Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Brave-specific options to policy templates #16351

Closed
wants to merge 4 commits into from
Closed

Add Brave-specific options to policy templates #16351

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
eb3812d
Add Brave-specific options to policy templates
mherrmann Dec 13, 2022
9d7b4d5
Remove unnecessary shebang line
mherrmann Dec 15, 2022
9adcc75
Fix policy template generation
mherrmann Dec 15, 2022
b68b9ae
Reformat Python code to fix lint failure
mherrmann Dec 15, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 10 additions & 0 deletions patches/components-policy-resources-policy_templates.json.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
diff --git a/components/policy/resources/policy_templates.json b/components/policy/resources/policy_templates.json
index 5238b76ba5466b3015157bc33e4efe13a2213418..382aeede0591a604f48d85cac70389ce38cf619d 100644
--- a/components/policy/resources/policy_templates.json
+++ b/components/policy/resources/policy_templates.json
@@ -1,4 +1,4 @@
-{
+__import__('policy_source_helper').BravePolicies() + {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

will it work like this?

__import__('policy_source_helper').BravePolicies() +
{

or

__import__('policy_source_helper').BravePolicies() + \
{

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR will likely have to be re-done in its entirety because upstream just completely changed their implementation. Settings used to be defined in a single .json file. Now it's a set of directories and .yaml files.

# policy_templates.json - Metafile for policy templates
#
# The content of this file is evaluated as a Python expression.
12 changes: 2 additions & 10 deletions patches/components-policy-tools-generate_policy_source.py.patch
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,20 +1,12 @@
diff --git a/components/policy/tools/generate_policy_source.py b/components/policy/tools/generate_policy_source.py
index feb36d536f184b8d9f8e7284a26ba68d8b2205ea..1aa486b4811f4cd5a5e10f785f72a563297acd49 100755
index feb36d536f184b8d9f8e7284a26ba68d8b2205ea..021536491dc2dcca662f64ea11a657a53a33dd75 100755
--- a/components/policy/tools/generate_policy_source.py
+++ b/components/policy/tools/generate_policy_source.py
@@ -55,6 +55,7 @@ PLATFORM_STRINGS = {
'chrome.win7': ['win'],
}

+from policy_source_helper import AddBravePolicies, CHROMIUM_POLICY_KEY
+from policy_source_helper import CHROMIUM_POLICY_KEY

class PolicyDetails:
"""Parses a policy template and caches all its details."""
@@ -382,6 +383,7 @@ def main():
chrome_major_version = ParseVersionFile(version_path)

template_file_contents = _LoadJSONFile(template_file_name)
+ AddBravePolicies(template_file_contents)
risk_tags = RiskTags(template_file_contents)
policy_details = [
PolicyDetails(policy, chrome_major_version, deprecation_milestone_buffer,
149 changes: 107 additions & 42 deletions script/policy_source_helper.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,3 @@
#!/usr/bin/env python

# Copyright (c) 2019 The Brave Authors. All rights reserved.
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this file,
Expand All @@ -9,33 +7,71 @@
CHROMIUM_POLICY_KEY = 'SOFTWARE\\\\Policies\\\\BraveSoftware\\\\Brave'


def AddBravePolicies(template_file_contents):
class BravePolicies: # pylint: disable=too-few-public-methods
"""
We want to add Brave-specific values to policy_templates.json. Doing so in
policy_templates.json would produce a very large diff. This class implements
a trick that allows us to do it with a single-line change.

policy_templates.json is Python code that evaluates to a dictionary. It has
the form:

{
...
}

We change it to:

BravePolicies() + {
...
}

This invokes __add__(...) below. There, we can add our own values and return
the new dicitonary.
"""

def __add__(self, policy_templates_dict):
_add_brave_policies(policy_templates_dict)
return policy_templates_dict


def _add_brave_policies(template_file_contents):
highest_id = template_file_contents['highest_id_currently_used']
policies = [
{
'name': 'TorDisabled',
'type': 'main',
'schema': {'type': 'boolean'},
'supported_on': ['chrome.win:78-',
'chrome.mac:93-',
'chrome.linux:93-'],
'name':
'TorDisabled',
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let's merge a workaround for yapf and fix this bad formatting afterwards.
#16424

'type':
'main',
'schema': {
'type': 'boolean'
},
'supported_on':
['chrome.win:78-', 'chrome.mac:93-', 'chrome.linux:93-'],
'features': {
'dynamic_refresh': False,
'per_profile': False,
'can_be_recommended': False,
'can_be_mandatory': True
},
'example_value': True,
'id': 0,
'caption': '''Disables the tor feature.''',
'example_value':
True,
'id':
0,
'caption':
'''Disables the tor feature.''',
'tags': [],
'desc': ('''This policy allows an admin to specify that tor '''
'''must be disabled at startup.'''),
},
{
'name': 'IPFSEnabled',
'type': 'main',
'schema': {'type': 'boolean'},
'name':
'IPFSEnabled',
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We're in the process of removing IPFS so this can go away.

'type':
'main',
'schema': {
'type': 'boolean'
},
'supported_on': ['chrome.*:87-'],
'future_on': ['android'],
'features': {
Expand All @@ -44,55 +80,76 @@ def AddBravePolicies(template_file_contents):
'can_be_recommended': False,
'can_be_mandatory': True
},
'example_value': True,
'id': 1,
'caption': '''Enable IPFS feature''',
'example_value':
True,
'id':
1,
'caption':
'''Enable IPFS feature''',
'tags': [],
'desc': ('''This policy allows an admin to specify whether IPFS '''
'''feature can be enabled.'''),
},
{
'name': 'BraveRewardsDisabled',
'type': 'main',
'schema': {'type': 'boolean'},
'name':
'BraveRewardsDisabled',
'type':
'main',
'schema': {
'type': 'boolean'
},
'supported_on': ['chrome.*:105-'],
'features': {
'dynamic_refresh': False,
'per_profile': True,
'can_be_recommended': False,
'can_be_mandatory': True
},
'example_value': True,
'id': 2,
'caption': '''Disable Brave Rewards feature.''',
'example_value':
True,
'id':
2,
'caption':
'''Disable Brave Rewards feature.''',
'tags': [],
'desc': ('''This policy allows an admin to specify that Brave '''
'''Rewards feature will be disabled.'''),
},
{
'name': 'BraveWalletDisabled',
'type': 'main',
'schema': {'type': 'boolean'},
'name':
'BraveWalletDisabled',
'type':
'main',
'schema': {
'type': 'boolean'
},
'supported_on': ['chrome.*:106-'],
'features': {
'dynamic_refresh': False,
'per_profile': True,
'can_be_recommended': False,
'can_be_mandatory': True
},
'example_value': True,
'id': 3,
'caption': '''Disable Brave Wallet feature.''',
'example_value':
True,
'id':
3,
'caption':
'''Disable Brave Wallet feature.''',
'tags': [],
'desc': ('''This policy allows an admin to specify that Brave '''
'''Wallet feature will be disabled.'''),
},
{
'name': 'BraveShieldsDisabledForUrls',
'type': 'main',
'name':
'BraveShieldsDisabledForUrls',
'type':
'list',
'schema': {
'type': 'array',
'items': { 'type': 'string' },
'type': 'array',
'items': {
'type': 'string'
},
},
'supported_on': ['chrome.*:107-'],
'features': {
Expand All @@ -102,18 +159,24 @@ def AddBravePolicies(template_file_contents):
'can_be_mandatory': True
},
'example_value': ['https://brave.com'],
'id': 4,
'caption': '''Disables Brave Shields for urls.''',
'id':
4,
'caption':
'''Disables Brave Shields for urls.''',
'tags': [],
'desc': ('''This policy allows an admin to specify that Brave '''
'''Shields disabled.'''),
},
{
'name': 'BraveShieldsEnabledForUrls',
'type': 'main',
'name':
'BraveShieldsEnabledForUrls',
'type':
'list',
'schema': {
'type': 'array',
'items': { 'type': 'string' },
'type': 'array',
'items': {
'type': 'string'
},
},
'supported_on': ['chrome.*:107-'],
'features': {
Expand All @@ -123,8 +186,10 @@ def AddBravePolicies(template_file_contents):
'can_be_mandatory': True
},
'example_value': ['https://brave.com'],
'id': 5,
'caption': '''Enables Brave Shields for urls.''',
'id':
5,
'caption':
'''Enables Brave Shields for urls.''',
'tags': [],
'desc': ('''This policy allows an admin to specify that Brave '''
'''Shields enabled.'''),
Expand Down