api/master/qgsauthimportcertdialog_8cpp_source.html

/***************************************************************************

    qgsauthimportcertdialog.cpp

    ---------------------

    begin                : April 30, 2015

    copyright            : (C) 2015 by Boundless Spatial, Inc. USA

    author               : Larry Shaffer

    email                : lshaffer at boundlessgeo dot com

 ***************************************************************************

 *                                                                         *

 *   This program is free software; you can redistribute it and/or modify  *

 *   it under the terms of the GNU General Public License as published by  *

 *   the Free Software Foundation; either version 2 of the License, or     *

 *   (at your option) any later version.                                   *

 *                                                                         *

 ***************************************************************************/


#include "qgsauthimportcertdialog.h"


#include "qgsapplication.h"

#include "qgsauthcertutils.h"

#include "qgsauthguiutils.h"

#include "qgsauthmanager.h"

#include "qgshelp.h"

#include "qgssettings.h"


#include <QDir>

#include <QFileDialog>

#include <QFileInfo>

#include <QPushButton>

#include <QString>

#include <QtCrypto>


#include "moc_qgsauthimportcertdialog.cpp"


using namespace Qt::StringLiterals;


QgsAuthImportCertDialog::QgsAuthImportCertDialog( QWidget *parent, QgsAuthImportCertDialog::CertFilter filter, QgsAuthImportCertDialog::CertInput input )

  : QDialog( parent )

  , mFilter( filter )

  , mInput( input )

{

  if ( QgsApplication::authManager()->isDisabled() )

  {

    mDisabled = true;

    mAuthNotifyLayout = new QVBoxLayout;

    this->setLayout( mAuthNotifyLayout );

    mAuthNotify = new QLabel( QgsApplication::authManager()->disabledMessage(), this );

    mAuthNotifyLayout->addWidget( mAuthNotify );

  }

  else

  {

    setupUi( this );

    connect( btnImportFile, &QToolButton::clicked, this, &QgsAuthImportCertDialog::btnImportFile_clicked );

    connect( chkAllowInvalid, &QCheckBox::toggled, this, &QgsAuthImportCertDialog::chkAllowInvalid_toggled );


    connect( buttonBox, &QDialogButtonBox::accepted, this, &QDialog::accept );

    connect( buttonBox, &QDialogButtonBox::rejected, this, &QDialog::reject );

    connect( buttonBox, &QDialogButtonBox::helpRequested, this, [] { QgsHelp::openHelp( u"auth_system/auth_workflows.html#authentication-authorities"_s ); } );

    connect( teCertText, &QPlainTextEdit::textChanged, this, &QgsAuthImportCertDialog::validateCertificates );


    connect( radioImportFile, &QAbstractButton::toggled, this, &QgsAuthImportCertDialog::updateGui );

    connect( radioImportText, &QAbstractButton::toggled, this, &QgsAuthImportCertDialog::updateGui );


    // hide unused widgets

    if ( mInput == FileInput )

    {

      radioImportText->setHidden( true );

      teCertText->setHidden( true );

    }

    else if ( mInput == TextInput )

    {

      radioImportFile->setHidden( true );

      frameImportFile->setHidden( true );

    }


    radioImportFile->setChecked( true );

    updateGui();


    if ( mFilter == CaFilter )

    {

      grpbxImportCert->setTitle( tr( "Import Certificate Authorities" ) );

    }


    okButton()->setText( tr( "Import" ) );

    okButton()->setEnabled( false );

    teValidation->setFocus();

  }

}


const QList<QSslCertificate> QgsAuthImportCertDialog::certificatesToImport()

{

  if ( mDisabled )

  {

    return QList<QSslCertificate>();

  }

  return mCerts;

}


const QString QgsAuthImportCertDialog::certFileToImport()

{

  if ( mDisabled )

  {

    return QString();

  }

  if ( !radioImportFile->isChecked() )

    return QString();


  return leImportFile->text();

}


const QString QgsAuthImportCertDialog::certTextToImport()

{

  if ( mDisabled )

  {

    return QString();

  }

  if ( !radioImportText->isChecked() )

    return QString();


  return teCertText->toPlainText().trimmed();

}


bool QgsAuthImportCertDialog::allowInvalidCerts()

{

  if ( mDisabled )

  {

    return false;

  }

  return chkAllowInvalid->isChecked();

}


QgsAuthCertUtils::CertTrustPolicy QgsAuthImportCertDialog::certTrustPolicy()

{

  if ( mDisabled )

  {

    return QgsAuthCertUtils::DefaultTrust;

  }

  return cmbbxTrust->trustPolicy();

}


void QgsAuthImportCertDialog::updateGui()

{

  frameImportFile->setEnabled( radioImportFile->isChecked() );

  teCertText->setEnabled( radioImportText->isChecked() );

  validateCertificates();

}


void QgsAuthImportCertDialog::validateCertificates()

{

  mCerts.clear();

  teValidation->clear();

  teValidation->setStyleSheet( QString() );


  bool valid = false;

  QList<QSslCertificate> certs;

  QList<QSslCertificate> nixcerts;

  int validcerts = 0;

  const bool allowinvalid = chkAllowInvalid->isChecked();

  const bool filterCAs = ( mFilter == CaFilter );

  int cas = 0;


  if ( radioImportFile->isChecked() && !leImportFile->text().isEmpty() )

  {

    certs = QgsAuthCertUtils::certsFromFile( leImportFile->text() );

  }

  else if ( radioImportText->isChecked() && !teCertText->toPlainText().trimmed().isEmpty() )

  {

    certs = QgsAuthCertUtils::certsFromString( teCertText->toPlainText().trimmed() );

  }


  const int certssize = certs.size();


  const auto constCerts = certs;

  for ( const QSslCertificate &cert : constCerts )

  {

    if ( QgsAuthCertUtils::certIsViable( cert ) )

      ++validcerts;


    if ( filterCAs )

    {

      if ( QgsAuthCertUtils::certificateIsAuthorityOrIssuer( cert ) )

      {

        ++cas;

      }

      else

      {

        nixcerts << cert;

      }

    }

  }


  valid = ( certssize > 0 && ( allowinvalid || certssize == validcerts ) && ( !filterCAs || nixcerts.size() < certssize ) );


  if ( !nixcerts.isEmpty() )

  {

    const auto constNixcerts = nixcerts;

    for ( const QSslCertificate &nixcert : constNixcerts )

    {

      certs.removeOne( nixcert );

    }

  }


  if ( valid )

    mCerts = certs;


  if ( certssize > 0 )

  {

    teValidation->setStyleSheet( valid ? QgsAuthGuiUtils::greenTextStyleSheet( u"QTextEdit"_s ) : QgsAuthGuiUtils::redTextStyleSheet( u"QTextEdit"_s ) );

  }


  QString msg = tr(

                  "Certificates found: %1\n"

                  "Certificates valid: %2"

  )

                  .arg( certssize )

                  .arg( validcerts );


  if ( filterCAs )

  {

    msg += tr( "\nAuthorities/Issuers: %1%2" ).arg( cas ).arg( !nixcerts.isEmpty() && nixcerts.size() < certssize ? " (others not imported)" : "" );

  }


  teValidation->setText( msg );


  okButton()->setEnabled( valid );

}


void QgsAuthImportCertDialog::btnImportFile_clicked()

{

  const QString &fn = getOpenFileName( tr( "Open Certificate File" ), tr( "All files (*.*);;PEM (*.pem);;DER (*.der)" ) );

  if ( !fn.isEmpty() )

  {

    leImportFile->setText( fn );

  }

  validateCertificates();

}


void QgsAuthImportCertDialog::chkAllowInvalid_toggled( bool checked )

{

  Q_UNUSED( checked )

  validateCertificates();

}


QString QgsAuthImportCertDialog::getOpenFileName( const QString &title, const QString &extfilter )

{

  QgsSettings settings;

  const QString recentdir = settings.value( u"UI/lastAuthImportCertOpenFileDir"_s, QDir::homePath() ).toString();

  QString f = QFileDialog::getOpenFileName( this, title, recentdir, extfilter );


  // return dialog focus on Mac

  this->raise();

  this->activateWindow();


  if ( !f.isEmpty() )

  {

    settings.setValue( u"UI/lastAuthImportCertOpenFileDir"_s, QFileInfo( f ).absoluteDir().path() );

  }

  return f;

}


QPushButton *QgsAuthImportCertDialog::okButton()

{

  return buttonBox->button( QDialogButtonBox::Ok );

}

QgsApplication::authManager
static QgsAuthManager * authManager()
Returns the application's authentication manager instance.
Definition qgsapplication.cpp:1592

QgsAuthCertUtils::CertTrustPolicy
CertTrustPolicy
Type of certificate trust policy.
Definition qgsauthcertutils.h:59

QgsAuthCertUtils::DefaultTrust
@ DefaultTrust
Definition qgsauthcertutils.h:60

QgsAuthGuiUtils::greenTextStyleSheet
static QString greenTextStyleSheet(const QString &selector="*")
Green text stylesheet representing valid, trusted, etc. certificate.
Definition qgsauthguiutils.cpp:55

QgsAuthGuiUtils::redTextStyleSheet
static QString redTextStyleSheet(const QString &selector="*")
Red text stylesheet representing invalid, untrusted, etc. certificate.
Definition qgsauthguiutils.cpp:65

QgsAuthImportCertDialog::certTrustPolicy
QgsAuthCertUtils::CertTrustPolicy certTrustPolicy()
Defined trust policy for imported certificates.
Definition qgsauthimportcertdialog.cpp:132

QgsAuthImportCertDialog::certFileToImport
const QString certFileToImport()
Gets the file path to a certificate to import.
Definition qgsauthimportcertdialog.cpp:99

QgsAuthImportCertDialog::CertFilter
CertFilter
Type of filter to apply to dialog.
Definition qgsauthimportcertdialog.h:41

QgsAuthImportCertDialog::CaFilter
@ CaFilter
Definition qgsauthimportcertdialog.h:43

QgsAuthImportCertDialog::QgsAuthImportCertDialog
QgsAuthImportCertDialog(QWidget *parent=nullptr, QgsAuthImportCertDialog::CertFilter filter=NoFilter, QgsAuthImportCertDialog::CertInput input=AllInputs)
Construct a dialog for importing certificates.
Definition qgsauthimportcertdialog.cpp:37

QgsAuthImportCertDialog::certificatesToImport
const QList< QSslCertificate > certificatesToImport()
Gets list of certificate objects to import.
Definition qgsauthimportcertdialog.cpp:90

QgsAuthImportCertDialog::certTextToImport
const QString certTextToImport()
Gets certificate text to import.
Definition qgsauthimportcertdialog.cpp:111

QgsAuthImportCertDialog::CertInput
CertInput
Type of inputs for certificates.
Definition qgsauthimportcertdialog.h:48

QgsAuthImportCertDialog::FileInput
@ FileInput
Definition qgsauthimportcertdialog.h:50

QgsAuthImportCertDialog::TextInput
@ TextInput
Definition qgsauthimportcertdialog.h:51

QgsAuthImportCertDialog::allowInvalidCerts
bool allowInvalidCerts()
Whether to allow importation of invalid certificates (so trust policy can be overridden).
Definition qgsauthimportcertdialog.cpp:123

QgsHelp::openHelp
static void openHelp(const QString &key)
Opens help topic for the given help key using default system web browser.
Definition qgshelp.cpp:41

QgsSettings::value
QVariant value(const QString &key, const QVariant &defaultValue=QVariant(), Section section=NoSection) const
Returns the value for setting key.
Definition qgssettings.cpp:169

QgsSettings::setValue
void setValue(const QString &key, const QVariant &value, QgsSettings::Section section=QgsSettings::NoSection)
Sets the value of setting key to value.
Definition qgssettings.cpp:296

qgsapplication.h

qgsauthcertutils.h

qgsauthguiutils.h

qgsauthimportcertdialog.h

qgsauthmanager.h

qgshelp.h

qgssettings.h