network_configuration_updater_unittest.cc revision 116680a4aac90f2aa7413d9095a592090648e557
1424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)// Copyright 2013 The Chromium Authors. All rights reserved. 2424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 3424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)// found in the LICENSE file. 4424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 5f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "base/bind.h" 6f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "base/bind_helpers.h" 7424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "base/callback.h" 8424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "base/files/file_path.h" 9424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "base/memory/scoped_ptr.h" 10424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "base/run_loop.h" 11424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "base/values.h" 12cedac228d2dd51db4b79ea1e72c7f249408ee061Torne (Richard Coles)#include "chrome/browser/chromeos/login/users/user.h" 135d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/policy/device_network_configuration_updater.h" 14424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "chrome/browser/chromeos/policy/user_network_configuration_updater.h" 155d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/settings/cros_settings.h" 165d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/settings/device_settings_service.h" 175d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/browser/chromeos/settings/stub_cros_settings_provider.h" 185d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chrome/test/base/testing_profile.h" 195d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)#include "chromeos/network/fake_network_device_handler.h" 20424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "chromeos/network/mock_managed_network_configuration_handler.h" 21424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "chromeos/network/onc/mock_certificate_importer.h" 22424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "chromeos/network/onc/onc_test_utils.h" 23424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "chromeos/network/onc/onc_utils.h" 244e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles)#include "components/onc/onc_constants.h" 25f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "components/policy/core/common/external_data_fetcher.h" 26a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "components/policy/core/common/mock_configuration_policy_provider.h" 27f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "components/policy/core/common/policy_map.h" 28a3f6a49ab37290eeeb8db0f41ec0f1cb74a68be7Torne (Richard Coles)#include "components/policy/core/common/policy_service_impl.h" 29116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "components/user_manager/user_type.h" 30424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "content/public/test/test_browser_thread_bundle.h" 31424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "content/public/test/test_utils.h" 32424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "net/base/test_data_directory.h" 33424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "net/cert/x509_certificate.h" 34424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "net/test/cert_test_util.h" 35424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "policy/policy_constants.h" 36424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "testing/gmock/include/gmock/gmock.h" 37424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "testing/gtest/include/gtest/gtest.h" 38424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 39424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)using testing::AnyNumber; 40424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)using testing::AtLeast; 41424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)using testing::Mock; 42424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)using testing::Ne; 43424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)using testing::Return; 44424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)using testing::StrictMock; 45424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)using testing::_; 46424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 47424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)namespace policy { 48424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 49424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)namespace { 50424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 51424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)const char kFakeUserEmail[] = "fake email"; 52424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)const char kFakeUsernameHash[] = "fake hash"; 53424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 54424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)class FakeUser : public chromeos::User { 55424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) public: 56424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) FakeUser() : User(kFakeUserEmail) { 57424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) set_display_email(kFakeUserEmail); 58424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) set_username_hash(kFakeUsernameHash); 59424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 60424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) virtual ~FakeUser() {} 61424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 62424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // User overrides 63116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch virtual user_manager::UserType GetType() const OVERRIDE { 64116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch return user_manager::USER_TYPE_REGULAR; 65424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 66424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 67424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) private: 68424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(FakeUser); 69424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)}; 70424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 71f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)class FakeWebTrustedCertsObserver 72f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) : public UserNetworkConfigurationUpdater::WebTrustedCertsObserver { 73f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) public: 74f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) virtual void OnTrustAnchorsChanged( 75f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) const net::CertificateList& trust_anchors) OVERRIDE { 76f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) trust_anchors_ = trust_anchors; 77f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) } 78f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) net::CertificateList trust_anchors_; 79f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)}; 80f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 815d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)class FakeNetworkDeviceHandler : public chromeos::FakeNetworkDeviceHandler { 825d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) public: 835d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) FakeNetworkDeviceHandler() : allow_roaming_(false) {} 845d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 