Google Git
Sign in
chromium / chromium / src / c0f2f73bc76d220a37f98c6eb14f849980821842 / . / chrome / browser / extensions / policy_handlers_unittest.cc
blob: 51c8f0da730e5ab7699752447a6bf96ce21af33c [file] [log] [blame]
[email protected]01253d272013-10-21 17:07:50[diff] [blame]1// Copyright 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]5#include <utility>
6
binjin1e1cc33a2014-10-09 18:08:16[diff] [blame]7#include "base/json/json_reader.h"
Yann Dagoee291902019-08-19 15:49:06[diff] [blame]8#include "base/strings/string_number_conversions.h"
Nick Peterson6bdf5822017-06-01 20:42:45[diff] [blame]9#include "base/strings/stringprintf.h"
Yann Dagoee291902019-08-19 15:49:06[diff] [blame]10#include "base/strings/utf_string_conversions.h"
Nick Petersond952cb772018-03-07 15:46:03[diff] [blame]11#include "build/build_config.h"
Yann Dagoee291902019-08-19 15:49:06[diff] [blame]12#include "chrome/browser/extensions/extension_management_constants.h"
[email protected]01253d272013-10-21 17:07:50[diff] [blame]13#include "chrome/browser/extensions/external_policy_loader.h"
14#include "chrome/browser/extensions/policy_handlers.h"
[email protected]f6c403b2013-12-05 19:01:25[diff] [blame]15#include "components/policy/core/browser/policy_error_map.h"
[email protected]c4a138a2013-11-21 19:54:57[diff] [blame]16#include "components/policy/core/common/policy_map.h"
fhorschig64834b712015-09-21 14:20:23[diff] [blame]17#include "components/policy/core/common/policy_types.h"
binjin1e1cc33a2014-10-09 18:08:16[diff] [blame]18#include "components/policy/core/common/schema.h"
brettw39d6ba42016-08-24 16:56:38[diff] [blame]19#include "components/policy/policy_constants.h"
brettwb1fc1b82016-02-02 00:19:08[diff] [blame]20#include "components/prefs/pref_value_map.h"
Yann Dagoee291902019-08-19 15:49:06[diff] [blame]21#include "components/strings/grit/components_strings.h"
[email protected]234fc5ff2014-01-16 23:32:28[diff] [blame]22#include "extensions/browser/pref_names.h"
[email protected]01253d272013-10-21 17:07:50[diff] [blame]23#include "testing/gtest/include/gtest/gtest.h"
Yann Dagoee291902019-08-19 15:49:06[diff] [blame]24#include "ui/base/l10n/l10n_util.h"
[email protected]01253d272013-10-21 17:07:50[diff] [blame]25
Nick Petersond952cb772018-03-07 15:46:03[diff] [blame]26#if defined(OS_WIN)
27#include "base/win/win_util.h"
28#endif
29
[email protected]01253d272013-10-21 17:07:50[diff] [blame]30namespace extensions {
31
32const char kTestPref[] = "unit_test.test_pref";
binjin1e1cc33a2014-10-09 18:08:16[diff] [blame]33const char kTestManagementPolicy1[] =
34 "{"
35 " \"abcdefghijklmnopabcdefghijklmnop\": {"
36 " \"installation_mode\": \"force_installed\","
37 " },"
38 "}";
39const char kTestManagementPolicy2[] =
40 "{"
41 " \"abcdefghijklmnopabcdefghijklmnop\": {"
42 " \"installation_mode\": \"force_installed\","
43 " \"update_url\": \"http://example.com/app\","
44 " },"
45 " \"*\": {"
46 " \"installation_mode\": \"blocked\","
47 " },"
48 "}";
Nick Peterson6bdf5822017-06-01 20:42:45[diff] [blame]49const char kTestManagementPolicy3[] =
50 "{"
51 " \"*\": {"
52 " \"runtime_blocked_hosts\": [\"%s\"]"
53 " }"
54 "}";
55const char kTestManagementPolicy4[] =
56 "{"
57 " \"*\": {"
58 " \"runtime_allowed_hosts\": [\"%s\"]"
59 " }"
60 "}";
[email protected]01253d272013-10-21 17:07:50[diff] [blame]61
62TEST(ExtensionListPolicyHandlerTest, CheckPolicySettings) {
63 base::ListValue list;
64 policy::PolicyMap policy_map;
65 policy::PolicyErrorMap errors;
66 ExtensionListPolicyHandler handler(
67 policy::key::kExtensionInstallBlacklist, kTestPref, true);
68
69 policy_map.Set(policy::key::kExtensionInstallBlacklist,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]70 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
71 policy::POLICY_SOURCE_CLOUD, list.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]72 errors.Clear();
73 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
74 EXPECT_TRUE(errors.empty());
75
dchengd9ea63862016-06-03 02:27:18[diff] [blame]76 list.AppendString("abcdefghijklmnopabcdefghijklmnop");
[email protected]01253d272013-10-21 17:07:50[diff] [blame]77 policy_map.Set(policy::key::kExtensionInstallBlacklist,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]78 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
79 policy::POLICY_SOURCE_CLOUD, list.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]80 errors.Clear();
81 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
82 EXPECT_TRUE(errors.empty());
83
dchengd9ea63862016-06-03 02:27:18[diff] [blame]84 list.AppendString("*");
[email protected]01253d272013-10-21 17:07:50[diff] [blame]85 policy_map.Set(policy::key::kExtensionInstallBlacklist,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]86 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
87 policy::POLICY_SOURCE_CLOUD, list.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]88 errors.Clear();
89 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
90 EXPECT_TRUE(errors.empty());
91
dchengd9ea63862016-06-03 02:27:18[diff] [blame]92 list.AppendString("invalid");
[email protected]01253d272013-10-21 17:07:50[diff] [blame]93 policy_map.Set(policy::key::kExtensionInstallBlacklist,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]94 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
95 policy::POLICY_SOURCE_CLOUD, list.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]96 errors.Clear();
97 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
98 EXPECT_FALSE(errors.empty());
99 EXPECT_FALSE(
100 errors.GetErrors(policy::key::kExtensionInstallBlacklist).empty());
101}
102
Nick Peterson6bdf5822017-06-01 20:42:45[diff] [blame]103TEST(ExtensionSettingsPolicyHandlerTest, CheckPolicySettingsURL) {
Nick Peterson87ecb102018-10-16 04:55:01[diff] [blame]104 std::vector<std::string> good_urls = {"*://*.example.com", "*://example.com",
105 "http://cat.example.com", "<all_urls>"};
Nick Peterson6bdf5822017-06-01 20:42:45[diff] [blame]106
107 // Invalid URLPattern or with a non-standard path
108 std::vector<std::string> bad_urls = {
109 "://*.example.com", "*://example.com/cat*", "*://example.com/",
110 "*://*.example.com/*cat", "*://example.com/cat/*", "bad",
Nick Peterson87ecb102018-10-16 04:55:01[diff] [blame]111 "*://example.com/*", "https://example.*", "*://*.example.*"};
Nick Peterson6bdf5822017-06-01 20:42:45[diff] [blame]112
113 // Crafts and parses a ExtensionSettings policy to test URL parsing.
114 auto url_parses_successfully = [](const char* policy_template,
115 const std::string& url) {
116 std::string policy = base::StringPrintf(policy_template, url.c_str());
117 std::string error;
118 std::unique_ptr<base::Value> policy_value =
Lei Zhang582ecd12019-02-13 20:28:54[diff] [blame]119 base::JSONReader::ReadAndReturnErrorDeprecated(
Nick Peterson6bdf5822017-06-01 20:42:45[diff] [blame]120 policy, base::JSONParserOptions::JSON_ALLOW_TRAILING_COMMAS,
121 nullptr, &error);
122 if (!policy_value)
123 return false;
124
125 policy::Schema chrome_schema =
126 policy::Schema::Wrap(policy::GetChromeSchemaData());
127 policy::PolicyMap policy_map;
128 ExtensionSettingsPolicyHandler handler(chrome_schema);
129
130 policy_map.Set(policy::key::kExtensionSettings,
131 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
132 policy::POLICY_SOURCE_CLOUD, std::move(policy_value),
133 nullptr);
134
135 policy::PolicyErrorMap errors;
136 return handler.CheckPolicySettings(policy_map, &errors) && errors.empty();
137 };
138
139 for (const std::string& url : good_urls) {
140 EXPECT_TRUE(url_parses_successfully(kTestManagementPolicy3, url)) << url;
141 EXPECT_TRUE(url_parses_successfully(kTestManagementPolicy4, url)) << url;
142 }
143
144 for (const std::string& url : bad_urls) {
145 EXPECT_FALSE(url_parses_successfully(kTestManagementPolicy3, url)) << url;
146 EXPECT_FALSE(url_parses_successfully(kTestManagementPolicy4, url)) << url;
147 }
148}
149
[email protected]01253d272013-10-21 17:07:50[diff] [blame]150TEST(ExtensionListPolicyHandlerTest, ApplyPolicySettings) {
151 base::ListValue policy;
152 base::ListValue expected;
153 policy::PolicyMap policy_map;
154 PrefValueMap prefs;
