Bug 1575681 - Add policy to remove access to the password manager. r=MattN,fluent-reviewers,flod
authorMichael Kaply <mozilla@kaply.com>
Wed, 28 Aug 2019 05:33:47 +0000
changeset 551553 a63410d10c7a9d06504c66338ccdeaac945a8d00
parent 551552 7afcfc71024f568e479c243959c8c538da2f496c
child 551554 72edc19d4181e2086bba17f616d001771d65f098
push id11865
push userbtara@mozilla.com
push dateMon, 02 Sep 2019 08:54:37 +0000
treeherdermozilla-beta@37f59c4671b3 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersMattN, fluent-reviewers, flod
bugs1575681
milestone70.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1575681 - Add policy to remove access to the password manager. r=MattN,fluent-reviewers,flod Differential Revision: https://phabricator.services.mozilla.com/D43673
browser/components/enterprisepolicies/Policies.jsm
browser/components/enterprisepolicies/schemas/policies-schema.json
browser/components/enterprisepolicies/tests/browser/browser.ini
browser/components/enterprisepolicies/tests/browser/browser_policy_block_about.js
browser/components/enterprisepolicies/tests/browser/browser_policy_passwordmanager.js
browser/locales/en-US/browser/policies/policies-descriptions.ftl
--- a/browser/components/enterprisepolicies/Policies.jsm
+++ b/browser/components/enterprisepolicies/Policies.jsm
@@ -998,16 +998,27 @@ var Policies = {
       setAndLockPref("startup.homepage_override_url", url);
       // The pref startup.homepage_override_url is only used
       // as a fallback when the update.xml file hasn't provided
       // a specific post-update URL.
       manager.disallowFeature("postUpdateCustomPage");
     },
   },
 
+  PasswordManagerEnabled: {
+    onBeforeUIStartup(manager, param) {
+      if (!param) {
+        blockAboutPage(manager, "about:logins", true);
+        gBlockedChromePages.push("passwordManager.xul");
+        setAndLockPref("pref.privacy.disable_button.view_passwords", true);
+      }
+      setAndLockPref("signon.rememberSignons", param);
+    },
+  },
+
   Permissions: {
     onBeforeUIStartup(manager, param) {
       if (param.Camera) {
         addAllowDenyPermissions(
           "camera",
           param.Camera.Allow,
           param.Camera.Block
         );
--- a/browser/components/enterprisepolicies/schemas/policies-schema.json
+++ b/browser/components/enterprisepolicies/schemas/policies-schema.json
@@ -504,16 +504,20 @@
     "OverrideFirstRunPage": {
       "type": "URLorEmpty"
     },
 
     "OverridePostUpdatePage": {
       "type": "URLorEmpty"
     },
 
+    "PasswordManagerEnabled": {
+      "type": "boolean"
+    },
+
     "Permissions": {
       "type": "object",
       "properties": {
         "Camera": {
           "type": "object",
           "properties": {
             "Allow": {
               "type": "array",
--- a/browser/components/enterprisepolicies/tests/browser/browser.ini
+++ b/browser/components/enterprisepolicies/tests/browser/browser.ini
@@ -38,13 +38,14 @@ skip-if = (verify && debug && (os == 'ma
 [browser_policy_display_bookmarks.js]
 [browser_policy_display_menu.js]
 [browser_policy_extensions.js]
 [browser_policy_downloads.js]
 [browser_policy_extensionsettings.js]
 skip-if = fission
 [browser_policy_firefoxhome.js]
 [browser_policy_override_postupdatepage.js]
+[browser_policy_passwordmanager.js]
 [browser_policy_search_engine.js]
 [browser_policy_searchbar.js]
 [browser_policy_set_homepage.js]
 [browser_policy_support_menu.js]
 [browser_policy_websitefilter.js]
--- a/browser/components/enterprisepolicies/tests/browser/browser_policy_block_about.js
+++ b/browser/components/enterprisepolicies/tests/browser/browser_policy_block_about.js
@@ -6,23 +6,26 @@ const policiesToTest = {
   BlockAboutAddons: "about:addons",
   BlockAboutConfig: "about:config",
   BlockAboutProfiles: "about:profiles",
   BlockAboutSupport: "about:support",
 };
 
 add_task(async function testAboutTask() {
   for (let policy in policiesToTest) {
-    await testPageBlockedByPolicy(policy, policiesToTest[policy]);
+    let policyJSON = { policies: {} };
+    policyJSON.policies[policy] = true;
+    await testPageBlockedByPolicy(policyJSON, policiesToTest[policy]);
   }
+  let policyJSON = { policies: {} };
+  policyJSON.policies.PasswordManagerEnabled = false;
+  await testPageBlockedByPolicy(policyJSON, "about:logins");
 });
 
-async function testPageBlockedByPolicy(policy, page) {
-  let policyJSON = { policies: {} };
-  policyJSON.policies[policy] = true;
+async function testPageBlockedByPolicy(policyJSON, page) {
   await setupPolicyEngineWithJson(policyJSON);
 
   await BrowserTestUtils.withNewTab(
     { gBrowser, url: "about:blank" },
     async browser => {
       BrowserTestUtils.loadURI(browser, page);
       await BrowserTestUtils.browserLoaded(browser, false, page, true);
       await ContentTask.spawn(browser, page, async function(innerPage) {
new file mode 100644
--- /dev/null
+++ b/browser/components/enterprisepolicies/tests/browser/browser_policy_passwordmanager.js
@@ -0,0 +1,23 @@
+/* Any copyright is dedicated to the Public Domain.
+ * http://creativecommons.org/publicdomain/zero/1.0/ */
+
+"use strict";
+
+add_task(async function test_pwmanagerbutton() {
+  await setupPolicyEngineWithJson({
+    policies: {
+      PasswordManagerEnabled: false,
+    },
+  });
+
+  await BrowserTestUtils.withNewTab(
+    "about:preferences#privacy",
+    async browser => {
+      is(
+        browser.contentDocument.getElementById("showPasswords").disabled,
+        true,
+        "showPasswords should be disabled."
+      );
+    }
+  );
+});
--- a/browser/locales/en-US/browser/policies/policies-descriptions.ftl
+++ b/browser/locales/en-US/browser/policies/policies-descriptions.ftl
@@ -116,16 +116,18 @@ policy-NoDefaultBookmarks = Disable crea
 policy-OfferToSaveLogins = Enforce the setting to allow { -brand-short-name } to offer to remember saved logins and passwords. Both true and false values are accepted.
 
 policy-OfferToSaveLoginsDefault = Set the default value for allowing { -brand-short-name } to offer to remember saved logins and passwords. Both true and false values are accepted.
 
 policy-OverrideFirstRunPage = Override the first run page. Set this policy to blank if you want to disable the first run page.
 
 policy-OverridePostUpdatePage = Override the post-update “What’s New” page. Set this policy to blank if you want to disable the post-update page.
 
+policy-PasswordManagerEnabled = Enable saving passwords to the password manager.
+
 policy-Permissions = Configure permissions for camera, microphone, location and notifications.
 
 policy-PopupBlocking = Allow certain websites to display popups by default.
 
 policy-Preferences = Set and lock the value for a subset of preferences.
 
 policy-PromptForDownloadLocation = Ask where to save files when downloading.