Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_update_engine / 0adbc94a889cc2d1558dabf0c70ac3be8853051f / . / policy_manager / chromeos_policy_unittest.cc
blob: 69f092f461589ba0e66a8a2f41f348bea982dd60 [file] [log] [blame]
Alex Deymo0d11c602014-04-23 20:12:20 -0700[diff] [blame]1// Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "update_engine/policy_manager/chromeos_policy.h"
6
Gilad Arnold0adbc942014-05-12 10:35:43 -0700[diff] [blame^]7#include <set>
Alex Deymo0d11c602014-04-23 20:12:20 -0700[diff] [blame]8#include <string>
9
10#include <base/time/time.h>
11#include <gtest/gtest.h>
12
13#include "update_engine/fake_clock.h"
14#include "update_engine/policy_manager/evaluation_context.h"
15#include "update_engine/policy_manager/fake_state.h"
16#include "update_engine/policy_manager/pmtest_utils.h"
17
18using base::Time;
19using base::TimeDelta;
20using chromeos_update_engine::FakeClock;
Gilad Arnold0adbc942014-05-12 10:35:43 -0700[diff] [blame^]21using std::set;
Alex Deymo0d11c602014-04-23 20:12:20 -0700[diff] [blame]22using std::string;
23
24namespace chromeos_policy_manager {
25
26class PmChromeOSPolicyTest : public ::testing::Test {
27 protected:
28 virtual void SetUp() {
29 SetUpDefaultClock();
30 eval_ctx_ = new EvaluationContext(&fake_clock_);
Gilad Arnoldf62a4b82014-05-01 07:41:07 -0700[diff] [blame]31 SetUpDefaultState();
32 SetUpDefaultDevicePolicy();
Alex Deymo0d11c602014-04-23 20:12:20 -0700[diff] [blame]33 }
34
35 // Sets the clock to fixed values.
36 void SetUpDefaultClock() {
37 fake_clock_.SetMonotonicTime(Time::FromInternalValue(12345678L));
38 fake_clock_.SetWallclockTime(Time::FromInternalValue(12345678901234L));
39 }
40
41 void SetUpDefaultState() {
42 fake_state_.updater_provider()->var_updater_started_time()->reset(
43 new Time(fake_clock_.GetWallclockTime()));
44 fake_state_.updater_provider()->var_last_checked_time()->reset(
45 new Time(fake_clock_.GetWallclockTime()));
46 fake_state_.updater_provider()->var_consecutive_failed_update_checks()->
47 reset(new unsigned int(0));
48
49 fake_state_.random_provider()->var_seed()->reset(
50 new uint64_t(4)); // chosen by fair dice roll.
51 // guaranteed to be random.
Gilad Arnoldf62a4b82014-05-01 07:41:07 -0700[diff] [blame]52
53 // No device policy loaded by default.
54 fake_state_.device_policy_provider()->var_device_policy_is_loaded()->reset(
55 new bool(false));
56
57 // For the purpose of the tests, this is an official build.
58 fake_state_.system_provider()->var_is_official_build()->reset(
59 new bool(true));
Gilad Arnold0adbc942014-05-12 10:35:43 -0700[diff] [blame^]60
61 // Connection is wifi, untethered.
62 fake_state_.shill_provider()->var_conn_type()->
63 reset(new ConnectionType(ConnectionType::kWifi));
64 fake_state_.shill_provider()->var_conn_tethering()->
65 reset(new ConnectionTethering(ConnectionTethering::kNotDetected));
Gilad Arnoldf62a4b82014-05-01 07:41:07 -0700[diff] [blame]66 }
67
68 // Sets up a default device policy that does not impose any restrictions, nor
69 // enables any features (HTTP, P2P).
70 void SetUpDefaultDevicePolicy() {
71 fake_state_.device_policy_provider()->var_device_policy_is_loaded()->reset(
72 new bool(true));
73 fake_state_.device_policy_provider()->var_update_disabled()->reset(
74 new bool(false));
75 fake_state_.device_policy_provider()->
76 var_allowed_connection_types_for_update()->reset(nullptr);
77 fake_state_.device_policy_provider()->var_scatter_factor()->reset(
78 new TimeDelta());
79 fake_state_.device_policy_provider()->var_http_downloads_enabled()->reset(
80 new bool(false));
81 fake_state_.device_policy_provider()->var_au_p2p_enabled()->reset(
82 new bool(false));
83 fake_state_.device_policy_provider()->var_release_channel_delegated()->
84 reset(new bool(true));
85 }
86
87 // Configures the UpdateCheckAllowed policy to return a desired value by
88 // faking the current wall clock time as needed. Restores the default state.
89 // This is used when testing policies that depend on this one.
90 void SetUpdateCheckAllowed(bool allow_check) {
91 Time next_update_check;
92 ExpectPolicyStatus(EvalStatus::kSucceeded,
93 &ChromeOSPolicy::NextUpdateCheckTime,
94 &next_update_check);
95 SetUpDefaultState();
96 SetUpDefaultDevicePolicy();
97 Time curr_time = next_update_check;
98 if (allow_check)
99 curr_time += TimeDelta::FromSeconds(1);
100 else
101 curr_time -= TimeDelta::FromSeconds(1);
102 fake_clock_.SetWallclockTime(curr_time);
103 }
104
105 // Returns a default UpdateState structure: first seen time is calculated
106 // backward from the current wall clock time, update was seen just once, there
107 // is no scattering wait period and the max allowed is 7 days, there is no
108 // check threshold and none is allowed.
109 UpdateState GetDefaultUpdateState(TimeDelta update_first_seen_period) {
110 UpdateState update_state = {
111 fake_clock_.GetWallclockTime() - update_first_seen_period, 1,
112 TimeDelta(), TimeDelta::FromDays(7), 0, 0, 0
113 };
114 return update_state;
Alex Deymo0d11c602014-04-23 20:12:20 -0700[diff] [blame]115 }
116
117 // Runs the passed |policy_method| policy and expects it to return the
118 // |expected| return value.
119 template<typename T, typename R, typename... Args>
120 void ExpectPolicyStatus(
121 EvalStatus expected,
122 T policy_method,
123 R* result, Args... args) {
124 string error = "<None>";
125 eval_ctx_->ResetEvaluation();
126 EXPECT_EQ(expected,
Gilad Arnoldf62a4b82014-05-01 07:41:07 -0700[diff] [blame]127 (policy_.*policy_method)(eval_ctx_, &fake_state_, &error, result,
128 args...))
Alex Deymoc850b4f2014-05-19 11:06:41 -0700[diff] [blame]129 << "Returned error: " << error
130 << "\nEvaluation context: " << eval_ctx_->DumpContext();
Alex Deymo0d11c602014-04-23 20:12:20 -0700[diff] [blame]131 }
132
133 FakeClock fake_clock_;
134 FakeState fake_state_;
135 scoped_refptr<EvaluationContext> eval_ctx_;
136 ChromeOSPolicy policy_; // ChromeOSPolicy under test.
137};
138
139TEST_F(PmChromeOSPolicyTest, FirstCheckIsAtMostInitialIntervalAfterStart) {
140 Time next_update_check;
141
Alex Deymo0d11c602014-04-23 20:12:20 -0700[diff] [blame]142 ExpectPolicyStatus(EvalStatus::kSucceeded,
143 &ChromeOSPolicy::NextUpdateCheckTime, &next_update_check);
144
145 EXPECT_LE(fake_clock_.GetWallclockTime(), next_update_check);
146 EXPECT_GE(fake_clock_.GetWallclockTime() + TimeDelta::FromSeconds(
147 ChromeOSPolicy::kTimeoutInitialInterval +
148 ChromeOSPolicy::kTimeoutRegularFuzz), next_update_check);
149}
150
151TEST_F(PmChromeOSPolicyTest, ExponentialBackoffIsCapped) {
152 Time next_update_check;
153
Alex Deymo0d11c602014-04-23 20:12:20 -0700[diff] [blame]154 fake_state_.updater_provider()->var_consecutive_failed_update_checks()->
155 reset(new unsigned int(100));
156 ExpectPolicyStatus(EvalStatus::kSucceeded,
157 &ChromeOSPolicy::NextUpdateCheckTime, &next_update_check);
158
159 EXPECT_LE(fake_clock_.GetWallclockTime() + TimeDelta::FromSeconds(
160 ChromeOSPolicy::kTimeoutMaxBackoffInterval -
161 ChromeOSPolicy::kTimeoutRegularFuzz - 1), next_update_check);
162 EXPECT_GE(fake_clock_.GetWallclockTime() + TimeDelta::FromSeconds(
163 ChromeOSPolicy::kTimeoutMaxBackoffInterval +
164 ChromeOSPolicy::kTimeoutRegularFuzz), next_update_check);
165}
166
167TEST_F(PmChromeOSPolicyTest, UpdateCheckAllowedWaitsForTheTimeout) {
168 // We get the next update_check timestamp from the policy's private method
169 // and then we check the public method respects that value on the normal
170 // case.