855d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) virtual void SetCellularAllowRoaming(bool allow_roaming) OVERRIDE { 865d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) allow_roaming_ = allow_roaming; 875d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } 885d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 895d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) bool allow_roaming_; 905d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)}; 915d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 92424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)const char kFakeONC[] = 93424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) "{ \"NetworkConfigurations\": [" 94424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " { \"GUID\": \"{485d6076-dd44-6b6d-69787465725f5040}\"," 95424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " \"Type\": \"WiFi\"," 96424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " \"Name\": \"My WiFi Network\"," 97424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " \"WiFi\": {" 98424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " \"SSID\": \"ssid-none\"," 99424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " \"Security\": \"None\" }" 100424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " }" 101424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " ]," 1028bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) " \"GlobalNetworkConfiguration\": {" 1038bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) " \"AllowOnlyPolicyNetworksToAutoconnect\": true," 1048bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) " }," 105424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " \"Certificates\": [" 106424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " { \"GUID\": \"{f998f760-272b-6939-4c2beffe428697ac}\"," 107424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " \"PKCS12\": \"abc\"," 108424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " \"Type\": \"Client\" }" 109424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " ]," 110424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " \"Type\": \"UnencryptedConfiguration\"" 111424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) "}"; 112424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 1138bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)std::string ValueToString(const base::Value& value) { 114424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) std::stringstream str; 1158bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) str << value; 116424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) return str.str(); 117424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} 118424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 1198bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)void AppendAll(const base::ListValue& from, base::ListValue* to) { 1208bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) for (base::ListValue::const_iterator it = from.begin(); it != from.end(); 1218bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) ++it) { 1228bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) to->Append((*it)->DeepCopy()); 1238bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) } 1248bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)} 1258bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 126424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)// Matcher to match base::Value. 127424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)MATCHER_P(IsEqualTo, 128424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) value, 129424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) std::string(negation ? "isn't" : "is") + " equal to " + 1308bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) ValueToString(*value)) { 131424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) return value->Equals(&arg); 132424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} 133424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 1348bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)MATCHER(IsEmpty, std::string(negation ? "isn't" : "is") + " empty.") { 1358bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) return arg.empty(); 1368bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)} 1378bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 138424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)ACTION_P(SetCertificateList, list) { 139424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) if (arg2) 140424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) *arg2 = list; 141424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) return true; 142424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} 143424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 144424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} // namespace 145424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 146424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)class NetworkConfigurationUpdaterTest : public testing::Test { 147424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) protected: 148424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) NetworkConfigurationUpdaterTest() { 149424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 150424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 151424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) virtual void SetUp() OVERRIDE { 152424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(provider_, IsInitializationComplete(_)) 1535d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) .WillRepeatedly(Return(false)); 154424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) provider_.Init(); 155424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) PolicyServiceImpl::Providers providers; 156424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) providers.push_back(&provider_); 1575d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) policy_service_.reset(new PolicyServiceImpl(providers)); 158424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 159424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) scoped_ptr<base::DictionaryValue> fake_toplevel_onc = 1604e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles) chromeos::onc::ReadDictionaryFromJson(kFakeONC); 161424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 162424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) base::ListValue* network_configs = NULL; 1638bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) fake_toplevel_onc->GetListWithoutPathExpansion( 1648bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) onc::toplevel_config::kNetworkConfigurations, &network_configs); 1658bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) AppendAll(*network_configs, &fake_network_configs_); 1668bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 1678bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) base::DictionaryValue* global_config = NULL; 1688bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) fake_toplevel_onc->GetDictionaryWithoutPathExpansion( 1698bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) onc::toplevel_config::kGlobalNetworkConfiguration, &global_config); 1708bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) fake_global_network_config_.MergeDictionary(global_config); 