Define / Export / Import Temporary Policies

[msxfm]

Issue by jsamuel
Thursday Dec 22, 2011 at 18:59 GMT
Originally opened as RequestPolicy/requestpolicy#190

---

imported trac ticket
created: 2011-02-15 03:10:38
reporter: eibwen

The define/export/import policy features of the preferences dialog would seem to provide an (albeit cumbersome) interim workaround for:

'''#8 wildcard, regex, CDIR entries''' (at least limited regex ones)
At least for character classes and ranges (eg /[0-9a-zA-Z]{{{{4}}}}/), you could generate a VERY LONG list of entries for all possible strings. This is not very practical for long repetitions or multiple ranges, as the list grows considerably larger with each expanded regular expression -- particularly as contrasted to the singular original regular expression entry. Effects on responsiveness with large numbers of policy rules is unknown, but may readily be encountered with this method.

'''#166 Policy Groups'''
It would be a lot easier to define a template with a set of known destinations, configure the origins as required, and import.

The above could be somewhat maintainable by keeping separate files for each regular expression expansion and policy group template and using repeated selective imports to achieve desired policy.

HOWEVER:

(a) The whitelist in the preferences dialog does not allow adding temporary permissions.

(b) The whitelist in the preferences dialog does not allow editing existing permissions. Typo? Too bad. Delete and retype the whole thing (doesn't even autofill the selected policy -- may not be desirable unless editing?). Convert to temporary (or toggle permanent)? Too bad.

(c) The export feature in the preferences dialog explicitly states that it does not export temporary permissions, albeit in the last sentence of the second paragraph above the button! (Yet the button just states "Export to File" not i.e., "Export Permanent Policies to File").

(d) The import feature does not have an explicitly stated prohibition on importing files with temporary permissions; however, it does reference files created by the export feature. Unlikely that it would support manual modifications to the export to toggle temporary flags... Intend to review source to confirm.

AS SUCH:

This method should work for ALLOW, but not TEMPORARILY ALLOW. There are some significant challenges to achieve temporary rules in the same context...

Given the number of items listed under the HOWEVER section above, it may be useful to maintain this as a meta bug, opening and blocking on bugs for each item/subitem.

Filing as a defect given that the missing "features" seem integral to the use of the existing whitelist and the "Export to File" button label is deceptive, particularly for those who '''know''' what an export is and miss the last sentence of the two paragraph description on that page...

[msxfm]

Comment by jsamuel
Thursday Dec 22, 2011 at 18:59 GMT

---

imported trac comment
created: 2011-02-16 02:32:14
author: eibwen

Patched the code to support importing temporary policies.
Extended the import ini-file header to function map:

'''./chrome/content/prefWindow.js'''

{{{
var groupToFunctionMap = {
"origins" : "allowOrigin",
"destinations" : "allowDestination",
"origins-to-destinations" : "_allowOriginToDestinationByCombinedIdentifier",
"TEMPORARY_origins" : "temporarilyAllowOrigin",
"TEMPORARY_destinations" : "temporarilyAllowDestination",
"TEMPORARY_origins-to-destinations" : "_temporarilyAllowOriginToDestinationByCombinedIdentifier"
};
}}}

Added the requisite function for temporary origin to destination rules:

'''./components/requestpolicyService.js'''
{{{
_temporarilyAllowOriginToDestinationByCombinedIdentifier : function(combinedId, noStore) {
// ignoring noStore argument added to match _allowOriginToDestinationByCombinedIdentifier
var _combinedId = combinedId.split('|');
this.temporarilyAllowOriginToDestination(_combinedId[0], _combinedId[1]);
},
}}}

Verified with a sample import file:

[TEMPORARY_origins]
temp.origin.example.com

[TEMPORARY_destinations]
temp.destination.example.org

[TEMPORARY_origins-to-destinations]
temp.origin.example.com|temp.destination.example.org

It works, but it introduced yet another function to be consolidated with #192... At least now I can expand regexes and test how well Request Policy handles thousands of policies (or orders of magnitudes more).

An aside: Testing it was a pain, as I happened to pick addons.mozilla.org to verify that the menu still worked. When the request log showed requests to, ie, webtrendslive.com, but nothing appeared in the menu, it was concerning. However, when it persisted after an uninstall/reinstall, I re-discovered the "compatibility rules" (sure, webtrends is required for compatibility, sure...) and promptly commented out that block and the menu immediately worked as expected. There's a bug to make those rules at least user visible in the whitelist, and preferably deletable too, right?

The above only adds functionality for the import aspect. Export, Define, and Edit remain to be addressed.

[msxfm]

Comment by jsamuel
Thursday Dec 22, 2011 at 18:59 GMT

---

imported trac comment
created: 2011-09-05 12:02:28
author: justin

The description of this bug is quite complex and I don't really understand what it's getting at. The subject of the bug seems like what this is asking for: allow import/export of temporary rules along with the ability the manually add them.

If I've misunderstood, please let let me know.