1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
/* -*- Mode: Java; c-basic-offset: 4; tab-width: 4; indent-tabs-mode: nil; -*-
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
package org.mozilla.gecko.restrictions;
import org.mozilla.gecko.AboutPages;
import org.mozilla.gecko.AppConstants;
import org.mozilla.gecko.util.ThreadUtils;
import android.annotation.TargetApi;
import android.content.Context;
import android.os.Build;
import android.os.Bundle;
import android.os.StrictMode;
import android.os.UserManager;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
@TargetApi(Build.VERSION_CODES.JELLY_BEAN_MR2)
public class RestrictedProfileConfiguration implements RestrictionConfiguration {
// Mapping from restrictable feature to default state (on/off)
private static Map<Restrictable, Boolean> configuration = new LinkedHashMap<>();
static {
configuration.put(Restrictable.INSTALL_EXTENSION, false);
configuration.put(Restrictable.PRIVATE_BROWSING, false);
configuration.put(Restrictable.CLEAR_HISTORY, false);
configuration.put(Restrictable.MASTER_PASSWORD, false);
configuration.put(Restrictable.GUEST_BROWSING, false);
configuration.put(Restrictable.ADVANCED_SETTINGS, false);
configuration.put(Restrictable.CAMERA_MICROPHONE, false);
configuration.put(Restrictable.DATA_CHOICES, false);
configuration.put(Restrictable.BLOCK_LIST, false);
configuration.put(Restrictable.TELEMETRY, false);
configuration.put(Restrictable.HEALTH_REPORT, true);
configuration.put(Restrictable.DEFAULT_THEME, true);
}
/**
* These restrictions are hidden from the admin configuration UI.
*/
private static List<Restrictable> hiddenRestrictions = new ArrayList<>();
static {
hiddenRestrictions.add(Restrictable.MASTER_PASSWORD);
hiddenRestrictions.add(Restrictable.GUEST_BROWSING);
hiddenRestrictions.add(Restrictable.DATA_CHOICES);
hiddenRestrictions.add(Restrictable.DEFAULT_THEME);
// Hold behind Nightly flag until we have an actual block list deployed.
if (!AppConstants.NIGHTLY_BUILD) {
hiddenRestrictions.add(Restrictable.BLOCK_LIST);
}
}
/* package-private */ static boolean shouldHide(Restrictable restrictable) {
return hiddenRestrictions.contains(restrictable);
}
/* package-private */ static Map<Restrictable, Boolean> getConfiguration() {
return configuration;
}
private Context context;
public RestrictedProfileConfiguration(Context context) {
this.context = context.getApplicationContext();
}
@Override
public synchronized boolean isAllowed(Restrictable restrictable) {
// Special casing system/user restrictions
if (restrictable == Restrictable.INSTALL_APPS || restrictable == Restrictable.MODIFY_ACCOUNTS) {
return RestrictionCache.getUserRestriction(context, restrictable.name);
}
if (!RestrictionCache.hasApplicationRestriction(context, restrictable.name) && !configuration.containsKey(restrictable)) {
// Always allow features that are not in the configuration
return true;
}
return RestrictionCache.getApplicationRestriction(context, restrictable.name, configuration.get(restrictable));
}
@Override
public boolean canLoadUrl(String url) {
if (!isAllowed(Restrictable.INSTALL_EXTENSION) && AboutPages.isAboutAddons(url)) {
return false;
}
if (!isAllowed(Restrictable.PRIVATE_BROWSING) && AboutPages.isAboutPrivateBrowsing(url)) {
return false;
}
if (AboutPages.isAboutConfig(url)) {
// Always block access to about:config to prevent circumventing restrictions (Bug 1189233)
return false;
}
return true;
}
@Override
public boolean isRestricted() {
return true;
}
@Override
public synchronized void update() {
RestrictionCache.invalidate();
}
public static List<Restrictable> getVisibleRestrictions() {
final List<Restrictable> visibleList = new ArrayList<>();
for (Restrictable restrictable : configuration.keySet()) {
if (hiddenRestrictions.contains(restrictable)) {
continue;
}
visibleList.add(restrictable);
}
return visibleList;
}
}
|