Home | History | Annotate | Download | only in functional 
      1 # Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 # Use of this source code is governed by a BSD-style license that can be
      3 # found in the LICENSE file.
      4 
      5 import pyauto_functional  # Must come before pyauto (and thus, policy_base).
      6 import policy_base
      7 
      8 
      9 class ChromeosDevicePolicy(policy_base.PolicyTestBase):
     10   """Tests various ChromeOS device policies."""
     11 
     12   # Cache user credentials for easy lookup.
     13   private_info = policy_base.PolicyTestBase.GetPrivateInfo()
     14   credentials = (private_info['prod_enterprise_test_user'],
     15                  private_info['prod_enterprise_executive_user'],
     16                  private_info['prod_enterprise_sales_user'])
     17   _usernames = [credential['username'] for credential in credentials]
     18   _passwords = [credential['password'] for credential in credentials]
     19 
     20   def LoginAsGuest(self):
     21     self.assertFalse(self.GetLoginInfo()['is_logged_in'],
     22                      msg='Expected to be logged out.')
     23     policy_base.PolicyTestBase.LoginAsGuest(self)
     24     self.assertTrue(self.GetLoginInfo()['is_logged_in'],
     25                     msg='Expected to be logged in.')
     26 
     27   def _Login(self, user_index, expect_success):
     28     self.assertFalse(self.GetLoginInfo()['is_logged_in'],
     29                      msg='Expected to be logged out.')
     30     policy_base.PolicyTestBase.Login(self,
     31                                      self._usernames[user_index],
     32                                      self._passwords[user_index])
     33     if expect_success:
     34       self.assertTrue(self.GetLoginInfo()['is_logged_in'],
     35                       msg='Expected to be logged in.')
     36     else:
     37       self.assertFalse(self.GetLoginInfo()['is_logged_in'],
     38                        msg='Expected to not be logged in.')
     39 
     40   def _CheckGuestModeAvailableInLoginWindow(self):
     41     return self.ExecuteJavascriptInOOBEWebUI(
     42         """window.domAutomationController.send(
     43                !document.getElementById('guestSignin').hidden);
     44         """)
     45 
     46   def _CheckGuestModeAvailableInAccountPicker(self):
     47     return self.ExecuteJavascriptInOOBEWebUI(
     48         """window.domAutomationController.send(
     49                !!document.getElementById('pod-row').getPodWithUsername_(''));
     50         """)
     51 
     52   def _CheckPodVisible(self, username):
     53     javascript = """
     54         var pod = document.getElementById('pod-row').getPodWithUsername_('%s');
     55         window.domAutomationController.send(!!pod && !pod.hidden);
     56         """
     57     return self.ExecuteJavascriptInOOBEWebUI(javascript % username)
     58 
     59   def _WaitForPodVisibility(self, username, visible):
     60     self.assertTrue(
     61         self.WaitUntil(function=lambda: self._CheckPodVisible(username),
     62                        expect_retval=visible),
     63         msg='Expected pod for user %s to %s be visible.' %
     64             (username, '' if visible else 'not'))
     65 
     66   def testGuestModeEnabled(self):
     67     """Checks that guest mode login can be enabled/disabled."""
     68     self.SetDevicePolicy({'guest_mode_enabled': True})
     69     self.assertTrue(self._CheckGuestModeAvailableInLoginWindow(),
     70                     msg='Expected guest mode to be available.')
     71     self.LoginAsGuest()
     72     self.Logout()
     73 
     74     self.SetDevicePolicy({'guest_mode_enabled': False})
     75     self.assertFalse(self._CheckGuestModeAvailableInLoginWindow(),
     76                      msg='Expected guest mode to not be available.')
     77 
     78     # Log in as a regular so that the pod row contains at least one pod and the
     79     # account picker is shown.
     80     self._Login(user_index=0, expect_success=True)
     81     self.Logout()
     82 
     83     self.SetDevicePolicy({'guest_mode_enabled': True})
     84     self.assertTrue(self._CheckGuestModeAvailableInAccountPicker(),
     85                     msg='Expected guest mode to be available.')
     86     self.LoginAsGuest()
     87     self.Logout()
     88 
     89     self.SetDevicePolicy({'guest_mode_enabled': False})
     90     self.assertFalse(self._CheckGuestModeAvailableInAccountPicker(),
     91                      msg='Expected guest mode to not be available.')
     92 
     93   def testShowUserNamesOnSignin(self):
     94     """Checks that the account picker can be enabled/disabled."""
     95     # Log in as a regular user so that the pod row contains at least one pod and
     96     # the account picker can be shown.
     97     self._Login(user_index=0, expect_success=True)
     98     self.Logout()
     99 
    100     self.SetDevicePolicy({'show_user_names': False})
    101     self._WaitForLoginScreenId('gaia-signin')
    102 
    103     self.SetDevicePolicy({'show_user_names': True})
    104     self._WaitForLoginScreenId('account-picker')
    105 
    106   def testUserWhitelistAndAllowNewUsers(self):
    107     """Checks that login can be (dis)allowed by whitelist and allow-new-users.
    108 
    109     The test verifies that these two interrelated policies behave as documented
    110     in the chrome/browser/policy/proto/chrome_device_policy.proto file. Cases
    111     for which the current behavior is marked as "broken" are intentionally
    112     ommitted since the broken behavior should be fixed rather than protected by
    113     tests.
    114     """
    115     # No whitelist
    116     self.SetDevicePolicy({'allow_new_users': True})
    117     self._Login(user_index=0, expect_success=True)
    118     self.Logout()
    119 
    120     # Empty whitelist
    121     self.SetDevicePolicy({'user_whitelist': []})
    122     self._Login(user_index=0, expect_success=True)
    123     self.Logout()
    124 
    125     self.SetDevicePolicy({'allow_new_users': True,
    126                           'user_whitelist': []})
    127     self._Login(user_index=0, expect_success=True)
    128     self.Logout()
    129 
    130     # Populated whitelist
    131     self.SetDevicePolicy({'user_whitelist': [self._usernames[0]]})
    132     self._Login(user_index=0, expect_success=True)
    133     self.Logout()
    134     self._Login(user_index=1, expect_success=False)
    135 
    136     self.SetDevicePolicy({'allow_new_users': True,
    137                           'user_whitelist': [self._usernames[0]]})
    138     self._Login(user_index=0, expect_success=True)
    139     self.Logout()
    140     self._Login(user_index=1, expect_success=True)
    141     self.Logout()
    142 
    143     # New users not allowed, populated whitelist
    144     self.SetDevicePolicy({'allow_new_users': False,
    145                           'user_whitelist': [self._usernames[0]]})
    146     self._Login(user_index=0, expect_success=True)
    147     self.Logout()
    148     self._Login(user_index=1, expect_success=False)
    149 
    150   def testUserWhitelistInAccountPicker(self):
    151     """Checks that setting a whitelist removes non-whitelisted user pods."""
    152     # Disable the account picker so that the login form is shown and the Login()
    153     # automation call can be used.
    154     self.PrepareToWaitForLoginFormReload()
    155     self.SetDevicePolicy({'show_user_names': False})
    156     self.WaitForLoginFormReload()
    157 
    158     # Log in to populate the list of existing users.
    159     self._Login(user_index=0, expect_success=True)
    160     self.Logout()
    161     self._Login(user_index=1, expect_success=True)
    162     self.Logout()
    163 
    164     # Enable the account picker.
    165     self.SetDevicePolicy({'show_user_names': True})
    166     self._WaitForLoginScreenId('account-picker')
    167 
    168     # Check pod visibility with and without a whitelist.
    169     self._WaitForPodVisibility(username=self._usernames[0], visible=True)
    170     self._WaitForPodVisibility(username=self._usernames[1], visible=True)
    171 
    172     self.SetDevicePolicy({'show_user_names': True,
    173                           'user_whitelist': [self._usernames[1]]})
    174     self._WaitForPodVisibility(username=self._usernames[0], visible=False)
    175     self._WaitForPodVisibility(username=self._usernames[1], visible=True)
    176 
    177     self.SetDevicePolicy({'show_user_names': True})
    178     self._WaitForPodVisibility(username=self._usernames[0], visible=True)
    179     self._WaitForPodVisibility(username=self._usernames[1], visible=True)
    180 
    181   _timezones = ['America/Barbados', 'Europe/Helsinki']
    182 
    183   def testTimezoneSettingWithoutPolicy(self):
    184     """Without timezone policy, timezone changes by user are persistent."""
    185     self.SetDevicePolicy(refresh=False)
    186 
    187     for timezone in self._timezones:
    188       self._Login(user_index=1, expect_success=True)
    189       self.SetTimezone(timezone)
    190       self.assertEqual(timezone, self.GetTimeInfo()['timezone'])
    191 
    192       self.Logout()
    193       self.assertEqual(timezone, self.GetTimeInfo()['timezone'])
    194 
    195 
    196   def testTimezoneSettingWithPolicy(self):
    197     """With timezone policy, timezone changes by user are reset on logout."""
    198     self.SetDevicePolicy({'timezone': self._timezones[0]}, refresh=True)
    199 
    200     # Timezones are set on startup, i.e. everytime when loading the login
    201     # screen. Something like a browser restart may work, too.
    202     self._Login(user_index=1, expect_success=True)
    203     self.Logout()
    204 
    205     self.assertEqual(self._timezones[0], self.GetTimeInfo()['timezone'])
    206 
    207     self._Login(user_index=1, expect_success=True)
    208     self.SetTimezone(self._timezones[1])
    209     self.assertEqual(self._timezones[1], self.GetTimeInfo()['timezone'])
    210 
    211     self.Logout()
    212     self.assertEqual(self._timezones[0], self.GetTimeInfo()['timezone'])
    213 
    214 
    215 if __name__ == '__main__':
    216   pyauto_functional.Main()
    217