Bug 1575681 - Add policy to remove access to the password manager. r=MattN,fluent-reviewers,flod

Differential Revision: https://phabricator.services.mozilla.com/D43673

--HG--
extra : moz-landing-system : lando

browser/components/enterprisepolicies/Policies.jsm

@@ -1003,6 +1003,17 @@ var Policies = {
     },
   },
 
+  PasswordManagerEnabled: {
+    onBeforeUIStartup(manager, param) {
+      if (!param) {
+        blockAboutPage(manager, "about:logins", true);
+        gBlockedChromePages.push("passwordManager.xul");
+        setAndLockPref("pref.privacy.disable_button.view_passwords", true);
+      }
+      setAndLockPref("signon.rememberSignons", param);
+    },
+  },
+
   Permissions: {
     onBeforeUIStartup(manager, param) {
       if (param.Camera) {

browser/components/enterprisepolicies/schemas/policies-schema.json

@@ -509,6 +509,10 @@
       "type": "URLorEmpty"
     },
 
+    "PasswordManagerEnabled": {
+      "type": "boolean"
+    },
+
     "Permissions": {
       "type": "object",
       "properties": {

browser/components/enterprisepolicies/tests/browser/browser.ini

@@ -43,6 +43,7 @@ skip-if = (verify && debug && (os == 'mac'))
 skip-if = fission
 [browser_policy_firefoxhome.js]
 [browser_policy_override_postupdatepage.js]
+[browser_policy_passwordmanager.js]
 [browser_policy_search_engine.js]
 [browser_policy_searchbar.js]
 [browser_policy_set_homepage.js]

browser/components/enterprisepolicies/tests/browser/browser_policy_block_about.js

@@ -11,13 +11,16 @@ const policiesToTest = {
 
 add_task(async function testAboutTask() {
   for (let policy in policiesToTest) {
-    await testPageBlockedByPolicy(policy, policiesToTest[policy]);
+    let policyJSON = { policies: {} };
+    policyJSON.policies[policy] = true;
+    await testPageBlockedByPolicy(policyJSON, policiesToTest[policy]);
   }
+  let policyJSON = { policies: {} };
+  policyJSON.policies.PasswordManagerEnabled = false;
+  await testPageBlockedByPolicy(policyJSON, "about:logins");
 });
 
-async function testPageBlockedByPolicy(policy, page) {
-  let policyJSON = { policies: {} };
-  policyJSON.policies[policy] = true;
+async function testPageBlockedByPolicy(policyJSON, page) {
   await setupPolicyEngineWithJson(policyJSON);
 
   await BrowserTestUtils.withNewTab(

browser/components/enterprisepolicies/tests/browser/browser_policy_passwordmanager.js

+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+"use strict";
+
+add_task(async function test_pwmanagerbutton() {
+  await setupPolicyEngineWithJson({
+    policies: {
+      PasswordManagerEnabled: false,
+    },
+  });
+
+  await BrowserTestUtils.withNewTab(
+    "about:preferences#privacy",
+    async browser => {
+      is(
+        browser.contentDocument.getElementById("showPasswords").disabled,
+        true,
+        "showPasswords should be disabled."
+      );
+    }
+  );
+});

browser/locales/en-US/browser/policies/policies-descriptions.ftl

@@ -121,6 +121,8 @@ policy-OverrideFirstRunPage = Override the first run page. Set this policy to bl
 
 policy-OverridePostUpdatePage = Override the post-update “What’s New” page. Set this policy to blank if you want to disable the post-update page.
 
+policy-PasswordManagerEnabled = Enable saving passwords to the password manager.
+
 policy-Permissions = Configure permissions for camera, microphone, location and notifications.
 
 policy-PopupBlocking = Allow certain websites to display popups by default.