Git-Mirrors/keepassxc
1
0
Fork 0
mirror of https://github.com/keepassxreboot/keepassxc.git synced 2025-03-13 01:26:37 -04:00
Code Issues Packages Projects Releases Wiki Activity
keepassxc/src/fdosecrets/widgets/AccessControlDialog.cpp

311 lines
10 KiB
C++
Raw Normal View History

FdoSecrets: Major Refactor and Code Consolidation (#5747) * Fixes #3837 * Change objects to use DBusMgr rather than separate adaptors - Update all DBus invokable methods to new parameter order - Change all usage of DBusReturn to simpler DBusResult - Use DBusMgr to handle path and service registration - Remove adaptor/* - Set path in DBusObject - Unregister service when service is destroyed - Restore handling of invalid QVariant in prompt complete signal - Clean up meta type registration - Move dbus related file together - Convert to QSharedPointer as much as possible - Fix mapping of the Delete method - Handle dbus property get all * Add per-client states - Move cipher negotiation to DBusClient - Show list of clients instead of sessions in the settings page - Add settings for confirmation of accessing items - Fix infinite recursion when client disconnected - Use optional explicit DBusClient parameter instead. This makes accessing the client info in an async context explicit, and thus prevent accidental assertions in prompts. * Improve User Interface - Add per-item access confirmation (if enabled) - Remove the "disable for site" button for the access control dialog - Improve the text on the settings page to be more consistent - Fix disconnect buttons in settings page not working - Make the unlock prompt method nonblocking * Fix and cleanup unit tests - Use QTRY_COMPARE when checking signal spies, as dbus signals are threaded - Fixes in meta type registration and type conversion - Remove QStringLiteral in COMPARE macros, making diff output readable - Add testing for remembering auth decision
2021-02-05 15:07:59 -05:00
/*
* Copyright (C) 2013 Francois Ferrand
* Copyright (C) 2017 KeePassXC Team <team@keepassxc.org>
* Copyright (C) 2020 Aetf <aetf@unlimitedcodeworks.xyz>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "AccessControlDialog.h"
#include "ui_AccessControlDialog.h"
FdoSecrets: Improve client executable path handling (#6915) * Fixes #6459 Improves the overall handling of FdoSecrets showing client executable paths to the user. It does the following: * Check executable file existence as described in [RFC] fdosecrets: add optional confirmation to secret access (#4733) * Show application PID and dbus address in the client list * When the executable file is inaccessible, depending on where the client name is shown: * when shown inline, e.g. in notification text, where space is limited, clearly say that the path is invalid * when shown in auth dialog, show warning and print detailed info about the client * when shown in the client list, draw a warning icon Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 18:22:15 -04:00
#include "fdosecrets/dbus/DBusClient.h"
FdoSecrets: Major Refactor and Code Consolidation (#5747) * Fixes #3837 * Change objects to use DBusMgr rather than separate adaptors - Update all DBus invokable methods to new parameter order - Change all usage of DBusReturn to simpler DBusResult - Use DBusMgr to handle path and service registration - Remove adaptor/* - Set path in DBusObject - Unregister service when service is destroyed - Restore handling of invalid QVariant in prompt complete signal - Clean up meta type registration - Move dbus related file together - Convert to QSharedPointer as much as possible - Fix mapping of the Delete method - Handle dbus property get all * Add per-client states - Move cipher negotiation to DBusClient - Show list of clients instead of sessions in the settings page - Add settings for confirmation of accessing items - Fix infinite recursion when client disconnected - Use optional explicit DBusClient parameter instead. This makes accessing the client info in an async context explicit, and thus prevent accidental assertions in prompts. * Improve User Interface - Add per-item access confirmation (if enabled) - Remove the "disable for site" button for the access control dialog - Improve the text on the settings page to be more consistent - Fix disconnect buttons in settings page not working - Make the unlock prompt method nonblocking * Fix and cleanup unit tests - Use QTRY_COMPARE when checking signal spies, as dbus signals are threaded - Fixes in meta type registration and type conversion - Remove QStringLiteral in COMPARE macros, making diff output readable - Add testing for remembering auth decision
2021-02-05 15:07:59 -05:00
#include "fdosecrets/widgets/RowButtonHelper.h"
#include "core/Entry.h"
Removing QWidget dependency from src/core.
2021-03-13 14:07:49 -05:00
#include "gui/Icons.h"
FdoSecrets: Major Refactor and Code Consolidation (#5747) * Fixes #3837 * Change objects to use DBusMgr rather than separate adaptors - Update all DBus invokable methods to new parameter order - Change all usage of DBusReturn to simpler DBusResult - Use DBusMgr to handle path and service registration - Remove adaptor/* - Set path in DBusObject - Unregister service when service is destroyed - Restore handling of invalid QVariant in prompt complete signal - Clean up meta type registration - Move dbus related file together - Convert to QSharedPointer as much as possible - Fix mapping of the Delete method - Handle dbus property get all * Add per-client states - Move cipher negotiation to DBusClient - Show list of clients instead of sessions in the settings page - Add settings for confirmation of accessing items - Fix infinite recursion when client disconnected - Use optional explicit DBusClient parameter instead. This makes accessing the client info in an async context explicit, and thus prevent accidental assertions in prompts. * Improve User Interface - Add per-item access confirmation (if enabled) - Remove the "disable for site" button for the access control dialog - Improve the text on the settings page to be more consistent - Fix disconnect buttons in settings page not working - Make the unlock prompt method nonblocking * Fix and cleanup unit tests - Use QTRY_COMPARE when checking signal spies, as dbus signals are threaded - Fixes in meta type registration and type conversion - Remove QStringLiteral in COMPARE macros, making diff output readable - Add testing for remembering auth decision
2021-02-05 15:07:59 -05:00
#include <QWindow>
Optimize includes across code base
2021-07-11 22:10:29 -04:00
#include <functional>
FdoSecrets: Major Refactor and Code Consolidation (#5747) * Fixes #3837 * Change objects to use DBusMgr rather than separate adaptors - Update all DBus invokable methods to new parameter order - Change all usage of DBusReturn to simpler DBusResult - Use DBusMgr to handle path and service registration - Remove adaptor/* - Set path in DBusObject - Unregister service when service is destroyed - Restore handling of invalid QVariant in prompt complete signal - Clean up meta type registration - Move dbus related file together - Convert to QSharedPointer as much as possible - Fix mapping of the Delete method - Handle dbus property get all * Add per-client states - Move cipher negotiation to DBusClient - Show list of clients instead of sessions in the settings page - Add settings for confirmation of accessing items - Fix infinite recursion when client disconnected - Use optional explicit DBusClient parameter instead. This makes accessing the client info in an async context explicit, and thus prevent accidental assertions in prompts. * Improve User Interface - Add per-item access confirmation (if enabled) - Remove the "disable for site" button for the access control dialog - Improve the text on the settings page to be more consistent - Fix disconnect buttons in settings page not working - Make the unlock prompt method nonblocking * Fix and cleanup unit tests - Use QTRY_COMPARE when checking signal spies, as dbus signals are threaded - Fixes in meta type registration and type conversion - Remove QStringLiteral in COMPARE macros, making diff output readable - Add testing for remembering auth decision
2021-02-05 15:07:59 -05:00
AccessControlDialog::AccessControlDialog(QWindow* parent,
const QList<Entry*>& entries,
const QString& app,
FdoSecrets: Improve client executable path handling (#6915) * Fixes #6459 Improves the overall handling of FdoSecrets showing client executable paths to the user. It does the following: * Check executable file existence as described in [RFC] fdosecrets: add optional confirmation to secret access (#4733) * Show application PID and dbus address in the client list * When the executable file is inaccessible, depending on where the client name is shown: * when shown inline, e.g. in notification text, where space is limited, clearly say that the path is invalid * when shown in auth dialog, show warning and print detailed info about the client * when shown in the client list, draw a warning icon Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 18:22:15 -04:00
const FdoSecrets::PeerInfo& info,
FdoSecrets: Major Refactor and Code Consolidation (#5747) * Fixes #3837 * Change objects to use DBusMgr rather than separate adaptors - Update all DBus invokable methods to new parameter order - Change all usage of DBusReturn to simpler DBusResult - Use DBusMgr to handle path and service registration - Remove adaptor/* - Set path in DBusObject - Unregister service when service is destroyed - Restore handling of invalid QVariant in prompt complete signal - Clean up meta type registration - Move dbus related file together - Convert to QSharedPointer as much as possible - Fix mapping of the Delete method - Handle dbus property get all * Add per-client states - Move cipher negotiation to DBusClient - Show list of clients instead of sessions in the settings page - Add settings for confirmation of accessing items - Fix infinite recursion when client disconnected - Use optional explicit DBusClient parameter instead. This makes accessing the client info in an async context explicit, and thus prevent accidental assertions in prompts. * Improve User Interface - Add per-item access confirmation (if enabled) - Remove the "disable for site" button for the access control dialog - Improve the text on the settings page to be more consistent - Fix disconnect buttons in settings page not working - Make the unlock prompt method nonblocking * Fix and cleanup unit tests - Use QTRY_COMPARE when checking signal spies, as dbus signals are threaded - Fixes in meta type registration and type conversion - Remove QStringLiteral in COMPARE macros, making diff output readable - Add testing for remembering auth decision
2021-02-05 15:07:59 -05:00
AuthOptions authOptions)
: m_ui(new Ui::AccessControlDialog())
FdoSecrets: Improve client executable path handling (#6915) * Fixes #6459 Improves the overall handling of FdoSecrets showing client executable paths to the user. It does the following: * Check executable file existence as described in [RFC] fdosecrets: add optional confirmation to secret access (#4733) * Show application PID and dbus address in the client list * When the executable file is inaccessible, depending on where the client name is shown: * when shown inline, e.g. in notification text, where space is limited, clearly say that the path is invalid * when shown in auth dialog, show warning and print detailed info about the client * when shown in the client list, draw a warning icon Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 18:22:15 -04:00
, m_rememberCheck()
FdoSecrets: Major Refactor and Code Consolidation (#5747) * Fixes #3837 * Change objects to use DBusMgr rather than separate adaptors - Update all DBus invokable methods to new parameter order - Change all usage of DBusReturn to simpler DBusResult - Use DBusMgr to handle path and service registration - Remove adaptor/* - Set path in DBusObject - Unregister service when service is destroyed - Restore handling of invalid QVariant in prompt complete signal - Clean up meta type registration - Move dbus related file together - Convert to QSharedPointer as much as possible - Fix mapping of the Delete method - Handle dbus property get all * Add per-client states - Move cipher negotiation to DBusClient - Show list of clients instead of sessions in the settings page - Add settings for confirmation of accessing items - Fix infinite recursion when client disconnected - Use optional explicit DBusClient parameter instead. This makes accessing the client info in an async context explicit, and thus prevent accidental assertions in prompts. * Improve User Interface - Add per-item access confirmation (if enabled) - Remove the "disable for site" button for the access control dialog - Improve the text on the settings page to be more consistent - Fix disconnect buttons in settings page not working - Make the unlock prompt method nonblocking * Fix and cleanup unit tests - Use QTRY_COMPARE when checking signal spies, as dbus signals are threaded - Fixes in meta type registration and type conversion - Remove QStringLiteral in COMPARE macros, making diff output readable - Add testing for remembering auth decision
2021-02-05 15:07:59 -05:00
, m_model(new EntryModel(entries))
FdoSecrets: Improve client executable path handling (#6915) * Fixes #6459 Improves the overall handling of FdoSecrets showing client executable paths to the user. It does the following: * Check executable file existence as described in [RFC] fdosecrets: add optional confirmation to secret access (#4733) * Show application PID and dbus address in the client list * When the executable file is inaccessible, depending on where the client name is shown: * when shown inline, e.g. in notification text, where space is limited, clearly say that the path is invalid * when shown in auth dialog, show warning and print detailed info about the client * when shown in the client list, draw a warning icon Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 18:22:15 -04:00
, m_decisions()
FdoSecrets: Major Refactor and Code Consolidation (#5747) * Fixes #3837 * Change objects to use DBusMgr rather than separate adaptors - Update all DBus invokable methods to new parameter order - Change all usage of DBusReturn to simpler DBusResult - Use DBusMgr to handle path and service registration - Remove adaptor/* - Set path in DBusObject - Unregister service when service is destroyed - Restore handling of invalid QVariant in prompt complete signal - Clean up meta type registration - Move dbus related file together - Convert to QSharedPointer as much as possible - Fix mapping of the Delete method - Handle dbus property get all * Add per-client states - Move cipher negotiation to DBusClient - Show list of clients instead of sessions in the settings page - Add settings for confirmation of accessing items - Fix infinite recursion when client disconnected - Use optional explicit DBusClient parameter instead. This makes accessing the client info in an async context explicit, and thus prevent accidental assertions in prompts. * Improve User Interface - Add per-item access confirmation (if enabled) - Remove the "disable for site" button for the access control dialog - Improve the text on the settings page to be more consistent - Fix disconnect buttons in settings page not working - Make the unlock prompt method nonblocking * Fix and cleanup unit tests - Use QTRY_COMPARE when checking signal spies, as dbus signals are threaded - Fixes in meta type registration and type conversion - Remove QStringLiteral in COMPARE macros, making diff output readable - Add testing for remembering auth decision
2021-02-05 15:07:59 -05:00
{
if (parent) {
// Force the creation of the QWindow, without this windowHandle() will return nullptr
winId();
auto window = windowHandle();
Q_ASSERT(window);
window->setTransientParent(parent);
}
setWindowFlags(windowFlags() | Qt::WindowStaysOnTopHint);
connect(this, &QDialog::finished, this, &AccessControlDialog::dialogFinished);
FdoSecrets: Improve client executable path handling (#6915) * Fixes #6459 Improves the overall handling of FdoSecrets showing client executable paths to the user. It does the following: * Check executable file existence as described in [RFC] fdosecrets: add optional confirmation to secret access (#4733) * Show application PID and dbus address in the client list * When the executable file is inaccessible, depending on where the client name is shown: * when shown inline, e.g. in notification text, where space is limited, clearly say that the path is invalid * when shown in auth dialog, show warning and print detailed info about the client * when shown in the client list, draw a warning icon Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 18:22:15 -04:00
m_ui->setupUi(this);
FdoSecrets: Major Refactor and Code Consolidation (#5747) * Fixes #3837 * Change objects to use DBusMgr rather than separate adaptors - Update all DBus invokable methods to new parameter order - Change all usage of DBusReturn to simpler DBusResult - Use DBusMgr to handle path and service registration - Remove adaptor/* - Set path in DBusObject - Unregister service when service is destroyed - Restore handling of invalid QVariant in prompt complete signal - Clean up meta type registration - Move dbus related file together - Convert to QSharedPointer as much as possible - Fix mapping of the Delete method - Handle dbus property get all * Add per-client states - Move cipher negotiation to DBusClient - Show list of clients instead of sessions in the settings page - Add settings for confirmation of accessing items - Fix infinite recursion when client disconnected - Use optional explicit DBusClient parameter instead. This makes accessing the client info in an async context explicit, and thus prevent accidental assertions in prompts. * Improve User Interface - Add per-item access confirmation (if enabled) - Remove the "disable for site" button for the access control dialog - Improve the text on the settings page to be more consistent - Fix disconnect buttons in settings page not working - Make the unlock prompt method nonblocking * Fix and cleanup unit tests - Use QTRY_COMPARE when checking signal spies, as dbus signals are threaded - Fixes in meta type registration and type conversion - Remove QStringLiteral in COMPARE macros, making diff output readable - Add testing for remembering auth decision
2021-02-05 15:07:59 -05:00
m_ui->appLabel->setText(m_ui->appLabel->text().arg(app));
FdoSecrets: Improve client executable path handling (#6915) * Fixes #6459 Improves the overall handling of FdoSecrets showing client executable paths to the user. It does the following: * Check executable file existence as described in [RFC] fdosecrets: add optional confirmation to secret access (#4733) * Show application PID and dbus address in the client list * When the executable file is inaccessible, depending on where the client name is shown: * when shown inline, e.g. in notification text, where space is limited, clearly say that the path is invalid * when shown in auth dialog, show warning and print detailed info about the client * when shown in the client list, draw a warning icon Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 18:22:15 -04:00
// items table
connect(m_ui->itemsTable, &QTableView::clicked, m_model.data(), &EntryModel::toggleCheckState);
FdoSecrets: Major Refactor and Code Consolidation (#5747) * Fixes #3837 * Change objects to use DBusMgr rather than separate adaptors - Update all DBus invokable methods to new parameter order - Change all usage of DBusReturn to simpler DBusResult - Use DBusMgr to handle path and service registration - Remove adaptor/* - Set path in DBusObject - Unregister service when service is destroyed - Restore handling of invalid QVariant in prompt complete signal - Clean up meta type registration - Move dbus related file together - Convert to QSharedPointer as much as possible - Fix mapping of the Delete method - Handle dbus property get all * Add per-client states - Move cipher negotiation to DBusClient - Show list of clients instead of sessions in the settings page - Add settings for confirmation of accessing items - Fix infinite recursion when client disconnected - Use optional explicit DBusClient parameter instead. This makes accessing the client info in an async context explicit, and thus prevent accidental assertions in prompts. * Improve User Interface - Add per-item access confirmation (if enabled) - Remove the "disable for site" button for the access control dialog - Improve the text on the settings page to be more consistent - Fix disconnect buttons in settings page not working - Make the unlock prompt method nonblocking * Fix and cleanup unit tests - Use QTRY_COMPARE when checking signal spies, as dbus signals are threaded - Fixes in meta type registration and type conversion - Remove QStringLiteral in COMPARE macros, making diff output readable - Add testing for remembering auth decision
2021-02-05 15:07:59 -05:00
m_ui->itemsTable->setModel(m_model.data());
installWidgetItemDelegate<DenyButton>(m_ui->itemsTable, 2, [this](QWidget* p, const QModelIndex& idx) {
auto btn = new DenyButton(p, idx);
connect(btn, &DenyButton::clicked, this, &AccessControlDialog::denyEntryClicked);
return btn;
});
m_ui->itemsTable->horizontalHeader()->setSectionResizeMode(0, QHeaderView::Stretch);
m_ui->itemsTable->horizontalHeader()->setSectionResizeMode(1, QHeaderView::Stretch);
m_ui->itemsTable->horizontalHeader()->setSectionResizeMode(2, QHeaderView::ResizeToContents);
m_ui->itemsTable->resizeColumnsToContents();
FdoSecrets: Improve client executable path handling (#6915) * Fixes #6459 Improves the overall handling of FdoSecrets showing client executable paths to the user. It does the following: * Check executable file existence as described in [RFC] fdosecrets: add optional confirmation to secret access (#4733) * Show application PID and dbus address in the client list * When the executable file is inaccessible, depending on where the client name is shown: * when shown inline, e.g. in notification text, where space is limited, clearly say that the path is invalid * when shown in auth dialog, show warning and print detailed info about the client * when shown in the client list, draw a warning icon Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 18:22:15 -04:00
// the info widget
m_ui->exePathWarn->setMessageType(MessageWidget::Warning);
m_ui->exePathWarn->hide();
setupDetails(info);
// the button box
QString detailsButtonText = tr("Details");
auto detailsButton =
m_ui->buttonBox->addButton(detailsButtonText + QStringLiteral(" >>"), QDialogButtonBox::HelpRole);
detailsButton->setCheckable(true);
FdoSecrest: allow remember decision for future entries Also added a reset decision button in session management tab Fixes #7464 * Fix distorted button in settings page: the default margin in QToolBar is too large for our use case in a table row.
2022-02-26 17:22:20 -05:00
QString tooltip = QStringLiteral("<p align='justify'>%1</p>")
.arg(tr("Your decision will be remembered for the duration while both the requesting client "
"AND KeePassXC are running."));
FdoSecrets: Improve client executable path handling (#6915) * Fixes #6459 Improves the overall handling of FdoSecrets showing client executable paths to the user. It does the following: * Check executable file existence as described in [RFC] fdosecrets: add optional confirmation to secret access (#4733) * Show application PID and dbus address in the client list * When the executable file is inaccessible, depending on where the client name is shown: * when shown inline, e.g. in notification text, where space is limited, clearly say that the path is invalid * when shown in auth dialog, show warning and print detailed info about the client * when shown in the client list, draw a warning icon Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 18:22:15 -04:00
m_rememberCheck = new QCheckBox(tr("Remember"), this);
m_rememberCheck->setObjectName("rememberCheck"); // for testing
m_rememberCheck->setChecked(true);
m_ui->buttonBox->addButton(m_rememberCheck, QDialogButtonBox::ActionRole);
FdoSecrest: allow remember decision for future entries Also added a reset decision button in session management tab Fixes #7464 * Fix distorted button in settings page: the default margin in QToolBar is too large for our use case in a table row.
2022-02-26 17:22:20 -05:00
m_rememberCheck->setToolTip(tooltip);
FdoSecrets: Improve client executable path handling (#6915) * Fixes #6459 Improves the overall handling of FdoSecrets showing client executable paths to the user. It does the following: * Check executable file existence as described in [RFC] fdosecrets: add optional confirmation to secret access (#4733) * Show application PID and dbus address in the client list * When the executable file is inaccessible, depending on where the client name is shown: * when shown inline, e.g. in notification text, where space is limited, clearly say that the path is invalid * when shown in auth dialog, show warning and print detailed info about the client * when shown in the client list, draw a warning icon Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 18:22:15 -04:00
auto allowButton = m_ui->buttonBox->addButton(tr("Allow Selected"), QDialogButtonBox::AcceptRole);
allowButton->setDefault(true);
FdoSecrest: allow remember decision for future entries Also added a reset decision button in session management tab Fixes #7464 * Fix distorted button in settings page: the default margin in QToolBar is too large for our use case in a table row.
2022-02-26 17:22:20 -05:00
auto cancelButton = m_ui->buttonBox->addButton(tr("Deny All && Future"), QDialogButtonBox::RejectRole);
cancelButton->setToolTip(tooltip);
auto allowAllButton = m_ui->buttonBox->addButton(tr("Allow All && &Future"), QDialogButtonBox::AcceptRole);
allowAllButton->setToolTip(tooltip);
FdoSecrets: Improve client executable path handling (#6915) * Fixes #6459 Improves the overall handling of FdoSecrets showing client executable paths to the user. It does the following: * Check executable file existence as described in [RFC] fdosecrets: add optional confirmation to secret access (#4733) * Show application PID and dbus address in the client list * When the executable file is inaccessible, depending on where the client name is shown: * when shown inline, e.g. in notification text, where space is limited, clearly say that the path is invalid * when shown in auth dialog, show warning and print detailed info about the client * when shown in the client list, draw a warning icon Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 18:22:15 -04:00
connect(cancelButton, &QPushButton::clicked, this, [this]() { done(DenyAll); });
connect(allowButton, &QPushButton::clicked, this, [this]() { done(AllowSelected); });
FdoSecrest: allow remember decision for future entries Also added a reset decision button in session management tab Fixes #7464 * Fix distorted button in settings page: the default margin in QToolBar is too large for our use case in a table row.
2022-02-26 17:22:20 -05:00
connect(allowAllButton, &QPushButton::clicked, this, [this]() { done(AllowAll); });
FdoSecrets: Improve client executable path handling (#6915) * Fixes #6459 Improves the overall handling of FdoSecrets showing client executable paths to the user. It does the following: * Check executable file existence as described in [RFC] fdosecrets: add optional confirmation to secret access (#4733) * Show application PID and dbus address in the client list * When the executable file is inaccessible, depending on where the client name is shown: * when shown inline, e.g. in notification text, where space is limited, clearly say that the path is invalid * when shown in auth dialog, show warning and print detailed info about the client * when shown in the client list, draw a warning icon Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 18:22:15 -04:00
connect(detailsButton, &QPushButton::clicked, this, [=](bool checked) {
m_ui->detailsContainer->setVisible(checked);
if (checked) {
detailsButton->setText(detailsButtonText + QStringLiteral(" <<"));
} else {
detailsButton->setText(detailsButtonText + QStringLiteral(" >>"));
}
adjustSize();
});
// tune the UI according to options
FdoSecrets: Major Refactor and Code Consolidation (#5747) * Fixes #3837 * Change objects to use DBusMgr rather than separate adaptors - Update all DBus invokable methods to new parameter order - Change all usage of DBusReturn to simpler DBusResult - Use DBusMgr to handle path and service registration - Remove adaptor/* - Set path in DBusObject - Unregister service when service is destroyed - Restore handling of invalid QVariant in prompt complete signal - Clean up meta type registration - Move dbus related file together - Convert to QSharedPointer as much as possible - Fix mapping of the Delete method - Handle dbus property get all * Add per-client states - Move cipher negotiation to DBusClient - Show list of clients instead of sessions in the settings page - Add settings for confirmation of accessing items - Fix infinite recursion when client disconnected - Use optional explicit DBusClient parameter instead. This makes accessing the client info in an async context explicit, and thus prevent accidental assertions in prompts. * Improve User Interface - Add per-item access confirmation (if enabled) - Remove the "disable for site" button for the access control dialog - Improve the text on the settings page to be more consistent - Fix disconnect buttons in settings page not working - Make the unlock prompt method nonblocking * Fix and cleanup unit tests - Use QTRY_COMPARE when checking signal spies, as dbus signals are threaded - Fixes in meta type registration and type conversion - Remove QStringLiteral in COMPARE macros, making diff output readable - Add testing for remembering auth decision
2021-02-05 15:07:59 -05:00
if (!authOptions.testFlag(AuthOption::Remember)) {
FdoSecrets: Improve client executable path handling (#6915) * Fixes #6459 Improves the overall handling of FdoSecrets showing client executable paths to the user. It does the following: * Check executable file existence as described in [RFC] fdosecrets: add optional confirmation to secret access (#4733) * Show application PID and dbus address in the client list * When the executable file is inaccessible, depending on where the client name is shown: * when shown inline, e.g. in notification text, where space is limited, clearly say that the path is invalid * when shown in auth dialog, show warning and print detailed info about the client * when shown in the client list, draw a warning icon Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 18:22:15 -04:00
m_rememberCheck->hide();
m_rememberCheck->setChecked(false);
FdoSecrets: Major Refactor and Code Consolidation (#5747) * Fixes #3837 * Change objects to use DBusMgr rather than separate adaptors - Update all DBus invokable methods to new parameter order - Change all usage of DBusReturn to simpler DBusResult - Use DBusMgr to handle path and service registration - Remove adaptor/* - Set path in DBusObject - Unregister service when service is destroyed - Restore handling of invalid QVariant in prompt complete signal - Clean up meta type registration - Move dbus related file together - Convert to QSharedPointer as much as possible - Fix mapping of the Delete method - Handle dbus property get all * Add per-client states - Move cipher negotiation to DBusClient - Show list of clients instead of sessions in the settings page - Add settings for confirmation of accessing items - Fix infinite recursion when client disconnected - Use optional explicit DBusClient parameter instead. This makes accessing the client info in an async context explicit, and thus prevent accidental assertions in prompts. * Improve User Interface - Add per-item access confirmation (if enabled) - Remove the "disable for site" button for the access control dialog - Improve the text on the settings page to be more consistent - Fix disconnect buttons in settings page not working - Make the unlock prompt method nonblocking * Fix and cleanup unit tests - Use QTRY_COMPARE when checking signal spies, as dbus signals are threaded - Fixes in meta type registration and type conversion - Remove QStringLiteral in COMPARE macros, making diff output readable - Add testing for remembering auth decision
2021-02-05 15:07:59 -05:00
}
if (!authOptions.testFlag(AuthOption::PerEntryDeny)) {
m_ui->itemsTable->horizontalHeader()->setSectionHidden(2, true);
}
FdoSecrets: Improve client executable path handling (#6915) * Fixes #6459 Improves the overall handling of FdoSecrets showing client executable paths to the user. It does the following: * Check executable file existence as described in [RFC] fdosecrets: add optional confirmation to secret access (#4733) * Show application PID and dbus address in the client list * When the executable file is inaccessible, depending on where the client name is shown: * when shown inline, e.g. in notification text, where space is limited, clearly say that the path is invalid * when shown in auth dialog, show warning and print detailed info about the client * when shown in the client list, draw a warning icon Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 18:22:15 -04:00
// show warning and details if not valid
if (!info.valid) {
m_ui->exePathWarn->show();
detailsButton->click();
}
FdoSecrest: allow remember decision for future entries Also added a reset decision button in session management tab Fixes #7464 * Fix distorted button in settings page: the default margin in QToolBar is too large for our use case in a table row.
2022-02-26 17:22:20 -05:00
// adjust size after we initialize the button box
adjustSize();
FdoSecrets: Improve client executable path handling (#6915) * Fixes #6459 Improves the overall handling of FdoSecrets showing client executable paths to the user. It does the following: * Check executable file existence as described in [RFC] fdosecrets: add optional confirmation to secret access (#4733) * Show application PID and dbus address in the client list * When the executable file is inaccessible, depending on where the client name is shown: * when shown inline, e.g. in notification text, where space is limited, clearly say that the path is invalid * when shown in auth dialog, show warning and print detailed info about the client * when shown in the client list, draw a warning icon Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 18:22:15 -04:00
allowButton->setFocus();
FdoSecrets: Major Refactor and Code Consolidation (#5747) * Fixes #3837 * Change objects to use DBusMgr rather than separate adaptors - Update all DBus invokable methods to new parameter order - Change all usage of DBusReturn to simpler DBusResult - Use DBusMgr to handle path and service registration - Remove adaptor/* - Set path in DBusObject - Unregister service when service is destroyed - Restore handling of invalid QVariant in prompt complete signal - Clean up meta type registration - Move dbus related file together - Convert to QSharedPointer as much as possible - Fix mapping of the Delete method - Handle dbus property get all * Add per-client states - Move cipher negotiation to DBusClient - Show list of clients instead of sessions in the settings page - Add settings for confirmation of accessing items - Fix infinite recursion when client disconnected - Use optional explicit DBusClient parameter instead. This makes accessing the client info in an async context explicit, and thus prevent accidental assertions in prompts. * Improve User Interface - Add per-item access confirmation (if enabled) - Remove the "disable for site" button for the access control dialog - Improve the text on the settings page to be more consistent - Fix disconnect buttons in settings page not working - Make the unlock prompt method nonblocking * Fix and cleanup unit tests - Use QTRY_COMPARE when checking signal spies, as dbus signals are threaded - Fixes in meta type registration and type conversion - Remove QStringLiteral in COMPARE macros, making diff output readable - Add testing for remembering auth decision
2021-02-05 15:07:59 -05:00
}
AccessControlDialog::~AccessControlDialog() = default;
FdoSecrets: Improve client executable path handling (#6915) * Fixes #6459 Improves the overall handling of FdoSecrets showing client executable paths to the user. It does the following: * Check executable file existence as described in [RFC] fdosecrets: add optional confirmation to secret access (#4733) * Show application PID and dbus address in the client list * When the executable file is inaccessible, depending on where the client name is shown: * when shown inline, e.g. in notification text, where space is limited, clearly say that the path is invalid * when shown in auth dialog, show warning and print detailed info about the client * when shown in the client list, draw a warning icon Co-authored-by: Jonathan White <support@dmapps.us>
2021-10-01 18:22:15 -04:00
void AccessControlDialog::setupDetails(const FdoSecrets::PeerInfo& info)
{
QTreeWidgetItem* item = nullptr;
for (auto it = info.hierarchy.crbegin(); it != info.hierarchy.crend(); ++it) {
QStringList columns = {
it->name,
QString::number(it->pid),
it->exePath,
it->command,
};
if (item) {
item = new QTreeWidgetItem(item, columns);
} else {
item = new QTreeWidgetItem(m_ui->procTree, columns);
}
}
m_ui->procTree->expandAll();
m_ui->procTree->header()->setSectionResizeMode(QHeaderView::ResizeToContents);
m_ui->procTree->scrollToBottom();
m_ui->detailsContainer->hide();
}
FdoSecrets: Major Refactor and Code Consolidation (#5747) * Fixes #3837 * Change objects to use DBusMgr rather than separate adaptors - Update all DBus invokable methods to new parameter order - Change all usage of DBusReturn to simpler DBusResult - Use DBusMgr to handle path and service registration - Remove adaptor/* - Set path in DBusObject - Unregister service when service is destroyed - Restore handling of invalid QVariant in prompt complete signal - Clean up meta type registration - Move dbus related file together - Convert to QSharedPointer as much as possible - Fix mapping of the Delete method - Handle dbus property get all * Add per-client states - Move cipher negotiation to DBusClient - Show list of clients instead of sessions in the settings page - Add settings for confirmation of accessing items - Fix infinite recursion when client disconnected - Use optional explicit DBusClient parameter instead. This makes accessing the client info in an async context explicit, and thus prevent accidental assertions in prompts. * Improve User Interface - Add per-item access confirmation (if enabled) - Remove the "disable for site" button for the access control dialog - Improve the text on the settings page to be more consistent - Fix disconnect buttons in settings page not working - Make the unlock prompt method nonblocking * Fix and cleanup unit tests - Use QTRY_COMPARE when checking signal spies, as dbus signals are threaded - Fixes in meta type registration and type conversion - Remove QStringLiteral in COMPARE macros, making diff output readable - Add testing for remembering auth decision
2021-02-05 15:07:59 -05:00
void AccessControlDialog::denyEntryClicked(Entry* entry, const QModelIndex& index)
{
m_decisions.insert(entry, AuthDecision::Denied);
m_model->removeRow(index.row());
if (m_model->rowCount({}) == 0) {
reject();
}
}
void AccessControlDialog::dialogFinished(int result)
{
FdoSecrest: allow remember decision for future entries Also added a reset decision button in session management tab Fixes #7464 * Fix distorted button in settings page: the default margin in QToolBar is too large for our use case in a table row.
2022-02-26 17:22:20 -05:00
auto decision = AuthDecision::Undecided;
auto futureDecision = AuthDecision::Undecided;
switch (result) {
case AllowSelected:
decision = m_rememberCheck->isChecked() ? AuthDecision::Allowed : AuthDecision::AllowedOnce;
break;
case AllowAll:
decision = AuthDecision::Allowed;
futureDecision = AuthDecision::Allowed;
break;
case DenyAll:
decision = AuthDecision::Denied;
futureDecision = AuthDecision::Denied;
break;
case Rejected:
default:
break;
}
FdoSecrets: Major Refactor and Code Consolidation (#5747) * Fixes #3837 * Change objects to use DBusMgr rather than separate adaptors - Update all DBus invokable methods to new parameter order - Change all usage of DBusReturn to simpler DBusResult - Use DBusMgr to handle path and service registration - Remove adaptor/* - Set path in DBusObject - Unregister service when service is destroyed - Restore handling of invalid QVariant in prompt complete signal - Clean up meta type registration - Move dbus related file together - Convert to QSharedPointer as much as possible - Fix mapping of the Delete method - Handle dbus property get all * Add per-client states - Move cipher negotiation to DBusClient - Show list of clients instead of sessions in the settings page - Add settings for confirmation of accessing items - Fix infinite recursion when client disconnected - Use optional explicit DBusClient parameter instead. This makes accessing the client info in an async context explicit, and thus prevent accidental assertions in prompts. * Improve User Interface - Add per-item access confirmation (if enabled) - Remove the "disable for site" button for the access control dialog - Improve the text on the settings page to be more consistent - Fix disconnect buttons in settings page not working - Make the unlock prompt method nonblocking * Fix and cleanup unit tests - Use QTRY_COMPARE when checking signal spies, as dbus signals are threaded - Fixes in meta type registration and type conversion - Remove QStringLiteral in COMPARE macros, making diff output readable - Add testing for remembering auth decision
2021-02-05 15:07:59 -05:00
for (int row = 0; row != m_model->rowCount({}); ++row) {
auto entry = m_model->data(m_model->index(row, 2), Qt::EditRole).value<Entry*>();
auto selected = m_model->data(m_model->index(row, 0), Qt::CheckStateRole).value<Qt::CheckState>();
Q_ASSERT(entry);
FdoSecrest: allow remember decision for future entries Also added a reset decision button in session management tab Fixes #7464 * Fix distorted button in settings page: the default margin in QToolBar is too large for our use case in a table row.
2022-02-26 17:22:20 -05:00
auto undecided = result == AllowSelected && !selected;
m_decisions.insert(entry, undecided ? AuthDecision::Undecided : decision);
FdoSecrets: Major Refactor and Code Consolidation (#5747) * Fixes #3837 * Change objects to use DBusMgr rather than separate adaptors - Update all DBus invokable methods to new parameter order - Change all usage of DBusReturn to simpler DBusResult - Use DBusMgr to handle path and service registration - Remove adaptor/* - Set path in DBusObject - Unregister service when service is destroyed - Restore handling of invalid QVariant in prompt complete signal - Clean up meta type registration - Move dbus related file together - Convert to QSharedPointer as much as possible - Fix mapping of the Delete method - Handle dbus property get all * Add per-client states - Move cipher negotiation to DBusClient - Show list of clients instead of sessions in the settings page - Add settings for confirmation of accessing items - Fix infinite recursion when client disconnected - Use optional explicit DBusClient parameter instead. This makes accessing the client info in an async context explicit, and thus prevent accidental assertions in prompts. * Improve User Interface - Add per-item access confirmation (if enabled) - Remove the "disable for site" button for the access control dialog - Improve the text on the settings page to be more consistent - Fix disconnect buttons in settings page not working - Make the unlock prompt method nonblocking * Fix and cleanup unit tests - Use QTRY_COMPARE when checking signal spies, as dbus signals are threaded - Fixes in meta type registration and type conversion - Remove QStringLiteral in COMPARE macros, making diff output readable - Add testing for remembering auth decision
2021-02-05 15:07:59 -05:00
}
FdoSecrest: allow remember decision for future entries Also added a reset decision button in session management tab Fixes #7464 * Fix distorted button in settings page: the default margin in QToolBar is too large for our use case in a table row.
2022-02-26 17:22:20 -05:00
emit finished(m_decisions, futureDecision);
FdoSecrets: Major Refactor and Code Consolidation (#5747) * Fixes #3837 * Change objects to use DBusMgr rather than separate adaptors - Update all DBus invokable methods to new parameter order - Change all usage of DBusReturn to simpler DBusResult - Use DBusMgr to handle path and service registration - Remove adaptor/* - Set path in DBusObject - Unregister service when service is destroyed - Restore handling of invalid QVariant in prompt complete signal - Clean up meta type registration - Move dbus related file together - Convert to QSharedPointer as much as possible - Fix mapping of the Delete method - Handle dbus property get all * Add per-client states - Move cipher negotiation to DBusClient - Show list of clients instead of sessions in the settings page - Add settings for confirmation of accessing items - Fix infinite recursion when client disconnected - Use optional explicit DBusClient parameter instead. This makes accessing the client info in an async context explicit, and thus prevent accidental assertions in prompts. * Improve User Interface - Add per-item access confirmation (if enabled) - Remove the "disable for site" button for the access control dialog - Improve the text on the settings page to be more consistent - Fix disconnect buttons in settings page not working - Make the unlock prompt method nonblocking * Fix and cleanup unit tests - Use QTRY_COMPARE when checking signal spies, as dbus signals are threaded - Fixes in meta type registration and type conversion - Remove QStringLiteral in COMPARE macros, making diff output readable - Add testing for remembering auth decision
2021-02-05 15:07:59 -05:00
}
QHash<Entry*, AuthDecision> AccessControlDialog::decisions() const
{
return m_decisions;
}
AccessControlDialog::EntryModel::EntryModel(QList<Entry*> entries, QObject* parent)
: QAbstractTableModel(parent)
, m_entries(std::move(entries))
, m_selected(QSet<Entry*>::fromList(m_entries))
{
}
int AccessControlDialog::EntryModel::rowCount(const QModelIndex& parent) const
{
return isValid(parent) ? 0 : m_entries.count();
}
int AccessControlDialog::EntryModel::columnCount(const QModelIndex& parent) const
{
return isValid(parent) ? 0 : 3;
}
bool AccessControlDialog::EntryModel::isValid(const QModelIndex& index) const
{
return index.isValid() && index.row() < rowCount({}) && index.column() < columnCount({});
}
void AccessControlDialog::EntryModel::toggleCheckState(const QModelIndex& index)
{
if (!isValid(index)) {
return;
}
auto entry = m_entries.at(index.row());
// click anywhere in the row to check/uncheck the item
auto it = m_selected.find(entry);
if (it == m_selected.end()) {
m_selected.insert(entry);
} else {
m_selected.erase(it);
}
auto rowIdx = index.sibling(index.row(), 0);
emit dataChanged(rowIdx, rowIdx, {Qt::CheckStateRole});
}
QVariant AccessControlDialog::EntryModel::data(const QModelIndex& index, int role) const
{
if (!isValid(index)) {
return {};
}
auto entry = m_entries.at(index.row());
switch (index.column()) {
case 0:
switch (role) {
case Qt::DisplayRole:
return entry->title();
case Qt::DecorationRole:
Removing QWidget dependency from src/core.
2021-03-13 14:07:49 -05:00
return Icons::entryIconPixmap(entry);
FdoSecrets: Major Refactor and Code Consolidation (#5747) * Fixes #3837 * Change objects to use DBusMgr rather than separate adaptors - Update all DBus invokable methods to new parameter order - Change all usage of DBusReturn to simpler DBusResult - Use DBusMgr to handle path and service registration - Remove adaptor/* - Set path in DBusObject - Unregister service when service is destroyed - Restore handling of invalid QVariant in prompt complete signal - Clean up meta type registration - Move dbus related file together - Convert to QSharedPointer as much as possible - Fix mapping of the Delete method - Handle dbus property get all * Add per-client states - Move cipher negotiation to DBusClient - Show list of clients instead of sessions in the settings page - Add settings for confirmation of accessing items - Fix infinite recursion when client disconnected - Use optional explicit DBusClient parameter instead. This makes accessing the client info in an async context explicit, and thus prevent accidental assertions in prompts. * Improve User Interface - Add per-item access confirmation (if enabled) - Remove the "disable for site" button for the access control dialog - Improve the text on the settings page to be more consistent - Fix disconnect buttons in settings page not working - Make the unlock prompt method nonblocking * Fix and cleanup unit tests - Use QTRY_COMPARE when checking signal spies, as dbus signals are threaded - Fixes in meta type registration and type conversion - Remove QStringLiteral in COMPARE macros, making diff output readable - Add testing for remembering auth decision
2021-02-05 15:07:59 -05:00
case Qt::CheckStateRole:
return QVariant::fromValue(m_selected.contains(entry) ? Qt::Checked : Qt::Unchecked);
default:
return {};
}
case 1:
switch (role) {
case Qt::DisplayRole:
return entry->username();
default:
return {};
}
case 2:
switch (role) {
case Qt::EditRole:
return QVariant::fromValue(entry);
default:
return {};
}
default:
return {};
}
}
bool AccessControlDialog::EntryModel::removeRows(int row, int count, const QModelIndex& parent)
{
beginRemoveRows(parent, row, row + count - 1);
while (count--) {
m_entries.removeAt(row);
}
endRemoveRows();
return true;
}
AccessControlDialog::DenyButton::DenyButton(QWidget* p, const QModelIndex& idx)
: QPushButton(p)
, m_index(idx)
, m_entry()
{
setText(tr("Deny for this program"));
connect(this, &QPushButton::clicked, [this]() { emit clicked(entry(), m_index); });
}
void AccessControlDialog::DenyButton::setEntry(Entry* e)
{
m_entry = e;
}
Entry* AccessControlDialog::DenyButton::entry() const
{
return m_entry;
}
Reference in New Issue Copy Permalink