network_configuration_updater_unittest.cc revision f2477e01787aa58f445919b809d89e252beef54f
1424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)// Copyright 2013 The Chromium Authors. All rights reserved. 2424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 3424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)// found in the LICENSE file. 4424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 5f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "base/bind.h" 6f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "base/bind_helpers.h" 7424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "base/callback.h" 8424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "base/files/file_path.h" 9424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "base/memory/scoped_ptr.h" 10424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "base/run_loop.h" 11424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "base/values.h" 12424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "chrome/browser/chromeos/login/user.h" 13424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "chrome/browser/chromeos/policy/user_network_configuration_updater.h" 14424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "chrome/browser/policy/mock_configuration_policy_provider.h" 15424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "chrome/browser/policy/policy_service_impl.h" 16424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "chromeos/network/mock_managed_network_configuration_handler.h" 17424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "chromeos/network/onc/mock_certificate_importer.h" 18424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "chromeos/network/onc/onc_test_utils.h" 19424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "chromeos/network/onc/onc_utils.h" 204e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles)#include "components/onc/onc_constants.h" 21f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "components/policy/core/common/external_data_fetcher.h" 22f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)#include "components/policy/core/common/policy_map.h" 23424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "content/public/test/test_browser_thread_bundle.h" 24424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "content/public/test/test_utils.h" 25424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "net/base/test_data_directory.h" 26424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "net/cert/x509_certificate.h" 27424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "net/test/cert_test_util.h" 28424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "policy/policy_constants.h" 29424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "testing/gmock/include/gmock/gmock.h" 30424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)#include "testing/gtest/include/gtest/gtest.h" 31424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 32424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)using testing::AnyNumber; 33424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)using testing::AtLeast; 34424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)using testing::Mock; 35424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)using testing::Ne; 36424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)using testing::Return; 37424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)using testing::StrictMock; 38424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)using testing::_; 39424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 40424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)namespace policy { 41424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 42424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)namespace { 43424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 44424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)const char kFakeUserEmail[] = "fake email"; 45424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)const char kFakeUsernameHash[] = "fake hash"; 46424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 47424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)class FakeUser : public chromeos::User { 48424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) public: 49424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) FakeUser() : User(kFakeUserEmail) { 50424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) set_display_email(kFakeUserEmail); 51424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) set_username_hash(kFakeUsernameHash); 52424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 53424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) virtual ~FakeUser() {} 54424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 55424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // User overrides 56424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) virtual UserType GetType() const OVERRIDE { 57424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) return USER_TYPE_REGULAR; 58424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 59424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 60424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) private: 61424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(FakeUser); 62424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)}; 63424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 64f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)class FakeWebTrustedCertsObserver 65f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) : public UserNetworkConfigurationUpdater::WebTrustedCertsObserver { 66f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) public: 67f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) virtual void OnTrustAnchorsChanged( 68f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) const net::CertificateList& trust_anchors) OVERRIDE { 69f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) trust_anchors_ = trust_anchors; 70f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) } 71f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) net::CertificateList trust_anchors_; 72f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)}; 73f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 74424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)const char kFakeONC[] = 75424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) "{ \"NetworkConfigurations\": [" 76424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " { \"GUID\": \"{485d6076-dd44-6b6d-69787465725f5040}\"," 77424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " \"Type\": \"WiFi\"," 78424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " \"Name\": \"My WiFi Network\"," 79424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " \"WiFi\": {" 80424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " \"SSID\": \"ssid-none\"," 81424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " \"Security\": \"None\" }" 82424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " }" 83424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " ]," 848bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) " \"GlobalNetworkConfiguration\": {" 858bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) " \"AllowOnlyPolicyNetworksToAutoconnect\": true," 868bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) " }," 87424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " \"Certificates\": [" 88424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " { \"GUID\": \"{f998f760-272b-6939-4c2beffe428697ac}\"," 89424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " \"PKCS12\": \"abc\"," 90424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " \"Type\": \"Client\" }" 91424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " ]," 92424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) " \"Type\": \"UnencryptedConfiguration\"" 93424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) "}"; 94424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 958bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)std::string ValueToString(const base::Value& value) { 96424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) std::stringstream str; 978bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) str << value; 98424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) return str.str(); 99424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} 100424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 1018bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)void AppendAll(const base::ListValue& from, base::ListValue* to) { 1028bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) for (base::ListValue::const_iterator it = from.begin(); it != from.end(); 1038bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) ++it) { 1048bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) to->Append((*it)->DeepCopy()); 1058bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) } 1068bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)} 1078bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 108424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)// Matcher to match base::Value. 