device_local_account_policy_service_unittest.cc revision 424c4d7b64af9d0d8fd9624f381f469654d5e3d2
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "chrome/browser/chromeos/policy/device_local_account_policy_service.h" 6 7#include "base/bind.h" 8#include "base/bind_helpers.h" 9#include "base/callback.h" 10#include "base/memory/scoped_ptr.h" 11#include "chrome/browser/chromeos/policy/device_local_account.h" 12#include "chrome/browser/chromeos/policy/device_local_account_policy_provider.h" 13#include "chrome/browser/chromeos/settings/cros_settings.h" 14#include "chrome/browser/chromeos/settings/device_settings_service.h" 15#include "chrome/browser/chromeos/settings/device_settings_test_helper.h" 16#include "chrome/browser/policy/cloud/cloud_policy_client.h" 17#include "chrome/browser/policy/cloud/cloud_policy_constants.h" 18#include "chrome/browser/policy/cloud/cloud_policy_service.h" 19#include "chrome/browser/policy/cloud/mock_device_management_service.h" 20#include "chrome/browser/policy/cloud/policy_builder.h" 21#include "chrome/browser/policy/external_data_fetcher.h" 22#include "chrome/browser/policy/mock_configuration_policy_provider.h" 23#include "chrome/browser/policy/proto/chromeos/chrome_device_policy.pb.h" 24#include "chromeos/dbus/power_policy_controller.h" 25#include "policy/policy_constants.h" 26#include "testing/gtest/include/gtest/gtest.h" 27 28using testing::AnyNumber; 29using testing::AtLeast; 30using testing::Mock; 31using testing::SaveArg; 32using testing::_; 33 34namespace em = enterprise_management; 35 36namespace policy { 37 38class MockDeviceLocalAccountPolicyServiceObserver 39 : public DeviceLocalAccountPolicyService::Observer { 40 public: 41 MOCK_METHOD1(OnPolicyUpdated, void(const std::string&)); 42 MOCK_METHOD0(OnDeviceLocalAccountsChanged, void(void)); 43}; 44 45class DeviceLocalAccountPolicyServiceTest 46 : public chromeos::DeviceSettingsTestBase { 47 public: 48 DeviceLocalAccountPolicyServiceTest() 49 : public_session_user_id_(GenerateDeviceLocalAccountUserId( 50 PolicyBuilder::kFakeUsername, 51 DeviceLocalAccount::TYPE_PUBLIC_SESSION)), 52 cros_settings_(&device_settings_service_), 53 service_(&device_settings_test_helper_, 54 &device_settings_service_, 55 &cros_settings_) {} 56 57 virtual void SetUp() OVERRIDE { 58 DeviceSettingsTestBase::SetUp(); 59 60 // Values implicitly enforced for public accounts. 61 expected_policy_map_.Set(key::kLidCloseAction, 62 POLICY_LEVEL_MANDATORY, 63 POLICY_SCOPE_USER, 64 base::Value::CreateIntegerValue( 65 chromeos::PowerPolicyController:: 66 ACTION_STOP_SESSION), 67 NULL); 68 expected_policy_map_.Set(key::kShelfAutoHideBehavior, 69 POLICY_LEVEL_MANDATORY, 70 POLICY_SCOPE_USER, 71 Value::CreateStringValue("Never"), 72 NULL); 73 expected_policy_map_.Set(key::kShowLogoutButtonInTray, 74 POLICY_LEVEL_MANDATORY, 75 POLICY_SCOPE_USER, 76 Value::CreateBooleanValue(true), 77 NULL); 78 expected_policy_map_.Set(key::kFullscreenAllowed, 79 POLICY_LEVEL_MANDATORY, 80 POLICY_SCOPE_USER, 81 Value::CreateBooleanValue(false), 82 NULL); 83 scoped_ptr<base::ListValue> allowed_extension_types(new base::ListValue()); 84 allowed_extension_types->AppendString("hosted_app"); 85 expected_policy_map_.Set(key::kExtensionAllowedTypes, 86 POLICY_LEVEL_MANDATORY, 87 POLICY_SCOPE_USER, 88 allowed_extension_types.release(), 89 NULL); 90 91 // Explicitly set value. 92 expected_policy_map_.Set(key::kDisableSpdy, 93 POLICY_LEVEL_MANDATORY, 94 POLICY_SCOPE_USER, 95 Value::CreateBooleanValue(true), 96 NULL); 97 98 device_local_account_policy_.payload().mutable_disablespdy()->set_value( 99 true); 100 device_local_account_policy_.policy_data().set_policy_type( 101 dm_protocol::kChromePublicAccountPolicyType); 102 device_local_account_policy_.policy_data().set_settings_entity_id( 103 PolicyBuilder::kFakeUsername); 104 device_local_account_policy_.Build(); 105 106 em::DeviceLocalAccountInfoProto* account = 107 device_policy_.payload().mutable_device_local_accounts()->add_account(); 108 account->set_account_id(PolicyBuilder::kFakeUsername); 109 account->set_type( 110 em::DeviceLocalAccountInfoProto::ACCOUNT_TYPE_PUBLIC_SESSION); 111 device_policy_.Build(); 112 113 service_.AddObserver(&service_observer_); 114 } 115 116 virtual void TearDown() OVERRIDE { 117 service_.RemoveObserver(&service_observer_); 118 119 DeviceSettingsTestBase::TearDown(); 120 } 121 122 void InstallDevicePolicy() { 123 EXPECT_CALL(service_observer_, OnDeviceLocalAccountsChanged()); 124 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); 125 ReloadDeviceSettings(); 126 Mock::VerifyAndClearExpectations(&service_observer_); 127 } 128 129 MOCK_METHOD1(OnRefreshDone, void(bool)); 130 131 const std::string public_session_user_id_; 132 133 PolicyMap expected_policy_map_; 134 UserPolicyBuilder device_local_account_policy_; 135 chromeos::CrosSettings cros_settings_; 136 MockDeviceLocalAccountPolicyServiceObserver service_observer_; 137 MockDeviceManagementService mock_device_management_service_; 138 DeviceLocalAccountPolicyService service_; 139 140 private: 141 DISALLOW_COPY_AND_ASSIGN(DeviceLocalAccountPolicyServiceTest); 142}; 143 144TEST_F(DeviceLocalAccountPolicyServiceTest, NoAccounts) { 145 EXPECT_FALSE(service_.GetBrokerForUser(public_session_user_id_)); 146} 147 148TEST_F(DeviceLocalAccountPolicyServiceTest, GetBroker) { 149 InstallDevicePolicy(); 150 151 DeviceLocalAccountPolicyBroker* broker = 152 service_.GetBrokerForUser(public_session_user_id_); 153 ASSERT_TRUE(broker); 154 EXPECT_EQ(public_session_user_id_, broker->user_id()); 155 ASSERT_TRUE(broker->core()->store()); 156 EXPECT_EQ(CloudPolicyStore::STATUS_OK, broker->core()->store()->status()); 157 EXPECT_FALSE(broker->core()->client()); 158 EXPECT_TRUE(broker->core()->store()->policy_map().empty()); 159} 160 161TEST_F(DeviceLocalAccountPolicyServiceTest, LoadNoPolicy) { 162 InstallDevicePolicy(); 163 164 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); 165 DeviceLocalAccountPolicyBroker* broker = 166 service_.GetBrokerForUser(public_session_user_id_); 167 ASSERT_TRUE(broker); 168 FlushDeviceSettings(); 169 Mock::VerifyAndClearExpectations(&service_observer_); 170 171 ASSERT_TRUE(broker->core()->store()); 172 EXPECT_EQ(CloudPolicyStore::STATUS_LOAD_ERROR, 173 broker->core()->store()->status()); 174 EXPECT_TRUE(broker->core()->store()->policy_map().empty()); 175 EXPECT_FALSE(service_.IsPolicyAvailableForUser(public_session_user_id_)); 176} 177 178TEST_F(DeviceLocalAccountPolicyServiceTest, LoadValidationFailure) { 179 device_local_account_policy_.policy_data().set_policy_type( 180 dm_protocol::kChromeUserPolicyType); 181 device_local_account_policy_.Build(); 182 device_settings_test_helper_.set_device_local_account_policy_blob( 183 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); 184 InstallDevicePolicy(); 185 186 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); 187 DeviceLocalAccountPolicyBroker* broker = 188 service_.GetBrokerForUser(public_session_user_id_); 