Skip to content

Commit

Permalink
Bug 1882601: Add content analysis config to enterprise policy r=gstol…
Browse files Browse the repository at this point in the history
…l,mkaply

Differential Revision: https://phabricator.services.mozilla.com/D203339
  • Loading branch information
davidp3 committed Mar 8, 2024
1 parent 75a95d3 commit ad262e4
Show file tree
Hide file tree
Showing 4 changed files with 136 additions and 1 deletion.
43 changes: 43 additions & 0 deletions browser/components/enterprisepolicies/Policies.sys.mjs
Original file line number Diff line number Diff line change
Expand Up @@ -510,6 +510,49 @@ export var Policies = {

ContentAnalysis: {
onBeforeAddons(manager, param) {
if ("PipePathName" in param) {
setAndLockPref(
"browser.contentanalysis.pipe_path_name",
param.PipePathName
);
}
if ("AgentTimeout" in param) {
if (!Number.isInteger(param.AgentTimeout)) {
lazy.log.error(
`Non-integer value for AgentTimeout: ${param.AgentTimeout}`
);
} else {
setAndLockPref(
"browser.contentanalysis.agent_timeout",
param.AgentTimeout
);
}
}
if ("AllowUrlRegexList" in param) {
setAndLockPref(
"browser.contentanalysis.allow_url_regex_list",
param.AllowUrlRegexList
);
}
if ("DenyUrlRegexList" in param) {
setAndLockPref(
"browser.contentanalysis.deny_url_regex_list",
param.DenyUrlRegexList
);
}
let boolPrefs = [
["IsPerUser", "is_per_user"],
["ShowBlockedResult", "show_blocked_result"],
["DefaultAllow", "default_allow"],
];
for (let pref of boolPrefs) {
if (pref[0] in param) {
setAndLockPref(
`browser.contentanalysis.${pref[1]}`,
!!param[pref[0]]
);
}
}
if ("Enabled" in param) {
let enabled = !!param.Enabled;
setAndLockPref("browser.contentanalysis.enabled", enabled);
Expand Down
21 changes: 21 additions & 0 deletions browser/components/enterprisepolicies/schemas/policies-schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -240,6 +240,27 @@
"properties": {
"Enabled": {
"type": "boolean"
},
"PipePathName": {
"type": "string"
},
"AgentTimeout": {
"type": "number"
},
"AllowUrlRegexList": {
"type": "string"
},
"DenyUrlRegexList": {
"type": "string"
},
"IsPerUser": {
"type": "boolean"
},
"ShowBlockedResult": {
"type": "boolean"
},
"DefaultAllow": {
"type": "boolean"
}
}
},
Expand Down
7 changes: 7 additions & 0 deletions modules/libpref/init/StaticPrefList.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -1204,6 +1204,13 @@
value: 30
mirror: always

# Should Firefox show a notification or dialog when content analysis blocks
# access?
- name: browser.contentanalysis.show_blocked_result
type: bool
value: true
mirror: always

# Content blocking for Enhanced Tracking Protection
- name: browser.contentblocking.database.enabled
type: bool
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,15 @@ const { EnterprisePolicyTesting } = ChromeUtils.importESModule(
"resource://testing-common/EnterprisePolicyTesting.sys.mjs"
);

const kEnabledPref = "enabled";
const kPipeNamePref = "pipe_path_name";
const kTimeoutPref = "agent_timeout";
const kAllowUrlPref = "allow_url_regex_list";
const kDenyUrlPref = "deny_url_regex_list";
const kPerUserPref = "is_per_user";
const kShowBlockedPref = "show_blocked_result";
const kDefaultAllowPref = "default_allow";

const ca = Cc["@mozilla.org/contentanalysis;1"].getService(
Ci.nsIContentAnalysis
);
Expand All @@ -23,7 +32,7 @@ add_task(async function test_ca_active() {
ok(!ca.isActive, "CA is inactive when pref and cmd line arg are missing");

// Set the pref without enterprise policy. CA should not be active.
Services.prefs.setBoolPref("browser.contentanalysis.enabled", true);
Services.prefs.setBoolPref("browser.contentanalysis." + kEnabledPref, true);
ok(
!ca.isActive,
"CA is inactive when pref is set but cmd line arg is missing"
Expand Down Expand Up @@ -55,6 +64,61 @@ add_task(async function test_ca_active() {
ok(ca.isActive, "CA is active when enabled by enterprise policy pref");
});

add_task(async function test_ca_enterprise_config() {
const string1 = "this is a string";
const string2 = "this is another string";

await EnterprisePolicyTesting.setupPolicyEngineWithJson({
policies: {
ContentAnalysis: {
PipePathName: "abc",
AgentTimeout: 99,
AllowUrlRegexList: string1,
DenyUrlRegexList: string2,
IsPerUser: true,
ShowBlockedResult: false,
DefaultAllow: true,
},
},
});

is(
Services.prefs.getStringPref("browser.contentanalysis." + kPipeNamePref),
"abc",
"pipe name match"
);
is(
Services.prefs.getIntPref("browser.contentanalysis." + kTimeoutPref),
99,
"timeout match"
);
is(
Services.prefs.getStringPref("browser.contentanalysis." + kAllowUrlPref),
string1,
"allow urls match"
);
is(
Services.prefs.getStringPref("browser.contentanalysis." + kDenyUrlPref),
string2,
"deny urls match"
);
is(
Services.prefs.getBoolPref("browser.contentanalysis." + kPerUserPref),
true,
"per user match"
);
is(
Services.prefs.getBoolPref("browser.contentanalysis." + kShowBlockedPref),
false,
"show blocked match"
);
is(
Services.prefs.getBoolPref("browser.contentanalysis." + kDefaultAllowPref),
true,
"default allow match"
);
});

add_task(async function test_cleanup() {
ca.testOnlySetCACmdLineArg(false);
await EnterprisePolicyTesting.setupPolicyEngineWithJson({
Expand Down

0 comments on commit ad262e4

Please sign in to comment.