king
/
v811_spc009
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd5f7aa4152'
${ noResults }
v811_spc009/external/libbrillo/policy/tests/device_policy_impl_test.cc

361 lines
14 KiB
Raw Blame History

// Copyright 2017 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include <gmock/gmock.h>
#include <gtest/gtest.h>
#include "policy/device_policy_impl.h"
#include "bindings/chrome_device_policy.pb.h"
#include "install_attributes/mock_install_attributes_reader.h"
namespace em = enterprise_management;
using testing::ElementsAre;
namespace policy {
class DevicePolicyImplTest : public testing::Test, public DevicePolicyImpl {
protected:
void InitializePolicy(const char* device_mode,
const em::ChromeDeviceSettingsProto& proto) {
device_policy_.set_policy_for_testing(proto);
device_policy_.set_install_attributes_for_testing(
std::make_unique<MockInstallAttributesReader>(device_mode,
true /* initialized */));
}
DevicePolicyImpl device_policy_;
};
// Enterprise managed.
TEST_F(DevicePolicyImplTest, GetOwner_Managed) {
em::PolicyData policy_data;
policy_data.set_username("user@example.com");
policy_data.set_management_mode(em::PolicyData::ENTERPRISE_MANAGED);
device_policy_.set_policy_data_for_testing(policy_data);
std::string owner("something");
EXPECT_TRUE(device_policy_.GetOwner(&owner));
EXPECT_TRUE(owner.empty());
}
// Consumer owned.
TEST_F(DevicePolicyImplTest, GetOwner_Consumer) {
em::PolicyData policy_data;
policy_data.set_username("user@example.com");
policy_data.set_management_mode(em::PolicyData::LOCAL_OWNER);
policy_data.set_request_token("codepath-must-ignore-dmtoken");
device_policy_.set_policy_data_for_testing(policy_data);
std::string owner;
EXPECT_TRUE(device_policy_.GetOwner(&owner));
EXPECT_EQ("user@example.com", owner);
}
// Consumer owned, username is missing.
TEST_F(DevicePolicyImplTest, GetOwner_ConsumerMissingUsername) {
em::PolicyData policy_data;
device_policy_.set_policy_data_for_testing(policy_data);
std::string owner("something");
EXPECT_FALSE(device_policy_.GetOwner(&owner));
EXPECT_EQ("something", owner);
}
// Enterprise managed, denoted by management_mode.
TEST_F(DevicePolicyImplTest, IsEnterpriseManaged_ManagementModeManaged) {
em::PolicyData policy_data;
policy_data.set_management_mode(em::PolicyData::ENTERPRISE_MANAGED);
device_policy_.set_policy_data_for_testing(policy_data);
EXPECT_TRUE(device_policy_.IsEnterpriseManaged());
}
// Enterprise managed, fallback to DM token.
TEST_F(DevicePolicyImplTest, IsEnterpriseManaged_DMTokenManaged) {
em::PolicyData policy_data;
policy_data.set_request_token("abc");
device_policy_.set_policy_data_for_testing(policy_data);
EXPECT_TRUE(device_policy_.IsEnterpriseManaged());
}
// Consumer owned, denoted by management_mode.
TEST_F(DevicePolicyImplTest, IsEnterpriseManaged_ManagementModeConsumer) {
em::PolicyData policy_data;
policy_data.set_management_mode(em::PolicyData::LOCAL_OWNER);
policy_data.set_request_token("codepath-must-ignore-dmtoken");
device_policy_.set_policy_data_for_testing(policy_data);
EXPECT_FALSE(device_policy_.IsEnterpriseManaged());
}
// Consumer owned, fallback to interpreting absence of DM token.
TEST_F(DevicePolicyImplTest, IsEnterpriseManaged_DMTokenConsumer) {
em::PolicyData policy_data;
device_policy_.set_policy_data_for_testing(policy_data);
EXPECT_FALSE(device_policy_.IsEnterpriseManaged());
}
// RollbackAllowedMilestones is not set.
TEST_F(DevicePolicyImplTest, GetRollbackAllowedMilestones_NotSet) {
device_policy_.set_install_attributes_for_testing(
std::make_unique<MockInstallAttributesReader>(
InstallAttributesReader::kDeviceModeEnterprise, true));
int value = -1;
ASSERT_TRUE(device_policy_.GetRollbackAllowedMilestones(&value));
EXPECT_EQ(4, value);
}
// RollbackAllowedMilestones is set to a valid value.
TEST_F(DevicePolicyImplTest, GetRollbackAllowedMilestones_Set) {
em::ChromeDeviceSettingsProto device_policy_proto;
em::AutoUpdateSettingsProto* auto_update_settings =
device_policy_proto.mutable_auto_update_settings();
auto_update_settings->set_rollback_allowed_milestones(3);
InitializePolicy(InstallAttributesReader::kDeviceModeEnterprise,
device_policy_proto);
int value = -1;
ASSERT_TRUE(device_policy_.GetRollbackAllowedMilestones(&value));
EXPECT_EQ(3, value);
}
// RollbackAllowedMilestones is set to a valid value, using AD.
TEST_F(DevicePolicyImplTest, GetRollbackAllowedMilestones_SetAD) {
em::ChromeDeviceSettingsProto device_policy_proto;
em::AutoUpdateSettingsProto* auto_update_settings =
device_policy_proto.mutable_auto_update_settings();
auto_update_settings->set_rollback_allowed_milestones(3);
InitializePolicy(InstallAttributesReader::kDeviceModeEnterpriseAD,
device_policy_proto);
int value = -1;
ASSERT_TRUE(device_policy_.GetRollbackAllowedMilestones(&value));
EXPECT_EQ(3, value);
}
// RollbackAllowedMilestones is set to a valid value, but it's not an enterprise
// device.
TEST_F(DevicePolicyImplTest, GetRollbackAllowedMilestones_SetConsumer) {
em::ChromeDeviceSettingsProto device_policy_proto;
em::AutoUpdateSettingsProto* auto_update_settings =
device_policy_proto.mutable_auto_update_settings();
auto_update_settings->set_rollback_allowed_milestones(3);
InitializePolicy(InstallAttributesReader::kDeviceModeConsumer,
device_policy_proto);
int value = -1;
ASSERT_FALSE(device_policy_.GetRollbackAllowedMilestones(&value));
}
// RollbackAllowedMilestones is set to an invalid value.
TEST_F(DevicePolicyImplTest, GetRollbackAllowedMilestones_SetTooLarge) {
em::ChromeDeviceSettingsProto device_policy_proto;
em::AutoUpdateSettingsProto* auto_update_settings =
device_policy_proto.mutable_auto_update_settings();
auto_update_settings->set_rollback_allowed_milestones(10);
InitializePolicy(InstallAttributesReader::kDeviceModeEnterprise,
device_policy_proto);
int value = -1;
ASSERT_TRUE(device_policy_.GetRollbackAllowedMilestones(&value));
EXPECT_EQ(4, value);
}
// RollbackAllowedMilestones is set to an invalid value.
TEST_F(DevicePolicyImplTest, GetRollbackAllowedMilestones_SetTooSmall) {
em::ChromeDeviceSettingsProto device_policy_proto;
em::AutoUpdateSettingsProto* auto_update_settings =
device_policy_proto.mutable_auto_update_settings();
auto_update_settings->set_rollback_allowed_milestones(-1);
InitializePolicy(InstallAttributesReader::kDeviceModeEnterprise,
device_policy_proto);
int value = -1;
ASSERT_TRUE(device_policy_.GetRollbackAllowedMilestones(&value));
EXPECT_EQ(0, value);
}
// Update staging schedule has no values
TEST_F(DevicePolicyImplTest, GetDeviceUpdateStagingSchedule_NoValues) {
em::ChromeDeviceSettingsProto device_policy_proto;
em::AutoUpdateSettingsProto* auto_update_settings =
device_policy_proto.mutable_auto_update_settings();
auto_update_settings->set_staging_schedule("[]");
InitializePolicy(InstallAttributesReader::kDeviceModeEnterprise,
device_policy_proto);
std::vector<DayPercentagePair> staging_schedule;
ASSERT_TRUE(device_policy_.GetDeviceUpdateStagingSchedule(&staging_schedule));
EXPECT_EQ(0, staging_schedule.size());
}
// Update staging schedule has valid values
TEST_F(DevicePolicyImplTest, GetDeviceUpdateStagingSchedule_Valid) {
em::ChromeDeviceSettingsProto device_policy_proto;
em::AutoUpdateSettingsProto* auto_update_settings =
device_policy_proto.mutable_auto_update_settings();
auto_update_settings->set_staging_schedule(
"[{\"days\": 4, \"percentage\": 40}, {\"days\": 10, \"percentage\": "
"100}]");
InitializePolicy(InstallAttributesReader::kDeviceModeEnterprise,
device_policy_proto);
std::vector<DayPercentagePair> staging_schedule;
ASSERT_TRUE(device_policy_.GetDeviceUpdateStagingSchedule(&staging_schedule));
EXPECT_THAT(staging_schedule, ElementsAre(DayPercentagePair{4, 40},
DayPercentagePair{10, 100}));
}
// Update staging schedule has valid values, set using AD.
TEST_F(DevicePolicyImplTest, GetDeviceUpdateStagingSchedule_Valid_AD) {
em::ChromeDeviceSettingsProto device_policy_proto;
em::AutoUpdateSettingsProto* auto_update_settings =
device_policy_proto.mutable_auto_update_settings();
auto_update_settings->set_staging_schedule(
"[{\"days\": 4, \"percentage\": 40}, {\"days\": 10, \"percentage\": "
"100}]");
InitializePolicy(InstallAttributesReader::kDeviceModeEnterpriseAD,
device_policy_proto);
std::vector<DayPercentagePair> staging_schedule;
ASSERT_TRUE(device_policy_.GetDeviceUpdateStagingSchedule(&staging_schedule));
EXPECT_THAT(staging_schedule, ElementsAre(DayPercentagePair{4, 40},
DayPercentagePair{10, 100}));
}
// Update staging schedule has values with values set larger than the max
// allowed days/percentage and smaller than the min allowed days/percentage.
TEST_F(DevicePolicyImplTest,
GetDeviceUpdateStagingSchedule_SetOutsideAllowable) {
em::ChromeDeviceSettingsProto device_policy_proto;
em::AutoUpdateSettingsProto* auto_update_settings =
device_policy_proto.mutable_auto_update_settings();
auto_update_settings->set_staging_schedule(
"[{\"days\": -1, \"percentage\": -10}, {\"days\": 30, \"percentage\": "
"110}]");
InitializePolicy(InstallAttributesReader::kDeviceModeEnterprise,
device_policy_proto);
std::vector<DayPercentagePair> staging_schedule;
ASSERT_TRUE(device_policy_.GetDeviceUpdateStagingSchedule(&staging_schedule));
EXPECT_THAT(staging_schedule,
ElementsAre(DayPercentagePair{1, 0}, DayPercentagePair{28, 100}));
}
// Updates should only be disabled for enterprise managed devices.
TEST_F(DevicePolicyImplTest, GetUpdateDisabled_SetConsumer) {
em::ChromeDeviceSettingsProto device_policy_proto;
em::AutoUpdateSettingsProto* auto_update_settings =
device_policy_proto.mutable_auto_update_settings();
auto_update_settings->set_update_disabled(true);
InitializePolicy(InstallAttributesReader::kDeviceModeConsumer,
device_policy_proto);
bool value;
ASSERT_FALSE(device_policy_.GetUpdateDisabled(&value));
}
// Updates should only be pinned on enterprise managed devices.
TEST_F(DevicePolicyImplTest, GetTargetVersionPrefix_SetConsumer) {
em::ChromeDeviceSettingsProto device_policy_proto;
em::AutoUpdateSettingsProto* auto_update_settings =
device_policy_proto.mutable_auto_update_settings();
auto_update_settings->set_target_version_prefix("hello");
InitializePolicy(InstallAttributesReader::kDeviceModeConsumer,
device_policy_proto);
std::string value = "";
ASSERT_FALSE(device_policy_.GetTargetVersionPrefix(&value));
}
// The allowed connection types should only be changed in enterprise devices.
TEST_F(DevicePolicyImplTest, GetAllowedConnectionTypesForUpdate_SetConsumer) {
em::ChromeDeviceSettingsProto device_policy_proto;
em::AutoUpdateSettingsProto* auto_update_settings =
device_policy_proto.mutable_auto_update_settings();
auto_update_settings->add_allowed_connection_types(
em::AutoUpdateSettingsProto::CONNECTION_TYPE_ETHERNET);
InitializePolicy(InstallAttributesReader::kDeviceModeConsumer,
device_policy_proto);
std::set<std::string> value;
ASSERT_FALSE(device_policy_.GetAllowedConnectionTypesForUpdate(&value));
}
// Update time restrictions should only be used in enterprise devices.
TEST_F(DevicePolicyImplTest, GetDisallowedTimeIntervals_SetConsumer) {
em::ChromeDeviceSettingsProto device_policy_proto;
em::AutoUpdateSettingsProto* auto_update_settings =
device_policy_proto.mutable_auto_update_settings();
auto_update_settings->set_disallowed_time_intervals(
"[{\"start\": {\"day_of_week\": \"Monday\", \"hours\": 10, \"minutes\": "
"0}, \"end\": {\"day_of_week\": \"Monday\", \"hours\": 10, \"minutes\": "
"0}}]");
InitializePolicy(InstallAttributesReader::kDeviceModeConsumer,
device_policy_proto);
std::vector<WeeklyTimeInterval> value;
ASSERT_FALSE(device_policy_.GetDisallowedTimeIntervals(&value));
}
// |DeviceQuickFixBuildToken| is set when device is enterprise enrolled.
TEST_F(DevicePolicyImplTest, GetDeviceQuickFixBuildToken_Set) {
const char kToken[] = "some_token";
em::ChromeDeviceSettingsProto device_policy_proto;
em::AutoUpdateSettingsProto* auto_update_settings =
device_policy_proto.mutable_auto_update_settings();
auto_update_settings->set_device_quick_fix_build_token(kToken);
InitializePolicy(InstallAttributesReader::kDeviceModeEnterprise,
device_policy_proto);
std::string value;
EXPECT_TRUE(device_policy_.GetDeviceQuickFixBuildToken(&value));
EXPECT_EQ(value, kToken);
}
// If the device is not enterprise-enrolled, |GetDeviceQuickFixBuildToken|
// does not provide a token even if it is present in local device settings.
TEST_F(DevicePolicyImplTest, GetDeviceQuickFixBuildToken_NotSet) {
const char kToken[] = "some_token";
em::ChromeDeviceSettingsProto device_policy_proto;
em::AutoUpdateSettingsProto* auto_update_settings =
device_policy_proto.mutable_auto_update_settings();
auto_update_settings->set_device_quick_fix_build_token(kToken);
InitializePolicy(InstallAttributesReader::kDeviceModeConsumer,
device_policy_proto);
std::string value;
EXPECT_FALSE(device_policy_.GetDeviceQuickFixBuildToken(&value));
EXPECT_TRUE(value.empty());
}
// Should only write a value and return true if the ID is present.
TEST_F(DevicePolicyImplTest, GetDeviceDirectoryApiId_Set) {
constexpr char kDummyDeviceId[] = "aa-bb-cc-dd";
em::PolicyData policy_data;
policy_data.set_directory_api_id(kDummyDeviceId);
device_policy_.set_policy_data_for_testing(policy_data);
std::string id;
EXPECT_TRUE(device_policy_.GetDeviceDirectoryApiId(&id));
EXPECT_EQ(kDummyDeviceId, id);
}
TEST_F(DevicePolicyImplTest, GetDeviceDirectoryApiId_NotSet) {
em::PolicyData policy_data;
device_policy_.set_policy_data_for_testing(policy_data);
std::string id;
EXPECT_FALSE(device_policy_.GetDeviceDirectoryApiId(&id));
EXPECT_TRUE(id.empty());
}
} // namespace policy
Reference in new issue View Git Blame Copy Permalink