167 lines
7 KiB
Diff
167 lines
7 KiB
Diff
|
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||
|
From: Yann Dago <ydago@chromium.org>
|
||
|
Date: Mon, 8 Jul 2024 16:20:32 +0000
|
||
|
Subject: Ensure chrome://policy/test messages ignored when not supported
|
||
|
|
||
|
It was possible to go to chrome://policy and in the dev tools and send
|
||
|
the right message to set test policies even if the policy test page was disabled and/or unavailable because both pages share the same handler.
|
||
|
|
||
|
Bug: 338248595
|
||
|
Change-Id: If689325999cb108b2b71b2821d905e42efd3390d
|
||
|
Low-Coverage-Reason: TRIVIAL_CHANGE
|
||
|
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5679162
|
||
|
Auto-Submit: Yann Dago <ydago@chromium.org>
|
||
|
Reviewed-by: Rohit Rao <rohitrao@chromium.org>
|
||
|
Reviewed-by: Sergey Poromov <poromov@chromium.org>
|
||
|
Commit-Queue: Rohit Rao <rohitrao@chromium.org>
|
||
|
Cr-Commit-Position: refs/heads/main@{#1324277}
|
||
|
|
||
|
diff --git a/chrome/browser/ui/webui/policy/policy_test_ui_browsertest.cc b/chrome/browser/ui/webui/policy/policy_test_ui_browsertest.cc
|
||
|
index f223be51c902b99fbb67f90b7edfa05e7ea77c37..60c3d2e133a1a811ff7b83c0d0b8cc4bdd44e23b 100644
|
||
|
--- a/chrome/browser/ui/webui/policy/policy_test_ui_browsertest.cc
|
||
|
+++ b/chrome/browser/ui/webui/policy/policy_test_ui_browsertest.cc
|
||
|
@@ -10,6 +10,7 @@
|
||
|
#include "base/test/scoped_feature_list.h"
|
||
|
#include "build/build_config.h"
|
||
|
#include "build/chromeos_buildflags.h"
|
||
|
+#include "chrome/browser/enterprise/browser_management/browser_management_service.h"
|
||
|
#include "chrome/browser/enterprise/browser_management/management_service_factory.h"
|
||
|
#include "chrome/browser/lifetime/application_lifetime.h"
|
||
|
#include "chrome/browser/policy/chrome_browser_policy_connector.h"
|
||
|
@@ -272,6 +273,57 @@ class PolicyTestHandlerTest : public PlatformBrowserTest {
|
||
|
#endif
|
||
|
};
|
||
|
|
||
|
+IN_PROC_BROWSER_TEST_F(PolicyTestHandlerTest,
|
||
|
+ HandleSetLocalTestPoliciesNotSupported) {
|
||
|
+ // Ensure chrome://policy/test not supported.
|
||
|
+ policy::ScopedManagementServiceOverrideForTesting profile_management(
|
||
|
+ policy::ManagementServiceFactory::GetForProfile(GetProfile()),
|
||
|
+ policy::EnterpriseManagementAuthority::CLOUD);
|
||
|
+ std::unique_ptr<PolicyUIHandler> handler = SetUpHandler();
|
||
|
+ const std::string jsonString =
|
||
|
+ R"([
|
||
|
+ {"level": 0,"scope": 0,"source": 0, "namespace": "chrome",
|
||
|
+ "name": "AutofillAddressEnabled","value": false},
|
||
|
+ {"level": 1,"scope": 1,"source": 2, "namespace": "chrome",
|
||
|
+ "name": "CloudReportingEnabled","value": true}
|
||
|
+ ])";
|
||
|
+ const std::string revertAppliedPoliciesButtonDisabledJs =
|
||
|
+ R"(
|
||
|
+ document
|
||
|
+ .querySelector('#revert-applied-policies')
|
||
|
+ .disabled;
|
||
|
+ )";
|
||
|
+
|
||
|
+ base::Value::List list_args;
|
||
|
+
|
||
|
+ list_args.Append("setLocalTestPolicies");
|
||
|
+ list_args.Append(jsonString);
|
||
|
+ list_args.Append("{}");
|
||
|
+
|
||
|
+ // Open chrome://policy
|
||
|
+ ASSERT_TRUE(
|
||
|
+ content::NavigateToURL(web_contents(), GURL(chrome::kChromeUIPolicyURL)));
|
||
|
+ web_ui()->HandleReceivedMessage("setLocalTestPolicies", list_args);
|
||
|
+
|
||
|
+ base::RunLoop().RunUntilIdle();
|
||
|
+
|
||
|
+ const policy::PolicyNamespace chrome_namespace(policy::POLICY_DOMAIN_CHROME,
|
||
|
+ std::string());
|
||
|
+ policy::PolicyService* policy_service =
|
||
|
+ GetProfile()->GetProfilePolicyConnector()->policy_service();
|
||
|
+
|
||
|
+ // Check policies not applied
|
||
|
+ const policy::PolicyMap* policy_map =
|
||
|
+ &policy_service->GetPolicies(chrome_namespace);
|
||
|
+ ASSERT_TRUE(policy_map);
|
||
|
+
|
||
|
+ {
|
||
|
+ const policy::PolicyMap::Entry* entry =
|
||
|
+ policy_map->Get(policy::key::kAutofillAddressEnabled);
|
||
|
+ ASSERT_FALSE(entry);
|
||
|
+ }
|
||
|
+}
|
||
|
+
|
||
|
IN_PROC_BROWSER_TEST_F(PolicyTestHandlerTest,
|
||
|
HandleSetAndRevertLocalTestPolicies) {
|
||
|
if (!policy::utils::IsPolicyTestingEnabled(/*pref_service=*/nullptr,
|
||
|
diff --git a/chrome/browser/ui/webui/policy/policy_ui_handler.cc b/chrome/browser/ui/webui/policy/policy_ui_handler.cc
|
||
|
index a09cb79373f424010a1c02f0c1da5ae3e8c55389..bafa7adf244685fe9af7dd4358fb0ec77bb39fbf 100644
|
||
|
--- a/chrome/browser/ui/webui/policy/policy_ui_handler.cc
|
||
|
+++ b/chrome/browser/ui/webui/policy/policy_ui_handler.cc
|
||
|
@@ -49,6 +49,7 @@
|
||
|
#include "chrome/browser/ui/chrome_select_file_policy.h"
|
||
|
#include "chrome/browser/ui/webui/policy/policy_ui.h"
|
||
|
#include "chrome/browser/ui/webui/webui_util.h"
|
||
|
+#include "chrome/common/channel_info.h"
|
||
|
#include "chrome/grit/branded_strings.h"
|
||
|
#include "components/crx_file/id_util.h"
|
||
|
#include "components/enterprise/browser/controller/browser_dm_token_storage.h"
|
||
|
@@ -69,6 +70,7 @@
|
||
|
#include "components/policy/core/common/policy_pref_names.h"
|
||
|
#include "components/policy/core/common/policy_scheduler.h"
|
||
|
#include "components/policy/core/common/policy_types.h"
|
||
|
+#include "components/policy/core/common/policy_utils.h"
|
||
|
#include "components/policy/core/common/remote_commands/remote_commands_service.h"
|
||
|
#include "components/policy/core/common/schema.h"
|
||
|
#include "components/policy/core/common/schema_map.h"
|
||
|
@@ -318,6 +320,12 @@ void PolicyUIHandler::HandleCopyPoliciesJson(const base::Value::List& args) {
|
||
|
void PolicyUIHandler::HandleSetLocalTestPolicies(
|
||
|
const base::Value::List& args) {
|
||
|
std::string policies = args[1].GetString();
|
||
|
+ AllowJavascript();
|
||
|
+
|
||
|
+ if (!PolicyUI::ShouldLoadTestPage(Profile::FromWebUI(web_ui()))) {
|
||
|
+ ResolveJavascriptCallback(args[0], true);
|
||
|
+ return;
|
||
|
+ }
|
||
|
|
||
|
policy::LocalTestPolicyProvider* local_test_provider =
|
||
|
static_cast<policy::LocalTestPolicyProvider*>(
|
||
|
@@ -340,12 +348,14 @@ void PolicyUIHandler::HandleSetLocalTestPolicies(
|
||
|
->UseLocalTestPolicyProvider();
|
||
|
|
||
|
local_test_provider->LoadJsonPolicies(policies);
|
||
|
- AllowJavascript();
|
||
|
ResolveJavascriptCallback(args[0], true);
|
||
|
}
|
||
|
|
||
|
void PolicyUIHandler::HandleRevertLocalTestPolicies(
|
||
|
const base::Value::List& args) {
|
||
|
+ if (!PolicyUI::ShouldLoadTestPage(Profile::FromWebUI(web_ui()))) {
|
||
|
+ return;
|
||
|
+ }
|
||
|
#if !BUILDFLAG(IS_ANDROID) && !BUILDFLAG(IS_CHROMEOS)
|
||
|
Profile::FromWebUI(web_ui())->GetPrefs()->ClearPref(
|
||
|
prefs::kUserCloudSigninPolicyResponseFromPolicyTestPage);
|
||
|
diff --git a/ios/chrome/browser/webui/ui_bundled/policy/policy_ui_handler.mm b/ios/chrome/browser/webui/ui_bundled/policy/policy_ui_handler.mm
|
||
|
index fe5c3c43f36e5c13b75512572ffc7eea0f85be5b..5f30dcb42ad942499d31305a094f536e73fe5a1f 100644
|
||
|
--- a/ios/chrome/browser/webui/ui_bundled/policy/policy_ui_handler.mm
|
||
|
+++ b/ios/chrome/browser/webui/ui_bundled/policy/policy_ui_handler.mm
|
||
|
@@ -226,6 +226,12 @@
|
||
|
const base::Value::List& args) {
|
||
|
std::string json_policies_string = args[1].GetString();
|
||
|
|
||
|
+ if (!PolicyUI::ShouldLoadTestPage(
|
||
|
+ ChromeBrowserState::FromWebUIIOS(web_ui()))) {
|
||
|
+ web_ui()->ResolveJavascriptCallback(args[0], true);
|
||
|
+ return;
|
||
|
+ }
|
||
|
+
|
||
|
policy::LocalTestPolicyProvider* local_test_provider =
|
||
|
static_cast<policy::LocalTestPolicyProvider*>(
|
||
|
GetApplicationContext()
|
||
|
@@ -244,6 +250,11 @@
|
||
|
|
||
|
void PolicyUIHandler::HandleRevertLocalTestPolicies(
|
||
|
const base::Value::List& args) {
|
||
|
+ if (!PolicyUI::ShouldLoadTestPage(
|
||
|
+ ChromeBrowserState::FromWebUIIOS(web_ui()))) {
|
||
|
+ return;
|
||
|
+ }
|
||
|
+
|
||
|
ChromeBrowserState::FromWebUIIOS(web_ui())
|
||
|
->GetPolicyConnector()
|
||
|
->RevertUseLocalTestPolicyProvider();
|