nss: upgrade to release 3.73
[LibreOffice.git] / unotools / source / config / securityoptions.cxx
blob6a99a87ca207985c6c4c70e4eacccb4934b53df5
1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /*
3 * This file is part of the LibreOffice project.
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
9 * This file incorporates work covered by the following license notice:
11 * Licensed to the Apache Software Foundation (ASF) under one or more
12 * contributor license agreements. See the NOTICE file distributed
13 * with this work for additional information regarding copyright
14 * ownership. The ASF licenses this file to you under the Apache
15 * License, Version 2.0 (the "License"); you may not use this file
16 * except in compliance with the License. You may obtain a copy of
17 * the License at http://www.apache.org/licenses/LICENSE-2.0 .
20 #include <unotools/securityoptions.hxx>
21 #include <unotools/configmgr.hxx>
22 #include <unotools/configitem.hxx>
23 #include <unotools/ucbhelper.hxx>
24 #include <tools/debug.hxx>
25 #include <com/sun/star/uno/Any.hxx>
26 #include <com/sun/star/uno/Sequence.hxx>
28 #include <com/sun/star/beans/PropertyValue.hpp>
29 #include <comphelper/sequence.hxx>
30 #include <tools/urlobj.hxx>
32 #include <unotools/pathoptions.hxx>
34 #include "itemholder1.hxx"
36 // namespaces
38 using namespace ::utl;
39 using namespace ::osl;
40 using namespace ::com::sun::star::uno;
42 #define ROOTNODE_SECURITY "Office.Common/Security/Scripting"
43 #define DEFAULT_SECUREURL Sequence< OUString >()
44 #define DEFAULT_TRUSTEDAUTHORS Sequence< SvtSecurityOptions::Certificate >()
46 // xmlsec05 deprecated
47 #define DEFAULT_STAROFFICEBASIC eALWAYS_EXECUTE
49 #define PROPERTYNAME_SECUREURL "SecureURL"
50 #define PROPERTYNAME_DOCWARN_SAVEORSEND "WarnSaveOrSendDoc"
51 #define PROPERTYNAME_DOCWARN_SIGNING "WarnSignDoc"
52 #define PROPERTYNAME_DOCWARN_PRINT "WarnPrintDoc"
53 #define PROPERTYNAME_DOCWARN_CREATEPDF "WarnCreatePDF"
54 #define PROPERTYNAME_DOCWARN_REMOVEPERSONALINFO "RemovePersonalInfoOnSaving"
55 #define PROPERTYNAME_DOCWARN_RECOMMENDPASSWORD "RecommendPasswordProtection"
56 #define PROPERTYNAME_CTRLCLICK_HYPERLINK "HyperlinksWithCtrlClick"
57 #define PROPERTYNAME_BLOCKUNTRUSTEDREFERERLINKS "BlockUntrustedRefererLinks"
58 #define PROPERTYNAME_MACRO_SECLEVEL "MacroSecurityLevel"
59 #define PROPERTYNAME_MACRO_TRUSTEDAUTHORS "TrustedAuthors"
60 #define PROPERTYNAME_MACRO_DISABLE "DisableMacrosExecution"
61 #define PROPERTYNAME_TRUSTEDAUTHOR_SUBJECTNAME "SubjectName"
62 #define PROPERTYNAME_TRUSTEDAUTHOR_SERIALNUMBER "SerialNumber"
63 #define PROPERTYNAME_TRUSTEDAUTHOR_RAWDATA "RawData"
65 // xmlsec05 deprecated
66 #define PROPERTYNAME_STAROFFICEBASIC "OfficeBasic"
67 #define PROPERTYNAME_EXECUTEPLUGINS "ExecutePlugins"
68 #define PROPERTYNAME_WARNINGENABLED "Warning"
69 #define PROPERTYNAME_CONFIRMATIONENABLED "Confirmation"
70 // xmlsec05 deprecated
72 #define PROPERTYHANDLE_SECUREURL 0
74 // xmlsec05 deprecated
75 #define PROPERTYHANDLE_STAROFFICEBASIC 1
76 #define PROPERTYHANDLE_EXECUTEPLUGINS 2
77 #define PROPERTYHANDLE_WARNINGENABLED 3
78 #define PROPERTYHANDLE_CONFIRMATIONENABLED 4
79 // xmlsec05 deprecated
81 #define PROPERTYHANDLE_DOCWARN_SAVEORSEND 5
82 #define PROPERTYHANDLE_DOCWARN_SIGNING 6
83 #define PROPERTYHANDLE_DOCWARN_PRINT 7
84 #define PROPERTYHANDLE_DOCWARN_CREATEPDF 8
85 #define PROPERTYHANDLE_DOCWARN_REMOVEPERSONALINFO 9
86 #define PROPERTYHANDLE_DOCWARN_RECOMMENDPASSWORD 10
87 #define PROPERTYHANDLE_CTRLCLICK_HYPERLINK 11
88 #define PROPERTYHANDLE_BLOCKUNTRUSTEDREFERERLINKS 12
89 #define PROPERTYHANDLE_MACRO_SECLEVEL 13
90 #define PROPERTYHANDLE_MACRO_TRUSTEDAUTHORS 14
91 #define PROPERTYHANDLE_MACRO_DISABLE 15
93 #define PROPERTYHANDLE_INVALID -1
95 #define CFG_READONLY_DEFAULT false
97 // private declarations!
99 class SvtSecurityOptions_Impl : public ConfigItem
102 private:
103 virtual void ImplCommit() override;
105 // public methods
107 public:
109 // constructor / destructor
111 SvtSecurityOptions_Impl();
112 virtual ~SvtSecurityOptions_Impl() override;
114 // override methods of baseclass
116 /*-****************************************************************************************************
117 @short called for notify of configmanager
118 @descr This method is called from the ConfigManager before application ends or from the
119 PropertyChangeListener if the sub tree broadcasts changes. You must update your
120 internal values.
