mirror of
https://github.com/keepassxreboot/keepassxc.git
synced 2025-01-26 22:36:59 -05:00
Improve overall database settings behavior
* Fixes #10723 - only display password strength warning when actively editing the password * Also improve behavior of minimum quality warning * Improve behavior and handling of password changes with the database settings dialog * Prevents loss of newly entered password when toggling between elements in the settings page * On error, switch to tab that prevents saving database settings for easier correction
This commit is contained in:
parent
f83cd81ad7
commit
ed3f7f5a16
@ -1903,11 +1903,11 @@ Are you sure you want to continue without a password?</source>
|
||||
<translation type="unfinished"></translation>
|
||||
</message>
|
||||
<message>
|
||||
<source>You must enter a stronger password to protect your database.</source>
|
||||
<source>This is a weak password! For better protection of your secrets, you should choose a stronger password.</source>
|
||||
<translation type="unfinished"></translation>
|
||||
</message>
|
||||
<message>
|
||||
<source>This is a weak password! For better protection of your secrets, you should choose a stronger password.</source>
|
||||
<source>The provided password does not meet the minimum quality requirement.</source>
|
||||
<translation type="unfinished"></translation>
|
||||
</message>
|
||||
</context>
|
||||
|
@ -75,6 +75,10 @@ KeyComponentWidget::Page KeyComponentWidget::visiblePage() const
|
||||
|
||||
void KeyComponentWidget::updateAddStatus(bool added)
|
||||
{
|
||||
if (m_ui->stackedWidget->currentIndex() == Page::Edit) {
|
||||
emit editCanceled();
|
||||
}
|
||||
|
||||
if (added) {
|
||||
m_ui->stackedWidget->setCurrentIndex(Page::LeaveOrRemove);
|
||||
} else {
|
||||
@ -103,12 +107,6 @@ void KeyComponentWidget::cancelEdit()
|
||||
emit editCanceled();
|
||||
}
|
||||
|
||||
void KeyComponentWidget::showEvent(QShowEvent* event)
|
||||
{
|
||||
resetComponentEditWidget();
|
||||
QWidget::showEvent(event);
|
||||
}
|
||||
|
||||
void KeyComponentWidget::resetComponentEditWidget()
|
||||
{
|
||||
if (!m_componentWidget || static_cast<Page>(m_ui->stackedWidget->currentIndex()) == Page::Edit) {
|
||||
|
@ -104,9 +104,6 @@ signals:
|
||||
void editCanceled();
|
||||
void componentRemovalRequested();
|
||||
|
||||
protected:
|
||||
void showEvent(QShowEvent* event) override;
|
||||
|
||||
private slots:
|
||||
void updateAddStatus(bool added);
|
||||
void doAdd();
|
||||
|
@ -27,6 +27,9 @@ PasswordEditWidget::PasswordEditWidget(QWidget* parent)
|
||||
, m_compUi(new Ui::PasswordEditWidget())
|
||||
{
|
||||
initComponent();
|
||||
|
||||
// Explicitly clear password on cancel
|
||||
connect(this, &PasswordEditWidget::editCanceled, this, [this] { setPassword({}); });
|
||||
}
|
||||
|
||||
PasswordEditWidget::~PasswordEditWidget()
|
||||
@ -61,7 +64,7 @@ bool PasswordEditWidget::isPasswordVisible() const
|
||||
|
||||
bool PasswordEditWidget::isEmpty() const
|
||||
{
|
||||
return (visiblePage() == Page::Edit) && m_compUi->enterPasswordEdit->text().isEmpty();
|
||||
return visiblePage() != Page::Edit || m_compUi->enterPasswordEdit->text().isEmpty();
|
||||
}
|
||||
|
||||
PasswordHealth::Quality PasswordEditWidget::getPasswordQuality() const
|
||||
@ -85,8 +88,7 @@ void PasswordEditWidget::initComponentEditWidget(QWidget* widget)
|
||||
{
|
||||
Q_UNUSED(widget);
|
||||
Q_ASSERT(m_compEditWidget);
|
||||
m_compUi->enterPasswordEdit->setFocus();
|
||||
|
||||
setFocusProxy(m_compUi->enterPasswordEdit);
|
||||
m_compUi->enterPasswordEdit->setQualityVisible(true);
|
||||
m_compUi->repeatPasswordEdit->setQualityVisible(false);
|
||||
}
|
||||
@ -105,16 +107,6 @@ void PasswordEditWidget::initComponent()
|
||||
"<p>Good passwords are long and unique. KeePassXC can generate one for you.</p>"));
|
||||
}
|
||||
|
||||
void PasswordEditWidget::hideEvent(QHideEvent* event)
|
||||
{
|
||||
if (!isVisible() && m_compUi->enterPasswordEdit) {
|
||||
m_compUi->enterPasswordEdit->setText("");
|
||||
m_compUi->repeatPasswordEdit->setText("");
|
||||
}
|
||||
|
||||
QWidget::hideEvent(event);
|
||||
}
|
||||
|
||||
bool PasswordEditWidget::validate(QString& errorMessage) const
|
||||
{
|
||||
if (m_compUi->enterPasswordEdit->text() != m_compUi->repeatPasswordEdit->text()) {
|
||||
|
@ -47,7 +47,6 @@ protected:
|
||||
QWidget* componentEditWidget() override;
|
||||
void initComponentEditWidget(QWidget* widget) override;
|
||||
void initComponent() override;
|
||||
void hideEvent(QHideEvent* event) override;
|
||||
|
||||
private slots:
|
||||
void setPassword(const QString& password);
|
||||
|
@ -91,33 +91,29 @@ DatabaseSettingsDialog::DatabaseSettingsDialog(QWidget* parent)
|
||||
scrollArea->setSizeAdjustPolicy(QScrollArea::AdjustToContents);
|
||||
scrollArea->setWidgetResizable(true);
|
||||
scrollArea->setWidget(m_databaseKeyWidget);
|
||||
|
||||
m_securityTabWidget->addTab(scrollArea, tr("Database Credentials"));
|
||||
|
||||
m_securityTabWidget->addTab(m_encryptionWidget, tr("Encryption Settings"));
|
||||
|
||||
#if defined(WITH_XC_KEESHARE)
|
||||
addSettingsPage(new DatabaseSettingsPageKeeShare());
|
||||
#endif
|
||||
|
||||
#if defined(WITH_XC_FDOSECRETS)
|
||||
addSettingsPage(new DatabaseSettingsPageFdoSecrets());
|
||||
#endif
|
||||
|
||||
m_ui->stackedWidget->setCurrentIndex(0);
|
||||
m_securityTabWidget->setCurrentIndex(0);
|
||||
|
||||
connect(m_securityTabWidget, SIGNAL(currentChanged(int)), SLOT(pageChanged()));
|
||||
connect(m_ui->categoryList, SIGNAL(categoryChanged(int)), m_ui->stackedWidget, SLOT(setCurrentIndex(int)));
|
||||
|
||||
#ifdef WITH_XC_BROWSER
|
||||
m_ui->categoryList->addCategory(tr("Browser Integration"), icons()->icon("internet-web-browser"));
|
||||
m_ui->stackedWidget->addWidget(m_browserWidget);
|
||||
#endif
|
||||
|
||||
#ifdef WITH_XC_KEESHARE
|
||||
addSettingsPage(new DatabaseSettingsPageKeeShare());
|
||||
#endif
|
||||
|
||||
#ifdef WITH_XC_FDOSECRETS
|
||||
addSettingsPage(new DatabaseSettingsPageFdoSecrets());
|
||||
#endif
|
||||
|
||||
m_ui->categoryList->addCategory(tr("Maintenance"), icons()->icon("hammer-wrench"));
|
||||
m_ui->stackedWidget->addWidget(m_maintenanceWidget);
|
||||
|
||||
pageChanged();
|
||||
m_ui->stackedWidget->setCurrentIndex(0);
|
||||
connect(m_ui->categoryList, SIGNAL(categoryChanged(int)), m_ui->stackedWidget, SLOT(setCurrentIndex(int)));
|
||||
}
|
||||
|
||||
DatabaseSettingsDialog::~DatabaseSettingsDialog()
|
||||
@ -163,17 +159,24 @@ void DatabaseSettingsDialog::showDatabaseKeySettings()
|
||||
void DatabaseSettingsDialog::save()
|
||||
{
|
||||
if (!m_generalWidget->save()) {
|
||||
m_ui->categoryList->setCurrentCategory(0);
|
||||
return;
|
||||
}
|
||||
|
||||
if (!m_databaseKeyWidget->save()) {
|
||||
m_ui->categoryList->setCurrentCategory(1);
|
||||
m_securityTabWidget->setCurrentIndex(0);
|
||||
return;
|
||||
}
|
||||
|
||||
if (!m_encryptionWidget->save()) {
|
||||
m_ui->categoryList->setCurrentCategory(1);
|
||||
m_securityTabWidget->setCurrentIndex(1);
|
||||
return;
|
||||
}
|
||||
|
||||
// Browser settings don't have anything to save
|
||||
|
||||
for (const ExtraPage& extraPage : asConst(m_extraPages)) {
|
||||
extraPage.saveSettings();
|
||||
}
|
||||
@ -183,10 +186,12 @@ void DatabaseSettingsDialog::save()
|
||||
|
||||
void DatabaseSettingsDialog::reject()
|
||||
{
|
||||
m_generalWidget->discard();
|
||||
m_databaseKeyWidget->discard();
|
||||
m_encryptionWidget->discard();
|
||||
#ifdef WITH_XC_BROWSER
|
||||
m_browserWidget->discard();
|
||||
#endif
|
||||
|
||||
emit editFinished(false);
|
||||
}
|
||||
|
||||
void DatabaseSettingsDialog::pageChanged()
|
||||
{
|
||||
m_ui->stackedWidget->currentIndex();
|
||||
}
|
||||
|
@ -70,7 +70,6 @@ signals:
|
||||
private slots:
|
||||
void save();
|
||||
void reject();
|
||||
void pageChanged();
|
||||
|
||||
private:
|
||||
enum Page
|
||||
|
@ -87,28 +87,30 @@ void DatabaseSettingsWidgetDatabaseKey::load(QSharedPointer<Database> db)
|
||||
// database has no key, we are about to add a new one
|
||||
m_passwordEditWidget->changeVisiblePage(KeyComponentWidget::Page::Edit);
|
||||
m_passwordEditWidget->setPasswordVisible(true);
|
||||
}
|
||||
|
||||
bool hasAdditionalKeys = false;
|
||||
for (const auto& key : m_db->key()->keys()) {
|
||||
if (key->uuid() == PasswordKey::UUID) {
|
||||
m_passwordEditWidget->setComponentAdded(true);
|
||||
} else if (key->uuid() == FileKey::UUID) {
|
||||
m_keyFileEditWidget->setComponentAdded(true);
|
||||
hasAdditionalKeys = true;
|
||||
// Focus won't work until the UI settles
|
||||
QTimer::singleShot(0, m_passwordEditWidget, SLOT(setFocus()));
|
||||
} else {
|
||||
bool hasAdditionalKeys = false;
|
||||
for (const auto& key : m_db->key()->keys()) {
|
||||
if (key->uuid() == PasswordKey::UUID) {
|
||||
m_passwordEditWidget->setComponentAdded(true);
|
||||
} else if (key->uuid() == FileKey::UUID) {
|
||||
m_keyFileEditWidget->setComponentAdded(true);
|
||||
hasAdditionalKeys = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#ifdef WITH_XC_YUBIKEY
|
||||
for (const auto& key : m_db->key()->challengeResponseKeys()) {
|
||||
if (key->uuid() == ChallengeResponseKey::UUID) {
|
||||
m_yubiKeyEditWidget->setComponentAdded(true);
|
||||
hasAdditionalKeys = true;
|
||||
for (const auto& key : m_db->key()->challengeResponseKeys()) {
|
||||
if (key->uuid() == ChallengeResponseKey::UUID) {
|
||||
m_yubiKeyEditWidget->setComponentAdded(true);
|
||||
hasAdditionalKeys = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
setAdditionalKeyOptionsVisible(hasAdditionalKeys);
|
||||
setAdditionalKeyOptionsVisible(hasAdditionalKeys);
|
||||
}
|
||||
|
||||
connect(m_passwordEditWidget->findChild<QPushButton*>("removeButton"), SIGNAL(clicked()), SLOT(markDirty()));
|
||||
connect(m_keyFileEditWidget->findChild<QPushButton*>("removeButton"), SIGNAL(clicked()), SLOT(markDirty()));
|
||||
@ -185,31 +187,32 @@ bool DatabaseSettingsWidgetDatabaseKey::save()
|
||||
return false;
|
||||
}
|
||||
|
||||
// Show warning if database password is weak
|
||||
if (!m_passwordEditWidget->isEmpty()
|
||||
&& m_passwordEditWidget->getPasswordQuality() < PasswordHealth::Quality::Good) {
|
||||
auto dialogResult = MessageBox::warning(this,
|
||||
tr("Weak password"),
|
||||
tr("This is a weak password! For better protection of your secrets, "
|
||||
"you should choose a stronger password."),
|
||||
MessageBox::ContinueWithWeakPass | MessageBox::Cancel,
|
||||
MessageBox::Cancel);
|
||||
|
||||
if (dialogResult == MessageBox::Cancel) {
|
||||
if (!m_passwordEditWidget->isEmpty()) {
|
||||
// Prevent setting password with a quality less than the minimum required
|
||||
auto minQuality = qBound(0, config()->get(Config::Security_DatabasePasswordMinimumQuality).toInt(), 4);
|
||||
if (m_passwordEditWidget->getPasswordQuality() < static_cast<PasswordHealth::Quality>(minQuality)) {
|
||||
MessageBox::critical(this,
|
||||
tr("Weak password"),
|
||||
tr("The provided password does not meet the minimum quality requirement."),
|
||||
MessageBox::Ok,
|
||||
MessageBox::Ok);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
// If enforced in the config file, deny users from continuing with a weak password
|
||||
auto minQuality =
|
||||
static_cast<PasswordHealth::Quality>(config()->get(Config::Security_DatabasePasswordMinimumQuality).toInt());
|
||||
if (!m_passwordEditWidget->isEmpty() && m_passwordEditWidget->getPasswordQuality() < minQuality) {
|
||||
MessageBox::critical(this,
|
||||
tr("Weak password"),
|
||||
tr("You must enter a stronger password to protect your database."),
|
||||
MessageBox::Ok,
|
||||
MessageBox::Ok);
|
||||
return false;
|
||||
// Show warning if database password is weak or poor
|
||||
if (m_passwordEditWidget->getPasswordQuality() < PasswordHealth::Quality::Good) {
|
||||
auto dialogResult =
|
||||
MessageBox::warning(this,
|
||||
tr("Weak password"),
|
||||
tr("This is a weak password! For better protection of your secrets, "
|
||||
"you should choose a stronger password."),
|
||||
MessageBox::ContinueWithWeakPass | MessageBox::Cancel,
|
||||
MessageBox::Cancel);
|
||||
|
||||
if (dialogResult == MessageBox::Cancel) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (!addToCompositeKey(m_keyFileEditWidget, newKey, oldFileKey)) {
|
||||
@ -244,11 +247,16 @@ bool DatabaseSettingsWidgetDatabaseKey::save()
|
||||
m_db->markAsModified();
|
||||
}
|
||||
|
||||
// Reset fields
|
||||
initialize();
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
void DatabaseSettingsWidgetDatabaseKey::discard()
|
||||
{
|
||||
// Reset fields
|
||||
initialize();
|
||||
emit editFinished(false);
|
||||
}
|
||||
|
||||
|
@ -1499,12 +1499,20 @@ void TestGui::testDatabaseSettings()
|
||||
passwordWidgets[0]->setText("b");
|
||||
passwordWidgets[1]->setText("b");
|
||||
|
||||
// Cancel password change
|
||||
// Toggle between tabs to ensure the password remains
|
||||
securityTabWidget->setCurrentIndex(1);
|
||||
QApplication::processEvents();
|
||||
securityTabWidget->setCurrentIndex(0);
|
||||
QApplication::processEvents();
|
||||
QCOMPARE(passwordWidgets[0]->text(), QString("b"));
|
||||
|
||||
// Cancel password change and confirm password is cleared
|
||||
auto cancelPasswordButton = passwordEditWidget->findChild<QPushButton*>("cancelButton");
|
||||
QVERIFY(cancelPasswordButton);
|
||||
QTest::mouseClick(cancelPasswordButton, Qt::LeftButton);
|
||||
QApplication::processEvents();
|
||||
QVERIFY(!passwordWidgets[0]->isVisible());
|
||||
QCOMPARE(passwordWidgets[0]->text(), QString(""));
|
||||
QVERIFY(editPasswordButton->isVisible());
|
||||
|
||||
// Switch to encryption tab and interact with various settings
|
||||
|
Loading…
x
Reference in New Issue
Block a user