Bug 1222377 - Add option to enable blocking content in restricted profiles. r=margaret
authorSebastian Kaspari <s.kaspari@gmail.com>
Tue, 15 Dec 2015 13:34:49 +0100
changeset 276739 48a56019f52049bbf9ccede95d15a2cb3b5295bc
parent 276738 5ac640a116e12ec1dc1828f53b248adeb9297911
child 276740 d0f136a93ad36c7f31c19408696935c4f6e8bd9c
push id69273
push usercbook@mozilla.com
push dateThu, 17 Dec 2015 11:03:52 +0000
treeherdermozilla-inbound@565d7ae436ba [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmargaret
bugs1222377
milestone46.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1222377 - Add option to enable blocking content in restricted profiles. r=margaret (Feature only enabled in Nightly until we deployed an actual block list)
mobile/android/base/java/org/mozilla/gecko/restrictions/DefaultConfiguration.java
mobile/android/base/java/org/mozilla/gecko/restrictions/GuestProfileConfiguration.java
mobile/android/base/java/org/mozilla/gecko/restrictions/Restrictable.java
mobile/android/base/java/org/mozilla/gecko/restrictions/RestrictedProfileConfiguration.java
mobile/android/base/locales/en-US/android_strings.dtd
mobile/android/base/strings.xml.in
mobile/android/chrome/content/browser.js
mobile/android/tests/browser/robocop/src/org/mozilla/gecko/tests/testRestrictions.java
toolkit/components/parentalcontrols/nsIParentalControlsService.idl
--- a/mobile/android/base/java/org/mozilla/gecko/restrictions/DefaultConfiguration.java
+++ b/mobile/android/base/java/org/mozilla/gecko/restrictions/DefaultConfiguration.java
@@ -7,16 +7,20 @@ package org.mozilla.gecko.restrictions;
 
 /**
  * Default implementation of RestrictionConfiguration interface. Used whenever no restrictions are enforced for the
  * current profile.
  */
 public class DefaultConfiguration implements RestrictionConfiguration {
     @Override
     public boolean isAllowed(Restrictable restrictable) {
+        if (restrictable == Restrictable.BLOCK_LIST) {
+            return false;
+        }
+
         return true;
     }
 
     @Override
     public boolean canLoadUrl(String url) {
         return true;
     }
 
--- a/mobile/android/base/java/org/mozilla/gecko/restrictions/GuestProfileConfiguration.java
+++ b/mobile/android/base/java/org/mozilla/gecko/restrictions/GuestProfileConfiguration.java
@@ -20,17 +20,18 @@ public class GuestProfileConfiguration i
             Restrictable.INSTALL_APPS,
             Restrictable.BROWSE,
             Restrictable.SHARE,
             Restrictable.BOOKMARK,
             Restrictable.ADD_CONTACT,
             Restrictable.SET_IMAGE,
             Restrictable.MODIFY_ACCOUNTS,
             Restrictable.REMOTE_DEBUGGING,
-            Restrictable.IMPORT_SETTINGS
+            Restrictable.IMPORT_SETTINGS,
+            Restrictable.BLOCK_LIST
     );
 
     @SuppressWarnings("serial")
     private static final List<String> BANNED_SCHEMES = Arrays.asList(
             "file",
             "chrome",
             "resource",
             "jar",
--- a/mobile/android/base/java/org/mozilla/gecko/restrictions/Restrictable.java
+++ b/mobile/android/base/java/org/mozilla/gecko/restrictions/Restrictable.java
@@ -61,17 +61,21 @@ public enum Restrictable {
     GUEST_BROWSING(16, "guest_browsing",  0, 0),
 
     ADVANCED_SETTINGS(17, "advanced_settings",
             R.string.restrictable_feature_advanced_settings,
             R.string.restrictable_feature_advanced_settings_description),
 
     CAMERA_MICROPHONE(18, "camera_microphone",
             R.string.restrictable_feature_camera_microphone,
-            R.string.restrictable_feature_camera_microphone_description);
+            R.string.restrictable_feature_camera_microphone_description),
+
+    BLOCK_LIST(19, "block_list",
+            R.string.restrictable_feature_block_list,
+            R.string.restrictable_feature_block_list_description);
 
     public final int id;
     public final String name;
 
     @StringRes
     public final int title;
 