171424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 172424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) base::ListValue* certs = NULL; 1738bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) fake_toplevel_onc->GetListWithoutPathExpansion( 1748bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) onc::toplevel_config::kCertificates, &certs); 1758bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) AppendAll(*certs, &fake_certificates_); 176424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 1774e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles) certificate_importer_ = 1784e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles) new StrictMock<chromeos::onc::MockCertificateImporter>(); 179424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) certificate_importer_owned_.reset(certificate_importer_); 180424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 181424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 182424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) virtual void TearDown() OVERRIDE { 183424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) network_configuration_updater_.reset(); 184424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) provider_.Shutdown(); 185424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) base::RunLoop().RunUntilIdle(); 186424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 187424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 1885d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) void MarkPolicyProviderInitialized() { 1895d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) Mock::VerifyAndClearExpectations(&provider_); 1905d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) EXPECT_CALL(provider_, IsInitializationComplete(_)) 1915d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) .WillRepeatedly(Return(true)); 1925d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) provider_.SetAutoRefresh(); 1935d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) provider_.RefreshPolicies(); 1945d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) base::RunLoop().RunUntilIdle(); 1955d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } 1965d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 197424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) void UpdateProviderPolicy(const PolicyMap& policy) { 198424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) provider_.UpdateChromePolicy(policy); 199424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) base::RunLoop().RunUntilIdle(); 200424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 201424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 202424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) UserNetworkConfigurationUpdater* 203424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) CreateNetworkConfigurationUpdaterForUserPolicy( 2045d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) bool allow_trusted_certs_from_policy, 2055d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) bool set_cert_importer) { 206424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) UserNetworkConfigurationUpdater* updater = 207424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) UserNetworkConfigurationUpdater::CreateForUserPolicy( 2085d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) &profile_, 209424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) allow_trusted_certs_from_policy, 210424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) fake_user_, 211424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) policy_service_.get(), 212424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) &network_config_handler_).release(); 2135d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (set_cert_importer) { 2145d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) EXPECT_TRUE(certificate_importer_owned_); 2155d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) updater->SetCertificateImporterForTest( 2165d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) certificate_importer_owned_.Pass()); 2175d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } 218424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) network_configuration_updater_.reset(updater); 219424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) return updater; 220424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 221424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 222424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) void CreateNetworkConfigurationUpdaterForDevicePolicy() { 223424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) network_configuration_updater_ = 2245d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) DeviceNetworkConfigurationUpdater::CreateForDevicePolicy( 225424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) policy_service_.get(), 2265d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) &network_config_handler_, 2275d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) &network_device_handler_, 2285d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::CrosSettings::Get()); 229424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 230424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 2318bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) base::ListValue fake_network_configs_; 2328bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) base::DictionaryValue fake_global_network_config_; 2338bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) base::ListValue fake_certificates_; 234424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) StrictMock<chromeos::MockManagedNetworkConfigurationHandler> 235424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) network_config_handler_; 2365d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) FakeNetworkDeviceHandler network_device_handler_; 2375d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2385d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Not used directly. Required for CrosSettings. 2395d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::ScopedTestDeviceSettingsService scoped_device_settings_service_; 2405d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::ScopedTestCrosSettings scoped_cros_settings_; 241424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 242424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // Ownership of certificate_importer_owned_ is passed to the 243424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // NetworkConfigurationUpdater. When that happens, |certificate_importer_| 244424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // continues to point to that instance but |certificate_importer_owned_| is 245424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // released. 2464e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles) StrictMock<chromeos::onc::MockCertificateImporter>* certificate_importer_; 2474e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles) scoped_ptr<chromeos::onc::CertificateImporter> certificate_importer_owned_; 248424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 249424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) StrictMock<MockConfigurationPolicyProvider> provider_; 250424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) scoped_ptr<PolicyServiceImpl> policy_service_; 251424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) FakeUser fake_user_; 252424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 2535d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) TestingProfile profile_; 2545d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 255424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) scoped_ptr<NetworkConfigurationUpdater> network_configuration_updater_; 256424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) content::TestBrowserThreadBundle thread_bundle_; 257424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)}; 258424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 2595d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)TEST_F(NetworkConfigurationUpdaterTest, CellularAllowRoaming) { 2605d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Ignore network config updates. 2615d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)).Times(AtLeast(1)); 2625d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2635d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Setup the DataRoaming device setting. 2645d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::CrosSettings* cros_settings = chromeos::CrosSettings::Get(); 2655d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::CrosSettingsProvider* device_settings_provider = 2665d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) cros_settings->GetProvider(chromeos::kSignedDataRoamingEnabled); 2675d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) cros_settings->RemoveSettingsProvider(device_settings_provider); 2685d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) delete device_settings_provider; 2695d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::StubCrosSettingsProvider* stub_settings_provider = 2705d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) new chromeos::StubCrosSettingsProvider; 2715d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) cros_settings->AddSettingsProvider(stub_settings_provider); 2725d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2735d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::CrosSettings::Get()->Set(chromeos::kSignedDataRoamingEnabled, 2745d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) base::FundamentalValue(false)); 2755d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) EXPECT_FALSE(network_device_handler_.allow_roaming_); 2765d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2775d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) CreateNetworkConfigurationUpdaterForDevicePolicy(); 2785d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) MarkPolicyProviderInitialized(); 2795d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::CrosSettings::Get()->Set(chromeos::kSignedDataRoamingEnabled, 2805d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) base::FundamentalValue(true)); 2815d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) EXPECT_TRUE(network_device_handler_.allow_roaming_); 2825d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2835d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) chromeos::CrosSettings::Get()->Set(chromeos::kSignedDataRoamingEnabled, 2845d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) base::FundamentalValue(false)); 2855d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) EXPECT_FALSE(network_device_handler_.allow_roaming_); 2865d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 2875d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 288424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)TEST_F(NetworkConfigurationUpdaterTest, PolicyIsValidatedAndRepaired) { 289424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) scoped_ptr<base::DictionaryValue> onc_repaired = 2904e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles) chromeos::onc::test_utils::ReadTestDictionary( 291424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) "repaired_toplevel_partially_invalid.onc"); 292424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 293424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) base::ListValue* network_configs_repaired = NULL; 294424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) onc_repaired->GetListWithoutPathExpansion( 295424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) onc::toplevel_config::kNetworkConfigurations, &network_configs_repaired); 296424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) ASSERT_TRUE(network_configs_repaired); 297424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 2988bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) base::DictionaryValue* global_config_repaired = NULL; 2998bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) onc_repaired->GetDictionaryWithoutPathExpansion( 3008bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) onc::toplevel_config::kGlobalNetworkConfiguration, 3018bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) &global_config_repaired); 3028bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) ASSERT_TRUE(global_config_repaired); 3038bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 304f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) std::string onc_policy = 305f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) chromeos::onc::test_utils::ReadTestData("toplevel_partially_invalid.onc"); 306424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) PolicyMap policy; 307424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) policy.Set(key::kOpenNetworkConfiguration, 308424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) POLICY_LEVEL_MANDATORY, 309424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) POLICY_SCOPE_USER, 310424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) new base::StringValue(onc_policy), 311424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) NULL); 312424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) UpdateProviderPolicy(policy); 313424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 3148bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) EXPECT_CALL(network_config_handler_, 3158bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) SetPolicy(onc::ONC_SOURCE_USER_POLICY, 3168bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) _, 3178bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) IsEqualTo(network_configs_repaired), 3188bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) IsEqualTo(global_config_repaired))); 319424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(*certificate_importer_, 3205d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ImportCertificates(_, onc::ONC_SOURCE_USER_POLICY, _)); 321424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 322424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) CreateNetworkConfigurationUpdaterForUserPolicy( 3235d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) false /* do not allow trusted certs from policy */, 3245d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) true /* set certificate importer */); 3255d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) MarkPolicyProviderInitialized(); 326424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} 327424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 328424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)TEST_F(NetworkConfigurationUpdaterTest, 329424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) DoNotAllowTrustedCertificatesFromPolicy) { 