[Libreoffice-commits] core.git: Branch 'libreoffice-6-4' - sfx2/source uui/source
Jan-Marek Glogowski (via logerrit)
logerrit at kemper.freedesktop.org
Wed Dec 18 11:15:00 UTC 2019
sfx2/source/doc/docmacromode.cxx | 10 +++++++++-
uui/source/secmacrowarnings.cxx | 9 +++++++--
2 files changed, 16 insertions(+), 3 deletions(-)
New commits:
commit 9cdb97cd93e60a0faf0a531949d94cff79e1aab9
Author: Jan-Marek Glogowski <jan-marek.glogowski at extern.cib.de>
AuthorDate: Tue Dec 10 18:42:40 2019 +0100
Commit: Jan-Marek Glogowski <glogow at fbihome.de>
CommitDate: Wed Dec 18 12:14:03 2019 +0100
tdf#129311 don't allow temporary trusted certs
This simply skips the DocumentMacroConfirmationRequest, if the
macro security level (MSL) is *High* and the list of trusted
authors is read-only. For the MSL *Medium*, the check box of
the dialog is hidden with read-only trusted authors.
Change-Id: If6c08e4fdbf200e778d181370cc73fd947cecff5
Reviewed-on: https://gerrit.libreoffice.org/84887
Tested-by: Jenkins
Reviewed-by: Jan-Marek Glogowski <glogow at fbihome.de>
(cherry picked from commit 71c6f438cecc3ce5e8060efe1df840652885701c)
Reviewed-on: https://gerrit.libreoffice.org/85299
diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx
index 13954b06f6d8..492bd0a63009 100644
--- a/sfx2/source/doc/docmacromode.cxx
+++ b/sfx2/source/doc/docmacromode.cxx
@@ -225,11 +225,17 @@ namespace sfx2
if ( nMacroExecutionMode != MacroExecMode::FROM_LIST )
{
// the trusted macro check will also retrieve the signature state ( small optimization )
- bool bHasTrustedMacroSignature = m_xData->m_rDocumentAccess.hasTrustedScriptingSignature( nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN );
+ const SvtSecurityOptions aSecOption;
+ const bool bAllowUIToAddAuthor = nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN
+ && (nMacroExecutionMode == MacroExecMode::ALWAYS_EXECUTE
+ || !aSecOption.IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors));
+ const bool bHasTrustedMacroSignature = m_xData->m_rDocumentAccess.hasTrustedScriptingSignature(bAllowUIToAddAuthor);
SignatureState nSignatureState = m_xData->m_rDocumentAccess.getScriptingSignatureState();
if ( nSignatureState == SignatureState::BROKEN )
{
+ if (!bAllowUIToAddAuthor)
+ lcl_showDocumentMacrosDisabledError(rxInteraction, m_xData->m_bDocMacroDisabledMessageShown);
return disallowMacroExecution();
}
else if ( bHasTrustedMacroSignature )
@@ -241,6 +247,8 @@ namespace sfx2
|| nSignatureState == SignatureState::NOTVALIDATED )
{
// there is valid signature, but it is not from the trusted author
+ if (!bAllowUIToAddAuthor)
+ lcl_showDocumentMacrosDisabledError(rxInteraction, m_xData->m_bDocMacroDisabledMessageShown);
return disallowMacroExecution();
}
}
diff --git a/uui/source/secmacrowarnings.cxx b/uui/source/secmacrowarnings.cxx
index 6c6e343a08f0..0bc2e1d04d72 100644
--- a/uui/source/secmacrowarnings.cxx
+++ b/uui/source/secmacrowarnings.cxx
@@ -137,9 +137,14 @@ void MacroWarning::InitControls()
{
mxViewSignsBtn->connect_clicked(LINK(this, MacroWarning, ViewSignsBtnHdl));
mxViewSignsBtn->set_sensitive(false);
- mxAlwaysTrustCB->connect_clicked(LINK(this, MacroWarning, AlwaysTrustCheckHdl));
- mnActSecLevel = SvtSecurityOptions().GetMacroSecurityLevel();
+ const SvtSecurityOptions aSecOption;
+ if (!aSecOption.IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors))
+ mxAlwaysTrustCB->connect_clicked(LINK(this, MacroWarning, AlwaysTrustCheckHdl));
+ else
+ mxAlwaysTrustCB->set_visible(false);
+
+ mnActSecLevel = aSecOption.GetMacroSecurityLevel();
if ( mnActSecLevel >= 2 )
mxEnableBtn->set_sensitive(false);
}
More information about the Libreoffice-commits
mailing list