171 Time next_update_check;
172 Time last_checked_time =
173 fake_clock_.GetWallclockTime() + TimeDelta::FromMinutes(1234);
174
Alex Deymo0d11c602014-04-23 20:12:20 -0700[diff] [blame]175 fake_state_.updater_provider()->var_last_checked_time()->reset(
176 new Time(last_checked_time));
177 ExpectPolicyStatus(EvalStatus::kSucceeded,
178 &ChromeOSPolicy::NextUpdateCheckTime, &next_update_check);
179
180 UpdateCheckParams result;
181
182 // Check that the policy blocks until the next_update_check is reached.
183 SetUpDefaultClock();
184 SetUpDefaultState();
185 fake_state_.updater_provider()->var_last_checked_time()->reset(
186 new Time(last_checked_time));
187 fake_clock_.SetWallclockTime(next_update_check - TimeDelta::FromSeconds(1));
188 ExpectPolicyStatus(EvalStatus::kAskMeAgainLater,
189 &Policy::UpdateCheckAllowed, &result);
190
191 SetUpDefaultClock();
192 SetUpDefaultState();
193 fake_state_.updater_provider()->var_last_checked_time()->reset(
194 new Time(last_checked_time));
195 fake_clock_.SetWallclockTime(next_update_check + TimeDelta::FromSeconds(1));
196 ExpectPolicyStatus(EvalStatus::kSucceeded,
197 &Policy::UpdateCheckAllowed, &result);
198}
199
Gilad Arnoldf62a4b82014-05-01 07:41:07 -0700[diff] [blame]200TEST_F(PmChromeOSPolicyTest, UpdateCanStartFailsCheckAllowedError) {
201 // The UpdateCanStart policy fails, not being able to query
202 // UpdateCheckAllowed.
203
204 // Configure the UpdateCheckAllowed policy to fail.
205 fake_state_.updater_provider()->var_updater_started_time()->reset(nullptr);
206
207 // Check that the UpdateCanStart fails.
208 UpdateState update_state = GetDefaultUpdateState(TimeDelta::FromMinutes(10));
209 UpdateCanStartResult result;
210 ExpectPolicyStatus(EvalStatus::kFailed,
211 &Policy::UpdateCanStart, &result, false, update_state);
212}
213
214TEST_F(PmChromeOSPolicyTest, UpdateCanStartNotAllowedCheckDue) {
215 // The UpdateCanStart policy returns false because we are due for another
216 // update check.
217
218 SetUpdateCheckAllowed(true);
219
220 // Check that the UpdateCanStart returns false.
221 UpdateState update_state = GetDefaultUpdateState(TimeDelta::FromMinutes(10));
222 UpdateCanStartResult result;
223 ExpectPolicyStatus(EvalStatus::kSucceeded,
224 &Policy::UpdateCanStart, &result, false, update_state);
225 EXPECT_FALSE(result.update_can_start);
226 EXPECT_EQ(UpdateCannotStartReason::kCheckDue, result.cannot_start_reason);
227}
228
229TEST_F(PmChromeOSPolicyTest, UpdateCanStartAllowedNoDevicePolicy) {
230 // The UpdateCanStart policy returns true; no device policy is loaded.
231
232 SetUpdateCheckAllowed(false);
233 fake_state_.device_policy_provider()->var_device_policy_is_loaded()->reset(
234 new bool(false));
235
236 // Check that the UpdateCanStart returns true with no further attributes.