330424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) net::CertificateList cert_list; 331424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) cert_list = 332424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), 333424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) "ok_cert.pem", 334424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) net::X509Certificate::FORMAT_AUTO); 335424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) ASSERT_EQ(1u, cert_list.size()); 336424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 337424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(network_config_handler_, 3388bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) SetPolicy(onc::ONC_SOURCE_USER_POLICY, _, _, _)); 339424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(*certificate_importer_, ImportCertificates(_, _, _)) 340424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) .WillRepeatedly(SetCertificateList(cert_list)); 341424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 342424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) UserNetworkConfigurationUpdater* updater = 343424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) CreateNetworkConfigurationUpdaterForUserPolicy( 3445d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) false /* do not allow trusted certs from policy */, 3455d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) true /* set certificate importer */); 3465d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) MarkPolicyProviderInitialized(); 347424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 348f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Certificates with the "Web" trust flag set should not be forwarded to 349f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // observers. 350f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) FakeWebTrustedCertsObserver observer; 351f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) updater->AddTrustedCertsObserver(&observer); 352f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 353424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) base::RunLoop().RunUntilIdle(); 354424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 355f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) net::CertificateList trust_anchors; 356f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) updater->GetWebTrustedCertificates(&trust_anchors); 357f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_TRUE(trust_anchors.empty()); 358f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 359f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_TRUE(observer.trust_anchors_.empty()); 360f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) updater->RemoveTrustedCertsObserver(&observer); 361424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} 362424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 363f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)TEST_F(NetworkConfigurationUpdaterTest, 364f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) AllowTrustedCertificatesFromPolicyInitially) { 365f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Ignore network configuration changes. 366f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)) 367f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) .Times(AnyNumber()); 368f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 369424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) net::CertificateList cert_list; 370424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) cert_list = 371424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), 372424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) "ok_cert.pem", 373424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) net::X509Certificate::FORMAT_AUTO); 374424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) ASSERT_EQ(1u, cert_list.size()); 375424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 376424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(*certificate_importer_, 377424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) ImportCertificates(_, onc::ONC_SOURCE_USER_POLICY, _)) 378424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) .WillRepeatedly(SetCertificateList(cert_list)); 379424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 380424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) UserNetworkConfigurationUpdater* updater = 381424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) CreateNetworkConfigurationUpdaterForUserPolicy( 3825d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) true /* allow trusted certs from policy */, 3835d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) true /* set certificate importer */); 3845d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) MarkPolicyProviderInitialized(); 385424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 386424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) base::RunLoop().RunUntilIdle(); 387424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 388f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Certificates with the "Web" trust flag set will be returned. 389f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) net::CertificateList trust_anchors; 390f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) updater->GetWebTrustedCertificates(&trust_anchors); 391f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_EQ(1u, trust_anchors.size()); 392f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)} 393f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 394f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)TEST_F(NetworkConfigurationUpdaterTest, 395f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) AllowTrustedCertificatesFromPolicyOnUpdate) { 396f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Ignore network configuration changes. 397f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)) 398f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) .Times(AnyNumber()); 399f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 400f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Start with an empty certificate list. 401f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_CALL(*certificate_importer_, 402f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) ImportCertificates(_, onc::ONC_SOURCE_USER_POLICY, _)) 403f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) .WillRepeatedly(SetCertificateList(net::CertificateList())); 404f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 405f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) UserNetworkConfigurationUpdater* updater = 406f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) CreateNetworkConfigurationUpdaterForUserPolicy( 4075d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) true /* allow trusted certs from policy */, 4085d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) true /* set certificate importer */); 4095d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) MarkPolicyProviderInitialized(); 410f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 411f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) FakeWebTrustedCertsObserver observer; 412f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) updater->AddTrustedCertsObserver(&observer); 413f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 414f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) base::RunLoop().RunUntilIdle(); 415f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 416f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Verify that the returned certificate list is empty. 