132ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone# Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
232ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone# Use of this source code is governed by a BSD-style license that can be
332ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone# found in the LICENSE file.
432ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone
564170f8e7053f92f4bbad501c61a352fdabf6d82Chris Masoneimport logging, os, tempfile
664170f8e7053f92f4bbad501c61a352fdabf6d82Chris Masonefrom dbus.mainloop.glib import DBusGMainLoop
732ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone
8d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masonefrom autotest_lib.client.bin import test, utils
932ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masonefrom autotest_lib.client.common_lib import autotemp, error
105d010aa50a0694d498e8317fd8044e56474ce7edChris Masonefrom autotest_lib.client.common_lib.cros import policy, session_manager
11d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masonefrom autotest_lib.client.cros import cros_ui, cryptohome, ownership
1232ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone
1332ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone
14d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masoneclass login_OwnershipApi(test.test):
154dbb67c9f8fbb9d31cffa910feda5186c4c1994aChris Masone    """Tests to ensure that the Ownership API works for a local device owner.
164dbb67c9f8fbb9d31cffa910feda5186c4c1994aChris Masone    """
1732ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone    version = 1
1832ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone
1932ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone    _tempdir = None
2032ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone
21bbd576fc1975e33aa89e67b412d5be8fe36bd683Chris Masone    def setup(self):
22bbd576fc1975e33aa89e67b412d5be8fe36bd683Chris Masone        os.chdir(self.srcdir)
23bbd576fc1975e33aa89e67b412d5be8fe36bd683Chris Masone        utils.make('OUT_DIR=.')
24bbd576fc1975e33aa89e67b412d5be8fe36bd683Chris Masone
25bbd576fc1975e33aa89e67b412d5be8fe36bd683Chris Masone
26bbd576fc1975e33aa89e67b412d5be8fe36bd683Chris Masone    def initialize(self):
27eac4f4f0839c57d84d5c042deed64cf6d2189d26Chris Masone        super(login_OwnershipApi, self).initialize()
2864170f8e7053f92f4bbad501c61a352fdabf6d82Chris Masone        self._bus_loop = DBusGMainLoop(set_as_default=True)
2964170f8e7053f92f4bbad501c61a352fdabf6d82Chris Masone        self._cryptohome_proxy = cryptohome.CryptohomeProxy(self._bus_loop)
3064170f8e7053f92f4bbad501c61a352fdabf6d82Chris Masone
31a2b32851e8716f188dde273c73f4c76058bbd289Chris Masone        # Clear existing ownership and inject known keys.
3214b746590380faa30a2119b3be1d5fcf2d953f11Chris Masone        cros_ui.stop()
33a2b32851e8716f188dde273c73f4c76058bbd289Chris Masone        ownership.clear_ownership_files_no_restart()
344dbb67c9f8fbb9d31cffa910feda5186c4c1994aChris Masone
35d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone        # Make device already owned by ownership.TESTUSER.
3664170f8e7053f92f4bbad501c61a352fdabf6d82Chris Masone        self._cryptohome_proxy.mount(ownership.TESTUSER,
3764170f8e7053f92f4bbad501c61a352fdabf6d82Chris Masone                                     ownership.TESTPASS,
3864170f8e7053f92f4bbad501c61a352fdabf6d82Chris Masone                                     create=True)
39d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone        ownership.use_known_ownerkeys(ownership.TESTUSER)
404dbb67c9f8fbb9d31cffa910feda5186c4c1994aChris Masone
4114b746590380faa30a2119b3be1d5fcf2d953f11Chris Masone        self._tempdir = autotemp.tempdir(unique_id=self.__class__.__name__)
4214b746590380faa30a2119b3be1d5fcf2d953f11Chris Masone        cros_ui.start()
4314b746590380faa30a2119b3be1d5fcf2d953f11Chris Masone
4432ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone
45d5d577a535556c6911ef4ba0f76e148036c7f060Chris Masone    def __generate_temp_filename(self, dir):
46d5d577a535556c6911ef4ba0f76e148036c7f060Chris Masone        """Generate a guaranteed-unique filename in dir."""
47d5d577a535556c6911ef4ba0f76e148036c7f060Chris Masone        just_for_name = tempfile.NamedTemporaryFile(dir=dir, delete=True)
4832ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone        basename = just_for_name.name
4932ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone        just_for_name.close()  # deletes file.
