QGIS API Documentation  3.20.0-Odense (decaadbb31)
qgsauthguiutils.cpp
Go to the documentation of this file.
1 /***************************************************************************
2  qgsauthutils.cpp
3  ---------------------
4  begin : October 24, 2014
5  copyright : (C) 2014 by Boundless Spatial, Inc. USA
6  author : Larry Shaffer
7  email : lshaffer at boundlessgeo dot com
8  ***************************************************************************
9  * *
10  * This program is free software; you can redistribute it and/or modify *
11  * it under the terms of the GNU General Public License as published by *
12  * the Free Software Foundation; either version 2 of the License, or *
13  * (at your option) any later version. *
14  * *
15  ***************************************************************************/
16 
17 #include "qgsauthguiutils.h"
18 
19 #include <QFileDialog>
20 #include <QInputDialog>
21 #include <QLineEdit>
22 #include <QMessageBox>
23 
24 #include "qgssettings.h"
25 #include "qgsauthmanager.h"
26 #include "qgsauthmasterpassresetdialog.h"
27 #include "qgslogger.h"
28 #include "qgsmessagebar.h"
29 #include "qgsapplication.h"
30 
31 
32 QColor QgsAuthGuiUtils::greenColor()
33 {
34  return QColor( 0, 170, 0 );
35 }
36 
37 QColor QgsAuthGuiUtils::orangeColor()
38 {
39  return QColor( 255, 128, 0 );
40 }
41 
42 QColor QgsAuthGuiUtils::redColor()
43 {
44  return QColor( 200, 0, 0 );
45 }
46 
47 QColor QgsAuthGuiUtils::yellowColor()
48 {
49  return QColor( 255, 255, 125 );
50 }
51 
52 QString QgsAuthGuiUtils::greenTextStyleSheet( const QString &selector )
53 {
54  return QStringLiteral( "%1{color: %2;}" ).arg( selector, QgsAuthGuiUtils::greenColor().name() );
55 }
56 
57 QString QgsAuthGuiUtils::orangeTextStyleSheet( const QString &selector )
58 {
59  return QStringLiteral( "%1{color: %2;}" ).arg( selector, QgsAuthGuiUtils::orangeColor().name() );
60 }
61 
62 QString QgsAuthGuiUtils::redTextStyleSheet( const QString &selector )
63 {
64  return QStringLiteral( "%1{color: %2;}" ).arg( selector, QgsAuthGuiUtils::redColor().name() );
65 }
66 
67 bool QgsAuthGuiUtils::isDisabled( QgsMessageBar *msgbar )
68 {
69  if ( QgsApplication::authManager()->isDisabled() )
70  {
71  msgbar->pushMessage( QObject::tr( "Authentication System" ),
72  QObject::tr( "DISABLED. Resources authenticating via the system can not be accessed" ),
73  Qgis::MessageLevel::Critical );
74  return true;
75  }
76  return false;
77 }
78 
79 void QgsAuthGuiUtils::exportSelectedAuthenticationConfigs( QStringList authenticationConfigIds, QgsMessageBar *msgbar )
80 {
81  QString password = QInputDialog::getText( msgbar, QObject::tr( "Export Authentication Configurations" ),
82  QObject::tr( "Enter a password encrypt the configuration file:" ), QLineEdit::Password );
83  if ( password.isEmpty() )
84  {
85  if ( QMessageBox::warning( msgbar,
86  QObject::tr( "Export Authentication Configurations" ),
87  QObject::tr( "Exporting authentication configurations with a blank password will result in a plain text file which may contain sensitive information. Are you sure you want to do this?" ),
88  QMessageBox::Ok | QMessageBox::Cancel,
89  QMessageBox::Cancel ) == QMessageBox::Cancel )
90  {
91  return;
92  }
93  }
94 
95  QString filename = QFileDialog::getSaveFileName( msgbar, QObject::tr( "Export Authentication Configurations" ), QDir::homePath(),
96  QObject::tr( "XML files (*.xml *.XML)" ) );
97  if ( filename.isEmpty() )
98  return;
99 
100  bool ok = QgsApplication::authManager()->exportAuthenticationConfigsToXml( filename, authenticationConfigIds, password );
101  if ( !ok )
102  {
103  msgbar->pushMessage( QgsApplication::authManager()->authManTag(),
104  QObject::tr( "Export of authentication configurations failed." ),
105  Qgis::MessageLevel::Critical );
106  }
107 }
108 
109 void QgsAuthGuiUtils::importAuthenticationConfigs( QgsMessageBar *msgbar )
110 {
111 
112  QString filename = QFileDialog::getOpenFileName( msgbar, QObject::tr( "Export Authentication Configurations" ), QDir::homePath(),
113  QObject::tr( "XML files (*.xml *.XML)" ) );
114  if ( filename.isEmpty() )
115  return;
116 
117 
118  QFile file( filename );
119  if ( !file.open( QFile::ReadOnly ) )
120  {
121  return;
122  }
123 
124  QDomDocument document( QStringLiteral( "qgis_authentication" ) );
125  if ( !document.setContent( &file ) )
126  {
127  file.close();
128  return;
129  }
130  file.close();
131 
132  QDomElement root = document.documentElement();
133  if ( root.tagName() != QLatin1String( "qgis_authentication" ) )
134  {
135  return;
136  }
137 
138  QString password;
139  if ( root.hasAttribute( QStringLiteral( "salt" ) ) )
140  {
141  password = QInputDialog::getText( msgbar, QObject::tr( "Import Authentication Configurations" ),
142  QObject::tr( "Enter the password to decrypt the configurations file:" ), QLineEdit::Password );
143  }
144 
145  bool ok = QgsApplication::authManager()->importAuthenticationConfigsFromXml( filename, password );
146  if ( !ok )
147  {
148  msgbar->pushMessage( QgsApplication::authManager()->authManTag(),
149  QObject::tr( "Import of authentication configurations failed." ),
150  Qgis::MessageLevel::Critical );
151  }
152 }
153 
154 void QgsAuthGuiUtils::setMasterPassword( QgsMessageBar *msgbar )
155 {
156  if ( QgsAuthGuiUtils::isDisabled( msgbar ) )
157  return;
158 
159  if ( QgsApplication::authManager()->masterPasswordIsSet() )
160  {
161  msgbar->pushMessage( QgsApplication::authManager()->authManTag(),
162  QObject::tr( "Master password already set." ),
163  Qgis::MessageLevel::Info );
164  return;
165  }
166  ( void )QgsApplication::authManager()->setMasterPassword( true );
167 }
168 
169 void QgsAuthGuiUtils::clearCachedMasterPassword( QgsMessageBar *msgbar )
170 {
171  if ( QgsAuthGuiUtils::isDisabled( msgbar ) )
172  return;
173 
174  QString msg( QObject::tr( "Master password not cleared because it is not set." ) );
175  Qgis::MessageLevel level( Qgis::MessageLevel::Info );
176 
177  if ( QgsApplication::authManager()->masterPasswordIsSet() )
178  {
179  QgsApplication::authManager()->clearMasterPassword();
180  msg = QObject::tr( "Master password cleared (NOTE: network connections may be cached)." );
181  if ( QgsApplication::authManager()->masterPasswordIsSet() )
182  {
183  msg = QObject::tr( "Master password FAILED to be cleared." );
184  level = Qgis::MessageLevel::Warning;
185  }
186  }
187 
188  msgbar->pushMessage( QgsApplication::authManager()->authManTag(), msg, level );
189 }
190 
191 void QgsAuthGuiUtils::resetMasterPassword( QgsMessageBar *msgbar, QWidget *parent )
192 {
193  if ( QgsAuthGuiUtils::isDisabled( msgbar ) )
194  return;
195 
196  QString msg( QObject::tr( "Master password reset" ) );
197  Qgis::MessageLevel level( Qgis::MessageLevel::Info );
198 
199  // check that a master password is even set in auth db
200  if ( !QgsApplication::authManager()->masterPasswordHashInDatabase() )
201  {
202  msg = QObject::tr( "Master password reset: NO current password hash in database" );
203  msgbar->pushMessage( QgsApplication::authManager()->authManTag(), msg, Qgis::MessageLevel::Warning );
204  return;
205  }
206 
207  // get new password via dialog; do current password verification in-dialog
208  QString newpass;
209  QString oldpass;
210  bool keepbackup = false;
211  QgsMasterPasswordResetDialog dlg( parent );
212 
213  if ( !dlg.requestMasterPasswordReset( &newpass, &oldpass, &keepbackup ) )
214  {
215  QgsDebugMsg( QStringLiteral( "Master password reset: input canceled by user" ) );
216  return;
217  }
218 
219  QString backuppath;
220  if ( !QgsApplication::authManager()->resetMasterPassword( newpass, oldpass, keepbackup, &backuppath ) )
221  {
222  msg = QObject::tr( "Master password FAILED to be reset" );
223  level = Qgis::MessageLevel::Warning;
224  }
225 
226  if ( !backuppath.isEmpty() )
227  {
228  msg += QObject::tr( " (database backup: %1)" ).arg( backuppath );
229  }
230 
231  msgbar->pushMessage( QgsApplication::authManager()->authManTag(), msg, level );
232 }
233 
234 void QgsAuthGuiUtils::clearCachedAuthenticationConfigs( QgsMessageBar *msgbar )
235 {
236  if ( QgsAuthGuiUtils::isDisabled( msgbar ) )
237  return;
238 
239  QgsApplication::authManager()->clearAllCachedConfigs();
240  QString msg = QObject::tr( "Cached authentication configurations for session cleared" );
241  msgbar->pushMessage( QgsApplication::authManager()->authManTag(), msg, Qgis::MessageLevel::Info );
242 }
243 
244 void QgsAuthGuiUtils::removeAuthenticationConfigs( QgsMessageBar *msgbar, QWidget *parent )
245 {
246  if ( QgsAuthGuiUtils::isDisabled( msgbar ) )
247  return;
248 
249  if ( QMessageBox::warning( parent,
250  QObject::tr( "Remove Configurations" ),
251  QObject::tr( "Are you sure you want to remove ALL authentication configurations?\n\n"
252  "Operation can NOT be undone!" ),
253  QMessageBox::Ok | QMessageBox::Cancel,
254  QMessageBox::Cancel ) == QMessageBox::Cancel )
255  {
256  return;
257  }
258 
259  QString msg( QObject::tr( "Authentication configurations removed." ) );
260  Qgis::MessageLevel level( Qgis::MessageLevel::Info );
261 
262  if ( !QgsApplication::authManager()->removeAllAuthenticationConfigs() )
263  {
264  msg = QObject::tr( "Authentication configurations FAILED to be removed." );
265  level = Qgis::MessageLevel::Warning;
266  }
267 
268  msgbar->pushMessage( QgsApplication::authManager()->authManTag(), msg, level );
269 }
270 
271 void QgsAuthGuiUtils::eraseAuthenticationDatabase( QgsMessageBar *msgbar, QWidget *parent )
272 {
273  if ( QgsAuthGuiUtils::isDisabled( msgbar ) )
274  return;
275 
276  QMessageBox::StandardButton btn = QMessageBox::warning(
277  parent,
278  QObject::tr( "Erase Database" ),
279  QObject::tr( "Are you sure you want to ERASE the entire authentication database?\n\n"
280  "Operation can NOT be undone!\n\n"
281  "(Current database will be backed up and new one created.)" ),
282  QMessageBox::Ok | QMessageBox::Cancel,
283  QMessageBox::Cancel );
284 
285  QgsApplication::authManager()->setScheduledAuthDatabaseErase( false );
286 
287  if ( btn == QMessageBox::Cancel )
288  {
289  return;
290  }
291 
292  QString msg( QObject::tr( "Active authentication database erased." ) );
293  Qgis::MessageLevel level( Qgis::MessageLevel::Warning );
294 
295  QString backuppath;
296  if ( !QgsApplication::authManager()->eraseAuthenticationDatabase( true, &backuppath ) )
297  {
298  msg = QObject::tr( "Authentication database FAILED to be erased." );
299  level = Qgis::MessageLevel::Warning;
300  }
301  else
302  {
303  if ( !backuppath.isEmpty() )
304  {
305  msg += QObject::tr( " (backup: %1)" ).arg( backuppath );
306  }
307  level = Qgis::MessageLevel::Critical;
308  }
309 
310  msgbar->pushMessage( QObject::tr( "RESTART QGIS" ), msg, level );
311 }
312 
313 void QgsAuthGuiUtils::fileFound( bool found, QWidget *widget )
314 {
315  if ( !found )
316  {
317  widget->setStyleSheet( QgsAuthGuiUtils::redTextStyleSheet( QStringLiteral( "QLineEdit" ) ) );
318  widget->setToolTip( QObject::tr( "File not found" ) );
319  }
320  else
321  {
322  widget->setStyleSheet( QString() );
323  widget->setToolTip( QString() );
324  }
325 }
326 
327 QString QgsAuthGuiUtils::getOpenFileName( QWidget *parent, const QString &title, const QString &extfilter )
328 {
329  QgsSettings settings;
330  QString recentdir = settings.value( QStringLiteral( "UI/lastAuthOpenFileDir" ), QDir::homePath() ).toString();
331  QString f = QFileDialog::getOpenFileName( parent, title, recentdir, extfilter );
332  if ( !f.isEmpty() )
333  {
334  settings.setValue( QStringLiteral( "UI/lastAuthOpenFileDir" ), QFileInfo( f ).absoluteDir().path() );
335  }
336  return f;
337 }
338 
339 void QgsAuthGuiUtils::passwordHelperDelete( QgsMessageBar *msgbar, QWidget *parent )
340 {
341  if ( QMessageBox::warning( parent,
342  QObject::tr( "Delete Password" ),
343  QObject::tr( "Do you really want to delete the master password from your %1?" )
344  .arg( QgsAuthManager::AUTH_PASSWORD_HELPER_DISPLAY_NAME ),
345  QMessageBox::Ok | QMessageBox::Cancel,
346  QMessageBox::Cancel ) == QMessageBox::Cancel )
347  {
348  return;
349  }
350  QString msg;
351  Qgis::MessageLevel level;
352  if ( ! QgsApplication::authManager()->passwordHelperDelete() )
353  {
354  msg = QgsApplication::authManager()->passwordHelperErrorMessage();
355  level = Qgis::MessageLevel::Warning;
356  }
357  else
358  {
359  msg = QObject::tr( "Master password was successfully deleted from your %1" )
360  .arg( QgsAuthManager::AUTH_PASSWORD_HELPER_DISPLAY_NAME );
361 
362  level = Qgis::MessageLevel::Info;
363  }
364  msgbar->pushMessage( QObject::tr( "Password helper delete" ), msg, level );
365 }
366 
367 void QgsAuthGuiUtils::passwordHelperSync( QgsMessageBar *msgbar )
368 {
369  QString msg;
370  Qgis::MessageLevel level;
371  if ( ! QgsApplication::authManager()->masterPasswordIsSet() )
372  {
373  msg = QObject::tr( "Master password is not set and cannot be stored in your %1." )
374  .arg( QgsAuthManager::AUTH_PASSWORD_HELPER_DISPLAY_NAME );
375  level = Qgis::MessageLevel::Warning;
376  }
377  else if ( ! QgsApplication::authManager()->passwordHelperSync() )
378  {
379  msg = QgsApplication::authManager()->passwordHelperErrorMessage();
380  level = Qgis::MessageLevel::Warning;
381  }
382  else
383  {
384  msg = QObject::tr( "Master password has been successfully stored in your %1." )
385  .arg( QgsAuthManager::AUTH_PASSWORD_HELPER_DISPLAY_NAME );
386 
387  level = Qgis::MessageLevel::Info;
388  }
389  msgbar->pushMessage( QObject::tr( "Password helper write" ), msg, level );
390 }
391 
392 void QgsAuthGuiUtils::passwordHelperEnable( bool enabled, QgsMessageBar *msgbar )
393 {
394  QgsApplication::authManager()->setPasswordHelperEnabled( enabled );
395  QString msg = enabled ? QObject::tr( "Your %1 will be <b>used from now</b> on to store and retrieve the master password." )
396  .arg( QgsAuthManager::AUTH_PASSWORD_HELPER_DISPLAY_NAME ) :
397  QObject::tr( "Your %1 will <b>not be used anymore</b> to store and retrieve the master password." )
398  .arg( QgsAuthManager::AUTH_PASSWORD_HELPER_DISPLAY_NAME );
399  msgbar->pushMessage( QObject::tr( "Password helper write" ), msg, Qgis::MessageLevel::Info );
400 }
401 
402 void QgsAuthGuiUtils::passwordHelperLoggingEnable( bool enabled, QgsMessageBar *msgbar, int timeout )
403 {
404  Q_UNUSED( msgbar )
405  Q_UNUSED( timeout )
406  QgsApplication::authManager()->setPasswordHelperLoggingEnabled( enabled );
407 }
Qgis::MessageLevel
MessageLevel
Level for messages This will be used both for message log and message bar in application.
Definition: qgis.h:105
QgsApplication::authManager
static QgsAuthManager * authManager()
Returns the application's authentication manager instance.
Definition: qgsapplication.cpp:1353
QgsAuthGuiUtils::importAuthenticationConfigs
static void importAuthenticationConfigs(QgsMessageBar *msgbar)
Import authentication configurations from a XML file.
Definition: qgsauthguiutils.cpp:109
QgsAuthGuiUtils::exportSelectedAuthenticationConfigs
static void exportSelectedAuthenticationConfigs(QStringList authenticationConfigIds, QgsMessageBar *msgbar)
Exports selected authentication configurations to a XML file.
Definition: qgsauthguiutils.cpp:79
QgsAuthGuiUtils::greenTextStyleSheet
static QString greenTextStyleSheet(const QString &selector="*")
Green text stylesheet representing valid, trusted, etc. certificate.
Definition: qgsauthguiutils.cpp:52
QgsAuthGuiUtils::resetMasterPassword
static void resetMasterPassword(QgsMessageBar *msgbar, QWidget *parent=nullptr)
Reset the cached master password, updating its hash in authentication database and resetting all exis...
Definition: qgsauthguiutils.cpp:191
QgsAuthGuiUtils::greenColor
static QColor greenColor()
Green color representing valid, trusted, etc. certificate.
Definition: qgsauthguiutils.cpp:32
QgsAuthGuiUtils::orangeColor
static QColor orangeColor()
Orange color representing loaded component, but not stored in database.
Definition: qgsauthguiutils.cpp:37
QgsAuthGuiUtils::redTextStyleSheet
static QString redTextStyleSheet(const QString &selector="*")
Red text stylesheet representing invalid, untrusted, etc. certificate.
Definition: qgsauthguiutils.cpp:62
QgsAuthGuiUtils::clearCachedMasterPassword
static void clearCachedMasterPassword(QgsMessageBar *msgbar)
Clear the currently cached master password (not its hash in database)
Definition: qgsauthguiutils.cpp:169
QgsAuthGuiUtils::passwordHelperEnable
static void passwordHelperEnable(bool enabled, QgsMessageBar *msgbar)
Sets password helper enabled (enable/disable)
Definition: qgsauthguiutils.cpp:392
QgsAuthGuiUtils::orangeTextStyleSheet
static QString orangeTextStyleSheet(const QString &selector="*")
Orange text stylesheet representing loaded component, but not stored in database.
Definition: qgsauthguiutils.cpp:57
QgsAuthGuiUtils::clearCachedAuthenticationConfigs
static void clearCachedAuthenticationConfigs(QgsMessageBar *msgbar)
Clear all cached authentication configs for session.
Definition: qgsauthguiutils.cpp:234
QgsAuthGuiUtils::isDisabled
static bool isDisabled(QgsMessageBar *msgbar)
Verify the authentication system is active, else notify user.
Definition: qgsauthguiutils.cpp:67
QgsAuthGuiUtils::passwordHelperLoggingEnable
static void passwordHelperLoggingEnable(bool enabled, QgsMessageBar *msgbar, int timeout=0)
Sets password helper logging enabled (enable/disable)
Definition: qgsauthguiutils.cpp:402
QgsAuthGuiUtils::eraseAuthenticationDatabase
static void eraseAuthenticationDatabase(QgsMessageBar *msgbar, QWidget *parent=nullptr)
Completely clear out the authentication database (configs and master password)
Definition: qgsauthguiutils.cpp:271
QgsAuthGuiUtils::removeAuthenticationConfigs
static void removeAuthenticationConfigs(QgsMessageBar *msgbar, QWidget *parent=nullptr)
Remove all authentication configs.
Definition: qgsauthguiutils.cpp:244
QgsAuthGuiUtils::yellowColor
static QColor yellowColor()
Yellow color representing caution regarding action.
Definition: qgsauthguiutils.cpp:47
QgsAuthGuiUtils::fileFound
static void fileFound(bool found, QWidget *widget)
Color a widget via a stylesheet if a file path is found or not.
Definition: qgsauthguiutils.cpp:313
QgsAuthGuiUtils::setMasterPassword
static void setMasterPassword(QgsMessageBar *msgbar)
Sets the cached master password (and verifies it if its hash is in authentication database)
Definition: qgsauthguiutils.cpp:154
QgsAuthGuiUtils::getOpenFileName
static QString getOpenFileName(QWidget *parent, const QString &title, const QString &extfilter)
Open file dialog for auth associated widgets.
Definition: qgsauthguiutils.cpp:327
QgsAuthGuiUtils::passwordHelperDelete
static void passwordHelperDelete(QgsMessageBar *msgbar, QWidget *parent=nullptr)
Remove master password from wallet.
Definition: qgsauthguiutils.cpp:339
QgsAuthGuiUtils::passwordHelperSync
static void passwordHelperSync(QgsMessageBar *msgbar)
Store master password into the wallet.
Definition: qgsauthguiutils.cpp:367
QgsAuthGuiUtils::redColor
static QColor redColor()
Red color representing invalid, untrusted, etc. certificate.
Definition: qgsauthguiutils.cpp:42
QgsAuthManager::clearAllCachedConfigs
void clearAllCachedConfigs()
Clear all authentication configs from authentication method caches.
Definition: qgsauthmanager.cpp:3060
QgsAuthManager::exportAuthenticationConfigsToXml
bool exportAuthenticationConfigsToXml(const QString &filename, const QStringList &authcfgs, const QString &password=QString())
Export authentication configurations to an XML file.
Definition: qgsauthmanager.cpp:1333
QgsAuthManager::setPasswordHelperEnabled
void setPasswordHelperEnabled(bool enabled)
Password helper enabled setter.
Definition: qgsauthmanager.cpp:3302
QgsAuthManager::setScheduledAuthDatabaseErase
void setScheduledAuthDatabaseErase(bool scheduleErase)
Schedule an optional erase of authentication database, starting when mutex is lockable.
Definition: qgsauthmanager.cpp:808
QgsAuthManager::importAuthenticationConfigsFromXml
bool importAuthenticationConfigsFromXml(const QString &filename, const QString &password=QString(), bool overwrite=false)
Import authentication configurations from an XML file.
Definition: qgsauthmanager.cpp:1392
QgsAuthManager::clearMasterPassword
void clearMasterPassword()
Clear supplied master password.
Definition: qgsauthmanager.h:149
QgsAuthManager::passwordHelperErrorMessage
const QString passwordHelperErrorMessage()
Error message getter.
Definition: qgsauthmanager.h:660
QgsAuthManager::setPasswordHelperLoggingEnabled
void setPasswordHelperLoggingEnabled(bool enabled)
Password helper logging enabled setter.
Definition: qgsauthmanager.cpp:3319
QgsAuthManager::setMasterPassword
bool setMasterPassword(bool verify=false)
Main call to initially set or continually check master password is set.
Definition: qgsauthmanager.cpp:500
QgsAuthManager::AUTH_PASSWORD_HELPER_DISPLAY_NAME
static const QString AUTH_PASSWORD_HELPER_DISPLAY_NAME
The display name of the password helper (platform dependent)
Definition: qgsauthmanager.h:699
QgsMasterPasswordResetDialog
Dialog to verify current master password and initiate reset of authentication database with a new pas...
Definition: qgsauthmasterpassresetdialog.h:39
QgsMasterPasswordResetDialog::requestMasterPasswordReset
bool requestMasterPasswordReset(QString *newpass, QString *oldpass, bool *keepbackup)
Definition: qgsauthmasterpassresetdialog.cpp:46
QgsMessageBar
A bar for displaying non-blocking messages to the user.
Definition: qgsmessagebar.h:61
QgsMessageBar::pushMessage
void pushMessage(const QString &text, Qgis::MessageLevel level=Qgis::MessageLevel::Info, int duration=-1)
A convenience method for pushing a message with the specified text to the bar.
Definition: qgsmessagebar.cpp:405
QgsDebugMsg
#define QgsDebugMsg(str)
Definition: qgslogger.h:38
Generated on Sun Jun 20 2021 10:45:59 for QGIS API Documentation by doxygen 1.9.1