api/3.20/qgsauthidentitieseditor_8cpp_source.html

 /***************************************************************************

     qgsauthidentitieseditor.cpp

     ---------------------

     begin                : April 26, 2015

     copyright            : (C) 2015 by Boundless Spatial, Inc. USA

     author               : Larry Shaffer

     email                : lshaffer at boundlessgeo dot com

  ***************************************************************************

  *                                                                         *

  *   This program is free software; you can redistribute it and/or modify  *

  *   it under the terms of the GNU General Public License as published by  *

  *   the Free Software Foundation; either version 2 of the License, or     *

  *   (at your option) any later version.                                   *

  *                                                                         *

  ***************************************************************************/


 #include "qgsauthidentitieseditor.h"

 #include "ui_qgsauthidentitieseditor.h"


 #include <QMenu>

 #include <QMessageBox>


 #include "qgssettings.h"

 #include "qgsapplication.h"

 #include "qgsauthcertificateinfo.h"

 #include "qgsauthcertutils.h"

 #include "qgsauthimportidentitydialog.h"

 #include "qgsauthmanager.h"

 #include "qgsauthguiutils.h"

 #include "qgslogger.h"


 QgsAuthIdentitiesEditor::QgsAuthIdentitiesEditor( QWidget *parent )

   : QWidget( parent )

 {

   if ( QgsApplication::authManager()->isDisabled() )

   {

     mDisabled = true;

     mAuthNotifyLayout = new QVBoxLayout;

     this->setLayout( mAuthNotifyLayout );

     mAuthNotify = new QLabel( QgsApplication::authManager()->disabledMessage(), this );

     mAuthNotifyLayout->addWidget( mAuthNotify );

   }

   else

   {

     setupUi( this );

     connect( btnAddIdentity, &QToolButton::clicked, this, &QgsAuthIdentitiesEditor::btnAddIdentity_clicked );

     connect( btnRemoveIdentity, &QToolButton::clicked, this, &QgsAuthIdentitiesEditor::btnRemoveIdentity_clicked );

     connect( btnInfoIdentity, &QToolButton::clicked, this, &QgsAuthIdentitiesEditor::btnInfoIdentity_clicked );

     connect( btnGroupByOrg, &QToolButton::toggled, this, &QgsAuthIdentitiesEditor::btnGroupByOrg_toggled );


     connect( QgsApplication::authManager(), &QgsAuthManager::messageOut,

              this, &QgsAuthIdentitiesEditor::authMessageOut );


     connect( QgsApplication::authManager(), &QgsAuthManager::authDatabaseChanged,

              this, &QgsAuthIdentitiesEditor::refreshIdentitiesView );


     setupIdentitiesTree();


     connect( treeIdentities->selectionModel(), &QItemSelectionModel::selectionChanged,

              this, &QgsAuthIdentitiesEditor::selectionChanged );


     connect( treeIdentities, &QTreeWidget::itemDoubleClicked,

              this, &QgsAuthIdentitiesEditor::handleDoubleClick );


     connect( btnViewRefresh, &QAbstractButton::clicked, this, &QgsAuthIdentitiesEditor::refreshIdentitiesView );


     btnGroupByOrg->setChecked( false );

     QVariant sortbyval = QgsApplication::authManager()->authSetting( QStringLiteral( "identitiessortby" ), QVariant( false ) );

     if ( !sortbyval.isNull() )

       btnGroupByOrg->setChecked( sortbyval.toBool() );


     populateIdentitiesView();

     checkSelection();

   }

 }


 static void setItemBold_( QTreeWidgetItem *item )

 {

   item->setFirstColumnSpanned( true );

   QFont secf( item->font( 0 ) );

   secf.setBold( true );

   item->setFont( 0, secf );

 }


 void QgsAuthIdentitiesEditor::setupIdentitiesTree()

 {

   treeIdentities->setColumnCount( 3 );

   treeIdentities->setHeaderLabels(

     QStringList() << tr( "Common Name" )

     << tr( "Serial #" )

     << tr( "Expiry Date" ) );

   treeIdentities->setColumnWidth( 0, 300 );

   treeIdentities->setColumnWidth( 1, 75 );


   // add root sections

   mRootCertIdentItem = new QTreeWidgetItem(

     treeIdentities,

     QStringList( tr( "Certificate Bundles" ) ),

     static_cast<int>( QgsAuthIdentitiesEditor::Section ) );

   setItemBold_( mRootCertIdentItem );

   mRootCertIdentItem->setFlags( Qt::ItemIsEnabled );

   mRootCertIdentItem->setExpanded( true );

   treeIdentities->insertTopLevelItem( 0, mRootCertIdentItem );

 }


 static void removeChildren_( QTreeWidgetItem *item )

 {

   const auto constTakeChildren = item->takeChildren();

   for ( QTreeWidgetItem *child : constTakeChildren )

   {

     delete child;

   }

 }


 void QgsAuthIdentitiesEditor::populateIdentitiesView()

 {

   removeChildren_( mRootCertIdentItem );


   populateIdentitiesSection( mRootCertIdentItem,

                              QgsApplication::authManager()->certIdentities(),

                              QgsAuthIdentitiesEditor::CertIdentity );

 }


 void QgsAuthIdentitiesEditor::refreshIdentitiesView()

 {

   populateIdentitiesView();

 }


 void QgsAuthIdentitiesEditor::populateIdentitiesSection( QTreeWidgetItem *item, const QList<QSslCertificate> &certs,

     QgsAuthIdentitiesEditor::IdentityType identype )

 {

   if ( btnGroupByOrg->isChecked() )

   {

     appendIdentitiesToGroup( certs, identype, item );

   }

   else

   {

     appendIdentitiesToItem( certs, identype, item );

   }

 }


 void QgsAuthIdentitiesEditor::appendIdentitiesToGroup( const QList<QSslCertificate> &certs,

     QgsAuthIdentitiesEditor::IdentityType identype,

     QTreeWidgetItem *parent )

 {

   if ( certs.empty() )

     return;


   if ( !parent )

   {

     parent = treeIdentities->currentItem();

   }


   // TODO: find all organizational name, sort and make subsections

   QMap< QString, QList<QSslCertificate> > orgcerts(

     QgsAuthCertUtils::certsGroupedByOrg( certs ) );


   QMap< QString, QList<QSslCertificate> >::const_iterator it = orgcerts.constBegin();

   for ( ; it != orgcerts.constEnd(); ++it )

   {

     QTreeWidgetItem *grpitem( new QTreeWidgetItem( parent,

                               QStringList() << it.key(),

                               static_cast<int>( QgsAuthIdentitiesEditor::OrgName ) ) );

     grpitem->setFirstColumnSpanned( true );

     grpitem->setFlags( Qt::ItemIsEnabled );

     grpitem->setExpanded( true );


     QBrush orgb( grpitem->foreground( 0 ) );

     orgb.setColor( QColor::fromRgb( 90, 90, 90 ) );

     grpitem->setForeground( 0, orgb );

     QFont grpf( grpitem->font( 0 ) );

     grpf.setItalic( true );

     grpitem->setFont( 0, grpf );


     appendIdentitiesToItem( it.value(), identype, grpitem );

   }


   parent->sortChildren( 0, Qt::AscendingOrder );

 }


 void QgsAuthIdentitiesEditor::appendIdentitiesToItem( const QList<QSslCertificate> &certs,

     QgsAuthIdentitiesEditor::IdentityType identype,

     QTreeWidgetItem *parent )

 {

   if ( certs.empty() )

     return;


   if ( !parent )

   {

     parent = treeIdentities->currentItem();

   }


   QBrush redb( QgsAuthGuiUtils::redColor() );


   // Columns: Common Name, Serial #, Expiry Date

   const auto constCerts = certs;

   for ( const QSslCertificate &cert : constCerts )

   {

     QString id( QgsAuthCertUtils::shaHexForCert( cert ) );


     QStringList coltxts;

     coltxts << QgsAuthCertUtils::resolvedCertName( cert );

     coltxts << QString( cert.serialNumber() );

     coltxts << cert.expiryDate().toString();


     QTreeWidgetItem *item( new QTreeWidgetItem( parent, coltxts, static_cast<int>( identype ) ) );


     item->setIcon( 0, QgsApplication::getThemeIcon( QStringLiteral( "/mIconCertificate.svg" ) ) );

     if ( !QgsAuthCertUtils::certIsViable( cert ) )

     {

       item->setForeground( 2, redb );

       item->setIcon( 0, QgsApplication::getThemeIcon( QStringLiteral( "/mIconCertificateUntrusted.svg" ) ) );

     }


     item->setData( 0, Qt::UserRole, id );

   }


   parent->sortChildren( 0, Qt::AscendingOrder );

 }


 void QgsAuthIdentitiesEditor::showCertInfo( QTreeWidgetItem *item )

 {

   if ( !item )

     return;


   QString digest( item->data( 0, Qt::UserRole ).toString() );


   if ( !QgsApplication::authManager()->existsCertIdentity( digest ) )

   {

     QgsDebugMsg( QStringLiteral( "Certificate identity does not exist in database" ) );

     return;

   }


   QSslCertificate cert( QgsApplication::authManager()->certIdentity( digest ) );


   QgsAuthCertInfoDialog *dlg = new QgsAuthCertInfoDialog( cert, false, this );

   dlg->setWindowModality( Qt::WindowModal );

   dlg->resize( 675, 500 );

   dlg->exec();

   dlg->deleteLater();

 }


 void QgsAuthIdentitiesEditor::selectionChanged( const QItemSelection &selected, const QItemSelection &deselected )

 {

   Q_UNUSED( selected )

   Q_UNUSED( deselected )

   checkSelection();

 }


 void QgsAuthIdentitiesEditor::checkSelection()

 {

   bool iscert = false;

   if ( treeIdentities->selectionModel()->selection().length() > 0 )

   {

     QTreeWidgetItem *item( treeIdentities->currentItem() );


     switch ( ( QgsAuthIdentitiesEditor::IdentityType )item->type() )

     {

       case QgsAuthIdentitiesEditor::CertIdentity:

         iscert = true;

         break;

       default:

         break;

     }

   }


   btnRemoveIdentity->setEnabled( iscert );

   btnInfoIdentity->setEnabled( iscert );

 }


 void QgsAuthIdentitiesEditor::handleDoubleClick( QTreeWidgetItem *item, int col )

 {

   Q_UNUSED( col )

   bool iscert = true;


   switch ( ( QgsAuthIdentitiesEditor::IdentityType )item->type() )

   {

     case QgsAuthIdentitiesEditor::Section:

       iscert = false;

       break;

     case QgsAuthIdentitiesEditor::OrgName:

       iscert = false;

       break;

     default:

       break;

   }


   if ( iscert )

   {

     showCertInfo( item );

   }

 }


 void QgsAuthIdentitiesEditor::btnAddIdentity_clicked()

 {

   QgsAuthImportIdentityDialog *dlg = new QgsAuthImportIdentityDialog( QgsAuthImportIdentityDialog::CertIdentity, this );

   dlg->setWindowModality( Qt::WindowModal );

   dlg->resize( 400, dlg->height() );

   if ( dlg->exec() )

   {

     if ( dlg->identityType() == QgsAuthImportIdentityDialog::CertIdentity )

     {

       const QPair<QSslCertificate, QSslKey> &bundle( dlg->certBundleToImport() );

       if ( !QgsApplication::authManager()->storeCertIdentity( bundle.first, bundle.second ) )

       {

         messageBar()->pushMessage( tr( "ERROR storing identity bundle in authentication database." ),

                                    Qgis::MessageLevel::Critical );

       }

       populateIdentitiesView();

       mRootCertIdentItem->setExpanded( true );

     }

   }

   dlg->deleteLater();

 }


 void QgsAuthIdentitiesEditor::btnRemoveIdentity_clicked()

 {

   QTreeWidgetItem *item( treeIdentities->currentItem() );


   if ( !item )

   {

     QgsDebugMsg( QStringLiteral( "Current tree widget item not set" ) );

     return;

   }


   QString digest( item->data( 0, Qt::UserRole ).toString() );


   if ( digest.isEmpty() )

   {

     messageBar()->pushMessage( tr( "Certificate id missing." ),

                                Qgis::MessageLevel::Warning );

     return;

   }


   if ( !QgsApplication::authManager()->existsCertIdentity( digest ) )

   {

     QgsDebugMsg( QStringLiteral( "Certificate identity does not exist in database" ) );

     return;

   }


   if ( QMessageBox::warning(

          this, tr( "Remove Certificate Identity" ),

          tr( "Are you sure you want to remove the selected "

              "certificate identity from the database?\n\n"

              "Operation can NOT be undone!" ),

          QMessageBox::Ok | QMessageBox::Cancel,

          QMessageBox::Cancel ) == QMessageBox::Cancel )

   {

     return;

   }


   if ( !QgsApplication::authManager()->removeCertIdentity( digest ) )

   {

     messageBar()->pushMessage( tr( "ERROR removing cert identity from authentication database for id %1:" ).arg( digest ),

                                Qgis::MessageLevel::Critical );

     return;

   }


   item->parent()->removeChild( item );

   delete item;

 }


 void QgsAuthIdentitiesEditor::btnInfoIdentity_clicked()

 {

   if ( treeIdentities->selectionModel()->selection().length() > 0 )

   {

     QTreeWidgetItem *item( treeIdentities->currentItem() );

     handleDoubleClick( item, 0 );

   }

 }


 void QgsAuthIdentitiesEditor::btnGroupByOrg_toggled( bool checked )

 {

   if ( !QgsApplication::authManager()->storeAuthSetting( QStringLiteral( "identitiessortby" ), QVariant( checked ) ) )

   {

     authMessageOut( QObject::tr( "Could not store sort by preference." ),

                     QObject::tr( "Authentication Identities" ),

                     QgsAuthManager::WARNING );

   }

   populateIdentitiesView();

 }


 void QgsAuthIdentitiesEditor::authMessageOut( const QString &message, const QString &authtag, QgsAuthManager::MessageLevel level )

 {

   int levelint = static_cast<int>( level );

   messageBar()->pushMessage( authtag, message, ( Qgis::MessageLevel )levelint, 7 );

 }


 void QgsAuthIdentitiesEditor::showEvent( QShowEvent *e )

 {

   if ( !mDisabled )

   {

     treeIdentities->setFocus();

   }

   QWidget::showEvent( e );

 }


 QgsMessageBar *QgsAuthIdentitiesEditor::messageBar()

 {

   return msgBar;

 }


 int QgsAuthIdentitiesEditor::messageTimeout()

 {

   QgsSettings settings;

   return settings.value( QStringLiteral( "qgis/messageTimeout" ), 5 ).toInt();

 }

Qgis::MessageLevel
MessageLevel
Level for messages This will be used both for message log and message bar in application.
Definition: qgis.h:105

QgsApplication::getThemeIcon
static QIcon getThemeIcon(const QString &name, const QColor &fillColor=QColor(), const QColor &strokeColor=QColor())
Helper to get a theme icon.
Definition: qgsapplication.cpp:652

QgsApplication::authManager
static QgsAuthManager * authManager()
Returns the application's authentication manager instance.
Definition: qgsapplication.cpp:1353

QgsAuthCertInfoDialog
Dialog wrapper for widget displaying detailed info on a certificate and its hierarchical trust chain.
Definition: qgsauthcertificateinfo.h:146

QgsAuthCertUtils::resolvedCertName
static QString resolvedCertName(const QSslCertificate &cert, bool issuer=false)
Gets the general name via RFC 5280 resolution.
Definition: qgsauthcertutils.cpp:625

QgsAuthCertUtils::certsGroupedByOrg
static QMap< QString, QList< QSslCertificate > > certsGroupedByOrg(const QList< QSslCertificate > &certs)
Map certificates to their oraganization.
Definition: qgsauthcertutils.cpp:70

QgsAuthCertUtils::shaHexForCert
static QString shaHexForCert(const QSslCertificate &cert, bool formatted=false)
Gets the sha1 hash for certificate.
Definition: qgsauthcertutils.cpp:748

QgsAuthCertUtils::certIsViable
static bool certIsViable(const QSslCertificate &cert)
certIsViable checks for viability errors of cert and whether it is NULL
Definition: qgsauthcertutils.cpp:1305

QgsAuthGuiUtils::redColor
static QColor redColor()
Red color representing invalid, untrusted, etc. certificate.
Definition: qgsauthguiutils.cpp:42

QgsAuthIdentitiesEditor::showEvent
void showEvent(QShowEvent *e) override
Overridden show event of base widget.
Definition: qgsauthidentitieseditor.cpp:390

QgsAuthIdentitiesEditor::QgsAuthIdentitiesEditor
QgsAuthIdentitiesEditor(QWidget *parent=nullptr)
Widget for editing authentication configurations directly in database.
Definition: qgsauthidentitieseditor.cpp:33

QgsAuthImportIdentityDialog
Widget for importing an identity certificate/key bundle into the authentication database.
Definition: qgsauthimportidentitydialog.h:35

QgsAuthImportIdentityDialog::identityType
QgsAuthImportIdentityDialog::IdentityType identityType()
Gets identity type.
Definition: qgsauthimportidentitydialog.cpp:68

QgsAuthImportIdentityDialog::certBundleToImport
const QPair< QSslCertificate, QSslKey > certBundleToImport()
Gets certificate/key bundle to be imported.
Definition: qgsauthimportidentitydialog.cpp:77

QgsAuthImportIdentityDialog::CertIdentity
@ CertIdentity
Definition: qgsauthimportidentitydialog.h:42

QgsAuthManager::MessageLevel
MessageLevel
Message log level (mirrors that of QgsMessageLog, so it can also output there)
Definition: qgsauthmanager.h:76

QgsAuthManager::WARNING
@ WARNING
Definition: qgsauthmanager.h:78

QgsAuthManager::messageOut
void messageOut(const QString &message, const QString &tag=QgsAuthManager::AUTH_MAN_TAG, QgsAuthManager::MessageLevel level=QgsAuthManager::INFO) const
Custom logging signal to relay to console output and QgsMessageLog.

QgsAuthManager::authDatabaseChanged
void authDatabaseChanged()
Emitted when the authentication db is significantly changed, e.g. large record removal,...

QgsAuthManager::authSetting
QVariant authSetting(const QString &key, const QVariant &defaultValue=QVariant(), bool decrypt=false)
authSetting get an authentication setting (retrieved as string and returned as QVariant( QString ))
Definition: qgsauthmanager.cpp:1724

QgsMessageBar
A bar for displaying non-blocking messages to the user.
Definition: qgsmessagebar.h:61

QgsMessageBar::pushMessage
void pushMessage(const QString &text, Qgis::MessageLevel level=Qgis::MessageLevel::Info, int duration=-1)
A convenience method for pushing a message with the specified text to the bar.
Definition: qgsmessagebar.cpp:405

qgsapplication.h

qgsauthcertificateinfo.h

qgsauthcertutils.h

qgsauthguiutils.h

qgsauthidentitieseditor.h

qgsauthimportidentitydialog.h

qgsauthmanager.h

qgslogger.h

QgsDebugMsg
#define QgsDebugMsg(str)
Definition: qgslogger.h:38