417f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) Mock::VerifyAndClearExpectations(certificate_importer_); 418f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) { 419f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) net::CertificateList trust_anchors; 420f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) updater->GetWebTrustedCertificates(&trust_anchors); 421f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_TRUE(trust_anchors.empty()); 422f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) } 423f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_TRUE(observer.trust_anchors_.empty()); 424f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 425f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Now use a non-empty certificate list to test the observer notification. 426f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) net::CertificateList cert_list; 427f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) cert_list = 428f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), 429f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) "ok_cert.pem", 430f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) net::X509Certificate::FORMAT_AUTO); 431f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) ASSERT_EQ(1u, cert_list.size()); 432f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 433f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_CALL(*certificate_importer_, 434f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) ImportCertificates(_, onc::ONC_SOURCE_USER_POLICY, _)) 435f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) .WillOnce(SetCertificateList(cert_list)); 436f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 437f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Change to any non-empty policy, so that updates are triggered. The actual 438f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // content of the policy is irrelevant. 439f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) PolicyMap policy; 440f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) policy.Set(key::kOpenNetworkConfiguration, 441f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) POLICY_LEVEL_MANDATORY, 442f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) POLICY_SCOPE_USER, 443f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) new base::StringValue(kFakeONC), 444f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) NULL); 445f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) UpdateProviderPolicy(policy); 446f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) base::RunLoop().RunUntilIdle(); 447f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 448f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Certificates with the "Web" trust flag set will be returned and forwarded 449f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // to observers. 450f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) { 451f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) net::CertificateList trust_anchors; 452f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) updater->GetWebTrustedCertificates(&trust_anchors); 453f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_EQ(1u, trust_anchors.size()); 454f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) } 455f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_EQ(1u, observer.trust_anchors_.size()); 456f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 457f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) updater->RemoveTrustedCertsObserver(&observer); 458424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} 459424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 4605d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)TEST_F(NetworkConfigurationUpdaterTest, 4615d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) DontImportCertificateBeforeCertificateImporterSet) { 4625d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) PolicyMap policy; 4635d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) policy.Set(key::kOpenNetworkConfiguration, POLICY_LEVEL_MANDATORY, 4645d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) POLICY_SCOPE_USER, new base::StringValue(kFakeONC), NULL); 4655d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) UpdateProviderPolicy(policy); 4665d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 4675d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) EXPECT_CALL(network_config_handler_, 4685d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) SetPolicy(onc::ONC_SOURCE_USER_POLICY, 4695d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) kFakeUsernameHash, 4705d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) IsEqualTo(&fake_network_configs_), 4715d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) IsEqualTo(&fake_global_network_config_))); 4725d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) EXPECT_CALL(*certificate_importer_, ImportCertificates(_, _ , _)).Times(0); 4735d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 4745d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) UserNetworkConfigurationUpdater* updater = 4755d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) CreateNetworkConfigurationUpdaterForUserPolicy( 4765d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) true /* allow trusted certs from policy */, 4775d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) false /* do not set certificate importer */); 4785d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) MarkPolicyProviderInitialized(); 4795d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 4805d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) Mock::VerifyAndClearExpectations(&network_config_handler_); 4815d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) Mock::VerifyAndClearExpectations(certificate_importer_); 4825d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 4835d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) EXPECT_CALL(network_config_handler_, 4845d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) SetPolicy(onc::ONC_SOURCE_USER_POLICY, 4855d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) kFakeUsernameHash, 4865d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) IsEqualTo(&fake_network_configs_), 4875d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) IsEqualTo(&fake_global_network_config_))) 4885d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) .Times(0); 4895d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) EXPECT_CALL(*certificate_importer_, 4905d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ImportCertificates(IsEqualTo(&fake_certificates_), 4915d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) onc::ONC_SOURCE_USER_POLICY, 4925d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) _)); 4935d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 4945d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ASSERT_TRUE(certificate_importer_owned_); 4955d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) updater->SetCertificateImporterForTest(certificate_importer_owned_.Pass()); 4965d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 4975d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 498424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)class NetworkConfigurationUpdaterTestWithParam 499424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) : public NetworkConfigurationUpdaterTest, 500424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) public testing::WithParamInterface<const char*> { 501424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) protected: 502424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // Returns the currently tested ONC source. 