237 UpdateState update_state = GetDefaultUpdateState(TimeDelta::FromMinutes(10));
238 UpdateCanStartResult result;
239 ExpectPolicyStatus(EvalStatus::kSucceeded,
240 &Policy::UpdateCanStart, &result, false, update_state);
241 EXPECT_TRUE(result.update_can_start);
242 EXPECT_TRUE(result.http_allowed);
243 EXPECT_FALSE(result.p2p_allowed);
244 EXPECT_TRUE(result.target_channel.empty());
245}
246
247TEST_F(PmChromeOSPolicyTest, UpdateCanStartAllowedBlankPolicy) {
248 // The UpdateCanStart policy returns true; device policy is loaded but imposes
249 // no restrictions on updating.
250
251 SetUpdateCheckAllowed(false);
252
253 // Check that the UpdateCanStart returns true.
254 UpdateState update_state = GetDefaultUpdateState(TimeDelta::FromMinutes(10));
255 UpdateCanStartResult result;
256 ExpectPolicyStatus(EvalStatus::kSucceeded,
257 &Policy::UpdateCanStart, &result, false, update_state);
258 EXPECT_TRUE(result.update_can_start);
259 EXPECT_FALSE(result.http_allowed);
260 EXPECT_FALSE(result.p2p_allowed);
261 EXPECT_TRUE(result.target_channel.empty());
262}
263
264TEST_F(PmChromeOSPolicyTest, UpdateCanStartNotAllowedUpdatesDisabled) {
265 // The UpdateCanStart should return false (kAskMeAgainlater) because a device
266 // policy is loaded and prohibits updates.
267
268 SetUpdateCheckAllowed(false);
269 fake_state_.device_policy_provider()->var_update_disabled()->reset(
270 new bool(true));
271
272 // Check that the UpdateCanStart returns false.
273 UpdateState update_state = GetDefaultUpdateState(TimeDelta::FromMinutes(10));
274 UpdateCanStartResult result;
275 ExpectPolicyStatus(EvalStatus::kAskMeAgainLater,
276 &Policy::UpdateCanStart, &result, false, update_state);
277 EXPECT_FALSE(result.update_can_start);
278 EXPECT_EQ(UpdateCannotStartReason::kDisabledByPolicy,
279 result.cannot_start_reason);
280}
281
282TEST_F(PmChromeOSPolicyTest, UpdateCanStartFailsScatteringFailed) {
283 // The UpdateCanStart policy fails because the UpdateScattering policy it
284 // depends on fails (unset variable).
285
286 SetUpdateCheckAllowed(false);
287
288 // Override the default seed variable with a null value so that the policy
289 // request would fail.
290 fake_state_.random_provider()->var_seed()->reset(nullptr);
291
292 // Check that the UpdateCanStart fails.
293 UpdateState update_state = GetDefaultUpdateState(TimeDelta::FromSeconds(1));
294 UpdateCanStartResult result;
295 ExpectPolicyStatus(EvalStatus::kFailed,
296 &Policy::UpdateCanStart, &result, false, update_state);
297}
298
299TEST_F(PmChromeOSPolicyTest,
300 UpdateCanStartNotAllowedScatteringNewWaitPeriodApplies) {
301 // The UpdateCanStart policy returns false; device policy is loaded and
302 // scattering applies due to an unsatisfied wait period, which was newly
303 // generated.
304
305 SetUpdateCheckAllowed(false);
306 fake_state_.device_policy_provider()->var_scatter_factor()->reset(
307 new TimeDelta(TimeDelta::FromMinutes(2)));
308
309
310 UpdateState update_state = GetDefaultUpdateState(TimeDelta::FromSeconds(1));
311
312 // Check that the UpdateCanStart returns false and a new wait period
313 // generated.
314 UpdateCanStartResult result;
315 ExpectPolicyStatus(EvalStatus::kSucceeded, &Policy::UpdateCanStart, &result,
316 false, update_state);
317 EXPECT_FALSE(result.update_can_start);
318 EXPECT_EQ(UpdateCannotStartReason::kScattering, result.cannot_start_reason);
319 EXPECT_LT(TimeDelta(), result.scatter_wait_period);
320 EXPECT_EQ(0, result.scatter_check_threshold);
321}
322
323TEST_F(PmChromeOSPolicyTest,
324 UpdateCanStartNotAllowedScatteringPrevWaitPeriodStillApplies) {
325 // The UpdateCanStart policy returns false w/ kAskMeAgainLater; device policy
326 // is loaded and a previously generated scattering period still applies, none
327 // of the scattering values has changed.
328
329 SetUpdateCheckAllowed(false);
330 fake_state_.device_policy_provider()->var_scatter_factor()->reset(
331 new TimeDelta(TimeDelta::FromMinutes(2)));
332
333 UpdateState update_state = GetDefaultUpdateState(TimeDelta::FromSeconds(1));
334 update_state.scatter_wait_period = TimeDelta::FromSeconds(35);
335
336 // Check that the UpdateCanStart returns false and a new wait period
337 // generated.
338 UpdateCanStartResult result;
339 ExpectPolicyStatus(EvalStatus::kAskMeAgainLater, &Policy::UpdateCanStart,
340 &result, false, update_state);
341 EXPECT_FALSE(result.update_can_start);
342 EXPECT_EQ(UpdateCannotStartReason::kScattering, result.cannot_start_reason);
343 EXPECT_EQ(TimeDelta::FromSeconds(35), result.scatter_wait_period);
344 EXPECT_EQ(0, result.scatter_check_threshold);
345}
346
347TEST_F(PmChromeOSPolicyTest,
348 UpdateCanStartNotAllowedScatteringNewCountThresholdApplies) {
349 // The UpdateCanStart policy returns false; device policy is loaded and
350 // scattering applies due to an unsatisfied update check count threshold.
351 //
352 // This ensures a non-zero check threshold, which may or may not be combined
353 // with a non-zero wait period (for which we cannot reliably control).
354
355 SetUpdateCheckAllowed(false);
356 fake_state_.device_policy_provider()->var_scatter_factor()->reset(
357 new TimeDelta(TimeDelta::FromSeconds(1)));
358
359 UpdateState update_state = GetDefaultUpdateState(TimeDelta::FromSeconds(1));
360 update_state.scatter_check_threshold_min = 2;
361 update_state.scatter_check_threshold_max = 5;
362
363 // Check that the UpdateCanStart returns false.
364 UpdateCanStartResult result;
365 ExpectPolicyStatus(EvalStatus::kSucceeded, &Policy::UpdateCanStart, &result,
366 false, update_state);
367 EXPECT_FALSE(result.update_can_start);
368 EXPECT_EQ(UpdateCannotStartReason::kScattering, result.cannot_start_reason);
369 EXPECT_LE(2, result.scatter_check_threshold);
370 EXPECT_GE(5, result.scatter_check_threshold);
371}
372
373TEST_F(PmChromeOSPolicyTest,
374 UpdateCanStartNotAllowedScatteringPrevCountThresholdStillApplies) {
375 // The UpdateCanStart policy returns false; device policy is loaded and
376 // scattering due to a previously generated count threshold still applies.
377
378 SetUpdateCheckAllowed(false);
379 fake_state_.device_policy_provider()->var_scatter_factor()->reset(
380 new TimeDelta(TimeDelta::FromSeconds(1)));
381
382 UpdateState update_state = GetDefaultUpdateState(TimeDelta::FromSeconds(1));
383 update_state.scatter_check_threshold = 3;
384 update_state.scatter_check_threshold_min = 2;
385 update_state.scatter_check_threshold_max = 5;
386
387 // Check that the UpdateCanStart returns false.
388 UpdateCanStartResult result;
389 ExpectPolicyStatus(EvalStatus::kSucceeded, &Policy::UpdateCanStart, &result,
390 false, update_state);
391 EXPECT_FALSE(result.update_can_start);
392 EXPECT_EQ(UpdateCannotStartReason::kScattering, result.cannot_start_reason);
393 EXPECT_EQ(3, result.scatter_check_threshold);
394}
395
396TEST_F(PmChromeOSPolicyTest, UpdateCanStartAllowedScatteringSatisfied) {
397 // The UpdateCanStart policy returns true; device policy is loaded and
398 // scattering is enabled, but both wait period and check threshold are
399 // satisfied.
