| // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include <memory> |
| |
| #include "base/bind.h" |
| #include "base/callback.h" |
| #include "base/command_line.h" |
| #include "base/run_loop.h" |
| #include "base/threading/thread_restrictions.h" |
| #include "build/build_config.h" |
| #include "build/chromeos_buildflags.h" |
| #include "chrome/browser/browser_process.h" |
| #include "chrome/browser/chrome_notification_types.h" |
| #include "chrome/browser/invalidation/profile_invalidation_provider_factory.h" |
| #include "chrome/browser/policy/chrome_browser_policy_connector.h" |
| #include "chrome/browser/policy/cloud/cloud_policy_test_utils.h" |
| #include "chrome/browser/policy/profile_policy_connector.h" |
| #include "chrome/browser/profiles/profile.h" |
| #include "chrome/browser/profiles/profile_manager.h" |
| #include "chrome/browser/signin/identity_manager_factory.h" |
| #include "chrome/test/base/chrome_test_utils.h" |
| #include "components/invalidation/impl/fake_invalidation_service.h" |
| #include "components/invalidation/impl/profile_identity_provider.h" |
| #include "components/invalidation/impl/profile_invalidation_provider.h" |
| #include "components/invalidation/public/invalidation.h" |
| #include "components/invalidation/public/invalidation_service.h" |
| #include "components/invalidation/public/invalidation_util.h" |
| #include "components/keyed_service/core/keyed_service.h" |
| #include "components/policy/core/browser/browser_policy_connector.h" |
| #include "components/policy/core/common/cloud/cloud_policy_client.h" |
| #include "components/policy/core/common/cloud/cloud_policy_constants.h" |
| #include "components/policy/core/common/cloud/cloud_policy_refresh_scheduler.h" |
| #include "components/policy/core/common/cloud/mock_cloud_policy_client.h" |
| #include "components/policy/core/common/external_data_fetcher.h" |
| #include "components/policy/core/common/policy_map.h" |
| #include "components/policy/core/common/policy_service.h" |
| #include "components/policy/core/common/policy_switches.h" |
| #include "components/policy/core/common/policy_test_utils.h" |
| #include "components/policy/core/common/policy_types.h" |
| #include "components/policy/policy_constants.h" |
| #include "components/policy/proto/chrome_settings.pb.h" |
| #include "components/policy/proto/cloud_policy.pb.h" |
| #include "components/policy/proto/device_management_backend.pb.h" |
| #include "components/policy/test_support/embedded_policy_test_server.h" |
| #include "components/policy/test_support/policy_storage.h" |
| #include "components/prefs/pref_service.h" |
| #include "components/signin/public/identity_manager/identity_test_environment.h" |
| #include "content/public/browser/notification_service.h" |
| #include "content/public/browser/notification_source.h" |
| #include "content/public/test/browser_test.h" |
| #include "content/public/test/test_utils.h" |
| #include "services/network/public/cpp/shared_url_loader_factory.h" |
| #include "testing/gmock/include/gmock/gmock.h" |
| #include "testing/gtest/include/gtest/gtest.h" |
| #include "url/gurl.h" |
| |
| #if BUILDFLAG(IS_CHROMEOS_ASH) |
| #include "base/files/file_path.h" |
| #include "base/files/file_util.h" |
| #include "base/path_service.h" |
| #include "chrome/browser/ash/policy/core/user_cloud_policy_manager_ash.h" |
| #include "chromeos/cryptohome/cryptohome_parameters.h" |
| #include "chromeos/dbus/constants/dbus_paths.h" // nogncheck |
| #include "chromeos/dbus/userdataauth/userdataauth_client.h" |
| #include "components/account_id/account_id.h" |
| #include "components/user_manager/user_names.h" |
| #else |
| #include "chrome/browser/net/system_network_context_manager.h" |
| #include "chrome/browser/signin/identity_manager_factory.h" |
| #include "components/policy/core/common/cloud/user_cloud_policy_manager.h" |
| #include "components/signin/public/identity_manager/identity_manager.h" |
| #include "components/signin/public/identity_manager/identity_test_utils.h" |
| #endif |
| |
| #if !BUILDFLAG(IS_ANDROID) |
| #include "chrome/browser/ui/browser.h" |
| #endif // !BUILDFLAG(IS_ANDROID) |
| |
| using testing::_; |
| using testing::AnyNumber; |
| using testing::InvokeWithoutArgs; |
| using testing::Mock; |
| using testing::Return; |
| |
| namespace content { |
| class BrowserContext; |
| } |
| |
| namespace em = enterprise_management; |
| |
| namespace policy { |
| |
| namespace { |
| |
| constexpr char kPolicyInvalidationTopic[] = "test_policy_topic"; |
| |
| std::unique_ptr<invalidation::InvalidationService> |
| CreateInvalidationServiceForSenderId(const std::string& fcm_sender_id) { |
| return std::make_unique<invalidation::FakeInvalidationService>(); |
| } |
| |
| std::unique_ptr<KeyedService> BuildFakeProfileInvalidationProvider( |
| content::BrowserContext* context) { |
| Profile* profile = static_cast<Profile*>(context); |
| return std::make_unique<invalidation::ProfileInvalidationProvider>( |
| std::make_unique<invalidation::FakeInvalidationService>(), |
| std::make_unique<invalidation::ProfileIdentityProvider>( |
| IdentityManagerFactory::GetForProfile(profile)), |
| base::BindRepeating(&CreateInvalidationServiceForSenderId)); |
| } |
| |
| const char* GetTestUser() { |
| #if BUILDFLAG(IS_CHROMEOS_ASH) |
| return user_manager::kStubUserEmail; |
| #else |
| return "user@example.com"; |
| #endif |
| } |
| |
| em::CloudPolicySettings GetTestPolicy(const char* homepage) { |
| em::CloudPolicySettings settings; |
| |
| em::BooleanPolicyProto* saving_browser_history_disabled = |
| settings.mutable_savingbrowserhistorydisabled(); |
| saving_browser_history_disabled->mutable_policy_options()->set_mode( |
| em::PolicyOptions::MANDATORY); |
| saving_browser_history_disabled->set_value(true); |
| |
| em::IntegerPolicyProto* default_popups_setting = |
| settings.mutable_defaultpopupssetting(); |
| default_popups_setting->mutable_policy_options()->set_mode( |
| em::PolicyOptions::MANDATORY); |
| default_popups_setting->set_value(4); |
| |
| em::StringListPolicyProto* url_blocklist = settings.mutable_urlblocklist(); |
| url_blocklist->mutable_policy_options()->set_mode( |
| em::PolicyOptions::MANDATORY); |
| url_blocklist->mutable_value()->add_entries("dev.chromium.org"); |
| url_blocklist->mutable_value()->add_entries("youtube.com"); |
| |
| em::StringPolicyProto* default_search_provider_name = |
| settings.mutable_defaultsearchprovidername(); |
| default_search_provider_name->mutable_policy_options()->set_mode( |
| em::PolicyOptions::MANDATORY); |
| default_search_provider_name->set_value("MyDefaultSearchEngine"); |
| |
| em::StringPolicyProto* homepage_location = |
| settings.mutable_homepagelocation(); |
| homepage_location->mutable_policy_options()->set_mode( |
| em::PolicyOptions::RECOMMENDED); |
| homepage_location->set_value(homepage); |
| |
| return settings; |
| } |
| |
| void GetExpectedTestPolicy(PolicyMap* expected, const char* homepage) { |
| GetExpectedDefaultPolicy(expected); |
| |
| expected->Set(key::kSavingBrowserHistoryDisabled, POLICY_LEVEL_MANDATORY, |
| POLICY_SCOPE_USER, POLICY_SOURCE_CLOUD, base::Value(true), |
| nullptr); |
| expected->Set(key::kDefaultPopupsSetting, POLICY_LEVEL_MANDATORY, |
| POLICY_SCOPE_USER, POLICY_SOURCE_CLOUD, base::Value(4), |
| nullptr); |
| base::ListValue list; |
| list.Append("dev.chromium.org"); |
| list.Append("youtube.com"); |
| expected->Set(key::kURLBlocklist, POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, |
| POLICY_SOURCE_CLOUD, list.Clone(), nullptr); |
| expected->Set(key::kDefaultSearchProviderName, POLICY_LEVEL_MANDATORY, |
| POLICY_SCOPE_USER, POLICY_SOURCE_CLOUD, |
| base::Value("MyDefaultSearchEngine"), nullptr); |
| expected->Set(key::kHomepageLocation, POLICY_LEVEL_RECOMMENDED, |
| POLICY_SCOPE_USER, POLICY_SOURCE_CLOUD, base::Value(homepage), |
| nullptr); |
| } |
| |
| } // namespace |
| |
| // Tests the cloud policy stack(s). |
| class CloudPolicyTest : public PlatformBrowserTest, |
| public PolicyService::Observer { |
| protected: |
| CloudPolicyTest() {} |
| ~CloudPolicyTest() override {} |
| |
| void SetUpInProcessBrowserTestFixture() override { |
| PlatformBrowserTest::SetUpOnMainThread(); |
| |
| test_server_ = std::make_unique<EmbeddedPolicyTestServer>(); |
| ASSERT_TRUE(test_server_->Start()); |
| |
| ASSERT_NO_FATAL_FAILURE( |
| SetServerPolicy(em::CloudPolicySettings(), 1, std::string())); |
| |
| std::string url = test_server_->GetServiceURL().spec(); |
| |
| base::CommandLine* command_line = base::CommandLine::ForCurrentProcess(); |
| command_line->AppendSwitchASCII(switches::kDeviceManagementUrl, url); |
| ChromeBrowserPolicyConnector::EnableCommandLineSupportForTesting(); |
| } |
| |
| void CreatedBrowserMainParts( |
| content::BrowserMainParts* browser_main_parts) override { |
| invalidation::ProfileInvalidationProviderFactory::GetInstance() |
| ->RegisterTestingFactory( |
| base::BindRepeating(&BuildFakeProfileInvalidationProvider)); |
| } |
| |
| void SetUpOnMainThread() override { |
| ASSERT_TRUE(PolicyServiceIsEmpty(g_browser_process->policy_service())) |
| << "Pre-existing policies in this machine will make this test fail."; |
| |
| BrowserPolicyConnector* connector = |
| g_browser_process->browser_policy_connector(); |
| connector->ScheduleServiceInitialization(0); |
| |
| #if BUILDFLAG(IS_CHROMEOS_ASH) |
| UserCloudPolicyManagerAsh* policy_manager = |
| chrome_test_utils::GetProfile(this)->GetUserCloudPolicyManagerAsh(); |
| ASSERT_TRUE(policy_manager); |
| #else |
| #if BUILDFLAG(IS_CHROMEOS_LACROS) |
| base::FilePath dest_path = |
| g_browser_process->profile_manager()->user_data_dir(); |
| profile_ = Profile::CreateProfile( |
| dest_path.Append(FILE_PATH_LITERAL("New Profile 1")), nullptr, |
| Profile::CreateMode::CREATE_MODE_SYNCHRONOUS); |
| Profile* profile = profile_.get(); |
| #else |
| Profile* profile = chrome_test_utils::GetProfile(this); |
| #endif // BUILDFLAG(IS_CHROMEOS_LACROS) |
| |
| // Mock a signed-in user. This is used by the UserCloudPolicyStore to pass |
| // the username to the UserCloudPolicyValidator. |
| identity_test_env_ = std::make_unique<signin::IdentityTestEnvironment>(); |
| identity_test_env_->MakePrimaryAccountAvailable( |
| GetTestUser(), signin::ConsentLevel::kSync); |
| |
| UserCloudPolicyManager* policy_manager = |
| profile->GetUserCloudPolicyManager(); |
| ASSERT_TRUE(policy_manager); |
| policy_manager->Connect( |
| g_browser_process->local_state(), |
| UserCloudPolicyManager::CreateCloudPolicyClient( |
| connector->device_management_service(), |
| g_browser_process->shared_url_loader_factory())); |
| #endif // BUILDFLAG(IS_CHROMEOS_ASH) |
| |
| ASSERT_TRUE(policy_manager->core()->client()); |
| |
| // The registration below will trigger a policy refresh (see |
| // CloudPolicyRefreshScheduler::OnRegistrationStateChanged). When the tests |
| // below call RefreshPolicies(), the first policy request will be cancelled |
| // (see CloudPolicyClient::FetchPolicy which will reset |
| // |policy_fetch_request_job_|). When the URLLoader implementation sees the |
| // SimpleURLLoader going away, it'll cancel it's request as well. This race |
| // sometimes causes errors in the Python policy server (|test_server_|). |
| // Work around this by removing the refresh scheduler as an observer |
| // temporarily. |
| policy_manager->core()->client()->RemoveObserver( |
| policy_manager->core()->refresh_scheduler()); |
| |
| base::RunLoop run_loop; |
| MockCloudPolicyClientObserver observer; |
| EXPECT_CALL(observer, OnRegistrationStateChanged(_)) |
| .WillOnce(InvokeWithoutArgs(&run_loop, &base::RunLoop::Quit)); |
| policy_manager->core()->client()->AddObserver(&observer); |
| |
| // Give a bogus OAuth token to the |policy_manager|. This should make its |
| // CloudPolicyClient fetch the DMToken. |
| ASSERT_FALSE(policy_manager->core()->client()->is_registered()); |
| CloudPolicyClient::RegistrationParameters parameters( |
| #if BUILDFLAG(IS_CHROMEOS_ASH) |
| em::DeviceRegisterRequest::USER, |
| #else |
| em::DeviceRegisterRequest::BROWSER, |
| #endif |
| em::DeviceRegisterRequest::FLAVOR_USER_REGISTRATION); |
| policy_manager->core()->client()->Register( |
| parameters, std::string() /* client_id */, |
| "oauth_token_unused" /* oauth_token */); |
| run_loop.Run(); |
| Mock::VerifyAndClearExpectations(&observer); |
| policy_manager->core()->client()->RemoveObserver(&observer); |
| EXPECT_TRUE(policy_manager->core()->client()->is_registered()); |
| |
| // Readd the refresh scheduler as an observer now that the first policy |
| // fetch finished. |
| policy_manager->core()->client()->AddObserver( |
| policy_manager->core()->refresh_scheduler()); |
| |
| #if BUILDFLAG(IS_CHROMEOS_ASH) |
| // Get the path to the user policy key file. |
| base::FilePath user_policy_key_dir; |
| ASSERT_TRUE(base::PathService::Get( |
| chromeos::dbus_paths::DIR_USER_POLICY_KEYS, &user_policy_key_dir)); |
| std::string sanitized_username = |
| chromeos::UserDataAuthClient::GetStubSanitizedUsername( |
| cryptohome::CreateAccountIdentifierFromAccountId( |
| AccountId::FromUserEmail(GetTestUser()))); |
| user_policy_key_file_ = user_policy_key_dir.AppendASCII(sanitized_username) |
| .AppendASCII("policy.pub"); |
| #endif |
| } |
| |
| void TearDownOnMainThread() override { |
| #if BUILDFLAG(IS_CHROMEOS_LACROS) |
| profile_.reset(); |
| #endif |
| identity_test_env_.reset(); |
| } |
| |
| Profile* profile() { |
| #if BUILDFLAG(IS_CHROMEOS_LACROS) |
| return profile_.get(); |
| #else |
| return chrome_test_utils::GetProfile(this); |
| #endif |
| } |
| |
| PolicyService* GetPolicyService() { |
| return profile()->GetProfilePolicyConnector()->policy_service(); |
| } |
| |
| invalidation::FakeInvalidationService* GetInvalidationServiceForSenderId( |
| std::string sender_id) { |
| return static_cast<invalidation::FakeInvalidationService*>( |
| static_cast<invalidation::ProfileInvalidationProvider*>( |
| invalidation::ProfileInvalidationProviderFactory::GetInstance() |
| ->GetForProfile(profile())) |
| ->GetInvalidationServiceForCustomSender(sender_id)); |
| } |
| |
| void SetServerPolicy(const em::CloudPolicySettings& settings, |
| int key_version, |
| const std::string& policy_invalidation_topic) { |
| test_server_->policy_storage()->SetPolicyPayload( |
| dm_protocol::kChromeUserPolicyType, settings.SerializeAsString()); |
| |
| test_server_->policy_storage()->add_managed_user("*"); |
| test_server_->policy_storage()->set_policy_user(GetTestUser()); |
| test_server_->policy_storage() |
| ->signature_provider() |
| ->set_current_key_version(key_version); |
| test_server_->policy_storage()->set_policy_invalidation_topic( |
| policy_invalidation_topic); |
| } |
| |
| void OnPolicyUpdated(const PolicyNamespace& ns, |
| const PolicyMap& previous, |
| const PolicyMap& current) override { |
| if (!on_policy_updated_.is_null()) { |
| std::move(on_policy_updated_).Run(); |
| } |
| } |
| |
| void OnPolicyServiceInitialized(PolicyDomain domain) override {} |
| |
| std::unique_ptr<EmbeddedPolicyTestServer> test_server_; |
| base::FilePath user_policy_key_file_; |
| base::OnceClosure on_policy_updated_; |
| #if BUILDFLAG(IS_CHROMEOS_LACROS) |
| // For Lacros use non-main profile in these tests. |
| std::unique_ptr<Profile> profile_; |
| #endif |
| |
| std::unique_ptr<signin::IdentityTestEnvironment> identity_test_env_; |
| }; |
| |
| IN_PROC_BROWSER_TEST_F(CloudPolicyTest, FetchPolicy) { |
| PolicyService* policy_service = GetPolicyService(); |
| { |
| base::RunLoop run_loop; |
| // This does the initial fetch and stores the initial key. |
| policy_service->RefreshPolicies(run_loop.QuitClosure()); |
| run_loop.Run(); |
| } |
| |
| PolicyMap default_policy; |
| GetExpectedDefaultPolicy(&default_policy); |
| EXPECT_TRUE(default_policy.Equals(policy_service->GetPolicies( |
| PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())))); |
| |
| ASSERT_NO_FATAL_FAILURE(SetServerPolicy(GetTestPolicy("google.com"), 1, |
| kPolicyInvalidationTopic)); |
| PolicyMap expected; |
| GetExpectedTestPolicy(&expected, "google.com"); |
| { |
| base::RunLoop run_loop; |
| // This fetches the new policies, using the same key. |
| policy_service->RefreshPolicies(run_loop.QuitClosure()); |
| run_loop.Run(); |
| } |
| EXPECT_TRUE(expected.Equals(policy_service->GetPolicies( |
| PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())))); |
| } |
| |
| #if BUILDFLAG(IS_CHROMEOS_ASH) |
| // ENTERPRISE_DEFAULT policies only are supported on Chrome OS currently. |
| IN_PROC_BROWSER_TEST_F(CloudPolicyTest, EnsureDefaultPoliciesSet) { |
| PolicyService* policy_service = GetPolicyService(); |
| { |
| base::RunLoop run_loop; |
| // This does the initial fetch and stores the initial key. |
| policy_service->RefreshPolicies(run_loop.QuitClosure()); |
| run_loop.Run(); |
| } |
| |
| PolicyMap default_policy; |
| GetExpectedDefaultPolicy(&default_policy); |
| // Make sure the expected policy has at least one of the policies we're |
| // expecting. |
| EXPECT_TRUE(default_policy.GetValue(key::kEasyUnlockAllowed)); |
| |
| // Now make sure that these default policies are actually getting injected. |
| EXPECT_TRUE(default_policy.Equals(policy_service->GetPolicies( |
| PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())))); |
| } |
| #endif |
| |
| // crbug.com/1230268 not working on Lacros. |
| #if BUILDFLAG(IS_CHROMEOS_LACROS) |
| #define MAYBE_InvalidatePolicy DISABLED_InvalidatePolicy |
| #else |
| #define MAYBE_InvalidatePolicy InvalidatePolicy |
| #endif |
| IN_PROC_BROWSER_TEST_F(CloudPolicyTest, MAYBE_InvalidatePolicy) { |
| PolicyService* policy_service = GetPolicyService(); |
| policy_service->AddObserver(POLICY_DOMAIN_CHROME, this); |
| |
| // Perform the initial fetch. |
| ASSERT_NO_FATAL_FAILURE(SetServerPolicy(GetTestPolicy("google.com"), 1, |
| kPolicyInvalidationTopic)); |
| { |
| base::RunLoop run_loop; |
| policy_service->RefreshPolicies(run_loop.QuitClosure()); |
| run_loop.Run(); |
| } |
| |
| // Update the homepage in the policy and trigger an invalidation. |
| ASSERT_NO_FATAL_FAILURE(SetServerPolicy(GetTestPolicy("youtube.com"), 1, |
| kPolicyInvalidationTopic)); |
| base::TimeDelta now = |
| base::Time::NowFromSystemTime() - base::Time::UnixEpoch(); |
| |
| GetInvalidationServiceForSenderId(kPolicyFCMInvalidationSenderID) |
| ->EmitInvalidationForTest(invalidation::Invalidation::Init( |
| kPolicyInvalidationTopic, now.InMicroseconds() /* version */, |
| "payload")); |
| { |
| base::RunLoop run_loop; |
| on_policy_updated_ = run_loop.QuitClosure(); |
| run_loop.Run(); |
| } |
| |
| // Check that the updated policy was fetched. |
| PolicyMap expected; |
| GetExpectedTestPolicy(&expected, "youtube.com"); |
| EXPECT_TRUE(expected.Equals(policy_service->GetPolicies( |
| PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())))); |
| |
| policy_service->RemoveObserver(POLICY_DOMAIN_CHROME, this); |
| } |
| |
| #if BUILDFLAG(IS_CHROMEOS_ASH) |
| IN_PROC_BROWSER_TEST_F(CloudPolicyTest, FetchPolicyWithRotatedKey) { |
| PolicyService* policy_service = GetPolicyService(); |
| { |
| base::RunLoop run_loop; |
| // This does the initial fetch and stores the initial key. |
| policy_service->RefreshPolicies(run_loop.QuitClosure()); |
| run_loop.Run(); |
| } |
| |
| // Read the initial key. |
| std::string initial_key; |
| { |
| base::ScopedAllowBlockingForTesting allow_io; |
| ASSERT_TRUE(base::ReadFileToString(user_policy_key_file_, &initial_key)); |
| } |
| |
| PolicyMap default_policy; |
| GetExpectedDefaultPolicy(&default_policy); |
| EXPECT_TRUE(default_policy.Equals(policy_service->GetPolicies( |
| PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())))); |
| |
| // Set the new policies and a new key at the server. |
| ASSERT_NO_FATAL_FAILURE(SetServerPolicy(GetTestPolicy("google.com"), 2, |
| kPolicyInvalidationTopic)); |
| PolicyMap expected; |
| GetExpectedTestPolicy(&expected, "google.com"); |
| { |
| base::RunLoop run_loop; |
| // This fetches the new policies and does a key rotation. |
| policy_service->RefreshPolicies(run_loop.QuitClosure()); |
| run_loop.Run(); |
| } |
| EXPECT_TRUE(expected.Equals(policy_service->GetPolicies( |
| PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())))); |
| |
| // Verify that the key was rotated. |
| std::string rotated_key; |
| { |
| base::ScopedAllowBlockingForTesting allow_io; |
| ASSERT_TRUE(base::ReadFileToString(user_policy_key_file_, &rotated_key)); |
| } |
| EXPECT_NE(rotated_key, initial_key); |
| |
| // Another refresh using the same key won't rotate it again. |
| { |
| base::RunLoop run_loop; |
| policy_service->RefreshPolicies(run_loop.QuitClosure()); |
| run_loop.Run(); |
| } |
| EXPECT_TRUE(expected.Equals(policy_service->GetPolicies( |
| PolicyNamespace(POLICY_DOMAIN_CHROME, std::string())))); |
| std::string current_key; |
| { |
| base::ScopedAllowBlockingForTesting allow_io; |
| ASSERT_TRUE(base::ReadFileToString(user_policy_key_file_, ¤t_key)); |
| } |
| |
| EXPECT_EQ(rotated_key, current_key); |
| } |
| #endif |
| |
| TEST(CloudPolicyProtoTest, VerifyProtobufEquivalence) { |
| // There are 2 protobufs that can be used for user cloud policy: |
| // cloud_policy.proto and chrome_settings.proto. chrome_settings.proto is the |
| // version used by the server, but generates one proto message per policy; to |
| // save binary size on the client, the other version shares proto messages for |
| // policies of the same type. They generate the same bytes on the wire though, |
| // so they are compatible. This test verifies that that stays true. |
| |
| // Build a ChromeSettingsProto message with one policy of each supported type. |
| em::ChromeSettingsProto chrome_settings; |
| chrome_settings.mutable_homepagelocation()->set_homepagelocation( |
| "chromium.org"); |
| chrome_settings.mutable_savingbrowserhistorydisabled() |
| ->set_savingbrowserhistorydisabled(true); |
| chrome_settings.mutable_defaultjavascriptsetting() |
| ->set_defaultjavascriptsetting(2); |
| em::StringList* list = chrome_settings.mutable_synctypeslistdisabled() |
| ->mutable_synctypeslistdisabled(); |
| list->add_entries("bookmarks"); |
| list->add_entries("passwords"); |
| // Try explicitly setting a policy mode too. |
| chrome_settings.mutable_searchsuggestenabled()->set_searchsuggestenabled( |
| false); |
| chrome_settings.mutable_searchsuggestenabled() |
| ->mutable_policy_options() |
| ->set_mode(em::PolicyOptions::MANDATORY); |
| chrome_settings.mutable_syncdisabled()->set_syncdisabled(true); |
| chrome_settings.mutable_syncdisabled()->mutable_policy_options()->set_mode( |
| em::PolicyOptions::RECOMMENDED); |
| |
| // Build an equivalent CloudPolicySettings message. |
| em::CloudPolicySettings cloud_policy; |
| cloud_policy.mutable_homepagelocation()->set_value("chromium.org"); |
| cloud_policy.mutable_savingbrowserhistorydisabled()->set_value(true); |
| cloud_policy.mutable_defaultjavascriptsetting()->set_value(2); |
| list = cloud_policy.mutable_synctypeslistdisabled()->mutable_value(); |
| list->add_entries("bookmarks"); |
| list->add_entries("passwords"); |
| cloud_policy.mutable_searchsuggestenabled()->set_value(false); |
| cloud_policy.mutable_searchsuggestenabled() |
| ->mutable_policy_options() |
| ->set_mode(em::PolicyOptions::MANDATORY); |
| cloud_policy.mutable_syncdisabled()->set_value(true); |
| cloud_policy.mutable_syncdisabled()->mutable_policy_options()->set_mode( |
| em::PolicyOptions::RECOMMENDED); |
| |
| // They should now serialize to the same bytes. |
| std::string chrome_settings_serialized; |
| std::string cloud_policy_serialized; |
| ASSERT_TRUE(chrome_settings.SerializeToString(&chrome_settings_serialized)); |
| ASSERT_TRUE(cloud_policy.SerializeToString(&cloud_policy_serialized)); |
| EXPECT_EQ(chrome_settings_serialized, cloud_policy_serialized); |
| } |
| |
| } // namespace policy |