1*1a96fba6SXin Li // Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
2*1a96fba6SXin Li // Use of this source code is governed by a BSD-style license that can be
3*1a96fba6SXin Li // found in the LICENSE file.
4*1a96fba6SXin Li
5*1a96fba6SXin Li #include "policy/libpolicy.h"
6*1a96fba6SXin Li
7*1a96fba6SXin Li #include <memory>
8*1a96fba6SXin Li #include <utility>
9*1a96fba6SXin Li
10*1a96fba6SXin Li #include <openssl/err.h>
11*1a96fba6SXin Li #include <openssl/ssl.h>
12*1a96fba6SXin Li
13*1a96fba6SXin Li #include <base/files/file_path.h>
14*1a96fba6SXin Li #include <base/logging.h>
15*1a96fba6SXin Li #include <gtest/gtest.h>
16*1a96fba6SXin Li
17*1a96fba6SXin Li #include "bindings/chrome_device_policy.pb.h"
18*1a96fba6SXin Li #include "install_attributes/mock_install_attributes_reader.h"
19*1a96fba6SXin Li #include "policy/device_policy_impl.h"
20*1a96fba6SXin Li
21*1a96fba6SXin Li namespace policy {
22*1a96fba6SXin Li
23*1a96fba6SXin Li static const char kPolicyFileAllSet[] = "policy/tests/whitelist/policy_all";
24*1a96fba6SXin Li static const char kPolicyFileNoneSet[] = "policy/tests/whitelist/policy_none";
25*1a96fba6SXin Li static const char kKeyFile[] = "policy/tests/whitelist/owner.key";
26*1a96fba6SXin Li static const char kNonExistingFile[] = "file-does-not-exist";
27*1a96fba6SXin Li
28*1a96fba6SXin Li // Creates the DevicePolicyImpl with given parameters for test.
CreateDevicePolicyImpl(std::unique_ptr<InstallAttributesReader> install_attributes_reader,const base::FilePath & policy_path,const base::FilePath & keyfile_path,bool verify_files)29*1a96fba6SXin Li std::unique_ptr<DevicePolicyImpl> CreateDevicePolicyImpl(
30*1a96fba6SXin Li std::unique_ptr<InstallAttributesReader> install_attributes_reader,
31*1a96fba6SXin Li const base::FilePath& policy_path,
32*1a96fba6SXin Li const base::FilePath& keyfile_path,
33*1a96fba6SXin Li bool verify_files) {
34*1a96fba6SXin Li std::unique_ptr<DevicePolicyImpl> device_policy(new DevicePolicyImpl());
35*1a96fba6SXin Li device_policy->set_install_attributes_for_testing(
36*1a96fba6SXin Li std::move(install_attributes_reader));
37*1a96fba6SXin Li device_policy->set_policy_path_for_testing(policy_path);
38*1a96fba6SXin Li device_policy->set_key_file_path_for_testing(keyfile_path);
39*1a96fba6SXin Li device_policy->set_verify_root_ownership_for_testing(verify_files);
40*1a96fba6SXin Li
41*1a96fba6SXin Li return device_policy;
42*1a96fba6SXin Li }
43*1a96fba6SXin Li
44*1a96fba6SXin Li // Test that a policy file can be verified and parsed correctly. The file
45*1a96fba6SXin Li // contains all possible fields, so reading should succeed for all.
TEST(PolicyTest,DevicePolicyAllSetTest)46*1a96fba6SXin Li TEST(PolicyTest, DevicePolicyAllSetTest) {
47*1a96fba6SXin Li base::FilePath policy_file(kPolicyFileAllSet);
48*1a96fba6SXin Li base::FilePath key_file(kKeyFile);
49*1a96fba6SXin Li PolicyProvider provider;
50*1a96fba6SXin Li provider.SetDevicePolicyForTesting(CreateDevicePolicyImpl(
51*1a96fba6SXin Li std::make_unique<MockInstallAttributesReader>(
52*1a96fba6SXin Li InstallAttributesReader::kDeviceModeEnterprise, true),
53*1a96fba6SXin Li policy_file, key_file, false));
54*1a96fba6SXin Li provider.Reload();
55*1a96fba6SXin Li
56*1a96fba6SXin Li // Ensure we successfully loaded the device policy file.
