tdf#97694 Add test for macro signature preservation in Base

Conflicts:
dbaccess/source/core/dataaccess/ModelImpl.cxx

Change-Id: I35fb8d499eed66f9a5e208a4778a1f0f12637079
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/93630
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/112638
Tested-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>

4 files changed, 135 insertions, 4 deletions

diff --git a/dbaccess/source/core/dataaccess/ModelImpl.cxx b/dbaccess/source/core/dataaccess/ModelImpl.cxx
index d5c3b9b3e086..21e45033ea4f 100644
--- a/dbaccess/source/core/dataaccess/ModelImpl.cxx
+++ b/dbaccess/source/core/dataaccess/ModelImpl.cxx
@@ -856,14 +856,17 @@ bool ODatabaseModelImpl::commitStorageIfWriteable_ignoreErrors( const Reference<
     aTempFile.EnableKillingFile();
     OUString m_sTmpFileUrl = aTempFile.GetURL();
     SignatureState aSignatureState = getScriptingSignatureState();
-    if (aSignatureState == SignatureState::OK
-        || aSignatureState == SignatureState::NOTVALIDATED
-        || aSignatureState == SignatureState::INVALID)
+    OUString sLocation = getDocFileLocation();
+    bool bIsEmbedded = sLocation.startsWith("vnd.sun.star.pkg:") && sLocation.endsWith("/EmbeddedDatabase");
+    if (!bIsEmbedded && !sLocation.isEmpty()
+        && (aSignatureState == SignatureState::OK || aSignatureState == SignatureState::NOTVALIDATED
+            || aSignatureState == SignatureState::INVALID
+            || aSignatureState == SignatureState::UNKNOWN))
     {
         bTryToPreserveScriptSignature = true;
         // We need to first save the file (which removes the macro signature), then add the macro signature again.
         // For that, we need a temporary copy of the original file.
-        osl::File::RC rc = osl::File::copy(getDocFileLocation(), m_sTmpFileUrl);
+        osl::File::RC rc = osl::File::copy(sLocation, m_sTmpFileUrl);
         if (rc != osl::FileBase::E_None)
             throw uno::RuntimeException("Could not create temp file");
     }
diff --git a/xmlsecurity/CppunitTest_xmlsecurity_signing.mk b/xmlsecurity/CppunitTest_xmlsecurity_signing.mk
index 84e7a76c043b..7d0c5200ff27 100644
--- a/xmlsecurity/CppunitTest_xmlsecurity_signing.mk
+++ b/xmlsecurity/CppunitTest_xmlsecurity_signing.mk
@@ -13,6 +13,7 @@ $(eval $(call gb_CppunitTest_CppunitTest,xmlsecurity_signing))
 
 $(eval $(call gb_CppunitTest_add_exception_objects,xmlsecurity_signing, \
 	xmlsecurity/qa/unit/signing/signing \
+	xmlsecurity/qa/unit/signing/signing2 \
 ))
 
 $(eval $(call gb_CppunitTest_use_libraries,xmlsecurity_signing, \
diff --git a/xmlsecurity/qa/unit/signing/data/odb_signed_macros.odb b/xmlsecurity/qa/unit/signing/data/odb_signed_macros.odb
new file mode 100644
index 000000000000..3e90f4514599
--- /dev/null
+++ b/xmlsecurity/qa/unit/signing/data/odb_signed_macros.odb
diff --git a/xmlsecurity/qa/unit/signing/signing2.cxx b/xmlsecurity/qa/unit/signing/signing2.cxx
new file mode 100644
index 000000000000..152d62a18974
--- /dev/null
+++ b/xmlsecurity/qa/unit/signing/signing2.cxx
@@ -0,0 +1,127 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+#include <sal/config.h>
+
+#include <test/bootstrapfixture.hxx>
+#include <unotest/macros_test.hxx>
+#include <test/xmltesttools.hxx>
+
+#include <com/sun/star/embed/XStorage.hpp>
+#include <com/sun/star/frame/Desktop.hpp>
+#include <com/sun/star/frame/XStorable.hpp>
+#include <com/sun/star/xml/crypto/SEInitializer.hpp>
+
+#include <comphelper/processfactory.hxx>
+#include <comphelper/propertysequence.hxx>
+#include <unotools/tempfile.hxx>
+#include <unotools/ucbstreamhelper.hxx>
+#include <comphelper/storagehelper.hxx>
+#include <osl/file.hxx>
+#include <osl/process.h>
+#include <osl/thread.hxx>
+
+using namespace css;
+
+namespace
+{
+char const DATA_DIRECTORY[] = "/xmlsecurity/qa/unit/signing/data/";
+}
+
+/// Testsuite for the document signing feature.
+class SigningTest2 : public test::BootstrapFixture, public unotest::MacrosTest, public XmlTestTools
+{
+protected:
+    uno::Reference<uno::XComponentContext> mxComponentContext;
+    uno::Reference<lang::XComponent> mxComponent;
+    uno::Reference<xml::crypto::XSEInitializer> mxSEInitializer;
+    uno::Reference<xml::crypto::XXMLSecurityContext> mxSecurityContext;
+
+public:
+    SigningTest2();
+    virtual void setUp() override;
+    virtual void tearDown() override;
+    void registerNamespaces(xmlXPathContextPtr& pXmlXpathCtx) override;
+};
+
+SigningTest2::SigningTest2() {}
+
+void SigningTest2::setUp()
+{
+    test::BootstrapFixture::setUp();
+
+    // Initialize crypto after setting up the environment variables.
+    mxComponentContext.set(comphelper::getComponentContext(getMultiServiceFactory()));
+    mxDesktop.set(frame::Desktop::create(mxComponentContext));
+}
+
+void SigningTest2::tearDown()
+{
+    if (mxComponent.is())
+        mxComponent->dispose();
+
+    test::BootstrapFixture::tearDown();
+}
+
+/// Test if a macro signature from a ODF Database is preserved when saving
+CPPUNIT_TEST_FIXTURE(SigningTest2, testPreserveMacroSignatureODB)
+{
+    const OUString aURL(m_directories.getURLFromSrc(DATA_DIRECTORY) + "odb_signed_macros.odb");
+    const OUString sLoadMessage = "loading failed: " + aURL;
+
+    // load the file
+    if (mxComponent.is())
+        mxComponent->dispose();
+    mxComponent = loadFromDesktop(aURL, "com.sun.star.sdb.OfficeDatabaseDocument");
+    CPPUNIT_ASSERT_MESSAGE(OUStringToOString(sLoadMessage, RTL_TEXTENCODING_UTF8).getStr(),
+                           mxComponent.is());
+
+    // save as ODB
+    utl::TempFile aTempFileSaveAsODB;
+    aTempFileSaveAsODB.EnableKillingFile();
+    try
+    {
+        uno::Reference<frame::XStorable> xDocStorable(mxComponent, uno::UNO_QUERY);
+        uno::Sequence<beans::PropertyValue> descSaveAs(comphelper::InitPropertySequence(
+            { { "FilterName", uno::Any(OUString("StarOffice XML (Base)")) } }));
+        xDocStorable->storeAsURL(aTempFileSaveAsODB.GetURL(), descSaveAs);
+    }
+    catch (...)
+    {
+        CPPUNIT_FAIL("Failed to save ODB file");
+    }
+
+    // Parse the resulting XML.
+    uno::Reference<embed::XStorage> xStorage
+        = comphelper::OStorageHelper::GetStorageOfFormatFromURL(
+            ZIP_STORAGE_FORMAT_STRING, aTempFileSaveAsODB.GetURL(), embed::ElementModes::READ);
+    CPPUNIT_ASSERT(xStorage.is());
+    uno::Reference<embed::XStorage> xMetaInf
+        = xStorage->openStorageElement("META-INF", embed::ElementModes::READ);
+    uno::Reference<io::XInputStream> xInputStream(
+        xMetaInf->openStreamElement("macrosignatures.xml", embed::ElementModes::READ),
+        uno::UNO_QUERY);
+    std::unique_ptr<SvStream> pStream(utl::UcbStreamHelper::CreateStream(xInputStream, true));
+    xmlDocPtr pXmlDoc = parseXmlStream(pStream.get());
+
+    // Make sure the signature is still there
+    assertXPath(pXmlDoc, "//dsig:Signature", "Id",
+                "ID_00a7002f009000bc00ce00f7004400460080002f002e00e400e0003700df00e8");
+}
+
+void SigningTest2::registerNamespaces(xmlXPathContextPtr& pXmlXpathCtx)
+{
+    xmlXPathRegisterNs(pXmlXpathCtx, BAD_CAST("odfds"),
+                       BAD_CAST("urn:oasis:names:tc:opendocument:xmlns:digitalsignature:1.0"));
+    xmlXPathRegisterNs(pXmlXpathCtx, BAD_CAST("dsig"),
+                       BAD_CAST("http://www.w3.org/2000/09/xmldsig#"));
+    xmlXPathRegisterNs(pXmlXpathCtx, BAD_CAST("xd"), BAD_CAST("http://uri.etsi.org/01903/v1.3.2#"));
+}
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */