1 // Copyright 2017 The Chromium OS Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include <gmock/gmock.h> 6 #include <gtest/gtest.h> 7 8 #include "policy/device_policy_impl.h" 9 10 #include "bindings/chrome_device_policy.pb.h" 11 #include "install_attributes/mock_install_attributes_reader.h" 12 13 namespace em = enterprise_management; 14 15 using testing::ElementsAre; 16 17 namespace policy { 18 19 class DevicePolicyImplTest : public testing::Test, public DevicePolicyImpl { 20 protected: 21 void InitializePolicy(const char* device_mode, 22 const em::ChromeDeviceSettingsProto& proto) { 23 device_policy_.set_policy_for_testing(proto); 24 device_policy_.set_install_attributes_for_testing( 25 std::make_unique<MockInstallAttributesReader>( 26 device_mode, true /* initialized */)); 27 } 28 29 DevicePolicyImpl device_policy_; 30 }; 31 32 // Enterprise managed. 33 TEST_F(DevicePolicyImplTest, GetOwner_Managed) { 34 em::PolicyData policy_data; 35 policy_data.set_username("user (at) example.com"); 36 policy_data.set_management_mode(em::PolicyData::ENTERPRISE_MANAGED); 37 device_policy_.set_policy_data_for_testing(policy_data); 38 39 std::string owner("something"); 40 EXPECT_TRUE(device_policy_.GetOwner(&owner)); 41 EXPECT_TRUE(owner.empty()); 42 } 43 44 // Consumer owned. 45 TEST_F(DevicePolicyImplTest, GetOwner_Consumer) { 46 em::PolicyData policy_data; 47 policy_data.set_username("user (at) example.com"); 48 policy_data.set_management_mode(em::PolicyData::LOCAL_OWNER); 49 policy_data.set_request_token("codepath-must-ignore-dmtoken"); 50 device_policy_.set_policy_data_for_testing(policy_data); 51 52 std::string owner; 53 EXPECT_TRUE(device_policy_.GetOwner(&owner)); 54 EXPECT_EQ("user (at) example.com", owner); 55 } 56 57 // Consumer owned, username is missing. 58 TEST_F(DevicePolicyImplTest, GetOwner_ConsumerMissingUsername) { 59 em::PolicyData policy_data; 60 device_policy_.set_policy_data_for_testing(policy_data); 61 62 std::string owner("something"); 63 EXPECT_FALSE(device_policy_.GetOwner(&owner)); 64 EXPECT_EQ("something", owner); 65 } 66 67 // Enterprise managed, denoted by management_mode. 68 TEST_F(DevicePolicyImplTest, IsEnterpriseManaged_ManagementModeManaged) { 69 em::PolicyData policy_data; 70 policy_data.set_management_mode(em::PolicyData::ENTERPRISE_MANAGED); 71 device_policy_.set_policy_data_for_testing(policy_data); 72 73 EXPECT_TRUE(device_policy_.IsEnterpriseManaged()); 74 } 75 76 // Enterprise managed, fallback to DM token. 77 TEST_F(DevicePolicyImplTest, IsEnterpriseManaged_DMTokenManaged) { 78 em::PolicyData policy_data; 79 policy_data.set_request_token("abc"); 80 device_policy_.set_policy_data_for_testing(policy_data); 81 82 EXPECT_TRUE(device_policy_.IsEnterpriseManaged()); 83 } 84 85 // Consumer owned, denoted by management_mode. 86 TEST_F(DevicePolicyImplTest, IsEnterpriseManaged_ManagementModeConsumer) { 87 em::PolicyData policy_data; 88 policy_data.set_management_mode(em::PolicyData::LOCAL_OWNER); 89 policy_data.set_request_token("codepath-must-ignore-dmtoken"); 90 device_policy_.set_policy_data_for_testing(policy_data); 91 92 EXPECT_FALSE(device_policy_.IsEnterpriseManaged()); 93 } 94 95 // Consumer owned, fallback to interpreting absence of DM token. 96 TEST_F(DevicePolicyImplTest, IsEnterpriseManaged_DMTokenConsumer) { 97 em::PolicyData policy_data; 98 device_policy_.set_policy_data_for_testing(policy_data); 99 100 EXPECT_FALSE(device_policy_.IsEnterpriseManaged()); 101 } 102 103 // RollbackAllowedMilestones is not set. 104 TEST_F(DevicePolicyImplTest, GetRollbackAllowedMilestones_NotSet) { 105 device_policy_.set_install_attributes_for_testing( 106 std::make_unique<MockInstallAttributesReader>( 107 InstallAttributesReader::kDeviceModeEnterprise, true)); 108 109 int value = -1; 110 ASSERT_TRUE(device_policy_.GetRollbackAllowedMilestones(&value)); 111 EXPECT_EQ(0, value); 112 } 113 114 // RollbackAllowedMilestones is set to a valid value. 115 TEST_F(DevicePolicyImplTest, GetRollbackAllowedMilestones_Set) { 116 em::ChromeDeviceSettingsProto device_policy_proto; 117 em::AutoUpdateSettingsProto* auto_update_settings = 118 device_policy_proto.mutable_auto_update_settings(); 119 auto_update_settings->set_rollback_allowed_milestones(3); 120 InitializePolicy(InstallAttributesReader::kDeviceModeEnterprise, 121 device_policy_proto); 122 123 int value = -1; 124 ASSERT_TRUE(device_policy_.GetRollbackAllowedMilestones(&value)); 125 EXPECT_EQ(3, value); 126 } 127 128 // RollbackAllowedMilestones is set to a valid value, using AD. 129 TEST_F(DevicePolicyImplTest, GetRollbackAllowedMilestones_SetAD) { 130 em::ChromeDeviceSettingsProto device_policy_proto; 131 em::AutoUpdateSettingsProto* auto_update_settings = 132 device_policy_proto.mutable_auto_update_settings(); 133 auto_update_settings->set_rollback_allowed_milestones(3); 134 InitializePolicy(InstallAttributesReader::kDeviceModeEnterpriseAD, 135 device_policy_proto); 136 int value = -1; 137 ASSERT_TRUE(device_policy_.GetRollbackAllowedMilestones(&value)); 138 EXPECT_EQ(3, value); 139 } 140 141 // RollbackAllowedMilestones is set to a valid value, but it's not an enterprise 142 // device. 143 TEST_F(DevicePolicyImplTest, GetRollbackAllowedMilestones_SetConsumer) { 144 em::ChromeDeviceSettingsProto device_policy_proto; 145 em::AutoUpdateSettingsProto* auto_update_settings = 146 device_policy_proto.mutable_auto_update_settings(); 147 auto_update_settings->set_rollback_allowed_milestones(3); 148 InitializePolicy(InstallAttributesReader::kDeviceModeConsumer, 149 device_policy_proto); 150 151 int value = -1; 152 ASSERT_FALSE(device_policy_.GetRollbackAllowedMilestones(&value)); 153 } 154 155 // RollbackAllowedMilestones is set to an invalid value. 156 TEST_F(DevicePolicyImplTest, GetRollbackAllowedMilestones_SetTooLarge) { 157 em::ChromeDeviceSettingsProto device_policy_proto; 158 em::AutoUpdateSettingsProto* auto_update_settings = 159 device_policy_proto.mutable_auto_update_settings(); 160 auto_update_settings->set_rollback_allowed_milestones(10); 161 InitializePolicy(InstallAttributesReader::kDeviceModeEnterprise, 162 device_policy_proto); 163 164 int value = -1; 165 ASSERT_TRUE(device_policy_.GetRollbackAllowedMilestones(&value)); 166 EXPECT_EQ(4, value); 167 } 168 169 // RollbackAllowedMilestones is set to an invalid value. 170 TEST_F(DevicePolicyImplTest, GetRollbackAllowedMilestones_SetTooSmall) { 171 em::ChromeDeviceSettingsProto device_policy_proto; 172 em::AutoUpdateSettingsProto* auto_update_settings = 173 device_policy_proto.mutable_auto_update_settings(); 174 auto_update_settings->set_rollback_allowed_milestones(-1); 175 InitializePolicy(InstallAttributesReader::kDeviceModeEnterprise, 176 device_policy_proto); 177 178 int value = -1; 179 ASSERT_TRUE(device_policy_.GetRollbackAllowedMilestones(&value)); 180 EXPECT_EQ(0, value); 181 } 182 183 // Update staging schedule has no values 184 TEST_F(DevicePolicyImplTest, GetDeviceUpdateStagingSchedule_NoValues) { 185 em::ChromeDeviceSettingsProto device_policy_proto; 186 em::AutoUpdateSettingsProto *auto_update_settings = 187 device_policy_proto.mutable_auto_update_settings(); 188 auto_update_settings->set_staging_schedule("[]"); 189 InitializePolicy(InstallAttributesReader::kDeviceModeEnterprise, 190 device_policy_proto); 191 192 std::vector<DayPercentagePair> staging_schedule; 193 ASSERT_TRUE(device_policy_.GetDeviceUpdateStagingSchedule(&staging_schedule)); 194 EXPECT_EQ(0, staging_schedule.size()); 195 } 196 197 // Update staging schedule has valid values 198 TEST_F(DevicePolicyImplTest, GetDeviceUpdateStagingSchedule_Valid) { 199 em::ChromeDeviceSettingsProto device_policy_proto; 200 em::AutoUpdateSettingsProto *auto_update_settings = 201 device_policy_proto.mutable_auto_update_settings(); 202 auto_update_settings->set_staging_schedule( 203 "[{\"days\": 4, \"percentage\": 40}, {\"days\": 10, \"percentage\": " 204 "100}]"); 205 InitializePolicy(InstallAttributesReader::kDeviceModeEnterprise, 206 device_policy_proto); 207 208 std::vector<DayPercentagePair> staging_schedule; 209 ASSERT_TRUE(device_policy_.GetDeviceUpdateStagingSchedule(&staging_schedule)); 210 EXPECT_THAT(staging_schedule, ElementsAre(DayPercentagePair{4, 40}, 211 DayPercentagePair{10, 100})); 212 } 213 214 // Update staging schedule has valid values, set using AD. 215 TEST_F(DevicePolicyImplTest, GetDeviceUpdateStagingSchedule_Valid_AD) { 216 em::ChromeDeviceSettingsProto device_policy_proto; 217 em::AutoUpdateSettingsProto *auto_update_settings = 218 device_policy_proto.mutable_auto_update_settings(); 219 auto_update_settings->set_staging_schedule( 220 "[{\"days\": 4, \"percentage\": 40}, {\"days\": 10, \"percentage\": " 221 "100}]"); 222 InitializePolicy(InstallAttributesReader::kDeviceModeEnterpriseAD, 223 device_policy_proto); 224 225 std::vector<DayPercentagePair> staging_schedule; 226 ASSERT_TRUE(device_policy_.GetDeviceUpdateStagingSchedule(&staging_schedule)); 227 EXPECT_THAT(staging_schedule, ElementsAre(DayPercentagePair{4, 40}, 228 DayPercentagePair{10, 100})); 229 } 230 231 // Update staging schedule has values with values set larger than the max 232 // allowed days/percentage and smaller than the min allowed days/percentage. 233 TEST_F(DevicePolicyImplTest, 234 GetDeviceUpdateStagingSchedule_SetOutsideAllowable) { 235 em::ChromeDeviceSettingsProto device_policy_proto; 236 em::AutoUpdateSettingsProto *auto_update_settings = 237 device_policy_proto.mutable_auto_update_settings(); 238 auto_update_settings->set_staging_schedule( 239 "[{\"days\": -1, \"percentage\": -10}, {\"days\": 30, \"percentage\": " 240 "110}]"); 241 InitializePolicy(InstallAttributesReader::kDeviceModeEnterprise, 242 device_policy_proto); 243 244 std::vector<DayPercentagePair> staging_schedule; 245 ASSERT_TRUE(device_policy_.GetDeviceUpdateStagingSchedule(&staging_schedule)); 246 EXPECT_THAT(staging_schedule, ElementsAre(DayPercentagePair{1, 0}, 247 DayPercentagePair{28, 100})); 248 } 249 250 } // namespace policy 251