503424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) onc::ONCSource CurrentONCSource() { 504424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) if (GetParam() == key::kOpenNetworkConfiguration) 505424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) return onc::ONC_SOURCE_USER_POLICY; 506424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) DCHECK(GetParam() == key::kDeviceOpenNetworkConfiguration); 507424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) return onc::ONC_SOURCE_DEVICE_POLICY; 508424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 509424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 510424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // Returns the expected username hash to push policies to 511424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // ManagedNetworkConfigurationHandler. 512424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) std::string ExpectedUsernameHash() { 513424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) if (GetParam() == key::kOpenNetworkConfiguration) 514424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) return kFakeUsernameHash; 515424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) return std::string(); 516424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 517424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 5185d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) size_t ExpectedImportCertificatesCallCount() { 5195d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) if (GetParam() == key::kOpenNetworkConfiguration) 5205d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return 1u; 5215d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) return 0u; 5225d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) } 5235d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 524424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) void CreateNetworkConfigurationUpdater() { 525424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) if (GetParam() == key::kOpenNetworkConfiguration) { 526424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) CreateNetworkConfigurationUpdaterForUserPolicy( 5275d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) false /* do not allow trusted certs from policy */, 5285d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) true /* set certificate importer */); 529424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } else { 530424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) CreateNetworkConfigurationUpdaterForDevicePolicy(); 531424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 532424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 533424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)}; 534424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 535424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)TEST_P(NetworkConfigurationUpdaterTestWithParam, InitialUpdates) { 536424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) PolicyMap policy; 537424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, 538424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) new base::StringValue(kFakeONC), NULL); 539424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) UpdateProviderPolicy(policy); 540424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 541424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(network_config_handler_, 542424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) SetPolicy(CurrentONCSource(), 543424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) ExpectedUsernameHash(), 5448bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) IsEqualTo(&fake_network_configs_), 5458bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) IsEqualTo(&fake_global_network_config_))); 546424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(*certificate_importer_, 5475d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ImportCertificates(IsEqualTo(&fake_certificates_), 5485d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) CurrentONCSource(), 5495d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) _)) 5505d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) .Times(ExpectedImportCertificatesCallCount()); 551424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 552424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) CreateNetworkConfigurationUpdater(); 5535d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) MarkPolicyProviderInitialized(); 554424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} 555424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 5565d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)TEST_P(NetworkConfigurationUpdaterTestWithParam, 5575d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) PolicyNotSetBeforePolicyProviderInitialized) { 5585d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) PolicyMap policy; 5595d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, 5605d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) new base::StringValue(kFakeONC), NULL); 5615d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) UpdateProviderPolicy(policy); 5625d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 5635d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) EXPECT_CALL(network_config_handler_, 5645d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) SetPolicy(CurrentONCSource(), 5655d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ExpectedUsernameHash(), 5665d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) IsEqualTo(&fake_network_configs_), 5675d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) IsEqualTo(&fake_global_network_config_))) 5685d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) .Times(0); 5695d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) EXPECT_CALL(*certificate_importer_, 5705d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ImportCertificates(IsEqualTo(&fake_certificates_), 5715d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) CurrentONCSource(), 5725d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) _)) 5735d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) .Times(0); 5745d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 5755d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) CreateNetworkConfigurationUpdater(); 5765d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 5775d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) Mock::VerifyAndClearExpectations(&network_config_handler_); 5785d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) Mock::VerifyAndClearExpectations(certificate_importer_); 5795d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 5805d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) EXPECT_CALL(network_config_handler_, 5815d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) SetPolicy(CurrentONCSource(), 