1 // Copyright 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "chrome/browser/chromeos/extensions/device_local_account_management_policy_provider.h" 6 7 #include <string> 8 9 #include "base/files/file_path.h" 10 #include "base/memory/ref_counted.h" 11 #include "base/values.h" 12 #include "extensions/common/extension.h" 13 #include "extensions/common/manifest.h" 14 #include "extensions/common/manifest_constants.h" 15 #include "testing/gtest/include/gtest/gtest.h" 16 17 namespace chromeos { 18 19 namespace { 20 21 const char kWhitelistedId[] = "cbkkbcmdlboombapidmoeolnmdacpkch"; 22 23 scoped_refptr<const extensions::Extension> CreateExtensionFromValues( 24 const std::string& id, 25 extensions::Manifest::Location location, 26 base::DictionaryValue* values) { 27 values->SetString(extensions::manifest_keys::kName, "test"); 28 values->SetString(extensions::manifest_keys::kVersion, "0.1"); 29 std::string error; 30 return extensions::Extension::Create(base::FilePath(), 31 location, 32 *values, 33 extensions::Extension::NO_FLAGS, 34 id, 35 &error); 36 } 37 38 scoped_refptr<const extensions::Extension> CreateRegularExtension( 39 const std::string& id) { 40 base::DictionaryValue values; 41 return CreateExtensionFromValues(id, extensions::Manifest::INTERNAL, &values); 42 } 43 44 scoped_refptr<const extensions::Extension> CreateExternalComponentExtension() { 45 base::DictionaryValue values; 46 return CreateExtensionFromValues(std::string(), 47 extensions::Manifest::EXTERNAL_COMPONENT, 48 &values); 49 } 50 51 scoped_refptr<const extensions::Extension> CreateHostedApp() { 52 base::DictionaryValue values; 53 values.Set(extensions::manifest_keys::kApp, new base::DictionaryValue); 54 values.Set(extensions::manifest_keys::kWebURLs, new base::ListValue); 55 return CreateExtensionFromValues(std::string(), 56 extensions::Manifest::INTERNAL, 57 &values); 58 } 59 60 scoped_refptr<const extensions::Extension> CreatePlatformApp() { 61 base::DictionaryValue values; 62 values.Set(extensions::manifest_keys::kApp, new base::DictionaryValue); 63 values.Set(extensions::manifest_keys::kPlatformAppBackground, 64 new base::DictionaryValue); 65 values.Set(extensions::manifest_keys::kPlatformAppBackgroundPage, 66 new base::StringValue("background.html")); 67 return CreateExtensionFromValues(std::string(), 68 extensions::Manifest::INTERNAL, 69 &values); 70 } 71 72 } // namespace 73 74 TEST(DeviceLocalAccountManagementPolicyProviderTest, PublicSession) { 75 DeviceLocalAccountManagementPolicyProvider 76 provider(policy::DeviceLocalAccount::TYPE_PUBLIC_SESSION); 77 78 // Verify that if an extension's location has been whitelisted for use in 79 // public sessions, the extension can be installed. 80 scoped_refptr<const extensions::Extension> extension = 81 CreateExternalComponentExtension(); 82 ASSERT_TRUE(extension); 83 base::string16 error; 84 EXPECT_TRUE(provider.UserMayLoad(extension.get(), &error)); 85 EXPECT_EQ(base::string16(), error); 86 error.clear(); 87 88 // Verify that if an extension's type has been whitelisted for use in 89 // device-local accounts, the extension can be installed. 90 extension = CreateHostedApp(); 91 ASSERT_TRUE(extension); 92 EXPECT_TRUE(provider.UserMayLoad(extension.get(), &error)); 93 EXPECT_EQ(base::string16(), error); 94 error.clear(); 95 96 // Verify that if an extension's ID has been explicitly whitelisted for use in 97 // device-local accounts, the extension can be installed. 98 extension = CreateRegularExtension(kWhitelistedId); 99 ASSERT_TRUE(extension); 100 EXPECT_TRUE(provider.UserMayLoad(extension.get(), &error)); 101 EXPECT_EQ(base::string16(), error); 102 error.clear(); 103 104 // Verify that if neither the location, type nor the ID of an extension have 105 // been whitelisted for use in public sessions, the extension cannot be 106 // installed. 107 extension = CreateRegularExtension(std::string()); 108 ASSERT_TRUE(extension); 109 EXPECT_FALSE(provider.UserMayLoad(extension.get(), &error)); 110 EXPECT_NE(base::string16(), error); 111 error.clear(); 112 } 113 114 TEST(DeviceLocalAccountManagementPolicyProviderTest, KioskAppSession) { 115 DeviceLocalAccountManagementPolicyProvider 116 provider(policy::DeviceLocalAccount::TYPE_KIOSK_APP); 117 118 // Verify that a platform app can be installed. 119 scoped_refptr<const extensions::Extension> extension = CreatePlatformApp(); 120 ASSERT_TRUE(extension); 121 base::string16 error; 122 EXPECT_TRUE(provider.UserMayLoad(extension.get(), &error)); 123 EXPECT_EQ(base::string16(), error); 124 error.clear(); 125 126 // Verify that an extension whose location has been whitelisted for use in 127 // other types of device-local accounts cannot be installed in a single-app 128 // kiosk session. 129 extension = CreateExternalComponentExtension(); 130 ASSERT_TRUE(extension); 131 EXPECT_FALSE(provider.UserMayLoad(extension.get(), &error)); 132 EXPECT_NE(base::string16(), error); 133 error.clear(); 134 135 // Verify that an extension whose type has been whitelisted for use in other 136 // types of device-local accounts cannot be installed in a single-app kiosk 137 // session. 138 extension = CreateHostedApp(); 139 ASSERT_TRUE(extension); 140 EXPECT_FALSE(provider.UserMayLoad(extension.get(), &error)); 141 EXPECT_NE(base::string16(), error); 142 error.clear(); 143 144 // Verify that an extension whose ID has been whitelisted for use in other 145 // types of device-local accounts cannot be installed in a single-app kiosk 146 // session. 147 extension = CreateRegularExtension(kWhitelistedId); 148 ASSERT_TRUE(extension); 149 EXPECT_FALSE(provider.UserMayLoad(extension.get(), &error)); 150 EXPECT_NE(base::string16(), error); 151 error.clear(); 152 } 153 154 } // namespace chromeos 155