189 ASSERT_TRUE(broker); 190 FlushDeviceSettings(); 191 Mock::VerifyAndClearExpectations(&service_observer_); 192 193 ASSERT_TRUE(broker->core()->store()); 194 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, 195 broker->core()->store()->status()); 196 EXPECT_TRUE(broker->core()->store()->policy_map().empty()); 197 EXPECT_FALSE(service_.IsPolicyAvailableForUser(public_session_user_id_)); 198} 199 200TEST_F(DeviceLocalAccountPolicyServiceTest, LoadPolicy) { 201 device_settings_test_helper_.set_device_local_account_policy_blob( 202 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); 203 InstallDevicePolicy(); 204 205 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); 206 DeviceLocalAccountPolicyBroker* broker = 207 service_.GetBrokerForUser(public_session_user_id_); 208 ASSERT_TRUE(broker); 209 FlushDeviceSettings(); 210 Mock::VerifyAndClearExpectations(&service_observer_); 211 212 ASSERT_TRUE(broker->core()->store()); 213 EXPECT_EQ(CloudPolicyStore::STATUS_OK, 214 broker->core()->store()->status()); 215 ASSERT_TRUE(broker->core()->store()->policy()); 216 EXPECT_EQ(device_local_account_policy_.policy_data().SerializeAsString(), 217 broker->core()->store()->policy()->SerializeAsString()); 218 EXPECT_TRUE(expected_policy_map_.Equals( 219 broker->core()->store()->policy_map())); 220 EXPECT_TRUE(service_.IsPolicyAvailableForUser(public_session_user_id_)); 221} 222 223TEST_F(DeviceLocalAccountPolicyServiceTest, StoreValidationFailure) { 224 device_local_account_policy_.policy_data().set_policy_type( 225 dm_protocol::kChromeUserPolicyType); 226 device_local_account_policy_.Build(); 227 InstallDevicePolicy(); 228 229 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); 230 DeviceLocalAccountPolicyBroker* broker = 231 service_.GetBrokerForUser(public_session_user_id_); 232 ASSERT_TRUE(broker); 233 ASSERT_TRUE(broker->core()->store()); 234 broker->core()->store()->Store(device_local_account_policy_.policy()); 235 FlushDeviceSettings(); 236 Mock::VerifyAndClearExpectations(&service_observer_); 237 238 ASSERT_TRUE(broker->core()->store()); 239 EXPECT_EQ(CloudPolicyStore::STATUS_VALIDATION_ERROR, 240 broker->core()->store()->status()); 241 EXPECT_EQ(CloudPolicyValidatorBase::VALIDATION_WRONG_POLICY_TYPE, 242 broker->core()->store()->validation_status()); 243 EXPECT_FALSE(service_.IsPolicyAvailableForUser(public_session_user_id_)); 244} 245 246TEST_F(DeviceLocalAccountPolicyServiceTest, StorePolicy) { 247 InstallDevicePolicy(); 248 249 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); 250 DeviceLocalAccountPolicyBroker* broker = 251 service_.GetBrokerForUser(public_session_user_id_); 252 ASSERT_TRUE(broker); 253 ASSERT_TRUE(broker->core()->store()); 254 broker->core()->store()->Store(device_local_account_policy_.policy()); 255 FlushDeviceSettings(); 256 Mock::VerifyAndClearExpectations(&service_observer_); 257 258 EXPECT_EQ(device_local_account_policy_.GetBlob(), 259 device_settings_test_helper_.device_local_account_policy_blob( 260 PolicyBuilder::kFakeUsername)); 261 EXPECT_TRUE(service_.IsPolicyAvailableForUser(public_session_user_id_)); 262} 263 264TEST_F(DeviceLocalAccountPolicyServiceTest, DevicePolicyChange) { 265 device_settings_test_helper_.set_device_local_account_policy_blob( 266 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); 267 InstallDevicePolicy(); 268 269 EXPECT_CALL(service_observer_, OnDeviceLocalAccountsChanged()); 270 device_policy_.payload().mutable_device_local_accounts()->clear_account(); 271 device_policy_.Build(); 272 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); 273 device_settings_service_.PropertyChangeComplete(true); 274 FlushDeviceSettings(); 275 EXPECT_FALSE(service_.GetBrokerForUser(public_session_user_id_)); 276 Mock::VerifyAndClearExpectations(&service_observer_); 277} 278 279TEST_F(DeviceLocalAccountPolicyServiceTest, DuplicateAccounts) { 280 InstallDevicePolicy(); 281 DeviceLocalAccountPolicyBroker* broker = 282 service_.GetBrokerForUser(public_session_user_id_); 283 ASSERT_TRUE(broker); 284 285 // Add a second entry with a duplicate account name to device policy. 286 em::DeviceLocalAccountInfoProto* account = 287 device_policy_.payload().mutable_device_local_accounts()->add_account(); 288 account->set_account_id(PolicyBuilder::kFakeUsername); 289 account->set_type( 290 em::DeviceLocalAccountInfoProto::ACCOUNT_TYPE_PUBLIC_SESSION); 291 device_policy_.Build(); 292 device_settings_test_helper_.set_device_local_account_policy_blob( 293 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); 294 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); 295 296 EXPECT_CALL(service_observer_, OnDeviceLocalAccountsChanged()); 297 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); 298 device_settings_service_.PropertyChangeComplete(true); 299 FlushDeviceSettings(); 300 Mock::VerifyAndClearExpectations(&service_observer_); 301 302 // Make sure the broker is accessible and policy got loaded. 303 broker = service_.GetBrokerForUser(public_session_user_id_); 304 ASSERT_TRUE(broker); 305 EXPECT_EQ(public_session_user_id_, broker->user_id()); 306 EXPECT_TRUE(broker->core()->store()->policy()); 307} 308 309TEST_F(DeviceLocalAccountPolicyServiceTest, FetchPolicy) { 310 device_settings_test_helper_.set_device_local_account_policy_blob( 311 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); 312 InstallDevicePolicy(); 313 314 DeviceLocalAccountPolicyBroker* broker = 315 service_.GetBrokerForUser(public_session_user_id_); 316 ASSERT_TRUE(broker); 317 318 service_.Connect(&mock_device_management_service_); 319 EXPECT_TRUE(broker->core()->client()); 320 321 em::DeviceManagementRequest request; 322 em::DeviceManagementResponse response; 323 response.mutable_policy_response()->add_response()->CopyFrom( 324 device_local_account_policy_.policy()); 325 EXPECT_CALL(mock_device_management_service_, 326 CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH)) 327 .WillOnce(mock_device_management_service_.SucceedJob(response)); 328 EXPECT_CALL(mock_device_management_service_, 329 StartJob(dm_protocol::kValueRequestPolicy, 330 std::string(), std::string(), 331 device_policy_.policy_data().request_token(), 332 dm_protocol::kValueUserAffiliationManaged, 333 device_policy_.policy_data().device_id(), 334 _)) 335 .WillOnce(SaveArg<6>(&request)); 336 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); 337 broker->core()->client()->FetchPolicy(); 338 FlushDeviceSettings(); 339 Mock::VerifyAndClearExpectations(&service_observer_); 340 Mock::VerifyAndClearExpectations(&mock_device_management_service_); 341 EXPECT_TRUE(request.has_policy_request()); 342 EXPECT_EQ(1, request.policy_request().request_size()); 343 EXPECT_EQ(dm_protocol::kChromePublicAccountPolicyType, 344 request.policy_request().request(0).policy_type()); 345 EXPECT_FALSE(request.policy_request().request(0).has_machine_id()); 346 EXPECT_EQ(PolicyBuilder::kFakeUsername, 347 request.policy_request().request(0).settings_entity_id()); 348 349 ASSERT_TRUE(broker->core()->store()); 350 EXPECT_EQ(CloudPolicyStore::STATUS_OK, 351 broker->core()->store()->status()); 352 ASSERT_TRUE(broker->core()->store()->policy()); 353 EXPECT_EQ(device_local_account_policy_.policy_data().SerializeAsString(), 354 broker->core()->store()->policy()->SerializeAsString()); 355 EXPECT_TRUE(expected_policy_map_.Equals( 356 broker->core()->store()->policy_map())); 357 EXPECT_TRUE(service_.IsPolicyAvailableForUser(public_session_user_id_)); 358 359 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)) 360 .Times(0); 361 service_.Disconnect(); 362 EXPECT_FALSE(broker->core()->client()); 363 Mock::VerifyAndClearExpectations(&service_observer_); 364 EXPECT_TRUE(service_.IsPolicyAvailableForUser(public_session_user_id_)); 365} 366 367TEST_F(DeviceLocalAccountPolicyServiceTest, RefreshPolicy) { 368 device_settings_test_helper_.set_device_local_account_policy_blob( 369 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); 370 InstallDevicePolicy(); 371 372 DeviceLocalAccountPolicyBroker* broker = 373 service_.GetBrokerForUser(public_session_user_id_); 374 ASSERT_TRUE(broker); 375 376 service_.Connect(&mock_device_management_service_); 377 ASSERT_TRUE(broker->core()->service()); 378 379 em::DeviceManagementResponse response; 380 response.mutable_policy_response()->add_response()->CopyFrom( 381 device_local_account_policy_.policy()); 382 EXPECT_CALL(mock_device_management_service_, CreateJob(_)) 383 .WillOnce(mock_device_management_service_.SucceedJob(response)); 384 EXPECT_CALL(mock_device_management_service_, StartJob(_, _, _, _, _, _, _)); 385 EXPECT_CALL(*this, OnRefreshDone(true)).Times(1); 386 EXPECT_CALL(service_observer_, OnPolicyUpdated(public_session_user_id_)); 387 broker->core()->service()->RefreshPolicy( 388 base::Bind(&DeviceLocalAccountPolicyServiceTest::OnRefreshDone, 389 base::Unretained(this))); 390 FlushDeviceSettings(); 391 Mock::VerifyAndClearExpectations(&service_observer_); 392 Mock::VerifyAndClearExpectations(this); 393 Mock::VerifyAndClearExpectations(&mock_device_management_service_); 394 395 ASSERT_TRUE(broker->core()->store()); 396 EXPECT_EQ(CloudPolicyStore::STATUS_OK, 397 broker->core()->store()->status()); 398 EXPECT_TRUE(expected_policy_map_.Equals( 399 broker->core()->store()->policy_map())); 400 EXPECT_TRUE(service_.IsPolicyAvailableForUser(public_session_user_id_)); 401} 402 403class DeviceLocalAccountPolicyProviderTest 404 : public DeviceLocalAccountPolicyServiceTest { 405 protected: 406 DeviceLocalAccountPolicyProviderTest() 407 : provider_( 408 GenerateDeviceLocalAccountUserId( 409 PolicyBuilder::kFakeUsername, 410 DeviceLocalAccount::TYPE_PUBLIC_SESSION), 411 &service_) {} 412 413 virtual void SetUp() OVERRIDE { 414 DeviceLocalAccountPolicyServiceTest::SetUp(); 415 provider_.Init(); 416 provider_.AddObserver(&provider_observer_); 417 418 EXPECT_CALL(service_observer_, OnPolicyUpdated(_)).Times(AnyNumber()); 419 EXPECT_CALL(service_observer_, OnDeviceLocalAccountsChanged()) 420 .Times(AnyNumber()); 421 } 422 423 virtual void TearDown() OVERRIDE { 424 provider_.RemoveObserver(&provider_observer_); 425 provider_.Shutdown(); 426 DeviceLocalAccountPolicyServiceTest::TearDown(); 427 } 428 429 DeviceLocalAccountPolicyProvider provider_; 430 MockConfigurationPolicyObserver provider_observer_; 431 432 private: 433 DISALLOW_COPY_AND_ASSIGN(DeviceLocalAccountPolicyProviderTest); 434}; 435 436TEST_F(DeviceLocalAccountPolicyProviderTest, Initialization) { 437 EXPECT_FALSE(provider_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); 438 439 // Policy change should complete initialization. 440 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); 441 device_settings_test_helper_.set_device_local_account_policy_blob( 442 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); 443 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); 444 ReloadDeviceSettings(); 445 Mock::VerifyAndClearExpectations(&provider_observer_); 446 447 EXPECT_TRUE(provider_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); 448 449 // The account disappearing should *not* flip the initialization flag back. 450 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)) 451 .Times(AnyNumber()); 452 device_policy_.payload().mutable_device_local_accounts()->clear_account(); 453 device_policy_.Build(); 454 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); 455 ReloadDeviceSettings(); 456 Mock::VerifyAndClearExpectations(&provider_observer_); 457 458 EXPECT_TRUE(provider_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); 459} 460 461TEST_F(DeviceLocalAccountPolicyProviderTest, Policy) { 462 // Policy should load successfully. 463 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); 464 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); 465 device_settings_test_helper_.set_device_local_account_policy_blob( 466 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); 467 ReloadDeviceSettings(); 468 Mock::VerifyAndClearExpectations(&provider_observer_); 469 470 PolicyBundle expected_policy_bundle; 471 expected_policy_bundle.Get(PolicyNamespace( 472 POLICY_DOMAIN_CHROME, std::string())).CopyFrom(expected_policy_map_); 473 EXPECT_TRUE(expected_policy_bundle.Equals(provider_.policies())); 474 475 // Policy change should be reported. 476 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); 477 device_local_account_policy_.payload().mutable_disablespdy()->set_value( 478 false); 479 device_local_account_policy_.Build(); 480 device_settings_test_helper_.set_device_local_account_policy_blob( 481 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); 482 DeviceLocalAccountPolicyBroker* broker = 483 service_.GetBrokerForUser(public_session_user_id_); 484 ASSERT_TRUE(broker); 485 broker->core()->store()->Load(); 486 FlushDeviceSettings(); 487 Mock::VerifyAndClearExpectations(&provider_observer_); 488 489 expected_policy_bundle.Get( 490 PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())) 491 .Set(key::kDisableSpdy, 492 POLICY_LEVEL_MANDATORY, 493 POLICY_SCOPE_USER, 494 Value::CreateBooleanValue(false), 495 NULL); 496 EXPECT_TRUE(expected_policy_bundle.Equals(provider_.policies())); 497 498 // Any values set for the |ShelfAutoHideBehavior|, |ShowLogoutButtonInTray| 499 // and |ExtensionAllowedTypes| policies should be overridden. 500 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); 501 device_local_account_policy_.payload().mutable_shelfautohidebehavior()-> 502 set_value("Always"); 503 device_local_account_policy_.payload().mutable_showlogoutbuttonintray()-> 504 set_value(false); 505 device_local_account_policy_.payload().mutable_extensionallowedtypes()-> 506 mutable_value()->mutable_entries()->Clear(); 507 device_local_account_policy_.Build(); 508 device_settings_test_helper_.set_device_local_account_policy_blob( 509 PolicyBuilder::kFakeUsername, device_local_account_policy_.GetBlob()); 510 broker->core()->store()->Load(); 511 FlushDeviceSettings(); 512 Mock::VerifyAndClearExpectations(&provider_observer_); 513 EXPECT_TRUE(expected_policy_bundle.Equals(provider_.policies())); 514 515 // Account disappears, policy should stay in effect. 516 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)) 517 .Times(AnyNumber()); 518 device_policy_.payload().mutable_device_local_accounts()->clear_account(); 519 device_policy_.Build(); 520 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); 521 ReloadDeviceSettings(); 522 Mock::VerifyAndClearExpectations(&provider_observer_); 523 524 EXPECT_TRUE(expected_policy_bundle.Equals(provider_.policies())); 525} 526 527TEST_F(DeviceLocalAccountPolicyProviderTest, RefreshPolicies) { 528 // If there's no device policy, the refresh completes immediately. 529 EXPECT_FALSE(service_.GetBrokerForUser(public_session_user_id_)); 530 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); 531 provider_.RefreshPolicies(); 532 Mock::VerifyAndClearExpectations(&provider_observer_); 533 534 // Make device settings appear. 535 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)) 536 .Times(AnyNumber()); 537 device_settings_test_helper_.set_policy_blob(device_policy_.GetBlob()); 538 ReloadDeviceSettings(); 539 Mock::VerifyAndClearExpectations(&provider_observer_); 540 EXPECT_TRUE(service_.GetBrokerForUser(public_session_user_id_)); 541 542 // If there's no cloud connection, refreshes are still immediate. 543 DeviceLocalAccountPolicyBroker* broker = 544 service_.GetBrokerForUser(public_session_user_id_); 545 ASSERT_TRUE(broker); 546 EXPECT_FALSE(broker->core()->client()); 547 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); 548 provider_.RefreshPolicies(); 549 Mock::VerifyAndClearExpectations(&provider_observer_); 550 551 // Bring up the cloud connection. The refresh scheduler may fire refreshes at 552 // this point which are not relevant for the test. 553 EXPECT_CALL(mock_device_management_service_, CreateJob(_)) 554 .WillRepeatedly( 555 mock_device_management_service_.FailJob(DM_STATUS_REQUEST_FAILED)); 556 EXPECT_CALL(mock_device_management_service_, StartJob(_, _, _, _, _, _, _)); 557 service_.Connect(&mock_device_management_service_); 558 FlushDeviceSettings(); 559 Mock::VerifyAndClearExpectations(&mock_device_management_service_); 560 561 // No callbacks until the refresh completes. 562 EXPECT_CALL(provider_observer_, OnUpdatePolicy(_)).Times(0); 563 MockDeviceManagementJob* request_job; 564 EXPECT_CALL(mock_device_management_service_, CreateJob(_)) 565 .WillOnce(mock_device_management_service_.CreateAsyncJob(&request_job)); 566 EXPECT_CALL(mock_device_management_service_, StartJob(_, _, _, _, _, _, _)); 567 provider_.RefreshPolicies(); 568 ReloadDeviceSettings(); 569 Mock::VerifyAndClearExpectations(&provider_observer_); 570 Mock::VerifyAndClearExpectations(&mock_device_management_service_); 571 EXPECT_TRUE(provider_.IsInitializationComplete(POLICY_DOMAIN_CHROME)); 572 573 // When the response comes in, it should propagate and fire the notification. 574 EXPECT_CALL(provider_observer_, OnUpdatePolicy(&provider_)).Times(AtLeast(1)); 575 ASSERT_TRUE(request_job); 576 em::DeviceManagementResponse response; 577 response.mutable_policy_response()->add_response()->CopyFrom( 578 device_local_account_policy_.policy()); 579 request_job->SendResponse(DM_STATUS_SUCCESS, response); 580 FlushDeviceSettings(); 581 Mock::VerifyAndClearExpectations(&provider_observer_); 582} 583 584} // namespace policy 585