blob: d705b035dd0cd74bdf90c7d5530f99c39c6a2057 [file] [log] [blame]
# Copyright 2015 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
import json
import logging
import os
from autotest_lib.client.bin import utils
from autotest_lib.client.common_lib import error
from autotest_lib.client.common_lib.cros import chrome
from autotest_lib.client.cros import cryptohome
from autotest_lib.client.cros import enterprise_base
'prod': [],
'prod': '',
'cr-dev': '',
'cr-auto': '',
'dm-test': '',
'dm-fake': ''
ENTERPRISE_DMSERVER = '--device-management-url=%s'
class EnterprisePolicyTest(enterprise_base.EnterpriseTest):
"""Base class for Enterprise Policy Tests."""
def setup(self):
def initialize(self, args=()):
# Start AutoTest DM Server if using local fake server.
if self.env == 'dm-fake':
def cleanup(self):
# Clean up AutoTest DM Server if using local fake server.
if self.env == 'dm-fake':
super(EnterprisePolicyTest, self).cleanup()
# Close Chrome instance if opened.
def _initialize_test_context(self, args=()):
Initializes class-level test context parameters.
@raises error.TestError if an arg is given an invalid value or some
combination of args is given incompatible values.
# Extract local parameters from command line args.
args_dict = utils.args_to_dict(args)
self.mode = args_dict.get('mode', 'all') = args_dict.get('case')
self.value = args_dict.get('value')
self.env = args_dict.get('env', 'dm-fake')
self.username = args_dict.get('username')
self.password = args_dict.get('password')
self.dms_name = args_dict.get('dms_name')
# If |mode| is 'all', then |env| must be 'dm-fake', and
# the |case| and |value| args must not be given.
if self.mode == 'all':
if self.env != 'dm-fake':
raise error.TestError('env must be "dm-fake" '
'when mode=all.')
raise error.TestError('case must not be given '
'when mode=all.')
if self.value:
raise error.TestError('value must not be given '
'when mode=all.')
# If |value| is given, set |is_value_given| flag to True. And if
# |value| was given as 'none' or '', then set |value| to None.
if self.value is not None:
self.is_value_given = True
if self.value.lower() == 'none' or self.value == '':
self.value = None
self.is_value_given = False
# Verify |env| is a valid environment.
if self.env not in ENTERPRISE_FLAGS_DICT:
raise error.TestError('env=%s is invalid.' % self.env)
# If |env| is 'dm-fake', ensure value and credentials are not given.
if self.env == 'dm-fake':
if self.is_value_given:
raise error.TestError('value must not be given when using '
'the fake DM Server.')
if self.username or self.password:
raise error.TestError('user credentials must not be given '
'when using the fake DM Server.')
# If either credential is not given, set both to default.
if self.username is None or self.password is None:
self.username = self.USERNAME
self.password = self.PASSWORD
# Verify |case| is given iff |mode|==single.
if self.mode == 'single' and not
raise error.TestError('case must be given when mode is single.')
if self.mode != 'single' and
raise error.TestError('case must not be given when mode is not '
# Verify |case| is given if a |value| is given.
if self.is_value_given and is None:
raise error.TestError('value must not be given without also '
'giving a test case.')
# Verify |dms_name| is given iff |env|==dm-test.
if self.env == 'dm-test' and not self.dms_name:
raise error.TestError('dms_name must be given when using '
if self.env != 'dm-test' and self.dms_name:
raise error.TestError('dms_name must not be given when not using '
# Log the test context parameters.'Test Context Parameters:')' Run Mode: %r', self.mode)' Test Case: %r',' Expected Value: %r', self.value)' Environment: %r', self.env)' Username: %r', self.username)' Password: %r', self.password)' Test DMS Name: %r', self.dms_name)
def _initialize_chrome_extra_flags(self):
"""Initializes flags used to create Chrome instance."""
# Construct DM Server URL flags.
env_flag_list = []
if self.env != 'prod':
if self.env == 'dm-fake':
# Use URL provided by AutoTest DM server.
dmserver_str = (ENTERPRISE_DMSERVER % self.dm_server_url)
# Use URL defined in DMS URL dictionary.
dmserver_str = (ENTERPRISE_DMSERVER %
if self.env == 'dm-test':
dmserver_str = (dmserver_str % self.dms_name)
# Merge with other flags needed by non-prod enviornment.
env_flag_list = ([dmserver_str] +
self.extra_flags = env_flag_list = None
def setup_case(self, policy_name, policy_value, policies_json):
Sets up preconditions for a single test case.
If the AutoTest fake DM Server is initialized, upload |policies_json|
to it. Sign in to Chrome OS. Open the Policies page. Verify that the
user successfully signed in. Verify that the Policies page shows the
specified |policy_name| and has the correct |policy_value|.