122 @seealso baseclass ConfigItem
124 @param "seqPropertyNames" is the list of properties which should be updated.
125 *//*-*****************************************************************************************************/
127 virtual void Notify( const Sequence< OUString >& seqPropertyNames ) override;
129 // public interface
131 bool IsReadOnly ( SvtSecurityOptions::EOption eOption ) const;
133 const Sequence< OUString >& GetSecureURLs( ) const { return m_seqSecureURLs;}
134 void SetSecureURLs ( const Sequence< OUString >& seqURLList );
135 inline sal_Int32 GetMacroSecurityLevel ( ) const;
136 void SetMacroSecurityLevel ( sal_Int32 _nLevel );
138 inline bool IsMacroDisabled ( ) const;
140 const Sequence< SvtSecurityOptions::Certificate >& GetTrustedAuthors( ) const { return m_seqTrustedAuthors;}
141 void SetTrustedAuthors ( const Sequence< SvtSecurityOptions::Certificate >& rAuthors );
143 bool IsOptionSet ( SvtSecurityOptions::EOption eOption ) const;
144 void SetOption ( SvtSecurityOptions::EOption eOption, bool bValue );
145 bool IsOptionEnabled ( SvtSecurityOptions::EOption eOption ) const;
148 void SetProperty( sal_Int32 nHandle, const Any& rValue, bool bReadOnly );
149 void LoadAuthors();
150 static sal_Int32 GetHandle( const OUString& rPropertyName );
151 bool GetOption( SvtSecurityOptions::EOption eOption, bool*& rpValue, bool*& rpRO );
153 /*-****************************************************************************************************
154 @short return list of key names of our configuration management which represent our module tree
155 @descr This method returns a static const list of key names. We need it to get needed values from our
156 configuration management.
157 @return A list of needed configuration keys is returned.
158 *//*-*****************************************************************************************************/
159 static Sequence< OUString > GetPropertyNames();
161 Sequence< OUString > m_seqSecureURLs;
162 bool m_bSaveOrSend;
163 bool m_bSigning;
164 bool m_bPrint;
165 bool m_bCreatePDF;
166 bool m_bRemoveInfo;
167 bool m_bRecommendPwd;
168 bool m_bCtrlClickHyperlink;
169 bool m_bBlockUntrustedRefererLinks;
170 sal_Int32 m_nSecLevel;
171 Sequence< SvtSecurityOptions::Certificate > m_seqTrustedAuthors;
172 bool m_bDisableMacros;
174 bool m_bROSecureURLs;
175 bool m_bROSaveOrSend;
176 bool m_bROSigning;
177 bool m_bROPrint;
178 bool m_bROCreatePDF;
179 bool m_bRORemoveInfo;
180 bool m_bRORecommendPwd;
181 bool m_bROCtrlClickHyperlink;
182 bool m_bROBlockUntrustedRefererLinks;
183 bool m_bROSecLevel;
184 bool m_bROTrustedAuthors;
185 bool m_bRODisableMacros;
187 // xmlsec05 deprecated
188 EBasicSecurityMode m_eBasicMode;
189 bool m_bExecutePlugins;
190 bool m_bWarning;
191 bool m_bConfirmation;
193 bool m_bROConfirmation;
194 bool m_bROWarning;
195 bool m_bROExecutePlugins;
196 bool m_bROBasicMode;
197 public:
198 bool IsWarningEnabled() const { return m_bWarning;}
199 void SetWarningEnabled( bool bSet );
200 bool IsConfirmationEnabled() const { return m_bConfirmation;}
201 void SetConfirmationEnabled( bool bSet );
202 bool IsExecutePlugins() const { return m_bExecutePlugins;}
203 void SetExecutePlugins( bool bSet );
204 // xmlsec05 deprecated
205 EBasicSecurityMode GetBasicMode ( ) const { return m_eBasicMode;}
206 void SetBasicMode ( EBasicSecurityMode eMode );
209 // constructor
211 SvtSecurityOptions_Impl::SvtSecurityOptions_Impl()
212 :ConfigItem ( ROOTNODE_SECURITY )
213 ,m_seqSecureURLs ( DEFAULT_SECUREURL )
214 ,m_bSaveOrSend ( true )
215 ,m_bSigning ( true )
216 ,m_bPrint ( true )
217 ,m_bCreatePDF ( true )
218 ,m_bRemoveInfo ( true )
219 ,m_bRecommendPwd(false)
220 ,m_bCtrlClickHyperlink(false)
221 ,m_bBlockUntrustedRefererLinks(false)
222 ,m_nSecLevel ( 1 )
223 ,m_seqTrustedAuthors ( DEFAULT_TRUSTEDAUTHORS )
224 ,m_bDisableMacros ( false )
225 ,m_bROSecureURLs ( CFG_READONLY_DEFAULT )
226 ,m_bROSaveOrSend ( CFG_READONLY_DEFAULT )
227 ,m_bROSigning ( CFG_READONLY_DEFAULT )
228 ,m_bROPrint ( CFG_READONLY_DEFAULT )
229 ,m_bROCreatePDF ( CFG_READONLY_DEFAULT )
230 ,m_bRORemoveInfo ( CFG_READONLY_DEFAULT )
231 ,m_bRORecommendPwd(CFG_READONLY_DEFAULT)
232 ,m_bROCtrlClickHyperlink(CFG_READONLY_DEFAULT)
233 ,m_bROBlockUntrustedRefererLinks(CFG_READONLY_DEFAULT)
234 ,m_bROSecLevel ( CFG_READONLY_DEFAULT )
235 ,m_bROTrustedAuthors ( CFG_READONLY_DEFAULT )
236 ,m_bRODisableMacros ( true ) // currently is not intended to be changed
238 // xmlsec05 deprecated
239 , m_eBasicMode ( DEFAULT_STAROFFICEBASIC )
240 , m_bExecutePlugins ( true )
241 , m_bWarning ( true )
242 , m_bConfirmation ( true )
243 , m_bROConfirmation ( CFG_READONLY_DEFAULT )
244 , m_bROWarning ( CFG_READONLY_DEFAULT )
245 , m_bROExecutePlugins ( CFG_READONLY_DEFAULT )
246 , m_bROBasicMode ( CFG_READONLY_DEFAULT )
247 // xmlsec05 deprecated
250 Sequence< OUString > seqNames = GetPropertyNames ( );
251 Sequence< Any > seqValues = GetProperties ( seqNames );
252 Sequence< sal_Bool > seqRO = GetReadOnlyStates ( seqNames );
254 // Safe impossible cases.
255 // We need values from ALL configuration keys.
256 // Follow assignment use order of values in relation to our list of key names!
257 DBG_ASSERT( !(seqNames.getLength()!=seqValues.getLength()), "SvtSecurityOptions_Impl::SvtSecurityOptions_Impl()\nI miss some values of configuration keys!\n" );
259 // Copy values from list in right order to our internal member.
260 sal_Int32 nPropertyCount = seqValues.getLength();
261 for( sal_Int32 nProperty = 0; nProperty < nPropertyCount; ++nProperty )
262 SetProperty( nProperty, seqValues[ nProperty ], seqRO[ nProperty ] );
264 LoadAuthors();
266 // Enable notification mechanism of our baseclass.
267 // We need it to get information about changes outside these class on our used configuration keys!*/
269 EnableNotification( seqNames );
272 // destructor
274 SvtSecurityOptions_Impl::~SvtSecurityOptions_Impl()
276 assert(!IsModified()); // should have been committed
279 void SvtSecurityOptions_Impl::SetProperty( sal_Int32 nProperty, const Any& rValue, bool bRO )
281 switch( nProperty )
283 case PROPERTYHANDLE_SECUREURL:
285 m_seqSecureURLs.realloc( 0 );
286 rValue >>= m_seqSecureURLs;
287 if (!utl::ConfigManager::IsFuzzing())
289 SvtPathOptions aOpt;
290 std::transform(m_seqSecureURLs.begin(), m_seqSecureURLs.end(), m_seqSecureURLs.begin(),
291 [&aOpt](const OUString& rUrl) -> OUString { return aOpt.SubstituteVariable( rUrl ); });
293 m_bROSecureURLs = bRO;
295 break;
297 case PROPERTYHANDLE_DOCWARN_SAVEORSEND:
299 rValue >>= m_bSaveOrSend;
300 m_bROSaveOrSend = bRO;
302 break;
304 case PROPERTYHANDLE_DOCWARN_SIGNING:
306 rValue >>= m_bSigning;
307 m_bROSigning = bRO;
309 break;
311 case PROPERTYHANDLE_DOCWARN_PRINT:
313 rValue >>= m_bPrint;
314 m_bROPrint = bRO;
316 break;
318 case PROPERTYHANDLE_DOCWARN_CREATEPDF:
320 rValue >>= m_bCreatePDF;
321 m_bROCreatePDF = bRO;
323 break;
325 case PROPERTYHANDLE_DOCWARN_REMOVEPERSONALINFO:
327 rValue >>= m_bRemoveInfo;
328 m_bRORemoveInfo = bRO;
330 break;
332 case PROPERTYHANDLE_DOCWARN_RECOMMENDPASSWORD:
334 rValue >>= m_bRecommendPwd;
335 m_bRORecommendPwd = bRO;
337 break;
339 case PROPERTYHANDLE_CTRLCLICK_HYPERLINK:
341 rValue >>= m_bCtrlClickHyperlink;
342 m_bROCtrlClickHyperlink = bRO;
344 break;
346 case PROPERTYHANDLE_BLOCKUNTRUSTEDREFERERLINKS:
348 rValue >>= m_bBlockUntrustedRefererLinks;
349 m_bROBlockUntrustedRefererLinks = bRO;
351 break;
353 case PROPERTYHANDLE_MACRO_SECLEVEL:
355 rValue >>= m_nSecLevel;
356 m_bROSecLevel = bRO;
358 break;
360 case PROPERTYHANDLE_MACRO_TRUSTEDAUTHORS:
362 // don't care about value here...
363 m_bROTrustedAuthors = bRO;
365 break;
367 case PROPERTYHANDLE_MACRO_DISABLE:
369 rValue >>= m_bDisableMacros;
370 m_bRODisableMacros = bRO;
372 break;
374 // xmlsec05 deprecated
375 case PROPERTYHANDLE_STAROFFICEBASIC:
377 sal_Int32 nMode = 0;
378 rValue >>= nMode;
379 m_eBasicMode = static_cast<EBasicSecurityMode>(nMode);
380 m_bROBasicMode = bRO;
382 break;
383 case PROPERTYHANDLE_EXECUTEPLUGINS:
385 rValue >>= m_bExecutePlugins;
386 m_bROExecutePlugins = bRO;
388 break;
389 case PROPERTYHANDLE_WARNINGENABLED:
391 rValue >>= m_bWarning;
392 m_bROWarning = bRO;
394 break;
395 case PROPERTYHANDLE_CONFIRMATIONENABLED:
397 rValue >>= m_bConfirmation;
398 m_bROConfirmation = bRO;
400 break;
401 // xmlsec05 deprecated
403 #if OSL_DEBUG_LEVEL > 0
404 default:
405 assert(false && "Unknown property!");
406 #endif
410 void SvtSecurityOptions_Impl::LoadAuthors()
412 m_seqTrustedAuthors.realloc( 0 ); // first clear
413 const Sequence< OUString > lAuthors = GetNodeNames( PROPERTYNAME_MACRO_TRUSTEDAUTHORS );
414 sal_Int32 c1 = lAuthors.getLength();
415 if( !c1 )
416 return;
418 sal_Int32 c2 = c1 * 3; // 3 Properties inside Struct TrustedAuthor
419 Sequence< OUString > lAllAuthors( c2 );
421 sal_Int32 i2 = 0;
422 OUString aSep( "/" );
423 for( const auto& rAuthor : lAuthors )
425 lAllAuthors[ i2 ] = PROPERTYNAME_MACRO_TRUSTEDAUTHORS + aSep + rAuthor + aSep + PROPERTYNAME_TRUSTEDAUTHOR_SUBJECTNAME;
426 ++i2;
427 lAllAuthors[ i2 ] = PROPERTYNAME_MACRO_TRUSTEDAUTHORS + aSep + rAuthor + aSep + PROPERTYNAME_TRUSTEDAUTHOR_SERIALNUMBER;
428 ++i2;
429 lAllAuthors[ i2 ] = PROPERTYNAME_MACRO_TRUSTEDAUTHORS + aSep + rAuthor + aSep + PROPERTYNAME_TRUSTEDAUTHOR_RAWDATA;
430 ++i2;
433 Sequence< Any > lValues = GetProperties( lAllAuthors );
434 if( lValues.getLength() != c2 )
435 return;
437 std::vector< SvtSecurityOptions::Certificate > v;
438 SvtSecurityOptions::Certificate aCert( 3 );
439 i2 = 0;
440 for( sal_Int32 i1 = 0; i1 < c1; ++i1 )
442 lValues[ i2 ] >>= aCert[ 0 ];
443 ++i2;
444 lValues[ i2 ] >>= aCert[ 1 ];
445 ++i2;
446 lValues[ i2 ] >>= aCert[ 2 ];
447 ++i2;
448 // Filter out TrustedAuthor entries with empty RawData, which
449 // would cause an unexpected std::bad_alloc in
450 // SecurityEnvironment_NssImpl::createCertificateFromAscii and
451 // have been observed in the wild (fdo#55019):
452 if( !aCert[ 2 ].isEmpty() )
454 v.push_back( aCert );
457 m_seqTrustedAuthors = comphelper::containerToSequence(v);
460 sal_Int32 SvtSecurityOptions_Impl::GetHandle( const OUString& rName )
462 sal_Int32 nHandle;
464 if( rName == PROPERTYNAME_SECUREURL )
465 nHandle = PROPERTYHANDLE_SECUREURL;
466 else if( rName == PROPERTYNAME_DOCWARN_SAVEORSEND )
467 nHandle = PROPERTYHANDLE_DOCWARN_SAVEORSEND;
468 else if( rName == PROPERTYNAME_DOCWARN_SIGNING )
469 nHandle = PROPERTYHANDLE_DOCWARN_SIGNING;
470 else if( rName == PROPERTYNAME_DOCWARN_PRINT )
471 nHandle = PROPERTYHANDLE_DOCWARN_PRINT;
472 else if( rName == PROPERTYNAME_DOCWARN_CREATEPDF )
473 nHandle = PROPERTYHANDLE_DOCWARN_CREATEPDF;
474 else if( rName == PROPERTYNAME_DOCWARN_REMOVEPERSONALINFO )
475 nHandle = PROPERTYHANDLE_DOCWARN_REMOVEPERSONALINFO;
476 else if( rName == PROPERTYNAME_DOCWARN_RECOMMENDPASSWORD )
477 nHandle = PROPERTYHANDLE_DOCWARN_RECOMMENDPASSWORD;
478 else if( rName == PROPERTYNAME_CTRLCLICK_HYPERLINK )
479 nHandle = PROPERTYHANDLE_CTRLCLICK_HYPERLINK;
480 else if( rName == PROPERTYNAME_BLOCKUNTRUSTEDREFERERLINKS )
481 nHandle = PROPERTYHANDLE_BLOCKUNTRUSTEDREFERERLINKS;
482 else if( rName == PROPERTYNAME_MACRO_SECLEVEL )
483 nHandle = PROPERTYHANDLE_MACRO_SECLEVEL;
484 else if( rName == PROPERTYNAME_MACRO_TRUSTEDAUTHORS )
485 nHandle = PROPERTYHANDLE_MACRO_TRUSTEDAUTHORS;
486 else if( rName == PROPERTYNAME_MACRO_DISABLE )
487 nHandle = PROPERTYHANDLE_MACRO_DISABLE;
489 // xmlsec05 deprecated
490 else if( rName == PROPERTYNAME_STAROFFICEBASIC )
491 nHandle = PROPERTYHANDLE_STAROFFICEBASIC;
492 else if( rName == PROPERTYNAME_EXECUTEPLUGINS )
493 nHandle = PROPERTYHANDLE_EXECUTEPLUGINS;
494 else if( rName == PROPERTYNAME_WARNINGENABLED )
495 nHandle = PROPERTYHANDLE_WARNINGENABLED;
496 else if( rName == PROPERTYNAME_CONFIRMATIONENABLED )
497 nHandle = PROPERTYHANDLE_CONFIRMATIONENABLED;
498 // xmlsec05 deprecated
500 else
501 nHandle = PROPERTYHANDLE_INVALID;
503 return nHandle;
506 bool SvtSecurityOptions_Impl::GetOption( SvtSecurityOptions::EOption eOption, bool*& rpValue, bool*& rpRO )
508 switch( eOption )
510 case SvtSecurityOptions::EOption::DocWarnSaveOrSend:
511 rpValue = &m_bSaveOrSend;
512 rpRO = &m_bROSaveOrSend;
513 break;
514 case SvtSecurityOptions::EOption::DocWarnSigning:
515 rpValue = &m_bSigning;
516 rpRO = &m_bROSigning;
517 break;
518 case SvtSecurityOptions::EOption::DocWarnPrint:
519 rpValue = &m_bPrint;
520 rpRO = &m_bROPrint;
521 break;
522 case SvtSecurityOptions::EOption::DocWarnCreatePdf:
523 rpValue = &m_bCreatePDF;
524 rpRO = &m_bROCreatePDF;
525 break;
526 case SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo:
527 rpValue = &m_bRemoveInfo;
528 rpRO = &m_bRORemoveInfo;
529 break;
530 case SvtSecurityOptions::EOption::DocWarnRecommendPassword:
531 rpValue = &m_bRecommendPwd;
532 rpRO = &m_bRORecommendPwd;
533 break;
534 case SvtSecurityOptions::EOption::CtrlClickHyperlink:
535 rpValue = &m_bCtrlClickHyperlink;
536 rpRO = &m_bROCtrlClickHyperlink;
537 break;
538 case SvtSecurityOptions::EOption::BlockUntrustedRefererLinks:
539 rpValue = &m_bBlockUntrustedRefererLinks;
540 rpRO = &m_bROBlockUntrustedRefererLinks;
541 break;
542 default:
543 rpValue = nullptr;
544 rpRO = nullptr;
545 break;
548 return rpValue != nullptr;
551 void SvtSecurityOptions_Impl::Notify( const Sequence< OUString >& seqPropertyNames )
553 // Use given list of updated properties to get his values from configuration directly!
554 Sequence< Any > seqValues = GetProperties( seqPropertyNames );
555 Sequence< sal_Bool > seqRO = GetReadOnlyStates( seqPropertyNames );
556 // Safe impossible cases.
557 // We need values from ALL notified configuration keys.
558 DBG_ASSERT( !(seqPropertyNames.getLength()!=seqValues.getLength()), "SvtSecurityOptions_Impl::Notify()\nI miss some values of configuration keys!\n" );
559 // Step over list of property names and get right value from corresponding value list to set it on internal members!
560 sal_Int32 nCount = seqPropertyNames.getLength();
561 for( sal_Int32 nProperty = 0; nProperty < nCount; ++nProperty )
562 SetProperty( GetHandle( seqPropertyNames[ nProperty ] ), seqValues[ nProperty ], seqRO[ nProperty ] );
564 // read set of trusted authors separately
565 LoadAuthors();
568 void SvtSecurityOptions_Impl::ImplCommit()
570 // Get names of supported properties, create a list for values and copy current values to it.
571 Sequence< OUString > lOrgNames = GetPropertyNames();
572 sal_Int32 nOrgCount = lOrgNames.getLength();
574 Sequence< OUString > lNames(nOrgCount);
575 Sequence< Any > lValues(nOrgCount);
576 sal_Int32 nRealCount = 0;
577 bool bDone;
579 ClearNodeSet( PROPERTYNAME_MACRO_TRUSTEDAUTHORS );
581 for( sal_Int32 nProperty = 0; nProperty < nOrgCount; ++nProperty )
583 switch( nProperty )
585 case PROPERTYHANDLE_SECUREURL:
587 bDone = !m_bROSecureURLs;
588 if( bDone )
590 Sequence< OUString > lURLs( m_seqSecureURLs );
591 SvtPathOptions aOpt;
592 std::transform(lURLs.begin(), lURLs.end(), lURLs.begin(),
593 [&aOpt](const OUString& rUrl) -> OUString { return aOpt.UseVariable( rUrl ); });
594 lValues[ nRealCount ] <<= lURLs;
597 break;
599 case PROPERTYHANDLE_DOCWARN_SAVEORSEND:
601 bDone = !m_bROSaveOrSend;
602 if( bDone )
603 lValues[ nRealCount ] <<= m_bSaveOrSend;
605 break;
607 case PROPERTYHANDLE_DOCWARN_SIGNING:
609 bDone = !m_bROSigning;
610 if( bDone )
611 lValues[ nRealCount ] <<= m_bSigning;
613 break;
615 case PROPERTYHANDLE_DOCWARN_PRINT:
617 bDone = !m_bROPrint;
618 if( bDone )
619 lValues[ nRealCount ] <<= m_bPrint;
621 break;
623 case PROPERTYHANDLE_DOCWARN_CREATEPDF:
625 bDone = !m_bROCreatePDF;
626 if( bDone )
627 lValues[ nRealCount ] <<= m_bCreatePDF;
629 break;
631 case PROPERTYHANDLE_DOCWARN_REMOVEPERSONALINFO:
633 bDone = !m_bRORemoveInfo;
634 if( bDone )
635 lValues[ nRealCount ] <<= m_bRemoveInfo;
637 break;
639 case PROPERTYHANDLE_DOCWARN_RECOMMENDPASSWORD:
641 bDone = !m_bRORecommendPwd;
642 if( bDone )
643 lValues[ nRealCount ] <<= m_bRecommendPwd;
645 break;
647 case PROPERTYHANDLE_CTRLCLICK_HYPERLINK:
649 bDone = !m_bROCtrlClickHyperlink;
650 if( bDone )
651 lValues[ nRealCount ] <<= m_bCtrlClickHyperlink;
653 break;
655 case PROPERTYHANDLE_BLOCKUNTRUSTEDREFERERLINKS:
657 bDone = !m_bROBlockUntrustedRefererLinks;
658 if( bDone )
659 lValues[ nRealCount ] <<= m_bBlockUntrustedRefererLinks;
661 break;
663 case PROPERTYHANDLE_MACRO_SECLEVEL:
665 bDone = !m_bROSecLevel;
666 if( bDone )
667 lValues[ nRealCount ] <<= m_nSecLevel;
669 break;
671 case PROPERTYHANDLE_MACRO_TRUSTEDAUTHORS:
673 bDone = !m_bROTrustedAuthors;
674 if( bDone )
676 sal_Int32 nCnt = m_seqTrustedAuthors.getLength();
677 if( nCnt )
679 for( sal_Int32 i = 0; i < nCnt; ++i )
681 OUString aPrefix(
682 PROPERTYNAME_MACRO_TRUSTEDAUTHORS "/a"
683 + OUString::number(i) + "/");
684 Sequence< css::beans::PropertyValue > lPropertyValues( 3 );
685 lPropertyValues[ 0 ].Name = aPrefix + PROPERTYNAME_TRUSTEDAUTHOR_SUBJECTNAME;
686 lPropertyValues[ 0 ].Value <<= m_seqTrustedAuthors[ i ][0];
687 lPropertyValues[ 1 ].Name = aPrefix + PROPERTYNAME_TRUSTEDAUTHOR_SERIALNUMBER;
688 lPropertyValues[ 1 ].Value <<= m_seqTrustedAuthors[ i ][1];
689 lPropertyValues[ 2 ].Name = aPrefix + PROPERTYNAME_TRUSTEDAUTHOR_RAWDATA;
690 lPropertyValues[ 2 ].Value <<= m_seqTrustedAuthors[ i ][2];
692 SetSetProperties( PROPERTYNAME_MACRO_TRUSTEDAUTHORS, lPropertyValues );
695 bDone = false; // because we save in loop above!