155 base::Value* value = NULL;
156 ExtensionListPolicyHandler handler(
157 policy::key::kExtensionInstallBlacklist, kTestPref, false);
158
dchengd9ea63862016-06-03 02:27:18[diff] [blame]159 policy.AppendString("abcdefghijklmnopabcdefghijklmnop");
160 expected.AppendString("abcdefghijklmnopabcdefghijklmnop");
[email protected]01253d272013-10-21 17:07:50[diff] [blame]161
162 policy_map.Set(policy::key::kExtensionInstallBlacklist,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]163 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
164 policy::POLICY_SOURCE_CLOUD, policy.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]165 handler.ApplyPolicySettings(policy_map, &prefs);
166 EXPECT_TRUE(prefs.GetValue(kTestPref, &value));
jdoerrie8551f922017-07-25 10:55:13[diff] [blame]167 EXPECT_EQ(expected, *value);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]168
dchengd9ea63862016-06-03 02:27:18[diff] [blame]169 policy.AppendString("invalid");
[email protected]01253d272013-10-21 17:07:50[diff] [blame]170 policy_map.Set(policy::key::kExtensionInstallBlacklist,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]171 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
172 policy::POLICY_SOURCE_CLOUD, policy.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]173 handler.ApplyPolicySettings(policy_map, &prefs);
174 EXPECT_TRUE(prefs.GetValue(kTestPref, &value));
jdoerrie8551f922017-07-25 10:55:13[diff] [blame]175 EXPECT_EQ(expected, *value);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]176}
177
178TEST(ExtensionInstallForcelistPolicyHandlerTest, CheckPolicySettings) {
179 base::ListValue list;
180 policy::PolicyMap policy_map;
181 policy::PolicyErrorMap errors;
182 ExtensionInstallForcelistPolicyHandler handler;
183
Maksim Ivanoveaac2ff2018-04-16 16:23:24[diff] [blame]184 // Start with an empty policy.
[email protected]01253d272013-10-21 17:07:50[diff] [blame]185 policy_map.Set(policy::key::kExtensionInstallForcelist,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]186 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
187 policy::POLICY_SOURCE_CLOUD, list.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]188 errors.Clear();
189 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
190 EXPECT_TRUE(errors.empty());
191
Maksim Ivanoveaac2ff2018-04-16 16:23:24[diff] [blame]192 // Add a correct entry. No errors should be generated.
[email protected]01253d272013-10-21 17:07:50[diff] [blame]193 list.AppendString("abcdefghijklmnopabcdefghijklmnop;http://example.com");
194 policy_map.Set(policy::key::kExtensionInstallForcelist,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]195 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
196 policy::POLICY_SOURCE_CLOUD, list.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]197 errors.Clear();
198 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
199 EXPECT_TRUE(errors.empty());
200
201 // Add an erroneous entry. This should generate an error, but the good
202 // entry should still be translated successfully.
203 list.AppendString("adfasdf;http://example.com");
204 policy_map.Set(policy::key::kExtensionInstallForcelist,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]205 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
206 policy::POLICY_SOURCE_CLOUD, list.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]207 errors.Clear();
208 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
209 EXPECT_EQ(1U, errors.size());
210
211 // Add an entry with bad URL, which should generate another error.
212 list.AppendString("abcdefghijklmnopabcdefghijklmnop;nourl");
213 policy_map.Set(policy::key::kExtensionInstallForcelist,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]214 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
215 policy::POLICY_SOURCE_CLOUD, list.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]216 errors.Clear();
217 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
218 EXPECT_EQ(2U, errors.size());
219
Maksim Ivanoveaac2ff2018-04-16 16:23:24[diff] [blame]220 // Just an extension ID should be accepted.
[email protected]01253d272013-10-21 17:07:50[diff] [blame]221 list.AppendString("abcdefghijklmnopabcdefghijklmnop");
222 policy_map.Set(policy::key::kExtensionInstallForcelist,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]223 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
224 policy::POLICY_SOURCE_CLOUD, list.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]225 errors.Clear();
226 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
Maksim Ivanoveaac2ff2018-04-16 16:23:24[diff] [blame]227 EXPECT_EQ(2U, errors.size());
[email protected]01253d272013-10-21 17:07:50[diff] [blame]228}
229
230TEST(ExtensionInstallForcelistPolicyHandlerTest, ApplyPolicySettings) {
231 base::ListValue policy;
232 base::DictionaryValue expected;
233 policy::PolicyMap policy_map;
234 PrefValueMap prefs;
235 base::Value* value = NULL;
236 ExtensionInstallForcelistPolicyHandler handler;
237
Maksim Ivanoveaac2ff2018-04-16 16:23:24[diff] [blame]238 // Start with the policy being missing. This shouldn't affect the pref.
[email protected]01253d272013-10-21 17:07:50[diff] [blame]239 handler.ApplyPolicySettings(policy_map, &prefs);
[email protected]234fc5ff2014-01-16 23:32:28[diff] [blame]240 EXPECT_FALSE(prefs.GetValue(pref_names::kInstallForceList, &value));
[email protected]01253d272013-10-21 17:07:50[diff] [blame]241 EXPECT_FALSE(value);
242
Maksim Ivanoveaac2ff2018-04-16 16:23:24[diff] [blame]243 // Set the policy to an empty value. This shouldn't affect the pref.
[email protected]01253d272013-10-21 17:07:50[diff] [blame]244 policy_map.Set(policy::key::kExtensionInstallForcelist,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]245 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
246 policy::POLICY_SOURCE_CLOUD, policy.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]247 handler.ApplyPolicySettings(policy_map, &prefs);
[email protected]234fc5ff2014-01-16 23:32:28[diff] [blame]248 EXPECT_TRUE(prefs.GetValue(pref_names::kInstallForceList, &value));
jdoerrie8551f922017-07-25 10:55:13[diff] [blame]249 EXPECT_EQ(expected, *value);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]250
Maksim Ivanoveaac2ff2018-04-16 16:23:24[diff] [blame]251 // Add a correct entry to the policy. The pref should contain a corresponding
252 // entry.
[email protected]01253d272013-10-21 17:07:50[diff] [blame]253 policy.AppendString("abcdefghijklmnopabcdefghijklmnop;http://example.com");
254 extensions::ExternalPolicyLoader::AddExtension(
255 &expected, "abcdefghijklmnopabcdefghijklmnop", "http://example.com");
256 policy_map.Set(policy::key::kExtensionInstallForcelist,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]257 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
258 policy::POLICY_SOURCE_CLOUD, policy.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]259 handler.ApplyPolicySettings(policy_map, &prefs);
[email protected]234fc5ff2014-01-16 23:32:28[diff] [blame]260 EXPECT_TRUE(prefs.GetValue(pref_names::kInstallForceList, &value));
jdoerrie8551f922017-07-25 10:55:13[diff] [blame]261 EXPECT_EQ(expected, *value);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]262
Maksim Ivanoveaac2ff2018-04-16 16:23:24[diff] [blame]263 // Add a correct entry with an omitted update URL. The pref should contain now
264 // two entries, with the default update URL substituted for the new entry.
265 // Note: the URL hardcoded below is part of the public policy contract (as
266 // documented in the policy_templates.json file), and therefore any changes to
267 // it must be carefully thought out.
268 policy.AppendString("bcdefghijklmnopabcdefghijklmnopa");
269 extensions::ExternalPolicyLoader::AddExtension(
270 &expected, "bcdefghijklmnopabcdefghijklmnopa",
271 "https://clients2.google.com/service/update2/crx");
272 policy_map.Set(policy::key::kExtensionInstallForcelist,
273 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
274 policy::POLICY_SOURCE_CLOUD, policy.CreateDeepCopy(), nullptr);
275 handler.ApplyPolicySettings(policy_map, &prefs);
276 EXPECT_TRUE(prefs.GetValue(pref_names::kInstallForceList, &value));
277 EXPECT_EQ(expected, *value);
278
279 // Add an invalid entry. The pref should still contain two previous entries.
[email protected]01253d272013-10-21 17:07:50[diff] [blame]280 policy.AppendString("invalid");
281 policy_map.Set(policy::key::kExtensionInstallForcelist,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]282 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
283 policy::POLICY_SOURCE_CLOUD, policy.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]284 handler.ApplyPolicySettings(policy_map, &prefs);
[email protected]234fc5ff2014-01-16 23:32:28[diff] [blame]285 EXPECT_TRUE(prefs.GetValue(pref_names::kInstallForceList, &value));
jdoerrie8551f922017-07-25 10:55:13[diff] [blame]286 EXPECT_EQ(expected, *value);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]287}
288
289TEST(ExtensionURLPatternListPolicyHandlerTest, CheckPolicySettings) {
290 base::ListValue list;
291 policy::PolicyMap policy_map;
292 policy::PolicyErrorMap errors;
293 ExtensionURLPatternListPolicyHandler handler(
294 policy::key::kExtensionInstallSources, kTestPref);
295
296 policy_map.Set(policy::key::kExtensionInstallSources,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]297 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
298 policy::POLICY_SOURCE_CLOUD, list.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]299 errors.Clear();
300 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
301 EXPECT_TRUE(errors.empty());
302
dchengd9ea63862016-06-03 02:27:18[diff] [blame]303 list.AppendString("http://*.google.com/*");
[email protected]01253d272013-10-21 17:07:50[diff] [blame]304 policy_map.Set(policy::key::kExtensionInstallSources,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]305 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
306 policy::POLICY_SOURCE_CLOUD, list.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]307 errors.Clear();
308 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
309 EXPECT_TRUE(errors.empty());
310
dchengd9ea63862016-06-03 02:27:18[diff] [blame]311 list.AppendString("<all_urls>");
[email protected]01253d272013-10-21 17:07:50[diff] [blame]312 policy_map.Set(policy::key::kExtensionInstallSources,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]313 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
314 policy::POLICY_SOURCE_CLOUD, list.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]315 errors.Clear();
316 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
317 EXPECT_TRUE(errors.empty());
318
dchengd9ea63862016-06-03 02:27:18[diff] [blame]319 list.AppendString("invalid");
[email protected]01253d272013-10-21 17:07:50[diff] [blame]320 policy_map.Set(policy::key::kExtensionInstallSources,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]321 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
322 policy::POLICY_SOURCE_CLOUD, list.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]323 errors.Clear();
324 EXPECT_FALSE(handler.CheckPolicySettings(policy_map, &errors));
325 EXPECT_FALSE(errors.empty());
326 EXPECT_FALSE(errors.GetErrors(policy::key::kExtensionInstallSources).empty());
327
328 // URLPattern syntax has a different way to express 'all urls'. Though '*'
329 // would be compatible today, it would be brittle, so we disallow.
dchengd9ea63862016-06-03 02:27:18[diff] [blame]330 list.AppendString("*");
[email protected]01253d272013-10-21 17:07:50[diff] [blame]331 policy_map.Set(policy::key::kExtensionInstallSources,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]332 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
333 policy::POLICY_SOURCE_CLOUD, list.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]334 errors.Clear();
335 EXPECT_FALSE(handler.CheckPolicySettings(policy_map, &errors));
336 EXPECT_FALSE(errors.empty());
337 EXPECT_FALSE(errors.GetErrors(policy::key::kExtensionInstallSources).empty());
338}
339
340TEST(ExtensionURLPatternListPolicyHandlerTest, ApplyPolicySettings) {
341 base::ListValue list;
342 policy::PolicyMap policy_map;
343 PrefValueMap prefs;
344 base::Value* value = NULL;
345 ExtensionURLPatternListPolicyHandler handler(
346 policy::key::kExtensionInstallSources, kTestPref);
347
dchengd9ea63862016-06-03 02:27:18[diff] [blame]348 list.AppendString("https://corp.monkey.net/*");
[email protected]01253d272013-10-21 17:07:50[diff] [blame]349 policy_map.Set(policy::key::kExtensionInstallSources,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]350 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
351 policy::POLICY_SOURCE_CLOUD, list.CreateDeepCopy(), nullptr);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]352 handler.ApplyPolicySettings(policy_map, &prefs);
353 ASSERT_TRUE(prefs.GetValue(kTestPref, &value));
jdoerrie8551f922017-07-25 10:55:13[diff] [blame]354 EXPECT_EQ(list, *value);
[email protected]01253d272013-10-21 17:07:50[diff] [blame]355}
356
binjin1e1cc33a2014-10-09 18:08:16[diff] [blame]357TEST(ExtensionSettingsPolicyHandlerTest, CheckPolicySettings) {
358 std::string error;
dchengc963c7142016-04-08 03:55:22[diff] [blame]359 std::unique_ptr<base::Value> policy_value =
Lei Zhang582ecd12019-02-13 20:28:54[diff] [blame]360 base::JSONReader::ReadAndReturnErrorDeprecated(
dchengc963c7142016-04-08 03:55:22[diff] [blame]361 kTestManagementPolicy1,
362 base::JSONParserOptions::JSON_ALLOW_TRAILING_COMMAS, NULL, &error);
binjin1e1cc33a2014-10-09 18:08:16[diff] [blame]363 ASSERT_TRUE(policy_value.get()) << error;
364
365 policy::Schema chrome_schema =
366 policy::Schema::Wrap(policy::GetChromeSchemaData());
367 policy::PolicyMap policy_map;
368 policy::PolicyErrorMap errors;
369 ExtensionSettingsPolicyHandler handler(chrome_schema);
370
371 policy_map.Set(policy::key::kExtensionSettings,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]372 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
373 policy::POLICY_SOURCE_CLOUD, std::move(policy_value), nullptr);
binjin1e1cc33a2014-10-09 18:08:16[diff] [blame]374 // CheckPolicySettings() fails due to missing update URL.
375 EXPECT_FALSE(handler.CheckPolicySettings(policy_map, &errors));
376 EXPECT_FALSE(errors.empty());
377}
378
Yann Dagoee291902019-08-19 15:49:06[diff] [blame]379TEST(ExtensionSettingsPolicyHandlerTest, CheckPolicySettingsTooManyHosts) {
380 const char policy_template[] =
381 "{"
382 " \"*\": {"
383 " \"runtime_blocked_hosts\": [%s],"
384 " \"runtime_allowed_hosts\": [%s]"
385 " }"
386 "}";
387
388 std::string urls;
389 for (size_t i = 0; i < 101; ++i)
390 urls.append("\"*://example" + base::NumberToString(i) + ".com\",");
391
392 std::string policy =
393 base::StringPrintf(policy_template, urls.c_str(), urls.c_str());
394
395 std::string error;
396 auto policy_value = base::JSONReader::ReadAndReturnValueWithError(
397 policy, base::JSONParserOptions::JSON_ALLOW_TRAILING_COMMAS);
398 policy::Schema chrome_schema =
399 policy::Schema::Wrap(policy::GetChromeSchemaData());
400 policy::PolicyMap policy_map;
401 policy::PolicyErrorMap errors;
402 ExtensionSettingsPolicyHandler handler(chrome_schema);
403
404 policy_map.Set(policy::key::kExtensionSettings,
405 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
406 policy::POLICY_SOURCE_CLOUD,
407 policy_value.value.value().CreateDeepCopy(), nullptr);
408
409 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
410 EXPECT_EQ(2u, errors.size());
411 auto error_str = errors.GetErrors(policy::key::kExtensionSettings);
412 auto expected_allowed = l10n_util::GetStringFUTF16(
413 IDS_POLICY_EXTENSION_SETTINGS_ORIGIN_LIMIT_WARNING,
414 base::NumberToString16(schema_constants::kMaxItemsURLPatternSet));
415 auto expected_blocked = l10n_util::GetStringFUTF16(
416 IDS_POLICY_EXTENSION_SETTINGS_ORIGIN_LIMIT_WARNING,
417 base::NumberToString16(schema_constants::kMaxItemsURLPatternSet));
418
419 EXPECT_TRUE(error_str.find(expected_allowed) != std::wstring::npos);
420 EXPECT_TRUE(error_str.find(expected_blocked) != std::wstring::npos);
421}
422
binjin1e1cc33a2014-10-09 18:08:16[diff] [blame]423TEST(ExtensionSettingsPolicyHandlerTest, ApplyPolicySettings) {
Nick Petersond952cb772018-03-07 15:46:03[diff] [blame]424// Mark as enterprise managed.
