Commit d261cc7c authored by Felipe Gomes's avatar Felipe Gomes
Browse files

Bug 1429148 - Policy: Don't let a Master Password to be set. r=keeler

MozReview-Commit-ID: 8Adqg0KU7cZ

--HG--
extra : rebase_source : ec20e2f117d974edaa5df844091a086d12607771
parent 254ff126
......@@ -111,6 +111,14 @@ this.Policies = {
}
},
"CreateMasterPassword": {
onBeforeUIStartup(manager, param) {
if (!param) {
manager.disallowFeature("createMasterPassword");
}
}
},
"DisableFirefoxScreenshots": {
onBeforeAddons(manager, param) {
if (param) {
......
......@@ -13,6 +13,7 @@
]
},
"block_about_profiles": true
"block_about_profiles": true,
"CreateMasterPassword": false
}
}
......@@ -67,6 +67,14 @@
"enum": [true]
},
"CreateMasterPassword": {
"description": "If false, removes access to create a master password.",
"first_available": "60.0",
"type": "boolean",
"enum": [false]
},
"DisableFirefoxScreenshots": {
"description": "Prevents usage of the Firefox Screenshots feature.",
"first_available": "60.0",
......
......@@ -19,6 +19,7 @@ support-files =
[browser_policy_block_set_desktop_background.js]
[browser_policy_default_browser_check.js]
[browser_policy_disable_fxscreenshots.js]
[browser_policy_disable_masterpassword.js]
[browser_policy_display_bookmarks.js]
[browser_policy_disable_formhistory.js]
[browser_policy_display_menu.js]
......
/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/ */
"use strict";
const MASTER_PASSWORD = "omgsecret!";
const mpToken = Cc["@mozilla.org/security/pk11tokendb;1"]
.getService(Ci.nsIPK11TokenDB)
.getInternalKeyToken();
async function checkDeviceManager({buttonIsDisabled}) {
let deviceManagerWindow = window.openDialog("chrome://pippki/content/device_manager.xul", "", "");
await new Promise(resolve => {
deviceManagerWindow.addEventListener("load", resolve, {once: true});
});
let tree = deviceManagerWindow.document.getElementById("device_tree");
ok(tree, "The device tree exists");
// Find and select the item related to the internal key token
for (let i = 0; i < tree.view.rowCount; i++) {
tree.view.selection.select(i);
try {
let selected_token = deviceManagerWindow.selected_slot.getToken();
if (selected_token.isInternalKeyToken) {
break;
}
} catch (e) {}
}
// Check to see if the button was updated correctly
let changePwButton = deviceManagerWindow.document.getElementById("change_pw_button");
is(changePwButton.getAttribute("disabled") == "true", buttonIsDisabled,
"Change Password button is in the correct state: " + buttonIsDisabled);
await BrowserTestUtils.closeWindow(deviceManagerWindow);
}
async function checkAboutPreferences({checkboxIsDisabled}) {
await BrowserTestUtils.withNewTab("about:preferences#privacy", async browser => {
// eslint-disable-next-line mozilla/no-cpows-in-tests
is(browser.contentDocument.getElementById("useMasterPassword").disabled, checkboxIsDisabled,
"Master Password checkbox is in the correct state: " + checkboxIsDisabled);
});
}
add_task(async function test_policy_disable_masterpassword() {
ok(!mpToken.hasPassword, "Starting the test with no password");
// No password and no policy: access to setting a master password
// should be enabled.
await checkDeviceManager({buttonIsDisabled: false});
await checkAboutPreferences({checkboxIsDisabled: false});
await setupPolicyEngineWithJson({
"policies": {
"CreateMasterPassword": false
}
});
// With the `CreateMasterPassword: false` policy active, the
// UI entry points for creating a Master Password should be disabled.
await checkDeviceManager({buttonIsDisabled: true});
await checkAboutPreferences({checkboxIsDisabled: true});
mpToken.changePassword("", MASTER_PASSWORD);
ok(mpToken.hasPassword, "Master password was set");
// If a Master Password is already set, there's no point in disabling
// the
await checkDeviceManager({buttonIsDisabled: false});
await checkAboutPreferences({checkboxIsDisabled: false});
// Clean up
mpToken.changePassword(MASTER_PASSWORD, "");
ok(!mpToken.hasPassword, "Master password was cleaned up");
});
......@@ -1124,6 +1124,7 @@ var gPrivacyPane = {
var checkbox = document.getElementById("useMasterPassword");
checkbox.checked = !noMP;
checkbox.disabled = noMP && !Services.policies.isAllowed("createMasterPassword");
},
/**
......
......@@ -162,6 +162,12 @@ function enableButtons() {
}
}
}
if (!Services.policies.isAllowed("createMasterPassword") &&
selected_token.isInternalKeyToken &&
!selected_token.hasPassword) {
pw_toggle = "true";
}
}
showSlotInfo();
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment