Bug 1507291 - Remove concept of machine_only policies. r=Felipe,flod

Differential Revision: https://phabricator.services.mozilla.com/D11942

--HG--
extra : moz-landing-system : lando
This commit is contained in:
Michael Kaply 2018-11-15 20:30:03 +00:00
Родитель dc82a88ccf
Коммит 9a2e704eb9
7 изменённых файлов: 9 добавлений и 80 удалений

Просмотреть файл

@ -407,7 +407,9 @@ class WindowsGPOPoliciesProvider {
// Machine policies override user policies, so we read
// user policies first and then replace them if necessary.
log.debug("root = HKEY_CURRENT_USER");
this._readData(wrk, wrk.ROOT_KEY_CURRENT_USER);
log.debug("root = HKEY_LOCAL_MACHINE");
this._readData(wrk, wrk.ROOT_KEY_LOCAL_MACHINE);
}
@ -426,8 +428,7 @@ class WindowsGPOPoliciesProvider {
_readData(wrk, root) {
wrk.open(root, "SOFTWARE\\Policies", wrk.ACCESS_READ);
if (wrk.hasChild("Mozilla\\Firefox")) {
let isMachineRoot = (root == wrk.ROOT_KEY_LOCAL_MACHINE);
this._policies = WindowsGPOParser.readPolicies(wrk, this._policies, isMachineRoot);
this._policies = WindowsGPOParser.readPolicies(wrk, this._policies);
}
wrk.close();
}

Просмотреть файл

@ -19,20 +19,16 @@ XPCOMUtils.defineLazyGetter(this, "log", () => {
});
});
XPCOMUtils.defineLazyModuleGetters(this, {
schema: "resource:///modules/policies/schema.jsm",
});
var EXPORTED_SYMBOLS = ["WindowsGPOParser"];
var WindowsGPOParser = {
readPolicies(wrk, policies, isMachineRoot) {
readPolicies(wrk, policies) {
let childWrk = wrk.openChild("Mozilla\\Firefox", wrk.ACCESS_READ);
if (!policies) {
policies = {};
}
try {
policies = registryToObject(childWrk, policies, isMachineRoot);
policies = registryToObject(childWrk, policies);
} catch (e) {
log.error(e);
} finally {
@ -41,14 +37,13 @@ var WindowsGPOParser = {
// Need an extra check here so we don't
// JSON.stringify if we aren't in debug mode
if (log._maxLogLevel == "debug") {
log.debug("root = " + isMachineRoot ? "HKEY_LOCAL_MACHINE" : "HKEY_CURRENT_USER");
log.debug(JSON.stringify(policies, null, 2));
}
return policies;
},
};
function registryToObject(wrk, policies, isMachineRoot) {
function registryToObject(wrk, policies) {
if (!policies) {
policies = {};
}
@ -64,9 +59,6 @@ function registryToObject(wrk, policies, isMachineRoot) {
}
for (let i = 0; i < wrk.valueCount; i++) {
let name = wrk.getValueName(i);
if (!isMachineRoot && isMachineOnlyPolicy(name)) {
continue;
}
let value = readRegistryValue(wrk, name);
policies[name] = value;
}
@ -77,9 +69,6 @@ function registryToObject(wrk, policies, isMachineRoot) {
let array = [];
for (let i = 0; i < wrk.childCount; i++) {
let name = wrk.getChildName(i);
if (!isMachineRoot && isMachineOnlyPolicy(name)) {
continue;
}
let childWrk = wrk.openChild(name, wrk.ACCESS_READ);
array.push(registryToObject(childWrk));
childWrk.close();
@ -89,9 +78,6 @@ function registryToObject(wrk, policies, isMachineRoot) {
}
for (let i = 0; i < wrk.childCount; i++) {
let name = wrk.getChildName(i);
if (!isMachineRoot && isMachineOnlyPolicy(name)) {
continue;
}
let childWrk = wrk.openChild(name, wrk.ACCESS_READ);
policies[name] = registryToObject(childWrk);
childWrk.close();
@ -114,12 +100,3 @@ function readRegistryValue(wrk, value) {
// unknown type
return null;
}
function isMachineOnlyPolicy(name) {
if (schema.properties[name] &&
schema.properties[name].machine_only) {
log.error(`Policy ${name} is only allowed under the HKEY_LOCAL_MACHINE root`);
return true;
}
return false;
}

