// Copyright 2020 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "chrome/browser/enterprise/connectors/connectors_service.h" #include <memory> #include <utility> #include "base/json/json_reader.h" #include "base/path_service.h" #include "build/build_config.h" #include "build/chromeos_buildflags.h" #include "chrome/browser/browser_process.h" #include "chrome/browser/enterprise/connectors/common.h" #include "chrome/browser/enterprise/connectors/test/deep_scanning_browsertest_base.h" #include "chrome/browser/enterprise/connectors/test/deep_scanning_test_utils.h" #include "chrome/browser/policy/chrome_browser_policy_connector.h" #include "chrome/browser/policy/dm_token_utils.h" #include "chrome/browser/profiles/reporting_util.h" #include "chrome/browser/ui/browser.h" #include "components/enterprise/browser/controller/fake_browser_dm_token_storage.h" #include "components/enterprise/browser/enterprise_switches.h" #include "components/enterprise/buildflags/buildflags.h" #include "components/enterprise/connectors/core/connectors_prefs.h" #include "components/policy/core/common/cloud/machine_level_user_cloud_policy_manager.h" #include "components/policy/core/common/cloud/mock_cloud_policy_client.h" #include "components/policy/core/common/cloud/reporting_job_configuration_base.h" #include "components/policy/core/common/cloud/user_cloud_policy_manager.h" #include "components/policy/core/common/policy_switches.h" #include "components/safe_browsing/core/common/safe_browsing_prefs.h" #include "components/version_info/version_info.h" #include "content/public/test/browser_test.h" #if BUILDFLAG(IS_CHROMEOS_ASH) #include "chrome/browser/ash/login/users/fake_chrome_user_manager.h" #include "chrome/browser/ash/policy/core/user_cloud_policy_manager_ash.h" #include "chrome/browser/ash/profiles/profile_helper.h" #include "components/account_id/account_id.h" #include "components/user_manager/scoped_user_manager.h" #include "components/user_manager/user.h" #endif #if BUILDFLAG(IS_CHROMEOS_LACROS) #include "chromeos/startup/browser_init_params.h" #include "components/policy/core/common/policy_loader_lacros.h" #endif namespace enterprise_connectors { namespace { constexpr char kNormalCloudAnalysisSettingsPref[] = …; constexpr char kNormalLocalAnalysisSettingsPref[] = …; constexpr char kNormalReportingSettingsPref[] = …; #if !BUILDFLAG(IS_CHROMEOS_ASH) constexpr char kAffiliationId2[] = …; #endif #if !BUILDFLAG(IS_CHROMEOS) constexpr char kFakeEnrollmentToken[] = …; constexpr char kUsername1[] = …; constexpr char kUsername2[] = …; constexpr char kDomain2[] = …; #endif constexpr char kFakeBrowserDMToken[] = …; constexpr char kFakeProfileDMToken[] = …; constexpr char kFakeBrowserClientId[] = …; constexpr char kFakeProfileClientId[] = …; constexpr char kAffiliationId1[] = …; constexpr char kDomain1[] = …; constexpr char kTestUrl[] = …; #if BUILDFLAG(IS_CHROMEOS_ASH) constexpr char kTestGaiaId[] = "123"; constexpr char kTestEmail[] = "test@test"; #endif std::string ExpectedOsPlatform() { … } // We want a way to check whether or not any metadata was set, but the profile // metadata will always contain the `is_chrome_os_managed_guest_session` field // if the `kEnterpriseConnectorsEnabledOnMGS` feature flag is enabled, so we // check another field (which should always be set if any actual metadata was // provided). bool ContainsClientId(const AnalysisSettings& settings) { … } } // namespace // Profile DM token tests // These tests validate that ConnectorsService obtains the correct DM token on // each GetAnalysisSettings/GetReportingSettings call. There are 3 mains cases // to validate here: // // - Affiliated: The profile and browser are managed by the same customer. In // this case, it is OK to get the profile DM token and apply Connector policies. // - Unaffiliated: The profile and browser are managed by different customers. // In this case, no profile settings should be returned. // - Unmanaged: The profile is managed by a customer while the browser is // unmanaged. In this case, it is OK to get the profile DM token and apply // Connector policies. // // The exception to the above rules is CrOS. Even when the policies are applied // at a user scope, only the browser DM token should be returned. enum class ManagementStatus { … }; class ConnectorsServiceProfileBrowserTest : public test::DeepScanningBrowserTestBase { … }; class ConnectorsServiceReportingProfileBrowserTest : public ConnectorsServiceProfileBrowserTest, public testing::WithParamInterface< std::tuple<ReportingConnector, ManagementStatus>> { … }; INSTANTIATE_TEST_SUITE_P(…); IN_PROC_BROWSER_TEST_P(ConnectorsServiceReportingProfileBrowserTest, Test) { … } class ConnectorsServiceAnalysisProfileBrowserTest : public ConnectorsServiceProfileBrowserTest, public testing::WithParamInterface< std::tuple<ManagementStatus, const char*, bool>> { … }; INSTANTIATE_TEST_SUITE_P(…); IN_PROC_BROWSER_TEST_P(ConnectorsServiceAnalysisProfileBrowserTest, DeviceReporting) { … } IN_PROC_BROWSER_TEST_P(ConnectorsServiceAnalysisProfileBrowserTest, ProfileReporting) { … } IN_PROC_BROWSER_TEST_P(ConnectorsServiceAnalysisProfileBrowserTest, NoReporting) { … } // TODO(b/302576851): Consider removing after EnableRelaxedAffiliationCheck // is cleaned up. IN_PROC_BROWSER_TEST_P(ConnectorsServiceAnalysisProfileBrowserTest, Affiliation) { … } class ConnectorsServiceRealtimeURLCheckProfileBrowserTest : public ConnectorsServiceProfileBrowserTest, public testing::WithParamInterface<ManagementStatus> { … }; INSTANTIATE_TEST_SUITE_P(…); IN_PROC_BROWSER_TEST_P(ConnectorsServiceRealtimeURLCheckProfileBrowserTest, Test) { … } } // namespace enterprise_connectors
Codebase Browser
chromium