Google Git
Sign in
chromium / chromium / f827aa4078adda4e5dbfa6b6ffc964487dd50103 / . / chrome / test / functional / chromeos_device_policy.py
blob: b801d656f9adc2e094696fd2f391966eca9713e0 [file] [log] [blame]
# Copyright (c) 2012 The Chromium Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
import pyauto_functional # Must come before pyauto (and thus, policy_base).
import policy_base
class ChromeosDevicePolicy(policy_base.PolicyTestBase):
"""Tests various ChromeOS device policies."""
# Cache user credentials for easy lookup.
private_info = policy_base.PolicyTestBase.GetPrivateInfo()
credentials = (private_info['prod_enterprise_test_user'],
private_info['prod_enterprise_executive_user'],
private_info['prod_enterprise_sales_user'])
_usernames = [credential['username'] for credential in credentials]
_passwords = [credential['password'] for credential in credentials]
def LoginAsGuest(self):
self.assertFalse(self.GetLoginInfo()['is_logged_in'],
msg='Expected to be logged out.')
policy_base.PolicyTestBase.LoginAsGuest(self)
self.assertTrue(self.GetLoginInfo()['is_logged_in'],
msg='Expected to be logged in.')
def _Login(self, user_index, expect_success):
self.assertFalse(self.GetLoginInfo()['is_logged_in'],
msg='Expected to be logged out.')
policy_base.PolicyTestBase.Login(self,
self._usernames[user_index],
self._passwords[user_index])
if expect_success:
self.assertTrue(self.GetLoginInfo()['is_logged_in'],
msg='Expected to be logged in.')
else:
self.assertFalse(self.GetLoginInfo()['is_logged_in'],
msg='Expected to not be logged in.')
def _CheckGuestModeAvailableInLoginWindow(self):
return self.ExecuteJavascriptInOOBEWebUI(
"""window.domAutomationController.send(
!document.getElementById('guestSignin').hidden);
""")
def _CheckGuestModeAvailableInAccountPicker(self):
return self.ExecuteJavascriptInOOBEWebUI(
"""window.domAutomationController.send(
!!document.getElementById('pod-row').getPodWithUsername_(''));
""")
def _CheckPodVisible(self, username):
javascript = """
var pod = document.getElementById('pod-row').getPodWithUsername_('%s');
window.domAutomationController.send(!!pod && !pod.hidden);
"""
return self.ExecuteJavascriptInOOBEWebUI(javascript % username)
def _WaitForPodVisibility(self, username, visible):
self.assertTrue(
self.WaitUntil(function=lambda: self._CheckPodVisible(username),
expect_retval=visible),
msg='Expected pod for user %s to %s be visible.' %
(username, '' if visible else 'not'))
def testGuestModeEnabled(self):
"""Checks that guest mode login can be enabled/disabled."""
self.SetDevicePolicy({'guest_mode_enabled': True})
self.assertTrue(self._CheckGuestModeAvailableInLoginWindow(),
msg='Expected guest mode to be available.')
self.LoginAsGuest()
self.Logout()
self.SetDevicePolicy({'guest_mode_enabled': False})
self.assertFalse(self._CheckGuestModeAvailableInLoginWindow(),
msg='Expected guest mode to not be available.')
# Log in as a regular so that the pod row contains at least one pod and the
# account picker is shown.
self._Login(user_index=0, expect_success=True)
self.Logout()
self.SetDevicePolicy({'guest_mode_enabled': True})
self.assertTrue(self._CheckGuestModeAvailableInAccountPicker(),
msg='Expected guest mode to be available.')
self.LoginAsGuest()
self.Logout()
self.SetDevicePolicy({'guest_mode_enabled': False})
self.assertFalse(self._CheckGuestModeAvailableInAccountPicker(),
msg='Expected guest mode to not be available.')
def testShowUserNamesOnSignin(self):
"""Checks that the account picker can be enabled/disabled."""
# Log in as a regular user so that the pod row contains at least one pod and
# the account picker can be shown.
self._Login(user_index=0, expect_success=True)
self.Logout()
self.SetDevicePolicy({'show_user_names': False})
self._WaitForLoginScreenId('gaia-signin')
self.SetDevicePolicy({'show_user_names': True})
self._WaitForLoginScreenId('account-picker')
def testUserWhitelistAndAllowNewUsers(self):
"""Checks that login can be (dis)allowed by whitelist and allow-new-users.
The test verifies that these two interrelated policies behave as documented
in the chrome/browser/policy/proto/chrome_device_policy.proto file. Cases
for which the current behavior is marked as "broken" are intentionally
ommitted since the broken behavior should be fixed rather than protected by
tests.
"""
# No whitelist
self.SetDevicePolicy({'allow_new_users': True})
self._Login(user_index=0, expect_success=True)
self.Logout()
# Empty whitelist
self.SetDevicePolicy({'user_whitelist': []})
self._Login(user_index=0, expect_success=True)
self.Logout()
self.SetDevicePolicy({'allow_new_users': True,
'user_whitelist': []})
self._Login(user_index=0, expect_success=True)
self.Logout()
# Populated whitelist
self.SetDevicePolicy({'user_whitelist': [self._usernames[0]]})
self._Login(user_index=0, expect_success=True)
self.Logout()
self._Login(user_index=1, expect_success=False)
self.SetDevicePolicy({'allow_new_users': True,
'user_whitelist': [self._usernames[0]]})
self._Login(user_index=0, expect_success=True)
self.Logout()
self._Login(user_index=1, expect_success=True)
self.Logout()
# New users not allowed, populated whitelist
self.SetDevicePolicy({'allow_new_users': False,
'user_whitelist': [self._usernames[0]]})
self._Login(user_index=0, expect_success=True)
self.Logout()
self._Login(user_index=1, expect_success=False)
def testUserWhitelistInAccountPicker(self):
"""Checks that setting a whitelist removes non-whitelisted user pods."""
# Disable the account picker so that the login form is shown and the Login()
# automation call can be used.
self.PrepareToWaitForLoginFormReload()
self.SetDevicePolicy({'show_user_names': False})
self.WaitForLoginFormReload()
# Log in to populate the list of existing users.
self._Login(user_index=0, expect_success=True)
self.Logout()
self._Login(user_index=1, expect_success=True)
self.Logout()
# Enable the account picker.
self.SetDevicePolicy({'show_user_names': True})
self._WaitForLoginScreenId('account-picker')
# Check pod visibility with and without a whitelist.
self._WaitForPodVisibility(username=self._usernames[0], visible=True)
self._WaitForPodVisibility(username=self._usernames[1], visible=True)
self.SetDevicePolicy({'show_user_names': True,
'user_whitelist': [self._usernames[1]]})
self._WaitForPodVisibility(username=self._usernames[0], visible=False)
self._WaitForPodVisibility(username=self._usernames[1], visible=True)
self.SetDevicePolicy({'show_user_names': True})
self._WaitForPodVisibility(username=self._usernames[0], visible=True)
self._WaitForPodVisibility(username=self._usernames[1], visible=True)
_timezones = ['America/Barbados', 'Europe/Helsinki']
def testTimezoneSettingWithoutPolicy(self):
"""Without timezone policy, timezone changes by user are persistent."""
self.SetDevicePolicy(refresh=False)
for timezone in self._timezones:
self._Login(user_index=1, expect_success=True)
self.SetTimezone(timezone)
self.assertEqual(timezone, self.GetTimeInfo()['timezone'])
self.Logout()
self.assertEqual(timezone, self.GetTimeInfo()['timezone'])
def testTimezoneSettingWithPolicy(self):
"""With timezone policy, timezone changes by user are reset on logout."""
self.SetDevicePolicy({'timezone': self._timezones[0]}, refresh=True)
# Timezones are set on startup, i.e. everytime when loading the login
# screen. Something like a browser restart may work, too.
self._Login(user_index=1, expect_success=True)
self.Logout()
self.assertEqual(self._timezones[0], self.GetTimeInfo()['timezone'])
self._Login(user_index=1, expect_success=True)
self.SetTimezone(self._timezones[1])
self.assertEqual(self._timezones[1], self.GetTimeInfo()['timezone'])
self.Logout()
self.assertEqual(self._timezones[0], self.GetTimeInfo()['timezone'])
if __name__ == '__main__':
pyauto_functional.Main()