Closed
Bug 1429151
Opened 6 years ago
Closed 6 years ago
Policy: Disable Sync
Categories
(Firefox :: Enterprise Policies, enhancement, P1)
Firefox
Enterprise Policies
Tracking
()
VERIFIED
FIXED
Firefox 60
| Tracking | Status | |
|---|---|---|
| firefox60 | --- | verified |
People
(Reporter: Felipe, Assigned: Felipe)
References
Details
Attachments
(1 file)
Disable Sync through a policy (Firefox Accounts).
|
||
Comment 1•6 years ago
|
||
Mark, this is for the enterprise users who'd like to be able to disable sync for their users. Apparently there isn't a simple pref to flip to turn this off. Ideally we'd still like to allow access to Firefox Accounts, since its used by more than just sync. We could think of it that on about:preferences#sync, everything is disabled and can't be enabled, but I'm not sure what the best way to do that. Any advice here?
Flags: needinfo?(markh)
|
||
Comment 2•6 years ago
|
||
The TOR people are looking for something similar in bug 1434706. In that bug we discussed that allowing Sync itself to be enabled while just disabling the UI might be a bit of a foot-gun. That bug also has pointers to external patches. We certainly could disable Sync while allowing FxAccounts to continue to work, but without about:preferences#sync I'm not sure how users would interact with FxA as all FxA UI is currently tied to Sync. Having a single preference to disable Sync itself would be fairly easy. However, it's not quite as clear how the various UI parts of Sync (eg, about:prefs#sync, hamburger menu, synced tabs sidebar/menu panel) are most cleanly handled - hiding via CSS would probably be ideal, but it might end up tricky doing that cleanly. We'd probably also want to talk to marketing to ensure a Firefox configured in this way doesn't get a first-run snippet that suggests creating an account and starts the login flow.
Flags: needinfo?(markh)
See Also: → 1434706
|
|
||
Comment 3•6 years ago
|
||
It looks like bug 1434706, setting identity.fxaccounts.enabled works. Could you confirm Felipe?
Flags: needinfo?(felipc)
|
Assignee | |
Comment 4•6 years ago
|
||
Ah, thanks for letting me know! Let me create a policy to toggle that pref and see how that works out
Assignee: nobody → felipc
Status: NEW → ASSIGNED
Flags: needinfo?(felipc)
| Comment hidden (mozreview-request) |
|
|
Assignee | |
Comment 6•6 years ago
|
||
Mark, as naming is one of the hard problems in computer science, what do you think is the best name to call this policy? It looks like from the discussions that "DisableSync" is what this actually does, so it sounds fair. However, the pref was named identity.fxaccounts.enabled, even though you mentioned in bug 1434706 that might not be the best name.. so I'm not sure
|
|
||
Comment 7•6 years ago
|
||
(In reply to :Felipe Gomes (needinfo me!) from comment #6) > Mark, as naming is one of the hard problems in computer science, what do you > think is the best name to call this policy? > > It looks like from the discussions that "DisableSync" is what this actually > does, so it sounds fair. However, the pref was named > identity.fxaccounts.enabled, even though you mentioned in bug 1434706 that > might not be the best name.. so I'm not sure The name is probably best as something like DisableFirefoxAccounts with the description being "Disables Firefox Account based services, including Sync." - in practice today it really does mean just "disable sync" but in the future it is likely to include lockbox.
| Comment hidden (mozreview-request) |
|
|
||
Comment 9•6 years ago
|
||
| mozreview-review | ||
Comment on attachment 8955933 [details] Bug 1429151 - Policy: Disable Sync. https://reviewboard.mozilla.org/r/224886/#review230874 Awesome!
Attachment #8955933 -
Flags: review?(markh) → review+
|
||
Comment 10•6 years ago
|
||
Pushed by felipc@gmail.com: https://hg.mozilla.org/integration/autoland/rev/3e515738e4b5 Policy: Disable Sync. r=markh
|
||
Comment 11•6 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/3e515738e4b5
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
status-firefox60:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 60
|
||
Updated•6 years ago
|
status-firefox59:
affected → ---
|
||
Comment 12•6 years ago
|
||
What is the expected behavior if a previously logged user is now blocked by a policy? Shouldn't we log him out first before we block the sync service?
|
||
Comment 13•6 years ago
|
||
The implementation we have right now will not log out the user, it will act as the device never connected.
|
|
||
Comment 14•6 years ago
|
||
We tested this on beta[FX60] and Nightly [Fx61] with ADM and JSON policy formats and it is verified as fixed. Test cases and runs are here- https://testrail.stage.mozaws.net/index.php?/plans/view/8760
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•