400
401 SetUpdateCheckAllowed(false);
402 fake_state_.device_policy_provider()->var_scatter_factor()->reset(
403 new TimeDelta(TimeDelta::FromSeconds(120)));
404
405 UpdateState update_state = GetDefaultUpdateState(TimeDelta::FromSeconds(75));
406 update_state.num_checks = 4;
407 update_state.scatter_wait_period = TimeDelta::FromSeconds(60);
408 update_state.scatter_check_threshold = 3;
409 update_state.scatter_check_threshold_min = 2;
410 update_state.scatter_check_threshold_max = 5;
411
412 // Check that the UpdateCanStart returns true.
413 UpdateCanStartResult result;
414 ExpectPolicyStatus(EvalStatus::kSucceeded, &Policy::UpdateCanStart, &result,
415 false, update_state);
416 EXPECT_TRUE(result.update_can_start);
417 EXPECT_EQ(TimeDelta(), result.scatter_wait_period);
418 EXPECT_EQ(0, result.scatter_check_threshold);
419}
420
421TEST_F(PmChromeOSPolicyTest,
422 UpdateCanStartAllowedInteractivePreventsScattering) {
423 // The UpdateCanStart policy returns true; device policy is loaded and
424 // scattering would have applied, except that the update check is interactive
425 // and so it is suppressed.
426
427 SetUpdateCheckAllowed(false);
428 fake_state_.device_policy_provider()->var_scatter_factor()->reset(
429 new TimeDelta(TimeDelta::FromSeconds(1)));
430
431 UpdateState update_state = GetDefaultUpdateState(TimeDelta::FromSeconds(1));
432 update_state.scatter_check_threshold = 0;
433 update_state.scatter_check_threshold_min = 2;
434 update_state.scatter_check_threshold_max = 5;
435
436 // Check that the UpdateCanStart returns true.
437 UpdateCanStartResult result;
438 ExpectPolicyStatus(EvalStatus::kSucceeded, &Policy::UpdateCanStart, &result,
439 true, update_state);
440 EXPECT_TRUE(result.update_can_start);
441 EXPECT_EQ(TimeDelta(), result.scatter_wait_period);
442 EXPECT_EQ(0, result.scatter_check_threshold);
443}
444
445TEST_F(PmChromeOSPolicyTest, UpdateCanStartAllowedWithAttributes) {
446 // The UpdateCanStart policy returns true; device policy permits both HTTP and
447 // P2P updates, as well as a non-empty target channel string.
448
449 SetUpdateCheckAllowed(false);
450
451 // Override specific device policy attributes.
452 fake_state_.device_policy_provider()->var_http_downloads_enabled()->reset(
453 new bool(true));
454 fake_state_.device_policy_provider()->var_au_p2p_enabled()->reset(
455 new bool(true));
456 fake_state_.device_policy_provider()->var_release_channel_delegated()->
457 reset(new bool(false));
458 fake_state_.device_policy_provider()->var_release_channel()->
459 reset(new string("foo-channel"));
460
461 // Check that the UpdateCanStart returns true.
462 UpdateState update_state = GetDefaultUpdateState(TimeDelta::FromMinutes(10));
463 UpdateCanStartResult result;
464 ExpectPolicyStatus(EvalStatus::kSucceeded, &Policy::UpdateCanStart, &result,
465 false, update_state);
466 EXPECT_TRUE(result.update_can_start);
467 EXPECT_TRUE(result.http_allowed);
468 EXPECT_TRUE(result.p2p_allowed);
469 EXPECT_EQ("foo-channel", result.target_channel);
470}
471
472TEST_F(PmChromeOSPolicyTest, UpdateCanStartAllowedWithP2PFromUpdater) {
473 // The UpdateCanStart policy returns true; device policy forbids both HTTP and
474 // P2P updates, but the updater is configured to allow P2P and overrules the
475 // setting.
476
477 SetUpdateCheckAllowed(false);
478
479 // Override specific device policy attributes.
480 fake_state_.device_policy_provider()->var_release_channel_delegated()->
481 reset(new bool(false));
482 fake_state_.device_policy_provider()->var_release_channel()->
483 reset(new string("foo-channel"));
484 fake_state_.updater_provider()->var_p2p_enabled()->reset(new bool(true));
485
486 // Check that the UpdateCanStart returns true.
487 UpdateState update_state = GetDefaultUpdateState(TimeDelta::FromMinutes(10));
488 UpdateCanStartResult result;
489 ExpectPolicyStatus(EvalStatus::kSucceeded, &Policy::UpdateCanStart, &result,
490 false, update_state);
491 EXPECT_TRUE(result.update_can_start);
492 EXPECT_FALSE(result.http_allowed);
493 EXPECT_TRUE(result.p2p_allowed);
494 EXPECT_EQ("foo-channel", result.target_channel);
495}
496
497TEST_F(PmChromeOSPolicyTest, UpdateCanStartAllowedWithHttpForUnofficialBuild) {
498 // The UpdateCanStart policy returns true; device policy forbids both HTTP and
499 // P2P updates, but marking this an unofficial build overrules the HTTP
500 // setting.
501
502 SetUpdateCheckAllowed(false);
503
504 // Override specific device policy attributes.
505 fake_state_.device_policy_provider()->var_release_channel_delegated()->
506 reset(new bool(false));
507 fake_state_.device_policy_provider()->var_release_channel()->
508 reset(new string("foo-channel"));
509 fake_state_.system_provider()->var_is_official_build()->
510 reset(new bool(false));
511
512 // Check that the UpdateCanStart returns true.
513 UpdateState update_state = GetDefaultUpdateState(TimeDelta::FromMinutes(10));
514 UpdateCanStartResult result;
515 ExpectPolicyStatus(EvalStatus::kSucceeded, &Policy::UpdateCanStart, &result,
516 false, update_state);
517 EXPECT_TRUE(result.update_can_start);
518 EXPECT_TRUE(result.http_allowed);
519 EXPECT_FALSE(result.p2p_allowed);
520 EXPECT_EQ("foo-channel", result.target_channel);
521}
522
Gilad Arnold0adbc942014-05-12 10:35:43 -0700[diff] [blame^]523TEST_F(PmChromeOSPolicyTest, UpdateCurrentConnectionAllowedEthernetDefault) {
524 // Ethernet is always allowed.
525
526 fake_state_.shill_provider()->var_conn_type()->
527 reset(new ConnectionType(ConnectionType::kEthernet));
528
529 bool result;
530 ExpectPolicyStatus(EvalStatus::kSucceeded,
531 &Policy::UpdateCurrentConnectionAllowed, &result);
532 EXPECT_TRUE(result);
533}
534
535TEST_F(PmChromeOSPolicyTest, UpdateCurrentConnectionAllowedWifiDefault) {
536 // Wifi is allowed if not tethered.
537
538 fake_state_.shill_provider()->var_conn_type()->
539 reset(new ConnectionType(ConnectionType::kWifi));
540
541 bool result;
542 ExpectPolicyStatus(EvalStatus::kSucceeded,
543 &Policy::UpdateCurrentConnectionAllowed, &result);
544 EXPECT_TRUE(result);
545}
546
547TEST_F(PmChromeOSPolicyTest,
548 UpdateCurrentConnectionNotAllowedWifiTetheredDefault) {
549 // Tethered wifi is not allowed by default.
550
551 fake_state_.shill_provider()->var_conn_type()->
552 reset(new ConnectionType(ConnectionType::kWifi));
553 fake_state_.shill_provider()->var_conn_tethering()->
554 reset(new ConnectionTethering(ConnectionTethering::kConfirmed));
555
556 bool result;
557 ExpectPolicyStatus(EvalStatus::kSucceeded,
558 &Policy::UpdateCurrentConnectionAllowed, &result);
559 EXPECT_FALSE(result);
560}
561
562TEST_F(PmChromeOSPolicyTest,
563 UpdateCurrentConnectionAllowedWifiTetheredPolicyOverride) {
564 // Tethered wifi can be allowed by policy.
565
566 fake_state_.shill_provider()->var_conn_type()->
567 reset(new ConnectionType(ConnectionType::kWifi));
568 fake_state_.shill_provider()->var_conn_tethering()->
569 reset(new ConnectionTethering(ConnectionTethering::kConfirmed));
570 set<ConnectionType> allowed_connections;
571 allowed_connections.insert(ConnectionType::kCellular);
572 fake_state_.device_policy_provider()->
573 var_allowed_connection_types_for_update()->
574 reset(new set<ConnectionType>(allowed_connections));
575
576 bool result;
577 ExpectPolicyStatus(EvalStatus::kSucceeded,
578 &Policy::UpdateCurrentConnectionAllowed, &result);
579 EXPECT_TRUE(result);
580}
581
582TEST_F(PmChromeOSPolicyTest, UpdateCurrentConnectionAllowedWimaxDefault) {
583 // Wimax is always allowed.