@param policy_name: Name of the policy under test.
@param policy_value: Expected value to appear on chrome://policy page.
@param policies_json: JSON string to set up the fake DMS policy value.
@raises error.TestError if cryptohome vault is not mounted for user.
@raises error.TestFail if |policy_name| and |policy_value| are not
shown on the Policies page.
# Set up policy on AutoTest DM Server only if initialized.
if self.env == 'dm-fake':
# Launch Chrome browser.'Chrome Browser Arguments:')' extra_browser_args: %s', self.extra_flags)' username: %s', self.username)' password: %s', self.password) = chrome.Chrome(extra_browser_args=self.extra_flags,
# Open a tab to the chrome://policy page.[0].Activate()
policy_tab =
# Confirm test preconditions: user is signed in, and policy set.
# Verify that user's cryptohome directory is mounted.
if not cryptohome.is_vault_mounted(user=self.username,
raise error.TestError('Expected to find a mounted vault for %s.'
% self.username)
# Verify that policy name & value are shown on the Policies page.
value_shown = self._get_policy_value_shown(policy_tab, policy_name)
if value_shown != policy_value:
raise error.TestFail('Policy value shown is not correct: %s '
'(expected: %s)' %
(value_shown, policy_value))
# Close the Policies tab.
def _setup_policy(self, policies_json):
Creates policy blob from JSON data, and sends to AutoTest fake DMS.
@param policies_json: The policy JSON data (name-value pairs).
policies_json = self._move_modeless_to_mandatory(policies_json)
policies_json = self._remove_null_policies(policies_json)
policy_blob = """{
"google/chromeos/user": %s,
"managed_users": ["*"],
"policy_user": "%s",
"current_key_index": 0,
"invalidation_source": 16,
"invalidation_name": "test_policy"
}""" % (json.dumps(policies_json), self.USERNAME)
def _move_modeless_to_mandatory(self, policies_json):
Adds the 'mandatory' mode if a policy's mode was omitted.
The AutoTest fake DM Server requires that every policy be contained
within either a 'mandatory' or 'recommended' dictionary, to indicate
the mode of the policy. This function moves modeless polices into the
'mandatory' dictionary.
@param policies_json: The policy JSON data (name-value pairs).
@returns: dict of policies grouped by mode keys.
mandatory_policies = {}
recommended_policies = {}
collated_json = {}
# Extract mandatory and recommended policies.
if 'mandatory' in policies_json:
mandatory_policies = policies_json['mandatory']
del policies_json['mandatory']
if 'recommended' in policies_json:
recommended_policies = policies_json['recommended']
del policies_json['recommended']
# Move remaining modeless policies into mandatory dict.
if policies_json:
# Collate all policies into mandatory & recommended dicts.
if recommended_policies:
collated_json.update({'recommended': recommended_policies})
if mandatory_policies:
collated_json.update({'mandatory': mandatory_policies})
return collated_json
def _remove_null_policies(self, policies_json):
Removes policy dict data that is set to None or ''.
For the status of a policy to be shown as "Not set" on the
chrome://policy page, the policy blob must contain no dictionary entry
for that policy. This function removes policy NVPs from a copy of the
|policies_json| dictionary that the test case set to None or ''.
@param policies_json: setup policy JSON data (name-value pairs).
@returns: setup policy JSON data with all 'Not set' policies removed.
policies_json_copy = policies_json.copy()
for mode, policies in policies_json_copy.items():
for policy_data in policies.items():
if policy_data[1] is None or policy_data[1] == '':
return policies_json_copy
def _get_policy_value_shown(self, policy_tab, policy_name):
Gets the value shown for the named policy on the Policies page.
Takes |policy_name| as a parameter and returns the corresponding
policy value shown on the chrome://policy page.
@param policy_tab: Tab displaying the chrome://policy page.
@param policy_name: The name of the policy.
@returns: The value shown for the policy on the Policies page.
row_values = policy_tab.EvaluateJavaScript('''
var section = document.getElementsByClassName("policy-table-section")[0];
var table = section.getElementsByTagName('table')[0];
rowValues = '';
for (var i = 1, row; row = table.rows[i]; i++) {
if (row.className !== 'expanded-value-container') {
var name_div = row.getElementsByClassName('name elide')[0];
var name = name_div.textContent;
if (name === '%s') {
var value_span = row.getElementsByClassName('value')[0];
var value = value_span.textContent;
var status_div = row.getElementsByClassName('status elide')[0];
var status = status_div.textContent;
rowValues = [name, value, status];
''' % policy_name)
value_shown = row_values[1].encode('ascii', 'ignore')
status_shown = row_values[2].encode('ascii', 'ignore')
if status_shown == 'Not set.':
return None
return value_shown