Guided-first manager for Firefox enterprise policy profiles: create, review, compare, validate, and export profiles through a FastAPI backend and a task-oriented web UI.
Browser Policy Manager helps administrators and security teams manage Firefox enterprise policy profiles without dropping straight into raw JSON or YAML.
Today the project provides:
- a canonical
/api/profilesCRUD API - a guided
/profilesweb workflow with targeted fallback intoAdvanced document - schema-aware validation and export for Firefox policy documents
- profile review tools such as compare, clone-and-adjust, lifecycle review, and shareable summaries
- bundled ESR and Release Firefox policy schemas
Author: Valery Ledovskoy
Version: 0.6.0-dev
License: MPL-2.0
Backend: FastAPI + SQLAlchemy + Alembic
Frontend: Jinja2 + self-hosted CSS/JS + self-hosted Monaco Editor bundle
Database: SQLite by default
Python: 3.13
| Endpoint | Description |
|---|---|
POST /api/profiles |
Create a profile |
GET /api/profiles |
List profiles with filtering and pagination |
GET /api/profiles/{id} |
Read one profile |
PATCH /api/profiles/{id} |
Update profile metadata or flags |
DELETE /api/profiles/{id} |
Archive profile |
POST /api/profiles/{id}/restore |
Restore archived profile |
DELETE /api/profiles/{id}/hard |
Delete permanently |
DELETE /api/profiles/reset |
Clear the profile library |
GET /api/export/profiles |
Export profile collections as JSON or YAML |
GET /api/export/profiles/{id} |
Export one profile via `fmt=json |
GET /api/export/profiles/{id}.json |
Export JSON |
GET /api/export/profiles/{id}.yaml |
Export YAML |
POST /api/validate/{version} |
Validate a Firefox policy document |
GET /health, GET /health/ready |
Health probes |
| Route | Description |
|---|---|
GET /profiles |
Main guided web UI for profile work |
GET /i18n/{locale}.json |
Localization catalogs (en, ru) |
GET /favicon.ico |
App favicon |
- scenario-first profile setup
- recommended baselines and preset previews
- step-level undo/reset
- cross-step recent-changes memory
- targeted handoff into
Advanced document - export explainability and shareable guided summary
- compare two profiles
- clone-and-adjust flow for derived drafts
- lifecycle review for saved, archived, restored, and derived profiles
The guided UI now covers high-value enterprise clusters such as:
- shared-device and kiosk-oriented setup
- certificates, trust, and enterprise authentication
- extensions rollout governance
- privacy and security hardening
- updates and browser upkeep
- site access and intranet routing
- home, startup, and search surfaces
- language and locale posture
- AI and smart browser surfaces
Advanced-only and handoff-only boundaries are documented so the wizard stays task-first instead of regressing into a schema mirror.
- One canonical data model powers API, guided UI, advanced editing, review, and export.
- Guided mode and
Advanced documentare two views over the same profile state. - Coverage accounting is updated whenever guided support is expanded, so review/export counters stay honest.
- Firefox schema placement is resolved through a dedicated UI registry with explicit overrides plus safe inference.
- The profiles page is split into reusable Jinja partials and modular frontend bundles instead of one monolithic page script.
- Frontend runtime assets are self-hosted and checked into the repository.
- Security headers are enforced through middleware.
| Layer | Implementation |
|---|---|
| Framework | FastAPI |
| Database | SQLite + Alembic migrations |
| Validation | jsonschema with version-aware schema loading |
| Testing | pytest, ruff, mypy, pytest-cov |
| Coverage | 100% non-live coverage for app/ |
| CI/CD | GitHub Actions |
| Security | Middleware with strict HTTP headers |
python -m venv .venv
source .venv/bin/activate # Windows: .venv\Scripts\activate
python -m pip install --upgrade pip
pip install -e ".[dev]"
uvicorn app.main:app --reloadOpen:
- API root: http://127.0.0.1:8000/
- Web UI: http://127.0.0.1:8000/profiles
Useful local commands:
ruff check .
mypy app
pytest --cov=app --cov-branch --cov-report=term-missingWhen /profiles vendor assets need a refresh:
npm install
npm run build:monacoBy default, pytest excludes the live Firefox suites marked firefox_live and firefox_live_amo, so standard local and CI runs stay deterministic. Run those suites explicitly with -m firefox_live or -m firefox_live_amo.
Live Firefox policy checks run in an isolated project-local sandbox. See docs/firefox-live-testing.md.
- Default database URL: SQLite
- Migrations live in
alembic/ - Auto-generated migrations are supported
alembic revision --autogenerate -m "describe change"
alembic upgrade headTo verify migration integrity:
pytest -q -k test_alembic_upgrade_head_on_sqlite_tmp| Channel | Version | Status |
|---|---|---|
| ESR | 140.9 |
Active |
| Release | 149 |
Active |
| Beta / Dev | — | Not supported |
BPM ships bundled internal schemas for the supported ESR and Release channels and keeps its own converted schema pipeline for the current Firefox policy model.
Supporting tooling and update notes live in:
- Base language: English
- Additional language: Russian
- UI catalogs are served at
/i18n/{locale}.json
Russian UI copy has been cleaned up and standardized around the term Техдокумент.
- non-live suite status: full
app/coverage at100% - guided-first viewport assumptions are documented and protected by regression checks
- accessibility follow-up for grouped controls, disclosure panels, and jump flows is completed
- live Firefox coverage remains intentionally separate from the non-live coverage target
Key project notes:
docs/profile_wizard_ux_roadmap_2026-04-03.mddocs/profile_wizard_coverage_priority_register_2026-04-04.mddocs/profile_wizard_advanced_only_boundaries_2026-04-04.mddocs/wizard_viewport_qa_2026-03-31.md
Valery Ledovskoy
📧 valery@ledovskoy.com
Only emails with [BPM] in the subject line are reviewed.
© 2025-2026 • Released under Mozilla Public License 2.0