimple> PrefUpdater;
59 ExtensionManagementServiceTest() {}
60 virtual ~ExtensionManagementServiceTest() {}
63 virtual void SetUp() OVERRIDE {
67 void InitPrefService() {
68 extension_management_.reset();
69 pref_service_.reset(new TestingPrefServiceSimple());
70 pref_service_->registry()->RegisterListPref(
71 pref_names::kAllowedInstallSites);
72 pref_service_->registry()->RegisterListPref(pref_names::kAllowedTypes);
73 pref_service_->registry()->RegisterListPref(pref_names::kInstallDenyList);
74 pref_service_->registry()->RegisterListPref(pref_names::kInstallAllowList);
75 pref_service_->registry()->RegisterDictionaryPref(
76 pref_names::kInstallForceList);
77 pref_service_->registry()->RegisterDictionaryPref(
78 pref_names::kExtensionManagement);
79 extension_management_.reset(new ExtensionManagement(pref_service_.get()));
82 void SetPref(bool managed, const char* path, base::Value* value) {
84 pref_service_->SetManagedPref(path, value);
86 pref_service_->SetUserPref(path, value);
89 void RemovePref(bool managed, const char* path) {
91 pref_service_->RemoveManagedPref(path);
93 pref_service_->RemoveUserPref(path);
96 void SetExampleDictPref() {
97 std::string error_msg;
98 scoped_ptr<base::Value> parsed(base::JSONReader::ReadAndReturnError(
99 kExampleDictPreference,
100 base::JSONParserOptions::JSON_ALLOW_TRAILING_COMMAS,
103 ASSERT_TRUE(parsed && parsed->IsType(base::Value::TYPE_DICTIONARY))
105 SetPref(true, pref_names::kExtensionManagement, parsed.release());
109 scoped_ptr<TestingPrefServiceSimple> pref_service_;
110 scoped_ptr<ExtensionManagement> extension_management_;
113 class ExtensionAdminPolicyTest : public ExtensionManagementServiceTest {
115 ExtensionAdminPolicyTest() {}
116 virtual ~ExtensionAdminPolicyTest() {}
118 void CreateExtension(Manifest::Location location) {
119 base::DictionaryValue values;
120 CreateExtensionFromValues(location, &values);
123 void CreateHostedApp(Manifest::Location location) {
124 base::DictionaryValue values;
125 values.Set(extensions::manifest_keys::kWebURLs, new base::ListValue());
126 values.SetString(extensions::manifest_keys::kLaunchWebURL,
127 "http://www.example.com");
128 CreateExtensionFromValues(location, &values);
131 void CreateExtensionFromValues(Manifest::Location location,
132 base::DictionaryValue* values) {
133 values->SetString(extensions::manifest_keys::kName, "test");
134 values->SetString(extensions::manifest_keys::kVersion, "0.1");
136 extension_ = Extension::Create(base::FilePath(), location, *values,
137 Extension::NO_FLAGS, &error);
138 ASSERT_TRUE(extension_.get());
141 // Wrappers for legacy admin policy functions, for testing purpose only.
142 bool BlacklistedByDefault(const base::ListValue* blacklist);
143 bool UserMayLoad(const base::ListValue* blacklist,
144 const base::ListValue* whitelist,
145 const base::DictionaryValue* forcelist,
146 const base::ListValue* allowed_types,
147 const Extension* extension,
148 base::string16* error);
149 bool UserMayModifySettings(const Extension* extension, base::string16* error);
150 bool MustRemainEnabled(const Extension* extension, base::string16* error);
153 scoped_refptr<Extension> extension_;
156 bool ExtensionAdminPolicyTest::BlacklistedByDefault(
157 const base::ListValue* blacklist) {
160 SetPref(true, pref_names::kInstallDenyList, blacklist->DeepCopy());
161 return extension_management_->BlacklistedByDefault();
164 bool ExtensionAdminPolicyTest::UserMayLoad(
165 const base::ListValue* blacklist,
166 const base::ListValue* whitelist,
167 const base::DictionaryValue* forcelist,
168 const base::ListValue* allowed_types,
169 const Extension* extension,
170 base::string16* error) {
173 SetPref(true, pref_names::kInstallDenyList, blacklist->DeepCopy());
175 SetPref(true, pref_names::kInstallAllowList, whitelist->DeepCopy());
177 SetPref(true, pref_names::kInstallForceList, forcelist->DeepCopy());
179 SetPref(true, pref_names::kAllowedTypes, allowed_types->DeepCopy());
180 return extension_management_->GetProvider()->UserMayLoad(extension, error);
183 bool ExtensionAdminPolicyTest::UserMayModifySettings(const Extension* extension,
184 base::string16* error) {
186 return extension_management_->GetProvider()->UserMayModifySettings(extension,
190 bool ExtensionAdminPolicyTest::MustRemainEnabled(const Extension* extension,
191 base::string16* error) {
193 return extension_management_->GetProvider()->MustRemainEnabled(extension,
197 // Verify that preference controlled by legacy ExtensionInstallSources policy is
199 TEST_F(ExtensionManagementServiceTest, LegacyInstallSources) {
200 base::ListValue allowed_sites_pref;
201 allowed_sites_pref.AppendString("https://www.example.com/foo");
202 allowed_sites_pref.AppendString("https://corp.mycompany.com/*");
204 true, pref_names::kAllowedInstallSites, allowed_sites_pref.DeepCopy());
205 const URLPatternSet& allowed_sites =
206 extension_management_->ReadGlobalSettings().install_sources;
207 ASSERT_TRUE(extension_management_->ReadGlobalSettings()
208 .has_restricted_install_sources);
209 EXPECT_FALSE(allowed_sites.is_empty());
210 EXPECT_TRUE(allowed_sites.MatchesURL(GURL("https://www.example.com/foo")));
211 EXPECT_FALSE(allowed_sites.MatchesURL(GURL("https://www.example.com/bar")));
213 allowed_sites.MatchesURL(GURL("https://corp.mycompany.com/entry")));
215 allowed_sites.MatchesURL(GURL("https://www.mycompany.com/entry")));
218 // Verify that preference controlled by legacy ExtensionAllowedTypes policy is
220 TEST_F(ExtensionManagementServiceTest, LegacyAllowedTypes) {
221 base::ListValue allowed_types_pref;
222 allowed_types_pref.AppendInteger(Manifest::TYPE_THEME);
223 allowed_types_pref.AppendInteger(Manifest::TYPE_USER_SCRIPT);
225 SetPref(true, pref_names::kAllowedTypes, allowed_types_pref.DeepCopy());
226 const std::vector<Manifest::Type>& allowed_types =
227 extension_management_->ReadGlobalSettings().allowed_types;
229 extension_management_->ReadGlobalSettings().has_restricted_allowed_types);
230 EXPECT_TRUE(allowed_types.size() == 2);
231 EXPECT_FALSE(std::find(allowed_types.begin(),
233 Manifest::TYPE_EXTENSION) != allowed_types.end());
234 EXPECT_TRUE(std::find(allowed_types.begin(),
236 Manifest::TYPE_THEME) != allowed_types.end());
237 EXPECT_TRUE(std::find(allowed_types.begin(),
239 Manifest::TYPE_USER_SCRIPT) != allowed_types.end());
242 // Verify that preference controlled by legacy ExtensionInstallBlacklist policy
244 TEST_F(ExtensionManagementServiceTest, LegacyInstallBlacklist) {
245 base::ListValue denied_list_pref;
246 denied_list_pref.AppendString(kTargetExtension);
248 SetPref(true, pref_names::kInstallDenyList, denied_list_pref.DeepCopy());
249 EXPECT_EQ(extension_management_->ReadById(kTargetExtension).installation_mode,
250 ExtensionManagement::INSTALLATION_BLOCKED);
251 EXPECT_EQ(extension_management_->ReadById(kOtherExtension).installation_mode,
252 ExtensionManagement::INSTALLATION_ALLOWED);
255 // Verify that preference controlled by legacy ExtensionInstallWhitelist policy
257 TEST_F(ExtensionManagementServiceTest, LegacyInstallWhitelist) {
258 base::ListValue denied_list_pref;
259 denied_list_pref.AppendString("*");
260 base::ListValue allowed_list_pref;
261 allowed_list_pref.AppendString(kTargetExtension);
263 SetPref(true, pref_names::kInstallDenyList, denied_list_pref.DeepCopy());
264 SetPref(true, pref_names::kInstallAllowList, allowed_list_pref.DeepCopy());
265 EXPECT_EQ(extension_management_->ReadById(kTargetExtension).installation_mode,
266 ExtensionManagement::INSTALLATION_ALLOWED);
267 EXPECT_EQ(extension_management_->ReadById(kOtherExtension).installation_mode,
268 ExtensionManagement::INSTALLATION_BLOCKED);
270 // Verify that install whitelist preference set by user is ignored.
271 RemovePref(true, pref_names::kInstallAllowList);
272 SetPref(false, pref_names::kInstallAllowList, allowed_list_pref.DeepCopy());
273 EXPECT_EQ(extension_management_->ReadById(kTargetExtension).installation_mode,
274 ExtensionManagement::INSTALLATION_BLOCKED);
277 // Verify that preference controlled by legacy ExtensionInstallForcelist policy
279 TEST_F(ExtensionManagementServiceTest, LegacyInstallForcelist) {
280 base::DictionaryValue forced_list_pref;
281 ExternalPolicyLoader::AddExtension(
282 &forced_list_pref, kTargetExtension, kExampleUpdateUrl);
284 SetPref(true, pref_names::kInstallForceList, forced_list_pref.DeepCopy());
285 EXPECT_EQ(extension_management_->ReadById(kTargetExtension).installation_mode,
286 ExtensionManagement::INSTALLATION_FORCED);
287 EXPECT_EQ(extension_management_->ReadById(kTargetExtension).update_url,
289 EXPECT_EQ(extension_management_->ReadById(kOtherExtension).installation_mode,
290 ExtensionManagement::INSTALLATION_ALLOWED);
292 // Verify that install forcelist preference set by user is ignored.
293 RemovePref(true, pref_names::kInstallForceList);
294 SetPref(false, pref_names::kInstallForceList, forced_list_pref.DeepCopy());
295 EXPECT_EQ(extension_management_->ReadById(kTargetExtension).installation_mode,
296 ExtensionManagement::INSTALLATION_ALLOWED);
299 // Tests parsing of new dictionary preference.
300 TEST_F(ExtensionManagementServiceTest, PreferenceParsing) {
301 SetExampleDictPref();
303 // Verifies the installation mode settings.
304 EXPECT_TRUE(extension_management_->BlacklistedByDefault());
305 EXPECT_EQ(extension_management_->ReadById(kTargetExtension).installation_mode,
306 ExtensionManagement::INSTALLATION_ALLOWED);
308 extension_management_->ReadById(kTargetExtension2).installation_mode,
309 ExtensionManagement::INSTALLATION_FORCED);
310 EXPECT_EQ(extension_management_->ReadById(kTargetExtension2).update_url,
313 extension_management_->ReadById(kTargetExtension3).installation_mode,
314 ExtensionManagement::INSTALLATION_RECOMMENDED);
315 EXPECT_EQ(extension_management_->ReadById(kTargetExtension3).update_url,
317 EXPECT_EQ(extension_management_->ReadById(kOtherExtension).installation_mode,
318 ExtensionManagement::INSTALLATION_BLOCKED);
320 // Verifies global settings.
321 EXPECT_TRUE(extension_management_->ReadGlobalSettings()
322 .has_restricted_install_sources);
323 const URLPatternSet& allowed_sites =
324 extension_management_->ReadGlobalSettings().install_sources;
325 EXPECT_EQ(allowed_sites.size(), 1u);
326 EXPECT_TRUE(allowed_sites.MatchesURL(GURL("http://foo.com/entry")));
327 EXPECT_FALSE(allowed_sites.MatchesURL(GURL("http://bar.com/entry")));
330 extension_management_->ReadGlobalSettings().has_restricted_allowed_types);
331 const std::vector<Manifest::Type>& allowed_types =
332 extension_management_->ReadGlobalSettings().allowed_types;
333 EXPECT_EQ(allowed_types.size(), 2u);
334 EXPECT_TRUE(std::find(allowed_types.begin(),
336 Manifest::TYPE_THEME) != allowed_types.end());
337 EXPECT_TRUE(std::find(allowed_types.begin(),
339 Manifest::TYPE_USER_SCRIPT) != allowed_types.end());
342 // Tests functionality of new preference as to deprecate legacy
343 // ExtensionInstallSources policy.
344 TEST_F(ExtensionManagementServiceTest, NewInstallSources) {
345 // Set the legacy preference, and verifies that it works.
346 base::ListValue allowed_sites_pref;
347 allowed_sites_pref.AppendString("https://www.example.com/foo");
349 true, pref_names::kAllowedInstallSites, allowed_sites_pref.DeepCopy());
350 EXPECT_TRUE(extension_management_->ReadGlobalSettings()
351 .has_restricted_install_sources);
353 extension_management_->ReadGlobalSettings()
354 .install_sources.MatchesURL(GURL("https://www.example.com/foo")));
356 // Set the new dictionary preference.
358 PrefUpdater updater(pref_service_.get());
359 updater.ClearInstallSources();
361 // Verifies that the new one overrides the legacy ones.
362 EXPECT_TRUE(extension_management_->ReadGlobalSettings()
363 .has_restricted_install_sources);
365 extension_management_->ReadGlobalSettings()
366 .install_sources.MatchesURL(GURL("https://www.example.com/foo")));
368 // Updates the new dictionary preference.
370 PrefUpdater updater(pref_service_.get());
371 updater.AddInstallSource("https://corp.mycompany.com/*");
373 EXPECT_TRUE(extension_management_->ReadGlobalSettings()
374 .has_restricted_install_sources);
375 EXPECT_TRUE(extension_management_->ReadGlobalSettings()
376 .install_sources.MatchesURL(
377 GURL("https://corp.mycompany.com/entry")));
380 // Tests functionality of new preference as to deprecate legacy
381 // ExtensionAllowedTypes policy.
382 TEST_F(ExtensionManagementServiceTest, NewAllowedTypes) {
383 // Set the legacy preference, and verifies that it works.
384 base::ListValue allowed_types_pref;
385 allowed_types_pref.AppendInteger(Manifest::TYPE_USER_SCRIPT);
386 SetPref(true, pref_names::kAllowedTypes, allowed_types_pref.DeepCopy());
388 extension_management_->ReadGlobalSettings().has_restricted_allowed_types);
389 EXPECT_EQ(extension_management_->ReadGlobalSettings().allowed_types.size(),
391 EXPECT_EQ(extension_management_->ReadGlobalSettings().allowed_types[0],
392 Manifest::TYPE_USER_SCRIPT);
394 // Set the new dictionary preference.
396 PrefUpdater updater(pref_service_.get());
397 updater.ClearAllowedTypes();
399 // Verifies that the new one overrides the legacy ones.
401 extension_management_->ReadGlobalSettings().has_restricted_allowed_types);
402 EXPECT_EQ(extension_management_->ReadGlobalSettings().allowed_types.size(),
405 // Updates the new dictionary preference.
407 PrefUpdater updater(pref_service_.get());
408 updater.AddAllowedType("theme");
411 extension_management_->ReadGlobalSettings().has_restricted_allowed_types);
412 EXPECT_EQ(extension_management_->ReadGlobalSettings().allowed_types.size(),
414 EXPECT_EQ(extension_management_->ReadGlobalSettings().allowed_types[0],
415 Manifest::TYPE_THEME);
418 // Tests functionality of new preference as to deprecate legacy
419 // ExtensionInstallBlacklist policy.
420 TEST_F(ExtensionManagementServiceTest, NewInstallBlacklist) {
421 // Set the new dictionary preference.
423 PrefUpdater updater(pref_service_.get());
424 updater.SetBlacklistedByDefault(false); // Allowed by default.
425 updater.SetIndividualExtensionInstallationAllowed(kTargetExtension, false);
426 updater.ClearPerExtensionSettings(kTargetExtension2);
427 updater.ClearPerExtensionSettings(kOtherExtension);
429 EXPECT_FALSE(extension_management_->BlacklistedByDefault());
430 EXPECT_EQ(extension_management_->ReadById(kTargetExtension).installation_mode,
431 ExtensionManagement::INSTALLATION_BLOCKED);
432 EXPECT_EQ(extension_management_->ReadById(kOtherExtension).installation_mode,
433 ExtensionManagement::INSTALLATION_ALLOWED);
435 // Set legacy preference.
436 base::ListValue denied_list_pref;
437 denied_list_pref.AppendString("*");
438 denied_list_pref.AppendString(kTargetExtension2);
439 SetPref(true, pref_names::kInstallDenyList, denied_list_pref.DeepCopy());
441 base::ListValue allowed_list_pref;
442 allowed_list_pref.AppendString(kTargetExtension);
443 SetPref(true, pref_names::kInstallAllowList, allowed_list_pref.DeepCopy());
445 // Verifies that the new one have higher priority over the legacy ones.
446 EXPECT_FALSE(extension_management_->BlacklistedByDefault());
447 EXPECT_EQ(extension_management_->ReadById(kTargetExtension).installation_mode,
448 ExtensionManagement::INSTALLATION_BLOCKED);
450 extension_management_->ReadById(kTargetExtension2).installation_mode,
451 ExtensionManagement::INSTALLATION_BLOCKED);
452 EXPECT_EQ(extension_management_->ReadById(kOtherExtension).installation_mode,
453 ExtensionManagement::INSTALLATION_ALLOWED);
456 // Tests functionality of new preference as to deprecate legacy
457 // ExtensionInstallWhitelist policy.
458 TEST_F(ExtensionManagementServiceTest, NewInstallWhitelist) {
459 // Set the new dictionary preference.
461 PrefUpdater updater(pref_service_.get());
462 updater.SetBlacklistedByDefault(true); // Disallowed by default.
463 updater.SetIndividualExtensionInstallationAllowed(kTargetExtension, true);
464 updater.ClearPerExtensionSettings(kTargetExtension2);
465 updater.ClearPerExtensionSettings(kOtherExtension);
467 EXPECT_TRUE(extension_management_->BlacklistedByDefault());
468 EXPECT_EQ(extension_management_->ReadById(kTargetExtension).installation_mode,
469 ExtensionManagement::INSTALLATION_ALLOWED);
470 EXPECT_EQ(extension_management_->ReadById(kOtherExtension).installation_mode,
471 ExtensionManagement::INSTALLATION_BLOCKED);
473 // Set legacy preference.
474 base::ListValue denied_list_pref;
475 denied_list_pref.AppendString(kTargetExtension);
476 SetPref(true, pref_names::kInstallDenyList, denied_list_pref.DeepCopy());
478 base::ListValue allowed_list_pref;
479 allowed_list_pref.AppendString(kTargetExtension2);
480 SetPref(true, pref_names::kInstallAllowList, allowed_list_pref.DeepCopy());
482 // Verifies that the new one have higher priority over the legacy ones.
483 EXPECT_TRUE(extension_management_->BlacklistedByDefault());
484 EXPECT_EQ(extension_management_->ReadById(kTargetExtension).installation_mode,
485 ExtensionManagement::INSTALLATION_ALLOWED);
487 extension_management_->ReadById(kTargetExtension2).installation_mode,
488 ExtensionManagement::INSTALLATION_ALLOWED);
489 EXPECT_EQ(extension_management_->ReadById(kOtherExtension).installation_mode,
490 ExtensionManagement::INSTALLATION_BLOCKED);
493 // Tests functionality of new preference as to deprecate legacy
494 // ExtensionInstallForcelist policy.
495 TEST_F(ExtensionManagementServiceTest, NewInstallForcelist) {
496 // Set some legacy preferences, to verify that the new one overrides the
498 base::ListValue denied_list_pref;
499 denied_list_pref.AppendString(kTargetExtension);
500 SetPref(true, pref_names::kInstallDenyList, denied_list_pref.DeepCopy());
502 // Set the new dictionary preference.
504 PrefUpdater updater(pref_service_.get());
505 updater.SetIndividualExtensionAutoInstalled(
506 kTargetExtension, kExampleUpdateUrl, true);
507 updater.ClearPerExtensionSettings(kOtherExtension);
509 EXPECT_EQ(extension_management_->ReadById(kTargetExtension).installation_mode,
510 ExtensionManagement::INSTALLATION_FORCED);
511 EXPECT_EQ(extension_management_->ReadById(kTargetExtension).update_url,
513 EXPECT_EQ(extension_management_->ReadById(kOtherExtension).installation_mode,
514 ExtensionManagement::INSTALLATION_ALLOWED);
517 // Tests the flag value indicating that extensions are blacklisted by default.
518 TEST_F(ExtensionAdminPolicyTest, BlacklistedByDefault) {
519 EXPECT_FALSE(BlacklistedByDefault(NULL));
521 base::ListValue blacklist;
522 blacklist.Append(new base::StringValue(kOtherExtension));
523 EXPECT_FALSE(BlacklistedByDefault(&blacklist));
524 blacklist.Append(new base::StringValue("*"));
525 EXPECT_TRUE(BlacklistedByDefault(&blacklist));
528 blacklist.Append(new base::StringValue("*"));
529 EXPECT_TRUE(BlacklistedByDefault(&blacklist));
532 // Tests UserMayLoad for required extensions.
533 TEST_F(ExtensionAdminPolicyTest, UserMayLoadRequired) {
534 CreateExtension(Manifest::COMPONENT);
535 EXPECT_TRUE(UserMayLoad(NULL, NULL, NULL, NULL, extension_.get(), NULL));
536 base::string16 error;
537 EXPECT_TRUE(UserMayLoad(NULL, NULL, NULL, NULL, extension_.get(), &error));
538 EXPECT_TRUE(error.empty());
540 // Required extensions may load even if they're on the blacklist.
541 base::ListValue blacklist;
542 blacklist.Append(new base::StringValue(extension_->id()));
544 UserMayLoad(&blacklist, NULL, NULL, NULL, extension_.get(), NULL));
546 blacklist.Append(new base::StringValue("*"));
548 UserMayLoad(&blacklist, NULL, NULL, NULL, extension_.get(), NULL));
551 // Tests UserMayLoad when no blacklist exists, or it's empty.
552 TEST_F(ExtensionAdminPolicyTest, UserMayLoadNoBlacklist) {
553 CreateExtension(Manifest::INTERNAL);
554 EXPECT_TRUE(UserMayLoad(NULL, NULL, NULL, NULL, extension_.get(), NULL));
555 base::ListValue blacklist;
557 UserMayLoad(&blacklist, NULL, NULL, NULL, extension_.get(), NULL));
558 base::string16 error;
560 UserMayLoad(&blacklist, NULL, NULL, NULL, extension_.get(), &error));
561 EXPECT_TRUE(error.empty());
564 // Tests UserMayLoad for an extension on the whitelist.
565 TEST_F(ExtensionAdminPolicyTest, UserMayLoadWhitelisted) {
566 CreateExtension(Manifest::INTERNAL);
568 base::ListValue whitelist;
569 whitelist.Append(new base::StringValue(extension_->id()));
571 UserMayLoad(NULL, &whitelist, NULL, NULL, extension_.get(), NULL));
573 base::ListValue blacklist;
574 blacklist.Append(new base::StringValue(extension_->id()));
576 UserMayLoad(NULL, &whitelist, NULL, NULL, extension_.get(), NULL));
577 base::string16 error;
579 UserMayLoad(NULL, &whitelist, NULL, NULL, extension_.get(), &error));
580 EXPECT_TRUE(error.empty());
583 // Tests UserMayLoad for an extension on the blacklist.
584 TEST_F(ExtensionAdminPolicyTest, UserMayLoadBlacklisted) {
585 CreateExtension(Manifest::INTERNAL);
587 // Blacklisted by default.
588 base::ListValue blacklist;
589 blacklist.Append(new base::StringValue("*"));
591 UserMayLoad(&blacklist, NULL, NULL, NULL, extension_.get(), NULL));
592 base::string16 error;
594 UserMayLoad(&blacklist, NULL, NULL, NULL, extension_.get(), &error));
595 EXPECT_FALSE(error.empty());
597 // Extension on the blacklist, with and without wildcard.
598 blacklist.Append(new base::StringValue(extension_->id()));
600 UserMayLoad(&blacklist, NULL, NULL, NULL, extension_.get(), NULL));
602 blacklist.Append(new base::StringValue(extension_->id()));
604 UserMayLoad(&blacklist, NULL, NULL, NULL, extension_.get(), NULL));
606 // With a whitelist. There's no such thing as a whitelist wildcard.
607 base::ListValue whitelist;
608 whitelist.Append(new base::StringValue("behllobkkfkfnphdnhnkndlbkcpglgmj"));
610 UserMayLoad(&blacklist, &whitelist, NULL, NULL, extension_.get(), NULL));
611 whitelist.Append(new base::StringValue("*"));
613 UserMayLoad(&blacklist, &whitelist, NULL, NULL, extension_.get(), NULL));
616 TEST_F(ExtensionAdminPolicyTest, UserMayLoadAllowedTypes) {
617 CreateExtension(Manifest::INTERNAL);
618 EXPECT_TRUE(UserMayLoad(NULL, NULL, NULL, NULL, extension_.get(), NULL));
620 base::ListValue allowed_types;
622 UserMayLoad(NULL, NULL, NULL, &allowed_types, extension_.get(), NULL));
624 allowed_types.AppendInteger(Manifest::TYPE_EXTENSION);
626 UserMayLoad(NULL, NULL, NULL, &allowed_types, extension_.get(), NULL));
628 CreateHostedApp(Manifest::INTERNAL);
630 UserMayLoad(NULL, NULL, NULL, &allowed_types, extension_.get(), NULL));
632 CreateHostedApp(Manifest::EXTERNAL_POLICY_DOWNLOAD);
634 UserMayLoad(NULL, NULL, NULL, &allowed_types, extension_.get(), NULL));
637 TEST_F(ExtensionAdminPolicyTest, UserMayModifySettings) {
638 CreateExtension(Manifest::INTERNAL);
639 EXPECT_TRUE(UserMayModifySettings(extension_.get(), NULL));
640 base::string16 error;
641 EXPECT_TRUE(UserMayModifySettings(extension_.get(), &error));
642 EXPECT_TRUE(error.empty());
644 CreateExtension(Manifest::EXTERNAL_POLICY_DOWNLOAD);
646 EXPECT_FALSE(UserMayModifySettings(extension_.get(), NULL));
647 EXPECT_FALSE(UserMayModifySettings(extension_.get(), &error));
648 EXPECT_FALSE(error.empty());
651 TEST_F(ExtensionAdminPolicyTest, MustRemainEnabled) {
652 CreateExtension(Manifest::EXTERNAL_POLICY_DOWNLOAD);
653 EXPECT_TRUE(MustRemainEnabled(extension_.get(), NULL));
654 base::string16 error;
655 EXPECT_TRUE(MustRemainEnabled(extension_.get(), &error));
656 EXPECT_FALSE(error.empty());
658 CreateExtension(Manifest::INTERNAL);
660 EXPECT_FALSE(MustRemainEnabled(extension_.get(), NULL));
661 EXPECT_FALSE(MustRemainEnabled(extension_.get(), &error));
662 EXPECT_TRUE(error.empty());
665 } // namespace extensions