1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
|
/* Any copyright is dedicated to the Public Domain.
* http://creativecommons.org/publicdomain/zero/1.0/ */
"use strict";
add_task(async function test_setup_preexisting_permissions() {
// Pre-existing ALLOW permissions that should be overriden
// with DENY.
// No ALLOW -> DENY override for popup and install permissions,
// because their policies only supports the Allow parameter.
PermissionTestUtils.add(
"https://www.pre-existing-allow.com",
"cookie",
Ci.nsIPermissionManager.ALLOW_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"https://www.pre-existing-allow.com",
"plugin:flash",
Ci.nsIPermissionManager.ALLOW_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
// Pre-existing DENY permissions that should be overriden
// with ALLOW.
PermissionTestUtils.add(
"https://www.pre-existing-deny.com",
"popup",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"https://www.pre-existing-deny.com",
"install",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"https://www.pre-existing-deny.com",
"cookie",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"https://www.pre-existing-deny.com",
"plugin:flash",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
});
add_task(async function test_setup_activate_policies() {
await setupPolicyEngineWithJson("config_popups_cookies_addons_flash.json");
equal(
Services.policies.status,
Ci.nsIEnterprisePolicies.ACTIVE,
"Engine is active"
);
});
function checkPermission(url, expected, permissionName) {
let expectedValue = Ci.nsIPermissionManager[`${expected}_ACTION`];
let uri = Services.io.newURI(`https://www.${url}`);
equal(
PermissionTestUtils.testPermission(uri, permissionName),
expectedValue,
`Correct (${permissionName}=${expected}) for URL ${url}`
);
if (expected != "UNKNOWN") {
let permission = PermissionTestUtils.getPermissionObject(
uri,
permissionName,
true
);
ok(permission, "Permission object exists");
equal(
permission.expireType,
Ci.nsIPermissionManager.EXPIRE_POLICY,
"Permission expireType is correct"
);
}
}
function checkAllPermissionsForType(type, typeSupportsDeny = true) {
checkPermission("allow.com", "ALLOW", type);
checkPermission("unknown.com", "UNKNOWN", type);
checkPermission("pre-existing-deny.com", "ALLOW", type);
if (typeSupportsDeny) {
checkPermission("deny.com", "DENY", type);
checkPermission("pre-existing-allow.com", "DENY", type);
}
}
add_task(async function test_popups_policy() {
checkAllPermissionsForType("popup", false);
});
add_task(async function test_webextensions_policy() {
checkAllPermissionsForType("install", false);
});
add_task(async function test_cookies_policy() {
checkAllPermissionsForType("cookie");
});
add_task(async function test_flash_policy() {
checkAllPermissionsForType("plugin:flash");
});
add_task(async function test_change_permission() {
// Checks that changing a permission will still retain the
// value set through the engine.
PermissionTestUtils.add(
"https://www.allow.com",
"cookie",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
checkPermission("allow.com", "ALLOW", "cookie");
// Also change one un-managed permission to make sure it doesn't
// cause any problems to the policy engine or the permission manager.
PermissionTestUtils.add(
"https://www.unmanaged.com",
"cookie",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
});
|
