Add two new options to customize how extension permissions are checked:
- `extensions.exhaustivePermissions`
Ensures that the permissions requested by all extensions managed by
home-manager are authorized
- `extensions.exactPermissions`
When enabled, the user must authorize only the permissions that the
extensions requests, not more nor less.
Adds extension permissions as suggested in
https://github.com/nix-community/home-manager/issues/7001.
Adds the 'profiles.<name>.extensions.settings.<name>.permissions' to Firefox
derivatives. If set, this option adds an assertion that fails if an extension
package requests permissions that weren't added to the permissions option. In
order to not require 'profiles.<name>.extensions.force' to be set when only
permissions, but no extension settings were defined, the relevant assertions
were changed. They now check whether any 'extensions.settings.<name>.settings'
was set instead of checking whether 'extensions.settings' was set.
---------
Co-authored-by: Robert Helgesson <robert@rycee.net>
Co-authored-by: awwpotato <awwpotato@voidq.com>
Not run in CI so didn't notice. We had a shared file. But, now attrset
and list differ in what they can generate. Separate the expected test
files.
Signed-off-by: Austin Horstman <khaneliman12@gmail.com>
The legacy attrset option type for `firefox.profiles.<name>.bookmarks`
was accidentally removed in 9d55428. This adds back support for this
type by refactoring the bookmarks submodule. This also adds a new test
ensuring this won't happen again.
This splits the bookmarks submodule into a seperate file, to make it easier to maintain (like how the search module was previously split out in #5697).
This also refactors bookmarks to require a new force option, to be more explicit about overriding existing bookmarks.
* nixos: remove with lib
* nix-darwin: remove with lib
* home-manager: remove with lib
* modules/accounts: remove with lib
* modules/config: remove with lib
* modules/i18n: remove with lib
* modules/misc: remove with lib
* modules: remove with lib
* modules/targets: remove with lib
* tests/modules/firefox: remove with lib
* tests/modules/services: remove with lib
This commit refactors programs.firefox.profiles.<name>.extensions in
order to support both installation of extensions (addons) and their
configuration. It does this by setting the
`extensions.webextensions.ExtensionStorageIDB.enabled` user_pref to
false.
When this preference is set to false, support for storing extension
settings in sqlite databases, also known as IndexedDB or IDB, is
reverted back to the JSON format present in firefox versions prior to
version 63, as seen here:
https://blog.mozilla.org/addons/2018/08/03/new-backend-for-storage-local-api/
IndexedDB was made the default due to performance improvements, but had
the consequence of removing any possibility of declarative extension
configuration without the assistance of firefox's policy system. The
policy system is supported by a small amount of extensions, such as
uBlock Origin, but has to be explicitly supported. Even when supported,
it provides significantly less granular control when compared to the
JSON storage format.
Add `preConfig`, which acts like `extraConfig`, but placed before
`settings`. This will allow to overwrite settings in `preConfig`,
using `settings` option.
