QGIS API Documentation 3.41.0-Master (fda2aa46e9a)
Loading...
Searching...
No Matches
qgsauthguiutils.cpp
Go to the documentation of this file.
1/***************************************************************************
2 qgsauthutils.cpp
3 ---------------------
4 begin : October 24, 2014
5 copyright : (C) 2014 by Boundless Spatial, Inc. USA
6 author : Larry Shaffer
7 email : lshaffer at boundlessgeo dot com
8 ***************************************************************************
9 * *
10 * This program is free software; you can redistribute it and/or modify *
11 * it under the terms of the GNU General Public License as published by *
12 * the Free Software Foundation; either version 2 of the License, or *
13 * (at your option) any later version. *
14 * *
15 ***************************************************************************/
16
17#include "qgsauthguiutils.h"
18
19#include <QFileDialog>
20#include <QInputDialog>
21#include <QLineEdit>
22#include <QMessageBox>
23
24#include "qgssettings.h"
25#include "qgsauthmanager.h"
27#include "qgslogger.h"
28#include "qgsmessagebar.h"
29#include "qgsapplication.h"
30
31
33{
34 return QColor( 0, 170, 0 );
35}
36
38{
39 return QColor( 255, 128, 0 );
40}
41
43{
44 return QColor( 200, 0, 0 );
45}
46
48{
49 return QColor( 255, 255, 125 );
50}
51
52QString QgsAuthGuiUtils::greenTextStyleSheet( const QString &selector )
53{
54 return QStringLiteral( "%1{color: %2;}" ).arg( selector, QgsAuthGuiUtils::greenColor().name() );
55}
56
57QString QgsAuthGuiUtils::orangeTextStyleSheet( const QString &selector )
58{
59 return QStringLiteral( "%1{color: %2;}" ).arg( selector, QgsAuthGuiUtils::orangeColor().name() );
60}
61
62QString QgsAuthGuiUtils::redTextStyleSheet( const QString &selector )
63{
64 return QStringLiteral( "%1{color: %2;}" ).arg( selector, QgsAuthGuiUtils::redColor().name() );
65}
66
68{
70 {
71 msgbar->clearWidgets();
72 msgbar->pushMessage( QObject::tr( "Authentication System" ),
73 QObject::tr( "DISABLED. Resources authenticating via the system can not be accessed" ),
75 return true;
76 }
77 return false;
78}
79
80void QgsAuthGuiUtils::exportSelectedAuthenticationConfigs( QStringList authenticationConfigIds, QgsMessageBar *msgbar )
81{
82 const QString password = QInputDialog::getText( msgbar, QObject::tr( "Export Authentication Configurations" ),
83 QObject::tr( "Enter a password encrypt the configuration file:" ), QLineEdit::Password );
84 if ( password.isEmpty() )
85 {
86 if ( QMessageBox::warning( msgbar,
87 QObject::tr( "Export Authentication Configurations" ),
88 QObject::tr( "Exporting authentication configurations with a blank password will result in a plain text file which may contain sensitive information. Are you sure you want to do this?" ),
89 QMessageBox::Ok | QMessageBox::Cancel,
90 QMessageBox::Cancel ) == QMessageBox::Cancel )
91 {
92 return;
93 }
94 }
95
96 const QString filename = QFileDialog::getSaveFileName( msgbar, QObject::tr( "Export Authentication Configurations" ), QDir::homePath(),
97 QObject::tr( "XML files (*.xml *.XML)" ) );
98 if ( filename.isEmpty() )
99 return;
100
101 const bool ok = QgsApplication::authManager()->exportAuthenticationConfigsToXml( filename, authenticationConfigIds, password );
102 if ( !ok )
103 {
104 msgbar->clearWidgets();
105 msgbar->pushMessage( QgsApplication::authManager()->authManTag(),
106 QObject::tr( "Export of authentication configurations failed." ),
108 }
109}
110
112{
113
114 const QString filename = QFileDialog::getOpenFileName( msgbar, QObject::tr( "Export Authentication Configurations" ), QDir::homePath(),
115 QObject::tr( "XML files (*.xml *.XML)" ) );
116 if ( filename.isEmpty() )
117 return;
118
119
120 QFile file( filename );
121 if ( !file.open( QFile::ReadOnly ) )
122 {
123 return;
124 }
125
126 QDomDocument document( QStringLiteral( "qgis_authentication" ) );