5032ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone        return basename
5132ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone
5232ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone
5332ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone    def run_once(self):
54105706efb7ebc97575dafd7a92bb815f79d8bb47Chris Masone        pkey = ownership.known_privkey()
55105706efb7ebc97575dafd7a92bb815f79d8bb47Chris Masone        pubkey = ownership.known_pubkey()
5664170f8e7053f92f4bbad501c61a352fdabf6d82Chris Masone        sm = session_manager.connect(self._bus_loop)
57d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone        if not sm.StartSession(ownership.TESTUSER, ''):
58eac4f4f0839c57d84d5c042deed64cf6d2189d26Chris Masone            raise error.TestFail('Could not start session for owner')
5914b746590380faa30a2119b3be1d5fcf2d953f11Chris Masone
60d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone        poldata = policy.build_policy_data(self.srcdir,
61d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                           owner=ownership.TESTUSER,
62d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                           guests=False,
63d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                           new_users=True,
64d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                           roaming=True,
65d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                           whitelist=(ownership.TESTUSER,
66d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                                      'a@b.c'),
67d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                           proxies={ 'proxy_mode': 'direct' })
68d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone
69d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone        policy_string = policy.generate_policy(self.srcdir,
70d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                               pkey,
71d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                               pubkey,
72d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                               poldata)
73d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone        policy.push_policy_and_verify(policy_string, sm)
74d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone        retrieved_policy = policy.get_policy(sm)
75105706efb7ebc97575dafd7a92bb815f79d8bb47Chris Masone        if retrieved_policy is None: raise error.TestFail('Policy not found')
76d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone        policy.compare_policy_response(self.srcdir,
77d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                       retrieved_policy,
78d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                       owner=ownership.TESTUSER,
79d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                       guests=False,
80d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                       new_users=True,
81d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                       roaming=True,
82d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                       whitelist=(ownership.TESTUSER, 'a@b.c'),
83d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                       proxies={ 'proxy_mode': 'direct' })
84105706efb7ebc97575dafd7a92bb815f79d8bb47Chris Masone        try:
85105706efb7ebc97575dafd7a92bb815f79d8bb47Chris Masone            # Sanity check against an incorrect policy
86d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone            policy.compare_policy_response(self.srcdir,
87d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                           retrieved_policy,
88d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                           owner=ownership.TESTUSER,
89d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                           guests=True,
90d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                           whitelist=(ownership.TESTUSER,
91d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                                      'a@b.c'),
92d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone                                           proxies={ 'proxy_mode': 'direct' })
93105706efb7ebc97575dafd7a92bb815f79d8bb47Chris Masone        except ownership.OwnershipError:
94105706efb7ebc97575dafd7a92bb815f79d8bb47Chris Masone            pass
95105706efb7ebc97575dafd7a92bb815f79d8bb47Chris Masone        else:
96105706efb7ebc97575dafd7a92bb815f79d8bb47Chris Masone            raise error.TestFail('Did not detect bad policy')
97d51ac9cdab93aee5b408dde4543a00d9913f740fDavid James
9867f77a12725f81b88235a9d865bd4b8322fb83c7Chris Masone        try:
99d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone            sm.StopSession('')
10067f77a12725f81b88235a9d865bd4b8322fb83c7Chris Masone        except error.TestError as e:
10167f77a12725f81b88235a9d865bd4b8322fb83c7Chris Masone            logging.error(str(e))
10267f77a12725f81b88235a9d865bd4b8322fb83c7Chris Masone            raise error.TestFail('Could not stop session for owner')
10332ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone
10432ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone
10532ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone    def cleanup(self):
106eac4f4f0839c57d84d5c042deed64cf6d2189d26Chris Masone        if self._tempdir: self._tempdir.clean()
1079fef4639415a0481373e073f40b7c32ed93a99b5Chris Masone        # Best effort to bounce the UI, which may be up or down.
1089fef4639415a0481373e073f40b7c32ed93a99b5Chris Masone        cros_ui.stop(allow_fail=True)
1099fef4639415a0481373e073f40b7c32ed93a99b5Chris Masone        self._cryptohome_proxy.remove(ownership.TESTUSER)
1109fef4639415a0481373e073f40b7c32ed93a99b5Chris Masone        cros_ui.start(allow_fail=True, wait_for_login_prompt=False)
11132ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone        super(login_OwnershipApi, self).cleanup()
112