Commit a1c2ceb6 authored by Michael Kaply's avatar Michael Kaply
Browse files

Bug 1493249 - Add policy for security devices. r=Felipe

Differential Revision: https://phabricator.services.mozilla.com/D6525

--HG--
extra : moz-landing-system : lando
parent 9d56241b
......@@ -137,7 +137,7 @@ EnterprisePoliciesManager.prototype = {
},
_callbacks: {
// The earlist that a policy callback can run. This will
// The earliest that a policy callback can run. This will
// happen right after the Policy Engine itself has started,
// and before the Add-ons Manager has started.
onBeforeAddons: [],
......
......@@ -754,6 +754,25 @@ var Policies = {
},
},
"SecurityDevices": {
onProfileAfterChange(manager, param) {
let securityDevices = param;
runOncePerModification("securityDevices",
JSON.stringify(securityDevices),
() => {
let pkcs11 = Cc["@mozilla.org/security/pkcs11moduledb;1"].getService(Ci.nsIPKCS11ModuleDB);
for (let deviceName in securityDevices) {
try {
pkcs11.addModule(deviceName, securityDevices[deviceName], 0, 0);
} catch (ex) {
log.error("Unable to add security device ${deviceName}");
log.debug(ex);
}
}
});
},
},
"WebsiteFilter": {
onBeforeUIStartup(manager, param) {
this.filter = new WebsiteFilter(param.Block || [], param.Exceptions || []);
......
......@@ -632,6 +632,13 @@
}
},
"SecurityDevices": {
"type": "object",
"patternProperties": {
"^.*$": { "type": "string" }
}
},
"WebsiteFilter": {
"machine_only": "true",
......
......@@ -108,26 +108,52 @@ function validateAndParseParamRecursive(param, properties) {
}
let parsedObj = {};
for (let property of Object.keys(properties.properties)) {
log.debug(`in object, checking\n property: ${property}\n value: ${param[property]}\n expected type: ${properties.properties[property].type}`);
let patternProperties = [];
if ("patternProperties" in properties) {
for (let propName of Object.keys(properties.patternProperties || {})) {
let pattern;
try {
pattern = new RegExp(propName);
} catch (e) {
throw new Error(`Internal error: Invalid property pattern ${propName}`);
}
patternProperties.push({
pattern,
schema: properties.patternProperties[propName],
});
}
}
if (!param.hasOwnProperty(property)) {
if (properties.required && properties.required.includes(property)) {
log.error(`Object is missing required property ${property}`);
if (properties.required) {
for (let required of properties.required) {
if (!(required in param)) {
log.error(`Object is missing required property ${required}`);
return [false, null];
}
continue;
}
}
let [valid, parsedValue] = validateAndParseParamRecursive(param[property], properties.properties[property]);
if (!valid) {
return [false, null];
for (let item of Object.keys(param)) {
let schema;
if ("properties" in properties &&
properties.properties.hasOwnProperty(item)) {
schema = properties.properties[item];
} else if (patternProperties.length) {
for (let patternProperty of patternProperties) {
if (patternProperty.pattern.test(item)) {
schema = patternProperty.schema;
break;
}
}
}
if (schema) {
let [valid, parsedValue] = validateAndParseParamRecursive(param[item], schema);
if (!valid) {
return [false, null];
}
parsedObj[item] = parsedValue;
}
parsedObj[property] = parsedValue;
}
return [true, parsedObj];
}
}
......
......@@ -396,3 +396,54 @@ add_task(async function test_number_or_array_values() {
ok(!JsonSchemaValidator.validateAndParseParameters([[]], schema)[0], "Invalid value");
ok(!JsonSchemaValidator.validateAndParseParameters([0, 1, [2, 3]], schema)[0], "Invalid value");
});
add_task(async function test_patternProperties() {
let schema = {
type: "object",
properties: {
"S-bool-property": { "type": "boolean" },
},
patternProperties: {
"^S-": { "type": "string" },
"^N-": { "type": "number" },
"^B-": { "type": "boolean" },
},
};
let valid, parsed;
[valid, parsed] = JsonSchemaValidator.validateAndParseParameters({
"S-string": "test",
"N-number": 5,
"B-boolean": true,
"S-bool-property": false,
}, schema);
ok(valid, "Object is valid");
is(parsed["S-string"], "test", "parsedProperty is correct");
is(parsed["N-number"], 5, "parsedProperty is correct");
is(parsed["B-boolean"], true, "parsedProperty is correct");
is(parsed["S-bool-property"], false, "property is correct");
[valid, parsed] = JsonSchemaValidator.validateAndParseParameters({
"N-string": "test",
}, schema);
ok(!valid, "Object is not valid since there is a type mismatch");
[valid, parsed] = JsonSchemaValidator.validateAndParseParameters({
"S-number": 5,
}, schema);
ok(!valid, "Object is not valid since there is a type mismatch");
schema = {
type: "object",
patternProperties: {
"[": {" type": "string" },
},
};
Assert.throws(() => {
[valid, parsed] = JsonSchemaValidator.validateAndParseParameters({}, schema);
}, /Invalid property pattern/, "Checking that invalid property patterns throw");
});
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment