api/3.0/qgsauthserverseditor_8cpp_source.html

 /***************************************************************************
     qgsauthserverseditor.cpp
     ---------------------
     begin                : April 26, 2015
     copyright            : (C) 2015 by Boundless Spatial, Inc. USA
     author               : Larry Shaffer
     email                : lshaffer at boundlessgeo dot com
  ***************************************************************************
  *                                                                         *
  *   This program is free software; you can redistribute it and/or modify  *
  *   it under the terms of the GNU General Public License as published by  *
  *   the Free Software Foundation; either version 2 of the License, or     *
  *   (at your option) any later version.                                   *
  *                                                                         *
  ***************************************************************************/

 #include "qgsauthserverseditor.h"
 #include "ui_qgsauthserverseditor.h"
 #include "qgsauthsslimportdialog.h"

 #include <QMenu>
 #include <QMessageBox>

 #include "qgssettings.h"
 #include "qgsapplication.h"
 #include "qgsauthcertificateinfo.h"
 #include "qgsauthcertutils.h"
 #include "qgsauthmanager.h"
 #include "qgsauthguiutils.h"
 #include "qgslogger.h"

 QgsAuthServersEditor::QgsAuthServersEditor( QWidget *parent )
   : QWidget( parent )
 {
   if ( QgsApplication::authManager()->isDisabled() )
   {
     mDisabled = true;
     mAuthNotifyLayout = new QVBoxLayout;
     this->setLayout( mAuthNotifyLayout );
     mAuthNotify = new QLabel( QgsApplication::authManager()->disabledMessage(), this );
     mAuthNotifyLayout->addWidget( mAuthNotify );
   }
   else
   {
     setupUi( this );
     connect( btnAddServer, &QToolButton::clicked, this, &QgsAuthServersEditor::btnAddServer_clicked );
     connect( btnRemoveServer, &QToolButton::clicked, this, &QgsAuthServersEditor::btnRemoveServer_clicked );
     connect( btnEditServer, &QToolButton::clicked, this, &QgsAuthServersEditor::btnEditServer_clicked );
     connect( btnGroupByOrg, &QToolButton::toggled, this, &QgsAuthServersEditor::btnGroupByOrg_toggled );

     connect( QgsApplication::authManager(), &QgsAuthManager::messageOut,
              this, &QgsAuthServersEditor::authMessageOut );

     connect( QgsApplication::authManager(), &QgsAuthManager::authDatabaseChanged,
              this, &QgsAuthServersEditor::refreshSslConfigsView );

     setupSslConfigsTree();

     connect( treeServerConfigs->selectionModel(), &QItemSelectionModel::selectionChanged,
              this, &QgsAuthServersEditor::selectionChanged );

     connect( treeServerConfigs, &QTreeWidget::itemDoubleClicked,
              this, &QgsAuthServersEditor::handleDoubleClick );

     connect( btnViewRefresh, &QAbstractButton::clicked, this, &QgsAuthServersEditor::refreshSslConfigsView );

     btnGroupByOrg->setChecked( false );
     QVariant sortbyval = QgsApplication::authManager()->authSetting( QStringLiteral( "serverssortby" ), QVariant( false ) );
     if ( !sortbyval.isNull() )
       btnGroupByOrg->setChecked( sortbyval.toBool() );

     populateSslConfigsView();
     checkSelection();
   }
 }

 static void setItemBold_( QTreeWidgetItem *item )
 {
   item->setFirstColumnSpanned( true );
   QFont secf( item->font( 0 ) );
   secf.setBold( true );
   item->setFont( 0, secf );
 }


 void QgsAuthServersEditor::setupSslConfigsTree()
 {
   treeServerConfigs->setColumnCount( 3 );
   treeServerConfigs->setHeaderLabels(
     QStringList() << tr( "Common Name" )
     << tr( "Host" )
     << tr( "Expiry Date" ) );
   treeServerConfigs->setColumnWidth( 0, 275 );
   treeServerConfigs->setColumnWidth( 1, 200 );