127 if ( !document.setContent( &file ) )
128 {
129 file.close();
130 return;
131 }
132 file.close();
133
134 const QDomElement root = document.documentElement();
135 if ( root.tagName() != QLatin1String( "qgis_authentication" ) )
136 {
137 return;
138 }
139
140 QString password;
141 if ( root.hasAttribute( QStringLiteral( "salt" ) ) )
142 {
143 password = QInputDialog::getText( msgbar, QObject::tr( "Import Authentication Configurations" ),
144 QObject::tr( "Enter the password to decrypt the configurations file:" ), QLineEdit::Password );
145 }
146
147 const bool ok = QgsApplication::authManager()->importAuthenticationConfigsFromXml( filename, password );
148 if ( !ok )
149 {
150 msgbar->clearWidgets();
151 msgbar->pushMessage( QgsApplication::authManager()->authManTag(),
152 QObject::tr( "Import of authentication configurations failed." ),
154 }
155}
156
158{
159 if ( QgsAuthGuiUtils::isDisabled( msgbar ) )
160 return;
161
162 if ( QgsApplication::authManager()->masterPasswordIsSet() )
163 {
164 msgbar->clearWidgets();
165 msgbar->pushMessage( QgsApplication::authManager()->authManTag(),
166 QObject::tr( "Master password already set." ),
168 return;
169 }
171}
172
174{
175 if ( QgsAuthGuiUtils::isDisabled( msgbar ) )
176 return;
177
178 QString msg( QObject::tr( "Master password not cleared because it is not set." ) );
180
181 if ( QgsApplication::authManager()->masterPasswordIsSet() )
182 {
184 msg = QObject::tr( "Master password cleared (NOTE: network connections may be cached)." );
185 if ( QgsApplication::authManager()->masterPasswordIsSet() )
186 {
187 msg = QObject::tr( "Master password FAILED to be cleared." );
189 }
190 }
191
192 msgbar->clearWidgets();
193 msgbar->pushMessage( QgsApplication::authManager()->authManTag(), msg, level );
194}
195
197{
198 if ( QgsAuthGuiUtils::isDisabled( msgbar ) )
199 return;
200
201 QString msg( QObject::tr( "Master password reset" ) );
203
204 // check that a master password is even set in auth db
205 if ( !QgsApplication::authManager()->masterPasswordHashInDatabase() )
206 {
207 msg = QObject::tr( "Master password reset: NO current password hash in database" );
208 msgbar->clearWidgets();
210 return;
211 }
212
213 // get new password via dialog; do current password verification in-dialog
214 QString newpass;
215 QString oldpass;
216 bool keepbackup = false;
217 QgsMasterPasswordResetDialog dlg( parent );
218
219 if ( !dlg.requestMasterPasswordReset( &newpass, &oldpass, &keepbackup ) )
220 {
221 QgsDebugMsgLevel( QStringLiteral( "Master password reset: input canceled by user" ), 2 );
222 return;
223 }
224
225 QString backuppath;
226 if ( !QgsApplication::authManager()->resetMasterPassword( newpass, oldpass, keepbackup, &backuppath ) )
227 {
228 msg = QObject::tr( "Master password FAILED to be reset" );
230 }
231
232 if ( !backuppath.isEmpty() )
233 {
234 msg += QObject::tr( " (database backup: %1)" ).arg( backuppath );
235 }
236
237 msgbar->clearWidgets();
238 msgbar->pushMessage( QgsApplication::authManager()->authManTag(), msg, level );
239}
240
242{
243 if ( QgsAuthGuiUtils::isDisabled( msgbar ) )
244 return;
245
247 const QString msg = QObject::tr( "Cached authentication configurations for session cleared" );
248 msgbar->clearWidgets();
250}
251
253{
254 if ( QgsAuthGuiUtils::isDisabled( msgbar ) )
255 return;
256
257 if ( QMessageBox::warning( parent,
258 QObject::tr( "Remove Configurations" ),
259 QObject::tr( "Are you sure you want to remove ALL authentication configurations?\n\n"
260 "Operation can NOT be undone!" ),
261 QMessageBox::Ok | QMessageBox::Cancel,
262 QMessageBox::Cancel ) == QMessageBox::Cancel )
263 {
264 return;
265 }
266
267 QString msg( QObject::tr( "Authentication configurations removed." ) );
269
270 if ( !QgsApplication::authManager()->removeAllAuthenticationConfigs() )
271 {
272 msg = QObject::tr( "Authentication configurations FAILED to be removed." );
274 }
275
276 msgbar->clearWidgets();
277 msgbar->pushMessage( QgsApplication::authManager()->authManTag(), msg, level );
278}
279
281{
282 if ( QgsAuthGuiUtils::isDisabled( msgbar ) )
283 return;
284
285 const QMessageBox::StandardButton btn = QMessageBox::warning(
286 parent,
287 QObject::tr( "Erase Database" ),
288 QObject::tr( "Are you sure you want to ERASE the entire authentication database?\n\n"
289 "Operation can NOT be undone!\n\n"
290 "(Current database will be backed up and new one created.)" ),
291 QMessageBox::Ok | QMessageBox::Cancel,
292 QMessageBox::Cancel );
293
295
296 if ( btn == QMessageBox::Cancel )
297 {
298 return;
299 }
300
301 QString msg( QObject::tr( "Active authentication database erased." ) );
303
304 QString backuppath;
305 if ( !QgsApplication::authManager()->eraseAuthenticationDatabase( true, &backuppath ) )
306 {
307 msg = QObject::tr( "Authentication database FAILED to be erased." );
309 }
310 else
311 {
312 if ( !backuppath.isEmpty() )
313 {
314 msg += QObject::tr( " (backup: %1)" ).arg( backuppath );
315 }
317 }
318
319 msgbar->clearWidgets();
320 msgbar->pushMessage( QObject::tr( "RESTART QGIS" ), msg, level );
321}
322
323void QgsAuthGuiUtils::fileFound( bool found, QWidget *widget )
324{
325 if ( !found )
326 {
327 widget->setStyleSheet( QgsAuthGuiUtils::redTextStyleSheet( QStringLiteral( "QLineEdit" ) ) );
328 widget->setToolTip( QObject::tr( "File not found" ) );
329 }
330 else
331 {
332 widget->setStyleSheet( QString() );
333 widget->setToolTip( QString() );
334 }
335}
336
337QString QgsAuthGuiUtils::getOpenFileName( QWidget *parent, const QString &title, const QString &extfilter )
338{
339 QgsSettings settings;
340 const QString recentdir = settings.value( QStringLiteral( "UI/lastAuthOpenFileDir" ), QDir::homePath() ).toString();
341 QString f = QFileDialog::getOpenFileName( parent, title, recentdir, extfilter );
342 if ( !f.isEmpty() )
343 {
344 settings.setValue( QStringLiteral( "UI/lastAuthOpenFileDir" ), QFileInfo( f ).absoluteDir().path() );
345 }
346 return f;
347}
348
350{
351 if ( QMessageBox::warning( parent,
352 QObject::tr( "Delete Password" ),
353 QObject::tr( "Do you really want to delete the master password from your %1?" )
355 QMessageBox::Ok | QMessageBox::Cancel,
356 QMessageBox::Cancel ) == QMessageBox::Cancel )
357 {
358 return;
359 }
360 QString msg;
361 Qgis::MessageLevel level;
363 {
366 }
367 else
368 {
369 msg = QObject::tr( "Master password was successfully deleted from your %1" )
371
373 }
374 msgbar->clearWidgets();
375 msgbar->pushMessage( QObject::tr( "Password helper delete" ), msg, level );
376}
377
379{
380 QString msg;
381 Qgis::MessageLevel level;
382 if ( ! QgsApplication::authManager()->masterPasswordIsSet() )
383 {
384 msg = QObject::tr( "Master password is not set and cannot be stored in your %1." )
387 }
389 {
392 }
393 else
394 {
395 msg = QObject::tr( "Master password has been successfully stored in your %1." )
397
399 }
400 msgbar->clearWidgets();
401 msgbar->pushMessage( QObject::tr( "Password helper write" ), msg, level );
402}
403
405{
407 const QString msg = enabled ? QObject::tr( "Your %1 will be <b>used from now</b> on to store and retrieve the master password." )
409 QObject::tr( "Your %1 will <b>not be used anymore</b> to store and retrieve the master password." )
411 msgbar->clearWidgets();
412 msgbar->pushMessage( QObject::tr( "Password helper write" ), msg, Qgis::MessageLevel::Info );
413}
414
415void QgsAuthGuiUtils::passwordHelperLoggingEnable( bool enabled, QgsMessageBar *msgbar, int timeout )
416{
417 Q_UNUSED( msgbar )
418 Q_UNUSED( timeout )
420}
MessageLevel
Level for messages This will be used both for message log and message bar in application.
Definition qgis.h:154
@ Warning
Warning message.
Definition qgis.h:156
@ Critical
Critical/error message.
Definition qgis.h:157
@ Info
Information message.
Definition qgis.h:155
static QgsAuthManager * authManager()
Returns the application's authentication manager instance.
static void importAuthenticationConfigs(QgsMessageBar *msgbar)
Import authentication configurations from a XML file.
static void exportSelectedAuthenticationConfigs(QStringList authenticationConfigIds, QgsMessageBar *msgbar)
Exports selected authentication configurations to a XML file.
static QString greenTextStyleSheet(const QString &selector="*")
Green text stylesheet representing valid, trusted, etc. certificate.
static void resetMasterPassword(QgsMessageBar *msgbar, QWidget *parent=nullptr)
Reset the cached master password, updating its hash in authentication database and resetting all exis...
static QColor greenColor()
Green color representing valid, trusted, etc. certificate.
static QColor orangeColor()
Orange color representing loaded component, but not stored in database.
static QString redTextStyleSheet(const QString &selector="*")
Red text stylesheet representing invalid, untrusted, etc. certificate.
static void clearCachedMasterPassword(QgsMessageBar *msgbar)
Clear the currently cached master password (not its hash in database)
static void passwordHelperEnable(bool enabled, QgsMessageBar *msgbar)
Sets password helper enabled (enable/disable)
static QString orangeTextStyleSheet(const QString &selector="*")
Orange text stylesheet representing loaded component, but not stored in database.
static void clearCachedAuthenticationConfigs(QgsMessageBar *msgbar)
Clear all cached authentication configs for session.
static bool isDisabled(QgsMessageBar *msgbar)
Verify the authentication system is active, else notify user.
static void passwordHelperLoggingEnable(bool enabled, QgsMessageBar *msgbar, int timeout=0)
Sets password helper logging enabled (enable/disable)
static void eraseAuthenticationDatabase(QgsMessageBar *msgbar, QWidget *parent=nullptr)
Completely clear out the authentication database (configs and master password)
static void removeAuthenticationConfigs(QgsMessageBar *msgbar, QWidget *parent=nullptr)
Remove all authentication configs.
static QColor yellowColor()
Yellow color representing caution regarding action.
static void fileFound(bool found, QWidget *widget)
Color a widget via a stylesheet if a file path is found or not.
static void setMasterPassword(QgsMessageBar *msgbar)
Sets the cached master password (and verifies it if its hash is in authentication database)
static QString getOpenFileName(QWidget *parent, const QString &title, const QString &extfilter)
Open file dialog for auth associated widgets.
static void passwordHelperDelete(QgsMessageBar *msgbar, QWidget *parent=nullptr)
Remove master password from wallet.
static void passwordHelperSync(QgsMessageBar *msgbar)
Store master password into the wallet.
static QColor redColor()
Red color representing invalid, untrusted, etc. certificate.
void clearAllCachedConfigs()
Clear all authentication configs from authentication method caches.
bool exportAuthenticationConfigsToXml(const QString &filename, const QStringList &authcfgs, const QString &password=QString())
Export authentication configurations to an XML file.
void setPasswordHelperEnabled(bool enabled)
Password helper enabled setter.
void setScheduledAuthDatabaseErase(bool scheduleErase)
Schedule an optional erase of authentication database, starting when mutex is lockable.
bool importAuthenticationConfigsFromXml(const QString &filename, const QString &password=QString(), bool overwrite=false)
Import authentication configurations from an XML file.
void clearMasterPassword()
Clear supplied master password.
const QString passwordHelperErrorMessage()
Error message getter.
static void setPasswordHelperLoggingEnabled(bool enabled)
Password helper logging enabled setter.
bool setMasterPassword(bool verify=false)
Main call to initially set or continually check master password is set.
static const QString AUTH_PASSWORD_HELPER_DISPLAY_NAME
The display name of the password helper (platform dependent)
Dialog to verify current master password and initiate reset of authentication database with a new pas...
bool requestMasterPasswordReset(QString *newpass, QString *oldpass, bool *keepbackup)
A bar for displaying non-blocking messages to the user.
void pushMessage(const QString &text, Qgis::MessageLevel level=Qgis::MessageLevel::Info, int duration=-1)
A convenience method for pushing a message with the specified text to the bar.
bool clearWidgets()
Removes all items from the bar.
This class is a composition of two QSettings instances:
Definition qgssettings.h:64
QVariant value(const QString &key, const QVariant &defaultValue=QVariant(), Section section=NoSection) const
Returns the value for setting key.
void setValue(const QString &key, const QVariant &value, QgsSettings::Section section=QgsSettings::NoSection)
Sets the value of setting key to value.
#define QgsDebugMsgLevel(str, level)
Definition qgslogger.h:39