5825d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ExpectedUsernameHash(), 5835d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) IsEqualTo(&fake_network_configs_), 5845d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) IsEqualTo(&fake_global_network_config_))); 5855d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) EXPECT_CALL(*certificate_importer_, 5865d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ImportCertificates(IsEqualTo(&fake_certificates_), 5875d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) CurrentONCSource(), 5885d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) _)) 5895d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) .Times(ExpectedImportCertificatesCallCount()); 5905d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 5915d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) MarkPolicyProviderInitialized(); 5925d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 5935d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 5945d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)TEST_P(NetworkConfigurationUpdaterTestWithParam, 5955d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) PolicyAppliedImmediatelyIfProvidersInitialized) { 5965d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) MarkPolicyProviderInitialized(); 5975d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 5985d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) PolicyMap policy; 5995d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, 6005d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) new base::StringValue(kFakeONC), NULL); 6015d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) UpdateProviderPolicy(policy); 6025d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 6035d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) EXPECT_CALL(network_config_handler_, 6045d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) SetPolicy(CurrentONCSource(), 6055d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ExpectedUsernameHash(), 6065d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) IsEqualTo(&fake_network_configs_), 6075d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) IsEqualTo(&fake_global_network_config_))); 6085d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) EXPECT_CALL(*certificate_importer_, 6095d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ImportCertificates(IsEqualTo(&fake_certificates_), 6105d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) CurrentONCSource(), 6115d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) _)) 6125d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) .Times(ExpectedImportCertificatesCallCount()); 6135d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 6145d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) CreateNetworkConfigurationUpdater(); 6155d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles)} 616424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 617424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)TEST_P(NetworkConfigurationUpdaterTestWithParam, PolicyChange) { 618424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // Ignore the initial updates. 6198bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)).Times(AtLeast(1)); 620424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(*certificate_importer_, ImportCertificates(_, _, _)) 6215d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) .Times(AtLeast(ExpectedImportCertificatesCallCount())); 6225d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 623424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) CreateNetworkConfigurationUpdater(); 6245d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) MarkPolicyProviderInitialized(); 6255d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 626424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) Mock::VerifyAndClearExpectations(&network_config_handler_); 627424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) Mock::VerifyAndClearExpectations(certificate_importer_); 628424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 629424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // The Updater should update if policy changes. 6308bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) EXPECT_CALL(network_config_handler_, 6318bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) SetPolicy(CurrentONCSource(), 6328bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) _, 6338bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) IsEqualTo(&fake_network_configs_), 6348bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) IsEqualTo(&fake_global_network_config_))); 635424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(*certificate_importer_, 6365d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ImportCertificates(IsEqualTo(&fake_certificates_), 6375d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) CurrentONCSource(), 6385d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) _)) 6395d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) .Times(ExpectedImportCertificatesCallCount()); 640424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 641424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) PolicyMap policy; 642424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, 643424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) new base::StringValue(kFakeONC), NULL); 644424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) UpdateProviderPolicy(policy); 645424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) Mock::VerifyAndClearExpectations(&network_config_handler_); 646424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) Mock::VerifyAndClearExpectations(certificate_importer_); 647424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 648424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // Another update is expected if the policy goes away. 6498bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) EXPECT_CALL(network_config_handler_, 6508bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) SetPolicy(CurrentONCSource(), _, IsEmpty(), IsEmpty())); 651424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(*certificate_importer_, 6525d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) ImportCertificates(IsEmpty(), CurrentONCSource(), _)) 6535d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) .Times(ExpectedImportCertificatesCallCount()); 654424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 655424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) policy.Erase(GetParam()); 656424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) UpdateProviderPolicy(policy); 657424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} 658424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 659424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)INSTANTIATE_TEST_CASE_P(NetworkConfigurationUpdaterTestWithParamInstance, 660424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) NetworkConfigurationUpdaterTestWithParam, 661424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) testing::Values(key::kDeviceOpenNetworkConfiguration, 662424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) key::kOpenNetworkConfiguration)); 663424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 664424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} // namespace policy 665