diff options
author | Jan-Marek Glogowski <jan-marek.glogowski@extern.cib.de> | 2019-12-10 18:42:40 +0100 |
---|---|---|
committer | Thorsten Behrens <Thorsten.Behrens@CIB.de> | 2020-01-21 13:31:54 +0100 |
commit | 17f13bbe9794bb2e2351fe58c3b8c53947fa6308 (patch) | |
tree | 93d92c003fbbce984aea352e09b28c5e185f77b1 /sfx2 | |
parent | e2914435983f2eb3347195199b063a17dc9438d6 (diff) |
tdf#129311 don't allow temporary trusted certs
This simply skips the DocumentMacroConfirmationRequest, if the
macro security level (MSL) is *High* and the list of trusted
authors is read-only. For the MSL *Medium*, the check box of
the dialog is hidden with read-only trusted authors.
Change-Id: If6c08e4fdbf200e778d181370cc73fd947cecff5
Reviewed-on: https://gerrit.libreoffice.org/84887
Tested-by: Jenkins
Reviewed-by: Jan-Marek Glogowski <glogow@fbihome.de>
(cherry picked from commit 71c6f438cecc3ce5e8060efe1df840652885701c)
Reviewed-on: https://gerrit.libreoffice.org/85299
(cherry picked from commit 9cdb97cd93e60a0faf0a531949d94cff79e1aab9)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/85757
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Diffstat (limited to 'sfx2')
-rw-r--r-- | sfx2/source/doc/docmacromode.cxx | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx index 6e01b925d514..dc84f4e58598 100644 --- a/sfx2/source/doc/docmacromode.cxx +++ b/sfx2/source/doc/docmacromode.cxx @@ -223,11 +223,17 @@ namespace sfx2 if ( nMacroExecutionMode != MacroExecMode::FROM_LIST ) { // the trusted macro check will also retrieve the signature state ( small optimization ) - bool bHasTrustedMacroSignature = m_xData->m_rDocumentAccess.hasTrustedScriptingSignature( nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN ); + const SvtSecurityOptions aSecOption; + const bool bAllowUIToAddAuthor = nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN + && (nMacroExecutionMode == MacroExecMode::ALWAYS_EXECUTE + || !aSecOption.IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors)); + const bool bHasTrustedMacroSignature = m_xData->m_rDocumentAccess.hasTrustedScriptingSignature(bAllowUIToAddAuthor); SignatureState nSignatureState = m_xData->m_rDocumentAccess.getScriptingSignatureState(); if ( nSignatureState == SignatureState::BROKEN ) { + if (!bAllowUIToAddAuthor) + lcl_showDocumentMacrosDisabledError(rxInteraction, m_xData->m_bDocMacroDisabledMessageShown); return disallowMacroExecution(); } else if ( bHasTrustedMacroSignature ) @@ -239,6 +245,8 @@ namespace sfx2 || nSignatureState == SignatureState::NOTVALIDATED ) { // there is valid signature, but it is not from the trusted author + if (!bAllowUIToAddAuthor) + lcl_showDocumentMacrosDisabledError(rxInteraction, m_xData->m_bDocMacroDisabledMessageShown); return disallowMacroExecution(); } } |