584
585 fake_state_.shill_provider()->var_conn_type()->
586 reset(new ConnectionType(ConnectionType::kWifi));
587
588 bool result;
589 ExpectPolicyStatus(EvalStatus::kSucceeded,
590 &Policy::UpdateCurrentConnectionAllowed, &result);
591 EXPECT_TRUE(result);
592}
593
594TEST_F(PmChromeOSPolicyTest,
595 UpdateCurrentConnectionNotAllowedBluetoothDefault) {
596 // Bluetooth is never allowed.
597
598 fake_state_.shill_provider()->var_conn_type()->
599 reset(new ConnectionType(ConnectionType::kBluetooth));
600
601 bool result;
602 ExpectPolicyStatus(EvalStatus::kSucceeded,
603 &Policy::UpdateCurrentConnectionAllowed, &result);
604 EXPECT_FALSE(result);
605}
606
607TEST_F(PmChromeOSPolicyTest,
608 UpdateCurrentConnectionNotAllowedBluetoothPolicyCannotOverride) {
609 // Bluetooth cannot be allowed even by policy.
610
611 fake_state_.shill_provider()->var_conn_type()->
612 reset(new ConnectionType(ConnectionType::kBluetooth));
613 set<ConnectionType> allowed_connections;
614 allowed_connections.insert(ConnectionType::kBluetooth);
615 fake_state_.device_policy_provider()->
616 var_allowed_connection_types_for_update()->
617 reset(new set<ConnectionType>(allowed_connections));
618
619 bool result;
620 ExpectPolicyStatus(EvalStatus::kSucceeded,
621 &Policy::UpdateCurrentConnectionAllowed, &result);
622 EXPECT_FALSE(result);
623}
624
625TEST_F(PmChromeOSPolicyTest, UpdateCurrentConnectionNotAllowedCellularDefault) {
626 // Cellular is not allowed by default.
627
628 fake_state_.shill_provider()->var_conn_type()->
629 reset(new ConnectionType(ConnectionType::kCellular));
630
631 bool result;
632 ExpectPolicyStatus(EvalStatus::kSucceeded,
633 &Policy::UpdateCurrentConnectionAllowed, &result);
634 EXPECT_FALSE(result);
635}
636
637TEST_F(PmChromeOSPolicyTest,
638 UpdateCurrentConnectionAllowedCellularPolicyOverride) {
639 // Update over cellular can be enabled by policy.
640
641 fake_state_.shill_provider()->var_conn_type()->
642 reset(new ConnectionType(ConnectionType::kCellular));
643 set<ConnectionType> allowed_connections;
644 allowed_connections.insert(ConnectionType::kCellular);
645 fake_state_.device_policy_provider()->
646 var_allowed_connection_types_for_update()->
647 reset(new set<ConnectionType>(allowed_connections));
648
649 bool result;
650 ExpectPolicyStatus(EvalStatus::kSucceeded,
651 &Policy::UpdateCurrentConnectionAllowed, &result);
652 EXPECT_TRUE(result);
653}
654
655TEST_F(PmChromeOSPolicyTest,
656 UpdateCurrentConnectionAllowedCellularUserOverride) {
657 // Update over cellular can be enabled by user settings, but only if policy
658 // is present and does not determine allowed connections.
659
660 fake_state_.shill_provider()->var_conn_type()->
661 reset(new ConnectionType(ConnectionType::kCellular));
662 set<ConnectionType> allowed_connections;
663 allowed_connections.insert(ConnectionType::kCellular);
664 fake_state_.updater_provider()->var_cellular_enabled()->
665 reset(new bool(true));
666
667 bool result;
668 ExpectPolicyStatus(EvalStatus::kSucceeded,
669 &Policy::UpdateCurrentConnectionAllowed, &result);
670 EXPECT_TRUE(result);
671}
672
Alex Deymo0d11c602014-04-23 20:12:20 -0700[diff] [blame]673} // namespace chromeos_policy_manager