1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/browser/policy/cloud/component_cloud_policy_updater.h"
9 #include "base/callback.h"
10 #include "base/compiler_specific.h"
11 #include "base/files/scoped_temp_dir.h"
12 #include "base/sequenced_task_runner.h"
13 #include "base/sha1.h"
14 #include "base/test/test_simple_task_runner.h"
15 #include "base/values.h"
16 #include "chrome/browser/policy/cloud/cloud_policy_constants.h"
17 #include "chrome/browser/policy/cloud/component_cloud_policy_store.h"
18 #include "chrome/browser/policy/cloud/external_policy_data_fetcher.h"
19 #include "chrome/browser/policy/cloud/policy_builder.h"
20 #include "chrome/browser/policy/cloud/resource_cache.h"
21 #include "chrome/browser/policy/external_data_fetcher.h"
22 #include "chrome/browser/policy/policy_bundle.h"
23 #include "chrome/browser/policy/policy_map.h"
24 #include "chrome/browser/policy/policy_types.h"
25 #include "chrome/browser/policy/proto/cloud/chrome_extension_policy.pb.h"
26 #include "chrome/browser/policy/proto/cloud/device_management_backend.pb.h"
27 #include "net/url_request/test_url_fetcher_factory.h"
28 #include "net/url_request/url_fetcher_delegate.h"
29 #include "net/url_request/url_request_context_getter.h"
30 #include "testing/gmock/include/gmock/gmock.h"
31 #include "testing/gtest/include/gtest/gtest.h"
34 namespace em = enterprise_management;
42 const char kTestExtension[] = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
43 const char kTestExtension2[] = "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb";
44 const char kTestExtension3[] = "cccccccccccccccccccccccccccccccc";
45 const char kTestDownload[] = "http://example.com/getpolicy?id=123";
46 const char kTestDownload2[] = "http://example.com/getpolicy?id=456";
47 const char kTestDownload3[] = "http://example.com/getpolicy?id=789";
48 const char kTestPolicy[] =
51 " \"Value\": \"disabled\""
54 " \"Value\": \"maybe\","
55 " \"Level\": \"Recommended\""
59 class MockComponentCloudPolicyStoreDelegate
60 : public ComponentCloudPolicyStore::Delegate {
62 virtual ~MockComponentCloudPolicyStoreDelegate() {}
64 MOCK_METHOD0(OnComponentCloudPolicyStoreUpdated, void());
69 class ComponentCloudPolicyUpdaterTest : public testing::Test {
71 virtual void SetUp() OVERRIDE;
72 virtual void TearDown() OVERRIDE;
74 scoped_ptr<em::PolicyFetchResponse> CreateResponse();
76 scoped_refptr<base::TestSimpleTaskRunner> task_runner_;
77 base::ScopedTempDir temp_dir_;
78 scoped_ptr<ResourceCache> cache_;
79 scoped_ptr<ComponentCloudPolicyStore> store_;
80 MockComponentCloudPolicyStoreDelegate store_delegate_;
81 net::TestURLFetcherFactory fetcher_factory_;
82 scoped_ptr<ExternalPolicyDataFetcherBackend> fetcher_backend_;
83 scoped_ptr<ComponentCloudPolicyUpdater> updater_;
84 ComponentPolicyBuilder builder_;
85 PolicyBundle expected_bundle_;
88 void ComponentCloudPolicyUpdaterTest::SetUp() {
89 ASSERT_TRUE(temp_dir_.CreateUniqueTempDir());
90 task_runner_ = new base::TestSimpleTaskRunner();
91 cache_.reset(new ResourceCache(temp_dir_.path(), task_runner_));
92 store_.reset(new ComponentCloudPolicyStore(&store_delegate_, cache_.get()));
93 store_->SetCredentials(ComponentPolicyBuilder::kFakeUsername,
94 ComponentPolicyBuilder::kFakeToken);
95 fetcher_factory_.set_remove_fetcher_on_delete(true);
96 fetcher_backend_.reset(new ExternalPolicyDataFetcherBackend(
98 scoped_refptr<net::URLRequestContextGetter>()));
99 updater_.reset(new ComponentCloudPolicyUpdater(
101 fetcher_backend_->CreateFrontend(task_runner_),
103 ASSERT_EQ(store_->policy().end(), store_->policy().begin());
105 builder_.policy_data().set_policy_type(
106 dm_protocol::kChromeExtensionPolicyType);
107 builder_.policy_data().set_settings_entity_id(kTestExtension);
108 builder_.payload().set_download_url(kTestDownload);
109 builder_.payload().set_secure_hash(base::SHA1HashString(kTestPolicy));
111 PolicyNamespace ns(POLICY_DOMAIN_EXTENSIONS, kTestExtension);
112 PolicyMap& policy = expected_bundle_.Get(ns);
113 policy.Set("Name", POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER,
114 base::Value::CreateStringValue("disabled"), NULL);
115 policy.Set("Second", POLICY_LEVEL_RECOMMENDED, POLICY_SCOPE_USER,
116 base::Value::CreateStringValue("maybe"), NULL);
119 void ComponentCloudPolicyUpdaterTest::TearDown() {
121 task_runner_->RunUntilIdle();
124 scoped_ptr<em::PolicyFetchResponse>
125 ComponentCloudPolicyUpdaterTest::CreateResponse() {
127 return make_scoped_ptr(new em::PolicyFetchResponse(builder_.policy()));
130 TEST_F(ComponentCloudPolicyUpdaterTest, FetchAndCache) {
131 // Submit a policy fetch response.
132 updater_->UpdateExternalPolicy(CreateResponse());
133 task_runner_->RunUntilIdle();
135 // Verify that a download has been started.
136 net::TestURLFetcher* fetcher = fetcher_factory_.GetFetcherByID(0);
137 ASSERT_TRUE(fetcher);
138 EXPECT_EQ(GURL(kTestDownload), fetcher->GetOriginalURL());
140 // Complete the download.
141 fetcher->set_response_code(200);
142 fetcher->SetResponseString(kTestPolicy);
143 fetcher->delegate()->OnURLFetchComplete(fetcher);
144 EXPECT_CALL(store_delegate_, OnComponentCloudPolicyStoreUpdated());
145 task_runner_->RunUntilIdle();
146 Mock::VerifyAndClearExpectations(&store_delegate_);
148 // Verify that the downloaded policy is being served.
149 EXPECT_TRUE(store_->policy().Equals(expected_bundle_));
152 TEST_F(ComponentCloudPolicyUpdaterTest, PolicyFetchResponseTooLarge) {
153 // Submit a policy fetch response that exceeds the allowed maximum size.
154 std::string long_download("http://example.com/get?id=");
155 long_download.append(20 * 1024, '1');
156 builder_.payload().set_download_url(long_download);
157 updater_->UpdateExternalPolicy(CreateResponse());
159 // Submit two valid policy fetch responses.
160 builder_.policy_data().set_settings_entity_id(kTestExtension2);
161 builder_.payload().set_download_url(kTestDownload2);
162 updater_->UpdateExternalPolicy(CreateResponse());
163 builder_.policy_data().set_settings_entity_id(kTestExtension3);
164 builder_.payload().set_download_url(kTestDownload3);
165 updater_->UpdateExternalPolicy(CreateResponse());
166 task_runner_->RunUntilIdle();
168 // Verify that the first policy fetch response has been ignored and downloads
169 // have been started for the next two fetch responses instead.
170 net::TestURLFetcher* fetcher = fetcher_factory_.GetFetcherByID(0);
171 ASSERT_TRUE(fetcher);
172 EXPECT_EQ(GURL(kTestDownload2), fetcher->GetOriginalURL());
173 fetcher = fetcher_factory_.GetFetcherByID(1);
174 ASSERT_TRUE(fetcher);
175 EXPECT_EQ(GURL(kTestDownload3), fetcher->GetOriginalURL());
178 TEST_F(ComponentCloudPolicyUpdaterTest, PolicyFetchResponseInvalid) {
179 // Submit an invalid policy fetch response.
180 builder_.policy_data().set_username("wronguser@example.com");
181 updater_->UpdateExternalPolicy(CreateResponse());
183 // Submit two valid policy fetch responses.
184 builder_.policy_data().set_username(ComponentPolicyBuilder::kFakeUsername);
185 builder_.policy_data().set_settings_entity_id(kTestExtension2);
186 builder_.payload().set_download_url(kTestDownload2);
187 updater_->UpdateExternalPolicy(CreateResponse());
188 builder_.policy_data().set_settings_entity_id(kTestExtension3);
189 builder_.payload().set_download_url(kTestDownload3);
190 updater_->UpdateExternalPolicy(CreateResponse());
191 task_runner_->RunUntilIdle();
193 // Verify that the first policy fetch response has been ignored and downloads
194 // have been started for the next two fetch responses instead.
195 net::TestURLFetcher* fetcher = fetcher_factory_.GetFetcherByID(0);
196 ASSERT_TRUE(fetcher);
197 EXPECT_EQ(GURL(kTestDownload2), fetcher->GetOriginalURL());
198 fetcher = fetcher_factory_.GetFetcherByID(1);
199 ASSERT_TRUE(fetcher);
200 EXPECT_EQ(GURL(kTestDownload3), fetcher->GetOriginalURL());
203 TEST_F(ComponentCloudPolicyUpdaterTest, AlreadyCached) {
204 // Cache policy for an extension.
206 PolicyNamespace ns(POLICY_DOMAIN_EXTENSIONS, kTestExtension);
207 EXPECT_CALL(store_delegate_, OnComponentCloudPolicyStoreUpdated());
208 EXPECT_TRUE(store_->Store(ns,
210 base::SHA1HashString(kTestPolicy),
212 Mock::VerifyAndClearExpectations(&store_delegate_);
214 // Submit a policy fetch response whose extension ID and hash match the
215 // already cached policy.
216 updater_->UpdateExternalPolicy(CreateResponse());
217 task_runner_->RunUntilIdle();
219 // Verify that no download has been started.
220 EXPECT_FALSE(fetcher_factory_.GetFetcherByID(0));
223 TEST_F(ComponentCloudPolicyUpdaterTest, PolicyDataInvalid) {
224 // Submit three policy fetch responses.
225 updater_->UpdateExternalPolicy(CreateResponse());
226 builder_.payload().set_download_url(kTestDownload2);
227 builder_.policy_data().set_settings_entity_id(kTestExtension2);
228 updater_->UpdateExternalPolicy(CreateResponse());
229 builder_.policy_data().set_settings_entity_id(kTestExtension3);
230 builder_.payload().set_download_url(kTestDownload3);
231 updater_->UpdateExternalPolicy(CreateResponse());
232 task_runner_->RunUntilIdle();
234 // Verify that the first download has been started.
235 net::TestURLFetcher* fetcher = fetcher_factory_.GetFetcherByID(0);
236 ASSERT_TRUE(fetcher);
237 EXPECT_EQ(GURL(kTestDownload), fetcher->GetOriginalURL());
239 // Verify that the second download has been started.
240 fetcher = fetcher_factory_.GetFetcherByID(1);
241 ASSERT_TRUE(fetcher);
242 EXPECT_EQ(GURL(kTestDownload2), fetcher->GetOriginalURL());
244 // Indicate that the policy data size will exceed allowed maximum.
245 fetcher->delegate()->OnURLFetchDownloadProgress(fetcher, 6 * 1024 * 1024, -1);
246 task_runner_->RunUntilIdle();
248 // Verify that the third download has been started.
249 fetcher = fetcher_factory_.GetFetcherByID(2);
250 ASSERT_TRUE(fetcher);
251 EXPECT_EQ(GURL(kTestDownload3), fetcher->GetOriginalURL());
254 TEST_F(ComponentCloudPolicyUpdaterTest, FetchUpdatedData) {
255 // Submit a policy fetch response.
256 updater_->UpdateExternalPolicy(CreateResponse());
257 task_runner_->RunUntilIdle();
259 // Verify that the first download has been started.
260 net::TestURLFetcher* fetcher = fetcher_factory_.GetFetcherByID(0);
261 ASSERT_TRUE(fetcher);
262 EXPECT_EQ(GURL(kTestDownload), fetcher->GetOriginalURL());
264 // Submit a second policy fetch response for the same extension with an
265 // updated download URL.
266 builder_.payload().set_download_url(kTestDownload2);
267 updater_->UpdateExternalPolicy(CreateResponse());
268 task_runner_->RunUntilIdle();
270 // Verify that the first download is no longer running.
271 EXPECT_FALSE(fetcher_factory_.GetFetcherByID(0));
273 // Verify that the second download has been started.
274 fetcher = fetcher_factory_.GetFetcherByID(1);
275 ASSERT_TRUE(fetcher);
276 EXPECT_EQ(GURL(kTestDownload2), fetcher->GetOriginalURL());
279 TEST_F(ComponentCloudPolicyUpdaterTest, FetchUpdatedDataWithoutPolicy) {
280 // Submit a policy fetch response.
281 updater_->UpdateExternalPolicy(CreateResponse());
282 task_runner_->RunUntilIdle();
284 // Verify that the download has been started.
285 net::TestURLFetcher* fetcher = fetcher_factory_.GetFetcherByID(0);
286 ASSERT_TRUE(fetcher);
287 EXPECT_EQ(GURL(kTestDownload), fetcher->GetOriginalURL());
289 // Complete the download.
290 fetcher->set_response_code(200);
291 fetcher->SetResponseString(kTestPolicy);
292 fetcher->delegate()->OnURLFetchComplete(fetcher);
293 EXPECT_CALL(store_delegate_, OnComponentCloudPolicyStoreUpdated());
294 task_runner_->RunUntilIdle();
295 Mock::VerifyAndClearExpectations(&store_delegate_);
297 // Verify that the downloaded policy is being served.
298 EXPECT_TRUE(store_->policy().Equals(expected_bundle_));
300 // Submit a second policy fetch response for the same extension with no
301 // download URL, meaning that no policy should be provided for this extension.
302 builder_.payload().clear_download_url();
303 builder_.payload().clear_secure_hash();
304 EXPECT_CALL(store_delegate_, OnComponentCloudPolicyStoreUpdated());
305 updater_->UpdateExternalPolicy(CreateResponse());
306 Mock::VerifyAndClearExpectations(&store_delegate_);
307 task_runner_->RunUntilIdle();
309 // Verify that no download has been started.
310 EXPECT_FALSE(fetcher_factory_.GetFetcherByID(1));
312 // Verify that the policy is no longer being served.
313 const PolicyBundle empty_bundle;
314 EXPECT_TRUE(store_->policy().Equals(empty_bundle));
317 TEST_F(ComponentCloudPolicyUpdaterTest, NoPolicy) {
318 // Submit a policy fetch response with a valid download URL.
319 updater_->UpdateExternalPolicy(CreateResponse());
320 task_runner_->RunUntilIdle();
322 // Verify that the download has been started.
323 EXPECT_TRUE(fetcher_factory_.GetFetcherByID(0));
325 // Update the policy fetch response before the download has finished. The new
326 // policy fetch response has no download URL.
327 builder_.payload().Clear();
328 updater_->UpdateExternalPolicy(CreateResponse());
329 task_runner_->RunUntilIdle();
331 // Verify that the download is no longer running.
332 EXPECT_FALSE(fetcher_factory_.GetFetcherByID(0));
335 } // namespace policy