1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
3 * This file is part of the LibreOffice project.
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
9 * This file incorporates work covered by the following license notice:
11 * Licensed to the Apache Software Foundation (ASF) under one or more
12 * contributor license agreements. See the NOTICE file distributed
13 * with this work for additional information regarding copyright
14 * ownership. The ASF licenses this file to you under the Apache
15 * License, Version 2.0 (the "License"); you may not use this file
16 * except in compliance with the License. You may obtain a copy of
17 * the License at http://www.apache.org/licenses/LICENSE-2.0 .
20 #include <unotools/securityoptions.hxx>
21 #include <unotools/configmgr.hxx>
22 #include <unotools/configitem.hxx>
23 #include <unotools/ucbhelper.hxx>
24 #include <tools/debug.hxx>
25 #include <com/sun/star/uno/Any.hxx>
26 #include <com/sun/star/uno/Sequence.hxx>
28 #include <com/sun/star/beans/PropertyValue.hpp>
29 #include <comphelper/sequence.hxx>
30 #include <tools/urlobj.hxx>
32 #include <unotools/pathoptions.hxx>
34 #include "itemholder1.hxx"
38 using namespace ::utl
;
39 using namespace ::osl
;
40 using namespace ::com::sun::star::uno
;
42 #define ROOTNODE_SECURITY "Office.Common/Security/Scripting"
43 #define DEFAULT_SECUREURL Sequence< OUString >()
44 #define DEFAULT_TRUSTEDAUTHORS Sequence< SvtSecurityOptions::Certificate >()
46 // xmlsec05 deprecated
47 #define DEFAULT_STAROFFICEBASIC eALWAYS_EXECUTE
49 #define PROPERTYNAME_SECUREURL "SecureURL"
50 #define PROPERTYNAME_DOCWARN_SAVEORSEND "WarnSaveOrSendDoc"
51 #define PROPERTYNAME_DOCWARN_SIGNING "WarnSignDoc"
52 #define PROPERTYNAME_DOCWARN_PRINT "WarnPrintDoc"
53 #define PROPERTYNAME_DOCWARN_CREATEPDF "WarnCreatePDF"
54 #define PROPERTYNAME_DOCWARN_REMOVEPERSONALINFO "RemovePersonalInfoOnSaving"
55 #define PROPERTYNAME_DOCWARN_RECOMMENDPASSWORD "RecommendPasswordProtection"
56 #define PROPERTYNAME_CTRLCLICK_HYPERLINK "HyperlinksWithCtrlClick"
57 #define PROPERTYNAME_BLOCKUNTRUSTEDREFERERLINKS "BlockUntrustedRefererLinks"
58 #define PROPERTYNAME_MACRO_SECLEVEL "MacroSecurityLevel"
59 #define PROPERTYNAME_MACRO_TRUSTEDAUTHORS "TrustedAuthors"
60 #define PROPERTYNAME_MACRO_DISABLE "DisableMacrosExecution"
61 #define PROPERTYNAME_TRUSTEDAUTHOR_SUBJECTNAME "SubjectName"
62 #define PROPERTYNAME_TRUSTEDAUTHOR_SERIALNUMBER "SerialNumber"
63 #define PROPERTYNAME_TRUSTEDAUTHOR_RAWDATA "RawData"
65 // xmlsec05 deprecated
66 #define PROPERTYNAME_STAROFFICEBASIC "OfficeBasic"
67 #define PROPERTYNAME_EXECUTEPLUGINS "ExecutePlugins"
68 #define PROPERTYNAME_WARNINGENABLED "Warning"
69 #define PROPERTYNAME_CONFIRMATIONENABLED "Confirmation"
70 // xmlsec05 deprecated
72 #define PROPERTYHANDLE_SECUREURL 0
74 // xmlsec05 deprecated
75 #define PROPERTYHANDLE_STAROFFICEBASIC 1
76 #define PROPERTYHANDLE_EXECUTEPLUGINS 2
77 #define PROPERTYHANDLE_WARNINGENABLED 3
78 #define PROPERTYHANDLE_CONFIRMATIONENABLED 4
79 // xmlsec05 deprecated
81 #define PROPERTYHANDLE_DOCWARN_SAVEORSEND 5
82 #define PROPERTYHANDLE_DOCWARN_SIGNING 6
83 #define PROPERTYHANDLE_DOCWARN_PRINT 7
84 #define PROPERTYHANDLE_DOCWARN_CREATEPDF 8
85 #define PROPERTYHANDLE_DOCWARN_REMOVEPERSONALINFO 9
86 #define PROPERTYHANDLE_DOCWARN_RECOMMENDPASSWORD 10
87 #define PROPERTYHANDLE_CTRLCLICK_HYPERLINK 11
88 #define PROPERTYHANDLE_BLOCKUNTRUSTEDREFERERLINKS 12
89 #define PROPERTYHANDLE_MACRO_SECLEVEL 13
90 #define PROPERTYHANDLE_MACRO_TRUSTEDAUTHORS 14
91 #define PROPERTYHANDLE_MACRO_DISABLE 15
93 #define PROPERTYHANDLE_INVALID -1
95 #define CFG_READONLY_DEFAULT false
97 // private declarations!
99 class SvtSecurityOptions_Impl
: public ConfigItem
103 virtual void ImplCommit() override
;
109 // constructor / destructor
111 SvtSecurityOptions_Impl();
112 virtual ~SvtSecurityOptions_Impl() override
;
114 // override methods of baseclass
116 /*-****************************************************************************************************
117 @short called for notify of configmanager
118 @descr This method is called from the ConfigManager before application ends or from the
119 PropertyChangeListener if the sub tree broadcasts changes. You must update your
122 @seealso baseclass ConfigItem
124 @param "seqPropertyNames" is the list of properties which should be updated.
125 *//*-*****************************************************************************************************/
127 virtual void Notify( const Sequence
< OUString
>& seqPropertyNames
) override
;
131 bool IsReadOnly ( SvtSecurityOptions::EOption eOption
) const;
133 const Sequence
< OUString
>& GetSecureURLs( ) const { return m_seqSecureURLs
;}
134 void SetSecureURLs ( const Sequence
< OUString
>& seqURLList
);
135 inline sal_Int32
GetMacroSecurityLevel ( ) const;
136 void SetMacroSecurityLevel ( sal_Int32 _nLevel
);
138 inline bool IsMacroDisabled ( ) const;
140 const Sequence
< SvtSecurityOptions::Certificate
>& GetTrustedAuthors( ) const { return m_seqTrustedAuthors
;}
141 void SetTrustedAuthors ( const Sequence
< SvtSecurityOptions::Certificate
>& rAuthors
);
143 bool IsOptionSet ( SvtSecurityOptions::EOption eOption
) const;
144 void SetOption ( SvtSecurityOptions::EOption eOption
, bool bValue
);
145 bool IsOptionEnabled ( SvtSecurityOptions::EOption eOption
) const;
148 void SetProperty( sal_Int32 nHandle
, const Any
& rValue
, bool bReadOnly
);
150 static sal_Int32
GetHandle( const OUString
& rPropertyName
);
151 bool GetOption( SvtSecurityOptions::EOption eOption
, bool*& rpValue
, bool*& rpRO
);
153 /*-****************************************************************************************************
154 @short return list of key names of our configuration management which represent our module tree
155 @descr This method returns a static const list of key names. We need it to get needed values from our
156 configuration management.
157 @return A list of needed configuration keys is returned.
158 *//*-*****************************************************************************************************/
159 static Sequence
< OUString
> GetPropertyNames();
161 Sequence
< OUString
> m_seqSecureURLs
;
167 bool m_bRecommendPwd
;
168 bool m_bCtrlClickHyperlink
;
169 bool m_bBlockUntrustedRefererLinks
;
170 sal_Int32 m_nSecLevel
;
171 Sequence
< SvtSecurityOptions::Certificate
> m_seqTrustedAuthors
;
172 bool m_bDisableMacros
;
174 bool m_bROSecureURLs
;
175 bool m_bROSaveOrSend
;
179 bool m_bRORemoveInfo
;
180 bool m_bRORecommendPwd
;
181 bool m_bROCtrlClickHyperlink
;
182 bool m_bROBlockUntrustedRefererLinks
;
184 bool m_bROTrustedAuthors
;
185 bool m_bRODisableMacros
;
187 // xmlsec05 deprecated
188 EBasicSecurityMode m_eBasicMode
;
189 bool m_bExecutePlugins
;
191 bool m_bConfirmation
;
193 bool m_bROConfirmation
;
195 bool m_bROExecutePlugins
;
198 bool IsWarningEnabled() const { return m_bWarning
;}
199 void SetWarningEnabled( bool bSet
);
200 bool IsConfirmationEnabled() const { return m_bConfirmation
;}
201 void SetConfirmationEnabled( bool bSet
);
202 bool IsExecutePlugins() const { return m_bExecutePlugins
;}
203 void SetExecutePlugins( bool bSet
);
204 // xmlsec05 deprecated
205 EBasicSecurityMode
GetBasicMode ( ) const { return m_eBasicMode
;}
206 void SetBasicMode ( EBasicSecurityMode eMode
);
211 SvtSecurityOptions_Impl::SvtSecurityOptions_Impl()
212 :ConfigItem ( ROOTNODE_SECURITY
)
213 ,m_seqSecureURLs ( DEFAULT_SECUREURL
)
214 ,m_bSaveOrSend ( true )
217 ,m_bCreatePDF ( true )
218 ,m_bRemoveInfo ( true )
219 ,m_bRecommendPwd(false)
220 ,m_bCtrlClickHyperlink(false)
221 ,m_bBlockUntrustedRefererLinks(false)
223 ,m_seqTrustedAuthors ( DEFAULT_TRUSTEDAUTHORS
)
224 ,m_bDisableMacros ( false )
225 ,m_bROSecureURLs ( CFG_READONLY_DEFAULT
)
226 ,m_bROSaveOrSend ( CFG_READONLY_DEFAULT
)
227 ,m_bROSigning ( CFG_READONLY_DEFAULT
)
228 ,m_bROPrint ( CFG_READONLY_DEFAULT
)
229 ,m_bROCreatePDF ( CFG_READONLY_DEFAULT
)
230 ,m_bRORemoveInfo ( CFG_READONLY_DEFAULT
)
231 ,m_bRORecommendPwd(CFG_READONLY_DEFAULT
)
232 ,m_bROCtrlClickHyperlink(CFG_READONLY_DEFAULT
)
233 ,m_bROBlockUntrustedRefererLinks(CFG_READONLY_DEFAULT
)
234 ,m_bROSecLevel ( CFG_READONLY_DEFAULT
)
235 ,m_bROTrustedAuthors ( CFG_READONLY_DEFAULT
)
236 ,m_bRODisableMacros ( true ) // currently is not intended to be changed
238 // xmlsec05 deprecated
239 , m_eBasicMode ( DEFAULT_STAROFFICEBASIC
)
240 , m_bExecutePlugins ( true )
241 , m_bWarning ( true )
242 , m_bConfirmation ( true )
243 , m_bROConfirmation ( CFG_READONLY_DEFAULT
)
244 , m_bROWarning ( CFG_READONLY_DEFAULT
)
245 , m_bROExecutePlugins ( CFG_READONLY_DEFAULT
)
246 , m_bROBasicMode ( CFG_READONLY_DEFAULT
)
247 // xmlsec05 deprecated
250 Sequence
< OUString
> seqNames
= GetPropertyNames ( );
251 Sequence
< Any
> seqValues
= GetProperties ( seqNames
);
252 Sequence
< sal_Bool
> seqRO
= GetReadOnlyStates ( seqNames
);
254 // Safe impossible cases.
255 // We need values from ALL configuration keys.
256 // Follow assignment use order of values in relation to our list of key names!
257 DBG_ASSERT( !(seqNames
.getLength()!=seqValues
.getLength()), "SvtSecurityOptions_Impl::SvtSecurityOptions_Impl()\nI miss some values of configuration keys!\n" );
259 // Copy values from list in right order to our internal member.
260 sal_Int32 nPropertyCount
= seqValues
.getLength();
261 for( sal_Int32 nProperty
= 0; nProperty
< nPropertyCount
; ++nProperty
)
262 SetProperty( nProperty
, seqValues
[ nProperty
], seqRO
[ nProperty
] );
266 // Enable notification mechanism of our baseclass.
267 // We need it to get information about changes outside these class on our used configuration keys!*/
269 EnableNotification( seqNames
);
274 SvtSecurityOptions_Impl::~SvtSecurityOptions_Impl()
276 assert(!IsModified()); // should have been committed
279 void SvtSecurityOptions_Impl::SetProperty( sal_Int32 nProperty
, const Any
& rValue
, bool bRO
)
283 case PROPERTYHANDLE_SECUREURL
:
285 m_seqSecureURLs
.realloc( 0 );
286 rValue
>>= m_seqSecureURLs
;
287 if (!utl::ConfigManager::IsFuzzing())
290 std::transform(m_seqSecureURLs
.begin(), m_seqSecureURLs
.end(), m_seqSecureURLs
.begin(),
291 [&aOpt
](const OUString
& rUrl
) -> OUString
{ return aOpt
.SubstituteVariable( rUrl
); });
293 m_bROSecureURLs
= bRO
;
297 case PROPERTYHANDLE_DOCWARN_SAVEORSEND
:
299 rValue
>>= m_bSaveOrSend
;
300 m_bROSaveOrSend
= bRO
;
304 case PROPERTYHANDLE_DOCWARN_SIGNING
:
306 rValue
>>= m_bSigning
;
311 case PROPERTYHANDLE_DOCWARN_PRINT
:
318 case PROPERTYHANDLE_DOCWARN_CREATEPDF
:
320 rValue
>>= m_bCreatePDF
;
321 m_bROCreatePDF
= bRO
;
325 case PROPERTYHANDLE_DOCWARN_REMOVEPERSONALINFO
:
327 rValue
>>= m_bRemoveInfo
;
328 m_bRORemoveInfo
= bRO
;
332 case PROPERTYHANDLE_DOCWARN_RECOMMENDPASSWORD
:
334 rValue
>>= m_bRecommendPwd
;
335 m_bRORecommendPwd
= bRO
;
339 case PROPERTYHANDLE_CTRLCLICK_HYPERLINK
:
341 rValue
>>= m_bCtrlClickHyperlink
;
342 m_bROCtrlClickHyperlink
= bRO
;
346 case PROPERTYHANDLE_BLOCKUNTRUSTEDREFERERLINKS
:
348 rValue
>>= m_bBlockUntrustedRefererLinks
;
349 m_bROBlockUntrustedRefererLinks
= bRO
;
353 case PROPERTYHANDLE_MACRO_SECLEVEL
:
355 rValue
>>= m_nSecLevel
;
360 case PROPERTYHANDLE_MACRO_TRUSTEDAUTHORS
:
362 // don't care about value here...
363 m_bROTrustedAuthors
= bRO
;
367 case PROPERTYHANDLE_MACRO_DISABLE
:
369 rValue
>>= m_bDisableMacros
;
370 m_bRODisableMacros
= bRO
;
374 // xmlsec05 deprecated
375 case PROPERTYHANDLE_STAROFFICEBASIC
:
379 m_eBasicMode
= static_cast<EBasicSecurityMode
>(nMode
);
380 m_bROBasicMode
= bRO
;
383 case PROPERTYHANDLE_EXECUTEPLUGINS
:
385 rValue
>>= m_bExecutePlugins
;
386 m_bROExecutePlugins
= bRO
;
389 case PROPERTYHANDLE_WARNINGENABLED
:
391 rValue
>>= m_bWarning
;
395 case PROPERTYHANDLE_CONFIRMATIONENABLED
:
397 rValue
>>= m_bConfirmation
;
398 m_bROConfirmation
= bRO
;
401 // xmlsec05 deprecated
403 #if OSL_DEBUG_LEVEL > 0
405 assert(false && "Unknown property!");
410 void SvtSecurityOptions_Impl::LoadAuthors()
412 m_seqTrustedAuthors
.realloc( 0 ); // first clear
413 const Sequence
< OUString
> lAuthors
= GetNodeNames( PROPERTYNAME_MACRO_TRUSTEDAUTHORS
);
414 sal_Int32 c1
= lAuthors
.getLength();
418 sal_Int32 c2
= c1
* 3; // 3 Properties inside Struct TrustedAuthor
419 Sequence
< OUString
> lAllAuthors( c2
);
422 OUString
aSep( "/" );
423 for( const auto& rAuthor
: lAuthors
)
425 lAllAuthors
[ i2
] = PROPERTYNAME_MACRO_TRUSTEDAUTHORS
+ aSep
+ rAuthor
+ aSep
+ PROPERTYNAME_TRUSTEDAUTHOR_SUBJECTNAME
;
427 lAllAuthors
[ i2
] = PROPERTYNAME_MACRO_TRUSTEDAUTHORS
+ aSep
+ rAuthor
+ aSep
+ PROPERTYNAME_TRUSTEDAUTHOR_SERIALNUMBER
;
429 lAllAuthors
[ i2
] = PROPERTYNAME_MACRO_TRUSTEDAUTHORS
+ aSep
+ rAuthor
+ aSep
+ PROPERTYNAME_TRUSTEDAUTHOR_RAWDATA
;
433 Sequence
< Any
> lValues
= GetProperties( lAllAuthors
);
434 if( lValues
.getLength() != c2
)
437 std::vector
< SvtSecurityOptions::Certificate
> v
;
438 SvtSecurityOptions::Certificate
aCert( 3 );
440 for( sal_Int32 i1
= 0; i1
< c1
; ++i1
)
442 lValues
[ i2
] >>= aCert
[ 0 ];
444 lValues
[ i2
] >>= aCert
[ 1 ];
446 lValues
[ i2
] >>= aCert
[ 2 ];
448 // Filter out TrustedAuthor entries with empty RawData, which
449 // would cause an unexpected std::bad_alloc in
450 // SecurityEnvironment_NssImpl::createCertificateFromAscii and
451 // have been observed in the wild (fdo#55019):
452 if( !aCert
[ 2 ].isEmpty() )
454 v
.push_back( aCert
);
457 m_seqTrustedAuthors
= comphelper::containerToSequence(v
);
460 sal_Int32
SvtSecurityOptions_Impl::GetHandle( const OUString
& rName
)
464 if( rName
== PROPERTYNAME_SECUREURL
)
465 nHandle
= PROPERTYHANDLE_SECUREURL
;
466 else if( rName
== PROPERTYNAME_DOCWARN_SAVEORSEND
)
467 nHandle
= PROPERTYHANDLE_DOCWARN_SAVEORSEND
;
468 else if( rName
== PROPERTYNAME_DOCWARN_SIGNING
)
469 nHandle
= PROPERTYHANDLE_DOCWARN_SIGNING
;
470 else if( rName
== PROPERTYNAME_DOCWARN_PRINT
)
471 nHandle
= PROPERTYHANDLE_DOCWARN_PRINT
;
472 else if( rName
== PROPERTYNAME_DOCWARN_CREATEPDF
)
473 nHandle
= PROPERTYHANDLE_DOCWARN_CREATEPDF
;
474 else if( rName
== PROPERTYNAME_DOCWARN_REMOVEPERSONALINFO
)
475 nHandle
= PROPERTYHANDLE_DOCWARN_REMOVEPERSONALINFO
;
476 else if( rName
== PROPERTYNAME_DOCWARN_RECOMMENDPASSWORD
)
477 nHandle
= PROPERTYHANDLE_DOCWARN_RECOMMENDPASSWORD
;
478 else if( rName
== PROPERTYNAME_CTRLCLICK_HYPERLINK
)
479 nHandle
= PROPERTYHANDLE_CTRLCLICK_HYPERLINK
;
480 else if( rName
== PROPERTYNAME_BLOCKUNTRUSTEDREFERERLINKS
)
481 nHandle
= PROPERTYHANDLE_BLOCKUNTRUSTEDREFERERLINKS
;
482 else if( rName
== PROPERTYNAME_MACRO_SECLEVEL
)
483 nHandle
= PROPERTYHANDLE_MACRO_SECLEVEL
;
484 else if( rName
== PROPERTYNAME_MACRO_TRUSTEDAUTHORS
)
485 nHandle
= PROPERTYHANDLE_MACRO_TRUSTEDAUTHORS
;
486 else if( rName
== PROPERTYNAME_MACRO_DISABLE
)
487 nHandle
= PROPERTYHANDLE_MACRO_DISABLE
;
489 // xmlsec05 deprecated
490 else if( rName
== PROPERTYNAME_STAROFFICEBASIC
)
491 nHandle
= PROPERTYHANDLE_STAROFFICEBASIC
;
492 else if( rName
== PROPERTYNAME_EXECUTEPLUGINS
)
493 nHandle
= PROPERTYHANDLE_EXECUTEPLUGINS
;
494 else if( rName
== PROPERTYNAME_WARNINGENABLED
)
495 nHandle
= PROPERTYHANDLE_WARNINGENABLED
;
496 else if( rName
== PROPERTYNAME_CONFIRMATIONENABLED
)
497 nHandle
= PROPERTYHANDLE_CONFIRMATIONENABLED
;
498 // xmlsec05 deprecated
501 nHandle
= PROPERTYHANDLE_INVALID
;
506 bool SvtSecurityOptions_Impl::GetOption( SvtSecurityOptions::EOption eOption
, bool*& rpValue
, bool*& rpRO
)
510 case SvtSecurityOptions::EOption::DocWarnSaveOrSend
:
511 rpValue
= &m_bSaveOrSend
;
512 rpRO
= &m_bROSaveOrSend
;
514 case SvtSecurityOptions::EOption::DocWarnSigning
:
515 rpValue
= &m_bSigning
;
516 rpRO
= &m_bROSigning
;
518 case SvtSecurityOptions::EOption::DocWarnPrint
:
522 case SvtSecurityOptions::EOption::DocWarnCreatePdf
:
523 rpValue
= &m_bCreatePDF
;
524 rpRO
= &m_bROCreatePDF
;
526 case SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo
:
527 rpValue
= &m_bRemoveInfo
;
528 rpRO
= &m_bRORemoveInfo
;
530 case SvtSecurityOptions::EOption::DocWarnRecommendPassword
:
531 rpValue
= &m_bRecommendPwd
;
532 rpRO
= &m_bRORecommendPwd
;
534 case SvtSecurityOptions::EOption::CtrlClickHyperlink
:
535 rpValue
= &m_bCtrlClickHyperlink
;
536 rpRO
= &m_bROCtrlClickHyperlink
;
538 case SvtSecurityOptions::EOption::BlockUntrustedRefererLinks
:
539 rpValue
= &m_bBlockUntrustedRefererLinks
;
540 rpRO
= &m_bROBlockUntrustedRefererLinks
;
548 return rpValue
!= nullptr;
551 void SvtSecurityOptions_Impl::Notify( const Sequence
< OUString
>& seqPropertyNames
)
553 // Use given list of updated properties to get his values from configuration directly!
554 Sequence
< Any
> seqValues
= GetProperties( seqPropertyNames
);
555 Sequence
< sal_Bool
> seqRO
= GetReadOnlyStates( seqPropertyNames
);
556 // Safe impossible cases.
557 // We need values from ALL notified configuration keys.
558 DBG_ASSERT( !(seqPropertyNames
.getLength()!=seqValues
.getLength()), "SvtSecurityOptions_Impl::Notify()\nI miss some values of configuration keys!\n" );
559 // Step over list of property names and get right value from corresponding value list to set it on internal members!
560 sal_Int32 nCount
= seqPropertyNames
.getLength();
561 for( sal_Int32 nProperty
= 0; nProperty
< nCount
; ++nProperty
)
562 SetProperty( GetHandle( seqPropertyNames
[ nProperty
] ), seqValues
[ nProperty
], seqRO
[ nProperty
] );
564 // read set of trusted authors separately
568 void SvtSecurityOptions_Impl::ImplCommit()
570 // Get names of supported properties, create a list for values and copy current values to it.
571 Sequence
< OUString
> lOrgNames
= GetPropertyNames();
572 sal_Int32 nOrgCount
= lOrgNames
.getLength();
574 Sequence
< OUString
> lNames(nOrgCount
);
575 Sequence
< Any
> lValues(nOrgCount
);
576 sal_Int32 nRealCount
= 0;
579 ClearNodeSet( PROPERTYNAME_MACRO_TRUSTEDAUTHORS
);
581 for( sal_Int32 nProperty
= 0; nProperty
< nOrgCount
; ++nProperty
)
585 case PROPERTYHANDLE_SECUREURL
:
587 bDone
= !m_bROSecureURLs
;
590 Sequence
< OUString
> lURLs( m_seqSecureURLs
);
592 std::transform(lURLs
.begin(), lURLs
.end(), lURLs
.begin(),
593 [&aOpt
](const OUString
& rUrl
) -> OUString
{ return aOpt
.UseVariable( rUrl
); });
594 lValues
[ nRealCount
] <<= lURLs
;
599 case PROPERTYHANDLE_DOCWARN_SAVEORSEND
:
601 bDone
= !m_bROSaveOrSend
;
603 lValues
[ nRealCount
] <<= m_bSaveOrSend
;
607 case PROPERTYHANDLE_DOCWARN_SIGNING
:
609 bDone
= !m_bROSigning
;
611 lValues
[ nRealCount
] <<= m_bSigning
;
615 case PROPERTYHANDLE_DOCWARN_PRINT
:
619 lValues
[ nRealCount
] <<= m_bPrint
;
623 case PROPERTYHANDLE_DOCWARN_CREATEPDF
:
625 bDone
= !m_bROCreatePDF
;
627 lValues
[ nRealCount
] <<= m_bCreatePDF
;
631 case PROPERTYHANDLE_DOCWARN_REMOVEPERSONALINFO
:
633 bDone
= !m_bRORemoveInfo
;
635 lValues
[ nRealCount
] <<= m_bRemoveInfo
;
639 case PROPERTYHANDLE_DOCWARN_RECOMMENDPASSWORD
:
641 bDone
= !m_bRORecommendPwd
;
643 lValues
[ nRealCount
] <<= m_bRecommendPwd
;
647 case PROPERTYHANDLE_CTRLCLICK_HYPERLINK
:
649 bDone
= !m_bROCtrlClickHyperlink
;
651 lValues
[ nRealCount
] <<= m_bCtrlClickHyperlink
;
655 case PROPERTYHANDLE_BLOCKUNTRUSTEDREFERERLINKS
:
657 bDone
= !m_bROBlockUntrustedRefererLinks
;
659 lValues
[ nRealCount
] <<= m_bBlockUntrustedRefererLinks
;
663 case PROPERTYHANDLE_MACRO_SECLEVEL
:
665 bDone
= !m_bROSecLevel
;
667 lValues
[ nRealCount
] <<= m_nSecLevel
;
671 case PROPERTYHANDLE_MACRO_TRUSTEDAUTHORS
:
673 bDone
= !m_bROTrustedAuthors
;
676 sal_Int32 nCnt
= m_seqTrustedAuthors
.getLength();
679 for( sal_Int32 i
= 0; i
< nCnt
; ++i
)
682 PROPERTYNAME_MACRO_TRUSTEDAUTHORS
"/a"
683 + OUString::number(i
) + "/");
684 Sequence
< css::beans::PropertyValue
> lPropertyValues( 3 );
685 lPropertyValues
[ 0 ].Name
= aPrefix
+ PROPERTYNAME_TRUSTEDAUTHOR_SUBJECTNAME
;
686 lPropertyValues
[ 0 ].Value
<<= m_seqTrustedAuthors
[ i
][0];
687 lPropertyValues
[ 1 ].Name
= aPrefix
+ PROPERTYNAME_TRUSTEDAUTHOR_SERIALNUMBER
;
688 lPropertyValues
[ 1 ].Value
<<= m_seqTrustedAuthors
[ i
][1];
689 lPropertyValues
[ 2 ].Name
= aPrefix
+ PROPERTYNAME_TRUSTEDAUTHOR_RAWDATA
;
690 lPropertyValues
[ 2 ].Value
<<= m_seqTrustedAuthors
[ i
][2];
692 SetSetProperties( PROPERTYNAME_MACRO_TRUSTEDAUTHORS
, lPropertyValues
);
695 bDone
= false; // because we save in loop above!
703 case PROPERTYHANDLE_MACRO_DISABLE
:
705 bDone
= !m_bRODisableMacros
;
707 lValues
[ nRealCount
] <<= m_bDisableMacros
;
711 // xmlsec05 deprecated
712 case PROPERTYHANDLE_STAROFFICEBASIC
:
714 bDone
= !m_bROBasicMode
;
716 lValues
[ nRealCount
] <<= static_cast<sal_Int32
>(m_eBasicMode
);
719 case PROPERTYHANDLE_EXECUTEPLUGINS
:
721 bDone
= !m_bROExecutePlugins
;
723 lValues
[ nRealCount
] <<= m_bExecutePlugins
;
726 case PROPERTYHANDLE_WARNINGENABLED
:
728 bDone
= !m_bROWarning
;
730 lValues
[ nRealCount
] <<= m_bWarning
;
733 case PROPERTYHANDLE_CONFIRMATIONENABLED
:
735 bDone
= !m_bROConfirmation
;
737 lValues
[ nRealCount
] <<= m_bConfirmation
;
740 // xmlsec05 deprecated
748 lNames
[ nRealCount
] = lOrgNames
[ nProperty
];
752 // Set properties in configuration.
753 lNames
.realloc(nRealCount
);
754 lValues
.realloc(nRealCount
);
755 PutProperties( lNames
, lValues
);
758 bool SvtSecurityOptions_Impl::IsReadOnly( SvtSecurityOptions::EOption eOption
) const
763 case SvtSecurityOptions::EOption::SecureUrls
:
764 bReadonly
= m_bROSecureURLs
;
766 case SvtSecurityOptions::EOption::DocWarnSaveOrSend
:
767 bReadonly
= m_bROSaveOrSend
;
769 case SvtSecurityOptions::EOption::DocWarnSigning
:
770 bReadonly
= m_bROSigning
;
772 case SvtSecurityOptions::EOption::DocWarnPrint
:
773 bReadonly
= m_bROPrint
;
775 case SvtSecurityOptions::EOption::DocWarnCreatePdf
:
776 bReadonly
= m_bROCreatePDF
;
778 case SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo
:
779 bReadonly
= m_bRORemoveInfo
;
781 case SvtSecurityOptions::EOption::DocWarnRecommendPassword
:
782 bReadonly
= m_bRORecommendPwd
;
784 case SvtSecurityOptions::EOption::MacroSecLevel
:
785 bReadonly
= m_bROSecLevel
;
787 case SvtSecurityOptions::EOption::MacroTrustedAuthors
:
788 bReadonly
= m_bROTrustedAuthors
;
790 case SvtSecurityOptions::EOption::CtrlClickHyperlink
:
791 bReadonly
= m_bROCtrlClickHyperlink
;
793 case SvtSecurityOptions::EOption::BlockUntrustedRefererLinks
:
794 bReadonly
= m_bROBlockUntrustedRefererLinks
;
797 // xmlsec05 deprecated
798 case SvtSecurityOptions::EOption::BasicMode
:
799 bReadonly
= m_bROBasicMode
;
801 case SvtSecurityOptions::EOption::ExecutePlugins
:
802 bReadonly
= m_bROExecutePlugins
;
804 case SvtSecurityOptions::EOption::Warning
:
805 bReadonly
= m_bROWarning
;
807 case SvtSecurityOptions::EOption::Confirmation
:
808 bReadonly
= m_bROConfirmation
;
810 // xmlsec05 deprecated
820 void SvtSecurityOptions_Impl::SetSecureURLs( const Sequence
< OUString
>& seqURLList
)
822 DBG_ASSERT(!m_bROSecureURLs
, "SvtSecurityOptions_Impl::SetSecureURLs()\nYou tried to write on a readonly value!\n");
823 if (!m_bROSecureURLs
&& m_seqSecureURLs
!=seqURLList
)
825 m_seqSecureURLs
= seqURLList
;
830 inline sal_Int32
SvtSecurityOptions_Impl::GetMacroSecurityLevel() const
835 inline bool SvtSecurityOptions_Impl::IsMacroDisabled() const
837 return m_bDisableMacros
;
840 void SvtSecurityOptions_Impl::SetMacroSecurityLevel( sal_Int32 _nLevel
)
844 if( _nLevel
> 3 || _nLevel
< 0 )
847 if( m_nSecLevel
!= _nLevel
)
849 m_nSecLevel
= _nLevel
;
856 void SvtSecurityOptions_Impl::SetTrustedAuthors( const Sequence
< SvtSecurityOptions::Certificate
>& rAuthors
)
858 DBG_ASSERT(!m_bROTrustedAuthors
, "SvtSecurityOptions_Impl::SetTrustedAuthors()\nYou tried to write on a readonly value!\n");
859 if( !m_bROTrustedAuthors
&& rAuthors
!= m_seqTrustedAuthors
)
861 m_seqTrustedAuthors
= rAuthors
;
866 bool SvtSecurityOptions_Impl::IsOptionSet( SvtSecurityOptions::EOption eOption
) const
872 if( const_cast< SvtSecurityOptions_Impl
* >( this )->GetOption( eOption
, pValue
, pRO
) )
878 void SvtSecurityOptions_Impl::SetOption( SvtSecurityOptions::EOption eOption
, bool bValue
)
883 if( GetOption( eOption
, pValue
, pRO
) && !*pRO
&& *pValue
!= bValue
)
890 bool SvtSecurityOptions_Impl::IsOptionEnabled( SvtSecurityOptions::EOption eOption
) const
896 if( const_cast< SvtSecurityOptions_Impl
* >( this )->GetOption( eOption
, pValue
, pRO
) )
902 Sequence
< OUString
> SvtSecurityOptions_Impl::GetPropertyNames()
904 return Sequence
< OUString
>
906 PROPERTYNAME_SECUREURL
,
907 PROPERTYNAME_STAROFFICEBASIC
,
908 PROPERTYNAME_EXECUTEPLUGINS
,
909 PROPERTYNAME_WARNINGENABLED
,
910 PROPERTYNAME_CONFIRMATIONENABLED
,
911 PROPERTYNAME_DOCWARN_SAVEORSEND
,
912 PROPERTYNAME_DOCWARN_SIGNING
,
913 PROPERTYNAME_DOCWARN_PRINT
,
914 PROPERTYNAME_DOCWARN_CREATEPDF
,
915 PROPERTYNAME_DOCWARN_REMOVEPERSONALINFO
,
916 PROPERTYNAME_DOCWARN_RECOMMENDPASSWORD
,
917 PROPERTYNAME_CTRLCLICK_HYPERLINK
,
918 PROPERTYNAME_BLOCKUNTRUSTEDREFERERLINKS
,
919 PROPERTYNAME_MACRO_SECLEVEL
,
920 PROPERTYNAME_MACRO_TRUSTEDAUTHORS
,
921 PROPERTYNAME_MACRO_DISABLE
927 std::weak_ptr
<SvtSecurityOptions_Impl
> g_pSecurityOptions
;
931 SvtSecurityOptions::SvtSecurityOptions()
933 // Global access, must be guarded (multithreading!).
934 MutexGuard
aGuard( GetInitMutex() );
936 m_pImpl
= g_pSecurityOptions
.lock();
939 m_pImpl
= std::make_shared
<SvtSecurityOptions_Impl
>();
940 g_pSecurityOptions
= m_pImpl
;
942 ItemHolder1::holdConfigItem(EItem::SecurityOptions
);
946 SvtSecurityOptions::~SvtSecurityOptions()
948 // Global access, must be guarded (multithreading!)
949 MutexGuard
aGuard( GetInitMutex() );
954 bool SvtSecurityOptions::IsReadOnly( EOption eOption
) const
956 MutexGuard
aGuard( GetInitMutex() );
957 return m_pImpl
->IsReadOnly(eOption
);
960 Sequence
< OUString
> SvtSecurityOptions::GetSecureURLs() const
962 MutexGuard
aGuard( GetInitMutex() );
963 return m_pImpl
->GetSecureURLs();
966 void SvtSecurityOptions::SetSecureURLs( const Sequence
< OUString
>& seqURLList
)
968 MutexGuard
aGuard( GetInitMutex() );
969 m_pImpl
->SetSecureURLs( seqURLList
);
972 bool SvtSecurityOptions::isSecureMacroUri(
973 OUString
const & uri
, OUString
const & referer
) const
975 switch (INetURLObject(uri
).GetProtocol()) {
976 case INetProtocol::Macro
:
977 if (uri
.startsWithIgnoreAsciiCase("macro:///")) {
978 // Denotes an App-BASIC macro (see SfxMacroLoader::loadMacro), which
979 // is considered safe:
983 case INetProtocol::Slot
:
984 return referer
.equalsIgnoreAsciiCase("private:user")
985 || isTrustedLocationUri(referer
);
991 bool SvtSecurityOptions::isUntrustedReferer(OUString
const & referer
) const {
992 MutexGuard
g(GetInitMutex());
993 return m_pImpl
->IsOptionSet(EOption::BlockUntrustedRefererLinks
)
994 && !(referer
.isEmpty() || referer
.startsWithIgnoreAsciiCase("private:")
995 || isTrustedLocationUri(referer
));
998 bool SvtSecurityOptions::isTrustedLocationUri(OUString
const & uri
) const {
999 MutexGuard
g(GetInitMutex());
1000 for (const auto & url
: std::as_const(m_pImpl
->m_seqSecureURLs
))
1002 if (UCBContentHelper::IsSubPath(url
, uri
))
1010 bool SvtSecurityOptions::isTrustedLocationUriForUpdatingLinks(
1011 OUString
const & uri
) const
1013 return GetMacroSecurityLevel() == 0 || uri
.isEmpty()
1014 || uri
.startsWithIgnoreAsciiCase("private:")
1015 || isTrustedLocationUri(uri
);
1018 sal_Int32
SvtSecurityOptions::GetMacroSecurityLevel() const
1020 MutexGuard
aGuard( GetInitMutex() );
1021 return m_pImpl
->GetMacroSecurityLevel();
1024 void SvtSecurityOptions::SetMacroSecurityLevel( sal_Int32 _nLevel
)
1026 MutexGuard
aGuard( GetInitMutex() );
1027 m_pImpl
->SetMacroSecurityLevel( _nLevel
);
1030 bool SvtSecurityOptions::IsMacroDisabled() const
1032 MutexGuard
aGuard( GetInitMutex() );
1033 return m_pImpl
->IsMacroDisabled();
1036 Sequence
< SvtSecurityOptions::Certificate
> SvtSecurityOptions::GetTrustedAuthors() const
1038 MutexGuard
aGuard( GetInitMutex() );
1039 return m_pImpl
->GetTrustedAuthors();
1042 void SvtSecurityOptions::SetTrustedAuthors( const Sequence
< Certificate
>& rAuthors
)
1044 MutexGuard
aGuard( GetInitMutex() );
1045 m_pImpl
->SetTrustedAuthors( rAuthors
);
1048 bool SvtSecurityOptions::IsOptionSet( EOption eOption
) const
1050 MutexGuard
aGuard( GetInitMutex() );
1051 return m_pImpl
->IsOptionSet( eOption
);
1054 void SvtSecurityOptions::SetOption( EOption eOption
, bool bValue
)
1056 MutexGuard
aGuard( GetInitMutex() );
1057 m_pImpl
->SetOption( eOption
, bValue
);
1060 bool SvtSecurityOptions::IsOptionEnabled( EOption eOption
) const
1062 MutexGuard
aGuard( GetInitMutex() );
1063 return m_pImpl
->IsOptionEnabled( eOption
);
1068 class theSecurityOptionsMutex
: public rtl::Static
<osl::Mutex
, theSecurityOptionsMutex
>{};
1071 Mutex
& SvtSecurityOptions::GetInitMutex()
1073 return theSecurityOptionsMutex::get();
1076 void SvtSecurityOptions_Impl::SetBasicMode( EBasicSecurityMode eMode
)
1078 DBG_ASSERT(!m_bROBasicMode
, "SvtSecurityOptions_Impl::SetBasicMode()\nYou tried to write on a readonly value!\n");
1079 if (!m_bROBasicMode
&& m_eBasicMode
!=eMode
)
1081 m_eBasicMode
= eMode
;
1087 void SvtSecurityOptions_Impl::SetExecutePlugins( bool bSet
)
1089 DBG_ASSERT(!m_bROExecutePlugins
, "SvtSecurityOptions_Impl::SetExecutePlugins()\nYou tried to write on a readonly value!\n");
1090 if (!m_bROExecutePlugins
&& m_bExecutePlugins
!=bSet
)
1092 m_bExecutePlugins
= bSet
;
1098 void SvtSecurityOptions_Impl::SetWarningEnabled( bool bSet
)
1100 DBG_ASSERT(!m_bROWarning
, "SvtSecurityOptions_Impl::SetWarningEnabled()\nYou tried to write on a readonly value!\n");
1101 if (!m_bROWarning
&& m_bWarning
!=bSet
)
1109 void SvtSecurityOptions_Impl::SetConfirmationEnabled( bool bSet
)
1111 DBG_ASSERT(!m_bROConfirmation
, "SvtSecurityOptions_Impl::SetConfirmationEnabled()\nYou tried to write on a readonly value!\n");
1112 if (!m_bROConfirmation
&& m_bConfirmation
!=bSet
)
1114 m_bConfirmation
= bSet
;
1119 bool SvtSecurityOptions::IsExecutePlugins() const
1121 MutexGuard
aGuard( GetInitMutex() );
1122 return m_pImpl
->IsExecutePlugins();
1125 void SvtSecurityOptions::SetExecutePlugins( bool bSet
)
1127 MutexGuard
aGuard( GetInitMutex() );
1128 m_pImpl
->SetExecutePlugins( bSet
);
1131 bool SvtSecurityOptions::IsWarningEnabled() const
1133 MutexGuard
aGuard( GetInitMutex() );
1134 return m_pImpl
->IsWarningEnabled();
1137 void SvtSecurityOptions::SetWarningEnabled( bool bSet
)
1139 MutexGuard
aGuard( GetInitMutex() );
1140 m_pImpl
->SetWarningEnabled( bSet
);
1143 bool SvtSecurityOptions::IsConfirmationEnabled() const
1145 MutexGuard
aGuard( GetInitMutex() );
1146 return m_pImpl
->IsConfirmationEnabled();
1149 void SvtSecurityOptions::SetConfirmationEnabled( bool bSet
)
1151 MutexGuard
aGuard( GetInitMutex() );
1152 m_pImpl
->SetConfirmationEnabled( bSet
);
1155 void SvtSecurityOptions::SetBasicMode( EBasicSecurityMode eMode
)
1157 MutexGuard
aGuard( GetInitMutex() );
1158 m_pImpl
->SetBasicMode( eMode
);
1161 EBasicSecurityMode
SvtSecurityOptions::GetBasicMode() const
1163 MutexGuard
aGuard( GetInitMutex() );
1164 return m_pImpl
->GetBasicMode();
1167 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */