From eb3812d7518a0d46265fe37361ab2a1c42e21619 Mon Sep 17 00:00:00 2001 From: Michael Herrmann Date: Tue, 13 Dec 2022 12:55:09 +0100 Subject: [PATCH 1/4] Add Brave-specific options to policy templates Previously, only Chromium options were there. Now we also have: * TorDisabled * IPFSEnabled * BraveRewardsDisabled * BraveWalletDisabled --- ...licy-resources-policy_templates.json.patch | 10 +++++++ ...licy-tools-generate_policy_source.py.patch | 12 ++------ script/policy_source_helper.py | 30 ++++++++++++++++++- 3 files changed, 41 insertions(+), 11 deletions(-) create mode 100644 patches/components-policy-resources-policy_templates.json.patch diff --git a/patches/components-policy-resources-policy_templates.json.patch b/patches/components-policy-resources-policy_templates.json.patch new file mode 100644 index 000000000000..10f8ba904350 --- /dev/null +++ b/patches/components-policy-resources-policy_templates.json.patch @@ -0,0 +1,10 @@ +diff --git a/components/policy/resources/policy_templates.json b/components/policy/resources/policy_templates.json +index 5238b76ba5466b3015157bc33e4efe13a2213418..382aeede0591a604f48d85cac70389ce38cf619d 100644 +--- a/components/policy/resources/policy_templates.json ++++ b/components/policy/resources/policy_templates.json +@@ -1,4 +1,4 @@ +-{ ++__import__('policy_source_helper').BravePolicies() + { + # policy_templates.json - Metafile for policy templates + # + # The content of this file is evaluated as a Python expression. diff --git a/patches/components-policy-tools-generate_policy_source.py.patch b/patches/components-policy-tools-generate_policy_source.py.patch index 2350fc4de0dc..9b504068f25b 100644 --- a/patches/components-policy-tools-generate_policy_source.py.patch +++ b/patches/components-policy-tools-generate_policy_source.py.patch @@ -1,20 +1,12 @@ diff --git a/components/policy/tools/generate_policy_source.py b/components/policy/tools/generate_policy_source.py -index feb36d536f184b8d9f8e7284a26ba68d8b2205ea..1aa486b4811f4cd5a5e10f785f72a563297acd49 100755 +index feb36d536f184b8d9f8e7284a26ba68d8b2205ea..021536491dc2dcca662f64ea11a657a53a33dd75 100755 --- a/components/policy/tools/generate_policy_source.py +++ b/components/policy/tools/generate_policy_source.py @@ -55,6 +55,7 @@ PLATFORM_STRINGS = { 'chrome.win7': ['win'], } -+from policy_source_helper import AddBravePolicies, CHROMIUM_POLICY_KEY ++from policy_source_helper import CHROMIUM_POLICY_KEY class PolicyDetails: """Parses a policy template and caches all its details.""" -@@ -382,6 +383,7 @@ def main(): - chrome_major_version = ParseVersionFile(version_path) - - template_file_contents = _LoadJSONFile(template_file_name) -+ AddBravePolicies(template_file_contents) - risk_tags = RiskTags(template_file_contents) - policy_details = [ - PolicyDetails(policy, chrome_major_version, deprecation_milestone_buffer, diff --git a/script/policy_source_helper.py b/script/policy_source_helper.py index a086a091e7fb..cf9217fbdb81 100644 --- a/script/policy_source_helper.py +++ b/script/policy_source_helper.py @@ -9,7 +9,35 @@ CHROMIUM_POLICY_KEY = 'SOFTWARE\\\\Policies\\\\BraveSoftware\\\\Brave' -def AddBravePolicies(template_file_contents): +class BravePolicies: # pylint: disable=too-few-public-methods + """ + We want to add Brave-specific values to policy_templates.json. Doing so in + policy_templates.json would produce a very large diff. This class implements + a trick that allows