diff options
18 files changed, 214 insertions, 35 deletions
diff --git a/chrome/browser/chromeos/login/easy_unlock/bootstrap_browsertest.cc b/chrome/browser/chromeos/login/easy_unlock/bootstrap_browsertest.cc index bc5a9b1..73d194d 100644 --- a/chrome/browser/chromeos/login/easy_unlock/bootstrap_browsertest.cc +++ b/chrome/browser/chromeos/login/easy_unlock/bootstrap_browsertest.cc @@ -28,7 +28,7 @@ namespace chromeos { namespace { const char kFakeGaiaId[] = "123456"; -const char kFakeUser[] = "test_user@example.com"; +const char kFakeUser[] = "test_user@consumer.example.com"; const char kFakeSid[] = "fake-sid"; const char kFakeLsid[] = "fake-lsid"; const char kFakeRefreshToken[] = "fake-refresh-token"; diff --git a/chrome/browser/chromeos/login/saml/saml_browsertest.cc b/chrome/browser/chromeos/login/saml/saml_browsertest.cc index 0e96325..c98c806 100644 --- a/chrome/browser/chromeos/login/saml/saml_browsertest.cc +++ b/chrome/browser/chromeos/login/saml/saml_browsertest.cc @@ -317,6 +317,8 @@ class SamlTest : public OobeBaseTest { void SetUpCommandLine(base::CommandLine* command_line) override { command_line->AppendSwitch(switches::kOobeSkipPostLogin); + command_line->AppendSwitch( + chromeos::switches::kAllowFailedPolicyFetchForTest); const GURL gaia_url = gaia_https_forwarder_.GetURLForSSLHost(""); const GURL saml_idp_url = saml_https_forwarder_.GetURLForSSLHost("SAML"); diff --git a/chrome/browser/chromeos/login/users/avatar/user_image_manager_browsertest.cc b/chrome/browser/chromeos/login/users/avatar/user_image_manager_browsertest.cc index a08a650..44a3bd79 100644 --- a/chrome/browser/chromeos/login/users/avatar/user_image_manager_browsertest.cc +++ b/chrome/browser/chromeos/login/users/avatar/user_image_manager_browsertest.cc @@ -8,6 +8,7 @@ #include <string> #include <vector> +#include "base/command_line.h" #include "base/compiler_specific.h" #include "base/files/file_path.h" #include "base/files/file_util.h" @@ -44,6 +45,7 @@ #include "chrome/test/base/in_process_browser_test.h" #include "chrome/test/base/testing_browser_process.h" #include "chromeos/chromeos_paths.h" +#include "chromeos/chromeos_switches.h" #include "chromeos/dbus/cryptohome_client.h" #include "chromeos/dbus/dbus_thread_manager.h" #include "chromeos/dbus/fake_session_manager_client.h" @@ -117,6 +119,16 @@ class UserImageManagerTest : public LoginManagerTest, ASSERT_TRUE(PathService::Get(chrome::DIR_USER_DATA, &user_data_dir_)); } + void SetUpCommandLine(base::CommandLine* command_line) override { + LoginManagerTest::SetUpCommandLine(command_line); + // These tests create new users and then inject policy after the fact, + // to avoid having to set up a mock policy server. UserCloudPolicyManager + // will shut down the profile if there's an error loading the initial + // policy, so disable this behavior so we can inject policy directly. + command_line->AppendSwitch( + chromeos::switches::kAllowFailedPolicyFetchForTest); + } + void SetUpOnMainThread() override { LoginManagerTest::SetUpOnMainThread(); local_state_ = g_browser_process->local_state(); diff --git a/chrome/browser/chromeos/login/users/wallpaper/wallpaper_manager_policy_browsertest.cc b/chrome/browser/chromeos/login/users/wallpaper/wallpaper_manager_policy_browsertest.cc index 52e43cf..9e6c82e 100644 --- a/chrome/browser/chromeos/login/users/wallpaper/wallpaper_manager_policy_browsertest.cc +++ b/chrome/browser/chromeos/login/users/wallpaper/wallpaper_manager_policy_browsertest.cc @@ -184,6 +184,10 @@ class WallpaperManagerPolicyTest command_line->AppendSwitch(switches::kLoginManager); command_line->AppendSwitch(switches::kForceLoginManagerInTests); + // Allow policy fetches to fail - these tests instead invoke InjectPolicy() + // to directly inject and modify policy dynamically. + command_line->AppendSwitch(switches::kAllowFailedPolicyFetchForTest); + LoginManagerTest::SetUpCommandLine(command_line); } diff --git a/chrome/browser/chromeos/policy/affiliation_test_helper.cc b/chrome/browser/chromeos/policy/affiliation_test_helper.cc index 9a30986..acdba14 100644 --- a/chrome/browser/chromeos/policy/affiliation_test_helper.cc +++ b/chrome/browser/chromeos/policy/affiliation_test_helper.cc @@ -133,6 +133,11 @@ void LoginUser(const std::string& user_id) { void AppendCommandLineSwitchesForLoginManager(base::CommandLine* command_line) { command_line->AppendSwitch(chromeos::switches::kLoginManager); command_line->AppendSwitch(chromeos::switches::kForceLoginManagerInTests); + // LoginManager tests typically don't stand up a policy test server but + // instead inject policies directly through a SessionManagerClient. So allow + // policy fetches to fail - this is expected. + command_line->AppendSwitch( + chromeos::switches::kAllowFailedPolicyFetchForTest); } } // namespace affiliation_test_helper diff --git a/chrome/browser/chromeos/policy/blocking_login_browsertest.cc b/chrome/browser/chromeos/policy/blocking_login_browsertest.cc index a57f3ac..651a926 100644 --- a/chrome/browser/chromeos/policy/blocking_login_browsertest.cc +++ b/chrome/browser/chromeos/policy/blocking_login_browsertest.cc @@ -81,6 +81,11 @@ struct BlockingLoginTestParam { const bool enroll_device; }; +// TODO(atwilson): This test is completely broken - it originally was built +// when we made an entirely different set of network calls on startup. As a +// result it generates random failures in startup network requests, then waits +// to see if the profile finishes loading which is not at all what it is +// intended to test. We need to fix this test or remove it (crbug.com/580537). class BlockingLoginTest : public OobeBaseTest, public content::NotificationObserver, @@ -95,6 +100,9 @@ class BlockingLoginTest command_line->AppendSwitchASCII( policy::switches::kDeviceManagementUrl, embedded_test_server()->GetURL("/device_management").spec()); + + command_line->AppendSwitch( + chromeos::switches::kAllowFailedPolicyFetchForTest); } void SetUpOnMainThread() override { diff --git a/chrome/browser/chromeos/policy/login_policy_test_base.h b/chrome/browser/chromeos/policy/login_policy_test_base.h index 4c44441..76d836e 100644 --- a/chrome/browser/chromeos/policy/login_policy_test_base.h +++ b/chrome/browser/chromeos/policy/login_policy_test_base.h @@ -34,6 +34,10 @@ class LoginPolicyTestBase : public chromeos::OobeBaseTest { virtual void GetMandatoryPoliciesValue(base::DictionaryValue* policy) const; virtual void GetRecommendedPoliciesValue(base::DictionaryValue* policy) const; + UserPolicyTestHelper* user_policy_helper() { + return user_policy_helper_.get(); + } + void SkipToLoginScreen(); void LogIn(const std::string& user_id, const std::string& password); diff --git a/chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.cc b/chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.cc index 7e3610c..8fa1b39 100644 --- a/chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.cc +++ b/chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.cc @@ -9,6 +9,7 @@ #include "base/bind.h" #include "base/bind_helpers.h" +#include "base/command_line.h" #include "base/logging.h" #include "base/metrics/histogram.h" #include "base/metrics/sparse_histogram.h" @@ -24,6 +25,7 @@ #include "chrome/browser/chromeos/policy/wildcard_login_checker.h" #include "chrome/browser/lifetime/application_lifetime.h" #include "chrome/common/chrome_content_client.h" +#include "chromeos/chromeos_switches.h" #include "components/policy/core/common/cloud/cloud_external_data_manager.h" #include "components/policy/core/common/cloud/cloud_policy_refresh_scheduler.h" #include "components/policy/core/common/cloud/device_management_service.h" @@ -31,6 +33,7 @@ #include "components/policy/core/common/policy_map.h" #include "components/policy/core/common/policy_pref_names.h" #include "components/policy/core/common/policy_types.h" +#include "components/user_manager/user.h" #include "components/user_manager/user_manager.h" #include "net/url_request/url_request_context_getter.h" #include "policy/policy_constants.h" @@ -99,7 +102,15 @@ UserCloudPolicyManagerChromeOS::UserCloudPolicyManagerChromeOS( wait_for_policy_fetch_(wait_for_policy_fetch), policy_fetch_timeout_(false, false) { time_init_started_ = base::Time::Now(); - if (wait_for_policy_fetch_ && !initial_policy_fetch_timeout.is_max()) { + + // Caller should pass a non-zero policy_fetch_timeout iff + // |wait_for_policy_fetch| is true. + DCHECK_NE(wait_for_policy_fetch_, initial_policy_fetch_timeout.is_zero()); + allow_failed_policy_fetches_ = + base::CommandLine::ForCurrentProcess()->HasSwitch( + chromeos::switches::kAllowFailedPolicyFetchForTest) || + !initial_policy_fetch_timeout.is_max(); + if (wait_for_policy_fetch_ && allow_failed_policy_fetches_) { policy_fetch_timeout_.Start( FROM_HERE, initial_policy_fetch_timeout, @@ -260,7 +271,7 @@ void UserCloudPolicyManagerChromeOS::OnRegistrationStateChanged( } else { // If the client has switched to not registered, we bail out as this // indicates the cloud policy setup flow has been aborted. - CancelWaitForPolicyFetch(); + CancelWaitForPolicyFetch(true); } } } @@ -272,7 +283,18 @@ void UserCloudPolicyManagerChromeOS::OnClientError( UMA_HISTOGRAM_SPARSE_SLOWLY(kUMAInitialFetchClientError, cloud_policy_client->status()); } - CancelWaitForPolicyFetch(); + switch (client()->status()) { + case DM_STATUS_SUCCESS: + case DM_STATUS_SERVICE_MANAGEMENT_NOT_SUPPORTED: + // If management is not supported for this user, then a registration + // error is to be expected. + CancelWaitForPolicyFetch(true); + break; + default: + // Unexpected error fetching policy. + CancelWaitForPolicyFetch(false); + break; + } } void UserCloudPolicyManagerChromeOS::OnComponentCloudPolicyUpdated() { @@ -354,9 +376,6 @@ void UserCloudPolicyManagerChromeOS::OnOAuth2PolicyTokenFetched( policy_token, std::string(), std::string(), std::string()); } else { - // Failed to get a token, stop waiting and use an empty policy. - CancelWaitForPolicyFetch(); - UMA_HISTOGRAM_ENUMERATION(kUMAInitialFetchOAuth2Error, error.state(), GoogleServiceAuthError::NUM_STATES); @@ -366,6 +385,9 @@ void UserCloudPolicyManagerChromeOS::OnOAuth2PolicyTokenFetched( UMA_HISTOGRAM_SPARSE_SLOWLY(kUMAInitialFetchOAuth2NetworkError, -error.network_error()); } + // Failed to get a token, stop waiting if policy is not required for this + // user. + CancelWaitForPolicyFetch(false); } token_fetcher_.reset(); @@ -378,23 +400,38 @@ void UserCloudPolicyManagerChromeOS::OnInitialPolicyFetchComplete( now - time_client_registered_); UMA_HISTOGRAM_MEDIUM_TIMES(kUMAInitialFetchDelayTotal, now - time_init_started_); - CancelWaitForPolicyFetch(); + CancelWaitForPolicyFetch(success); } void UserCloudPolicyManagerChromeOS::OnBlockingFetchTimeout() { if (!wait_for_policy_fetch_) return; - LOG(WARNING) << "Timed out while waiting for the initial policy fetch. " - << "The first session will start without policy."; - CancelWaitForPolicyFetch(); + LOG(WARNING) << "Timed out while waiting for the policy fetch. " + << "The session will start with the cached policy."; + CancelWaitForPolicyFetch(false); } -void UserCloudPolicyManagerChromeOS::CancelWaitForPolicyFetch() { +void UserCloudPolicyManagerChromeOS::CancelWaitForPolicyFetch(bool success) { if (!wait_for_policy_fetch_) return; - wait_for_policy_fetch_ = false; policy_fetch_timeout_.Stop(); + + // If there was an error, and we don't want to allow profile initialization + // to go forward after a failed policy fetch, then just return (profile + // initialization will not complete). + // TODO(atwilson): Add code to retry policy fetching. + if (!success && !allow_failed_policy_fetches_) { + LOG(ERROR) << "Policy fetch failed for " + << user_manager::UserManager::Get()->GetActiveUser()->email() + << " - aborting profile initialization"; + // Need to exit the current user, because we've already started this user's + // session. + chrome::AttemptUserExit(); + return; + } + + wait_for_policy_fetch_ = false; CheckAndPublishPolicy(); // Now that |wait_for_policy_fetch_| is guaranteed to be false, the scheduler // can be started. diff --git a/chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.h b/chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.h index a0eb497..c19588d 100644 --- a/chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.h +++ b/chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.h @@ -132,8 +132,10 @@ class UserCloudPolicyManagerChromeOS : public CloudPolicyManager, // Cancels waiting for the policy fetch and flags the // ConfigurationPolicyProvider ready (assuming all other initialization tasks - // have completed). - void CancelWaitForPolicyFetch(); + // have completed). Pass |true| if policy fetch was successful (either + // because policy was successfully fetched, or if DMServer has notified us + // that the user is not managed). + void CancelWaitForPolicyFetch(bool success); void StartRefreshSchedulerIfReady(); @@ -153,6 +155,11 @@ class UserCloudPolicyManagerChromeOS : public CloudPolicyManager, // IsInitializationComplete(). bool wait_for_policy_fetch_; + // Whether we should allow policy fetches to fail, or wait forever until they + // succeed (typically we won't allow them to fail until we have loaded policy + // at least once). + bool allow_failed_policy_fetches_; + // A timer that puts a hard limit on the maximum time to wait for the initial // policy fetch. base::Timer policy_fetch_timeout_; diff --git a/chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos_browsertest.cc b/chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos_browsertest.cc index 6ae59a6..f8d91e7 100644 --- a/chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos_browsertest.cc +++ b/chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos_browsertest.cc @@ -7,14 +7,54 @@ #include "base/macros.h" #include "base/memory/scoped_ptr.h" +#include "base/run_loop.h" #include "base/values.h" +#include "chrome/browser/chrome_notification_types.h" +#include "chrome/browser/chromeos/login/ui/webui_login_display.h" #include "chrome/browser/chromeos/policy/login_policy_test_base.h" +#include "chrome/browser/chromeos/policy/user_policy_test_helper.h" #include "chrome/browser/prefs/session_startup_pref.h" #include "chrome/browser/ui/browser.h" #include "chrome/browser/ui/browser_list.h" #include "chrome/browser/ui/host_desktop.h" #include "chrome/browser/ui/tabs/tab_strip_model.h" +#include "components/user_manager/user.h" +#include "components/user_manager/user_manager.h" +#include "content/public/browser/notification_observer.h" +#include "content/public/browser/notification_registrar.h" +#include "content/public/browser/notification_service.h" #include "policy/policy_constants.h" +#include "testing/gtest/include/gtest/gtest.h" + +namespace { +// Helper class that counts the number of notifications of the specified +// type that have been received. +class CountNotificationObserver : public content::NotificationObserver { + public: + CountNotificationObserver(int notification_type_to_count, + const content::NotificationSource& source) + : notification_count_(0) { + registrar_.Add(this, notification_type_to_count, source); + } + + // NotificationObserver: + void Observe(int type, + const content::NotificationSource& source, + const content::NotificationDetails& details) override { + // Count the number of notifications seen. + notification_count_++; + } + + int notification_count() const { return notification_count_; } + + private: + int notification_count_; + content::NotificationRegistrar registrar_; + + DISALLOW_COPY_AND_ASSIGN(CountNotificationObserver); +}; + +} // namespace namespace policy { @@ -42,6 +82,12 @@ IN_PROC_BROWSER_TEST_F(UserCloudPolicyManagerTest, StartSession) { SkipToLoginScreen(); LogIn(kAccountId, kAccountPassword); + // User should be marked as having a valid OAuth token. + const user_manager::UserManager* const user_manager = + user_manager::UserManager::Get(); + EXPECT_EQ(user_manager::User::OAUTH2_TOKEN_STATUS_VALID, + user_manager->GetActiveUser()->oauth_token_status()); + // Check that the startup pages specified in policy were opened. BrowserList* browser_list = BrowserList::GetInstance(); EXPECT_EQ(1U, browser_list->size()); @@ -58,4 +104,24 @@ IN_PROC_BROWSER_TEST_F(UserCloudPolicyManagerTest, StartSession) { } } +IN_PROC_BROWSER_TEST_F(UserCloudPolicyManagerTest, ErrorLoadingPolicy) { + // Delete the policy file - this will cause a 500 error on policy requests. + user_policy_helper()->DeletePolicyFile(); + SkipToLoginScreen(); + CountNotificationObserver observer( + chrome::NOTIFICATION_SESSION_STARTED, + content::NotificationService::AllSources()); + GetLoginDisplay()->ShowSigninScreenForCreds(kAccountId, kAccountPassword); + base::RunLoop().Run(); + // Should not receive a SESSION_STARTED notification. + ASSERT_EQ(0, observer.notification_count()); + + // User should not be marked as having a valid OAuth token. That way, if we + // try to load the user in the future, we will attempt to load policy again. + const user_manager::UserManager* user_manager = + user_manager::UserManager::Get(); + EXPECT_NE(user_manager::User::OAUTH2_TOKEN_STATUS_VALID, + user_manager->GetActiveUser()->oauth_token_status()); +} + } // namespace policy diff --git a/chrome/browser/chromeos/policy/user_cloud_policy_manager_factory_chromeos.cc b/chrome/browser/chromeos/policy/user_cloud_policy_manager_factory_chromeos.cc index 3fad89c..7695acf 100644 --- a/chrome/browser/chromeos/policy/user_cloud_policy_manager_factory_chromeos.cc +++ b/chrome/browser/chromeos/policy/user_cloud_policy_manager_factory_chromeos.cc @@ -149,16 +149,35 @@ scoped_ptr<UserCloudPolicyManagerChromeOS> g_browser_process->platform_part()->browser_policy_connector_chromeos(); const bool is_browser_restart = command_line->HasSwitch(chromeos::switches::kLoginUser); - const bool wait_for_initial_policy = !is_browser_restart; - - const base::TimeDelta initial_policy_fetch_timeout = - user_manager::UserManager::Get()->IsCurrentUserNew() - ? base::TimeDelta::Max() - : base::TimeDelta::FromSeconds(kInitialPolicyFetchTimeoutSeconds); + const user_manager::UserManager* const user_manager = + user_manager::UserManager::Get(); + + // We want to block for policy in a few situations: if the user is new, or + // if we are forcing an online signin. An online signin will be forced if + // there has been a credential error, or if the initial session creation + // was not completed (the oauth_token_status is not set to valid by + // OAuth2LoginManager until profile creation/session restore is complete). + const bool block_forever_for_policy = + !user_manager->IsLoggedInAsStub() && + (user_manager->IsCurrentUserNew() || + user_manager->GetActiveUser()->force_online_signin() || + user_manager->GetActiveUser()->oauth_token_status() != + user_manager::User::OAUTH2_TOKEN_STATUS_VALID); + + const bool wait_for_policy_fetch = + block_forever_for_policy || !is_browser_restart; + + base::TimeDelta initial_policy_fetch_timeout; + if (block_forever_for_policy) { + initial_policy_fetch_timeout = base::TimeDelta::Max(); + } else if (wait_for_policy_fetch) { + initial_policy_fetch_timeout = + base::TimeDelta::FromSeconds(kInitialPolicyFetchTimeoutSeconds); + } DeviceManagementService* device_management_service = connector->device_management_service(); - if (wait_for_initial_policy) + if (wait_for_policy_fetch) device_management_service->ScheduleInitialization(0); base::FilePath profile_dir = profile->GetPath(); @@ -201,7 +220,7 @@ scoped_ptr<UserCloudPolicyManagerChromeOS> scoped_ptr<UserCloudPolicyManagerChromeOS> manager( new UserCloudPolicyManagerChromeOS( std::move(store), std::move(external_data_manager), - component_policy_cache_dir, wait_for_initial_policy, + component_policy_cache_dir, wait_for_policy_fetch, initial_policy_fetch_timeout, base::ThreadTaskRunnerHandle::Get(), file_task_runner, io_task_runner)); diff --git a/chrome/browser/chromeos/policy/user_policy_test_helper.cc b/chrome/browser/chromeos/policy/user_policy_test_helper.cc index b439621..5f6d28f 100644 --- a/chrome/browser/chromeos/policy/user_policy_test_helper.cc +++ b/chrome/browser/chromeos/policy/user_policy_test_helper.cc @@ -128,6 +128,10 @@ void UserPolicyTestHelper::UpdatePolicy( run_loop.Run(); } +void UserPolicyTestHelper::DeletePolicyFile() { + base::DeleteFile(PolicyFilePath(), false); +} + void UserPolicyTestHelper::WritePolicyFile( const base::DictionaryValue& mandatory, const base::DictionaryValue& recommended) { diff --git a/chrome/browser/chromeos/policy/user_policy_test_helper.h b/chrome/browser/chromeos/policy/user_policy_test_helper.h index 941a067..a59fc91 100644 --- a/chrome/browser/chromeos/policy/user_policy_test_helper.h +++ b/chrome/browser/chromeos/policy/user_policy_test_helper.h @@ -49,6 +49,8 @@ class UserPolicyTestHelper { const base::DictionaryValue& recommended_policy, Profile* profile); + void DeletePolicyFile(); + private: void WritePolicyFile(const base::DictionaryValue& mandatory, const base::DictionaryValue& recommended); diff --git a/chrome/browser/policy/test/policy_testserver.py b/chrome/browser/policy/test/policy_testserver.py index 480124c..c7f933d 100644 --- a/chrome/browser/policy/test/policy_testserver.py +++ b/chrome/browser/policy/test/policy_testserver.py @@ -376,6 +376,8 @@ class PolicyRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler): return (403, 'No authorization') policy = self.server.GetPolicies() + if ('managed_users' not in policy): + return (500, 'error in config - no managed users') username = self.server.ResolveUser(auth) if ('*' not in policy['managed_users'] and username not in policy['managed_users']): @@ -990,7 +992,7 @@ class PolicyTestServer(testserver_base.BrokenPipeHandlerMixIn, pass def GetPolicies(self): - """Returns the policies to be used, reloaded form the backend file every + """Returns the policies to be used, reloaded from the backend file every time this is called. """ policy = {} diff --git a/chrome/browser/ui/webui/local_discovery/local_discovery_ui_browsertest.cc b/chrome/browser/ui/webui/local_discovery/local_discovery_ui_browsertest.cc index 6289045..a223179 100644 --- a/chrome/browser/ui/webui/local_discovery/local_discovery_ui_browsertest.cc +++ b/chrome/browser/ui/webui/local_discovery/local_discovery_ui_browsertest.cc @@ -226,19 +226,19 @@ const char kResponseInfoWithID[] = "{" const char kResponseRegisterStart[] = "{" " \"action\": \"start\"," - " \"user\": \"user@host.com\"" + " \"user\": \"user@consumer.example.com\"" "}"; const char kResponseRegisterClaimTokenNoConfirm[] = "{" " \"action\": \"getClaimToken\"," - " \"user\": \"user@host.com\"," + " \"user\": \"user@consumer.example.com\"," " \"error\": \"pending_user_action\"," " \"timeout\": 1" "}"; const char kResponseRegisterClaimTokenConfirm[] = "{" " \"action\": \"getClaimToken\"," - " \"user\": \"user@host.com\"," + " \"user\": \"user@consumer.example.com\"," " \"token\": \"MySampleToken\"," " \"claim_url\": \"http://someurl.com/\"" "}"; @@ -247,7 +247,7 @@ const char kResponseCloudPrintConfirm[] = "{ \"success\": true }"; const char kResponseRegisterComplete[] = "{" " \"action\": \"complete\"," - " \"user\": \"user@host.com\"," + " \"user\": \"user@consumer.example.com\"," " \"device_id\": \"my_id\"" "}"; @@ -264,20 +264,22 @@ const char kResponseGaiaId[] = "{" const char kURLInfo[] = "http://1.2.3.4:8888/privet/info"; const char kURLRegisterStart[] = - "http://1.2.3.4:8888/privet/register?action=start&user=user%40host.com"; + "http://1.2.3.4:8888/privet/register?action=start&" + "user=user%40consumer.example.com"; const char kURLRegisterClaimToken[] = "http://1.2.3.4:8888/privet/register?action=getClaimToken&" - "user=user%40host.com"; + "user=user%40consumer.example.com"; const char kURLCloudPrintConfirm[] = "https://www.google.com/cloudprint/confirm?token=MySampleToken"; const char kURLRegisterComplete[] = - "http://1.2.3.4:8888/privet/register?action=complete&user=user%40host.com"; + "http://1.2.3.4:8888/privet/register?action=complete&" + "user=user%40consumer.example.com"; const char kSampleGaiaId[] = "12345"; -const char kSampleUser[] = "user@host.com"; +const char kSampleUser[] = "user@consumer.example.com"; class TestMessageLoopCondition { public: diff --git a/chromeos/chromeos_switches.cc b/chromeos/chromeos_switches.cc index 7958d31..b148ac7 100644 --- a/chromeos/chromeos_switches.cc +++ b/chromeos/chromeos_switches.cc @@ -12,6 +12,11 @@ namespace chromeos { namespace switches { +// If this flag is passed, failed policy fetches will not cause profile +// initialization to fail. This is useful for tests because it means that +// tests don't have to mock out the policy infrastructure. +const char kAllowFailedPolicyFetchForTest[] = + "allow-failed-policy-fetch-for-test"; // Allows remote attestation (RA) in dev mode for testing purpose. Usually RA // is disabled in dev mode because it will always fail. However, there are cases diff --git a/chromeos/chromeos_switches.h b/chromeos/chromeos_switches.h index b4782ec..87e7a4c 100644 --- a/chromeos/chromeos_switches.h +++ b/chromeos/chromeos_switches.h @@ -21,6 +21,7 @@ namespace switches { // see chromeos::LoginUtil::GetOffTheRecordCommandLine().) // Please keep alphabetized. +CHROMEOS_EXPORT extern const char kAllowFailedPolicyFetchForTest[]; CHROMEOS_EXPORT extern const char kAllowRAInDevMode[]; CHROMEOS_EXPORT extern const char kAppOemManifestFile[]; CHROMEOS_EXPORT extern const char kArtifactsDir[]; diff --git a/components/policy/core/browser/browser_policy_connector.cc b/components/policy/core/browser/browser_policy_connector.cc index f4908c0..a680fc5 100644 --- a/components/policy/core/browser/browser_policy_connector.cc +++ b/components/policy/core/browser/browser_policy_connector.cc @@ -42,9 +42,7 @@ void ReportRegexSuccessMetric(bool success) { } // Regexes that match many of the larger public email providers as we know -// these users are not from hosted enterprise domains. Keep this list in sync -// with the EnterpriseDomainRegex enum in histograms.xml (i.e. only add things -// at the end). +// these users are not from hosted enterprise domains. const wchar_t* const kNonManagedDomainPatterns[] = { L"aol\\.com", L"googlemail\\.com", @@ -56,6 +54,7 @@ const wchar_t* const kNonManagedDomainPatterns[] = { L"qq\\.com", L"yahoo(\\.co|\\.com|)\\.[^.]+", // yahoo.com, yahoo.co.uk, yahoo.com.tw L"yandex\\.ru", + L"consumer\\.example\\.com", }; // Returns true if |domain| matches the regex |pattern|. |