diff --git a/src/keeshare/KeeShareSettings.cpp b/src/keeshare/KeeShareSettings.cpp index 47ad76df6..bfc2f2fd8 100644 --- a/src/keeshare/KeeShareSettings.cpp +++ b/src/keeshare/KeeShareSettings.cpp @@ -297,7 +297,7 @@ namespace KeeShareSettings bool ScopedCertificate::operator==(const ScopedCertificate &other) const { - return trusted == other.trusted && path == other.path && certificate == other.certificate; + return trust == other.trust && path == other.path && certificate == other.certificate; } bool ScopedCertificate::operator!=(const ScopedCertificate &other) const @@ -308,7 +308,15 @@ namespace KeeShareSettings void ScopedCertificate::serialize(QXmlStreamWriter& writer, const ScopedCertificate& scopedCertificate) { writer.writeAttribute("Path", scopedCertificate.path); - writer.writeAttribute("Trusted", scopedCertificate.trusted ? "True" : "False"); + if(scopedCertificate.trust == KeeShareSettings::Trust::Trusted) { + writer.writeAttribute("Trust", "Trusted"); + } + else if(scopedCertificate.trust == KeeShareSettings::Trust::Untrusted){ + writer.writeAttribute("Trust", "Untrusted"); + } + else { + writer.writeAttribute("Trust", "Ask"); + } Certificate::serialize(writer, scopedCertificate.certificate); } @@ -316,7 +324,16 @@ namespace KeeShareSettings { ScopedCertificate scopedCertificate; scopedCertificate.path = reader.attributes().value("Path").toString(); - scopedCertificate.trusted = reader.attributes().value("Trusted") == "True"; + auto trust = reader.attributes().value("Trusted").toString(); + if(trust.compare("Trusted", Qt::CaseInsensitive)) { + scopedCertificate.trust = KeeShareSettings::Trust::Trusted; + } + if(trust.compare("Unrusted", Qt::CaseInsensitive)) { + scopedCertificate.trust = KeeShareSettings::Trust::Untrusted; + } + else { + scopedCertificate.trust = KeeShareSettings::Trust::Ask; + } scopedCertificate.certificate = Certificate::deserialize(reader); return scopedCertificate; } diff --git a/src/keeshare/KeeShareSettings.h b/src/keeshare/KeeShareSettings.h index a6522a5b4..a458fb3db 100644 --- a/src/keeshare/KeeShareSettings.h +++ b/src/keeshare/KeeShareSettings.h @@ -99,11 +99,16 @@ namespace KeeShareSettings static Own generate(); }; + enum class Trust { + Ask, + Untrusted, + Trusted + }; struct ScopedCertificate { QString path; Certificate certificate; - bool trusted; + Trust trust; bool operator==(const ScopedCertificate& other) const; bool operator!=(const ScopedCertificate& other) const; diff --git a/src/keeshare/SettingsWidgetKeeShare.cpp b/src/keeshare/SettingsWidgetKeeShare.cpp index 2b5ba3e3c..be4aee2ef 100644 --- a/src/keeshare/SettingsWidgetKeeShare.cpp +++ b/src/keeshare/SettingsWidgetKeeShare.cpp @@ -46,6 +46,7 @@ SettingsWidgetKeeShare::SettingsWidgetKeeShare(QWidget* parent) connect(m_ui->exportOwnCertificateButton, SIGNAL(clicked(bool)), SLOT(exportCertificate())); connect(m_ui->trustImportedCertificateButton, SIGNAL(clicked(bool)), SLOT(trustSelectedCertificates())); + connect(m_ui->askImportedCertificateButton, SIGNAL(clicked(bool)), SLOT(askSelectedCertificates())); connect(m_ui->untrustImportedCertificateButton, SIGNAL(clicked(bool)), SLOT(untrustSelectedCertificates())); connect(m_ui->removeImportedCertificateButton, SIGNAL(clicked(bool)), SLOT(removeSelectedCertificates())); } @@ -79,11 +80,11 @@ void SettingsWidgetKeeShare::updateForeignCertificates() for (const auto& scopedCertificate : m_foreign.certificates) { const auto items = QList() << new QStandardItem(scopedCertificate.path) - << new QStandardItem(scopedCertificate.trusted ? tr("Trusted") : tr("Untrusted")) + << new QStandardItem(scopedCertificate.trust == KeeShareSettings::Trust::Ask ? tr("Ask") + : (scopedCertificate.trust == KeeShareSettings::Trust::Trusted ? tr("Trusted") + : tr("Untrusted"))) #if defined(WITH_XC_KEESHARE_SECURE) - << new QStandardItem(scopedCertificate.isKnown() - ? scopedCertificate.certificate.signer - : tr("Unknown")) + << new QStandardItem(scopedCertificate.isKnown() ? scopedCertificate.certificate.signer : tr("Unknown")) << new QStandardItem(scopedCertificate.certificate.fingerprint()) << new QStandardItem(scopedCertificate.certificate.publicKey()) #endif @@ -194,7 +195,18 @@ void SettingsWidgetKeeShare::trustSelectedCertificates() const auto* selectionModel = m_ui->importedCertificateTableView->selectionModel(); Q_ASSERT(selectionModel); for (const auto& index : selectionModel->selectedRows()) { - m_foreign.certificates[index.row()].trusted = true; + m_foreign.certificates[index.row()].trust = KeeShareSettings::Trust::Trusted; + } + + updateForeignCertificates(); +} + +void SettingsWidgetKeeShare::askSelectedCertificates() +{ + const auto* selectionModel = m_ui->importedCertificateTableView->selectionModel(); + Q_ASSERT(selectionModel); + for (const auto& index : selectionModel->selectedRows()) { + m_foreign.certificates[index.row()].trust = KeeShareSettings::Trust::Ask; } updateForeignCertificates(); @@ -205,7 +217,7 @@ void SettingsWidgetKeeShare::untrustSelectedCertificates() const auto* selectionModel = m_ui->importedCertificateTableView->selectionModel(); Q_ASSERT(selectionModel); for (const auto& index : selectionModel->selectedRows()) { - m_foreign.certificates[index.row()].trusted = false; + m_foreign.certificates[index.row()].trust = KeeShareSettings::Trust::Untrusted; } updateForeignCertificates(); diff --git a/src/keeshare/SettingsWidgetKeeShare.h b/src/keeshare/SettingsWidgetKeeShare.h index f68b76792..16e089a2e 100644 --- a/src/keeshare/SettingsWidgetKeeShare.h +++ b/src/keeshare/SettingsWidgetKeeShare.h @@ -55,6 +55,7 @@ private slots: void exportCertificate(); void trustSelectedCertificates(); + void askSelectedCertificates(); void untrustSelectedCertificates(); void removeSelectedCertificates(); diff --git a/src/keeshare/SettingsWidgetKeeShare.ui b/src/keeshare/SettingsWidgetKeeShare.ui index c736bdedd..0e7f4c99b 100644 --- a/src/keeshare/SettingsWidgetKeeShare.ui +++ b/src/keeshare/SettingsWidgetKeeShare.ui @@ -7,7 +7,7 @@ 0 0 327 - 423 + 434 @@ -210,6 +210,13 @@ + + + + Ask + + + diff --git a/src/keeshare/ShareObserver.cpp b/src/keeshare/ShareObserver.cpp index 2f98b1bcd..8b41397e8 100644 --- a/src/keeshare/ShareObserver.cpp +++ b/src/keeshare/ShareObserver.cpp @@ -92,22 +92,22 @@ QPair check(QByteArray& data, } enum Scope { Invalid, Global, Local }; Scope scope = Invalid; - bool trusted = false; + KeeShareSettings::Trust trusted = KeeShareSettings::Trust::Ask; for (const auto& scopedCertificate : knownCertificates) { if (scopedCertificate.certificate.key == certificate.key && scopedCertificate.path == reference.path) { // Global scope is overwritten by local scope scope = Global; - trusted = scopedCertificate.trusted; + trusted = scopedCertificate.trust; } if (scopedCertificate.certificate.key == certificate.key && scopedCertificate.path == reference.path) { scope = Local; - trusted = scopedCertificate.trusted; + trusted = scopedCertificate.trust; break; } } - if (scope != Invalid){ + if (scope != Invalid && trusted != KeeShareSettings::Trust::Ask){ // we introduce now scopes if there is a global - return {trusted ? TrustedForever : UntrustedForever, certificate}; + return {trusted == KeeShareSettings::Trust::Trusted ? TrustedForever : UntrustedForever, certificate}; } QMessageBox warning; @@ -352,12 +352,12 @@ ShareObserver::Result ShareObserver::importSecureContainerInto(const KeeShareSet case UntrustedForever: case TrustedForever: { bool found = false; - bool trusted = trust.first == TrustedForever; + const auto trusted = trust.first == TrustedForever ? KeeShareSettings::Trust::Trusted : KeeShareSettings::Trust::Untrusted; for (KeeShareSettings::ScopedCertificate& scopedCertificate : foreign.certificates) { if (scopedCertificate.certificate.key == trust.second.key && scopedCertificate.path == reference.path) { scopedCertificate.certificate.signer = trust.second.signer; scopedCertificate.path = reference.path; - scopedCertificate.trusted = trusted; + scopedCertificate.trust = trusted; found = true; } } @@ -366,7 +366,7 @@ ShareObserver::Result ShareObserver::importSecureContainerInto(const KeeShareSet // we need to update with the new signer KeeShare::setForeign(foreign); } - if (trusted) { + if (trust.first == TrustedForever) { qDebug("Synchronize %s %s with %s", qPrintable(reference.path), qPrintable(targetGroup->name()), @@ -435,12 +435,12 @@ ShareObserver::Result ShareObserver::importInsecureContainerInto(const KeeShareS case UntrustedForever: case TrustedForever: { bool found = false; - bool trusted = trust.first == TrustedForever; + const auto trusted = trust.first == TrustedForever ? KeeShareSettings::Trust::Trusted : KeeShareSettings::Trust::Untrusted; for (KeeShareSettings::ScopedCertificate& scopedCertificate : foreign.certificates) { if (scopedCertificate.certificate.key == trust.second.key && scopedCertificate.path == reference.path) { scopedCertificate.certificate.signer = trust.second.signer; scopedCertificate.path = reference.path; - scopedCertificate.trusted = trusted; + scopedCertificate.trust = trusted; found = true; } } @@ -449,7 +449,7 @@ ShareObserver::Result ShareObserver::importInsecureContainerInto(const KeeShareS // we need to update with the new signer KeeShare::setForeign(foreign); } - if (trusted) { + if (trust.first == TrustedForever) { qDebug("Synchronize %s %s with %s", qPrintable(reference.path), qPrintable(targetGroup->name()), diff --git a/tests/TestSharing.cpp b/tests/TestSharing.cpp index 78d8c1802..b1e85edb7 100644 --- a/tests/TestSharing.cpp +++ b/tests/TestSharing.cpp @@ -41,6 +41,7 @@ QTEST_GUILESS_MAIN(TestSharing) Q_DECLARE_METATYPE(KeeShareSettings::Type) Q_DECLARE_METATYPE(KeeShareSettings::Key) Q_DECLARE_METATYPE(KeeShareSettings::Certificate) +Q_DECLARE_METATYPE(KeeShareSettings::Trust) Q_DECLARE_METATYPE(KeeShareSettings::ScopedCertificate) Q_DECLARE_METATYPE(QList) @@ -140,7 +141,7 @@ void TestSharing::testNullObjects() void TestSharing::testCertificateSerialization() { - QFETCH(bool, trusted); + QFETCH(KeeShareSettings::Trust, trusted); const OpenSSHKey& key = stubkey(); KeeShareSettings::ScopedCertificate original; original.path = "/path"; @@ -149,7 +150,7 @@ void TestSharing::testCertificateSerialization() OpenSSHKey::serializeToBinary(OpenSSHKey::Public, key), "Some &#_\"\" weird string" }; - original.trusted = trusted; + original.trust = trusted; QString buffer; QXmlStreamWriter writer(&buffer); @@ -165,7 +166,7 @@ void TestSharing::testCertificateSerialization() QCOMPARE(restored.certificate.key, original.certificate.key); QCOMPARE(restored.certificate.signer, original.certificate.signer); - QCOMPARE(restored.trusted, original.trusted); + QCOMPARE(restored.trust, original.trust); QCOMPARE(restored.path, original.path); QCOMPARE(restored.certificate.sshKey().publicParts(), key.publicParts()); @@ -173,9 +174,10 @@ void TestSharing::testCertificateSerialization() void TestSharing::testCertificateSerialization_data() { - QTest::addColumn("trusted"); - QTest::newRow("Trusted") << true; - QTest::newRow("Untrusted") << false; + QTest::addColumn("trusted"); + QTest::newRow("Ask") << KeeShareSettings::Trust::Ask; + QTest::newRow("Trusted") << KeeShareSettings::Trust::Trusted; + QTest::newRow("Untrusted") << KeeShareSettings::Trust::Untrusted; } void TestSharing::testKeySerialization() @@ -280,7 +282,7 @@ void TestSharing::testSettingsSerialization_data() OpenSSHKey::serializeToBinary(OpenSSHKey::Public, sshKey0), "Some &#_\"\" weird string" }; - certificate0.trusted = true; + certificate0.trust = KeeShareSettings::Trust::Trusted; KeeShareSettings::Key key0; key0.key = OpenSSHKey::serializeToBinary(OpenSSHKey::Private, sshKey0); @@ -293,7 +295,7 @@ void TestSharing::testSettingsSerialization_data() OpenSSHKey::serializeToBinary(OpenSSHKey::Public, sshKey1), "Another " }; - certificate1.trusted = false; + certificate1.trust = KeeShareSettings::Trust::Untrusted; QTest::addColumn("importing"); QTest::addColumn("exporting");