697 else
698 bDone = false;
701 break;
703 case PROPERTYHANDLE_MACRO_DISABLE:
705 bDone = !m_bRODisableMacros;
706 if( bDone )
707 lValues[ nRealCount ] <<= m_bDisableMacros;
709 break;
711 // xmlsec05 deprecated
712 case PROPERTYHANDLE_STAROFFICEBASIC:
714 bDone = !m_bROBasicMode;
715 if( bDone )
716 lValues[ nRealCount ] <<= static_cast<sal_Int32>(m_eBasicMode);
718 break;
719 case PROPERTYHANDLE_EXECUTEPLUGINS:
721 bDone = !m_bROExecutePlugins;
722 if( bDone )
723 lValues[ nRealCount ] <<= m_bExecutePlugins;
725 break;
726 case PROPERTYHANDLE_WARNINGENABLED:
728 bDone = !m_bROWarning;
729 if( bDone )
730 lValues[ nRealCount ] <<= m_bWarning;
732 break;
733 case PROPERTYHANDLE_CONFIRMATIONENABLED:
735 bDone = !m_bROConfirmation;
736 if( bDone )
737 lValues[ nRealCount ] <<= m_bConfirmation;
739 break;
740 // xmlsec05 deprecated
742 default:
743 bDone = false;
746 if( bDone )
748 lNames[ nRealCount ] = lOrgNames[ nProperty ];
749 ++nRealCount;
752 // Set properties in configuration.
753 lNames.realloc(nRealCount);
754 lValues.realloc(nRealCount);
755 PutProperties( lNames, lValues );
758 bool SvtSecurityOptions_Impl::IsReadOnly( SvtSecurityOptions::EOption eOption ) const
760 bool bReadonly;
761 switch(eOption)
763 case SvtSecurityOptions::EOption::SecureUrls :
764 bReadonly = m_bROSecureURLs;
765 break;
766 case SvtSecurityOptions::EOption::DocWarnSaveOrSend:
767 bReadonly = m_bROSaveOrSend;
768 break;
769 case SvtSecurityOptions::EOption::DocWarnSigning:
770 bReadonly = m_bROSigning;
771 break;
772 case SvtSecurityOptions::EOption::DocWarnPrint:
773 bReadonly = m_bROPrint;
774 break;
775 case SvtSecurityOptions::EOption::DocWarnCreatePdf:
776 bReadonly = m_bROCreatePDF;
777 break;
778 case SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo:
779 bReadonly = m_bRORemoveInfo;
780 break;
781 case SvtSecurityOptions::EOption::DocWarnRecommendPassword:
782 bReadonly = m_bRORecommendPwd;
783 break;
784 case SvtSecurityOptions::EOption::MacroSecLevel:
785 bReadonly = m_bROSecLevel;
786 break;
787 case SvtSecurityOptions::EOption::MacroTrustedAuthors:
788 bReadonly = m_bROTrustedAuthors;
789 break;
790 case SvtSecurityOptions::EOption::CtrlClickHyperlink:
791 bReadonly = m_bROCtrlClickHyperlink;
792 break;
793 case SvtSecurityOptions::EOption::BlockUntrustedRefererLinks:
794 bReadonly = m_bROBlockUntrustedRefererLinks;
795 break;
797 // xmlsec05 deprecated
798 case SvtSecurityOptions::EOption::BasicMode:
799 bReadonly = m_bROBasicMode;
800 break;
801 case SvtSecurityOptions::EOption::ExecutePlugins:
802 bReadonly = m_bROExecutePlugins;
803 break;
804 case SvtSecurityOptions::EOption::Warning:
805 bReadonly = m_bROWarning;
806 break;
807 case SvtSecurityOptions::EOption::Confirmation:
808 bReadonly = m_bROConfirmation;
809 break;
810 // xmlsec05 deprecated
812 default:
813 bReadonly = true;
816 return bReadonly;
820 void SvtSecurityOptions_Impl::SetSecureURLs( const Sequence< OUString >& seqURLList )
822 DBG_ASSERT(!m_bROSecureURLs, "SvtSecurityOptions_Impl::SetSecureURLs()\nYou tried to write on a readonly value!\n");
823 if (!m_bROSecureURLs && m_seqSecureURLs!=seqURLList)
825 m_seqSecureURLs = seqURLList;
826 SetModified();
830 inline sal_Int32 SvtSecurityOptions_Impl::GetMacroSecurityLevel() const
832 return m_nSecLevel;
835 inline bool SvtSecurityOptions_Impl::IsMacroDisabled() const
837 return m_bDisableMacros;
840 void SvtSecurityOptions_Impl::SetMacroSecurityLevel( sal_Int32 _nLevel )
842 if( !m_bROSecLevel )
844 if( _nLevel > 3 || _nLevel < 0 )
845 _nLevel = 3;
847 if( m_nSecLevel != _nLevel )
849 m_nSecLevel = _nLevel;
850 SetModified();
856 void SvtSecurityOptions_Impl::SetTrustedAuthors( const Sequence< SvtSecurityOptions::Certificate >& rAuthors )
858 DBG_ASSERT(!m_bROTrustedAuthors, "SvtSecurityOptions_Impl::SetTrustedAuthors()\nYou tried to write on a readonly value!\n");
859 if( !m_bROTrustedAuthors && rAuthors != m_seqTrustedAuthors )
861 m_seqTrustedAuthors = rAuthors;
862 SetModified();
866 bool SvtSecurityOptions_Impl::IsOptionSet( SvtSecurityOptions::EOption eOption ) const
868 bool* pValue;
869 bool* pRO;
870 bool bRet = false;
872 if( const_cast< SvtSecurityOptions_Impl* >( this )->GetOption( eOption, pValue, pRO ) )
873 bRet = *pValue;
875 return bRet;
878 void SvtSecurityOptions_Impl::SetOption( SvtSecurityOptions::EOption eOption, bool bValue )
880 bool* pValue;
881 bool* pRO;
883 if( GetOption( eOption, pValue, pRO ) && !*pRO && *pValue != bValue)
885 *pValue = bValue;
886 SetModified();
890 bool SvtSecurityOptions_Impl::IsOptionEnabled( SvtSecurityOptions::EOption eOption ) const
892 bool* pValue;
893 bool* pRO;
894 bool bRet = false;
896 if( const_cast< SvtSecurityOptions_Impl* >( this )->GetOption( eOption, pValue, pRO ) )
897 bRet = !*pRO;
899 return bRet;
902 Sequence< OUString > SvtSecurityOptions_Impl::GetPropertyNames()
904 return Sequence< OUString >
906 PROPERTYNAME_SECUREURL,
907 PROPERTYNAME_STAROFFICEBASIC,
908 PROPERTYNAME_EXECUTEPLUGINS,
909 PROPERTYNAME_WARNINGENABLED,
910 PROPERTYNAME_CONFIRMATIONENABLED,
911 PROPERTYNAME_DOCWARN_SAVEORSEND,
912 PROPERTYNAME_DOCWARN_SIGNING,
913 PROPERTYNAME_DOCWARN_PRINT,
914 PROPERTYNAME_DOCWARN_CREATEPDF,
915 PROPERTYNAME_DOCWARN_REMOVEPERSONALINFO,
916 PROPERTYNAME_DOCWARN_RECOMMENDPASSWORD,
917 PROPERTYNAME_CTRLCLICK_HYPERLINK,
918 PROPERTYNAME_BLOCKUNTRUSTEDREFERERLINKS,
919 PROPERTYNAME_MACRO_SECLEVEL,
920 PROPERTYNAME_MACRO_TRUSTEDAUTHORS,
921 PROPERTYNAME_MACRO_DISABLE
925 namespace {
927 std::weak_ptr<SvtSecurityOptions_Impl> g_pSecurityOptions;
931 SvtSecurityOptions::SvtSecurityOptions()
933 // Global access, must be guarded (multithreading!).
934 MutexGuard aGuard( GetInitMutex() );
936 m_pImpl = g_pSecurityOptions.lock();
937 if( !m_pImpl )
939 m_pImpl = std::make_shared<SvtSecurityOptions_Impl>();
940 g_pSecurityOptions = m_pImpl;
942 ItemHolder1::holdConfigItem(EItem::SecurityOptions);
946 SvtSecurityOptions::~SvtSecurityOptions()
948 // Global access, must be guarded (multithreading!)
949 MutexGuard aGuard( GetInitMutex() );
951 m_pImpl.reset();
954 bool SvtSecurityOptions::IsReadOnly( EOption eOption ) const
956 MutexGuard aGuard( GetInitMutex() );
957 return m_pImpl->IsReadOnly(eOption);
960 Sequence< OUString > SvtSecurityOptions::GetSecureURLs() const
962 MutexGuard aGuard( GetInitMutex() );
963 return m_pImpl->GetSecureURLs();
966 void SvtSecurityOptions::SetSecureURLs( const Sequence< OUString >& seqURLList )
968 MutexGuard aGuard( GetInitMutex() );
969 m_pImpl->SetSecureURLs( seqURLList );
972 bool SvtSecurityOptions::isSecureMacroUri(
973 OUString const & uri, OUString const & referer) const
975 switch (INetURLObject(uri).GetProtocol()) {
976 case INetProtocol::Macro:
977 if (uri.startsWithIgnoreAsciiCase("macro:///")) {
978 // Denotes an App-BASIC macro (see SfxMacroLoader::loadMacro), which
979 // is considered safe:
980 return true;
982 [[fallthrough]];
983 case INetProtocol::Slot:
984 return referer.equalsIgnoreAsciiCase("private:user")
985 || isTrustedLocationUri(referer);
986 default:
987 return true;
991 bool SvtSecurityOptions::isUntrustedReferer(OUString const & referer) const {
992 MutexGuard g(GetInitMutex());
993 return m_pImpl->IsOptionSet(EOption::BlockUntrustedRefererLinks)
994 && !(referer.isEmpty() || referer.startsWithIgnoreAsciiCase("private:")
995 || isTrustedLocationUri(referer));
998 bool SvtSecurityOptions::isTrustedLocationUri(OUString const & uri) const {
999 MutexGuard g(GetInitMutex());
1000 for (const auto & url : std::as_const(m_pImpl->m_seqSecureURLs))
1002 if (UCBContentHelper::IsSubPath(url, uri))
1004 return true;
1007 return false;
1010 bool SvtSecurityOptions::isTrustedLocationUriForUpdatingLinks(
1011 OUString const & uri) const
1013 return GetMacroSecurityLevel() == 0 || uri.isEmpty()
1014 || uri.startsWithIgnoreAsciiCase("private:")
1015 || isTrustedLocationUri(uri);
1018 sal_Int32 SvtSecurityOptions::GetMacroSecurityLevel() const
1020 MutexGuard aGuard( GetInitMutex() );
1021 return m_pImpl->GetMacroSecurityLevel();
1024 void SvtSecurityOptions::SetMacroSecurityLevel( sal_Int32 _nLevel )
1026 MutexGuard aGuard( GetInitMutex() );
1027 m_pImpl->SetMacroSecurityLevel( _nLevel );
1030 bool SvtSecurityOptions::IsMacroDisabled() const
1032 MutexGuard aGuard( GetInitMutex() );
1033 return m_pImpl->IsMacroDisabled();
1036 Sequence< SvtSecurityOptions::Certificate > SvtSecurityOptions::GetTrustedAuthors() const
1038 MutexGuard aGuard( GetInitMutex() );
1039 return m_pImpl->GetTrustedAuthors();
1042 void SvtSecurityOptions::SetTrustedAuthors( const Sequence< Certificate >& rAuthors )
1044 MutexGuard aGuard( GetInitMutex() );
1045 m_pImpl->SetTrustedAuthors( rAuthors );
1048 bool SvtSecurityOptions::IsOptionSet( EOption eOption ) const
1050 MutexGuard aGuard( GetInitMutex() );
1051 return m_pImpl->IsOptionSet( eOption );
1054 void SvtSecurityOptions::SetOption( EOption eOption, bool bValue )
1056 MutexGuard aGuard( GetInitMutex() );
1057 m_pImpl->SetOption( eOption, bValue );
1060 bool SvtSecurityOptions::IsOptionEnabled( EOption eOption ) const
1062 MutexGuard aGuard( GetInitMutex() );
1063 return m_pImpl->IsOptionEnabled( eOption );
1066 namespace
1068 class theSecurityOptionsMutex : public rtl::Static<osl::Mutex, theSecurityOptionsMutex>{};
1071 Mutex& SvtSecurityOptions::GetInitMutex()
1073 return theSecurityOptionsMutex::get();
1076 void SvtSecurityOptions_Impl::SetBasicMode( EBasicSecurityMode eMode )
1078 DBG_ASSERT(!m_bROBasicMode, "SvtSecurityOptions_Impl::SetBasicMode()\nYou tried to write on a readonly value!\n");
1079 if (!m_bROBasicMode && m_eBasicMode!=eMode)
1081 m_eBasicMode = eMode;
1082 SetModified();
1087 void SvtSecurityOptions_Impl::SetExecutePlugins( bool bSet )
1089 DBG_ASSERT(!m_bROExecutePlugins, "SvtSecurityOptions_Impl::SetExecutePlugins()\nYou tried to write on a readonly value!\n");
1090 if (!m_bROExecutePlugins && m_bExecutePlugins!=bSet)
1092 m_bExecutePlugins = bSet;
1093 SetModified();
1098 void SvtSecurityOptions_Impl::SetWarningEnabled( bool bSet )
1100 DBG_ASSERT(!m_bROWarning, "SvtSecurityOptions_Impl::SetWarningEnabled()\nYou tried to write on a readonly value!\n");
1101 if (!m_bROWarning && m_bWarning!=bSet)
1103 m_bWarning = bSet;
1104 SetModified();
1109 void SvtSecurityOptions_Impl::SetConfirmationEnabled( bool bSet )
1111 DBG_ASSERT(!m_bROConfirmation, "SvtSecurityOptions_Impl::SetConfirmationEnabled()\nYou tried to write on a readonly value!\n");
1112 if (!m_bROConfirmation && m_bConfirmation!=bSet)
1114 m_bConfirmation = bSet;
1115 SetModified();
1119 bool SvtSecurityOptions::IsExecutePlugins() const
1121 MutexGuard aGuard( GetInitMutex() );
1122 return m_pImpl->IsExecutePlugins();
1125 void SvtSecurityOptions::SetExecutePlugins( bool bSet )
1127 MutexGuard aGuard( GetInitMutex() );
1128 m_pImpl->SetExecutePlugins( bSet );
1131 bool SvtSecurityOptions::IsWarningEnabled() const
1133 MutexGuard aGuard( GetInitMutex() );
1134 return m_pImpl->IsWarningEnabled();
1137 void SvtSecurityOptions::SetWarningEnabled( bool bSet )
1139 MutexGuard aGuard( GetInitMutex() );
1140 m_pImpl->SetWarningEnabled( bSet );
1143 bool SvtSecurityOptions::IsConfirmationEnabled() const
1145 MutexGuard aGuard( GetInitMutex() );
1146 return m_pImpl->IsConfirmationEnabled();
1149 void SvtSecurityOptions::SetConfirmationEnabled( bool bSet )
1151 MutexGuard aGuard( GetInitMutex() );
1152 m_pImpl->SetConfirmationEnabled( bSet );
1155 void SvtSecurityOptions::SetBasicMode( EBasicSecurityMode eMode )
1157 MutexGuard aGuard( GetInitMutex() );
1158 m_pImpl->SetBasicMode( eMode );
1161 EBasicSecurityMode SvtSecurityOptions::GetBasicMode() const
1163 MutexGuard aGuard( GetInitMutex() );
1164 return m_pImpl->GetBasicMode();
1167 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */