• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
2# Use of this source code is governed by a BSD-style license that can be
3# found in the LICENSE file.
4
5import dbus, os
6from dbus.mainloop.glib import DBusGMainLoop
7
8from autotest_lib.client.bin import test, utils
9from autotest_lib.client.common_lib import error
10from autotest_lib.client.common_lib.cros import policy, session_manager
11from autotest_lib.client.cros import cryptohome, ownership
12
13
14class login_MultiUserPolicy(test.test):
15    """Verifies that storing and retrieving user policy works with
16       multiple profiles signed-in.
17    """
18
19    version = 1
20
21    _user1 = 'user1@somewhere.com'
22    _user2 = 'user2@somewhere.com'
23
24    def setup(self):
25        os.chdir(self.srcdir)
26        utils.make('OUT_DIR=.')
27
28
29    def initialize(self):
30        super(login_MultiUserPolicy, self).initialize()
31        self._bus_loop = DBusGMainLoop(set_as_default=True)
32
33        # Clear the user's vault, to make sure the test starts without any
34        # policy or key lingering around. At this stage the session isn't
35        # started and there's no user signed in.
36        ownership.restart_ui_to_clear_ownership_files()
37        cryptohome_proxy = cryptohome.CryptohomeProxy(self._bus_loop)
38        cryptohome_proxy.ensure_clean_cryptohome_for(self._user1)
39        cryptohome_proxy.ensure_clean_cryptohome_for(self._user2)
40
41
42    def run_once(self):
43        sm = session_manager.connect(self._bus_loop)
44
45        # Start a session for the first user, and verify that no policy exists
46        # for that user yet.
47        sm.StartSession(self._user1, '')
48        policy_blob = sm.RetrievePolicyForUser(self._user1, byte_arrays=True)
49        if policy_blob:
50            raise error.TestError('session_manager already has user policy!')
51
52        # Now store a policy. This is building a device policy protobuf, but
53        # that's fine as far as the session_manager is concerned; it's the
54        # outer PolicyFetchResponse that contains the public_key.
55        public_key = ownership.known_pubkey()
56        private_key = ownership.known_privkey()
57        policy_data = policy.build_policy_data(self.srcdir)
58        policy_response = policy.generate_policy(self.srcdir,
59                                                 private_key,
60                                                 public_key,
61                                                 policy_data)
62        try:
63            sm.StorePolicyForUser(self._user1, dbus.ByteArray(policy_response))
64        except dbus.exceptions.DBusException as e:
65            raise error.TestFail('Call to StorePolicyForUser failed', e)
66
67        # Storing policy for the second user fails before his session starts.
68        try:
69            sm.StorePolicyForUser(self._user2, dbus.ByteArray(policy_response))
70        except dbus.exceptions.DBusException:
71            pass
72        else:
73            raise error.TestFail('Storing policy should fail before the '
74                                 'session is started')
75
76
77        # Now start the second user's session, and verify that he has no
78        # policy stored yet.
79        sm.StartSession(self._user2, '')
80        policy_blob = sm.RetrievePolicyForUser(self._user2, byte_arrays=True)
81        if policy_blob:
82            raise error.TestError('session_manager already has user policy!')
83
84        # Storing works now.
85        try:
86            sm.StorePolicyForUser(self._user2, dbus.ByteArray(policy_response))
87        except dbus.exceptions.DBusException as e:
88            raise error.TestFail('Call to StorePolicyForUser failed', e)
89
90        # Verify that retrieving policy works too.
91        policy_blob = sm.RetrievePolicyForUser(self._user2, byte_arrays=True)
92        if not policy_blob:
93            raise error.TestError('Failed to retrieve stored policy')
94