diff options
Diffstat (limited to 'chromium/components/policy/core/browser/url_blocklist_policy_handler_unittest.cc')
-rw-r--r-- | chromium/components/policy/core/browser/url_blocklist_policy_handler_unittest.cc | 317 |
1 files changed, 317 insertions, 0 deletions
diff --git a/chromium/components/policy/core/browser/url_blocklist_policy_handler_unittest.cc b/chromium/components/policy/core/browser/url_blocklist_policy_handler_unittest.cc new file mode 100644 index 00000000000..b693f460dd2 --- /dev/null +++ b/chromium/components/policy/core/browser/url_blocklist_policy_handler_unittest.cc @@ -0,0 +1,317 @@ +// Copyright 2014 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "components/policy/core/browser/url_blocklist_policy_handler.h" + +#include <memory> +#include <utility> + +#include "base/strings/string_number_conversions.h" +#include "base/values.h" +#include "components/policy/core/browser/policy_error_map.h" +#include "components/policy/core/common/policy_map.h" +#include "components/policy/core/common/policy_pref_names.h" +#include "components/policy/core/common/policy_types.h" +#include "components/policy/policy_constants.h" +#include "components/prefs/pref_value_map.h" +#include "components/strings/grit/components_strings.h" +#include "components/url_matcher/url_util.h" +#include "testing/gtest/include/gtest/gtest.h" +#include "ui/base/l10n/l10n_util.h" + +// Note: this file should move to components/policy/core/browser, but the +// components_unittests runner does not load the ResourceBundle as +// ChromeTestSuite::Initialize does, which leads to failures using +// PolicyErrorMap. + +namespace policy { + +namespace { + +const char kTestDisabledScheme[] = "kTestDisabledScheme"; +const char kTestBlocklistValue[] = "kTestBlocklistValue"; + +} // namespace + +class URLBlocklistPolicyHandlerTest : public testing::Test { + public: + void SetUp() override { + handler_ = std::make_unique<URLBlocklistPolicyHandler>(key::kURLBlocklist); + } + + protected: + void SetPolicy(const std::string& key, base::Value value) { + policies_.Set(key, POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, + POLICY_SOURCE_CLOUD, std::move(value), nullptr); + } + bool CheckPolicy(const std::string& key, base::Value value) { + SetPolicy(key, std::move(value)); + return handler_->CheckPolicySettings(policies_, &errors_); + } + void ApplyPolicies() { handler_->ApplyPolicySettings(policies_, &prefs_); } + bool ValidatePolicy(const std::string& policy) { + return handler_->ValidatePolicy(policy); + } + base::Value GetURLBlocklistPolicyValueWithEntries(size_t len) { + std::vector<base::Value> blocklist(len); + for (auto& entry : blocklist) + entry = base::Value(kTestBlocklistValue); + return base::Value(std::move(blocklist)); + } + + std::unique_ptr<URLBlocklistPolicyHandler> handler_; + PolicyErrorMap errors_; + PolicyMap policies_; + PrefValueMap prefs_; +}; + +TEST_F(URLBlocklistPolicyHandlerTest, + CheckPolicySettings_DisabledSchemesUnspecified) { + EXPECT_TRUE( + CheckPolicy(key::kURLBlocklist, base::Value(base::Value::Type::LIST))); + EXPECT_EQ(0U, errors_.size()); +} + +TEST_F(URLBlocklistPolicyHandlerTest, + CheckPolicySettings_URLBlocklistUnspecified) { + EXPECT_TRUE( + CheckPolicy(key::kDisabledSchemes, base::Value(base::Value::Type::LIST))); + EXPECT_EQ(0U, errors_.size()); +} + +TEST_F(URLBlocklistPolicyHandlerTest, + CheckPolicySettings_DisabledSchemesWrongType) { + // The policy expects a list. Give it a boolean. + EXPECT_TRUE(CheckPolicy(key::kDisabledSchemes, base::Value(false))); + EXPECT_EQ(1U, errors_.size()); + const std::string expected = key::kDisabledSchemes; + const std::string actual = errors_.begin()->first; + EXPECT_EQ(expected, actual); +} + +TEST_F(URLBlocklistPolicyHandlerTest, + CheckPolicySettings_URLBlocklistWrongType) { + // The policy expects a list. Give it a boolean. + EXPECT_TRUE(CheckPolicy(key::kURLBlocklist, base::Value(false))); + EXPECT_EQ(1U, errors_.size()); + const std::string expected = key::kURLBlocklist; + const std::string actual = errors_.begin()->first; + EXPECT_EQ(expected, actual); +} + +TEST_F(URLBlocklistPolicyHandlerTest, ApplyPolicySettings_NothingSpecified) { + ApplyPolicies(); + EXPECT_FALSE(prefs_.GetValue(policy_prefs::kUrlBlocklist, nullptr)); +} + +TEST_F(URLBlocklistPolicyHandlerTest, + ApplyPolicySettings_DisabledSchemesWrongType) { + // The policy expects a list. Give it a boolean. + SetPolicy(key::kDisabledSchemes, base::Value(false)); + ApplyPolicies(); + EXPECT_FALSE(prefs_.GetValue(policy_prefs::kUrlBlocklist, nullptr)); +} + +TEST_F(URLBlocklistPolicyHandlerTest, + ApplyPolicySettings_URLBlocklistWrongType) { + // The policy expects a list. Give it a boolean. + SetPolicy(key::kURLBlocklist, base::Value(false)); + ApplyPolicies(); + EXPECT_FALSE(prefs_.GetValue(policy_prefs::kUrlBlocklist, nullptr)); +} + +TEST_F(URLBlocklistPolicyHandlerTest, + ApplyPolicySettings_DisabledSchemesEmpty) { + SetPolicy(key::kDisabledSchemes, base::Value(base::Value::Type::LIST)); + ApplyPolicies(); + base::Value* out; + EXPECT_TRUE(prefs_.GetValue(policy_prefs::kUrlBlocklist, &out)); + ASSERT_TRUE(out->is_list()); + EXPECT_EQ(0U, out->GetListDeprecated().size()); +} + +TEST_F(URLBlocklistPolicyHandlerTest, ApplyPolicySettings_URLBlocklistEmpty) { + SetPolicy(key::kURLBlocklist, base::Value(base::Value::Type::LIST)); + ApplyPolicies(); + base::Value* out; + EXPECT_TRUE(prefs_.GetValue(policy_prefs::kUrlBlocklist, &out)); + ASSERT_TRUE(out->is_list()); + EXPECT_EQ(0U, out->GetListDeprecated().size()); +} + +TEST_F(URLBlocklistPolicyHandlerTest, + ApplyPolicySettings_DisabledSchemesWrongElementType) { + // The policy expects string-valued elements. Give it booleans. + base::Value in(base::Value::Type::LIST); + in.Append(false); + SetPolicy(key::kDisabledSchemes, std::move(in)); + ApplyPolicies(); + + // The element should be skipped. + base::Value* out; + EXPECT_TRUE(prefs_.GetValue(policy_prefs::kUrlBlocklist, &out)); + ASSERT_TRUE(out->is_list()); + EXPECT_EQ(0U, out->GetListDeprecated().size()); +} + +TEST_F(URLBlocklistPolicyHandlerTest, + ApplyPolicySettings_URLBlocklistWrongElementType) { + // The policy expects string-valued elements. Give it booleans. + base::Value in(base::Value::Type::LIST); + in.Append(false); + SetPolicy(key::kURLBlocklist, std::move(in)); + ApplyPolicies(); + + // The element should be skipped. + base::Value* out; + EXPECT_TRUE(prefs_.GetValue(policy_prefs::kUrlBlocklist, &out)); + ASSERT_TRUE(out->is_list()); + EXPECT_EQ(0U, out->GetListDeprecated().size()); +} + +TEST_F(URLBlocklistPolicyHandlerTest, + ApplyPolicySettings_DisabledSchemesSuccessful) { + base::Value in_disabled_schemes(base::Value::Type::LIST); + in_disabled_schemes.Append(kTestDisabledScheme); + SetPolicy(key::kDisabledSchemes, std::move(in_disabled_schemes)); + ApplyPolicies(); + + base::Value* out; + EXPECT_TRUE(prefs_.GetValue(policy_prefs::kUrlBlocklist, &out)); + ASSERT_TRUE(out->is_list()); + EXPECT_EQ(1U, out->GetListDeprecated().size()); + + const std::string* out_string = out->GetListDeprecated()[0].GetIfString(); + ASSERT_TRUE(out_string); + EXPECT_EQ(kTestDisabledScheme + std::string("://*"), *out_string); +} + +TEST_F(URLBlocklistPolicyHandlerTest, + ApplyPolicySettings_URLBlocklistSuccessful) { + base::Value in_url_blocklist(base::Value::Type::LIST); + in_url_blocklist.Append(kTestBlocklistValue); + SetPolicy(key::kURLBlocklist, std::move(in_url_blocklist)); + ApplyPolicies(); + + base::Value* out; + EXPECT_TRUE(prefs_.GetValue(policy_prefs::kUrlBlocklist, &out)); + ASSERT_TRUE(out->is_list()); + EXPECT_EQ(1U, out->GetListDeprecated().size()); + + const std::string* out_string = out->GetListDeprecated()[0].GetIfString(); + ASSERT_TRUE(out_string); + EXPECT_EQ(kTestBlocklistValue, *out_string); +} + +TEST_F(URLBlocklistPolicyHandlerTest, ApplyPolicySettings_MergeSuccessful) { + base::Value in_disabled_schemes(base::Value::Type::LIST); + in_disabled_schemes.Append(kTestDisabledScheme); + SetPolicy(key::kDisabledSchemes, std::move(in_disabled_schemes)); + + base::Value in_url_blocklist(base::Value::Type::LIST); + in_url_blocklist.Append(kTestBlocklistValue); + SetPolicy(key::kURLBlocklist, std::move(in_url_blocklist)); + ApplyPolicies(); + + base::Value* out; + EXPECT_TRUE(prefs_.GetValue(policy_prefs::kUrlBlocklist, &out)); + ASSERT_TRUE(out->is_list()); + ASSERT_EQ(2U, out->GetListDeprecated().size()); + + const std::string* out_string1 = out->GetListDeprecated()[0].GetIfString(); + ASSERT_TRUE(out_string1); + EXPECT_EQ(kTestDisabledScheme + std::string("://*"), *out_string1); + + const std::string* out_string2 = out->GetListDeprecated()[1].GetIfString(); + ASSERT_TRUE(out_string2); + EXPECT_EQ(kTestBlocklistValue, *out_string2); +} + +TEST_F(URLBlocklistPolicyHandlerTest, + ApplyPolicySettings_CheckPolicySettingsMaxFiltersLimitOK) { + size_t max_filters_per_policy = policy::kMaxUrlFiltersPerPolicy; + base::Value urls = + GetURLBlocklistPolicyValueWithEntries(max_filters_per_policy); + + EXPECT_TRUE(CheckPolicy(key::kURLBlocklist, std::move(urls))); + EXPECT_EQ(0U, errors_.size()); + + ApplyPolicies(); + + base::Value* out; + EXPECT_TRUE(prefs_.GetValue(policy_prefs::kUrlBlocklist, &out)); + ASSERT_TRUE(out->is_list()); + EXPECT_EQ(max_filters_per_policy, out->GetListDeprecated().size()); +} + +// Test that the warning message, mapped to +// |IDS_POLICY_URL_ALLOW_BLOCK_LIST_MAX_FILTERS_LIMIT_WARNING|, is added to +// |errors_| when URLBlocklist entries exceed the max filters per policy limit. +TEST_F(URLBlocklistPolicyHandlerTest, + ApplyPolicySettings_CheckPolicySettingsMaxFiltersLimitExceeded_1) { + size_t max_filters_per_policy = policy::kMaxUrlFiltersPerPolicy; + base::Value urls = + GetURLBlocklistPolicyValueWithEntries(max_filters_per_policy + 1); + + EXPECT_TRUE(CheckPolicy(key::kURLBlocklist, std::move(urls))); + EXPECT_EQ(1U, errors_.size()); + + ApplyPolicies(); + + auto error_str = errors_.GetErrors(key::kURLBlocklist); + auto expected_str = l10n_util::GetStringFUTF16( + IDS_POLICY_URL_ALLOW_BLOCK_LIST_MAX_FILTERS_LIMIT_WARNING, + base::NumberToString16(max_filters_per_policy)); + EXPECT_TRUE(error_str.find(expected_str) != std::wstring::npos); + + base::Value* out; + EXPECT_TRUE(prefs_.GetValue(policy_prefs::kUrlBlocklist, &out)); + ASSERT_TRUE(out->is_list()); + EXPECT_EQ(max_filters_per_policy + 1, out->GetListDeprecated().size()); +} + +// Test that the warning message, mapped to +// |IDS_POLICY_URL_ALLOW_BLOCK_LIST_MAX_FILTERS_LIMIT_WARNING|, is added to +// |errors_| when URLBlocklist + DisabledScheme entries exceed the max filters +// per policy limit. +TEST_F(URLBlocklistPolicyHandlerTest, + ApplyPolicySettings_CheckPolicySettingsMaxFiltersLimitExceeded_2) { + base::Value in_disabled_schemes(base::Value::Type::LIST); + in_disabled_schemes.Append(kTestDisabledScheme); + SetPolicy(key::kDisabledSchemes, std::move(in_disabled_schemes)); + + size_t max_filters_per_policy = policy::kMaxUrlFiltersPerPolicy; + base::Value urls = + GetURLBlocklistPolicyValueWithEntries(max_filters_per_policy); + + EXPECT_TRUE(CheckPolicy(key::kURLBlocklist, std::move(urls))); + EXPECT_EQ(1U, errors_.size()); + + ApplyPolicies(); + + auto error_str = errors_.GetErrors(key::kURLBlocklist); + auto expected_str = l10n_util::GetStringFUTF16( + IDS_POLICY_URL_ALLOW_BLOCK_LIST_MAX_FILTERS_LIMIT_WARNING, + base::NumberToString16(max_filters_per_policy)); + EXPECT_TRUE(error_str.find(expected_str) != std::wstring::npos); + + base::Value* out; + EXPECT_TRUE(prefs_.GetValue(policy_prefs::kUrlBlocklist, &out)); + ASSERT_TRUE(out->is_list()); + EXPECT_EQ(max_filters_per_policy + 1, out->GetListDeprecated().size()); +} + +TEST_F(URLBlocklistPolicyHandlerTest, ValidatePolicy) { + EXPECT_TRUE(ValidatePolicy("http://*")); + EXPECT_TRUE(ValidatePolicy("http:*")); + + EXPECT_TRUE(ValidatePolicy("ws://example.org/component.js")); + EXPECT_FALSE(ValidatePolicy("wsgi:///rancom,org/")); + + EXPECT_TRUE(ValidatePolicy("127.0.0.1:1")); + EXPECT_TRUE(ValidatePolicy("127.0.0.1:65535")); + EXPECT_FALSE(ValidatePolicy("127.0.0.1:65536")); +} + +} // namespace policy |