1 // Copyright 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "base/callback.h" 6 #include "base/values.h" 7 #include "chrome/browser/browser_process.h" 8 #include "chrome/browser/policy/browser_policy_connector.h" 9 #include "chrome/browser/policy/external_data_fetcher.h" 10 #include "chrome/browser/policy/mock_configuration_policy_provider.h" 11 #include "chrome/browser/policy/policy_map.h" 12 #include "chrome/browser/policy/policy_types.h" 13 #include "chrome/browser/ui/browser.h" 14 #include "chrome/browser/ui/tabs/tab_strip_model.h" 15 #include "chrome/browser/ui/webui/options/options_ui_browsertest.h" 16 #include "content/public/browser/web_contents.h" 17 #include "content/public/test/browser_test_utils.h" 18 #include "content/public/test/test_utils.h" 19 #include "policy/policy_constants.h" 20 #include "testing/gmock/include/gmock/gmock.h" 21 #include "testing/gtest/include/gtest/gtest.h" 22 23 #if defined(OS_CHROMEOS) 24 #include "chrome/browser/chromeos/policy/network_configuration_updater.h" 25 #include "chrome/browser/policy/profile_policy_connector.h" 26 #include "chrome/browser/policy/profile_policy_connector_factory.h" 27 #include "chromeos/network/onc/onc_test_utils.h" 28 #include "crypto/nss_util.h" 29 #endif 30 31 using testing::AnyNumber; 32 using testing::Return; 33 using testing::_; 34 35 class CertificateManagerBrowserTest : public options::OptionsUIBrowserTest { 36 public: 37 CertificateManagerBrowserTest() {} 38 virtual ~CertificateManagerBrowserTest() {} 39 40 protected: 41 virtual void SetUpInProcessBrowserTestFixture() OVERRIDE { 42 // Setup the policy provider for injecting certs through ONC policy. 43 EXPECT_CALL(provider_, IsInitializationComplete(_)) 44 .WillRepeatedly(Return(true)); 45 EXPECT_CALL(provider_, RegisterPolicyDomain(_)).Times(AnyNumber()); 46 policy::BrowserPolicyConnector::SetPolicyProviderForTesting(&provider_); 47 } 48 49 virtual void SetUpOnMainThread() OVERRIDE { 50 #if defined(OS_CHROMEOS) 51 Profile* profile = browser()->profile(); 52 policy::ProfilePolicyConnector* connector = 53 policy::ProfilePolicyConnectorFactory::GetForProfile(profile); 54 55 // Enable web trust certs from policy. 56 g_browser_process->browser_policy_connector()-> 57 network_configuration_updater()->SetUserPolicyService( 58 true, "", connector->policy_service()); 59 #endif 60 content::RunAllPendingInMessageLoop(); 61 } 62 63 #if defined(OS_CHROMEOS) 64 void LoadONCPolicy(const std::string& filename) { 65 const std::string& user_policy_blob = 66 chromeos::onc::test_utils::ReadTestData(filename); 67 policy::PolicyMap policy; 68 policy.Set(policy::key::kOpenNetworkConfiguration, 69 policy::POLICY_LEVEL_MANDATORY, 70 policy::POLICY_SCOPE_USER, 71 Value::CreateStringValue(user_policy_blob), 72 NULL); 73 provider_.UpdateChromePolicy(policy); 74 content::RunAllPendingInMessageLoop(); 75 } 76 #endif 77 78 void ClickElement(const std::string& selector) { 79 EXPECT_TRUE(content::ExecuteScriptInFrame( 80 browser()->tab_strip_model()->GetActiveWebContents(), 81 "//div[@id='settings']/iframe", 82 "document.querySelector(\"" + selector + "\").click()")); 83 } 84 85 bool HasElement(const std::string& selector) { 86 bool result; 87 EXPECT_TRUE(content::ExecuteScriptInFrameAndExtractBool( 88 browser()->tab_strip_model()->GetActiveWebContents(), 89 "//div[@id='settings']/iframe", 90 "window.domAutomationController.send(" 91 " !!document.querySelector('" + selector + "'));", 92 &result)); 93 return result; 94 } 95 96 policy::MockConfigurationPolicyProvider provider_; 97 #if defined(OS_CHROMEOS) 98 crypto::ScopedTestNSSDB test_nssdb_; 99 #endif 100 }; 101 102 #if defined(OS_CHROMEOS) 103 // Ensure policy-installed certificates without web trust do not display 104 // the managed setting indicator (only on Chrome OS). 105 IN_PROC_BROWSER_TEST_F(CertificateManagerBrowserTest, 106 PolicyCertificateWithoutWebTrustHasNoIndicator) { 107 LoadONCPolicy("certificate-authority.onc"); 108 NavigateToSettings(); 109 ClickElement("#certificatesManageButton"); 110 ClickElement("#ca-certs-nav-tab"); 111 EXPECT_FALSE(HasElement(".cert-policy")); 112 } 113 #endif 114 115 #if defined(OS_CHROMEOS) 116 // Ensure policy-installed certificates with web trust display the 117 // managed setting indicator (only on Chrome OS). 118 IN_PROC_BROWSER_TEST_F(CertificateManagerBrowserTest, 119 PolicyCertificateWithWebTrustHasIndicator) { 120 LoadONCPolicy("certificate-web-authority.onc"); 121 NavigateToSettings(); 122 ClickElement("#certificatesManageButton"); 123 ClickElement("#ca-certs-nav-tab"); 124 EXPECT_TRUE(HasElement(".cert-policy")); 125 } 126 #endif 127