109424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)MATCHER_P(IsEqualTo, 110424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) value, 111424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) std::string(negation ? "isn't" : "is") + " equal to " + 1128bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) ValueToString(*value)) { 113424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) return value->Equals(&arg); 114424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} 115424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 1168bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)MATCHER(IsEmpty, std::string(negation ? "isn't" : "is") + " empty.") { 1178bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) return arg.empty(); 1188bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles)} 1198bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 120424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)ACTION_P(SetCertificateList, list) { 121424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) if (arg2) 122424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) *arg2 = list; 123424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) return true; 124424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} 125424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 126424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} // namespace 127424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 128424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)class NetworkConfigurationUpdaterTest : public testing::Test { 129424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) protected: 130424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) NetworkConfigurationUpdaterTest() { 131424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 132424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 133424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) virtual void SetUp() OVERRIDE { 134424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(provider_, IsInitializationComplete(_)) 135424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) .WillRepeatedly(Return(true)); 136424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) provider_.Init(); 137424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) PolicyServiceImpl::Providers providers; 138424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) providers.push_back(&provider_); 139f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) policy_service_.reset(new PolicyServiceImpl( 140f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) providers, PolicyServiceImpl::PreprocessCallback())); 141424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 142424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) scoped_ptr<base::DictionaryValue> fake_toplevel_onc = 1434e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles) chromeos::onc::ReadDictionaryFromJson(kFakeONC); 144424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 145424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) base::ListValue* network_configs = NULL; 1468bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) fake_toplevel_onc->GetListWithoutPathExpansion( 1478bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) onc::toplevel_config::kNetworkConfigurations, &network_configs); 1488bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) AppendAll(*network_configs, &fake_network_configs_); 1498bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 1508bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) base::DictionaryValue* global_config = NULL; 1518bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) fake_toplevel_onc->GetDictionaryWithoutPathExpansion( 1528bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) onc::toplevel_config::kGlobalNetworkConfiguration, &global_config); 1538bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) fake_global_network_config_.MergeDictionary(global_config); 154424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 155424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) base::ListValue* certs = NULL; 1568bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) fake_toplevel_onc->GetListWithoutPathExpansion( 1578bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) onc::toplevel_config::kCertificates, &certs); 1588bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) AppendAll(*certs, &fake_certificates_); 159424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 1604e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles) certificate_importer_ = 1614e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles) new StrictMock<chromeos::onc::MockCertificateImporter>(); 162424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) certificate_importer_owned_.reset(certificate_importer_); 163424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 164424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 165424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) virtual void TearDown() OVERRIDE { 166424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) network_configuration_updater_.reset(); 167424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) provider_.Shutdown(); 168424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) base::RunLoop().RunUntilIdle(); 169424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 170424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 171424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) void UpdateProviderPolicy(const PolicyMap& policy) { 172424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) provider_.UpdateChromePolicy(policy); 173424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) base::RunLoop().RunUntilIdle(); 174424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 175424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 176424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) UserNetworkConfigurationUpdater* 177424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) CreateNetworkConfigurationUpdaterForUserPolicy( 178424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) bool allow_trusted_certs_from_policy) { 179424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) UserNetworkConfigurationUpdater* updater = 180424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) UserNetworkConfigurationUpdater::CreateForUserPolicy( 181424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) allow_trusted_certs_from_policy, 182424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) fake_user_, 183424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) certificate_importer_owned_.Pass(), 184424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) policy_service_.get(), 185424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) &network_config_handler_).release(); 186424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) network_configuration_updater_.reset(updater); 187424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) return updater; 188424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 189424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 190424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) void CreateNetworkConfigurationUpdaterForDevicePolicy() { 191424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) network_configuration_updater_ = 192424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) NetworkConfigurationUpdater::CreateForDevicePolicy( 193424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) certificate_importer_owned_.Pass(), 194424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) policy_service_.get(), 195424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) &network_config_handler_); 196424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 197424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 1988bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) base::ListValue fake_network_configs_; 1998bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) base::DictionaryValue fake_global_network_config_; 2008bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) base::ListValue fake_certificates_; 201424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) StrictMock<chromeos::MockManagedNetworkConfigurationHandler> 202424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) network_config_handler_; 203424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 204424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // Ownership of certificate_importer_owned_ is passed to the 205424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // NetworkConfigurationUpdater. When that happens, |certificate_importer_| 206424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // continues to point to that instance but |certificate_importer_owned_| is 207424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // released. 2084e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles) StrictMock<chromeos::onc::MockCertificateImporter>* certificate_importer_; 2094e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles) scoped_ptr<chromeos::onc::CertificateImporter> certificate_importer_owned_; 210424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 211424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) StrictMock<MockConfigurationPolicyProvider> provider_; 212424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) scoped_ptr<PolicyServiceImpl> policy_service_; 213424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) FakeUser fake_user_; 214424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 215424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) scoped_ptr<NetworkConfigurationUpdater> network_configuration_updater_; 216424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) content::TestBrowserThreadBundle thread_bundle_; 217424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)}; 218424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 219424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)TEST_F(NetworkConfigurationUpdaterTest, PolicyIsValidatedAndRepaired) { 220424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) scoped_ptr<base::DictionaryValue> onc_repaired = 2214e180b6a0b4720a9b8e9e959a882386f690f08ffTorne (Richard Coles) chromeos::onc::test_utils::ReadTestDictionary( 222424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) "repaired_toplevel_partially_invalid.onc"); 223424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 224424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) base::ListValue* network_configs_repaired = NULL; 225424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) onc_repaired->GetListWithoutPathExpansion( 226424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) onc::toplevel_config::kNetworkConfigurations, &network_configs_repaired); 227424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) ASSERT_TRUE(network_configs_repaired); 228424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 2298bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) base::DictionaryValue* global_config_repaired = NULL; 2308bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) onc_repaired->GetDictionaryWithoutPathExpansion( 2318bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) onc::toplevel_config::kGlobalNetworkConfiguration, 2328bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) &global_config_repaired); 2338bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) ASSERT_TRUE(global_config_repaired); 2348bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) 235f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) std::string onc_policy = 236f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) chromeos::onc::test_utils::ReadTestData("toplevel_partially_invalid.onc"); 237424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) PolicyMap policy; 238424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) policy.Set(key::kOpenNetworkConfiguration, 239424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) POLICY_LEVEL_MANDATORY, 240424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) POLICY_SCOPE_USER, 241424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) new base::StringValue(onc_policy), 242424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) NULL); 243424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) UpdateProviderPolicy(policy); 244424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 2458bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) EXPECT_CALL(network_config_handler_, 2468bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) SetPolicy(onc::ONC_SOURCE_USER_POLICY, 2478bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) _, 2488bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) IsEqualTo(network_configs_repaired), 2498bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) IsEqualTo(global_config_repaired))); 250424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(*certificate_importer_, 251424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) ImportCertificates(_, onc::ONC_SOURCE_USER_POLICY, _)); 252424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 253424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) CreateNetworkConfigurationUpdaterForUserPolicy( 254424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) false /* do not allow trusted certs from policy */ ); 255424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} 256424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 257424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)TEST_F(NetworkConfigurationUpdaterTest, 258424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) DoNotAllowTrustedCertificatesFromPolicy) { 259424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) net::CertificateList cert_list; 260424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) cert_list = 261424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), 262424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) "ok_cert.pem", 263424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) net::X509Certificate::FORMAT_AUTO); 264424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) ASSERT_EQ(1u, cert_list.size()); 265424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 266424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(network_config_handler_, 2678bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) SetPolicy(onc::ONC_SOURCE_USER_POLICY, _, _, _)); 268424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(*certificate_importer_, ImportCertificates(_, _, _)) 269424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) .WillRepeatedly(SetCertificateList(cert_list)); 270424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 271424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) UserNetworkConfigurationUpdater* updater = 272424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) CreateNetworkConfigurationUpdaterForUserPolicy( 273424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) false /* do not allow trusted certs from policy */); 274424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 275f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Certificates with the "Web" trust flag set should not be forwarded to 276f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // observers. 277f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) FakeWebTrustedCertsObserver observer; 278f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) updater->AddTrustedCertsObserver(&observer); 279f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 280424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) base::RunLoop().RunUntilIdle(); 281424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 282f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) net::CertificateList trust_anchors; 283f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) updater->GetWebTrustedCertificates(&trust_anchors); 284f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_TRUE(trust_anchors.empty()); 285f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 286f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_TRUE(observer.trust_anchors_.empty()); 287f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) updater->RemoveTrustedCertsObserver(&observer); 288424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} 289424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 290f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)TEST_F(NetworkConfigurationUpdaterTest, 291f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) AllowTrustedCertificatesFromPolicyInitially) { 292f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Ignore network configuration changes. 293f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)) 294f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) .Times(AnyNumber()); 295f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 296424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) net::CertificateList cert_list; 297424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) cert_list = 298424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), 299424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) "ok_cert.pem", 300424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) net::X509Certificate::FORMAT_AUTO); 301424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) ASSERT_EQ(1u, cert_list.size()); 302424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 303424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(*certificate_importer_, 304424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) ImportCertificates(_, onc::ONC_SOURCE_USER_POLICY, _)) 305424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) .WillRepeatedly(SetCertificateList(cert_list)); 306424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 307424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) UserNetworkConfigurationUpdater* updater = 308424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) CreateNetworkConfigurationUpdaterForUserPolicy( 309424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) true /* allow trusted certs from policy */); 310424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 311424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) base::RunLoop().RunUntilIdle(); 312424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 313f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Certificates with the "Web" trust flag set will be returned. 314f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) net::CertificateList trust_anchors; 315f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) updater->GetWebTrustedCertificates(&trust_anchors); 316f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_EQ(1u, trust_anchors.size()); 317f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)} 318f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 319f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles)TEST_F(NetworkConfigurationUpdaterTest, 320f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) AllowTrustedCertificatesFromPolicyOnUpdate) { 321f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Ignore network configuration changes. 322f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)) 323f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) .Times(AnyNumber()); 324f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 325f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Start with an empty certificate list. 326f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_CALL(*certificate_importer_, 327f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) ImportCertificates(_, onc::ONC_SOURCE_USER_POLICY, _)) 328f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) .WillRepeatedly(SetCertificateList(net::CertificateList())); 329f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 330f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) UserNetworkConfigurationUpdater* updater = 331f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) CreateNetworkConfigurationUpdaterForUserPolicy( 332f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) true /* allow trusted certs from policy */); 333f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 334f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) FakeWebTrustedCertsObserver observer; 335f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) updater->AddTrustedCertsObserver(&observer); 336f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 337f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) base::RunLoop().RunUntilIdle(); 338f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 339f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Verify that the returned certificate list is empty. 340f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) Mock::VerifyAndClearExpectations(certificate_importer_); 341f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) { 342f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) net::CertificateList trust_anchors; 343f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) updater->GetWebTrustedCertificates(&trust_anchors); 344f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_TRUE(trust_anchors.empty()); 345f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) } 346f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_TRUE(observer.trust_anchors_.empty()); 347f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 348f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Now use a non-empty certificate list to test the observer notification. 349f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) net::CertificateList cert_list; 350f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) cert_list = 351f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), 352f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) "ok_cert.pem", 353f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) net::X509Certificate::FORMAT_AUTO); 354f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) ASSERT_EQ(1u, cert_list.size()); 355f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 356f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_CALL(*certificate_importer_, 357f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) ImportCertificates(_, onc::ONC_SOURCE_USER_POLICY, _)) 358f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) .WillOnce(SetCertificateList(cert_list)); 359f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 360f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Change to any non-empty policy, so that updates are triggered. The actual 361f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // content of the policy is irrelevant. 362f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) PolicyMap policy; 363f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) policy.Set(key::kOpenNetworkConfiguration, 364f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) POLICY_LEVEL_MANDATORY, 365f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) POLICY_SCOPE_USER, 366f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) new base::StringValue(kFakeONC), 367f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) NULL); 368f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) UpdateProviderPolicy(policy); 369f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) base::RunLoop().RunUntilIdle(); 370f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 371f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // Certificates with the "Web" trust flag set will be returned and forwarded 372f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // to observers. 373f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) { 374f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) net::CertificateList trust_anchors; 375f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) updater->GetWebTrustedCertificates(&trust_anchors); 376f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_EQ(1u, trust_anchors.size()); 377f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) } 378f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) EXPECT_EQ(1u, observer.trust_anchors_.size()); 379f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) 380f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) updater->RemoveTrustedCertsObserver(&observer); 381424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} 382424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 383424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)class NetworkConfigurationUpdaterTestWithParam 384424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) : public NetworkConfigurationUpdaterTest, 385424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) public testing::WithParamInterface<const char*> { 386424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) protected: 387424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // Returns the currently tested ONC source. 388424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) onc::ONCSource CurrentONCSource() { 389424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) if (GetParam() == key::kOpenNetworkConfiguration) 390424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) return onc::ONC_SOURCE_USER_POLICY; 391424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) DCHECK(GetParam() == key::kDeviceOpenNetworkConfiguration); 392424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) return onc::ONC_SOURCE_DEVICE_POLICY; 393424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 394424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 395424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // Returns the expected username hash to push policies to 396424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // ManagedNetworkConfigurationHandler. 397424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) std::string ExpectedUsernameHash() { 398424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) if (GetParam() == key::kOpenNetworkConfiguration) 399424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) return kFakeUsernameHash; 400424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) return std::string(); 401424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 402424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 403424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) void CreateNetworkConfigurationUpdater() { 404424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) if (GetParam() == key::kOpenNetworkConfiguration) { 405424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) CreateNetworkConfigurationUpdaterForUserPolicy( 406424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) false /* do not allow trusted certs from policy */); 407424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } else { 408424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) CreateNetworkConfigurationUpdaterForDevicePolicy(); 409424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 410424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) } 411424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)}; 412424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 413424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)TEST_P(NetworkConfigurationUpdaterTestWithParam, InitialUpdates) { 414424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) PolicyMap policy; 415424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, 416424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) new base::StringValue(kFakeONC), NULL); 417424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) UpdateProviderPolicy(policy); 418424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 419424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(network_config_handler_, 420424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) SetPolicy(CurrentONCSource(), 421424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) ExpectedUsernameHash(), 4228bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) IsEqualTo(&fake_network_configs_), 4238bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) IsEqualTo(&fake_global_network_config_))); 424424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(*certificate_importer_, 425424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) ImportCertificates( 4268bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) IsEqualTo(&fake_certificates_), CurrentONCSource(), _)); 427424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 428424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) CreateNetworkConfigurationUpdater(); 429424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} 430424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 431424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 432424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)TEST_P(NetworkConfigurationUpdaterTestWithParam, PolicyChange) { 433424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // Ignore the initial updates. 4348bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)).Times(AtLeast(1)); 435424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(*certificate_importer_, ImportCertificates(_, _, _)) 436424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) .Times(AtLeast(1)); 437424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) CreateNetworkConfigurationUpdater(); 438424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) Mock::VerifyAndClearExpectations(&network_config_handler_); 439424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) Mock::VerifyAndClearExpectations(certificate_importer_); 440424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 441424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // The Updater should update if policy changes. 4428bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) EXPECT_CALL(network_config_handler_, 4438bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) SetPolicy(CurrentONCSource(), 4448bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) _, 4458bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) IsEqualTo(&fake_network_configs_), 4468bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) IsEqualTo(&fake_global_network_config_))); 447424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(*certificate_importer_, 448424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) ImportCertificates( 4498bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) IsEqualTo(&fake_certificates_), CurrentONCSource(), _)); 450424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 451424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) PolicyMap policy; 452424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, 453424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) new base::StringValue(kFakeONC), NULL); 454424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) UpdateProviderPolicy(policy); 455424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) Mock::VerifyAndClearExpectations(&network_config_handler_); 456424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) Mock::VerifyAndClearExpectations(certificate_importer_); 457424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 458424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) // Another update is expected if the policy goes away. 4598bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) EXPECT_CALL(network_config_handler_, 4608bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) SetPolicy(CurrentONCSource(), _, IsEmpty(), IsEmpty())); 461424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) EXPECT_CALL(*certificate_importer_, 4628bcbed890bc3ce4d7a057a8f32cab53fa534672eTorne (Richard Coles) ImportCertificates(IsEmpty(), CurrentONCSource(), _)); 463424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 464424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) policy.Erase(GetParam()); 465424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) UpdateProviderPolicy(policy); 466424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} 467424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 468424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)INSTANTIATE_TEST_CASE_P(NetworkConfigurationUpdaterTestWithParamInstance, 469424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) NetworkConfigurationUpdaterTestWithParam, 470424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) testing::Values(key::kDeviceOpenNetworkConfiguration, 471424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) key::kOpenNetworkConfiguration)); 472424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 473424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles)} // namespace policy 474