425#if defined(OS_WIN)
Roger Tawac1b544a82018-08-24 16:23:25[diff] [blame]426 base::win::ScopedDomainStateForTesting scoped_domain(true);
Nick Petersond952cb772018-03-07 15:46:03[diff] [blame]427#endif
428
binjin1e1cc33a2014-10-09 18:08:16[diff] [blame]429 std::string error;
dchengc963c7142016-04-08 03:55:22[diff] [blame]430 std::unique_ptr<base::Value> policy_value =
Lei Zhang582ecd12019-02-13 20:28:54[diff] [blame]431 base::JSONReader::ReadAndReturnErrorDeprecated(
dchengc963c7142016-04-08 03:55:22[diff] [blame]432 kTestManagementPolicy2,
433 base::JSONParserOptions::JSON_ALLOW_TRAILING_COMMAS, NULL, &error);
binjin1e1cc33a2014-10-09 18:08:16[diff] [blame]434 ASSERT_TRUE(policy_value.get()) << error;
435
436 policy::Schema chrome_schema =
437 policy::Schema::Wrap(policy::GetChromeSchemaData());
438 policy::PolicyMap policy_map;
439 policy::PolicyErrorMap errors;
440 PrefValueMap prefs;
441 ExtensionSettingsPolicyHandler handler(chrome_schema);
442
443 policy_map.Set(policy::key::kExtensionSettings,
dcheng3b344bc22016-05-10 02:26:09[diff] [blame]444 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
445 policy::POLICY_SOURCE_CLOUD, policy_value->CreateDeepCopy(),
446 nullptr);
binjin1e1cc33a2014-10-09 18:08:16[diff] [blame]447 EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
448 handler.ApplyPolicySettings(policy_map, &prefs);
449 base::Value* value = NULL;
450 ASSERT_TRUE(prefs.GetValue(pref_names::kExtensionManagement, &value));
jdoerrie8551f922017-07-25 10:55:13[diff] [blame]451 EXPECT_EQ(*policy_value, *value);
binjin1e1cc33a2014-10-09 18:08:16[diff] [blame]452}
453
Nick Petersond952cb772018-03-07 15:46:03[diff] [blame]454// Only enterprise managed machines can auto install extensions from a location
455// other than the webstore https://crbug.com/809004.
456#if defined(OS_WIN)
457TEST(ExtensionSettingsPolicyHandlerTest, NonManagedOffWebstoreExtension) {
458 // Mark as not enterprise managed.
Roger Tawac1b544a82018-08-24 16:23:25[diff] [blame]459 base::win::ScopedDomainStateForTesting scoped_domain(false);
Nick Petersond952cb772018-03-07 15:46:03[diff] [blame]460
461 std::string error;
462 std::unique_ptr<base::Value> policy_value =
Lei Zhang582ecd12019-02-13 20:28:54[diff] [blame]463 base::JSONReader::ReadAndReturnErrorDeprecated(
Nick Petersond952cb772018-03-07 15:46:03[diff] [blame]464 kTestManagementPolicy2,
465 base::JSONParserOptions::JSON_ALLOW_TRAILING_COMMAS, nullptr, &error);
466 ASSERT_TRUE(policy_value.get()) << error;
467
468 policy::Schema chrome_schema =
469 policy::Schema::Wrap(policy::GetChromeSchemaData());
470 policy::PolicyMap policy_map;
471 policy::PolicyErrorMap errors;
472 PrefValueMap prefs;
473 ExtensionSettingsPolicyHandler handler(chrome_schema);
474
475 policy_map.Set(policy::key::kExtensionSettings,
476 policy::POLICY_LEVEL_MANDATORY, policy::POLICY_SCOPE_USER,
477 policy::POLICY_SOURCE_CLOUD, policy_value->CreateDeepCopy(),
478 nullptr);
479 EXPECT_FALSE(handler.CheckPolicySettings(policy_map, &errors));
480 EXPECT_FALSE(errors.empty());
481}
482#endif
483
[email protected]01253d272013-10-21 17:07:50[diff] [blame]484} // namespace extensions