1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/ */
"use strict";
add_task(async function test_setup_preexisting_permissions() {
// Pre-existing ALLOW permissions that should be overriden
// with DENY.
// No ALLOW -> DENY override for popup and install permissions,
// because their policies only supports the Allow parameter.
PermissionTestUtils.add(
"https://www.pre-existing-allow.com",
"cookie",
Ci.nsIPermissionManager.ALLOW_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
// Pre-existing DENY permissions that should be overriden
// with ALLOW.
PermissionTestUtils.add(
"https://www.pre-existing-deny.com",
"popup",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"https://www.pre-existing-deny.com",
"install",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"https://www.pre-existing-deny.com",
"cookie",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
});
add_task(async function test_setup_activate_policies() {
await setupPolicyEngineWithJson("config_popups_cookies_addons.json");
equal(
Services.policies.status,
Ci.nsIEnterprisePolicies.ACTIVE,
"Engine is active"
);
});
function checkPermission(url, expected, permissionName) {
let expectedValue = Ci.nsIPermissionManager[`${expected}_ACTION`];
let uri = Services.io.newURI(`https://www.${url}`);
equal(
PermissionTestUtils.testPermission(uri, permissionName),
expectedValue,
`Correct (${permissionName}=${expected}) for URL ${url}`
);
if (expected != "UNKNOWN") {
let permission = PermissionTestUtils.getPermissionObject(
uri,
permissionName,
true
);
ok(permission, "Permission object exists");
equal(
permission.expireType,
Ci.nsIPermissionManager.EXPIRE_POLICY,
"Permission expireType is correct"
);
}
}
function checkAllPermissionsForType(type, typeSupportsDeny = true) {
checkPermission("allow.com", "ALLOW", type);
checkPermission("unknown.com", "UNKNOWN", type);
checkPermission("pre-existing-deny.com", "ALLOW", type);
if (typeSupportsDeny) {
checkPermission("deny.com", "DENY", type);
checkPermission("pre-existing-allow.com", "DENY", type);
}
}
add_task(async function test_popups_policy() {
checkAllPermissionsForType("popup", false);
});
add_task(async function test_webextensions_policy() {
checkAllPermissionsForType("install", false);
});
add_task(async function test_cookies_policy() {
checkAllPermissionsForType("cookie");
});
add_task(async function test_change_permission() {
// Checks that changing a permission will still retain the
// value set through the engine.
PermissionTestUtils.add(
"https://www.allow.com",
"cookie",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
checkPermission("allow.com", "ALLOW", "cookie");
// Also change one un-managed permission to make sure it doesn't
// cause any problems to the policy engine or the permission manager.
PermissionTestUtils.add(
"https://www.unmanaged.com",
"cookie",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
});
|
