diff options
39 files changed, 437 insertions, 1109 deletions
diff --git a/avmedia/source/viewer/mediawindow_impl.cxx b/avmedia/source/viewer/mediawindow_impl.cxx index ea15b6413e2a..affc0ff63611 100644 --- a/avmedia/source/viewer/mediawindow_impl.cxx +++ b/avmedia/source/viewer/mediawindow_impl.cxx @@ -175,7 +175,7 @@ uno::Reference<media::XPlayer> MediaWindowImpl::createPlayer(const OUString& rUR if( rURL.isEmpty() ) return xPlayer; - if (SvtSecurityOptions().isUntrustedReferer(rReferer)) + if (SvtSecurityOptions::isUntrustedReferer(rReferer)) { return xPlayer; } diff --git a/cui/source/options/optinet2.cxx b/cui/source/options/optinet2.cxx index acb04b97d696..e01433516ff7 100644 --- a/cui/source/options/optinet2.cxx +++ b/cui/source/options/optinet2.cxx @@ -475,7 +475,6 @@ IMPL_STATIC_LINK(SvxProxyTabPage, LoseFocusHdl_Impl, weld::Widget&, rControl, vo /********************************************************************/ SvxSecurityTabPage::SvxSecurityTabPage(weld::Container* pPage, weld::DialogController* pController, const SfxItemSet& rSet) : SfxTabPage(pPage, pController, "cui/ui/optsecuritypage.ui", "OptSecurityPage", &rSet) - , mpSecOptions(new SvtSecurityOptions) , m_xSecurityOptionsPB(m_xBuilder->weld_button("options")) , m_xSavePasswordsCB(m_xBuilder->weld_check_button("savepassword")) , m_xShowConnectionsPB(m_xBuilder->weld_button("connections")) @@ -523,7 +522,7 @@ SvxSecurityTabPage::~SvxSecurityTabPage() IMPL_LINK_NOARG(SvxSecurityTabPage, SecurityOptionsHdl, weld::Button&, void) { if (!m_xSecOptDlg) - m_xSecOptDlg.reset(new svx::SecurityOptionsDialog(GetFrameWeld(), mpSecOptions.get())); + m_xSecOptDlg.reset(new svx::SecurityOptionsDialog(GetFrameWeld())); m_xSecOptDlg->run(); } @@ -766,15 +765,15 @@ DeactivateRC SvxSecurityTabPage::DeactivatePage( SfxItemSet* _pSet ) namespace { - bool CheckAndSave( SvtSecurityOptions& _rOpt, SvtSecurityOptions::EOption _eOpt, const bool _bIsChecked, bool& _rModified ) + bool CheckAndSave( SvtSecurityOptions::EOption _eOpt, const bool _bIsChecked, bool& _rModified ) { bool bModified = false; - if ( _rOpt.IsOptionEnabled( _eOpt ) ) + if ( !SvtSecurityOptions::IsReadOnly( _eOpt ) ) { - bModified = _rOpt.IsOptionSet( _eOpt ) != _bIsChecked; + bModified = SvtSecurityOptions::IsOptionSet( _eOpt ) != _bIsChecked; if ( bModified ) { - _rOpt.SetOption( _eOpt, _bIsChecked ); + SvtSecurityOptions::SetOption( _eOpt, _bIsChecked ); _rModified = true; } } @@ -789,14 +788,14 @@ bool SvxSecurityTabPage::FillItemSet( SfxItemSet* ) if (m_xSecOptDlg) { - CheckAndSave( *mpSecOptions, SvtSecurityOptions::EOption::DocWarnSaveOrSend, m_xSecOptDlg->IsSaveOrSendDocsChecked(), bModified ); - CheckAndSave( *mpSecOptions, SvtSecurityOptions::EOption::DocWarnSigning, m_xSecOptDlg->IsSignDocsChecked(), bModified ); - CheckAndSave( *mpSecOptions, SvtSecurityOptions::EOption::DocWarnPrint, m_xSecOptDlg->IsPrintDocsChecked(), bModified ); - CheckAndSave( *mpSecOptions, SvtSecurityOptions::EOption::DocWarnCreatePdf, m_xSecOptDlg->IsCreatePdfChecked(), bModified ); - CheckAndSave( *mpSecOptions, SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo, m_xSecOptDlg->IsRemovePersInfoChecked(), bModified ); - CheckAndSave( *mpSecOptions, SvtSecurityOptions::EOption::DocWarnRecommendPassword, m_xSecOptDlg->IsRecommPasswdChecked(), bModified ); - CheckAndSave( *mpSecOptions, SvtSecurityOptions::EOption::CtrlClickHyperlink, m_xSecOptDlg->IsCtrlHyperlinkChecked(), bModified ); - CheckAndSave( *mpSecOptions, SvtSecurityOptions::EOption::BlockUntrustedRefererLinks, m_xSecOptDlg->IsBlockUntrustedRefererLinksChecked(), bModified ); + CheckAndSave( SvtSecurityOptions::EOption::DocWarnSaveOrSend, m_xSecOptDlg->IsSaveOrSendDocsChecked(), bModified ); + CheckAndSave( SvtSecurityOptions::EOption::DocWarnSigning, m_xSecOptDlg->IsSignDocsChecked(), bModified ); + CheckAndSave( SvtSecurityOptions::EOption::DocWarnPrint, m_xSecOptDlg->IsPrintDocsChecked(), bModified ); + CheckAndSave( SvtSecurityOptions::EOption::DocWarnCreatePdf, m_xSecOptDlg->IsCreatePdfChecked(), bModified ); + CheckAndSave( SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo, m_xSecOptDlg->IsRemovePersInfoChecked(), bModified ); + CheckAndSave( SvtSecurityOptions::EOption::DocWarnRecommendPassword, m_xSecOptDlg->IsRecommPasswdChecked(), bModified ); + CheckAndSave( SvtSecurityOptions::EOption::CtrlClickHyperlink, m_xSecOptDlg->IsCtrlHyperlinkChecked(), bModified ); + CheckAndSave( SvtSecurityOptions::EOption::BlockUntrustedRefererLinks, m_xSecOptDlg->IsBlockUntrustedRefererLinksChecked(), bModified ); } return bModified; diff --git a/cui/source/options/optinet2.hxx b/cui/source/options/optinet2.hxx index 6b4ca975199a..4d03d2d04337 100644 --- a/cui/source/options/optinet2.hxx +++ b/cui/source/options/optinet2.hxx @@ -74,12 +74,10 @@ public: // class SvxSecurityTabPage --------------------------------------------- -class SvtSecurityOptions; class CertPathDialog; class SvxSecurityTabPage : public SfxTabPage { private: - std::unique_ptr<SvtSecurityOptions> mpSecOptions; std::unique_ptr<svx::SecurityOptionsDialog> m_xSecOptDlg; std::unique_ptr<CertPathDialog> mpCertPathDlg; diff --git a/cui/source/options/securityoptions.cxx b/cui/source/options/securityoptions.cxx index 202128b99860..f5c94edf1029 100644 --- a/cui/source/options/securityoptions.cxx +++ b/cui/source/options/securityoptions.cxx @@ -23,14 +23,13 @@ namespace { - bool enableAndSet(const SvtSecurityOptions& rOptions, - SvtSecurityOptions::EOption eOption, + bool enableAndSet(SvtSecurityOptions::EOption eOption, weld::CheckButton& rCheckBox, weld::Widget& rFixedImage) { - bool bEnable = rOptions.IsOptionEnabled(eOption); + bool bEnable = !SvtSecurityOptions::IsReadOnly(eOption); rCheckBox.set_sensitive(bEnable); rFixedImage.set_visible(!bEnable); - rCheckBox.set_active(rOptions.IsOptionSet(eOption)); + rCheckBox.set_active(SvtSecurityOptions::IsOptionSet(eOption)); return bEnable; } } @@ -38,7 +37,7 @@ namespace namespace svx { -SecurityOptionsDialog::SecurityOptionsDialog(weld::Window* pParent, SvtSecurityOptions const * pOptions) +SecurityOptionsDialog::SecurityOptionsDialog(weld::Window* pParent) : GenericDialogController(pParent, "cui/ui/securityoptionsdialog.ui", "SecurityOptionsDialog") , m_xSaveOrSendDocsCB(m_xBuilder->weld_check_button("savesenddocs")) , m_xSaveOrSendDocsImg(m_xBuilder->weld_widget("locksavesenddocs")) @@ -57,22 +56,21 @@ SecurityOptionsDialog::SecurityOptionsDialog(weld::Window* pParent, SvtSecurityO , m_xBlockUntrustedRefererLinksCB(m_xBuilder->weld_check_button("blockuntrusted")) , m_xBlockUntrustedRefererLinksImg(m_xBuilder->weld_widget("lockblockuntrusted")) { - DBG_ASSERT( pOptions, "SecurityOptionsDialog::SecurityOptionsDialog(): invalid SvtSecurityOptions" ); - enableAndSet(*pOptions, SvtSecurityOptions::EOption::DocWarnSaveOrSend, *m_xSaveOrSendDocsCB, + enableAndSet(SvtSecurityOptions::EOption::DocWarnSaveOrSend, *m_xSaveOrSendDocsCB, *m_xSaveOrSendDocsImg); - enableAndSet(*pOptions, SvtSecurityOptions::EOption::DocWarnSigning, *m_xSignDocsCB, + enableAndSet(SvtSecurityOptions::EOption::DocWarnSigning, *m_xSignDocsCB, *m_xSignDocsImg); - enableAndSet(*pOptions, SvtSecurityOptions::EOption::DocWarnPrint, *m_xPrintDocsCB, + enableAndSet(SvtSecurityOptions::EOption::DocWarnPrint, *m_xPrintDocsCB, *m_xPrintDocsImg); - enableAndSet(*pOptions, SvtSecurityOptions::EOption::DocWarnCreatePdf, *m_xCreatePdfCB, + enableAndSet(SvtSecurityOptions::EOption::DocWarnCreatePdf, *m_xCreatePdfCB, *m_xCreatePdfImg); - enableAndSet(*pOptions, SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo, *m_xRemovePersInfoCB, + enableAndSet(SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo, *m_xRemovePersInfoCB, *m_xRemovePersInfoImg); - enableAndSet(*pOptions, SvtSecurityOptions::EOption::DocWarnRecommendPassword, *m_xRecommPasswdCB, + enableAndSet(SvtSecurityOptions::EOption::DocWarnRecommendPassword, *m_xRecommPasswdCB, *m_xRecommPasswdImg); - enableAndSet(*pOptions, SvtSecurityOptions::EOption::CtrlClickHyperlink, *m_xCtrlHyperlinkCB, + enableAndSet(SvtSecurityOptions::EOption::CtrlClickHyperlink, *m_xCtrlHyperlinkCB, *m_xCtrlHyperlinkImg); - enableAndSet(*pOptions, SvtSecurityOptions::EOption::BlockUntrustedRefererLinks, *m_xBlockUntrustedRefererLinksCB, + enableAndSet(SvtSecurityOptions::EOption::BlockUntrustedRefererLinks, *m_xBlockUntrustedRefererLinksCB, *m_xBlockUntrustedRefererLinksImg); } diff --git a/cui/source/options/securityoptions.hxx b/cui/source/options/securityoptions.hxx index d5ed7b01ac25..dc05f5bb8150 100644 --- a/cui/source/options/securityoptions.hxx +++ b/cui/source/options/securityoptions.hxx @@ -20,8 +20,6 @@ #include <vcl/weld.hxx> -class SvtSecurityOptions; - namespace svx { @@ -47,7 +45,7 @@ namespace svx std::unique_ptr<weld::Widget> m_xBlockUntrustedRefererLinksImg; public: - SecurityOptionsDialog(weld::Window* pParent, SvtSecurityOptions const * pOptions); + SecurityOptionsDialog(weld::Window* pParent); bool IsSaveOrSendDocsChecked() const { return m_xSaveOrSendDocsCB->get_active(); } bool IsSignDocsChecked() const { return m_xSignDocsCB->get_active(); } diff --git a/desktop/source/lib/init.cxx b/desktop/source/lib/init.cxx index 86f66d2aa225..c9778d2b0f81 100644 --- a/desktop/source/lib/init.cxx +++ b/desktop/source/lib/init.cxx @@ -2314,7 +2314,7 @@ static LibreOfficeKitDocument* lo_documentLoadWithOptions(LibreOfficeKit* pThis, if (aFormatter.IsNumberFormat(aMacroSecurityLevel, nFormat, nNumber)) nMacroSecurityLevel = static_cast<int>(nNumber); } - SvtSecurityOptions().SetMacroSecurityLevel(nMacroSecurityLevel); + SvtSecurityOptions::SetMacroSecurityLevel(nMacroSecurityLevel); #if defined(ANDROID) && HAVE_FEATURE_ANDROID_LOK sal_Int16 nMacroExecMode = document::MacroExecMode::USE_CONFIG; diff --git a/editeng/source/editeng/impedit2.cxx b/editeng/source/editeng/impedit2.cxx index e89c1258bc33..e31585816e13 100644 --- a/editeng/source/editeng/impedit2.cxx +++ b/editeng/source/editeng/impedit2.cxx @@ -615,10 +615,9 @@ bool ImpEditEngine::MouseButtonUp( const MouseEvent& rMEvt, EditView* pView ) // tdf#121039 When in edit mode, editeng is responsible for opening the URL on mouse click if (auto pUrlField = dynamic_cast<const SvxURLField*>(pFld->GetField())) { - SvtSecurityOptions aSecOpt; bool bCtrlClickHappened = rMEvt.IsMod1(); bool bCtrlClickSecOption - = aSecOpt.IsOptionSet(SvtSecurityOptions::EOption::CtrlClickHyperlink); + = SvtSecurityOptions::IsOptionSet(SvtSecurityOptions::EOption::CtrlClickHyperlink); if ((bCtrlClickHappened && bCtrlClickSecOption) || (!bCtrlClickHappened && !bCtrlClickSecOption)) { diff --git a/editeng/source/items/frmitems.cxx b/editeng/source/items/frmitems.cxx index d8e82beb40b9..7027ae7c2914 100644 --- a/editeng/source/items/frmitems.cxx +++ b/editeng/source/items/frmitems.cxx @@ -72,6 +72,7 @@ #include <o3tl/enumrange.hxx> #include <o3tl/safeint.hxx> #include <vcl/GraphicLoader.hxx> +#include <unotools/securityoptions.hxx> #include <boost/property_tree/ptree.hpp> @@ -3174,7 +3175,7 @@ const GraphicObject* SvxBrushItem::GetGraphicObject(OUString const & referer) co if (bLoadAgain && !maStrLink.isEmpty() && !xGraphicObject) // when