Просмотреть файл

@ -114,10 +114,6 @@ tbody:nth-child(4n + 1) {
margin-left: .5rem;
}
.icon.machine-only {
background-image: url("chrome://browser/skin/developer.svg");
}
.collapsible {
cursor: pointer;
border: none;

Просмотреть файл

@ -22,18 +22,6 @@ function col(text, className) {
return column;
}
function machine_only_col(text) {
let icon = document.createElement("span");
icon.classList.add("icon");
icon.classList.add("machine-only");
icon.setAttribute("data-l10n-id", "gpo-machine-only");
let column = document.createElement("td");
let content = document.createTextNode(text);
column.appendChild(content);
column.appendChild(icon);
return column;
}
function addMissingColumns() {
const table = document.getElementById("activeContent");
let maxColumns = 0;
@ -246,12 +234,7 @@ function generateDocumentation() {
content.classList.toggle("content");
});
let row = document.createElement("tr");
if (AppConstants.platform == "win" &&
schema.properties[policyName].machine_only) {
row.appendChild(machine_only_col(policyName));
} else {
row.appendChild(col(policyName));
}
row.appendChild(col(policyName));
let descriptionColumn = col("");
let stringID = string_mapping[policyName] || policyName;
descriptionColumn.setAttribute("data-l10n-id", `policy-${stringID}`);

Просмотреть файл

@ -3,8 +3,6 @@
"type": "object",
"properties": {
"AppUpdateURL": {
"machine_only": true,
"type": "URL"
},
@ -163,8 +161,6 @@
},
"DisableAppUpdate": {
"machine_only": true,
"type": "boolean"
},
@ -242,14 +238,10 @@
},
"DisableSystemAddonUpdate": {
"machine_only": true,
"type": "boolean"
},
"DisableTelemetry": {
"machine_only": true,
"type": "boolean"
},
@ -279,8 +271,6 @@
},
"Extensions": {
"machine_only": true,
"type": "object",
"properties": {
"Install" : {
@ -338,8 +328,6 @@
},
"Homepage": {
"machine_only": true,
"type": "object",
"properties": {
"URL": {
@ -387,14 +375,10 @@
},
"OverrideFirstRunPage": {
"machine_only": true,
"type": "URLorEmpty"
},
"OverridePostUpdatePage": {
"machine_only": true,
"type": "URLorEmpty"
},
@ -671,8 +655,6 @@
},
"WebsiteFilter": {
"machine_only": "true",
"type": "object",
"properties": {
"Block": {

Просмотреть файл

@ -12,11 +12,3 @@ documentation-tab = Documentation
policy-name = Policy Name
policy-value = Policy Value
policy-errors = Policy Errors
# 'gpo-machine-only' policies are related to the Group Policy features
# on Windows. Please use the same terminology that is used on Windows
# to describe Group Policy.
# These policies can only be set at the computer-level settings, while
# the other policies can also be set at the user-level.
gpo-machine-only =
.title = When using Group Policy, this policy can only be set at the computer level.

Просмотреть файл

@ -79,8 +79,7 @@ policy-EnableTrackingProtection = Enable or disable Content Blocking and optiona
# A “locked” extension cant be disabled or removed by the user. This policy
# takes 3 keys (“Install”, ”Uninstall”, ”Locked”), you can either keep them in
# English or translate them as verbs. See also:
# https://github.com/mozilla/policy-templates/blob/master/README.md#extensions-machine-only
# English or translate them as verbs.
policy-Extensions = Install, uninstall or lock extensions. The Install option takes URLs or paths as parameters. The Uninstall and Locked options take extension IDs.
policy-FlashPlugin = Allow or deny usage of the Flash plugin.
@ -117,6 +116,5 @@ policy-SearchEngines = Configure search engine settings. This policy is only ava
# For more information, see https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/PKCS11/Module_Installation
policy-SecurityDevices = Install PKCS #11 modules.
# “format” refers to the format used for the value of this policy. See also:
# https://github.com/mozilla/policy-templates/blob/master/README.md#websitefilter-machine-only
# “format” refers to the format used for the value of this policy.
policy-WebsiteFilter = Block websites from being visited. See documentation for more details on the format.