1 // Copyright 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "base/prefs/pref_value_map.h" 6 #include "chrome/browser/extensions/external_policy_loader.h" 7 #include "chrome/browser/extensions/policy_handlers.h" 8 #include "chrome/common/pref_names.h" 9 #include "components/policy/core/browser/policy_error_map.h" 10 #include "components/policy/core/common/policy_map.h" 11 #include "policy/policy_constants.h" 12 #include "testing/gtest/include/gtest/gtest.h" 13 14 namespace extensions { 15 16 const char kTestPref[] = "unit_test.test_pref"; 17 18 TEST(ExtensionListPolicyHandlerTest, CheckPolicySettings) { 19 base::ListValue list; 20 policy::PolicyMap policy_map; 21 policy::PolicyErrorMap errors; 22 ExtensionListPolicyHandler handler( 23 policy::key::kExtensionInstallBlacklist, kTestPref, true); 24 25 policy_map.Set(policy::key::kExtensionInstallBlacklist, 26 policy::POLICY_LEVEL_MANDATORY, 27 policy::POLICY_SCOPE_USER, 28 list.DeepCopy(), 29 NULL); 30 errors.Clear(); 31 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors)); 32 EXPECT_TRUE(errors.empty()); 33 34 list.Append(Value::CreateStringValue("abcdefghijklmnopabcdefghijklmnop")); 35 policy_map.Set(policy::key::kExtensionInstallBlacklist, 36 policy::POLICY_LEVEL_MANDATORY, 37 policy::POLICY_SCOPE_USER, 38 list.DeepCopy(), 39 NULL); 40 errors.Clear(); 41 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors)); 42 EXPECT_TRUE(errors.empty()); 43 44 list.Append(Value::CreateStringValue("*")); 45 policy_map.Set(policy::key::kExtensionInstallBlacklist, 46 policy::POLICY_LEVEL_MANDATORY, 47 policy::POLICY_SCOPE_USER, 48 list.DeepCopy(), 49 NULL); 50 errors.Clear(); 51 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors)); 52 EXPECT_TRUE(errors.empty()); 53 54 list.Append(Value::CreateStringValue("invalid")); 55 policy_map.Set(policy::key::kExtensionInstallBlacklist, 56 policy::POLICY_LEVEL_MANDATORY, 57 policy::POLICY_SCOPE_USER, 58 list.DeepCopy(), 59 NULL); 60 errors.Clear(); 61 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors)); 62 EXPECT_FALSE(errors.empty()); 63 EXPECT_FALSE( 64 errors.GetErrors(policy::key::kExtensionInstallBlacklist).empty()); 65 } 66 67 TEST(ExtensionListPolicyHandlerTest, ApplyPolicySettings) { 68 base::ListValue policy; 69 base::ListValue expected; 70 policy::PolicyMap policy_map; 71 PrefValueMap prefs; 72 base::Value* value = NULL; 73 ExtensionListPolicyHandler handler( 74 policy::key::kExtensionInstallBlacklist, kTestPref, false); 75 76 policy.Append(Value::CreateStringValue("abcdefghijklmnopabcdefghijklmnop")); 77 expected.Append(Value::CreateStringValue("abcdefghijklmnopabcdefghijklmnop")); 78 79 policy_map.Set(policy::key::kExtensionInstallBlacklist, 80 policy::POLICY_LEVEL_MANDATORY, 81 policy::POLICY_SCOPE_USER, 82 policy.DeepCopy(), 83 NULL); 84 handler.ApplyPolicySettings(policy_map, &prefs); 85 EXPECT_TRUE(prefs.GetValue(kTestPref, &value)); 86 EXPECT_TRUE(base::Value::Equals(&expected, value)); 87 88 policy.Append(Value::CreateStringValue("invalid")); 89 policy_map.Set(policy::key::kExtensionInstallBlacklist, 90 policy::POLICY_LEVEL_MANDATORY, 91 policy::POLICY_SCOPE_USER, 92 policy.DeepCopy(), 93 NULL); 94 handler.ApplyPolicySettings(policy_map, &prefs); 95 EXPECT_TRUE(prefs.GetValue(kTestPref, &value)); 96 EXPECT_TRUE(base::Value::Equals(&expected, value)); 97 } 98 99 TEST(ExtensionInstallForcelistPolicyHandlerTest, CheckPolicySettings) { 100 base::ListValue list; 101 policy::PolicyMap policy_map; 102 policy::PolicyErrorMap errors; 103 ExtensionInstallForcelistPolicyHandler handler; 104 105 policy_map.Set(policy::key::kExtensionInstallForcelist, 106 policy::POLICY_LEVEL_MANDATORY, 107 policy::POLICY_SCOPE_USER, 108 list.DeepCopy(), 109 NULL); 110 errors.Clear(); 111 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors)); 112 EXPECT_TRUE(errors.empty()); 113 114 list.AppendString("abcdefghijklmnopabcdefghijklmnop;http://example.com"); 115 policy_map.Set(policy::key::kExtensionInstallForcelist, 116 policy::POLICY_LEVEL_MANDATORY, 117 policy::POLICY_SCOPE_USER, 118 list.DeepCopy(), 119 NULL); 120 errors.Clear(); 121 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors)); 122 EXPECT_TRUE(errors.empty()); 123 124 // Add an erroneous entry. This should generate an error, but the good 125 // entry should still be translated successfully. 126 list.AppendString("adfasdf;http://example.com"); 127 policy_map.Set(policy::key::kExtensionInstallForcelist, 128 policy::POLICY_LEVEL_MANDATORY, 129 policy::POLICY_SCOPE_USER, 130 list.DeepCopy(), 131 NULL); 132 errors.Clear(); 133 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors)); 134 EXPECT_EQ(1U, errors.size()); 135 136 // Add an entry with bad URL, which should generate another error. 137 list.AppendString("abcdefghijklmnopabcdefghijklmnop;nourl"); 138 policy_map.Set(policy::key::kExtensionInstallForcelist, 139 policy::POLICY_LEVEL_MANDATORY, 140 policy::POLICY_SCOPE_USER, 141 list.DeepCopy(), 142 NULL); 143 errors.Clear(); 144 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors)); 145 EXPECT_EQ(2U, errors.size()); 146 147 // Just an extension ID should also generate an error. 148 list.AppendString("abcdefghijklmnopabcdefghijklmnop"); 149 policy_map.Set(policy::key::kExtensionInstallForcelist, 150 policy::POLICY_LEVEL_MANDATORY, 151 policy::POLICY_SCOPE_USER, 152 list.DeepCopy(), 153 NULL); 154 errors.Clear(); 155 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors)); 156 EXPECT_EQ(3U, errors.size()); 157 } 158 159 TEST(ExtensionInstallForcelistPolicyHandlerTest, ApplyPolicySettings) { 160 base::ListValue policy; 161 base::DictionaryValue expected; 162 policy::PolicyMap policy_map; 163 PrefValueMap prefs; 164 base::Value* value = NULL; 165 ExtensionInstallForcelistPolicyHandler handler; 166 167 handler.ApplyPolicySettings(policy_map, &prefs); 168 EXPECT_FALSE(prefs.GetValue(prefs::kExtensionInstallForceList, &value)); 169 EXPECT_FALSE(value); 170 171 policy_map.Set(policy::key::kExtensionInstallForcelist, 172 policy::POLICY_LEVEL_MANDATORY, 173 policy::POLICY_SCOPE_USER, 174 policy.DeepCopy(), 175 NULL); 176 handler.ApplyPolicySettings(policy_map, &prefs); 177 EXPECT_TRUE(prefs.GetValue(prefs::kExtensionInstallForceList, &value)); 178 EXPECT_TRUE(base::Value::Equals(&expected, value)); 179 180 policy.AppendString("abcdefghijklmnopabcdefghijklmnop;http://example.com"); 181 extensions::ExternalPolicyLoader::AddExtension( 182 &expected, "abcdefghijklmnopabcdefghijklmnop", "http://example.com"); 183 policy_map.Set(policy::key::kExtensionInstallForcelist, 184 policy::POLICY_LEVEL_MANDATORY, 185 policy::POLICY_SCOPE_USER, 186 policy.DeepCopy(), 187 NULL); 188 handler.ApplyPolicySettings(policy_map, &prefs); 189 EXPECT_TRUE(prefs.GetValue(prefs::kExtensionInstallForceList, &value)); 190 