     @StringRes
--- a/mobile/android/base/java/org/mozilla/gecko/restrictions/RestrictedProfileConfiguration.java
+++ b/mobile/android/base/java/org/mozilla/gecko/restrictions/RestrictedProfileConfiguration.java
@@ -1,16 +1,17 @@
 /* -*- Mode: Java; c-basic-offset: 4; tab-width: 4; indent-tabs-mode: nil; -*-
  * This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 package org.mozilla.gecko.restrictions;
 
 import org.mozilla.gecko.AboutPages;
+import org.mozilla.gecko.AppConstants;
 import org.mozilla.gecko.util.ThreadUtils;
 
 import android.annotation.TargetApi;
 import android.content.Context;
 import android.os.Build;
 import android.os.Bundle;
 import android.os.StrictMode;
 import android.os.UserManager;
@@ -28,16 +29,21 @@ public class RestrictedProfileConfigurat
         configuration.put(Restrictable.INSTALL_EXTENSION, false);
         configuration.put(Restrictable.PRIVATE_BROWSING, false);
         configuration.put(Restrictable.CLEAR_HISTORY, false);
         configuration.put(Restrictable.MASTER_PASSWORD, false);
         configuration.put(Restrictable.GUEST_BROWSING, false);
         configuration.put(Restrictable.ADVANCED_SETTINGS, false);
         configuration.put(Restrictable.CAMERA_MICROPHONE, false);
         configuration.put(Restrictable.DATA_CHOICES, true);
+
+        // Hold behind Nightly flag until we have an actual block list deployed.
+        if (AppConstants.NIGHTLY_BUILD) {
+            configuration.put(Restrictable.BLOCK_LIST, false);
+        }
     }
 
     /**
      * These restrictions are hidden from the admin configuration UI.
      */
     private static List<Restrictable> hiddenRestrictions = Arrays.asList(
             Restrictable.MASTER_PASSWORD,
             Restrictable.GUEST_BROWSING
--- a/mobile/android/base/locales/en-US/android_strings.dtd
+++ b/mobile/android/base/locales/en-US/android_strings.dtd
@@ -741,16 +741,18 @@ just addresses the organization to follo
 <!ENTITY restrictable_feature_clear_history "Clear History">
 <!ENTITY restrictable_feature_clear_history_description "Allows family members to delete information about the sites and pages they\'ve visited.">
 <!ENTITY restrictable_feature_advanced_settings "Advanced Settings">
 <!ENTITY restrictable_feature_advanced_settings_description "This includes importing bookmarks, restoring tabs and automated updates. Turn off for simplified settings suitable for any family member.">
 <!ENTITY restrictable_feature_camera_microphone "Camera &amp; Microphone">
 <!ENTITY restrictable_feature_camera_microphone_description "Allows family members to engage in real time communication on websites.">
 <!ENTITY restrictable_feature_data_choices "Data Choices">
 <!ENTITY restrictable_feature_data_choices_description "Choose whether or not to send usage information to Mozilla to help make Firefox better.">
+<!ENTITY restrictable_feature_block_list "Block List">
+<!ENTITY restrictable_feature_block_list_description "Block websites that include sensitive content.">
 
 <!-- Default Bookmarks titles-->
 <!-- LOCALIZATION NOTE (bookmarks_about_browser): link title for about:fennec -->
 <!ENTITY bookmarks_about_browser "Firefox: About your browser">
 <!-- LOCALIZATION NOTE (bookmarks_addons): link title for https://addons.mozilla.org/en-US/mobile -->
 <!ENTITY bookmarks_addons "Firefox: Customize with add-ons">
 <!-- LOCALIZATION NOTE (bookmarks_support): link title for https://support.mozilla.org/ -->
 <!ENTITY bookmarks_support "Firefox: Support">
--- a/mobile/android/base/strings.xml.in
+++ b/mobile/android/base/strings.xml.in
@@ -576,16 +576,18 @@
   <string name="restrictable_feature_clear_history">&restrictable_feature_clear_history;</string>
   <string name="restrictable_feature_clear_history_description">&restrictable_feature_clear_history_description;</string>
   <string name="restrictable_feature_advanced_settings">&restrictable_feature_advanced_settings;</string>
   <string name="restrictable_feature_advanced_settings_description">&restrictable_feature_advanced_settings_description;</string>
   <string name="restrictable_feature_camera_microphone">&restrictable_feature_camera_microphone;</string>
   <string name="restrictable_feature_camera_microphone_description">&restrictable_feature_camera_microphone_description;</string>
   <string name="restrictable_feature_data_choices">&restrictable_feature_data_choices;</string>
   <string name="restrictable_feature_data_choices_description">&restrictable_feature_data_choices_description;</string>
+  <string name="restrictable_feature_block_list">&restrictable_feature_block_list;</string>
+  <string name="restrictable_feature_block_list_description">&restrictable_feature_block_list_description;</string>
 
   <!-- Miscellaneous -->
   <string name="ellipsis">&ellipsis;</string>
 
   <string name="colon">&colon;</string>
 
   <string name="percent">&percent;</string>
 
--- a/mobile/android/chrome/content/browser.js
+++ b/mobile/android/chrome/content/browser.js
@@ -533,16 +533,22 @@ var BrowserApp = {
       Services.prefs.setIntPref("extensions.autoDisableScopes", 1);
       Services.prefs.setBoolPref("xpinstall.enabled", false);
     } else if (ParentalControls.parentalControlsEnabled) {
       Services.prefs.clearUserPref("extensions.enabledScopes");
       Services.prefs.clearUserPref("extensions.autoDisableScopes");
       Services.prefs.setBoolPref("xpinstall.enabled", true);
     }
 
+    if (ParentalControls.parentalControlsEnabled) {
+        let isBlockListEnabled = ParentalControls.isAllowed(ParentalControls.BLOCK_LIST);
+        Services.prefs.setBoolPref("browser.safebrowsing.forbiddenURIs.enabled", isBlockListEnabled);
+        Services.prefs.setBoolPref("browser.safebrowsing.allowOverride", !isBlockListEnabled);
+    }
+
     let sysInfo = Cc["@mozilla.org/system-info;1"].getService(Ci.nsIPropertyBag2);
     if (sysInfo.get("version") < 16) {
       let defaults = Services.prefs.getDefaultBranch(null);
       defaults.setBoolPref("media.autoplay.enabled", false);
     }
 
     try {
       // Set the tiles click observer only if tiles reporting is enabled (that
--- a/mobile/android/tests/browser/robocop/src/org/mozilla/gecko/tests/testRestrictions.java
+++ b/mobile/android/tests/browser/robocop/src/org/mozilla/gecko/tests/testRestrictions.java
@@ -1,24 +1,39 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 package org.mozilla.gecko.tests;
 
+import static org.mozilla.gecko.tests.helpers.AssertionHelper.fAssertFalse;
 import static org.mozilla.gecko.tests.helpers.AssertionHelper.fAssertTrue;
 
 import org.mozilla.gecko.Restrictions;
 import org.mozilla.gecko.restrictions.Restrictable;
 import org.mozilla.gecko.tests.helpers.GeckoHelper;
 
 public class testRestrictions extends UITest {
     public void testRestrictions() {
         GeckoHelper.blockForReady();
 
         // No restrictions should be enforced when using a normal profile
         for (Restrictable restrictable : Restrictable.values()) {
-            fAssertTrue(String.format("Restriction %s is not enforced", restrictable.name),
-                Restrictions.isAllowed(getActivity(), restrictable)
-            );
+            if (restrictable == Restrictable.BLOCK_LIST) {
+                assertFeatureDisabled(restrictable);
+            } else {
+                assertFeatureEnabled(restrictable);
+            }
         }
     }
+
+    private void assertFeatureEnabled(Restrictable restrictable) {
+        fAssertTrue(String.format("Restrictable feature %s is enabled", restrictable.name),
+                Restrictions.isAllowed(getActivity(), restrictable)
+        );
+    }
+
+    private void assertFeatureDisabled(Restrictable restrictable) {
+        fAssertFalse(String.format("Restrictable feature %s is disabled", restrictable.name),
+                Restrictions.isAllowed(getActivity(), restrictable)
+        );
+    }
 }
--- a/toolkit/components/parentalcontrols/nsIParentalControlsService.idl
+++ b/toolkit/components/parentalcontrols/nsIParentalControlsService.idl
@@ -6,17 +6,17 @@
 
 #include "nsISupports.idl"
 
 interface nsIURI;
 interface nsIFile;
 interface nsIInterfaceRequestor;
 interface nsIArray;
 
-[scriptable, uuid(f35733bc-114b-49ce-a8dd-a423f19318bc)]
+[scriptable, uuid(f17414cd-d357-476d-b894-2f7bda9e3a9b)]
 interface nsIParentalControlsService : nsISupports
 {
   /**
    * Action types that can be blocked for users.
    */
   const short DOWNLOAD = 1; // Downloading files
   const short INSTALL_EXTENSION = 2; // Installing extensions
   const short INSTALL_APP = 3; // Installing webapps
@@ -30,16 +30,17 @@ interface nsIParentalControlsService : n
   const short IMPORT_SETTINGS = 11; // Importing settings from other apps
   const short PRIVATE_BROWSING = 12; // Disallow usage of private browsing
   const short DATA_CHOICES = 13; // Choose whether or not to send usage information
   const short CLEAR_HISTORY = 14; // Clear browsing history
   const short MASTER_PASSWORD = 15; // Setting master password for logins
   const short GUEST_BROWSING = 16; // Disallow usage of guest browsing
   const short ADVANCED_SETTINGS = 17; // Advanced settings
   const short CAMERA_MICROPHONE = 18; // Camera and microphone (WebRTC)
+  const short BLOCK_LIST = 19; // Block websites that include sensitive content
 
   /**
    * @returns true if the current user account has parental controls
    * restrictions enabled.
    */
   readonly attribute boolean parentalControlsEnabled;
 
   /**