Add 'sensitiveValue' to the known schema attributes

This CL adds the boolean schema attribute 'sensitiveValue' to the known
schema attributes. This attribute is used to mask sensitive values with
a replacement value, which can be displayed in the UI.

Bug: 856901, 873641, 849657
Change-Id: I8afb2c3255d483737db8380abd898cd15d62e84a
Reviewed-on: https://chromium-review.googlesource.com/1183235
Commit-Queue: Alexander Hendrich <hendrich@chromium.org>
Reviewed-by: Lutz Justen <ljusten@chromium.org>
Reviewed-by: Pavol Marko <pmarko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#587079}

components/policy/core/common/json_schema_constants.cc

@@ -23,6 +23,7 @@ const char kPatternProperties[] = "patternProperties";
 const char kProperties[] = "properties";
 const char kRef[] = "$ref";
 const char kRequired[] = "required";
+const char kSensitiveValue[] = "sensitiveValue";
 const char kString[] = "string";
 const char kTitle[] = "title";
 const char kType[] = "type";

components/policy/core/common/json_schema_constants.h

@@ -25,6 +25,7 @@ extern const char kPatternProperties[];
 extern const char kProperties[];
 extern const char kRef[];
 extern const char kRequired[];
+extern const char kSensitiveValue[];
 extern const char kString[];
 extern const char kTitle[];
 extern const char kType[];

components/policy/core/common/schema.cc

@@ -70,10 +70,6 @@ struct StorageSizes {
   size_t string_enums;
 };
 
-// A policy-specific extension to schema. If a schema contains this key and the
-// value is true, the policy value should not be displayed on the UI.
-constexpr char kSensitiveValue[] = "sensitiveValue";
-
 // |Schema::MaskSensitiveValues| will replace sensitive values with this string.
 // It should be consistent with the mask |NetworkConfigurationPolicyHandler|
 // uses for network credential fields.
@@ -108,6 +104,7 @@ const SchemaKeyToValueType kAttributesAndTypesForArray[] = {
     {schema::kDescription, base::Value::Type::STRING},
     {schema::kId, base::Value::Type::STRING},
     {schema::kItems, base::Value::Type::DICTIONARY},
+    {schema::kSensitiveValue, base::Value::Type::BOOLEAN},
     {schema::kTitle, base::Value::Type::STRING},
     {schema::kType, base::Value::Type::STRING},
 };
@@ -119,6 +116,7 @@ const SchemaKeyToValueType* kAttributesAndTypesForArrayEnd =
 const SchemaKeyToValueType kAttributesAndTypesForBoolean[] = {
     {schema::kDescription, base::Value::Type::STRING},
     {schema::kId, base::Value::Type::STRING},
+    {schema::kSensitiveValue, base::Value::Type::BOOLEAN},
     {schema::kTitle, base::Value::Type::STRING},
     {schema::kType, base::Value::Type::STRING},
 };
@@ -133,6 +131,7 @@ const SchemaKeyToValueType kAttributesAndTypesForInteger[] = {
     {schema::kId, base::Value::Type::STRING},
     {schema::kMaximum, base::Value::Type::DOUBLE},
     {schema::kMinimum, base::Value::Type::DOUBLE},
+    {schema::kSensitiveValue, base::Value::Type::BOOLEAN},
     {schema::kTitle, base::Value::Type::STRING},
     {schema::kType, base::Value::Type::STRING},
 };
@@ -144,6 +143,7 @@ const SchemaKeyToValueType* kAttributesAndTypesForIntegerEnd =
 const SchemaKeyToValueType kAttributesAndTypesForNumber[] = {
     {schema::kDescription, base::Value::Type::STRING},
     {schema::kId, base::Value::Type::STRING},
+    {schema::kSensitiveValue, base::Value::Type::BOOLEAN},
     {schema::kTitle, base::Value::Type::STRING},
     {schema::kType, base::Value::Type::STRING},
 };
@@ -159,6 +159,7 @@ const SchemaKeyToValueType kAttributesAndTypesForObject[] = {
     {schema::kPatternProperties, base::Value::Type::DICTIONARY},
     {schema::kProperties, base::Value::Type::DICTIONARY},
     {schema::kRequired, base::Value::Type::LIST},
+    {schema::kSensitiveValue, base::Value::Type::BOOLEAN},
     {schema::kTitle, base::Value::Type::STRING},
     {schema::kType, base::Value::Type::STRING},
 };
@@ -182,6 +183,7 @@ const SchemaKeyToValueType kAttributesAndTypesForString[] = {
     {schema::kEnum, base::Value::Type::LIST},
     {schema::kId, base::Value::Type::STRING},
     {schema::kPattern, base::Value::Type::STRING},
+    {schema::kSensitiveValue, base::Value::Type::BOOLEAN},
     {schema::kTitle, base::Value::Type::STRING},
     {schema::kType, base::Value::Type::STRING},
 };
@@ -912,7 +914,7 @@ bool Schema::InternalStorage::Parse(const base::DictionaryValue& schema,
   }
 
   bool is_sensitive_value = false;
-  if (schema.GetBoolean(kSensitiveValue, &is_sensitive_value))
+  if (schema.GetBoolean(schema::kSensitiveValue, &is_sensitive_value))
     schema_node_metadata->is_sensitive_value = is_sensitive_value;
 
   return true;

components/policy/core/common/schema.h

@@ -70,6 +70,8 @@ typedef std::vector<Schema> SchemaList;
 //  - "additionalProperties": false is not supported. The value of
 //    "additionalProperties" has to be a schema if present. Otherwise, the
 //    behavior for unknown attributes is controlled by |SchemaOnErrorStrategy|.
+//  - "sensitiveValue" (bool) marks a value to be sensitive. This is used to
+//    mask those values in the UI by calling |MaskSensitiveValues()|.
 class POLICY_EXPORT Schema {
  public:
   // Used internally to store shared data.