   // add root sections
   mRootSslConfigItem = new QTreeWidgetItem(
     treeServerConfigs,
     QStringList( tr( "SSL Server Configurations" ) ),
     ( int )QgsAuthServersEditor::Section );
   setItemBold_( mRootSslConfigItem );
   mRootSslConfigItem->setFlags( Qt::ItemIsEnabled );
   mRootSslConfigItem->setExpanded( true );
   treeServerConfigs->insertTopLevelItem( 0, mRootSslConfigItem );
 }

 static void removeChildren_( QTreeWidgetItem *item )
 {
   Q_FOREACH ( QTreeWidgetItem *child, item->takeChildren() )
   {
     delete child;
   }
 }

 void QgsAuthServersEditor::populateSslConfigsView()
 {
   removeChildren_( mRootSslConfigItem );

   populateSslConfigsSection( mRootSslConfigItem,
                              QgsApplication::authManager()->sslCertCustomConfigs(),
                              QgsAuthServersEditor::ServerConfig );
 }

 void QgsAuthServersEditor::refreshSslConfigsView()
 {
   populateSslConfigsView();
 }

 void QgsAuthServersEditor::populateSslConfigsSection( QTreeWidgetItem *item,
     const QList<QgsAuthConfigSslServer> &configs,
     QgsAuthServersEditor::ConfigType conftype )
 {
   if ( btnGroupByOrg->isChecked() )
   {
     appendSslConfigsToGroup( configs, conftype, item );
   }
   else
   {
     appendSslConfigsToItem( configs, conftype, item );
   }
 }

 void QgsAuthServersEditor::appendSslConfigsToGroup( const QList<QgsAuthConfigSslServer> &configs,
     QgsAuthServersEditor::ConfigType conftype,
     QTreeWidgetItem *parent )
 {
   if ( configs.empty() )
     return;

   if ( !parent )
   {
     parent = treeServerConfigs->currentItem();
   }

   // TODO: find all organizational name, sort and make subsections
   QMap< QString, QList<QgsAuthConfigSslServer> > orgconfigs(
     QgsAuthCertUtils::sslConfigsGroupedByOrg( configs ) );

   QMap< QString, QList<QgsAuthConfigSslServer> >::const_iterator it = orgconfigs.constBegin();
   for ( ; it != orgconfigs.constEnd(); ++it )
   {
     QTreeWidgetItem *grpitem( new QTreeWidgetItem( parent,
                               QStringList() << it.key(),
                               ( int )QgsAuthServersEditor::OrgName ) );
     grpitem->setFirstColumnSpanned( true );
     grpitem->setFlags( Qt::ItemIsEnabled );
     grpitem->setExpanded( true );

     QBrush orgb( grpitem->foreground( 0 ) );
     orgb.setColor( QColor::fromRgb( 90, 90, 90 ) );
     grpitem->setForeground( 0, orgb );
     QFont grpf( grpitem->font( 0 ) );
     grpf.setItalic( true );
     grpitem->setFont( 0, grpf );

     appendSslConfigsToItem( it.value(), conftype, grpitem );
   }

   parent->sortChildren( 0, Qt::AscendingOrder );
 }

 void QgsAuthServersEditor::appendSslConfigsToItem( const QList<QgsAuthConfigSslServer> &configs,
     QgsAuthServersEditor::ConfigType conftype,
     QTreeWidgetItem *parent )
 {
   if ( configs.empty() )
     return;

   if ( !parent )
   {
     parent = treeServerConfigs->currentItem();
   }

   QBrush redb( QgsAuthGuiUtils::redColor() );

   // Columns: Common Name, Host, Expiry Date
   Q_FOREACH ( const QgsAuthConfigSslServer &config, configs )
   {
     QSslCertificate cert( config.sslCertificate() );
     QString id( QgsAuthCertUtils::shaHexForCert( cert ) );

     QStringList coltxts;
     coltxts << QgsAuthCertUtils::resolvedCertName( cert );
     coltxts << QString( config.sslHostPort() );
     coltxts << cert.expiryDate().toString();

     QTreeWidgetItem *item( new QTreeWidgetItem( parent, coltxts, ( int )conftype ) );

     item->setIcon( 0, QgsApplication::getThemeIcon( QStringLiteral( "/mIconCertificate.svg" ) ) );
     if ( !QgsAuthCertUtils::certIsViable( cert ) )
     {
       item->setForeground( 2, redb );
       item->setIcon( 0, QgsApplication::getThemeIcon( QStringLiteral( "/mIconCertificateUntrusted.svg" ) ) );
     }

     item->setData( 0, Qt::UserRole, id );
   }

   parent->sortChildren( 0, Qt::AscendingOrder );
 }

 void QgsAuthServersEditor::selectionChanged( const QItemSelection &selected, const QItemSelection &deselected )
 {
   Q_UNUSED( selected );
   Q_UNUSED( deselected );
   checkSelection();
 }

 void QgsAuthServersEditor::checkSelection()
 {
   bool isconfig = false;
   if ( treeServerConfigs->selectionModel()->selection().length() > 0 )
   {
     QTreeWidgetItem *item( treeServerConfigs->currentItem() );

     switch ( ( QgsAuthServersEditor::ConfigType )item->type() )
     {
       case QgsAuthServersEditor::ServerConfig :
         isconfig = true;
         break;
       default:
         break;
     }
   }

   btnRemoveServer->setEnabled( isconfig );
   btnEditServer->setEnabled( isconfig );
 }

 void QgsAuthServersEditor::handleDoubleClick( QTreeWidgetItem *item, int col )
 {
   Q_UNUSED( col );
   bool isconfig = true;

   switch ( ( QgsAuthServersEditor::ConfigType )item->type() )
   {
     case QgsAuthServersEditor::Section:
       isconfig = false;
       break;
     case QgsAuthServersEditor::OrgName:
       isconfig = false;
       break;
     default:
       break;
   }

   if ( isconfig )
   {
     btnEditServer_clicked();
   }
 }

 void QgsAuthServersEditor::btnAddServer_clicked()
 {
   QgsAuthSslImportDialog *dlg = new QgsAuthSslImportDialog( this );
   dlg->setWindowModality( Qt::WindowModal );
   dlg->resize( 580, 512 );
   if ( dlg->exec() )
   {
     refreshSslConfigsView();
   }
   dlg->deleteLater();
 }

 void QgsAuthServersEditor::btnRemoveServer_clicked()
 {
   QTreeWidgetItem *item( treeServerConfigs->currentItem() );

   if ( !item )
   {
     QgsDebugMsg( "Current tree widget item not set" );
     return;
   }

   QString digest( item->data( 0, Qt::UserRole ).toString() );
   QString hostport( item->text( 1 ) );

   if ( digest.isEmpty() )
   {
     messageBar()->pushMessage( tr( "SSL custom config id missing" ),
                                Qgis::Warning );
     return;
   }
   if ( hostport.isEmpty() )
   {
     messageBar()->pushMessage( tr( "SSL custom config host:port missing" ),
                                Qgis::Warning );
     return;
   }

   if ( !QgsApplication::authManager()->existsSslCertCustomConfig( digest, hostport ) )
   {
     QgsDebugMsg( QString( "SSL custom config does not exist in database for host:port, id %1:" )
                  .arg( hostport, digest ) );
     return;
   }

   if ( QMessageBox::warning(
          this, tr( "Remove SSL Custom Configuration" ),
          tr( "Are you sure you want to remove the selected "
              "SSL custom configuration from the database?\n\n"
              "Operation can NOT be undone!" ),
          QMessageBox::Ok | QMessageBox::Cancel,
          QMessageBox::Cancel ) == QMessageBox::Cancel )
   {
     return;
   }

   if ( !QgsApplication::authManager()->removeSslCertCustomConfig( digest, hostport ) )
   {
     messageBar()->pushMessage( tr( "ERROR removing SSL custom config from authentication database for host:port, id %1:" )
                                .arg( hostport, digest ),
                                Qgis::Critical );
     return;
   }

   item->parent()->removeChild( item );
   delete item;
 }

 void QgsAuthServersEditor::btnEditServer_clicked()
 {
   QTreeWidgetItem *item( treeServerConfigs->currentItem() );

   if ( !item )
   {
     QgsDebugMsg( "Current tree widget item not set" );
     return;
   }

   QString digest( item->data( 0, Qt::UserRole ).toString() );
   QString hostport( item->text( 1 ) );

   if ( digest.isEmpty() )
   {
     messageBar()->pushMessage( tr( "SSL custom config id missing." ),
                                Qgis::Warning );
     return;
   }
   if ( hostport.isEmpty() )
   {
     messageBar()->pushMessage( tr( "SSL custom config host:port missing." ),
                                Qgis::Warning );
     return;
   }

   if ( !QgsApplication::authManager()->existsSslCertCustomConfig( digest, hostport ) )
   {
     QgsDebugMsg( "SSL custom config does not exist in database" );
     return;
   }

   QgsAuthConfigSslServer config( QgsApplication::authManager()->sslCertCustomConfig( digest, hostport ) );
   QSslCertificate cert( config.sslCertificate() );

   QgsAuthSslConfigDialog *dlg = new QgsAuthSslConfigDialog( this, cert, hostport );
   dlg->sslCustomConfigWidget()->setConfigCheckable( false );
   dlg->setWindowModality( Qt::WindowModal );
   dlg->resize( 500, 500 );
   if ( dlg->exec() )
   {
     refreshSslConfigsView();
   }
   dlg->deleteLater();
 }

 void QgsAuthServersEditor::btnGroupByOrg_toggled( bool checked )
 {
   if ( !QgsApplication::authManager()->storeAuthSetting( QStringLiteral( "serverssortby" ), QVariant( checked ) ) )
   {
     authMessageOut( QObject::tr( "Could not store sort by preference." ),
                     QObject::tr( "Authentication SSL Configs" ),
                     QgsAuthManager::WARNING );
   }
   populateSslConfigsView();
 }

 void QgsAuthServersEditor::authMessageOut( const QString &message, const QString &authtag, QgsAuthManager::MessageLevel level )
 {
   int levelint = ( int )level;
   messageBar()->pushMessage( authtag, message, ( Qgis::MessageLevel )levelint, 7 );
 }

 void QgsAuthServersEditor::showEvent( QShowEvent *e )
 {
   if ( !mDisabled )
   {
     treeServerConfigs->setFocus();
   }
   QWidget::showEvent( e );
 }

 QgsMessageBar *QgsAuthServersEditor::messageBar()
 {
   return msgBar;
 }

 int QgsAuthServersEditor::messageTimeout()
 {
   QgsSettings settings;
   return settings.value( QStringLiteral( "qgis/messageTimeout" ), 5 ).toInt();
 }
QgsAuthManager::messageOut
void messageOut(const QString &message, const QString &tag=QgsAuthManager::AUTH_MAN_TAG, QgsAuthManager::MessageLevel level=QgsAuthManager::INFO) const
Custom logging signal to relay to console output and QgsMessageLog.

qgsauthmanager.h

QgsSettings
This class is a composition of two QSettings instances:
Definition: qgssettings.h:57

Qgis::Warning
Definition: qgis.h:81

QgsDebugMsg
#define QgsDebugMsg(str)
Definition: qgslogger.h:38

qgsauthcertificateinfo.h

QgsMessageBar
A bar for displaying non-blocking messages to the user.
Definition: qgsmessagebar.h:45

QgsAuthConfigSslServer
Configuration container for SSL server connection exceptions or overrides.
Definition: qgsauthconfig.h:371

QgsApplication::getThemeIcon
static QIcon getThemeIcon(const QString &name)
Helper to get a theme icon.
Definition: qgsapplication.cpp:472

Qgis::MessageLevel
MessageLevel
Level for messages This will be used both for message log and message bar in application.
Definition: qgis.h:78

qgsauthcertutils.h

QgsAuthManager::MessageLevel
MessageLevel
Message log level (mirrors that of QgsMessageLog, so it can also output there)
Definition: qgsauthmanager.h:68

qgsauthserverseditor.h

QgsAuthCertUtils::certIsViable
static bool certIsViable(const QSslCertificate &cert)
certIsViable checks for viability errors of cert and whether it is NULL
Definition: qgsauthcertutils.cpp:1295

QgsAuthGuiUtils::redColor
static QColor redColor()
Red color representing invalid, untrusted, etc. certificate.
Definition: qgsauthguiutils.cpp:41

qgsapplication.h

qgsauthguiutils.h

QgsAuthManager::authDatabaseChanged
void authDatabaseChanged()
Emitted when the authentication db is significantly changed, e.g. large record removal, erased, etc.

QgsAuthCertUtils::sslConfigsGroupedByOrg
static QMap< QString, QList< QgsAuthConfigSslServer > > sslConfigsGroupedByOrg(const QList< QgsAuthConfigSslServer > &configs)
Map SSL custom configs&#39; certificates to their oraganization.
Definition: qgsauthcertutils.cpp:89

QgsAuthConfigSslServer::sslHostPort
const QString sslHostPort() const
Server host:port string.
Definition: qgsauthconfig.h:383

qgsauthsslimportdialog.h

QgsMessageBar::pushMessage
void pushMessage(const QString &text, Qgis::MessageLevel level=Qgis::Info, int duration=5)
convenience method for pushing a message to the bar
Definition: qgsmessagebar.h:88

QgsAuthManager::WARNING
Definition: qgsauthmanager.h:71

QgsAuthCertUtils::shaHexForCert
static QString shaHexForCert(const QSslCertificate &cert, bool formatted=false)
Get the sha1 hash for certificate.
Definition: qgsauthcertutils.cpp:738

QgsApplication::authManager
static QgsAuthManager * authManager()
Returns the application&#39;s authentication manager instance.
Definition: qgsapplication.cpp:1025

Qgis::Critical
Definition: qgis.h:82

QgsAuthConfigSslServer::sslCertificate
const QSslCertificate sslCertificate() const
Server certificate object.
Definition: qgsauthconfig.h:378

QgsAuthSslConfigDialog
Dialog wrapper of widget for editing an SSL server configuration.
Definition: qgsauthsslconfigwidget.h:191

QgsAuthManager::authSetting
QVariant authSetting(const QString &key, const QVariant &defaultValue=QVariant(), bool decrypt=false)
authSetting get an authentication setting (retrieved as string and returned as QVariant( QString )) ...
Definition: qgsauthmanager.cpp:1550

QgsAuthServersEditor::showEvent
void showEvent(QShowEvent *e) override
Definition: qgsauthserverseditor.cpp:404

QgsSettings::value
QVariant value(const QString &key, const QVariant &defaultValue=QVariant(), const Section section=NoSection) const
Returns the value for setting key.
Definition: qgssettings.cpp:164

QgsAuthServersEditor::QgsAuthServersEditor
QgsAuthServersEditor(QWidget *parent=nullptr)
Widget for editing authentication configurations directly in database.
Definition: qgsauthserverseditor.cpp:32

QgsAuthSslImportDialog
Widget for importing an SSL server certificate exception into the authentication database.
Definition: qgsauthsslimportdialog.h:82

QgsAuthCertUtils::resolvedCertName
static QString resolvedCertName(const QSslCertificate &cert, bool issuer=false)
Get the general name via RFC 5280 resolution.
Definition: qgsauthcertutils.cpp:615

qgssettings.h

qgslogger.h