• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
2# Use of this source code is governed by a BSD-style license that can be
3# found in the LICENSE file.
4
5import dbus, os
6from dbus.mainloop.glib import DBusGMainLoop
7
8from autotest_lib.client.bin import test, utils
9from autotest_lib.client.common_lib import error
10from autotest_lib.client.common_lib.cros import policy, session_manager
11from autotest_lib.client.cros import cryptohome, ownership
12
13
14class login_MultiUserPolicy(test.test):
15    """Verifies that storing and retrieving user policy works with
16       multiple profiles signed-in.
17    """
18
19    version = 1
20
21    _user1 = 'user1@somewhere.com'
22    _user2 = 'user2@somewhere.com'
23
24    def setup(self):
25        os.chdir(self.srcdir)
26        utils.make('OUT_DIR=.')
27
28
29    def initialize(self):
30        super(login_MultiUserPolicy, self).initialize()
31        self._bus_loop = DBusGMainLoop(set_as_default=True)
32
33        # Clear the user's vault, to make sure the test starts without any
34        # policy or key lingering around. At this stage the session isn't
35        # started and there's no user signed in.
36        ownership.restart_ui_to_clear_ownership_files()
37        cryptohome_proxy = cryptohome.CryptohomeProxy(self._bus_loop)
38        cryptohome_proxy.ensure_clean_cryptohome_for(self._user1)
39        cryptohome_proxy.ensure_clean_cryptohome_for(self._user2)
40
41
42    def run_once(self):
43        sm = session_manager.connect(self._bus_loop)
44
45        # Start a session for the first user, and verify that no policy exists
46        # for that user yet.
47        if not sm.StartSession(self._user1, ''):
48            raise error.TestError('Could not start session')
49        policy_blob = sm.RetrievePolicyForUser(self._user1, byte_arrays=True)
50        if policy_blob:
51            raise error.TestError('session_manager already has user policy!')
52
53        # Now store a policy. This is building a device policy protobuf, but
54        # that's fine as far as the session_manager is concerned; it's the
55        # outer PolicyFetchResponse that contains the public_key.
56        public_key = ownership.known_pubkey()
57        private_key = ownership.known_privkey()
58        policy_data = policy.build_policy_data(self.srcdir)
59        policy_response = policy.generate_policy(self.srcdir,
60                                                 private_key,
61                                                 public_key,
62                                                 policy_data)
63        try:
64          result = sm.StorePolicyForUser(self._user1,
65                                         dbus.ByteArray(policy_response))
66          if not result:
67              raise error.TestFail('Failed to store user policy')
68        except dbus.exceptions.DBusException, e:
69          raise error.TestFail('Call to StorePolicyForUser failed', e)
70
71        # Storing policy for the second user fails before his session starts.
72        try:
73          result = sm.StorePolicyForUser(self._user2,
74                                         dbus.ByteArray(policy_response))
75          raise error.TestFail('Storing policy should fail before the session '
76                               'is started')
77        except dbus.exceptions.DBusException, e:
78          pass
79
80        # Now start the second user's session, and verify that he has no
81        # policy stored yet.
82        if not sm.StartSession(self._user2, ''):
83            raise error.TestError('Could not start second session')
84        policy_blob = sm.RetrievePolicyForUser(self._user2, byte_arrays=True)
85        if policy_blob:
86            raise error.TestError('session_manager already has user policy!')
87
88        # Storing works now.
89        try:
90          result = sm.StorePolicyForUser(self._user2,
91                                         dbus.ByteArray(policy_response))
92          if not result:
93              raise error.TestFail('Failed to store user policy')
94        except dbus.exceptions.DBusException, e:
95          raise error.TestFail('Call to StorePolicyForUser failed', e)
96
97        # Verify that retrieving policy works too.
98        policy_blob = sm.RetrievePolicyForUser(self._user2, byte_arrays=True)
99        if not policy_blob:
100            raise error.TestError('Failed to retrieve stored policy')
101