us to do it with a single-line change. + + policy_templates.json is Python code that evaluates to a dictionary. It has + the form: + + { + ... + } + + We change it to: + + BravePolicies() + { + ... + } + + This invokes __add__(...) below. There, we can add our own values and return + the new dicitonary. + """ + + def __add__(self, policy_templates_dict): + _add_brave_policies(policy_templates_dict) + return policy_templates_dict + + +def _add_brave_policies(template_file_contents): highest_id = template_file_contents['highest_id_currently_used'] policies = [ { From 9d7b4d5077568f5a05a810dd21ee27dc464a3910 Mon Sep 17 00:00:00 2001 From: Michael Herrmann Date: Thu, 15 Dec 2022 14:18:45 +0100 Subject: [PATCH 2/4] Remove unnecessary shebang line --- script/policy_source_helper.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/script/policy_source_helper.py b/script/policy_source_helper.py index cf9217fbdb81..7d1b0122f080 100644 --- a/script/policy_source_helper.py +++ b/script/policy_source_helper.py @@ -1,5 +1,3 @@ -#!/usr/bin/env python - # Copyright (c) 2019 The Brave Authors. All rights reserved. # This Source Code Form is subject to the terms of the Mozilla Public # License, v. 2.0. If a copy of the MPL was not distributed with this file, From 9adcc750f11ffaf6064e70ccb53505a56a14c7d7 Mon Sep 17 00:00:00 2001 From: Michael Herrmann Date: Thu, 15 Dec 2022 14:49:16 +0100 Subject: [PATCH 3/4] Fix policy template generation --- script/policy_source_helper.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/script/policy_source_helper.py b/script/policy_source_helper.py index 7d1b0122f080..09761864a012 100644 --- a/script/policy_source_helper.py +++ b/script/policy_source_helper.py @@ -115,7 +115,7 @@ def _add_brave_policies(template_file_contents): }, { 'name': 'BraveShieldsDisabledForUrls', - 'type': 'main', + 'type': 'list', 'schema': { 'type': 'array', 'items': { 'type': 'string' }, @@ -136,7 +136,7 @@ def _add_brave_policies(template_file_contents): }, { 'name': 'BraveShieldsEnabledForUrls', - 'type': 'main', + 'type': 'list', 'schema': { 'type': 'array', 'items': { 'type': 'string' }, From b68b9ae43fc92f2ec0b935c54e26735635cffeb3 Mon Sep 17 00:00:00 2001 From: Michael Herrmann Date: Thu, 15 Dec 2022 15:52:23 +0100 Subject: [PATCH 4/4] Reformat Python code to fix lint failure --- script/policy_source_helper.py | 117 ++++++++++++++++++++++----------- 1 file changed, 78 insertions(+), 39 deletions(-) diff --git a/script/policy_source_helper.py b/script/policy_source_helper.py index 09761864a012..3ee094ce284b 100644 --- a/script/policy_source_helper.py +++ b/script/policy_source_helper.py @@ -39,29 +39,39 @@ def _add_brave_policies(template_file_contents): highest_id = template_file_contents['highest_id_currently_used'] policies = [ { - 'name': 'TorDisabled', - 'type': 'main', - 'schema': {'type': 'boolean'}, - 'supported_on': ['chrome.win:78-', - 'chrome.mac:93-', - 'chrome.linux:93-'], + 'name': + 'TorDisabled', + 'type': + 'main', + 'schema': { + 'type': 'boolean' + }, + 'supported_on': + ['chrome.win:78-', 'chrome.mac:93-', 'chrome.linux:93-'], 'features': { 'dynamic_refresh': False, 'per_profile': False, 'can_be_recommended': False, 'can_be_mandatory': True }, - 'example_value': True, - 'id': 0, - 'caption': '''Disables the tor feature.''', + 'example_value': + True, + 'id': + 0, + 'caption': + '''Disables the tor feature.''', 'tags': [], 'desc': ('''This policy allows an admin to specify that tor ''' '''must be disabled at startup.'''), }, { - 'name': 'IPFSEnabled', - 'type': 'main', - 'schema': {'type': 'boolean'}, + 'name': + 'IPFSEnabled', + 'type': + 'main', + 'schema': { + 'type': 'boolean' + }, 'supported_on': ['chrome.*:87-'], 'future_on': ['android'], 'features': { @@ -70,17 +80,24 @@ def _add_brave_policies(template_file_contents): 'can_be_recommended': False, 'can_be_mandatory': True }, - 'example_value': True, - 'id': 1, - 'caption': '''Enable IPFS feature''', + 'example_value': + True, + 'id': + 1, + 'caption': + '''Enable IPFS feature''', 'tags': [], 'desc': ('''This policy allows an admin to specify whether IPFS ''' '''feature can be enabled.'''), }, { - 'name': 'BraveRewardsDisabled', - 'type': 'main', - 'schema': {'type': 'boolean'}, + 'name': + 'BraveRewardsDisabled', + 'type': + 'main', + 'schema': { + 'type': 'boolean' + }, 'supported_on': ['chrome.*:105-'], 'features': { 'dynamic_refresh': False, @@ -88,17 +105,24 @@ def _add_brave_policies(template_file_contents): 'can_be_recommended': False, 'can_be_mandatory': True }, - 'example_value': True, - 'id': 2, - 'caption': '''Disable Brave Rewards feature.''', + 'example_value': + True, + 'id': + 2, + 'caption': + '''Disable Brave Rewards feature.''', 'tags': [], 'desc': ('''This policy allows an admin to specify that Brave ''' '''Rewards feature will be disabled.'''), }, { - 'name': 'BraveWalletDisabled', - 'type': 'main', - 'schema': {'type': 'boolean'}, + 'name': + 'BraveWalletDisabled', + 'type': + 'main', + 'schema': { + 'type': 'boolean' + }, 'supported_on': ['chrome.*:106-'], 'features': { 'dynamic_refresh': False, @@ -106,19 +130,26 @@ def _add_brave_policies(template_file_contents): 'can_be_recommended': False, 'can_be_mandatory': True }, - 'example_value': True, - 'id': 3, - 'caption': '''Disable Brave Wallet feature.''', + 'example_value': + True, + 'id': + 3, + 'caption': + '''Disable Brave Wallet feature.''', 'tags': [], 'desc': ('''This policy allows an admin to specify that Brave ''' '''Wallet feature will be disabled.'''), }, { - 'name': 'BraveShieldsDisabledForUrls', - 'type': 'list', + 'name': + 'BraveShieldsDisabledForUrls', + 'type': + 'list', 'schema': { - 'type': 'array', - 'items': { 'type': 'string' }, + 'type': 'array', + 'items': { + 'type': 'string' + }, }, 'supported_on': ['chrome.*:107-'], 'features': { @@ -128,18 +159,24 @@ def _add_brave_policies(template_file_contents): 'can_be_mandatory': True }, 'example_value': ['https://brave.com'], - 'id': 4, - 'caption': '''Disables Brave Shields for urls.''', + 'id': + 4, + 'caption': + '''Disables Brave Shields for urls.''', 'tags': [], 'desc': ('''This policy allows an admin to specify that Brave ''' '''Shields disabled.'''), }, { - 'name': 'BraveShieldsEnabledForUrls', - 'type': 'list', + 'name': + 'BraveShieldsEnabledForUrls', + 'type': + 'list', 'schema': { - 'type': 'array', - 'items': { 'type': 'string' }, + 'type': 'array', + 'items': { + 'type': 'string' + }, }, 'supported_on': ['chrome.*:107-'], 'features': { @@ -149,8 +186,10 @@ def _add_brave_policies(template_file_contents): 'can_be_mandatory': True }, 'example_value': ['https://brave.com'], - 'id': 5, - 'caption': '''Enables Brave Shields for urls.''', + 'id': + 5, + 'caption': + '''Enables Brave Shields for urls.''', 'tags': [], 'desc': ('''This policy allows an admin to specify that Brave ''' '''Shields enabled.'''),