1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "chromeos/network/onc/onc_merger.h" 6 7#include <string> 8 9#include "base/logging.h" 10#include "base/values.h" 11#include "chromeos/network/onc/onc_signature.h" 12#include "chromeos/network/onc/onc_test_utils.h" 13#include "components/onc/onc_constants.h" 14#include "testing/gtest/include/gtest/gtest.h" 15 16namespace chromeos { 17namespace onc { 18namespace { 19 20// Checks that both dictionaries contain an entry at |path| with the same value. 21::testing::AssertionResult HaveSameValueAt(const base::DictionaryValue& a, 22 const base::DictionaryValue& b, 23 const std::string& path) { 24 const base::Value* a_value = NULL; 25 if (!a.Get(path, &a_value)) { 26 return ::testing::AssertionFailure() 27 << "First dictionary '" << a << "' doesn't contain " << path; 28 } 29 30 const base::Value* b_value = NULL; 31 if (!b.Get(path, &b_value)) { 32 return ::testing::AssertionFailure() 33 << "Second dictionary '" << b << "' doesn't contain " << path; 34 } 35 36 if (base::Value::Equals(a_value, b_value)) { 37 return ::testing::AssertionSuccess() 38 << "Entries at '" << path << "' are equal"; 39 } else { 40 return ::testing::AssertionFailure() 41 << "Entries at '" << path << "' not equal but are '" 42 << *a_value << "' and '" << *b_value << "'"; 43 } 44} 45 46} // namespace 47 48namespace merger { 49 50class ONCMergerTest : public testing::Test { 51 public: 52 scoped_ptr<const base::DictionaryValue> user_; 53 scoped_ptr<const base::DictionaryValue> policy_; 54 scoped_ptr<const base::DictionaryValue> policy_without_recommended_; 55 scoped_ptr<const base::DictionaryValue> device_policy_; 56 57 virtual void SetUp() { 58 policy_ = test_utils::ReadTestDictionary("managed_vpn.onc"); 59 policy_without_recommended_ = 60 test_utils::ReadTestDictionary("managed_vpn_without_recommended.onc"); 61 user_ = test_utils::ReadTestDictionary("user.onc"); 62 device_policy_ = test_utils::ReadTestDictionary("device_policy.onc"); 63 } 64}; 65 66TEST_F(ONCMergerTest, MandatoryValueOverwritesUserValue) { 67 scoped_ptr<base::DictionaryValue> merged(MergeSettingsAndPoliciesToEffective( 68 policy_.get(), NULL, user_.get(), NULL)); 69 EXPECT_TRUE(HaveSameValueAt(*merged, *policy_, "Type")); 70 EXPECT_TRUE(HaveSameValueAt(*merged, *policy_, "IPConfigs")); 71} 72 73TEST_F(ONCMergerTest, MandatoryValueAndNoUserValue) { 74 scoped_ptr<base::DictionaryValue> merged(MergeSettingsAndPoliciesToEffective( 75 policy_.get(), NULL, user_.get(), NULL)); 76 EXPECT_TRUE(HaveSameValueAt(*merged, *policy_, "GUID")); 77 EXPECT_TRUE(HaveSameValueAt(*merged, *policy_, "VPN.OpenVPN.Username")); 78} 79 80TEST_F(ONCMergerTest, MandatoryDictionaryAndNoUserValue) { 81 scoped_ptr<base::DictionaryValue> merged(MergeSettingsAndPoliciesToEffective( 82 policy_.get(), NULL, user_.get(), NULL)); 83 EXPECT_TRUE(HaveSameValueAt(*merged, *policy_without_recommended_, 84 "VPN.OpenVPN.ClientCertPattern")); 85} 86 87TEST_F(ONCMergerTest, UserValueOverwritesRecommendedValue) { 88 scoped_ptr<base::DictionaryValue> merged(MergeSettingsAndPoliciesToEffective( 89 policy_.get(), NULL, user_.get(), NULL)); 90 EXPECT_TRUE(HaveSameValueAt(*merged, *user_, "VPN.Host")); 91} 92 93TEST_F(ONCMergerTest, UserValueAndRecommendedUnset) { 94 scoped_ptr<base::DictionaryValue> merged(MergeSettingsAndPoliciesToEffective( 95 policy_.get(), NULL, user_.get(), NULL)); 96 EXPECT_TRUE(HaveSameValueAt(*merged, *user_, "VPN.OpenVPN.Password")); 97} 98 99TEST_F(ONCMergerTest, UserDictionaryAndNoPolicyValue) { 100 scoped_ptr<base::DictionaryValue> merged(MergeSettingsAndPoliciesToEffective( 101 policy_.get(), NULL, user_.get(), NULL)); 102 const base::Value* value = NULL; 103 EXPECT_FALSE(merged->Get("ProxySettings", &value)); 104} 105 106TEST_F(ONCMergerTest, MergeWithEmptyPolicyProhibitsEverything) { 107 base::DictionaryValue emptyDict; 108 scoped_ptr<base::DictionaryValue> merged( 109 MergeSettingsAndPoliciesToEffective(&emptyDict, NULL, user_.get(), NULL)); 110 EXPECT_TRUE(merged->empty()); 111} 112 113TEST_F(ONCMergerTest, MergeWithoutPolicyAllowsAnything) { 114 scoped_ptr<base::DictionaryValue> merged( 115 MergeSettingsAndPoliciesToEffective(NULL, NULL, user_.get(), NULL)); 116 EXPECT_TRUE(test_utils::Equals(user_.get(), merged.get())); 117} 118 119TEST_F(ONCMergerTest, MergeWithoutUserSettings) { 120 base::DictionaryValue emptyDict; 121 scoped_ptr<base::DictionaryValue> merged; 122 123 merged = MergeSettingsAndPoliciesToEffective( 124 policy_.get(), NULL, &emptyDict, NULL); 125 EXPECT_TRUE(test_utils::Equals(policy_without_recommended_.get(), 126 merged.get())); 127 128 merged = MergeSettingsAndPoliciesToEffective(policy_.get(), NULL, NULL, NULL); 129 EXPECT_TRUE(test_utils::Equals(policy_without_recommended_.get(), 130 merged.get())); 131} 132 133TEST_F(ONCMergerTest, MandatoryUserPolicyOverwritesDevicePolicy) { 134 scoped_ptr<base::DictionaryValue> merged(MergeSettingsAndPoliciesToEffective( 135 policy_.get(), device_policy_.get(), user_.get(), NULL)); 136 EXPECT_TRUE(HaveSameValueAt(*merged, *policy_, "VPN.OpenVPN.Port")); 137} 138 139TEST_F(ONCMergerTest, MandatoryDevicePolicyOverwritesRecommendedUserPolicy) { 140 scoped_ptr<base::DictionaryValue> merged(MergeSettingsAndPoliciesToEffective( 141 policy_.get(), device_policy_.get(), user_.get(), NULL)); 142 EXPECT_TRUE(HaveSameValueAt(*merged, *device_policy_, 143 "VPN.OpenVPN.Username")); 144} 145 146TEST_F(ONCMergerTest, MergeToAugmented) { 147 scoped_ptr<base::DictionaryValue> expected_augmented = 148 test_utils::ReadTestDictionary("augmented_merge.json"); 149 scoped_ptr<base::DictionaryValue> merged(MergeSettingsAndPoliciesToAugmented( 150 kNetworkConfigurationSignature, policy_.get(), device_policy_.get(), 151 user_.get(), NULL, NULL)); 152 EXPECT_TRUE(test_utils::Equals(expected_augmented.get(), merged.get())); 153} 154 155} // namespace merger 156} // namespace onc 157} // namespace chromeos 158