EXPECT_TRUE(base::Value::Equals(&expected, value)); 191 192 policy.AppendString("invalid"); 193 policy_map.Set(policy::key::kExtensionInstallForcelist, 194 policy::POLICY_LEVEL_MANDATORY, 195 policy::POLICY_SCOPE_USER, 196 policy.DeepCopy(), 197 NULL); 198 handler.ApplyPolicySettings(policy_map, &prefs); 199 EXPECT_TRUE(prefs.GetValue(prefs::kExtensionInstallForceList, &value)); 200 EXPECT_TRUE(base::Value::Equals(&expected, value)); 201 } 202 203 TEST(ExtensionURLPatternListPolicyHandlerTest, CheckPolicySettings) { 204 base::ListValue list; 205 policy::PolicyMap policy_map; 206 policy::PolicyErrorMap errors; 207 ExtensionURLPatternListPolicyHandler handler( 208 policy::key::kExtensionInstallSources, kTestPref); 209 210 policy_map.Set(policy::key::kExtensionInstallSources, 211 policy::POLICY_LEVEL_MANDATORY, 212 policy::POLICY_SCOPE_USER, 213 list.DeepCopy(), 214 NULL); 215 errors.Clear(); 216 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors)); 217 EXPECT_TRUE(errors.empty()); 218 219 list.Append(Value::CreateStringValue("http://*.google.com/*")); 220 policy_map.Set(policy::key::kExtensionInstallSources, 221 policy::POLICY_LEVEL_MANDATORY, 222 policy::POLICY_SCOPE_USER, 223 list.DeepCopy(), 224 NULL); 225 errors.Clear(); 226 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors)); 227 EXPECT_TRUE(errors.empty()); 228 229 list.Append(Value::CreateStringValue("<all_urls>")); 230 policy_map.Set(policy::key::kExtensionInstallSources, 231 policy::POLICY_LEVEL_MANDATORY, 232 policy::POLICY_SCOPE_USER, 233 list.DeepCopy(), 234 NULL); 235 errors.Clear(); 236 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors)); 237 EXPECT_TRUE(errors.empty()); 238 239 list.Append(Value::CreateStringValue("invalid")); 240 policy_map.Set(policy::key::kExtensionInstallSources, 241 policy::POLICY_LEVEL_MANDATORY, 242 policy::POLICY_SCOPE_USER, 243 list.DeepCopy(), 244 NULL); 245 errors.Clear(); 246 EXPECT_FALSE(handler.CheckPolicySettings(policy_map, &errors)); 247 EXPECT_FALSE(errors.empty()); 248 EXPECT_FALSE(errors.GetErrors(policy::key::kExtensionInstallSources).empty()); 249 250 // URLPattern syntax has a different way to express 'all urls'. Though '*' 251 // would be compatible today, it would be brittle, so we disallow. 252 list.Append(Value::CreateStringValue("*")); 253 policy_map.Set(policy::key::kExtensionInstallSources, 254 policy::POLICY_LEVEL_MANDATORY, 255 policy::POLICY_SCOPE_USER, 256 list.DeepCopy(), 257 NULL); 258 errors.Clear(); 259 EXPECT_FALSE(handler.CheckPolicySettings(policy_map, &errors)); 260 EXPECT_FALSE(errors.empty()); 261 EXPECT_FALSE(errors.GetErrors(policy::key::kExtensionInstallSources).empty()); 262 } 263 264 TEST(ExtensionURLPatternListPolicyHandlerTest, ApplyPolicySettings) { 265 base::ListValue list; 266 policy::PolicyMap policy_map; 267 PrefValueMap prefs; 268 base::Value* value = NULL; 269 ExtensionURLPatternListPolicyHandler handler( 270 policy::key::kExtensionInstallSources, kTestPref); 271 272 list.Append(Value::CreateStringValue("https://corp.monkey.net/*")); 273 policy_map.Set(policy::key::kExtensionInstallSources, 274 policy::POLICY_LEVEL_MANDATORY, 275 policy::POLICY_SCOPE_USER, 276 list.DeepCopy(), 277 NULL); 278 handler.ApplyPolicySettings(policy_map, &prefs); 279 ASSERT_TRUE(prefs.GetValue(kTestPref, &value)); 280 EXPECT_TRUE(base::Value::Equals(&list, value)); 281 } 282 283 } // namespace extensions 284