57*1a96fba6SXin Li ASSERT_TRUE(provider.device_policy_is_loaded());
58*1a96fba6SXin Li
59*1a96fba6SXin Li const DevicePolicy& policy = provider.GetDevicePolicy();
60*1a96fba6SXin Li
61*1a96fba6SXin Li // Check that we can read out all fields of the sample protobuf.
62*1a96fba6SXin Li int int_value = -1;
63*1a96fba6SXin Li ASSERT_TRUE(policy.GetPolicyRefreshRate(&int_value));
64*1a96fba6SXin Li EXPECT_EQ(100, int_value);
65*1a96fba6SXin Li
66*1a96fba6SXin Li std::vector<std::string> list_value;
67*1a96fba6SXin Li ASSERT_TRUE(policy.GetUserWhitelist(&list_value));
68*1a96fba6SXin Li ASSERT_EQ(3, list_value.size());
69*1a96fba6SXin Li EXPECT_EQ("[email protected]", list_value[0]);
70*1a96fba6SXin Li EXPECT_EQ("[email protected]", list_value[1]);
71*1a96fba6SXin Li EXPECT_EQ("*@monsters.com", list_value[2]);
72*1a96fba6SXin Li
73*1a96fba6SXin Li bool bool_value = true;
74*1a96fba6SXin Li ASSERT_TRUE(policy.GetGuestModeEnabled(&bool_value));
75*1a96fba6SXin Li EXPECT_FALSE(bool_value);
76*1a96fba6SXin Li
77*1a96fba6SXin Li bool_value = true;
78*1a96fba6SXin Li ASSERT_TRUE(policy.GetCameraEnabled(&bool_value));
79*1a96fba6SXin Li EXPECT_FALSE(bool_value);
80*1a96fba6SXin Li
81*1a96fba6SXin Li bool_value = true;
82*1a96fba6SXin Li ASSERT_TRUE(policy.GetShowUserNames(&bool_value));
83*1a96fba6SXin Li EXPECT_FALSE(bool_value);
84*1a96fba6SXin Li
85*1a96fba6SXin Li bool_value = true;
86*1a96fba6SXin Li ASSERT_TRUE(policy.GetDataRoamingEnabled(&bool_value));
87*1a96fba6SXin Li EXPECT_FALSE(bool_value);
88*1a96fba6SXin Li
89*1a96fba6SXin Li bool_value = true;
90*1a96fba6SXin Li ASSERT_TRUE(policy.GetAllowNewUsers(&bool_value));
91*1a96fba6SXin Li EXPECT_FALSE(bool_value);
92*1a96fba6SXin Li
93*1a96fba6SXin Li bool_value = true;
94*1a96fba6SXin Li ASSERT_TRUE(policy.GetMetricsEnabled(&bool_value));
95*1a96fba6SXin Li EXPECT_FALSE(bool_value);
96*1a96fba6SXin Li
97*1a96fba6SXin Li bool_value = true;
98*1a96fba6SXin Li ASSERT_TRUE(policy.GetReportVersionInfo(&bool_value));
99*1a96fba6SXin Li EXPECT_FALSE(bool_value);
100*1a96fba6SXin Li
101*1a96fba6SXin Li bool_value = true;
102*1a96fba6SXin Li ASSERT_TRUE(policy.GetReportActivityTimes(&bool_value));
103*1a96fba6SXin Li EXPECT_FALSE(bool_value);
104*1a96fba6SXin Li
105*1a96fba6SXin Li bool_value = true;
106*1a96fba6SXin Li ASSERT_TRUE(policy.GetReportBootMode(&bool_value));
107*1a96fba6SXin Li EXPECT_FALSE(bool_value);
108*1a96fba6SXin Li
109*1a96fba6SXin Li bool_value = true;
110*1a96fba6SXin Li ASSERT_TRUE(policy.GetEphemeralUsersEnabled(&bool_value));
111*1a96fba6SXin Li EXPECT_FALSE(bool_value);
112*1a96fba6SXin Li
113*1a96fba6SXin Li std::string string_value;
114*1a96fba6SXin Li ASSERT_TRUE(policy.GetReleaseChannel(&string_value));
115*1a96fba6SXin Li EXPECT_EQ("stable-channel", string_value);
116*1a96fba6SXin Li
117*1a96fba6SXin Li bool_value = false;
118*1a96fba6SXin Li ASSERT_TRUE(policy.GetReleaseChannelDelegated(&bool_value));
119*1a96fba6SXin Li EXPECT_TRUE(bool_value);
120*1a96fba6SXin Li
121*1a96fba6SXin Li bool_value = true;
122*1a96fba6SXin Li ASSERT_TRUE(policy.GetUpdateDisabled(&bool_value));
123*1a96fba6SXin Li EXPECT_FALSE(bool_value);
124*1a96fba6SXin Li
125*1a96fba6SXin Li int64_t int64_value = -1LL;
126*1a96fba6SXin Li ASSERT_TRUE(policy.GetScatterFactorInSeconds(&int64_value));
127*1a96fba6SXin Li EXPECT_EQ(17LL, int64_value);
128*1a96fba6SXin Li
129*1a96fba6SXin Li ASSERT_TRUE(policy.GetTargetVersionPrefix(&string_value));
130*1a96fba6SXin Li EXPECT_EQ("42.0.", string_value);
131*1a96fba6SXin Li
132*1a96fba6SXin Li int_value = -1;
133*1a96fba6SXin Li ASSERT_TRUE(policy.GetRollbackToTargetVersion(&int_value));
134*1a96fba6SXin Li EXPECT_EQ(enterprise_management::AutoUpdateSettingsProto::
135*1a96fba6SXin Li ROLLBACK_AND_POWERWASH,
136*1a96fba6SXin Li int_value);
137*1a96fba6SXin Li
138*1a96fba6SXin Li int_value = -1;
139*1a96fba6SXin Li ASSERT_TRUE(policy.GetRollbackAllowedMilestones(&int_value));
140*1a96fba6SXin Li EXPECT_EQ(3, int_value);
141*1a96fba6SXin Li
142*1a96fba6SXin Li std::set<std::string> types;
143*1a96fba6SXin Li ASSERT_TRUE(policy.GetAllowedConnectionTypesForUpdate(&types));
144*1a96fba6SXin Li EXPECT_TRUE(types.end() != types.find("ethernet"));
145*1a96fba6SXin Li EXPECT_TRUE(types.end() != types.find("wifi"));
146*1a96fba6SXin Li EXPECT_EQ(2, types.size());
147*1a96fba6SXin Li
148*1a96fba6SXin Li ASSERT_TRUE(policy.GetOpenNetworkConfiguration(&string_value));
149*1a96fba6SXin Li EXPECT_EQ("{}", string_value);
150*1a96fba6SXin Li
151*1a96fba6SXin Li ASSERT_TRUE(policy.GetOwner(&string_value));
152*1a96fba6SXin Li EXPECT_EQ("", string_value);
153*1a96fba6SXin Li
154*1a96fba6SXin Li bool_value = true;
155*1a96fba6SXin Li ASSERT_TRUE(policy.GetHttpDownloadsEnabled(&bool_value));
156*1a96fba6SXin Li EXPECT_FALSE(bool_value);
157*1a96fba6SXin Li
158*1a96fba6SXin Li bool_value = true;
159*1a96fba6SXin Li ASSERT_TRUE(policy.GetAuP2PEnabled(&bool_value));
160*1a96fba6SXin Li EXPECT_FALSE(bool_value);
161*1a96fba6SXin Li
162*1a96fba6SXin Li bool_value = true;
163*1a96fba6SXin Li ASSERT_TRUE(policy.GetAllowKioskAppControlChromeVersion(&bool_value));
164*1a96fba6SXin Li EXPECT_FALSE(bool_value);
165*1a96fba6SXin Li
166*1a96fba6SXin Li std::vector<DevicePolicy::UsbDeviceId> list_device;
167*1a96fba6SXin Li ASSERT_TRUE(policy.GetUsbDetachableWhitelist(&list_device));
168*1a96fba6SXin Li EXPECT_EQ(2, list_device.size());
169*1a96fba6SXin Li EXPECT_EQ(0x413c, list_device[0].vendor_id);
170*1a96fba6SXin Li EXPECT_EQ(0x2105, list_device[0].product_id);
171*1a96fba6SXin Li EXPECT_EQ(0x0403, list_device[1].vendor_id);
172*1a96fba6SXin Li EXPECT_EQ(0x6001, list_device[1].product_id);
173*1a96fba6SXin Li
174*1a96fba6SXin Li ASSERT_TRUE(policy.GetAutoLaunchedKioskAppId(&string_value));
175*1a96fba6SXin Li EXPECT_EQ("my_kiosk_app", string_value);
176*1a96fba6SXin Li
177*1a96fba6SXin Li int_value = -1;
178*1a96fba6SXin Li ASSERT_TRUE(policy.GetSecondFactorAuthenticationMode(&int_value));
179*1a96fba6SXin Li EXPECT_EQ(2, int_value);
180*1a96fba6SXin Li
181*1a96fba6SXin Li std::vector<DevicePolicy::WeeklyTimeInterval> intervals;
182*1a96fba6SXin Li ASSERT_TRUE(policy.GetDisallowedTimeIntervals(&intervals));
183*1a96fba6SXin Li ASSERT_EQ(2, intervals.size());
184*1a96fba6SXin Li EXPECT_EQ(4, intervals[0].start_day_of_week);
185*1a96fba6SXin Li EXPECT_EQ(base::TimeDelta::FromMinutes(30) + base::TimeDelta::FromHours(12),
186*1a96fba6SXin Li intervals[0].start_time);
187*1a96fba6SXin Li EXPECT_EQ(6, intervals[0].end_day_of_week);
188*1a96fba6SXin Li EXPECT_EQ(base::TimeDelta::FromMinutes(15) + base::TimeDelta::FromHours(3),
189*1a96fba6SXin Li intervals[0].end_time);
190*1a96fba6SXin Li EXPECT_EQ(1, intervals[1].start_day_of_week);
191*1a96fba6SXin Li EXPECT_EQ(base::TimeDelta::FromMinutes(10) + base::TimeDelta::FromHours(20),
192*1a96fba6SXin Li intervals[1].start_time);
193*1a96fba6SXin Li EXPECT_EQ(3, intervals[1].end_day_of_week);
194*1a96fba6SXin Li EXPECT_EQ(base::TimeDelta::FromMinutes(20), intervals[1].end_time);
195*1a96fba6SXin Li
196*1a96fba6SXin Li ASSERT_TRUE(policy.GetAutoLaunchedKioskAppId(&string_value));
197*1a96fba6SXin Li ASSERT_EQ("my_kiosk_app", string_value);
198*1a96fba6SXin Li
199*1a96fba6SXin Li // Reloading the protobuf should succeed.
200*1a96fba6SXin Li EXPECT_TRUE(provider.Reload());
201*1a96fba6SXin Li }
202*1a96fba6SXin Li
203*1a96fba6SXin Li // Test that a policy file can be verified and parsed correctly. The file
204*1a96fba6SXin Li // contains none of the possible fields, so reading should fail for all.
TEST(PolicyTest,DevicePolicyNoneSetTest)205*1a96fba6SXin Li TEST(PolicyTest, DevicePolicyNoneSetTest) {
206*1a96fba6SXin Li base::FilePath policy_file(kPolicyFileNoneSet);
207*1a96fba6SXin Li base::FilePath key_file(kKeyFile);
208*1a96fba6SXin Li
209*1a96fba6SXin Li PolicyProvider provider;
210*1a96fba6SXin Li provider.SetDevicePolicyForTesting(CreateDevicePolicyImpl(
211*1a96fba6SXin Li std::make_unique<MockInstallAttributesReader>(
212*1a96fba6SXin Li InstallAttributesReader::kDeviceModeEnterprise, true),
213*1a96fba6SXin Li policy_file, key_file, false));
214*1a96fba6SXin Li provider.Reload();
215*1a96fba6SXin Li
216*1a96fba6SXin Li // Ensure we successfully loaded the device policy file.
217*1a96fba6SXin Li ASSERT_TRUE(provider.device_policy_is_loaded());
218*1a96fba6SXin Li
219*1a96fba6SXin Li const DevicePolicy& policy = provider.GetDevicePolicy();
220*1a96fba6SXin Li
221*1a96fba6SXin Li // Check that we cannot read any fields out of the sample protobuf.
222*1a96fba6SXin Li int int_value;
223*1a96fba6SXin Li int64_t int64_value;
224*1a96fba6SXin Li std::vector<std::string> list_value;
225*1a96fba6SXin Li bool bool_value;
226*1a96fba6SXin Li std::string string_value;
227*1a96fba6SXin Li std::vector<DevicePolicy::UsbDeviceId> list_device;
228*1a96fba6SXin Li std::vector<DevicePolicy::WeeklyTimeInterval> intervals;
229*1a96fba6SXin Li
230*1a96fba6SXin Li EXPECT_FALSE(policy.GetPolicyRefreshRate(&int_value));
231*1a96fba6SXin Li EXPECT_FALSE(policy.GetUserWhitelist(&list_value));
232*1a96fba6SXin Li EXPECT_FALSE(policy.GetGuestModeEnabled(&bool_value));
233*1a96fba6SXin Li EXPECT_FALSE(policy.GetCameraEnabled(&bool_value));
234*1a96fba6SXin Li EXPECT_FALSE(policy.GetShowUserNames(&bool_value));
235*1a96fba6SXin Li EXPECT_FALSE(policy.GetDataRoamingEnabled(&bool_value));
236*1a96fba6SXin Li EXPECT_FALSE(policy.GetAllowNewUsers(&bool_value));
237*1a96fba6SXin Li EXPECT_FALSE(policy.GetMetricsEnabled(&bool_value));
238*1a96fba6SXin Li EXPECT_FALSE(policy.GetReportVersionInfo(&bool_value));
239*1a96fba6SXin Li EXPECT_FALSE(policy.GetReportActivityTimes(&bool_value));
240*1a96fba6SXin Li EXPECT_FALSE(policy.GetReportBootMode(&bool_value));
241*1a96fba6SXin Li EXPECT_FALSE(policy.GetEphemeralUsersEnabled(&bool_value));
242*1a96fba6SXin Li EXPECT_FALSE(policy.GetReleaseChannel(&string_value));
243*1a96fba6SXin Li EXPECT_FALSE(policy.GetUpdateDisabled(&bool_value));
244*1a96fba6SXin Li EXPECT_FALSE(policy.GetTargetVersionPrefix(&string_value));
245*1a96fba6SXin Li EXPECT_FALSE(policy.GetRollbackToTargetVersion(&int_value));
246*1a96fba6SXin Li // RollbackAllowedMilestones has the default value of 4 for enterprise
247*1a96fba6SXin Li // devices.
248*1a96fba6SXin Li ASSERT_TRUE(policy.GetRollbackAllowedMilestones(&int_value));
249*1a96fba6SXin Li EXPECT_EQ(4, int_value);
250*1a96fba6SXin Li EXPECT_FALSE(policy.GetScatterFactorInSeconds(&int64_value));
251*1a96fba6SXin Li EXPECT_FALSE(policy.GetOpenNetworkConfiguration(&string_value));
252*1a96fba6SXin Li EXPECT_FALSE(policy.GetHttpDownloadsEnabled(&bool_value));
253*1a96fba6SXin Li EXPECT_FALSE(policy.GetAuP2PEnabled(&bool_value));
254*1a96fba6SXin Li EXPECT_FALSE(policy.GetAllowKioskAppControlChromeVersion(&bool_value));
255*1a96fba6SXin Li EXPECT_FALSE(policy.GetUsbDetachableWhitelist(&list_device));
256*1a96fba6SXin Li EXPECT_FALSE(policy.GetSecondFactorAuthenticationMode(&int_value));
257*1a96fba6SXin Li EXPECT_FALSE(policy.GetDisallowedTimeIntervals(&intervals));
258*1a96fba6SXin Li }
259*1a96fba6SXin Li
260*1a96fba6SXin Li // Verify that the library will correctly recognize and signal missing files.
TEST(PolicyTest,DevicePolicyFailure)261*1a96fba6SXin Li TEST(PolicyTest, DevicePolicyFailure) {
262*1a96fba6SXin Li LOG(INFO) << "Errors expected.";
263*1a96fba6SXin Li // Try loading non-existing protobuf should fail.
264*1a96fba6SXin Li base::FilePath policy_file(kNonExistingFile);
265*1a96fba6SXin Li base::FilePath key_file(kNonExistingFile);
266*1a96fba6SXin Li PolicyProvider provider;
267*1a96fba6SXin Li provider.SetDevicePolicyForTesting(
268*1a96fba6SXin Li CreateDevicePolicyImpl(std::make_unique<MockInstallAttributesReader>(
269*1a96fba6SXin Li cryptohome::SerializedInstallAttributes()),
270*1a96fba6SXin Li policy_file, key_file, true));
271*1a96fba6SXin Li
272*1a96fba6SXin Li // Even after reload the policy should still be not loaded.
273*1a96fba6SXin Li ASSERT_FALSE(provider.Reload());
274*1a96fba6SXin Li EXPECT_FALSE(provider.device_policy_is_loaded());
275*1a96fba6SXin Li }
276*1a96fba6SXin Li
277*1a96fba6SXin Li // Verify that signature verification is waived for a device in enterprise_ad
278*1a96fba6SXin Li // mode.
TEST(PolicyTest,SkipSignatureForEnterpriseAD)279*1a96fba6SXin Li TEST(PolicyTest, SkipSignatureForEnterpriseAD) {
280*1a96fba6SXin Li base::FilePath policy_file(kPolicyFileAllSet);
281*1a96fba6SXin Li base::FilePath key_file(kNonExistingFile);
282*1a96fba6SXin Li PolicyProvider provider;
283*1a96fba6SXin Li provider.SetDevicePolicyForTesting(CreateDevicePolicyImpl(
284*1a96fba6SXin Li std::make_unique<MockInstallAttributesReader>(
285*1a96fba6SXin Li InstallAttributesReader::kDeviceModeEnterpriseAD, true),
286*1a96fba6SXin Li policy_file, key_file, false));
287*1a96fba6SXin Li provider.Reload();
288*1a96fba6SXin Li
289*1a96fba6SXin Li // Ensure we successfully loaded the device policy file.
290*1a96fba6SXin Li EXPECT_TRUE(provider.device_policy_is_loaded());
291*1a96fba6SXin Li }
292*1a96fba6SXin Li
293*1a96fba6SXin Li // Ensure that signature verification is enforced for a device in vanilla
294*1a96fba6SXin Li // enterprise mode.
TEST(PolicyTest,DontSkipSignatureForEnterprise)295*1a96fba6SXin Li TEST(PolicyTest, DontSkipSignatureForEnterprise) {
296*1a96fba6SXin Li base::FilePath policy_file(kPolicyFileAllSet);
297*1a96fba6SXin Li base::FilePath key_file(kNonExistingFile);
298*1a96fba6SXin Li
299*1a96fba6SXin Li PolicyProvider provider;
300*1a96fba6SXin Li provider.SetDevicePolicyForTesting(CreateDevicePolicyImpl(
301*1a96fba6SXin Li std::make_unique<MockInstallAttributesReader>(
302*1a96fba6SXin Li InstallAttributesReader::kDeviceModeEnterprise, true),
303*1a96fba6SXin Li policy_file, key_file, false));
304*1a96fba6SXin Li provider.Reload();
305*1a96fba6SXin Li
306*1a96fba6SXin Li // Ensure that unverifed policy is not loaded.
307*1a96fba6SXin Li EXPECT_FALSE(provider.device_policy_is_loaded());
308*1a96fba6SXin Li }
309*1a96fba6SXin Li
310*1a96fba6SXin Li // Ensure that signature verification is enforced for a device in consumer mode.
TEST(PolicyTest,DontSkipSignatureForConsumer)311*1a96fba6SXin Li TEST(PolicyTest, DontSkipSignatureForConsumer) {
312*1a96fba6SXin Li base::FilePath policy_file(kPolicyFileAllSet);
313*1a96fba6SXin Li base::FilePath key_file(kNonExistingFile);
314*1a96fba6SXin Li cryptohome::SerializedInstallAttributes install_attributes;
315*1a96fba6SXin Li
316*1a96fba6SXin Li PolicyProvider provider;
317*1a96fba6SXin Li provider.SetDevicePolicyForTesting(CreateDevicePolicyImpl(
318*1a96fba6SXin Li std::make_unique<MockInstallAttributesReader>(install_attributes),
319*1a96fba6SXin Li policy_file, key_file, false));
320*1a96fba6SXin Li provider.Reload();
321*1a96fba6SXin Li
322*1a96fba6SXin Li // Ensure that unverifed policy is not loaded.
323*1a96fba6SXin Li EXPECT_FALSE(provider.device_policy_is_loaded());
324*1a96fba6SXin Li }
325*1a96fba6SXin Li
326*1a96fba6SXin Li // Checks return value of IsConsumerDevice when it's a still in OOBE.
TEST(PolicyTest,IsConsumerDeviceOobe)327*1a96fba6SXin Li TEST(PolicyTest, IsConsumerDeviceOobe) {
328*1a96fba6SXin Li PolicyProvider provider;
329*1a96fba6SXin Li provider.SetInstallAttributesReaderForTesting(
330*1a96fba6SXin Li std::make_unique<MockInstallAttributesReader>("", false));
331*1a96fba6SXin Li EXPECT_FALSE(provider.IsConsumerDevice());
332*1a96fba6SXin Li }
333*1a96fba6SXin Li
334*1a96fba6SXin Li // Checks return value of IsConsumerDevice when it's a consumer device.
TEST(PolicyTest,IsConsumerDeviceConsumer)335*1a96fba6SXin Li TEST(PolicyTest, IsConsumerDeviceConsumer) {
336*1a96fba6SXin Li PolicyProvider provider;
337*1a96fba6SXin Li provider.SetInstallAttributesReaderForTesting(
338*1a96fba6SXin Li std::make_unique<MockInstallAttributesReader>("", true));
339*1a96fba6SXin Li EXPECT_TRUE(provider.IsConsumerDevice());
340*1a96fba6SXin Li }
341*1a96fba6SXin Li
342*1a96fba6SXin Li // Checks return value of IsConsumerDevice when it's an enterprise device.
TEST(PolicyTest,IsConsumerDeviceEnterprise)343*1a96fba6SXin Li TEST(PolicyTest, IsConsumerDeviceEnterprise) {
344*1a96fba6SXin Li PolicyProvider provider;
345*1a96fba6SXin Li provider.SetInstallAttributesReaderForTesting(
346*1a96fba6SXin Li std::make_unique<MockInstallAttributesReader>(
347*1a96fba6SXin Li InstallAttributesReader::kDeviceModeEnterprise, true));
348*1a96fba6SXin Li EXPECT_FALSE(provider.IsConsumerDevice());
349*1a96fba6SXin Li }
350*1a96fba6SXin Li
351*1a96fba6SXin Li // Checks return value of IsConsumerDevice when it's an enterprise AD device.
TEST(PolicyTest,IsConsumerDeviceEnterpriseAd)352*1a96fba6SXin Li TEST(PolicyTest, IsConsumerDeviceEnterpriseAd) {
353*1a96fba6SXin Li PolicyProvider provider;
354*1a96fba6SXin Li provider.SetInstallAttributesReaderForTesting(
355*1a96fba6SXin Li std::make_unique<MockInstallAttributesReader>(
356*1a96fba6SXin Li InstallAttributesReader::kDeviceModeEnterpriseAD, true));
357*1a96fba6SXin Li EXPECT_FALSE(provider.IsConsumerDevice());
358*1a96fba6SXin Li }
359*1a96fba6SXin Li
360*1a96fba6SXin Li } // namespace policy
361