Policy: Restrict account-sensitive functionality with opt-in policy#311487
Merged
joshspicer merged 39 commits intomainfrom Apr 23, 2026
Merged
Policy: Restrict account-sensitive functionality with opt-in policy#311487joshspicer merged 39 commits intomainfrom
joshspicer merged 39 commits intomainfrom
Conversation
- Introduced AccountPolicyGateContribution to manage account policy state and notifications. - Added support for "Require Approved Account" policy, restricting AI features based on account approval. - Enhanced AccountPolicyService to handle gate state and reasons for unsatisfaction. - Updated configuration for chat features to include policy definitions. - Added tests to validate gate behavior under various account scenarios.
… and update related descriptions
Contributor
Screenshot ChangesBase: Added (6)
|
Contributor
There was a problem hiding this comment.
Pull request overview
Adds an “Account Policy Gate” that fail-closes AI/chat features until the user is signed into an admin-approved GitHub org and account policy data has resolved, and surfaces this state via UX + telemetry.
Changes:
- Introduces account-policy gate computation in
AccountPolicyServiceand exposes it viaIAccountPolicyGateService. - Adds a workbench contribution to show notifications, set a chat context key, and emit telemetry based on gate transitions.
- Extends policy definitions with
restrictedValuesupport and wires the gate/UX into desktop, web, and sessions entrypoints.
Show a summary per file
| File | Description |
|---|---|
| src/vs/workbench/workbench.common.main.ts | Loads the account policy gate contribution in the workbench. |
| src/vs/workbench/test/browser/componentFixtures/fixtureUtils.ts | Updates default-account test fixture to include currentDefaultAccount. |
| src/vs/workbench/services/policies/test/browser/accountPolicyService.test.ts | Adds unit tests for the gate behavior and boot-race scenario. |
| src/vs/workbench/services/policies/common/accountPolicyService.ts | Implements gate computation + gated policy restriction behavior and exposes gate service/event. |
| src/vs/workbench/services/policies/browser/accountPolicyGateContribution.ts | Adds notification/telemetry/context-key adapter for the gate. |
| src/vs/workbench/services/policies/browser/accountPolicyGate.contribution.ts | Registers the gate UX contribution. |
| src/vs/workbench/services/accounts/browser/defaultAccount.ts | Exposes synchronous currentDefaultAccount getter. |
| src/vs/workbench/electron-browser/desktop.main.ts | Wires IAccountPolicyGateService and passes managed policy channel to account policy service. |
| src/vs/workbench/contrib/chat/common/actions/chatContextKeys.ts | Adds chatAccountPolicyGateActive context key. |
| src/vs/workbench/contrib/chat/browser/chat.contribution.ts | Adds policies/config for approved-org gate + restrictedValue for disabling AI. |
| src/vs/workbench/browser/web.main.ts | Registers IAccountPolicyGateService in web workbench. |
| src/vs/workbench/browser/actions/developerActions.ts | Extends Policy Diagnostics to include gate state/reason and raw policy. |
| src/vs/sessions/test/web.test.ts | Updates sessions test mock for currentDefaultAccount. |
| src/vs/sessions/sessions.common.main.ts | Loads the gate UX contribution for Sessions windows. |
| src/vs/sessions/electron-browser/sessions.main.ts | Wires IAccountPolicyGateService and passes managed policy channel to account policy service. |
| src/vs/platform/policy/common/policy.ts | Adds restrictedValue to policy definitions and helper to compute restricted defaults. |
| src/vs/platform/defaultAccount/common/defaultAccount.ts | Extends IDefaultAccountService with synchronous currentDefaultAccount. |
| src/vs/platform/configuration/common/configurations.ts | Plumbs restrictedValue from configuration policy to PolicyDefinition. |
| src/vs/editor/standalone/browser/standaloneServices.ts | Updates standalone default account service stub for new interface member. |
| src/vs/editor/contrib/inlineCompletions/test/browser/utils.ts | Updates inline-completions test stub for new interface member. |
| src/vs/base/common/policy.ts | Documents new restrictedValue field on policies. |
Copilot's findings
Comments suppressed due to low confidence (1)
src/vs/workbench/services/policies/test/browser/accountPolicyService.test.ts:470
- This
void Emitter;line is only present to silence the unused-import warning from theEmitterimport above. Please remove both the unused import and this workaround to keep the test file clean.
// Ensure unused import does not warn
void Emitter;
- Files reviewed: 21/21 changed files
- Comments generated: 4
- Move ChatAccountPolicyGateActiveContext to services/policies/common to avoid services-layer import from contrib (chatContextKeys re-exports). - Replace 'in' operator in test helper with explicit undefined check. - Add vs/workbench/services/policies entry to i18n.resources.json. - Append ChatDisableAIFeatures and ChatApprovedAccountOrganizations to build/lib/policies/policyData.jsonc. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Use the platform's array-typed policy contract instead of a custom comma-separated string format. Mirrors PolicyConfiguration's existing normalisation: PolicyValue is always string|number|boolean, so array policies arrive at the policy service as JSON-stringified arrays. - chat.contribution.ts: type:'string' -> type:'array', items:string - accountPolicyService: simpler parser (JSON.parse + Array.isArray) - tests: pass arrays via JSON.stringify in setupGate helper Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
When the user IS signed into an approved org but account-side policy data hasn't loaded yet (policyNotResolved), skip applying restricted values. Policies with `value` callbacks naturally return undefined when policyData is null, so no account-level overrides slip through. This eliminates: - Transient 'Unable to write chat.disableAIFeatures' error on boot - Flash of the gate notification that auto-dismisses seconds later - Brief UI hide/show cycle as ChatDisableAIFeatures toggles For stable restricted reasons (noAccount, wrongProvider, orgNotApproved) restrictions still apply immediately. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Replace the 'Don't Show Again' button with: - 'Contact Your informational guidanceAdministrator' - 'Learn opens enterprise docs overview pageMore' Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Add approved org list to IAccountPolicyGateInfo so the notification can display which organizations the admin requires. Shown as a suffix like 'Approved organizations: github, microsoft.' when the list is concrete (not the wildcard '*'). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Move the org-membership check before the policyData null check in computeGateInfo. This ensures users NOT in an approved org are restricted immediately (orgNotApproved), even while policy data is loading. The policyNotResolved reason now only applies to users who ARE in an approved making it safe to skip restrictions for thatorg transient state without leaving a security gap. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
entitlement pipeline to force chat.disableAIFeatures=true (which has timing issues in the multiplex policy service), directly toggle the chatSetupHidden context key from the gate contribution. This is the same key that drives sentiment.hidden across the entire chat UI. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…tricted Add setForceHidden(hidden) API to IChatEntitlementService so the gate contribution can cleanly force the hidden state without fighting with the entitlement context's own update cycle. The gate contribution calls setForceHidden(true) when restricted and setForceHidden(false) when satisfied/inactive. Inside ChatEntitlementContext, _forceHidden is checked in withConfiguration alongside the existing chat.disableAIFeatures either one forces hidden: true on the state.setting Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
In Code OSS Dev (and any build without productService.defaultChatAgent), ChatEntitlementContext is never created, so setForceHidden was a no-op. Fall back to directly setting the chatSetupHidden context key when the context is unavailable. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Logs state, reason, and isRestricted on every gate apply so we can diagnose why setForceHidden might not be taking effect. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The chat view's `when` clause had an OR with panelParticipantRegistered that bypassed the hidden state once the Copilot extension registered. Wrap the entire condition with accountPolicyGateActive.negate() so the chat view is hidden whenever the gate is restricted, regardless of extension registration state. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Track dismissal by reason+account combo so swapping to a different account (while still blocked) triggers a fresh notification. - Show the current account name in the orgNotApproved message so the user knows which account is being evaluated. - Format approved org list as bulleted lines for readability. - Vary message text by reason (noAccount vs orgNotApproved). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The sessions (Agents) app now shows a full-screen blocking overlay when the account policy gate restricts access, reusing the same pattern as the existing 'agent disabled' overlay. - SessionsPolicyBlockedOverlay now accepts ISessionsBlockedOverlayOptions with a reason enum (AgentDisabled | AccountPolicyGate) and optional account name / approved organizations - AccountPolicyGate variant shows 'Sign-In Required' title, approved org list, contact admin text, and Sign In + Open VS Code buttons - SessionsPolicyBlockedContribution listens to both ChatConfiguration and IAccountPolicyGateService, prioritizing agent-disabled over gate - Added CSS for org list and footer sections - Updated component fixture with new variants for screenshot testing Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Notifications render as plain inline text, so the bullet-point and newline formatting was collapsing into a single unreadable line. Switch to a parenthesized comma-separated list instead. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…vely The workbench-layer AccountPolicyGateContribution (which shows a notification toast) was imported in sessions.common.main.ts, causing a notification to appear instead of the full-screen blocking overlay. - Remove accountPolicyGate.contribution.js import from sessions - SessionsPolicyBlockedContribution now handles context key, setForceHidden, and telemetry directly (same as the workbench contribution, but with an overlay instead of a notification) - Overlay properly recreates on account changes Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
On startup, computeGateInfo fires with reason=noAccount before the default account service has loaded the persisted session. This caused the notification to show 'Sign in...' even when the user was already signed in but the account just hadn't loaded yet. Fix: set context key + setForceHidden immediately (fail-closed), but defer the notification until the first onDidChangeGateInfo event, which fires after the account service has had time to resolve. A 5-second fallback timer ensures the notification still appears if the gate never transitions. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
DefaultAccountService.setDefaultAccountProvider sets currentDefaultAccount via provider.refresh() but does NOT fire onDidChangeDefaultAccount for the initial load. This caused computeGateInfo() to permanently stay on noAccount even though the user was signed in. Fix: await getDefaultAccount() (which waits for the init barrier) then re-evaluate the gate. This ensures the gate transitions from noAccount to the correct state once the persisted session loads. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…ntOrganizations Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This policy was dead enforcement is handled by setForceHiddencode and the accountPolicyGateActive context key, not the policy pipeline. Regenerated policyData.jsonc. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Remove duplicate updatePolicyDefinitions call on managed policy service. AccountPolicyService now uses a read-only reference (managedPolicyReader) for getPolicyValue/onDidChange only. MultiplexPolicyService handles pushing definitions to all child services. (Reviews #1 & #4) - Remove unused Emitter import and void workaround in test file (Review #2) - Removed the fail-closed try/catch that was guarding the now-removed updatePolicyDefinitions call (Review # the duplicate call that could3 fail-open is gone entirely) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Reverts all changes to the sessions (Agents) policyBlocked overlay, CSS, fixture, and contribution. Re-adds the workbench-layer accountPolicyGate.contribution import so sessions still gets the notification + context key + telemetry. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Bring back the generalized sessions overlay with three states: - AgentDisabled: existing 'Agents Disabled' message (unchanged) - Loading: just the logo + animated progress bar for transient states (noAccount before account loads, policyNotResolved) blocks the UI without showing an incorrect message - AccountPolicyGate: 'Sign-In Required' with sign-in button, org list, and contact admin footer for stable restrictions (orgNotApproved, wrongProvider) The loading state uses the same progress bar animation as the welcome/walkthrough overlay. This avoids the flash of 'Agents Disabled' that appeared during the fail-closed transient window when the user IS actually in an approved org. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…ongProvider When the user hasn't signed in yet (noAccount) or is signed into the wrong provider (wrongProvider), the sessions welcome/walkthrough screen already handles the sign-in flow. Showing our 'Agents Disabled' or loading overlay on top would block the user from signing in. Only show the overlay for: - orgNotApproved: user signed in but wrong org (stable restriction) - policyNotResolved: loading bar while waiting for policy data Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
When the account policy gate is active, it forces chat.agent.enabled to false via restrictedValue. The overlay was checking that config first and incorrectly showing 'Agents Disabled'. Now we skip the agent-disabled check when the gate is active, since the value is being artificially restricted by our own not by an admingate explicitly disabling agents. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
When the account policy gate is unsatisfied for any user-actionable reason (noAccount, wrongProvider, orgNotApproved), don't show the policy-blocked overlay. Instead, defer to the sessions welcome/walkthrough screen so the user can sign in or switch accounts via the standard sign-in flow. The Loading overlay is still shown during the transient PolicyNotResolved state to prevent flashing the welcome screen while data is in flight. Removes the now-dead AccountPolicyGate overlay variant and its supporting code (organizations list, footer styles, fixtures). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
When the user is definitively signed into a non-approved org, show the custom Sign-In Required overlay with org list and switch-account button. noAccount/wrongProvider still defer to the welcome screen. PolicyNotResolved still shows the loading bar. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Copilot's findings
Comments suppressed due to low confidence (1)
src/vs/workbench/services/policies/browser/accountPolicyGateContribution.ts:158
NOTIFICATION_DISMISSED_KEYis read and removed, but never written. As a result, the “persisted dismissal” path can never be hit and the code comments about “Don't Show Again” are misleading. Either wire this up viaIPromptOptions.neverShowAgain(which handles persistence) or remove the unused storage logic.
if (info.state !== AccountPolicyGateState.Restricted) {
this.notificationHandle.clear();
this.dismissedKey = undefined;
this.storageService.remove(NOTIFICATION_DISMISSED_KEY, StorageScope.APPLICATION);
return;
}
if (!showNotification) {
return;
}
// `policyNotResolved` is transient — don't show a notification for it.
if (info.reason === AccountPolicyGateUnsatisfiedReason.PolicyNotResolved) {
return;
}
// Build a composite key from the reason + current account name so that
// swapping to a different account (while still blocked) re-shows the notification.
const accountName = this.defaultAccountService.currentDefaultAccount?.accountName;
const notificationKey = `${info.reason ?? ''}:${accountName ?? ''}`;
// If the key changed (different reason or different account), close the old
// notification and reset the session-scoped dismissal.
if (this.dismissedKey !== undefined && this.dismissedKey !== notificationKey) {
this.notificationHandle.clear();
this.dismissedKey = undefined;
}
this.maybeShowNotification(info, notificationKey);
}
private maybeShowNotification(info: IAccountPolicyGateInfo, notificationKey: string): void {
if (this.notificationHandle.value) {
return; // already showing for this reason+account
}
if (this.dismissedKey === notificationKey) {
return; // user dismissed for this reason+account this session
}
const persistedDismissed = this.storageService.get(NOTIFICATION_DISMISSED_KEY, StorageScope.APPLICATION);
if (persistedDismissed === notificationKey) {
return; // user clicked "Don't Show Again" for this same combo on this machine
}
- Files reviewed: 30/30 changed files
- Comments generated: 6
The test was relying on AccountPolicyService calling updatePolicyDefinitions on the managed service, but that no longer happens (the MultiplexPolicyService handles it). Updated the test to explicitly seed the managed service and Restricted after seeding. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Fix setForceHidden signature in test mocks to match interface - Include approvedOrganizations in gateInfoChanged detection - Replace raw setTimeout with disposableTimeout for proper cleanup - Fix AgentDisabled overlay: suppress only when gate forces the value, not when gate is merely active (handles Satisfied+AgentDisabled case) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
joshspicer
requested review from
joaomoreno,
pwang347,
rebornix and
sandy081
as code owners
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
joshspicer
changed the title
rebornix
approved these changes
Apr 23, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Closes https://github.com/microsoft/vscode-internalbacklog/issues/6435
Introduces an Account Policy Gate that disables AI/chat features until:
Activated by the
ChatApprovedAccountOrganizationsMDM policy (JSON array of org logins;*is a wildcard). When unset, behavior is unchanged. Fail-closed: any unresolved state restricts.How it works
AccountPolicyService.computeGateInfo()returns{ state, reason, approvedOrganizations }with reasonsnoAccount/wrongProvider/orgNotApproved/policyNotResolved(transient).setForceHidden(true)onIChatEntitlementService, thechatAccountPolicyGateActivecontext key wrapping the chat view'swhenclause, andrestrictedValueon policy definitions as defense-in-depth.SessionsPolicyBlockedOverlay(Sign In button + approved-org list) for the wrong-account state; defers to the welcome screen for noAccount/wrongProvider; progress bar for the transient loading state.Validation
Manual test