graphics already loaded, use as a cache { - if (maSecOptions.isUntrustedReferer(referer)) { + if (SvtSecurityOptions::isUntrustedReferer(referer)) { return nullptr; } diff --git a/include/editeng/brushitem.hxx b/include/editeng/brushitem.hxx index ab93873740a8..036463c85079 100644 --- a/include/editeng/brushitem.hxx +++ b/include/editeng/brushitem.hxx @@ -21,7 +21,6 @@ #include <tools/color.hxx> #include <svl/poolitem.hxx> -#include <unotools/securityoptions.hxx> #include <editeng/editengdllapi.h> #include <memory> @@ -48,7 +47,6 @@ class EDITENG_DLLPUBLIC SvxBrushItem final : public SfxPoolItem mutable std::unique_ptr<GraphicObject> xGraphicObject; sal_Int8 nGraphicTransparency; //contains a percentage value which is //copied to the GraphicObject when necessary - SvtSecurityOptions maSecOptions; OUString maStrLink; OUString maStrFilter; SvxGraphicPosition eGraphicPos; diff --git a/include/unotools/configitem.hxx b/include/unotools/configitem.hxx index 20612d401ab8..63bd38dce6b4 100644 --- a/include/unotools/configitem.hxx +++ b/include/unotools/configitem.hxx @@ -203,6 +203,11 @@ namespace utl const OUString& rNode, const css::uno::Sequence< css::beans::PropertyValue >& rValues, bool bAllLocales); + // change or add members to a set + static bool SetSetProperties( + css::uno::Reference<css::container::XHierarchicalNameAccess> const & xHierarchyAccess, + const OUString& rNode, + const css::uno::Sequence< css::beans::PropertyValue >& rValues); }; }//namespace utl #endif // INCLUDED_UNOTOOLS_CONFIGITEM_HXX diff --git a/include/unotools/itemholderbase.hxx b/include/unotools/itemholderbase.hxx index 0d7390e20537..6503e3285e3b 100644 --- a/include/unotools/itemholderbase.hxx +++ b/include/unotools/itemholderbase.hxx @@ -52,7 +52,6 @@ enum class EItem PathOptions , - SecurityOptions , SysLocaleOptions , // 2 UserOptions , // 2 diff --git a/include/unotools/securityoptions.hxx b/include/unotools/securityoptions.hxx index 944e6fba5a34..93363c48210f 100644 --- a/include/unotools/securityoptions.hxx +++ b/include/unotools/securityoptions.hxx @@ -16,28 +16,15 @@ * except in compliance with the License. You may obtain a copy of * the License at http://www.apache.org/licenses/LICENSE-2.0 . */ -#ifndef INCLUDED_UNOTOOLS_SECURITYOPTIONS_HXX -#define INCLUDED_UNOTOOLS_SECURITYOPTIONS_HXX +#pragma once #include <unotools/unotoolsdllapi.h> #include <sal/types.h> -#include <com/sun/star/uno/Sequence.h> #include <rtl/ustring.hxx> -#include <unotools/options.hxx> #include <memory> +#include <vector> #include <unordered_map> -namespace osl { class Mutex; } - -/*-************************************************************************************************************ - @short forward declaration to our private date container implementation - @descr We use these class as internal member to support small memory requirements. - You can create the container if it is necessary. The class which use these mechanism - is faster and smaller then a complete implementation! -*//*-*************************************************************************************************************/ - -class SvtSecurityOptions_Impl; - /*-************************************************************************************************************ @short collect information about security features @ATTENTION This class is partially threadsafe. @@ -45,72 +32,67 @@ class SvtSecurityOptions_Impl; @devstatus ready to use *//*-*************************************************************************************************************/ -class SAL_WARN_UNUSED UNOTOOLS_DLLPUBLIC SvtSecurityOptions final : public utl::detail::Options +namespace SvtSecurityOptions { - public: - - enum class EOption - { - SecureUrls, - DocWarnSaveOrSend, - DocWarnSigning, - DocWarnPrint, - DocWarnCreatePdf, - DocWarnRemovePersonalInfo, - DocWarnRecommendPassword, - MacroSecLevel, - MacroTrustedAuthors, - CtrlClickHyperlink, - BlockUntrustedRefererLinks - }; - - struct Certificate + enum class EOption + { + SecureUrls, + DocWarnSaveOrSend, + DocWarnSigning, + DocWarnPrint, + DocWarnCreatePdf, + DocWarnRemovePersonalInfo, + DocWarnRecommendPassword, + MacroSecLevel, + MacroTrustedAuthors, + CtrlClickHyperlink, + BlockUntrustedRefererLinks + }; + + struct Certificate + { + OUString SubjectName; + OUString SerialNumber; + OUString RawData; + + bool operator==(const Certificate& other) const { - OUString SubjectName; - OUString SerialNumber; - OUString RawData; - - bool operator==(const Certificate& other) const - { - return SubjectName == other.SubjectName && SerialNumber == other.SerialNumber && RawData == other.RawData; - } - }; - - public: - SvtSecurityOptions(); - virtual ~SvtSecurityOptions() override; - - /*-**************************************************************************************************** - @short returns readonly state - @descr It can be called to get information about the readonly state of a provided item. - @param "eOption", specify, which item is queried - @return <TRUE/> if item is readonly; <FALSE/> otherwise - - @onerror No error should occur! - *//*-*****************************************************************************************************/ - - bool IsReadOnly( EOption eOption ) const; - - /*-**************************************************************************************************** - @short interface methods to get and set value of config key "org.openoffice.Office.Common/Security/Scripting/SecureURL" - @descr These value displays the list of all trustworthy URLs. - zB.: file:/ => All scripts from the local file system including a LAN; - private:explorer => Scripts from the Explorer; - private:help => Scripts in the help system; - private:newmenu => Scripts that are executed by the commands File-New and AutoPilot; - private:schedule => Scripts of the scheduler; - private:searchfolder => Scripts of the searchfolder; - private:user => Scripts that are entered in the URL field. - @param "seqURLList", new values to set it in configuration. - @return The values which represent current state of internal variable. - - @onerror No error should occur! - *//*-*****************************************************************************************************/ - - css::uno::Sequence< OUString > GetSecureURLs( ) const; - void SetSecureURLs( const css::uno::Sequence< OUString >& seqURLList ); - - /*-**************************************************************************************************** + return SubjectName == other.SubjectName && SerialNumber == other.SerialNumber && RawData == other.RawData; + } + }; + + + /*-**************************************************************************************************** + @short returns readonly state + @descr It can be called to get information about the readonly state of a provided item. + @param "eOption", specify, which item is queried + @return <TRUE/> if item is readonly; <FALSE/> otherwise + + @onerror No error should occur! + *//*-*****************************************************************************************************/ + + UNOTOOLS_DLLPUBLIC bool IsReadOnly( EOption eOption ); + + /*-**************************************************************************************************** + @short interface methods to get and set value of config key "org.openoffice.Office.Common/Security/Scripting/SecureURL" + @descr These value displays the list of all trustworthy URLs. + zB.: file:/ => All scripts from the local file system including a LAN; + private:explorer => Scripts from the Explorer; + private:help => Scripts in the help system; + private:newmenu => Scripts that are executed by the commands File-New and AutoPilot; + private:schedule => Scripts of the scheduler; + private:searchfolder => Scripts of the searchfolder; + private:user => Scripts that are entered in the URL field. + @param "seqURLList", new values to set it in configuration. + @return The values which represent current state of internal variable. + + @onerror No error should occur! + *//*-*****************************************************************************************************/ + + UNOTOOLS_DLLPUBLIC std::vector< OUString > GetSecureURLs(); + UNOTOOLS_DLLPUBLIC void SetSecureURLs( const std::vector< OUString >& seqURLList ); + + /*-**************************************************************************************************** @short interface methods to get and set value of config key "org.openoffice.Office.Common/Security/Scripting/StarOfficeBasic" @descr These value determines how StarOffice Basic scripts should be handled. It exist 3 different modes: @@ -131,71 +113,46 @@ class SAL_WARN_UNUSED UNOTOOLS_DLLPUBLIC SvtSecurityOptions final : public utl:: @onerror No error should occur! *//*-*****************************************************************************************************/ - sal_Int32 GetMacroSecurityLevel ( ) const; - void SetMacroSecurityLevel ( sal_Int32 _nLevel ); - - bool IsMacroDisabled ( ) const; - - /** - Check whether the given uri is either no dangerous macro-execution - URI at all or else the given referer is a trusted source. - */ - bool isSecureMacroUri(OUString const & uri, OUString const & referer) - const; - - /** - Check whether the given referer URI is untrusted, and links - originating from it should not be accessed. - */ - bool isUntrustedReferer(OUString const & referer) const; + UNOTOOLS_DLLPUBLIC sal_Int32 GetMacroSecurityLevel(); + UNOTOOLS_DLLPUBLIC void SetMacroSecurityLevel( sal_Int32 _nLevel ); - /** - Check whether the given uri is a trusted location. - */ - bool isTrustedLocationUri(OUString const & uri) const; + UNOTOOLS_DLLPUBLIC bool IsMacroDisabled(); - bool isTrustedLocationUriForUpdatingLinks(OUString const & uri) const; + /** + Check whether the given uri is either no dangerous macro-execution + URI at all or else the given referer is a trusted source. + */ + UNOTOOLS_DLLPUBLIC bool isSecureMacroUri(OUString const & uri, OUString const & referer); - std::vector< Certificate > GetTrustedAuthors() const; - void SetTrustedAuthors( const std::vector< Certificate >& rAuthors ); + /** + Check whether the given referer URI is untrusted, and links + originating from it should not be accessed. + */ + UNOTOOLS_DLLPUBLIC bool isUntrustedReferer(OUString const & referer); - // for bool options only! - bool IsOptionSet ( EOption eOption ) const; - void SetOption ( EOption eOption, bool bValue ); - bool IsOptionEnabled ( EOption eOption ) const; + /** + Check whether the given uri is a trusted location. + */ + UNOTOOLS_DLLPUBLIC bool isTrustedLocationUri(OUString const & uri); - // private methods + UNOTOOLS_DLLPUBLIC bool isTrustedLocationUriForUpdatingLinks(OUString const & uri); - private: + UNOTOOLS_DLLPUBLIC std::vector< Certificate > GetTrustedAuthors(); + UNOTOOLS_DLLPUBLIC void SetTrustedAuthors( const std::vector< Certificate >& rAuthors ); - /*-**************************************************************************************************** - @short return a reference to a static mutex - @descr These class is partially threadsafe (for de-/initialization only). - All access methods aren't safe! - We create a static mutex only for one ime and use at different times. - @return A reference to a static mutex member. - *//*-*****************************************************************************************************/ - - UNOTOOLS_DLLPRIVATE static ::osl::Mutex& GetInitMutex(); - - // private member + // for bool options only! + UNOTOOLS_DLLPUBLIC bool IsOptionSet ( EOption eOption ); + UNOTOOLS_DLLPUBLIC void SetOption ( EOption eOption, bool bValue ); - private: - std::shared_ptr<SvtSecurityOptions_Impl> m_pImpl; - -}; // class SvtSecurityOptions +} // namespace SvtSecurityOptions // map personal info strings, e.g. authors to 1, 2, 3... for removing personal info -typedef ::std::unordered_map< OUString, size_t > SvtSecurityMapPersonalInfoType; -class UNOTOOLS_DLLPUBLIC SvtSecurityMapPersonalInfo final +class UNOTOOLS_DLLPUBLIC SvtSecurityMapPersonalInfo { - SvtSecurityMapPersonalInfoType aInfoIDs; - + std::unordered_map< OUString, size_t > aInfoIDs; public: size_t GetInfoID( const OUString sPersonalInfo ); }; -#endif // INCLUDED_UNOTOOLS_SECURITYOPTIONS_HXX - /* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/sc/source/core/data/global.cxx b/sc/source/core/data/global.cxx index d3a41340cfe3..8c18329ab67b 100644 --- a/sc/source/core/data/global.cxx +++ b/sc/source/core/data/global.cxx @@ -824,9 +824,8 @@ void ScGlobal::OpenURL(const OUString& rURL, const OUString& rTarget, bool bIgno bool ScGlobal::ShouldOpenURL() { - SvtSecurityOptions aSecOpt; bool bCtrlClickHappened = (nScClickMouseModifier & KEY_MOD1); - bool bCtrlClickSecOption = aSecOpt.IsOptionSet( SvtSecurityOptions::EOption::CtrlClickHyperlink ); + bool bCtrlClickSecOption = SvtSecurityOptions::IsOptionSet( SvtSecurityOptions::EOption::CtrlClickHyperlink ); if( bCtrlClickHappened && ! bCtrlClickSecOption ) { // return since ctrl+click happened when the diff --git a/sc/source/ui/docshell/docsh4.cxx b/sc/source/ui/docshell/docsh4.cxx index f3eca38a7da9..1f166eedfa19 100644 --- a/sc/source/ui/docshell/docsh4.cxx +++ b/sc/source/ui/docshell/docsh4.cxx @@ -168,10 +168,10 @@ ScLkUpdMode ScDocShell::GetLinkUpdateModeState() const nSet = LM_ALWAYS; if (nSet == LM_ALWAYS - && !(SvtSecurityOptions().isTrustedLocationUriForUpdatingLinks( + && !(SvtSecurityOptions::isTrustedLocationUriForUpdatingLinks( GetMedium() == nullptr ? OUString() : GetMedium()->GetName()) || (IsDocShared() - && SvtSecurityOptions().isTrustedLocationUriForUpdatingLinks( + && SvtSecurityOptions::isTrustedLocationUriForUpdatingLinks( GetSharedFileURL())))) { nSet = LM_ON_DEMAND; diff --git a/sd/source/ui/func/fusel.cxx b/sd/source/ui/func/fusel.cxx index 44cb043aa185..37f3c15fe604 100644 --- a/sd/source/ui/func/fusel.cxx +++ b/sd/source/ui/func/fusel.cxx @@ -113,10 +113,9 @@ FuSelection::~FuSelection() namespace { bool lcl_followHyperlinkAllowed(const MouseEvent& rMEvt) { - SvtSecurityOptions aSecOpt; - if (!rMEvt.IsMod1() && aSecOpt.IsOptionSet(SvtSecurityOptions::EOption::CtrlClickHyperlink)) + if (!rMEvt.IsMod1() && SvtSecurityOptions::IsOptionSet(SvtSecurityOptions::EOption::CtrlClickHyperlink)) return false; - if (rMEvt.IsMod1() && !aSecOpt.IsOptionSet(SvtSecurityOptions::EOption::CtrlClickHyperlink)) + if (rMEvt.IsMod1() && !SvtSecurityOptions::IsOptionSet(SvtSecurityOptions::EOption::CtrlClickHyperlink)) return false; return true; } diff --git a/sfx2/source/appl/appcfg.cxx b/sfx2/source/appl/appcfg.cxx index e2435ce2f43b..233a2bd46334 100644 --- a/sfx2/source/appl/appcfg.cxx +++ b/sfx2/source/appl/appcfg.cxx @@ -115,7 +115,6 @@ void SfxApplication::GetOptions( SfxItemSet& rSet ) SfxItemPool &rPool = GetPool(); const WhichRangesContainer& pRanges = rSet.GetRanges(); - SvtSecurityOptions aSecurityOptions; SvtMiscOptions aMiscOptions; for (auto const & pRange : pRanges) @@ -281,12 +280,11 @@ void SfxApplication::GetOptions( SfxItemSet& rSet ) case SID_SECURE_URL : { bRet = true; - if (!aSecurityOptions.IsReadOnly(SvtSecurityOptions::EOption::SecureUrls)) + if (!SvtSecurityOptions::IsReadOnly(SvtSecurityOptions::EOption::SecureUrls)) { - css::uno::Sequence< OUString > seqURLs = aSecurityOptions.GetSecureURLs(); - auto aList = comphelper::sequenceToContainer<std::vector<OUString>>(seqURLs); + std::vector< OUString > seqURLs = SvtSecurityOptions::GetSecureURLs(); - if( !rSet.Put( SfxStringListItem( rPool.GetWhich(SID_SECURE_URL), &aList ) ) ) + if( !rSet.Put( SfxStringListItem( rPool.GetWhich(SID_SECURE_URL), &seqURLs ) ) ) bRet = false; } } @@ -408,7 +406,6 @@ void SfxApplication::SetOptions_Impl( const SfxItemSet& rSet ) const SfxPoolItem *pItem = nullptr; SfxItemPool &rPool = GetPool(); - SvtSecurityOptions aSecurityOptions; SvtMiscOptions aMiscOptions; std::shared_ptr< comphelper::ConfigurationChanges > batch( comphelper::ConfigurationChanges::create()); @@ -644,9 +641,7 @@ void SfxApplication::SetOptions_Impl( const SfxItemSet& rSet ) if ( SfxItemState::SET == rSet.GetItemState(SID_SECURE_URL, true, &pItem)) { DBG_ASSERT(dynamic_cast< const SfxStringListItem *>( pItem ) != nullptr, "StringListItem expected"); - css::uno::Sequence< OUString > seqURLs; - static_cast<const SfxStringListItem*>(pItem)->GetStringList(seqURLs); - aSecurityOptions.SetSecureURLs( seqURLs ); + SvtSecurityOptions::SetSecureURLs( static_cast<const SfxStringListItem*>(pItem)->GetList() ); } // Store changed data diff --git a/sfx2/source/appl/appopen.cxx b/sfx2/source/appl/appopen.cxx index f26b88a1b06c..15c47a31c0e5 100644 --- a/sfx2/source/appl/appopen.cxx +++ b/sfx2/source/appl/appopen.cxx @@ -927,7 +927,7 @@ void SfxApplication::OpenDocExec_Impl( SfxRequest& rReq ) } } - if (!SvtSecurityOptions().isSecureMacroUri(aFileName, aReferer)) + if (!SvtSecurityOptions::isSecureMacroUri(aFileName, aReferer)) { SfxErrorContext aCtx( ERRCTX_SFX_OPENDOC, aFileName ); ErrorHandler::HandleError( ERRCODE_IO_ACCESSDENIED ); diff --git a/sfx2/source/appl/linkmgr2.cxx b/sfx2/source/appl/linkmgr2.cxx index b567e63a7938..062450c3d0c3 100644 --- a/sfx2/source/appl/linkmgr2.cxx +++ b/sfx2/source/appl/linkmgr2.cxx @@ -525,7 +525,7 @@ bool LinkManager::GetGraphicFromAny(const OUString& rMimeType, sReferer = sh->GetMedium()->GetName(); OUString sURL = rValue.get<OUString>(); - if (!SvtSecurityOptions().isUntrustedReferer(sReferer)) + if (!SvtSecurityOptions::isUntrustedReferer(sReferer)) rGraphic = vcl::graphic::loadFromURL(sURL, pParentWin); if (rGraphic.IsNone()) rGraphic.SetDefaultType(); diff --git a/sfx2/source/appl/sfxhelp.cxx b/sfx2/source/appl/sfxhelp.cxx index b158062683e7..541352697fb0 100644 --- a/sfx2/source/appl/sfxhelp.cxx +++ b/sfx2/source/appl/sfxhelp.cxx @@ -667,8 +667,7 @@ OUString SfxHelp::GetHelpText(const OUString& aCommandURL, const weld::Widget* p OUString SfxHelp::GetURLHelpText(std::u16string_view aURL) { - SvtSecurityOptions aSecOpt; - bool bCtrlClickHlink = aSecOpt.IsOptionSet(SvtSecurityOptions::EOption::CtrlClickHyperlink); + bool bCtrlClickHlink = SvtSecurityOptions::IsOptionSet(SvtSecurityOptions::EOption::CtrlClickHyperlink); // "ctrl-click to follow link:" for not MacOS // "⌘-click to follow link:" for MacOs diff --git a/sfx2/source/dialog/filedlghelper.cxx b/sfx2/source/dialog/filedlghelper.cxx index 267801a16e80..82abdc7321a6 100644 --- a/sfx2/source/dialog/filedlghelper.cxx +++ b/sfx2/source/dialog/filedlghelper.cxx @@ -1446,9 +1446,8 @@ ErrCode FileDialogHelper_Impl::execute( std::vector<OUString>& rpURLList, if ( mbHasPassword && !mbPwdCheckBoxState ) { - SvtSecurityOptions aSecOpt; mbPwdCheckBoxState = ( - aSecOpt.IsOptionSet( SvtSecurityOptions::EOption::DocWarnRecommendPassword ) ); + SvtSecurityOptions::IsOptionSet( SvtSecurityOptions::EOption::DocWarnRecommendPassword ) ); } rpURLList.clear(); diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx index faf38e70748a..10630d0f3eae 100644 --- a/sfx2/source/doc/docmacromode.cxx +++ b/sfx2/source/doc/docmacromode.cxx @@ -147,7 +147,7 @@ namespace sfx2 { sal_uInt16 nMacroExecutionMode = m_xData->m_rDocumentAccess.getCurrentMacroExecMode(); - if ( SvtSecurityOptions().IsMacroDisabled() ) + if ( SvtSecurityOptions::IsMacroDisabled() ) { // no macro should be executed at all lcl_showMacrosDisabledError( rxInteraction, m_xData->m_bMacroDisabledMessageShown ); @@ -174,8 +174,7 @@ namespace sfx2 else if (nMacroExecutionMode == MacroExecMode::USE_CONFIG_APPROVE_CONFIRMATION) eAutoConfirm = eAutoConfirmApprove; - SvtSecurityOptions aOpt; - switch ( aOpt.GetMacroSecurityLevel() ) + switch ( SvtSecurityOptions::GetMacroSecurityLevel() ) { case 3: nMacroExecutionMode = MacroExecMode::FROM_LIST_NO_WARN; @@ -228,10 +227,9 @@ namespace sfx2 if ( nMacroExecutionMode != MacroExecMode::FROM_LIST ) { // the trusted macro check will also retrieve the signature state ( small optimization ) - const SvtSecurityOptions aSecOption; const bool bAllowUIToAddAuthor = nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN && (nMacroExecutionMode == MacroExecMode::ALWAYS_EXECUTE - || !aSecOption.IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors)); + || !SvtSecurityOptions::IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors)); const bool bHasTrustedMacroSignature = m_xData->m_rDocumentAccess.hasTrustedScriptingSignature(bAllowUIToAddAuthor); SignatureState nSignatureState = m_xData->m_rDocumentAccess.getScriptingSignatureState(); @@ -406,7 +404,7 @@ namespace sfx2 bool DocumentMacroMode::checkMacrosOnLoading( const Reference< XInteractionHandler >& rxInteraction, bool bHasValidContentSignature ) { bool bAllow = false; - if ( SvtSecurityOptions().IsMacroDisabled() ) + if ( SvtSecurityOptions::IsMacroDisabled() ) { // no macro should be executed at all bAllow = disallowMacroExecution(); diff --git a/sfx2/source/doc/objcont.cxx b/sfx2/source/doc/objcont.cxx index f7f69f595e85..b2c97ac5cd0a 100644 --- a/sfx2/source/doc/objcont.cxx +++ b/sfx2/source/doc/objcont.cxx @@ -209,7 +209,7 @@ void SfxObjectShell::UpdateDocInfoForSave() uno::Reference<document::XDocumentProperties> xDocProps(getDocProperties()); // clear user data if recommend (see 'Tools - Options - LibreOffice - Security') - if ( SvtSecurityOptions().IsOptionSet( + if ( SvtSecurityOptions::IsOptionSet( SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo ) ) { xDocProps->resetUserData( OUString() ); diff --git a/sfx2/source/doc/objstor.cxx b/sfx2/source/doc/objstor.cxx index 3f92ffdea7b8..75b77ef2cd2e 100644 --- a/sfx2/source/doc/objstor.cxx +++ b/sfx2/source/doc/objstor.cxx @@ -3059,7 +3059,7 @@ sal_Int16 SfxObjectShell::QueryHiddenInformation(HiddenWarningFact eFact, weld:: assert(false); // this cannot happen } - if ( SvtSecurityOptions().IsOptionSet( eOption ) ) + if ( SvtSecurityOptions::IsOptionSet( eOption ) ) { OUString sMessage( SfxResId(STR_HIDDENINFO_CONTAINS) ); HiddenInformation nWantedStates = HiddenInformation::RECORDEDCHANGES | HiddenInformation::NOTES; @@ -3718,7 +3718,7 @@ bool SfxObjectShell::QuerySaveSizeExceededModules_Impl( const uno::Reference< ta bool SfxObjectShell::QueryAllowExoticFormat_Impl( const uno::Reference< task::XInteractionHandler >& xHandler, const OUString& rURL, const OUString& rFilterUIName ) { - if ( SvtSecurityOptions().isTrustedLocationUri( rURL ) ) + if ( SvtSecurityOptions::isTrustedLocationUri( rURL ) ) { // Always load from trusted location return true; diff --git a/sw/source/core/doc/DocumentLinksAdministrationManager.cxx b/sw/source/core/doc/DocumentLinksAdministrationManager.cxx index 6b4687aa8982..76d982fa7c2b 100644 --- a/sw/source/core/doc/DocumentLinksAdministrationManager.cxx +++ b/sw/source/core/doc/DocumentLinksAdministrationManager.cxx @@ -225,7 +225,7 @@ void DocumentLinksAdministrationManager::UpdateLinks() if (nLinkMode == AUTOMATIC && !bAskUpdate) { SfxMedium * medium = m_rDoc.GetDocShell()->GetMedium(); - if (!SvtSecurityOptions().isTrustedLocationUriForUpdatingLinks( + if (!SvtSecurityOptions::isTrustedLocationUriForUpdatingLinks( medium == nullptr ? OUString() : medium->GetName())) { bAskUpdate = true; diff --git a/sw/source/filter/html/htmlgrin.cxx b/sw/source/filter/html/htmlgrin.cxx index 97bbfbb96642..86607b2a95c5 100644 --- a/sw/source/filter/html/htmlgrin.cxx +++ b/sw/source/filter/html/htmlgrin.cxx @@ -68,6 +68,7 @@ #include <vcl/graphicfilter.hxx> #include <tools/urlobj.hxx> +#include <unotools/securityoptions.hxx> using namespace ::com::sun::star; @@ -307,7 +308,7 @@ namespace { sReferer = sh->GetMedium()->GetName(); } - return !SvtSecurityOptions().isUntrustedReferer(sReferer); + return !SvtSecurityOptions::isUntrustedReferer(sReferer); } } diff --git a/sw/source/filter/ww8/docxattributeoutput.cxx b/sw/source/filter/ww8/docxattributeoutput.cxx index f5978957635c..514e42f0da99 100644 --- a/sw/source/filter/ww8/docxattributeoutput.cxx +++ b/sw/source/filter/ww8/docxattributeoutput.cxx @@ -3147,8 +3147,7 @@ void DocxAttributeOutput::Redline( const SwRedlineData* pRedlineData) if ( !pRedlineData ) return; - SvtSecurityOptions aSecOpt; - bool bRemovePersonalInfo = aSecOpt.IsOptionSet( + bool bRemovePersonalInfo = SvtSecurityOptions::IsOptionSet( SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo ); OString aId( OString::number( pRedlineData->GetSeqNo() ) ); @@ -3255,8 +3254,7 @@ void DocxAttributeOutput::StartRedline( const SwRedlineData * pRedlineData ) OString aId( OString::number( m_nRedlineId++ ) ); - SvtSecurityOptions aSecOpt; - bool bRemovePersonalInfo = aSecOpt.IsOptionSet( + bool bRemovePersonalInfo = SvtSecurityOptions::IsOptionSet( SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo ); const OUString &rAuthor( SW_MOD()->GetRedlineAuthor( pRedlineData->GetAuthor() ) ); @@ -4378,8 +4376,7 @@ void DocxAttributeOutput::TableRowRedline( ww8::WW8TableNodeInfoInner::Pointer_t const SvxPrintItem *pHasTextChangesOnlyProp = pTabLine->GetFrameFormat()->GetAttrSet().GetItem<SvxPrintItem>(RES_PRINT); - SvtSecurityOptions aSecOpt; - bool bRemovePersonalInfo = aSecOpt.IsOptionSet( + bool bRemovePersonalInfo = SvtSecurityOptions::IsOptionSet( SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo ); if ( !aRedlineTable.empty() && pHasTextChangesOnlyProp && !pHasTextChangesOnlyProp->GetValue() ) @@ -4486,8 +4483,7 @@ void DocxAttributeOutput::TableCellRedline( ww8::WW8TableNodeInfoInner::Pointer_ { const SwTableBox * pTabBox = pTableTextNodeInfoInner->getTableBox(); - SvtSecurityOptions aSecOpt; - bool bRemovePersonalInfo = aSecOpt.IsOptionSet( + bool bRemovePersonalInfo = SvtSecurityOptions::IsOptionSet( SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo ); // search next Redline @@ -8179,8 +8175,7 @@ void DocxAttributeOutput::WritePostitFieldReference() DocxAttributeOutput::hasResolved DocxAttributeOutput::WritePostitFields() { - SvtSecurityOptions aSecOpt; - bool bRemovePersonalInfo = aSecOpt.IsOptionSet( + bool bRemovePersonalInfo = SvtSecurityOptions::IsOptionSet( SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo ); hasResolved eResult = hasResolved::no; diff --git a/sw/source/uibase/docvw/SidebarTxtControl.cxx b/sw/source/uibase/docvw/SidebarTxtControl.cxx index 342f52086fc8..06aa389891b6 100644 --- a/sw/source/uibase/docvw/SidebarTxtControl.cxx +++ b/sw/source/uibase/docvw/SidebarTxtControl.cxx @@ -350,8 +350,7 @@ bool SidebarTextControl::MouseButtonDown(const MouseEvent& rMEvt) { if (EditView* pEditView = GetEditView()) { - SvtSecurityOptions aSecOpts; - bool bExecuteMod = aSecOpts.IsOptionSet( SvtSecurityOptions::EOption::CtrlClickHyperlink); + bool bExecuteMod = SvtSecurityOptions::IsOptionSet( SvtSecurityOptions::EOption::CtrlClickHyperlink); if ( !bExecuteMod || (rMEvt.GetModifier() == KEY_MOD1)) { diff --git a/sw/source/uibase/docvw/edtwin.cxx b/sw/source/uibase/docvw/edtwin.cxx index 37c07a7290b1..5a27274f380a 100644 --- a/sw/source/uibase/docvw/edtwin.cxx +++ b/sw/source/uibase/docvw/edtwin.cxx @@ -410,8 +410,7 @@ void SwEditWin::UpdatePointer(const Point &rLPt, sal_uInt16 nModifier ) bool bExecHyperlinks = m_rView.GetDocShell()->IsReadOnly(); if ( !bExecHyperlinks ) { - SvtSecurityOptions aSecOpts; - const bool bSecureOption = aSecOpts.IsOptionSet( SvtSecurityOptions::EOption::CtrlClickHyperlink ); + const bool bSecureOption = SvtSecurityOptions::IsOptionSet( SvtSecurityOptions::EOption::CtrlClickHyperlink ); if ( ( bSecureOption && nModifier == KEY_MOD1 ) || ( !bSecureOption && nModifier != KEY_MOD1 ) ) bExecHyperlinks = true; @@ -3127,8 +3126,7 @@ void SwEditWin::MouseButtonDown(const MouseEvent& _rMEvt) bool bExecHyperlinks = m_rView.GetDocShell()->IsReadOnly(); if ( !bExecHyperlinks ) { - SvtSecurityOptions aSecOpts; - const bool bSecureOption = aSecOpts.IsOptionSet( SvtSecurityOptions::EOption::CtrlClickHyperlink ); + const bool bSecureOption = SvtSecurityOptions::IsOptionSet( SvtSecurityOptions::EOption::CtrlClickHyperlink ); if ((bSecureOption && aMEvt.GetModifier() == KEY_MOD1) || (!bSecureOption && aMEvt.GetModifier() != KEY_MOD1)) bExecHyperlinks = true; @@ -4692,8 +4690,7 @@ void SwEditWin::MouseButtonUp(const MouseEvent& rMEvt) bool bExecHyperlinks = m_rView.GetDocShell()->IsReadOnly(); if ( !bExecHyperlinks ) { - SvtSecurityOptions aSecOpts; - const bool bSecureOption = aSecOpts.IsOptionSet( SvtSecurityOptions::EOption::CtrlClickHyperlink ); + const bool bSecureOption = SvtSecurityOptions::IsOptionSet( SvtSecurityOptions::EOption::CtrlClickHyperlink ); if ( ( bSecureOption && rMEvt.GetModifier() == KEY_MOD1 ) || ( !bSecureOption && rMEvt.GetModifier() != KEY_MOD1 ) ) bExecHyperlinks = true; diff --git a/unotools/source/config/configitem.cxx b/unotools/source/config/configitem.cxx index 28c4159e21ad..bb77ac3d40b1 100644 --- a/unotools/source/config/configitem.cxx +++ b/unotools/source/config/configitem.cxx @@ -846,95 +846,102 @@ bool ConfigItem::SetSetProperties( const OUString& rNode, const Sequence< PropertyValue >& rValues) { ValueCounter_Impl aCounter(m_nInValueChange); - bool bRet = true; Reference<XHierarchicalNameAccess> xHierarchyAccess = GetTree(); - if(xHierarchyAccess.is()) + if(!xHierarchyAccess.is()) + return true; + return SetSetProperties(xHierarchyAccess, rNode, rValues); +} + +// Add or change properties +bool ConfigItem::SetSetProperties( + css::uno::Reference<css::container::XHierarchicalNameAccess> const & xHierarchyAccess, + const OUString& rNode, const Sequence< PropertyValue >& rValues) +{ + bool bRet = true; + Reference<XChangesBatch> xBatch(xHierarchyAccess, UNO_QUERY); + try { - Reference<XChangesBatch> xBatch(xHierarchyAccess, UNO_QUERY); - try + Reference<XNameContainer> xCont; + if(!rNode.isEmpty()) { - Reference<XNameContainer> xCont; - if(!rNode.isEmpty()) - { - Any aNode = xHierarchyAccess->getByHierarchicalName(rNode); - aNode >>= xCont; - } - else - xCont.set(xHierarchyAccess, UNO_QUERY); - if(!xCont.is()) - return false; + Any aNode = xHierarchyAccess->getByHierarchicalName(rNode); + aNode >>= xCont; + } + else + xCont.set(xHierarchyAccess, UNO_QUERY); + if(!xCont.is()) + return false; - Reference<XSingleServiceFactory> xFac(xCont, UNO_QUERY); + Reference<XSingleServiceFactory> xFac(xCont, UNO_QUERY); - if(xFac.is()) - { - const Sequence< OUString > aSubNodeNames = lcl_extractSetPropertyNames(rValues, rNode); + if(xFac.is()) + { + const Sequence< OUString > aSubNodeNames = lcl_extractSetPropertyNames(rValues, rNode); - for(const auto& rSubNodeName : aSubNodeNames) - { - if(!xCont->hasByName(rSubNodeName)) - { - Reference<XInterface> xInst = xFac->createInstance(); - Any aVal; aVal <<= xInst; - xCont->insertByName(rSubNodeName, aVal); - } - //set values - } - try - { - xBatch->commitChanges(); - } - catch (css::uno::Exception &) + for(const auto& rSubNodeName : aSubNodeNames) + { + if(!xCont->hasByName(rSubNodeName)) { - TOOLS_WARN_EXCEPTION("unotools.config", "Exception from commitChanges()"); + Reference<XInterface> xInst = xFac->createInstance(); + Any aVal; aVal <<= xInst; + xCont->insertByName(rSubNodeName, aVal); } + //set values + } + try + { + xBatch->commitChanges(); + } + catch (css::uno::Exception &) + { + TOOLS_WARN_EXCEPTION("unotools.config", "Exception from commitChanges()"); + } - const PropertyValue* pProperties = rValues.getConstArray(); + const PropertyValue* pProperties = rValues.getConstArray(); - Sequence< OUString > aSetNames(rValues.getLength()); - OUString* pSetNames = aSetNames.getArray(); + Sequence< OUString > aSetNames(rValues.getLength()); + OUString* pSetNames = aSetNames.getArray(); - Sequence< Any> aSetValues(rValues.getLength()); - Any* pSetValues = aSetValues.getArray(); + Sequence< Any> aSetValues(rValues.getLength()); + Any* pSetValues = aSetValues.getArray(); - bool bEmptyNode = rNode.isEmpty(); - for(sal_Int32 k = 0; k < rValues.getLength(); k++) - { - pSetNames[k] = pProperties[k].Name.copy( bEmptyNode ? 1 : 0); - pSetValues[k] = pProperties[k].Value; - } - bRet = PutProperties(aSetNames, aSetValues); + bool bEmptyNode = rNode.isEmpty(); + for(sal_Int32 k = 0; k < rValues.getLength(); k++) + { + pSetNames[k] = pProperties[k].Name.copy( bEmptyNode ? 1 : 0); + pSetValues[k] = pProperties[k].Value; } - else + bRet = PutProperties(xHierarchyAccess, aSetNames, aSetValues, /*bAllLocales*/false); + } + else + { + //if no factory is available then the node contains basic data elements + for(const PropertyValue& rValue : rValues) { - //if no factory is available then the node contains basic data elements - for(const PropertyValue& rValue : rValues) + try { - try - { - OUString sSubNode = lcl_extractSetPropertyName( rValue.Name, rNode ); + OUString sSubNode = lcl_extractSetPropertyName( rValue.Name, rNode ); - if(xCont->hasByName(sSubNode)) - xCont->replaceByName(sSubNode, rValue.Value); - else - xCont->insertByName(sSubNode, rValue.Value); + if(xCont->hasByName(sSubNode)) + xCont->replaceByName(sSubNode, rValue.Value); + else + xCont->insertByName(sSubNode, rValue.Value); - OSL_ENSURE( xHierarchyAccess->hasByHierarchicalName(rValue.Name), - "Invalid config path" ); - } - catch (css::uno::Exception &) - { - TOOLS_WARN_EXCEPTION("unotools.config", "Exception from insert/replaceByName()"); - } + OSL_ENSURE( xHierarchyAccess->hasByHierarchicalName(rValue.Name), + "Invalid config path" ); + } + catch (css::uno::Exception &) + { + TOOLS_WARN_EXCEPTION("unotools.config", "Exception from insert/replaceByName()"); } - xBatch->commitChanges(); } + xBatch->commitChanges(); } - catch (const Exception&) - { - TOOLS_WARN_EXCEPTION("unotools.config", "Exception from SetSetProperties"); - bRet = false; - } + } + catch (const Exception&) + { + TOOLS_WARN_EXCEPTION("unotools.config", "Exception from SetSetProperties"); + bRet = false; } return bRet; } diff --git a/unotools/source/config/itemholder1.cxx b/unotools/source/config/itemholder1.cxx index cad18b90e2ed..7183ea2e12f9 100644 --- a/unotools/source/config/itemholder1.cxx +++ b/unotools/source/config/itemholder1.cxx @@ -149,10 +149,6 @@ void ItemHolder1::impl_newItem(TItemInfo& rItem) rItem.pItem.reset( new SvtPathOptions() ); break; - case EItem::SecurityOptions : - rItem.pItem.reset( new SvtSecurityOptions() ); - break; - case EItem::ViewOptionsDialog : rItem.pItem.reset( new SvtViewOptions(EViewType::Dialog, OUString()) ); break; diff --git a/unotools/source/config/securityoptions.cxx b/unotools/source/config/securityoptions.cxx index ff10bcb584b9..8414167e9af0 100644 --- a/unotools/source/config/securityoptions.cxx +++ b/unotools/source/config/securityoptions.cxx @@ -30,311 +30,169 @@ #include <tools/urlobj.hxx> #include <unotools/pathoptions.hxx> - -#include "itemholder1.hxx" +#include <officecfg/Office/Common.hxx> // namespaces -using namespace ::utl; -using namespace ::osl; using namespace ::com::sun::star::uno; -#define ROOTNODE_SECURITY "Office.Common/Security/Scripting" -#define DEFAULT_SECUREURL Sequence< OUString >() -#define DEFAULT_TRUSTEDAUTHORS std::vector< SvtSecurityOptions::Certificate >() - -#define PROPERTYNAME_SECUREURL u"SecureURL" -#define PROPERTYNAME_DOCWARN_SAVEORSEND u"WarnSaveOrSendDoc" -#define PROPERTYNAME_DOCWARN_SIGNING u"WarnSignDoc" -#define PROPERTYNAME_DOCWARN_PRINT u"WarnPrintDoc" -#define PROPERTYNAME_DOCWARN_CREATEPDF u"WarnCreatePDF" -#define PROPERTYNAME_DOCWARN_REMOVEPERSONALINFO u"RemovePersonalInfoOnSaving" -#define PROPERTYNAME_DOCWARN_RECOMMENDPASSWORD u"RecommendPasswordProtection" -#define PROPERTYNAME_CTRLCLICK_HYPERLINK u"HyperlinksWithCtrlClick" -#define PROPERTYNAME_BLOCKUNTRUSTEDREFERERLINKS u"BlockUntrustedRefererLinks" -#define PROPERTYNAME_MACRO_SECLEVEL u"MacroSecurityLevel" #define PROPERTYNAME_MACRO_TRUSTEDAUTHORS u"TrustedAuthors" -#define PROPERTYNAME_MACRO_DISABLE u"DisableMacrosExecution" #define PROPERTYNAME_TRUSTEDAUTHOR_SUBJECTNAME u"SubjectName" #define PROPERTYNAME_TRUSTEDAUTHOR_SERIALNUMBER u"SerialNumber" #define PROPERTYNAME_TRUSTEDAUTHOR_RAWDATA u"RawData" -#define PROPERTYHANDLE_SECUREURL 0 - -#define PROPERTYHANDLE_DOCWARN_SAVEORSEND 1 -#define PROPERTYHANDLE_DOCWARN_SIGNING 2 -#define PROPERTYHANDLE_DOCWARN_PRINT 3 -#define PROPERTYHANDLE_DOCWARN_CREATEPDF 4 -#define PROPERTYHANDLE_DOCWARN_REMOVEPERSONALINFO 5 -#define PROPERTYHANDLE_DOCWARN_RECOMMENDPASSWORD 6 -#define PROPERTYHANDLE_CTRLCLICK_HYPERLINK 7 -#define PROPERTYHANDLE_BLOCKUNTRUSTEDREFERERLINKS 8 -#define PROPERTYHANDLE_MACRO_SECLEVEL 9 -#define PROPERTYHANDLE_MACRO_TRUSTEDAUTHORS 10 -#define PROPERTYHANDLE_MACRO_DISABLE 11 - -#define PROPERTYHANDLE_INVALID -1 - -#define CFG_READONLY_DEFAULT false - -// private declarations! -class SvtSecurityOptions_Impl : public ConfigItem +namespace SvtSecurityOptions { - private: - virtual void ImplCommit() override; - - // public methods - - public: - - // constructor / destructor - - SvtSecurityOptions_Impl(); - virtual ~SvtSecurityOptions_Impl() override; - - // override methods of baseclass - - /*-**************************************************************************************************** - @short called for notify of configmanager - @descr This method is called from the ConfigManager before application ends or from the - PropertyChangeListener if the sub tree broadcasts changes. You must update your - internal values. - - @seealso baseclass ConfigItem - - @param "seqPropertyNames" is the list of properties which should be updated. - *//*-*****************************************************************************************************/ - - virtual void Notify( const Sequence< OUString >& seqPropertyNames ) override; - - // public interface - - bool IsReadOnly ( SvtSecurityOptions::EOption eOption ) const; - - const Sequence< OUString >& GetSecureURLs( ) const { return m_seqSecureURLs;} - void SetSecureURLs ( const Sequence< OUString >& seqURLList ); - inline sal_Int32 GetMacroSecurityLevel ( ) const; - void SetMacroSecurityLevel ( sal_Int32 _nLevel ); - - inline bool IsMacroDisabled ( ) const; - - const std::vector< SvtSecurityOptions::Certificate >& GetTrustedAuthors() const { return m_seqTrustedAuthors;} - void SetTrustedAuthors ( const std::vector< SvtSecurityOptions::Certificate >& rAuthors ); - - bool IsOptionSet ( SvtSecurityOptions::EOption eOption ) const; - void SetOption ( SvtSecurityOptions::EOption eOption, bool bValue ); - bool IsOptionEnabled ( SvtSecurityOptions::EOption eOption ) const; - - - void SetProperty( sal_Int32 nHandle, const Any& rValue, bool bReadOnly ); - void LoadAuthors(); - static sal_Int32 GetHandle( std::u16string_view rPropertyName ); - bool GetOption( SvtSecurityOptions::EOption eOption, bool*& rpValue, bool*& rpRO ); - - /*-**************************************************************************************************** - @short return list of key names of our configuration management which represent our module tree - @descr This method returns a static const list of key names. We need it to get needed values from our - configuration management. - @return A list of needed configuration keys is returned. - *//*-*****************************************************************************************************/ - static Sequence< OUString > GetPropertyNames(); - - Sequence< OUString > m_seqSecureURLs; - bool m_bSaveOrSend; - bool m_bSigning; - bool m_bPrint; - bool m_bCreatePDF; - bool m_bRemoveInfo; - bool m_bRecommendPwd; - bool m_bCtrlClickHyperlink; - bool m_bBlockUntrustedRefererLinks; - sal_Int32 m_nSecLevel; - std::vector< SvtSecurityOptions::Certificate > m_seqTrustedAuthors; - bool m_bDisableMacros; - - bool m_bROSecureURLs; - bool m_bROSaveOrSend; - bool m_bROSigning; - bool m_bROPrint; - bool m_bROCreatePDF; - bool m_bRORemoveInfo; - bool m_bRORecommendPwd; - bool m_bROCtrlClickHyperlink; - bool m_bROBlockUntrustedRefererLinks; - bool m_bROSecLevel; - bool m_bROTrustedAuthors; - bool m_bRODisableMacros; -}; - -// constructor - -SvtSecurityOptions_Impl::SvtSecurityOptions_Impl() - :ConfigItem ( ROOTNODE_SECURITY ) - ,m_seqSecureURLs ( DEFAULT_SECUREURL ) - ,m_bSaveOrSend ( true ) - ,m_bSigning ( true ) - ,m_bPrint ( true ) - ,m_bCreatePDF ( true ) - ,m_bRemoveInfo ( true ) - ,m_bRecommendPwd(false) - ,m_bCtrlClickHyperlink(false) - ,m_bBlockUntrustedRefererLinks(false) - ,m_nSecLevel ( 1 ) - ,m_seqTrustedAuthors ( DEFAULT_TRUSTEDAUTHORS ) - ,m_bDisableMacros ( false ) - ,m_bROSecureURLs ( CFG_READONLY_DEFAULT ) - ,m_bROSaveOrSend ( CFG_READONLY_DEFAULT ) - ,m_bROSigning ( CFG_READONLY_DEFAULT ) - ,m_bROPrint ( CFG_READONLY_DEFAULT ) - ,m_bROCreatePDF ( CFG_READONLY_DEFAULT ) - ,m_bRORemoveInfo ( CFG_READONLY_DEFAULT ) - ,m_bRORecommendPwd(CFG_READONLY_DEFAULT) - ,m_bROCtrlClickHyperlink(CFG_READONLY_DEFAULT) - ,m_bROBlockUntrustedRefererLinks(CFG_READONLY_DEFAULT) - ,m_bROSecLevel ( CFG_READONLY_DEFAULT ) - ,m_bROTrustedAuthors ( CFG_READONLY_DEFAULT ) - ,m_bRODisableMacros ( true ) // currently is not intended to be changed +bool IsReadOnly( EOption eOption ) { - Sequence< OUString > seqNames = GetPropertyNames ( ); - Sequence< Any > seqValues = GetProperties ( seqNames ); - Sequence< sal_Bool > seqRO = GetReadOnlyStates ( seqNames ); - - // Safe impossible cases. - // We need values from ALL configuration keys. - // Follow assignment use order of values in relation to our list of key names! - assert( seqNames.getLength() == seqValues.getLength() && "I miss some values of configuration keys!" ); - - // Copy values from list in right order to our internal member. - sal_Int32 nPropertyCount = seqValues.getLength(); - for( sal_Int32 nProperty = 0; nProperty < nPropertyCount; ++nProperty ) - SetProperty( nProperty, seqValues[ nProperty ], seqRO[ nProperty ] ); - - LoadAuthors(); + bool bReadonly; + switch(eOption) + { + case SvtSecurityOptions::EOption::SecureUrls : + bReadonly = officecfg::Office::Common::Security::Scripting::SecureURL::isReadOnly(); + break; + case SvtSecurityOptions::EOption::DocWarnSaveOrSend: + bReadonly = officecfg::Office::Common::Security::Scripting::WarnSaveOrSendDoc::isReadOnly(); + break; + case SvtSecurityOptions::EOption::DocWarnSigning: + bReadonly = officecfg::Office::Common::Security::Scripting::WarnSignDoc::isReadOnly(); + break; + case SvtSecurityOptions::EOption::DocWarnPrint: + bReadonly = officecfg::Office::Common::Security::Scripting::WarnPrintDoc::isReadOnly(); + break; + case SvtSecurityOptions::EOption::DocWarnCreatePdf: + bReadonly = officecfg::Office::Common::Security::Scripting::WarnCreatePDF::isReadOnly(); + break; + case SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo: + bReadonly = officecfg::Office::Common::Security::Scripting::RemovePersonalInfoOnSaving::isReadOnly(); + break; + case SvtSecurityOptions::EOption::DocWarnRecommendPassword: + bReadonly = officecfg::Office::Common::Security::Scripting::RecommendPasswordProtection::isReadOnly(); + break; + case SvtSecurityOptions::EOption::MacroSecLevel: + bReadonly = officecfg::Office::Common::Security::Scripting::MacroSecurityLevel::isReadOnly(); + break; + case SvtSecurityOptions::EOption::MacroTrustedAuthors: + bReadonly = false; // TODO? officecfg::Office::Common::Security::Scripting::TrustedAuthors::isReadOnly(); + break; + case SvtSecurityOptions::EOption::CtrlClickHyperlink: + bReadonly = officecfg::Office::Common::Security::Scripting::HyperlinksWithCtrlClick::isReadOnly(); + break; + case SvtSecurityOptions::EOption::BlockUntrustedRefererLinks: + bReadonly = officecfg::Office::Common::Security::Scripting::BlockUntrustedRefererLinks::isReadOnly(); + break; - // Enable notification mechanism of our baseclass. - // We need it to get information about changes outside these class on our used configuration keys!*/ + default: + assert(false); + bReadonly = true; + } - EnableNotification( seqNames ); + return bReadonly; } -// destructor - -SvtSecurityOptions_Impl::~SvtSecurityOptions_Impl() +std::vector< OUString > GetSecureURLs() { - assert(!IsModified()); // should have been committed + if (utl::ConfigManager::IsFuzzing()) + return {}; + std::vector<OUString> aRet = comphelper::sequenceToContainer<std::vector<OUString>>( + officecfg::Office::Common::Security::Scripting::SecureURL::get()); + SvtPathOptions aOpt; + std::transform(aRet.begin(), aRet.end(), aRet.begin(), + [&aOpt](const OUString& rUrl) -> OUString { return aOpt.SubstituteVariable( rUrl ); }); + return aRet; } -void SvtSecurityOptions_Impl::SetProperty( sal_Int32 nProperty, const Any& rValue, bool bRO ) +void SetSecureURLs( const std::vector< OUString >& urlList ) { - switch( nProperty ) - { - case PROPERTYHANDLE_SECUREURL: - { - m_seqSecureURLs.realloc( 0 ); - rValue >>= m_seqSecureURLs; - if (!utl::ConfigManager::IsFuzzing()) - { - SvtPathOptions aOpt; - std::transform(m_seqSecureURLs.begin(), m_seqSecureURLs.end(), m_seqSecureURLs.begin(), - [&aOpt](const OUString& rUrl) -> OUString { return aOpt.SubstituteVariable( rUrl ); }); - } - m_bROSecureURLs = bRO; - } - break; - - case PROPERTYHANDLE_DOCWARN_SAVEORSEND: - { - rValue >>= m_bSaveOrSend; - m_bROSaveOrSend = bRO; - } - break; - - case PROPERTYHANDLE_DOCWARN_SIGNING: - { - rValue >>= m_bSigning; - m_bROSigning = bRO; - } - break; - - case PROPERTYHANDLE_DOCWARN_PRINT: - { - rValue >>= m_bPrint; - m_bROPrint = bRO; - } - break; +// DBG_ASSERT(!officecfg::SecureURL::isReadOnly(), "SvtSecurityOptions_Impl::SetSecureURLs()\nYou tried to write on a readonly value!\n"); +// if (officecfg::SecureURL::isReadOnly()) +// return; + std::vector< OUString > lURLs( urlList ); + SvtPathOptions aOpt; + std::transform(lURLs.begin(), lURLs.end(), lURLs.begin(), + [&aOpt](const OUString& rUrl) -> OUString { return aOpt.UseVariable( rUrl ); }); + std::shared_ptr<comphelper::ConfigurationChanges> xChanges = comphelper::ConfigurationChanges::create(); + officecfg::Office::Common::Security::Scripting::SecureURL::set(comphelper::containerToSequence(lURLs), xChanges); + xChanges->commit(); +} - case PROPERTYHANDLE_DOCWARN_CREATEPDF: - { - rValue >>= m_bCreatePDF; - m_bROCreatePDF = bRO; +bool isSecureMacroUri( + OUString const & uri, OUString const & referer) +{ + switch (INetURLObject(uri).GetProtocol()) { + case INetProtocol::Macro: + if (uri.startsWithIgnoreAsciiCase("macro:///")) { + // Denotes an App-BASIC macro (see SfxMacroLoader::loadMacro), which + // is considered safe: + return true; } - break; + [[fallthrough]]; + case INetProtocol::Slot: + return referer.equalsIgnoreAsciiCase("private:user") + || isTrustedLocationUri(referer); + default: + return true; + } +} - case PROPERTYHANDLE_DOCWARN_REMOVEPERSONALINFO: - { - rValue >>= m_bRemoveInfo; - m_bRORemoveInfo = bRO; - } - break; +bool isUntrustedReferer(OUString const & referer) +{ + return IsOptionSet(EOption::BlockUntrustedRefererLinks) + && !(referer.isEmpty() || referer.startsWithIgnoreAsciiCase("private:") + || isTrustedLocationUri(referer)); +} - case PROPERTYHANDLE_DOCWARN_RECOMMENDPASSWORD: +bool isTrustedLocationUri(OUString const & uri) +{ + for (const auto & url : GetSecureURLs()) + { + if (utl::UCBContentHelper::IsSubPath(url, uri)) { - rValue >>= m_bRecommendPwd; - m_bRORecommendPwd = bRO; + return true; } - break; + } + return false; +} - case PROPERTYHANDLE_CTRLCLICK_HYPERLINK: - { - rValue >>= m_bCtrlClickHyperlink; - m_bROCtrlClickHyperlink = bRO; - } - break; +bool isTrustedLocationUriForUpdatingLinks(OUString const & uri) +{ + return GetMacroSecurityLevel() == 0 || uri.isEmpty() + || uri.startsWithIgnoreAsciiCase("private:") + || isTrustedLocationUri(uri); +} - case PROPERTYHANDLE_BLOCKUNTRUSTEDREFERERLINKS: - { - rValue >>= m_bBlockUntrustedRefererLinks; - m_bROBlockUntrustedRefererLinks = bRO; - } - break; +sal_Int32 GetMacroSecurityLevel() +{ + return officecfg::Office::Common::Security::Scripting::MacroSecurityLevel::get(); +} - case PROPERTYHANDLE_MACRO_SECLEVEL: - { - rValue >>= m_nSecLevel; - m_bROSecLevel = bRO; - } - break; +void SetMacroSecurityLevel( sal_Int32 _nLevel ) +{ + if( officecfg::Office::Common::Security::Scripting::MacroSecurityLevel::isReadOnly() ) + return; - case PROPERTYHANDLE_MACRO_TRUSTEDAUTHORS: - { - // don't care about value here... - m_bROTrustedAuthors = bRO; - } - break; + if( _nLevel > 3 || _nLevel < 0 ) + _nLevel = 3; - case PROPERTYHANDLE_MACRO_DISABLE: - { - rValue >>= m_bDisableMacros; - m_bRODisableMacros = bRO; - } - break; + std::shared_ptr<comphelper::ConfigurationChanges> xChanges = comphelper::ConfigurationChanges::create(); + officecfg::Office::Common::Security::Scripting::MacroSecurityLevel::set(_nLevel, xChanges); + xChanges->commit(); +} -#if OSL_DEBUG_LEVEL > 0 - default: - assert(false && "Unknown property!"); -#endif - } +bool IsMacroDisabled() +{ + return officecfg::Office::Common::Security::Scripting::DisableMacrosExecution::get(); } -void SvtSecurityOptions_Impl::LoadAuthors() +std::vector< SvtSecurityOptions::Certificate > GetTrustedAuthors() { - m_seqTrustedAuthors.clear(); // first clear - const Sequence< OUString > lAuthors = GetNodeNames( PROPERTYNAME_MACRO_TRUSTEDAUTHORS ); - sal_Int32 c1 = lAuthors.getLength(); + Reference<css::container::XHierarchicalNameAccess> xHierarchyAccess = utl::ConfigManager::acquireTree(u"Office.Common/Security/Scripting"); + const Sequence< OUString > lAuthors = utl::ConfigItem::GetNodeNames( xHierarchyAccess, PROPERTYNAME_MACRO_TRUSTEDAUTHORS, utl::ConfigNameFormat::LocalPath ); + sal_Int32 c1 = lAuthors.getLength(); if( !c1 ) - return; + return {}; sal_Int32 c2 = c1 * 3; // 3 Properties inside Struct TrustedAuthor Sequence< OUString > lAllAuthors( c2 ); @@ -351,11 +209,11 @@ void SvtSecurityOptions_Impl::LoadAuthors() ++i2; } - Sequence< Any > lValues = GetProperties( lAllAuthors ); + Sequence< Any > lValues = utl::ConfigItem::GetProperties( xHierarchyAccess, lAllAuthors, /*bAllLocales*/false ); if( lValues.getLength() != c2 ) - return; + return {}; - std::vector< SvtSecurityOptions::Certificate > v; + std::vector< SvtSecurityOptions::Certificate > aTrustedAuthors; SvtSecurityOptions::Certificate aCert; i2 = 0; for( sal_Int32 i1 = 0; i1 < c1; ++i1 ) @@ -372,571 +230,117 @@ void SvtSecurityOptions_Impl::LoadAuthors() // have been observed in the wild (fdo#55019): if( !aCert.RawData.isEmpty() ) { - v.push_back( aCert ); + aTrustedAuthors.push_back( aCert ); } } - m_seqTrustedAuthors = v; + return aTrustedAuthors; } -sal_Int32 SvtSecurityOptions_Impl::GetHandle( std::u16string_view rName ) +void SetTrustedAuthors( const std::vector< Certificate >& rAuthors ) { - sal_Int32 nHandle; - - if( rName == PROPERTYNAME_SECUREURL ) - nHandle = PROPERTYHANDLE_SECUREURL; - else if( rName == PROPERTYNAME_DOCWARN_SAVEORSEND ) - nHandle = PROPERTYHANDLE_DOCWARN_SAVEORSEND; - else if( rName == PROPERTYNAME_DOCWARN_SIGNING ) - nHandle = PROPERTYHANDLE_DOCWARN_SIGNING; - else if( rName == PROPERTYNAME_DOCWARN_PRINT ) - nHandle = PROPERTYHANDLE_DOCWARN_PRINT; - else if( rName == PROPERTYNAME_DOCWARN_CREATEPDF ) - nHandle = PROPERTYHANDLE_DOCWARN_CREATEPDF; - else if( rName == PROPERTYNAME_DOCWARN_REMOVEPERSONALINFO ) - nHandle = PROPERTYHANDLE_DOCWARN_REMOVEPERSONALINFO; - else if( rName == PROPERTYNAME_DOCWARN_RECOMMENDPASSWORD ) - nHandle = PROPERTYHANDLE_DOCWARN_RECOMMENDPASSWORD; - else if( rName == PROPERTYNAME_CTRLCLICK_HYPERLINK ) - nHandle = PROPERTYHANDLE_CTRLCLICK_HYPERLINK; - else if( rName == PROPERTYNAME_BLOCKUNTRUSTEDREFERERLINKS ) - nHandle = PROPERTYHANDLE_BLOCKUNTRUSTEDREFERERLINKS; - else if( rName == PROPERTYNAME_MACRO_SECLEVEL ) - nHandle = PROPERTYHANDLE_MACRO_SECLEVEL; - else if( rName == PROPERTYNAME_MACRO_TRUSTEDAUTHORS ) - nHandle = PROPERTYHANDLE_MACRO_TRUSTEDAUTHORS; - else if( rName == PROPERTYNAME_MACRO_DISABLE ) - nHandle = PROPERTYHANDLE_MACRO_DISABLE; - - else - nHandle = PROPERTYHANDLE_INVALID; - - return nHandle; +// DBG_ASSERT(!m_bROTrustedAuthors, "SvtSecurityOptions_Impl::SetTrustedAuthors()\nYou tried to write on a readonly value!\n"); +// if( m_bROTrustedAuthors ) +// return; + + Reference<css::container::XHierarchicalNameAccess> xHierarchyAccess = utl::ConfigManager::acquireTree(u"Office.Common/Security/Scripting"); + sal_Int32 nCnt = rAuthors.size(); + for( sal_Int32 i = 0; i < nCnt; ++i ) + { + OUString aPrefix( + PROPERTYNAME_MACRO_TRUSTEDAUTHORS "/a" + + OUString::number(i) + "/"); + Sequence< css::beans::PropertyValue > lPropertyValues( 3 ); + lPropertyValues[ 0 ].Name = aPrefix + PROPERTYNAME_TRUSTEDAUTHOR_SUBJECTNAME; + lPropertyValues[ 0 ].Value <<= rAuthors[ i ].SubjectName; + lPropertyValues[ 1 ].Name = aPrefix + PROPERTYNAME_TRUSTEDAUTHOR_SERIALNUMBER; + lPropertyValues[ 1 ].Value <<= rAuthors[ i ].SerialNumber; + lPropertyValues[ 2 ].Name = aPrefix + PROPERTYNAME_TRUSTEDAUTHOR_RAWDATA; + lPropertyValues[ 2 ].Value <<= rAuthors[ i ].RawData; + + utl::ConfigItem::SetSetProperties( xHierarchyAccess, PROPERTYNAME_MACRO_TRUSTEDAUTHORS, lPropertyValues ); + } } -bool SvtSecurityOptions_Impl::GetOption( SvtSecurityOptions::EOption eOption, bool*& rpValue, bool*& rpRO ) +bool IsOptionSet( EOption eOption ) { - switch( eOption ) + bool bSet = false; + switch(eOption) { case SvtSecurityOptions::EOption::DocWarnSaveOrSend: - rpValue = &m_bSaveOrSend; - rpRO = &m_bROSaveOrSend; + bSet = officecfg::Office::Common::Security::Scripting::WarnSaveOrSendDoc::get(); break; case SvtSecurityOptions::EOption::DocWarnSigning: - rpValue = &m_bSigning; - rpRO = &m_bROSigning; + bSet = officecfg::Office::Common::Security::Scripting::WarnSignDoc::get(); break; case SvtSecurityOptions::EOption::DocWarnPrint: - rpValue = &m_bPrint; - rpRO = &m_bROPrint; + bSet = officecfg::Office::Common::Security::Scripting::WarnPrintDoc::get(); break; case SvtSecurityOptions::EOption::DocWarnCreatePdf: - rpValue = &m_bCreatePDF; - rpRO = &m_bROCreatePDF; + bSet = officecfg::Office::Common::Security::Scripting::WarnCreatePDF::get(); break; case SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo: - rpValue = &m_bRemoveInfo; - rpRO = &m_bRORemoveInfo; + bSet = officecfg::Office::Common::Security::Scripting::RemovePersonalInfoOnSaving::get(); break; case SvtSecurityOptions::EOption::DocWarnRecommendPassword: - rpValue = &m_bRecommendPwd; - rpRO = &m_bRORecommendPwd; + bSet = officecfg::Office::Common::Security::Scripting::RecommendPasswordProtection::get(); break; case SvtSecurityOptions::EOption::CtrlClickHyperlink: - rpValue = &m_bCtrlClickHyperlink; - rpRO = &m_bROCtrlClickHyperlink; + bSet = officecfg::Office::Common::Security::Scripting::HyperlinksWithCtrlClick::get(); break; case SvtSecurityOptions::EOption::BlockUntrustedRefererLinks: - rpValue = &m_bBlockUntrustedRefererLinks; - rpRO = &m_bROBlockUntrustedRefererLinks; + bSet = officecfg::Office::Common::Security::Scripting::BlockUntrustedRefererLinks::get(); break; + default: - rpValue = nullptr; - rpRO = nullptr; - break; + assert(false); } - return rpValue != nullptr; + return bSet; } -void SvtSecurityOptions_Impl::Notify( const Sequence< OUString >& seqPropertyNames ) +void SetOption( EOption eOption, bool bValue ) { - // Use given list of updated properties to get his values from configuration directly! - Sequence< Any > seqValues = GetProperties( seqPropertyNames ); - Sequence< sal_Bool > seqRO = GetReadOnlyStates( seqPropertyNames ); - // Safe impossible cases. - // We need values from ALL notified configuration keys. - DBG_ASSERT( !(seqPropertyNames.getLength()!=seqValues.getLength()), "SvtSecurityOptions_Impl::Notify()\nI miss some values of configuration keys!\n" ); - // Step over list of property names and get right value from corresponding value list to set it on internal members! - sal_Int32 nCount = seqPropertyNames.getLength(); - for( sal_Int32 nProperty = 0; nProperty < nCount; ++nProperty ) - SetProperty( GetHandle( seqPropertyNames[ nProperty ] ), seqValues[ nProperty ], seqRO[ nProperty ] ); - - // read set of trusted authors separately - LoadAuthors(); -} - -void SvtSecurityOptions_Impl::ImplCommit() -{ - // Get names of supported properties, create a list for values and copy current values to it. - Sequence< OUString > lOrgNames = GetPropertyNames(); - sal_Int32 nOrgCount = lOrgNames.getLength(); - - Sequence< OUString > lNames(nOrgCount); - Sequence< Any > lValues(nOrgCount); - sal_Int32 nRealCount = 0; - bool bDone; - - ClearNodeSet( PROPERTYNAME_MACRO_TRUSTEDAUTHORS ); - - for( sal_Int32 nProperty = 0; nProperty < nOrgCount; ++nProperty ) - { - switch( nProperty ) - { - case PROPERTYHANDLE_SECUREURL: - { - bDone = !m_bROSecureURLs; - if( bDone ) - { - Sequence< OUString > lURLs( m_seqSecureURLs ); - SvtPathOptions aOpt; - std::transform(lURLs.begin(), lURLs.end(), lURLs.begin(), - [&aOpt](const OUString& rUrl) -> OUString { return aOpt.UseVariable( rUrl ); }); - lValues[ nRealCount ] <<= lURLs; - } - } - break; - - case PROPERTYHANDLE_DOCWARN_SAVEORSEND: - { - bDone = !m_bROSaveOrSend; - if( bDone ) - lValues[ nRealCount ] <<= m_bSaveOrSend; - } - break; - - case PROPERTYHANDLE_DOCWARN_SIGNING: - { - bDone = !m_bROSigning; - if( bDone ) - lValues[ nRealCount ] <<= m_bSigning; - } - break; - - case PROPERTYHANDLE_DOCWARN_PRINT: - { - bDone = !m_bROPrint; - if( bDone ) - lValues[ nRealCount ] <<= m_bPrint; - } - break; - - case PROPERTYHANDLE_DOCWARN_CREATEPDF: - { - bDone = !m_bROCreatePDF; - if( bDone ) - lValues[ nRealCount ] <<= m_bCreatePDF; - } - break; - - case PROPERTYHANDLE_DOCWARN_REMOVEPERSONALINFO: - { - bDone = !m_bRORemoveInfo; - if( bDone ) - lValues[ nRealCount ] <<= m_bRemoveInfo; - } - break; - - case PROPERTYHANDLE_DOCWARN_RECOMMENDPASSWORD: - { - bDone = !m_bRORecommendPwd; - if( bDone ) - lValues[ nRealCount ] <<= m_bRecommendPwd; - } - break; - - case PROPERTYHANDLE_CTRLCLICK_HYPERLINK: - { - bDone = !m_bROCtrlClickHyperlink; - if( bDone ) - lValues[ nRealCount ] <<= m_bCtrlClickHyperlink; - } - break; - - case PROPERTYHANDLE_BLOCKUNTRUSTEDREFERERLINKS: - { - bDone = !m_bROBlockUntrustedRefererLinks; - if( bDone ) - lValues[ nRealCount ] <<= m_bBlockUntrustedRefererLinks; - } - break; - - case PROPERTYHANDLE_MACRO_SECLEVEL: - { - bDone = !m_bROSecLevel; - if( bDone ) - lValues[ nRealCount ] <<= m_nSecLevel; - } - break; - - case PROPERTYHANDLE_MACRO_TRUSTEDAUTHORS: - { - bDone = !m_bROTrustedAuthors; - if( bDone ) - { - sal_Int32 nCnt = m_seqTrustedAuthors.size(); - if( nCnt ) - { - for( sal_Int32 i = 0; i < nCnt; ++i ) - { - OUString aPrefix( - PROPERTYNAME_MACRO_TRUSTEDAUTHORS "/a" - + OUString::number(i) + "/"); - Sequence< css::beans::PropertyValue > lPropertyValues( 3 ); - lPropertyValues[ 0 ].Name = aPrefix + PROPERTYNAME_TRUSTEDAUTHOR_SUBJECTNAME; - lPropertyValues[ 0 ].Value <<= m_seqTrustedAuthors[ i ].SubjectName; - lPropertyValues[ 1 ].Name = aPrefix + PROPERTYNAME_TRUSTEDAUTHOR_SERIALNUMBER; - lPropertyValues[ 1 ].Value <<= m_seqTrustedAuthors[ i ].SerialNumber; - lPropertyValues[ 2 ].Name = aPrefix + PROPERTYNAME_TRUSTEDAUTHOR_RAWDATA; - lPropertyValues[ 2 ].Value <<= m_seqTrustedAuthors[ i ].RawData; - - SetSetProperties( PROPERTYNAME_MACRO_TRUSTEDAUTHORS, lPropertyValues ); - } - - bDone = false; // because we save in loop above! - } - else - bDone = false; - } - } - break; - - case PROPERTYHANDLE_MACRO_DISABLE: - { - bDone = !m_bRODisableMacros; - if( bDone ) - lValues[ nRealCount ] <<= m_bDisableMacros; - } - break; - - default: - bDone = false; - } - - if( bDone ) - { - lNames[ nRealCount ] = lOrgNames[ nProperty ]; - ++nRealCount; - } - } - // Set properties in configuration. - lNames.realloc(nRealCount); - lValues.realloc(nRealCount); - PutProperties( lNames, lValues ); -} - -bool SvtSecurityOptions_Impl::IsReadOnly( SvtSecurityOptions::EOption eOption ) const -{ - bool bReadonly; + std::shared_ptr<comphelper::ConfigurationChanges> xChanges = comphelper::ConfigurationChanges::create(); switch(eOption) { - case SvtSecurityOptions::EOption::SecureUrls : - bReadonly = m_bROSecureURLs; - break; case SvtSecurityOptions::EOption::DocWarnSaveOrSend: - bReadonly = m_bROSaveOrSend; + officecfg::Office::Common::Security::Scripting::WarnSaveOrSendDoc::set(bValue, xChanges); break; case SvtSecurityOptions::EOption::DocWarnSigning: - bReadonly = m_bROSigning; + officecfg::Office::Common::Security::Scripting::WarnSignDoc::set(bValue, xChanges); break; case SvtSecurityOptions::EOption::DocWarnPrint: - bReadonly = m_bROPrint; + officecfg::Office::Common::Security::Scripting::WarnPrintDoc::set(bValue, xChanges); break; case SvtSecurityOptions::EOption::DocWarnCreatePdf: - bReadonly = m_bROCreatePDF; + officecfg::Office::Common::Security::Scripting::WarnCreatePDF::set(bValue, xChanges); break; case SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo: - bReadonly = m_bRORemoveInfo; + officecfg::Office::Common::Security::Scripting::RemovePersonalInfoOnSaving::set(bValue, xChanges); break; case SvtSecurityOptions::EOption::DocWarnRecommendPassword: - bReadonly = m_bRORecommendPwd; - break; - case SvtSecurityOptions::EOption::MacroSecLevel: - bReadonly = m_bROSecLevel; - break; - case SvtSecurityOptions::EOption::MacroTrustedAuthors: - bReadonly = m_bROTrustedAuthors; + officecfg::Office::Common::Security::Scripting::RecommendPasswordProtection::set(bValue, xChanges); break; case SvtSecurityOptions::EOption::CtrlClickHyperlink: - bReadonly = m_bROCtrlClickHyperlink; + officecfg::Office::Common::Security::Scripting::HyperlinksWithCtrlClick::set(bValue, xChanges); break; case SvtSecurityOptions::EOption::BlockUntrustedRefererLinks: - bReadonly = m_bROBlockUntrustedRefererLinks; + officecfg::Office::Common::Security::Scripting::BlockUntrustedRefererLinks::set(bValue, xChanges); break; default: - bReadonly = true; - } - - return bReadonly; -} - - -void SvtSecurityOptions_Impl::SetSecureURLs( const Sequence< OUString >& seqURLList ) -{ - DBG_ASSERT(!m_bROSecureURLs, "SvtSecurityOptions_Impl::SetSecureURLs()\nYou tried to write on a readonly value!\n"); - if (!m_bROSecureURLs && m_seqSecureURLs!=seqURLList) - { - m_seqSecureURLs = seqURLList; - SetModified(); - } -} - -inline sal_Int32 SvtSecurityOptions_Impl::GetMacroSecurityLevel() const -{ - return m_nSecLevel; -} - -inline bool SvtSecurityOptions_Impl::IsMacroDisabled() const -{ - return m_bDisableMacros; -} - -void SvtSecurityOptions_Impl::SetMacroSecurityLevel( sal_Int32 _nLevel ) -{ - if( !m_bROSecLevel ) - { - if( _nLevel > 3 || _nLevel < 0 ) - _nLevel = 3; - - if( m_nSecLevel != _nLevel ) - { - m_nSecLevel = _nLevel; - SetModified(); - } - } -} - - -void SvtSecurityOptions_Impl::SetTrustedAuthors( const std::vector< SvtSecurityOptions::Certificate >& rAuthors ) -{ - DBG_ASSERT(!m_bROTrustedAuthors, "SvtSecurityOptions_Impl::SetTrustedAuthors()\nYou tried to write on a readonly value!\n"); - if( !m_bROTrustedAuthors && rAuthors != m_seqTrustedAuthors ) - { - m_seqTrustedAuthors = rAuthors; - SetModified(); - } -} - -bool SvtSecurityOptions_Impl::IsOptionSet( SvtSecurityOptions::EOption eOption ) const -{ - bool* pValue; - bool* pRO; - bool bRet = false; - - if( const_cast< SvtSecurityOptions_Impl* >( this )->GetOption( eOption, pValue, pRO ) ) - bRet = *pValue; - - return bRet; -} - -void SvtSecurityOptions_Impl::SetOption( SvtSecurityOptions::EOption eOption, bool bValue ) -{ - bool* pValue; - bool* pRO; - - if( GetOption( eOption, pValue, pRO ) && !*pRO && *pValue != bValue) - { - *pValue = bValue; - SetModified(); - } -} - -bool SvtSecurityOptions_Impl::IsOptionEnabled( SvtSecurityOptions::EOption eOption ) const -{ - bool* pValue; - bool* pRO; - bool bRet = false; - - if( const_cast< SvtSecurityOptions_Impl* >( this )->GetOption( eOption, pValue, pRO ) ) - bRet = !*pRO; - - return bRet; -} - -Sequence< OUString > SvtSecurityOptions_Impl::GetPropertyNames() -{ - return Sequence< OUString > - { - PROPERTYNAME_SECUREURL, - PROPERTYNAME_DOCWARN_SAVEORSEND, - PROPERTYNAME_DOCWARN_SIGNING, - PROPERTYNAME_DOCWARN_PRINT, - PROPERTYNAME_DOCWARN_CREATEPDF, - PROPERTYNAME_DOCWARN_REMOVEPERSONALINFO, - PROPERTYNAME_DOCWARN_RECOMMENDPASSWORD, - PROPERTYNAME_CTRLCLICK_HYPERLINK, - PROPERTYNAME_BLOCKUNTRUSTEDREFERERLINKS, - PROPERTYNAME_MACRO_SECLEVEL, - PROPERTYNAME_MACRO_TRUSTEDAUTHORS, - PROPERTYNAME_MACRO_DISABLE - }; -} - -namespace { - -std::weak_ptr<SvtSecurityOptions_Impl> g_pSecurityOptions; - -} - -SvtSecurityOptions::SvtSecurityOptions() -{ - // Global access, must be guarded (multithreading!). - MutexGuard aGuard( GetInitMutex() ); - - m_pImpl = g_pSecurityOptions.lock(); - if( !m_pImpl ) - { - m_pImpl = std::make_shared<SvtSecurityOptions_Impl>(); - g_pSecurityOptions = m_pImpl; - - ItemHolder1::holdConfigItem(EItem::SecurityOptions); - } -} - -SvtSecurityOptions::~SvtSecurityOptions() -{ - // Global access, must be guarded (multithreading!) - MutexGuard aGuard( GetInitMutex() ); - - m_pImpl.reset(); -} - -bool SvtSecurityOptions::IsReadOnly( EOption eOption ) const -{ - MutexGuard aGuard( GetInitMutex() ); - return m_pImpl->IsReadOnly(eOption); -} - -Sequence< OUString > SvtSecurityOptions::GetSecureURLs() const -{ - MutexGuard aGuard( GetInitMutex() ); - return m_pImpl->GetSecureURLs(); -} - -void SvtSecurityOptions::SetSecureURLs( const Sequence< OUString >& seqURLList ) -{ - MutexGuard aGuard( GetInitMutex() ); - m_pImpl->SetSecureURLs( seqURLList ); -} - -bool SvtSecurityOptions::isSecureMacroUri( - OUString const & uri, OUString const & referer) const -{ - switch (INetURLObject(uri).GetProtocol()) { - case INetProtocol::Macro: - if (uri.startsWithIgnoreAsciiCase("macro:///")) { - // Denotes an App-BASIC macro (see SfxMacroLoader::loadMacro), which - // is considered safe: - return true; - } - [[fallthrough]]; - case INetProtocol::Slot: - return referer.equalsIgnoreAsciiCase("private:user") - || isTrustedLocationUri(referer); - default: - return true; + assert(false); } + xChanges->commit(); } -bool SvtSecurityOptions::isUntrustedReferer(OUString const & referer) const { - MutexGuard g(GetInitMutex()); - return m_pImpl->IsOptionSet(EOption::BlockUntrustedRefererLinks) - && !(referer.isEmpty() || referer.startsWithIgnoreAsciiCase("private:") - || isTrustedLocationUri(referer)); -} +} // namespace SvtSecurityOptions -bool SvtSecurityOptions::isTrustedLocationUri(OUString const & uri) const { - MutexGuard g(GetInitMutex()); - for (const auto & url : std::as_const(m_pImpl->m_seqSecureURLs)) - { - if (UCBContentHelper::IsSubPath(url, uri)) - { - return true; - } - } - return false; -} - -bool SvtSecurityOptions::isTrustedLocationUriForUpdatingLinks( - OUString const & uri) const -{ - return GetMacroSecurityLevel() == 0 || uri.isEmpty() - || uri.startsWithIgnoreAsciiCase("private:") - || isTrustedLocationUri(uri); -} - -sal_Int32 SvtSecurityOptions::GetMacroSecurityLevel() const -{ - MutexGuard aGuard( GetInitMutex() ); - return m_pImpl->GetMacroSecurityLevel(); -} - -void SvtSecurityOptions::SetMacroSecurityLevel( sal_Int32 _nLevel ) -{ - MutexGuard aGuard( GetInitMutex() ); - m_pImpl->SetMacroSecurityLevel( _nLevel ); -} - -bool SvtSecurityOptions::IsMacroDisabled() const -{ - MutexGuard aGuard( GetInitMutex() ); - return m_pImpl->IsMacroDisabled(); -} - -std::vector< SvtSecurityOptions::Certificate > SvtSecurityOptions::GetTrustedAuthors() const -{ - MutexGuard aGuard( GetInitMutex() ); - return m_pImpl->GetTrustedAuthors(); -} - -void SvtSecurityOptions::SetTrustedAuthors( const std::vector< Certificate >& rAuthors ) -{ - MutexGuard aGuard( GetInitMutex() ); - m_pImpl->SetTrustedAuthors( rAuthors ); -} - -bool SvtSecurityOptions::IsOptionSet( EOption eOption ) const -{ - MutexGuard aGuard( GetInitMutex() ); - return m_pImpl->IsOptionSet( eOption ); -} - -void SvtSecurityOptions::SetOption( EOption eOption, bool bValue ) -{ - MutexGuard aGuard( GetInitMutex() ); - m_pImpl->SetOption( eOption, bValue ); -} - -bool SvtSecurityOptions::IsOptionEnabled( EOption eOption ) const -{ - MutexGuard aGuard( GetInitMutex() ); - return m_pImpl->IsOptionEnabled( eOption ); -} - -namespace -{ - class theSecurityOptionsMutex : public rtl::Static<osl::Mutex, theSecurityOptionsMutex>{}; -} - -Mutex& SvtSecurityOptions::GetInitMutex() -{ - return theSecurityOptionsMutex::get(); -} // map personal info strings to 1, 2, ... to remove personal info size_t SvtSecurityMapPersonalInfo::GetInfoID( const OUString sPersonalInfo ) { - SvtSecurityMapPersonalInfoType::iterator aIter = aInfoIDs.find( sPersonalInfo ); + auto aIter = aInfoIDs.find( sPersonalInfo ); if ( aIter == aInfoIDs.end() ) { size_t nNewID = aInfoIDs.size() + 1; diff --git a/unotools/source/misc/mediadescriptor.cxx b/unotools/source/misc/mediadescriptor.cxx index 102aaaa1b3ed..f207faa3468b 100644 --- a/unotools/source/misc/mediadescriptor.cxx +++ b/unotools/source/misc/mediadescriptor.cxx @@ -601,7 +601,7 @@ bool MediaDescriptor::impl_openStreamWithPostData( const css::uno::Reference< cs bool MediaDescriptor::impl_openStreamWithURL( const OUString& sURL, bool bLockFile ) { OUString referer(getUnpackedValueOrDefault(PROP_REFERRER(), OUString())); - if (SvtSecurityOptions().isUntrustedReferer(referer)) { + if (SvtSecurityOptions::isUntrustedReferer(referer)) { return false; } diff --git a/uui/source/secmacrowarnings.cxx b/uui/source/secmacrowarnings.cxx index 81351e957c17..995eddc40246 100644 --- a/uui/source/secmacrowarnings.cxx +++ b/uui/source/secmacrowarnings.cxx @@ -152,13 +152,12 @@ void MacroWarning::InitControls() mxViewSignsBtn->connect_clicked(LINK(this, MacroWarning, ViewSignsBtnHdl)); mxViewSignsBtn->set_sensitive(false); - const SvtSecurityOptions aSecOption; - if (!aSecOption.IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors)) + if (!SvtSecurityOptions::IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors)) mxAlwaysTrustCB->connect_toggled(LINK(this, MacroWarning, AlwaysTrustCheckHdl)); else mxAlwaysTrustCB->set_visible(false); - mnActSecLevel = aSecOption.GetMacroSecurityLevel(); + mnActSecLevel = SvtSecurityOptions::GetMacroSecurityLevel(); if ( mnActSecLevel >= 2 ) mxEnableBtn->set_sensitive(false); } diff --git a/xmloff/source/draw/sdxmlexp.cxx b/xmloff/source/draw/sdxmlexp.cxx index cdc6a70e31dd..933a280739d5 100644 --- a/xmloff/source/draw/sdxmlexp.cxx +++ b/xmloff/source/draw/sdxmlexp.cxx @@ -2516,8 +2516,7 @@ void SdXMLExport::exportAnnotations( const Reference<XDrawPage>& xDrawPage ) Reference< XAnnotationEnumeration > xAnnotationEnumeration( xAnnotationAccess->createAnnotationEnumeration() ); if( xAnnotationEnumeration.is() && xAnnotationEnumeration->hasMoreElements() ) { - SvtSecurityOptions aSecOpt; - bool bRemovePersonalInfo = aSecOpt.IsOptionSet( + bool bRemovePersonalInfo = SvtSecurityOptions::IsOptionSet( SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo ); OUStringBuffer sStringBuffer; diff --git a/xmloff/source/text/XMLRedlineExport.cxx b/xmloff/source/text/XMLRedlineExport.cxx index aa457bf2ad98..6e5d4d79550a 100644 --- a/xmloff/source/text/XMLRedlineExport.cxx +++ b/xmloff/source/text/XMLRedlineExport.cxx @@ -436,8 +436,7 @@ OUString XMLRedlineExport::GetRedlineID( void XMLRedlineExport::ExportChangeInfo( const Reference<XPropertySet> & rPropSet) { - SvtSecurityOptions aSecOpt; - bool bRemovePersonalInfo = aSecOpt.IsOptionSet( + bool bRemovePersonalInfo = SvtSecurityOptions::IsOptionSet( SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo ); SvXMLElementExport aChangeInfo(rExport, XML_NAMESPACE_OFFICE, @@ -480,8 +479,7 @@ void XMLRedlineExport::ExportChangeInfo( const Sequence<PropertyValue> & rPropertyValues) { OUString sComment; - SvtSecurityOptions aSecOpt; - bool bRemovePersonalInfo = aSecOpt.IsOptionSet( + bool bRemovePersonalInfo = SvtSecurityOptions::IsOptionSet( SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo ); for(const PropertyValue& rVal : rPropertyValues) diff --git a/xmloff/source/text/txtflde.cxx b/xmloff/source/text/txtflde.cxx index 713c5aff895b..e899e083b980 100644 --- a/xmloff/source/text/txtflde.cxx +++ b/xmloff/source/text/txtflde.cxx @@ -1746,8 +1746,7 @@ void XMLTextFieldExport::ExportFieldHelper( DBG_ASSERT(sPresentation.isEmpty(), "Unexpected presentation for annotation field"); - SvtSecurityOptions aSecOpt; - bool bRemovePersonalInfo = aSecOpt.IsOptionSet( + bool bRemovePersonalInfo = SvtSecurityOptions::IsOptionSet( SvtSecurityOptions::EOption::DocWarnRemovePersonalInfo ); // annotation element + content diff --git a/xmlsecurity/inc/macrosecurity.hxx b/xmlsecurity/inc/macrosecurity.hxx index 690c5b05fcaf..233ef2c1dca1 100644 --- a/xmlsecurity/inc/macrosecurity.hxx +++ b/xmlsecurity/inc/macrosecurity.hxx @@ -32,7 +32,6 @@ private: friend class MacroSecurityTrustedSourcesTP; css::uno::Reference<css::xml::crypto::XSecurityEnvironment> m_xSecurityEnvironment; - SvtSecurityOptions m_aSecOptions; std::unique_ptr<weld::Notebook> m_xTabCtrl; std::unique_ptr<weld::Button> m_xOkBtn; diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx index 5a353c39924b..625bbbd0d4be 100644 --- a/xmlsecurity/source/component/documentdigitalsignatures.cxx +++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx @@ -663,7 +663,7 @@ sal_Bool DocumentDigitalSignatures::isAuthorTrusted( } OUString sSerialNum = xmlsecurity::bigIntegerToNumericString(xAuthor->getSerialNumber()); - std::vector< SvtSecurityOptions::Certificate > aTrustedAuthors = SvtSecurityOptions().GetTrustedAuthors(); + std::vector< SvtSecurityOptions::Certificate > aTrustedAuthors = SvtSecurityOptions::GetTrustedAuthors(); return std::any_of(aTrustedAuthors.begin(), aTrustedAuthors.end(), [&xAuthor, &sSerialNum](const SvtSecurityOptions::Certificate& rAuthor) { @@ -764,14 +764,12 @@ css::uno::Reference< css::security::XCertificate > DocumentDigitalSignatures::ch sal_Bool DocumentDigitalSignatures::isLocationTrusted( const OUString& Location ) { - return SvtSecurityOptions().isTrustedLocationUri(Location); + return SvtSecurityOptions::isTrustedLocationUri(Location); } void DocumentDigitalSignatures::addAuthorToTrustedSources( const Reference< css::security::XCertificate >& Author ) { - SvtSecurityOptions aSecOpts; - SvtSecurityOptions::Certificate aNewCert; aNewCert.SubjectName = Author->getIssuerName(); aNewCert.SerialNumber = xmlsecurity::bigIntegerToNumericString( Author->getSerialNumber() ); @@ -780,21 +778,17 @@ void DocumentDigitalSignatures::addAuthorToTrustedSources( ::comphelper::Base64::encode(aStrBuffer, Author->getEncoded()); aNewCert.RawData = aStrBuffer.makeStringAndClear(); - std::vector< SvtSecurityOptions::Certificate > aTrustedAuthors = aSecOpts.GetTrustedAuthors(); + std::vector< SvtSecurityOptions::Certificate > aTrustedAuthors = SvtSecurityOptions::GetTrustedAuthors(); aTrustedAuthors.push_back( aNewCert ); - aSecOpts.SetTrustedAuthors( aTrustedAuthors ); + SvtSecurityOptions::SetTrustedAuthors( aTrustedAuthors ); } void DocumentDigitalSignatures::addLocationToTrustedSources( const OUString& Location ) { - SvtSecurityOptions aSecOpt; - - Sequence< OUString > aSecURLs = aSecOpt.GetSecureURLs(); - sal_Int32 nCnt = aSecURLs.getLength(); - aSecURLs.realloc( nCnt + 1 ); - aSecURLs[ nCnt ] = Location; + std::vector< OUString > aSecURLs = SvtSecurityOptions::GetSecureURLs(); + aSecURLs.push_back(Location); - aSecOpt.SetSecureURLs( aSecURLs ); + SvtSecurityOptions::SetSecureURLs( aSecURLs ); } sal_Bool DocumentDigitalSignatures::signDocumentWithCertificate( diff --git a/xmlsecurity/source/dialogs/macrosecurity.cxx b/xmlsecurity/source/dialogs/macrosecurity.cxx index 2cb08df9cd9f..dbfa41e96d58 100644 --- a/xmlsecurity/source/dialogs/macrosecurity.cxx +++ b/xmlsecurity/source/dialogs/macrosecurity.cxx @@ -126,8 +126,8 @@ MacroSecurityLevelTP::MacroSecurityLevelTP(weld::Container* pParent, MacroSecuri m_xVeryHighRB->set_size_request(nMaxWidth, -1); } - mnCurLevel = static_cast<sal_uInt16>(m_pDlg->m_aSecOptions.GetMacroSecurityLevel()); - bool bReadonly = m_pDlg->m_aSecOptions.IsReadOnly( SvtSecurityOptions::EOption::MacroSecLevel ); + mnCurLevel = static_cast<sal_uInt16>(SvtSecurityOptions::GetMacroSecurityLevel()); + bool bReadonly = SvtSecurityOptions::IsReadOnly( SvtSecurityOptions::EOption::MacroSecLevel ); weld::RadioButton* pCheck = nullptr; weld::Widget* pImage = nullptr; @@ -185,7 +185,7 @@ IMPL_LINK_NOARG(MacroSecurityLevelTP, RadioButtonHdl, weld::Toggleable&, void) void MacroSecurityLevelTP::ClosePage() { - m_pDlg->m_aSecOptions.SetMacroSecurityLevel( mnCurLevel ); + SvtSecurityOptions::SetMacroSecurityLevel( mnCurLevel ); } void MacroSecurityTrustedSourcesTP::ImplCheckButtons() @@ -392,14 +392,14 @@ MacroSecurityTrustedSourcesTP::MacroSecurityTrustedSourcesTP(weld::Container* pP m_xRemoveLocPB->connect_clicked( LINK( this, MacroSecurityTrustedSourcesTP, RemoveLocPBHdl ) ); m_xRemoveLocPB->set_sensitive(false); - m_aTrustedAuthors = m_pDlg->m_aSecOptions.GetTrustedAuthors(); - mbAuthorsReadonly = m_pDlg->m_aSecOptions.IsReadOnly( SvtSecurityOptions::EOption::MacroTrustedAuthors ); + m_aTrustedAuthors = SvtSecurityOptions::GetTrustedAuthors(); + mbAuthorsReadonly = SvtSecurityOptions::IsReadOnly( SvtSecurityOptions::EOption::MacroTrustedAuthors ); m_xTrustCertROFI->set_visible(mbAuthorsReadonly); FillCertLB(true); - const css::uno::Sequence< OUString > aSecureURLs = m_pDlg->m_aSecOptions.GetSecureURLs(); - mbURLsReadonly = m_pDlg->m_aSecOptions.IsReadOnly( SvtSecurityOptions::EOption::SecureUrls ); + std::vector< OUString > aSecureURLs = SvtSecurityOptions::GetSecureURLs(); + mbURLsReadonly = SvtSecurityOptions::IsReadOnly( SvtSecurityOptions::EOption::SecureUrls ); m_xTrustFileROFI->set_visible(mbURLsReadonly); m_xAddLocPB->set_sensitive(!mbURLsReadonly); @@ -422,22 +422,22 @@ void MacroSecurityTrustedSourcesTP::ClosePage() sal_Int32 nEntryCnt = m_xTrustFileLocLB->n_children(); if( nEntryCnt ) { - css::uno::Sequence< OUString > aSecureURLs( nEntryCnt ); + std::vector< OUString > aSecureURLs; for (sal_Int32 i = 0; i < nEntryCnt; ++i) { OUString aURL(m_xTrustFileLocLB->get_text(i)); osl::FileBase::getFileURLFromSystemPath( aURL, aURL ); - aSecureURLs[ i ] = aURL; + aSecureURLs.push_back(aURL); } - m_pDlg->m_aSecOptions.SetSecureURLs( aSecureURLs ); + SvtSecurityOptions::SetSecureURLs( aSecureURLs ); } // Trusted Path could not be removed (#i33584#) // don't forget to remove the old saved SecureURLs else - m_pDlg->m_aSecOptions.SetSecureURLs( css::uno::Sequence< OUString >() ); + SvtSecurityOptions::SetSecureURLs( std::vector< OUString >() ); - m_pDlg->m_aSecOptions.SetTrustedAuthors( m_aTrustedAuthors ); + SvtSecurityOptions::SetTrustedAuthors( m_aTrustedAuthors ); } /* vim:set shiftwidth=4 softtabstop=4 expandtab: */ |