Source code
Revision control
Copy as Markdown
Other Tools
Test Info: Warnings
- This test gets skipped with pattern: os == 'android'
- Manifest: browser/components/enterprisepolicies/tests/xpcshell/xpcshell.toml
/* Any copyright is dedicated to the Public Domain.
"use strict";
function URI(str) {
return Services.io.newURI(str);
}
add_task(async function test_setup_preexisting_permissions() {
// Pre-existing ALLOW permissions that should be overridden
// with DENY.
// No ALLOW -> DENY override for popup and install permissions,
// because their policies only supports the Allow parameter.
PermissionTestUtils.add(
"camera",
Ci.nsIPermissionManager.ALLOW_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"microphone",
Ci.nsIPermissionManager.ALLOW_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"geo",
Ci.nsIPermissionManager.ALLOW_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"desktop-notification",
Ci.nsIPermissionManager.ALLOW_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"autoplay-media",
Ci.nsIPermissionManager.ALLOW_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"xr",
Ci.nsIPermissionManager.ALLOW_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
// Pre-existing DENY permissions that should be overridden
// with ALLOW.
PermissionTestUtils.add(
"camera",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"microphone",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"geo",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"desktop-notification",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"autoplay-media",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"xr",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
});
add_task(async function test_setup_activate_policies() {
await setupPolicyEngineWithJson({
policies: {
Permissions: {
Camera: {
},
Microphone: {
},
Location: {
},
Notifications: {
},
Autoplay: {
},
VirtualReality: {
},
},
},
});
equal(
Services.policies.status,
Ci.nsIEnterprisePolicies.ACTIVE,
"Engine is active"
);
});
function checkPermission(url, expected, permissionName) {
let expectedValue = Ci.nsIPermissionManager[`${expected}_ACTION`];
equal(
PermissionTestUtils.testPermission(uri, permissionName),
expectedValue,
`Correct (${permissionName}=${expected}) for URL ${url}`
);
if (expected != "UNKNOWN") {
let permission = PermissionTestUtils.getPermissionObject(
uri,
permissionName,
true
);
ok(permission, "Permission object exists");
equal(
permission.expireType,
Ci.nsIPermissionManager.EXPIRE_POLICY,
"Permission expireType is correct"
);
}
}
function checkAllPermissionsForType(type, typeSupportsDeny = true) {
checkPermission("allow.com", "ALLOW", type);
checkPermission("unknown.com", "UNKNOWN", type);
checkPermission("pre-existing-deny.com", "ALLOW", type);
if (typeSupportsDeny) {
checkPermission("deny.com", "DENY", type);
checkPermission("pre-existing-allow.com", "DENY", type);
}
}
add_task(async function test_camera_policy() {
checkAllPermissionsForType("camera");
});
add_task(async function test_microphone_policy() {
checkAllPermissionsForType("microphone");
});
add_task(async function test_location_policy() {
checkAllPermissionsForType("geo");
});
add_task(async function test_notifications_policy() {
checkAllPermissionsForType("desktop-notification");
});
add_task(async function test_autoplay_policy() {
checkAllPermissionsForType("autoplay-media");
});
add_task(async function test_xr_policy() {
checkAllPermissionsForType("xr");
});
add_task(async function test_change_permission() {
// Checks that changing a permission will still retain the
// value set through the engine.
PermissionTestUtils.add(
"camera",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"microphone",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"geo",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"desktop-notification",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"autoplay-media",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"xr",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
checkPermission("allow.com", "ALLOW", "camera");
checkPermission("allow.com", "ALLOW", "microphone");
checkPermission("allow.com", "ALLOW", "geo");
checkPermission("allow.com", "ALLOW", "desktop-notification");
checkPermission("allow.com", "ALLOW", "autoplay-media");
checkPermission("allow.com", "ALLOW", "xr");
// Also change one un-managed permission to make sure it doesn't
// cause any problems to the policy engine or the permission manager.
PermissionTestUtils.add(
"camera",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"microphone",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"geo",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"desktop-notification",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"autoplay-media",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
PermissionTestUtils.add(
"xr",
Ci.nsIPermissionManager.DENY_ACTION,
Ci.nsIPermissionManager.EXPIRE_SESSION
);
});
add_task(async function test_setup_trackingprotection() {
await setupPolicyEngineWithJson({
},
});
equal(
Services.policies.status,
Ci.nsIEnterprisePolicies.ACTIVE,
"Engine is active"
);
});
add_task(async function test_trackingprotection() {
checkPermission("allow.com", "ALLOW", "trackingprotection");
});
// This seems a little out of place, but it's really a cookie
// permission, not cookies per say.
add_task(async function test_cookie_allow_session() {
await setupPolicyEngineWithJson({
},
});
equal(
PermissionTestUtils.testPermission(
"cookie"
),
Ci.nsICookiePermission.ACCESS_SESSION
);
});
// This again seems out of place, but AutoLaunchProtocolsFromOrigins
// is all permissions.
add_task(async function test_autolaunchprotocolsfromorigins() {
await setupPolicyEngineWithJson({
policies: {
AutoLaunchProtocolsFromOrigins: [
{
protocol: "test-protocol",
},
],
},
});
equal(
PermissionTestUtils.testPermission(
"open-protocol-handler^test-protocol"
),
Ci.nsIPermissionManager.ALLOW_ACTION
);
});
// This again seems out of place, but PasswordManagerExceptions
// is all permissions.
add_task(async function test_passwordmanagerexceptions() {
await setupPolicyEngineWithJson({
policies: {
},
});
equal(
PermissionTestUtils.testPermission(
"login-saving"
),
Ci.nsIPermissionManager.DENY_ACTION
);
});
// This again seems out of place, but HttpAllowlist
// is all permissions.
add_task(async function test_httpsonly_exceptions() {
await setupPolicyEngineWithJson({
policies: {
},
});
equal(
PermissionTestUtils.testPermission(
"https-only-load-insecure"
),
Ci.nsIPermissionManager.ALLOW_ACTION
);
});