search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
nss: upgrade to release 3.73
[LibreOffice.git] / xmlsecurity / source / dialogs / macrosecurity.cxx
blob540a62eda8132d6105ae8f6a8d7a8b07de77be69
1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /*
3 * This file is part of the LibreOffice project.
4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 *
9 * This file incorporates work covered by the following license notice:
10 *
11 * Licensed to the Apache Software Foundation (ASF) under one or more
12 * contributor license agreements. See the NOTICE file distributed
13 * with this work for additional information regarding copyright
14 * ownership. The ASF licenses this file to you under the Apache
15 * License, Version 2.0 (the "License"); you may not use this file
16 * except in compliance with the License. You may obtain a copy of
17 * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 */
19
20
21 #include <macrosecurity.hxx>
22 #include <certificateviewer.hxx>
23 #include <biginteger.hxx>
24 #include <resourcemanager.hxx>
25 #include <strings.hrc>
26
27 #include <osl/file.hxx>
28 #include <sal/log.hxx>
29
30 #include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp>
31 #include <comphelper/sequence.hxx>
32 #include <comphelper/processfactory.hxx>
33 #include <comphelper/xmlsechelper.hxx>
34 #include <com/sun/star/uno/Exception.hpp>
35 #include <com/sun/star/ui/dialogs/FolderPicker.hpp>
36 #include <com/sun/star/ui/dialogs/ExecutableDialogResults.hpp>
37 #include <tools/diagnose_ex.h>
38 #include <tools/urlobj.hxx>
39 #include <unotools/datetime.hxx>
40
41 #include <vcl/svapp.hxx>
42
43 using namespace comphelper;
44 using namespace ::com::sun::star;
45
46
47 IMPL_LINK_NOARG(MacroSecurity, OkBtnHdl, weld::Button&, void)
48 {
49 m_xLevelTP->ClosePage();
50 m_xTrustSrcTP->ClosePage();
51 m_xDialog->response(RET_OK);
52 }
53
54 MacroSecurity::MacroSecurity(weld::Window* pParent,
55 const css::uno::Reference<css::xml::crypto::XSecurityEnvironment>& rxSecurityEnvironment)
56 : GenericDialogController(pParent, "xmlsec/ui/macrosecuritydialog.ui", "MacroSecurityDialog")
57 , m_xSecurityEnvironment(rxSecurityEnvironment)
58 , m_xTabCtrl(m_xBuilder->weld_notebook("tabcontrol"))
59 , m_xOkBtn(m_xBuilder->weld_button("ok"))
60 , m_xResetBtn(m_xBuilder->weld_button("reset"))
61 {
62 m_xTabCtrl->connect_enter_page(LINK(this, MacroSecurity, ActivatePageHdl));
63
64 m_xLevelTP.reset(new MacroSecurityLevelTP(m_xTabCtrl->get_page("SecurityLevelPage"), this));
65 m_xTrustSrcTP.reset(new MacroSecurityTrustedSourcesTP(m_xTabCtrl->get_page("SecurityTrustPage"), this));
66
67 m_xTabCtrl->set_current_page("SecurityLevelPage");
68 m_xOkBtn->connect_clicked(LINK(this, MacroSecurity, OkBtnHdl));
69 }
70
71 IMPL_LINK(MacroSecurity, ActivatePageHdl, const OString&, rPage, void)
72 {
73 if (rPage == "SecurityLevelPage")
74 m_xLevelTP->ActivatePage();
75 else if (rPage == "SecurityTrustPage")
76 m_xTrustSrcTP->ActivatePage();
77 }
78
79 MacroSecurityTP::MacroSecurityTP(weld::Container* pParent, const OUString& rUIXMLDescription,
80 const OString& rID, MacroSecurity* pDlg)
81 : m_xBuilder(Application::CreateBuilder(pParent, rUIXMLDescription))
82 , m_xContainer(m_xBuilder->weld_container(rID))
83 , m_pDlg(pDlg)
84 {
85 }
86
87 void MacroSecurityTP::ActivatePage()
88 {
89 }
90
91 MacroSecurityTP::~MacroSecurityTP()
92 {
93 }
94
95 MacroSecurityLevelTP::MacroSecurityLevelTP(weld::Container* pParent, MacroSecurity* pDlg)
96 : MacroSecurityTP(pParent, "xmlsec/ui/securitylevelpage.ui", "SecurityLevelPage", pDlg)
97 , m_xVeryHighRB(m_xBuilder->weld_radio_button("vhigh"))
98 , m_xHighRB(m_xBuilder->weld_radio_button("high"))
99 , m_xMediumRB(m_xBuilder->weld_radio_button("med"))
100 , m_xLowRB(m_xBuilder->weld_radio_button("low"))
101 , m_xVHighImg(m_xBuilder->weld_widget("vhighimg"))
102 , m_xHighImg(m_xBuilder->weld_widget("highimg"))
103 , m_xMedImg(m_xBuilder->weld_widget("medimg"))
104 , m_xLowImg(m_xBuilder->weld_widget("lowimg"))
105 {
106 m_xLowRB->connect_toggled( LINK( this, MacroSecurityLevelTP, RadioButtonHdl ) );
107 m_xMediumRB->connect_toggled( LINK( this, MacroSecurityLevelTP, RadioButtonHdl ) );
108 m_xHighRB->connect_toggled( LINK( this, MacroSecurityLevelTP, RadioButtonHdl ) );
109 m_xVeryHighRB->connect_toggled( LINK( this, MacroSecurityLevelTP, RadioButtonHdl ) );
110
111 int nPrefWidth(std::max({m_xVeryHighRB->get_preferred_size().Width(),
112 m_xHighRB->get_preferred_size().Width(),
113 m_xMediumRB->get_preferred_size().Width(),
114 m_xLowRB->get_preferred_size().Width()}));
115 int nMaxWidth = m_xLowRB->get_approximate_digit_width() * 60;
116 if (nPrefWidth > nMaxWidth)
117 {
118 m_xLowRB->set_label_line_wrap(true);
119 m_xLowRB->set_size_request(nMaxWidth, -1);
120 m_xMediumRB->set_label_line_wrap(true);
121 m_xMediumRB->set_size_request(nMaxWidth, -1);
122 m_xHighRB->set_label_line_wrap(true);
123 m_xHighRB->set_size_request(nMaxWidth, -1);
124 m_xVeryHighRB->set_label_line_wrap(true);
125 m_xVeryHighRB->set_size_request(nMaxWidth, -1);
126 }
127
128 mnCurLevel = static_cast<sal_uInt16>(m_pDlg->m_aSecOptions.GetMacroSecurityLevel());
129 bool bReadonly = m_pDlg->m_aSecOptions.IsReadOnly( SvtSecurityOptions::EOption::MacroSecLevel );
130
131 weld::RadioButton* pCheck = nullptr;
132 weld::Widget* pImage = nullptr;
133 switch (mnCurLevel)
134 {
135 case 3:
136 pCheck = m_xVeryHighRB.get();
137 pImage = m_xVHighImg.get();
138 break;
139 case 2:
140 pCheck = m_xHighRB.get();
141 pImage = m_xHighImg.get();
142 break;
143 case 1:
144 pCheck = m_xMediumRB.get();
145 pImage = m_xMedImg.get();
146 break;
147 case 0:
148 pCheck = m_xLowRB.get();
149 pImage = m_xLowImg.get();
150 break;
151 }
152 if (pCheck)
153 pCheck->set_active(true);
154 else
155 {
156 OSL_FAIL("illegal macro security level");
157 }
158 if (bReadonly && pImage)
159 {
160 pImage->show();
161 m_xVeryHighRB->set_sensitive(false);
162 m_xHighRB->set_sensitive(false);
163 m_xMediumRB->set_sensitive(false);
164 m_xLowRB->set_sensitive(false);
165 }
166 }
167
168 IMPL_LINK_NOARG(MacroSecurityLevelTP, RadioButtonHdl, weld::ToggleButton&, void)
169 {
170 sal_uInt16 nNewLevel = 0;
171 if( m_xVeryHighRB->get_active() )
172 nNewLevel = 3;
173 else if( m_xHighRB->get_active() )
174 nNewLevel = 2;
175 else if( m_xMediumRB->get_active() )
176 nNewLevel = 1;
177
178 if ( nNewLevel != mnCurLevel )
179 {
180 mnCurLevel = nNewLevel;
181 m_pDlg->EnableReset();
182 }
183 }
184
185 void MacroSecurityLevelTP::ClosePage()
186 {
187 m_pDlg->m_aSecOptions.SetMacroSecurityLevel( mnCurLevel );
188 }
189
190 void MacroSecurityTrustedSourcesTP::ImplCheckButtons()
191 {
192 bool bCertSelected = m_xTrustCertLB->get_selected_index() != -1;
193 m_xViewCertPB->set_sensitive( bCertSelected );
194 m_xRemoveCertPB->set_sensitive( bCertSelected && !mbAuthorsReadonly);
195
196 bool bLocationSelected = m_xTrustFileLocLB->get_selected_index() != -1;
197 m_xRemoveLocPB->set_sensitive( bLocationSelected && !mbURLsReadonly);
198 }
199
200 void MacroSecurityTrustedSourcesTP::ShowBrokenCertificateError(std::u16string_view rData)
201 {
202 OUString aMsg = XsResId(STR_BROKEN_MACRO_CERTIFICATE_DATA);
203 aMsg = aMsg.replaceFirst("%{data}", rData);
204 std::unique_ptr<weld::MessageDialog> xErrorBox(Application::CreateMessageDialog(m_pDlg->getDialog(),
205 VclMessageType::Error, VclButtonsType::Ok, aMsg));
206 xErrorBox->run();
207 }
208
209 IMPL_LINK_NOARG(MacroSecurityTrustedSourcesTP, ViewCertPBHdl, weld::Button&, void)
210 {
211 int nEntry = m_xTrustCertLB->get_selected_index();
212 if (nEntry == -1)
213 return;
214
215 const sal_uInt16 nSelected = m_xTrustCertLB->get_id(nEntry).toUInt32();
216 uno::Reference< css::security::XCertificate > xCert;
217 try
218 {
219 xCert = m_pDlg->m_xSecurityEnvironment->getCertificate(m_aTrustedAuthors[nSelected][0],
220 xmlsecurity::numericStringToBigInteger(m_aTrustedAuthors[nSelected][1]));
221 }
222 catch (...)
223 {
224 TOOLS_WARN_EXCEPTION("xmlsecurity.dialogs", "matching certificate not found for: " << m_aTrustedAuthors[nSelected][0]);
225 }
226
227 if (!xCert.is())
228 {
229 try
230 {
231 xCert = m_pDlg->m_xSecurityEnvironment->createCertificateFromAscii(m_aTrustedAuthors[nSelected][2]);
232 }
233 catch (...)
234 {
235 TOOLS_WARN_EXCEPTION("xmlsecurity.dialogs", "certificate data couldn't be parsed: " << m_aTrustedAuthors[nSelected][2]);
236 }
237 }
238
239 if ( xCert.is() )
240 {
241 CertificateViewer aViewer(m_pDlg->getDialog(), m_pDlg->m_xSecurityEnvironment, xCert, false, nullptr);
242 aViewer.run();
243 }
244 else
245 // should never happen, as we parsed the certificate data when we added it!
246 ShowBrokenCertificateError(m_aTrustedAuthors[nSelected][2]);
247 }
248
249 IMPL_LINK_NOARG(MacroSecurityTrustedSourcesTP, RemoveCertPBHdl, weld::Button&, void)
250 {
251 int nEntry = m_xTrustCertLB->get_selected_index();
252 if (nEntry != -1)
253 {
254 sal_uInt16 nAuthor = m_xTrustCertLB->get_id(nEntry).toUInt32();
255 ::comphelper::removeElementAt( m_aTrustedAuthors, nAuthor );
256
257 FillCertLB();
258 ImplCheckButtons();
259 }
260 }
261
262 IMPL_LINK_NOARG(MacroSecurityTrustedSourcesTP, AddLocPBHdl, weld::Button&, void)
263 {
264 try
265 {
266 uno::Reference < uno::XComponentContext > xContext( ::comphelper::getProcessComponentContext() );
267 uno::Reference < ui::dialogs::XFolderPicker2 > xFolderPicker = ui::dialogs::FolderPicker::create(xContext);
268
269 short nRet = xFolderPicker->execute();
270
271 if( ui::dialogs::ExecutableDialogResults::OK != nRet )
272 return;
273
274 OUString aPathStr = xFolderPicker->getDirectory();
275 INetURLObject aNewObj( aPathStr );
276 aNewObj.removeFinalSlash();
277
278 // then the new path also a URL else system path
279 OUString aSystemFileURL = ( aNewObj.GetProtocol() != INetProtocol::NotValid ) ?
280 aPathStr : aNewObj.getFSysPath( FSysStyle::Detect );
281
282 OUString aNewPathStr(aSystemFileURL);
283
284 if ( osl::FileBase::getSystemPathFromFileURL( aSystemFileURL, aSystemFileURL ) == osl::FileBase::E_None )
285 aNewPathStr = aSystemFileURL;
286
287 if (m_xTrustFileLocLB->find_text(aNewPathStr) == -1)
288 m_xTrustFileLocLB->append_text(aNewPathStr);
289
290 ImplCheckButtons();
291 }
292 catch( uno::Exception& )
293 {
294 TOOLS_WARN_EXCEPTION( "xmlsecurity.dialogs", "MacroSecurityTrustedSourcesTP::AddLocPBHdl(): exception from folder picker" );
295 }
296 }
297
298 IMPL_LINK_NOARG(MacroSecurityTrustedSourcesTP, RemoveLocPBHdl, weld::Button&, void)
299 {
300 sal_Int32 nSel = m_xTrustFileLocLB->get_selected_index();
301 if (nSel == -1)
302 return;
303
304 m_xTrustFileLocLB->remove(nSel);
305 // Trusted Path could not be removed (#i33584#)
306 // after remove an entry, select another one if exists
307 int nNewCount = m_xTrustFileLocLB->n_children();
308 if (nNewCount > 0)
309 {
310 if (nSel >= nNewCount)
311 nSel = nNewCount - 1;
312 m_xTrustFileLocLB->select(nSel);
313 }
314 ImplCheckButtons();
315 }
316
317 IMPL_LINK_NOARG(MacroSecurityTrustedSourcesTP, TrustCertLBSelectHdl, weld::TreeView&, void)
318 {
319 ImplCheckButtons();
320 }
321
322 IMPL_LINK_NOARG(MacroSecurityTrustedSourcesTP, TrustFileLocLBSelectHdl, weld::TreeView&, void)
323 {
324 ImplCheckButtons();
325 }
326
327 void MacroSecurityTrustedSourcesTP::FillCertLB(const bool bShowWarnings)
328 {
329 m_xTrustCertLB->clear();
330
331 sal_uInt32 nEntries = m_aTrustedAuthors.getLength();
332
333 if ( !(nEntries && m_pDlg->m_xSecurityEnvironment.is()) )
334 return;
335
336 for( sal_uInt32 nEntry = 0 ; nEntry < nEntries ; ++nEntry )
337 {
338 css::uno::Sequence< OUString >& rEntry = m_aTrustedAuthors[ nEntry ];
339
340 try
341 {
342 // create from RawData
343 uno::Reference< css::security::XCertificate > xCert = m_pDlg->m_xSecurityEnvironment->createCertificateFromAscii(rEntry[2]);
344 m_xTrustCertLB->append(OUString::number(nEntry), xmlsec::GetContentPart(xCert->getSubjectName(), xCert->getCertificateKind()));
345 m_xTrustCertLB->set_text(nEntry, xmlsec::GetContentPart(xCert->getIssuerName(), xCert->getCertificateKind()), 1);
346 m_xTrustCertLB->set_text(nEntry, utl::GetDateTimeString(xCert->getNotValidAfter()), 2);
347 }
348 catch (...)
349 {
350 if (bShowWarnings)
351 {
352 TOOLS_WARN_EXCEPTION("xmlsecurity.dialogs", "certificate data couldn't be parsed: " << rEntry[2]);
353 OUString sData = rEntry[2];
354 css::uno::Any tools_warn_exception(DbgGetCaughtException());
355 OUString sException = OStringToOUString(exceptionToString(tools_warn_exception), RTL_TEXTENCODING_UTF8);
356 if (!sException.isEmpty())
357 sData += " / " + sException;
358 ShowBrokenCertificateError(sData);
359 }
360 }
361 }
362 }
363
364 MacroSecurityTrustedSourcesTP::MacroSecurityTrustedSourcesTP(weld::Container* pParent, MacroSecurity* pDlg)
365 : MacroSecurityTP(pParent, "xmlsec/ui/securitytrustpage.ui", "SecurityTrustPage", pDlg)
366 , m_xTrustCertROFI(m_xBuilder->weld_image("lockcertimg"))
367 , m_xTrustCertLB(m_xBuilder->weld_tree_view("certificates"))
368 , m_xViewCertPB(m_xBuilder->weld_button("viewcert"))
369 , m_xRemoveCertPB(m_xBuilder->weld_button("removecert"))
370 , m_xTrustFileROFI(m_xBuilder->weld_image("lockfileimg"))
371 , m_xTrustFileLocLB(m_xBuilder->weld_tree_view("locations"))
372 , m_xAddLocPB(m_xBuilder->weld_button("addfile"))
373 , m_xRemoveLocPB(m_xBuilder->weld_button("removefile"))
374 {
375 auto nColWidth = m_xTrustCertLB->get_approximate_digit_width() * 12;
376 std::vector<int> aWidths;
377 aWidths.push_back(nColWidth * 2);
378 aWidths.push_back(nColWidth * 2);
379 m_xTrustCertLB->set_column_fixed_widths(aWidths);
380 m_xTrustCertLB->set_size_request(nColWidth * 5.5, m_xTrustCertLB->get_height_rows(5));
381
382 m_xTrustCertLB->connect_changed( LINK( this, MacroSecurityTrustedSourcesTP, TrustCertLBSelectHdl ) );
383 m_xViewCertPB->connect_clicked( LINK( this, MacroSecurityTrustedSourcesTP, ViewCertPBHdl ) );
384 m_xViewCertPB->set_sensitive(false);
385 m_xRemoveCertPB->connect_clicked( LINK( this, MacroSecurityTrustedSourcesTP, RemoveCertPBHdl ) );
386 m_xRemoveCertPB->set_sensitive(false);
387
388 m_xTrustFileLocLB->connect_changed( LINK( this, MacroSecurityTrustedSourcesTP, TrustFileLocLBSelectHdl ) );
389 m_xTrustFileLocLB->set_size_request(nColWidth * 5, m_xTrustFileLocLB->get_height_rows(5));
390 m_xAddLocPB->connect_clicked( LINK( this, MacroSecurityTrustedSourcesTP, AddLocPBHdl ) );
391 m_xRemoveLocPB->connect_clicked( LINK( this, MacroSecurityTrustedSourcesTP, RemoveLocPBHdl ) );
392 m_xRemoveLocPB->set_sensitive(false);
393
394 m_aTrustedAuthors = m_pDlg->m_aSecOptions.GetTrustedAuthors();
395 mbAuthorsReadonly = m_pDlg->m_aSecOptions.IsReadOnly( SvtSecurityOptions::EOption::MacroTrustedAuthors );
396 m_xTrustCertROFI->set_visible(mbAuthorsReadonly);
397
398 FillCertLB(true);
399
400 const css::uno::Sequence< OUString > aSecureURLs = m_pDlg->m_aSecOptions.GetSecureURLs();
401 mbURLsReadonly = m_pDlg->m_aSecOptions.IsReadOnly( SvtSecurityOptions::EOption::SecureUrls );
402 m_xTrustFileROFI->set_visible(mbURLsReadonly);
403 m_xAddLocPB->set_sensitive(!mbURLsReadonly);
404
405 for (const auto& rSecureURL : aSecureURLs)
406 {
407 OUString aSystemFileURL( rSecureURL );
408 osl::FileBase::getSystemPathFromFileURL( aSystemFileURL, aSystemFileURL );
409 m_xTrustFileLocLB->append_text(aSystemFileURL);
410 }
411 }
412
413 void MacroSecurityTrustedSourcesTP::ActivatePage()
414 {
415 m_pDlg->EnableReset( false );
416 FillCertLB();
417 }
418
419 void MacroSecurityTrustedSourcesTP::ClosePage()
420 {
421 sal_Int32 nEntryCnt = m_xTrustFileLocLB->n_children();
422 if( nEntryCnt )
423 {
424 css::uno::Sequence< OUString > aSecureURLs( nEntryCnt );
425 for (sal_Int32 i = 0; i < nEntryCnt; ++i)
426 {
427 OUString aURL(m_xTrustFileLocLB->get_text(i));
428 osl::FileBase::getFileURLFromSystemPath( aURL, aURL );
429 aSecureURLs[ i ] = aURL;
430 }
431
432 m_pDlg->m_aSecOptions.SetSecureURLs( aSecureURLs );
433 }
434 // Trusted Path could not be removed (#i33584#)
435 // don't forget to remove the old saved SecureURLs
436 else
437 m_pDlg->m_aSecOptions.SetSecureURLs( css::uno::Sequence< OUString >() );
438
439 m_pDlg->m_aSecOptions.SetTrustedAuthors( m_aTrustedAuthors );
440 }
441
442 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
FREE OFFICE SUITE