QGIS API Documentation 3.41.0-Master (45a0abf3bec)
Loading...
Searching...
No Matches
qgsauthimportcertdialog.cpp
Go to the documentation of this file.
1/***************************************************************************
2 qgsauthimportcertdialog.cpp
3 ---------------------
4 begin : April 30, 2015
5 copyright : (C) 2015 by Boundless Spatial, Inc. USA
6 author : Larry Shaffer
7 email : lshaffer at boundlessgeo dot com
8 ***************************************************************************
9 * *
10 * This program is free software; you can redistribute it and/or modify *
11 * it under the terms of the GNU General Public License as published by *
12 * the Free Software Foundation; either version 2 of the License, or *
13 * (at your option) any later version. *
14 * *
15 ***************************************************************************/
16
18#include "moc_qgsauthimportcertdialog.cpp"
19
20#include <QDir>
21#include <QFileDialog>
22#include <QFileInfo>
23#include <QPushButton>
24
25#include <QtCrypto>
26
27#include "qgssettings.h"
28#include "qgsauthcertutils.h"
29#include "qgsauthguiutils.h"
30#include "qgsauthmanager.h"
31#include "qgsapplication.h"
32
33
37 : QDialog( parent )
38 , mFilter( filter )
39 , mInput( input )
40{
41 if ( QgsApplication::authManager()->isDisabled() )
42 {
43 mDisabled = true;
44 mAuthNotifyLayout = new QVBoxLayout;
45 this->setLayout( mAuthNotifyLayout );
46 mAuthNotify = new QLabel( QgsApplication::authManager()->disabledMessage(), this );
47 mAuthNotifyLayout->addWidget( mAuthNotify );
48 }
49 else
50 {
51 setupUi( this );
52 connect( btnImportFile, &QToolButton::clicked, this, &QgsAuthImportCertDialog::btnImportFile_clicked );
53 connect( chkAllowInvalid, &QCheckBox::toggled, this, &QgsAuthImportCertDialog::chkAllowInvalid_toggled );
54
55 connect( buttonBox, &QDialogButtonBox::accepted, this, &QDialog::accept );
56 connect( buttonBox, &QDialogButtonBox::rejected, this, &QDialog::reject );
57
58 connect( teCertText, &QPlainTextEdit::textChanged, this, &QgsAuthImportCertDialog::validateCertificates );
59
60 connect( radioImportFile, &QAbstractButton::toggled, this, &QgsAuthImportCertDialog::updateGui );
61 connect( radioImportText, &QAbstractButton::toggled, this, &QgsAuthImportCertDialog::updateGui );
62
63 // hide unused widgets
64 if ( mInput == FileInput )
65 {
66 radioImportText->setHidden( true );
67 teCertText->setHidden( true );
68 }
69 else if ( mInput == TextInput )
70 {
71 radioImportFile->setHidden( true );
72 frameImportFile->setHidden( true );
73 }
74
75 radioImportFile->setChecked( true );
76 updateGui();
77
78 if ( mFilter == CaFilter )
79 {
80 grpbxImportCert->setTitle( tr( "Import Certificate Authorities" ) );
81 }
82
83 okButton()->setText( tr( "Import" ) );
84 okButton()->setEnabled( false );
85 teValidation->setFocus();
86 }
87}
88
90{
91 if ( mDisabled )
92 {
93 return QList<QSslCertificate>();
94 }
95 return mCerts;
96}
97
99{
100 if ( mDisabled )
101 {
102 return QString();
103 }
104 if ( !radioImportFile->isChecked() )
105 return QString();
106
107 return leImportFile->text();
108}
109
111{
112 if ( mDisabled )
113 {
114 return QString();
115 }
116 if ( !radioImportText->isChecked() )
117 return QString();
118
119 return teCertText->toPlainText().trimmed();
120}
121
123{
124 if ( mDisabled )
125 {
126 return false;
127 }
128 return chkAllowInvalid->isChecked();
129}
130
132{
133 if ( mDisabled )
134 {
136 }
137 return cmbbxTrust->trustPolicy();
138}
139
140void QgsAuthImportCertDialog::updateGui()
141{
142 frameImportFile->setEnabled( radioImportFile->isChecked() );
143 teCertText->setEnabled( radioImportText->isChecked() );
144 validateCertificates();
145}
146
147void QgsAuthImportCertDialog::validateCertificates()
148{
149 mCerts.clear();
150 teValidation->clear();
151 teValidation->setStyleSheet( QString() );
152
153 bool valid = false;
154 QList<QSslCertificate> certs;
155 QList<QSslCertificate> nixcerts;
156 int validcerts = 0;
157 const bool allowinvalid = chkAllowInvalid->isChecked();
158 const bool filterCAs = ( mFilter == CaFilter );
159 int cas = 0;
160
161 if ( radioImportFile->isChecked() && !leImportFile->text().isEmpty() )
162 {
163 certs = QgsAuthCertUtils::certsFromFile( leImportFile->text() );
164 }
165 else if ( radioImportText->isChecked() && !teCertText->toPlainText().trimmed().isEmpty() )
166 {
167 certs = QgsAuthCertUtils::certsFromString( teCertText->toPlainText().trimmed() );
168 }
169
170 const int certssize = certs.size();
171
172 const auto constCerts = certs;
173 for ( const QSslCertificate &cert : constCerts )
174 {
175 if ( QgsAuthCertUtils::certIsViable( cert ) )
176 ++validcerts;
177
178 if ( filterCAs )
179 {
181 {
182 ++cas;
183 }
184 else
185 {
186 nixcerts << cert;
187 }
188 }
189 }
190
191 valid = ( certssize > 0
192 && ( allowinvalid || certssize == validcerts )
193 && ( !filterCAs || nixcerts.size() < certssize ) );
194
195 if ( !nixcerts.isEmpty() )
196 {
197 const auto constNixcerts = nixcerts;
198 for ( const QSslCertificate &nixcert : constNixcerts )
199 {
200 certs.removeOne( nixcert );
201 }
202 }
203
204 if ( valid )
205 mCerts = certs;
206
207 if ( certssize > 0 )
208 {
209 teValidation->setStyleSheet(
210 valid ? QgsAuthGuiUtils::greenTextStyleSheet( QStringLiteral( "QTextEdit" ) )
211 : QgsAuthGuiUtils::redTextStyleSheet( QStringLiteral( "QTextEdit" ) ) );
212 }
213
214 QString msg = tr( "Certificates found: %1\n"
215 "Certificates valid: %2" ).arg( certssize ).arg( validcerts );
216
217 if ( filterCAs )
218 {
219 msg += tr( "\nAuthorities/Issuers: %1%2" ).arg( cas )
220 .arg( !nixcerts.isEmpty() && nixcerts.size() < certssize ? " (others not imported)" : "" );
221 }
222
223 teValidation->setText( msg );
224
225 okButton()->setEnabled( valid );
226}
227
228void QgsAuthImportCertDialog::btnImportFile_clicked()
229{
230 const QString &fn = getOpenFileName( tr( "Open Certificate File" ), tr( "All files (*.*);;PEM (*.pem);;DER (*.der)" ) );
231 if ( !fn.isEmpty() )
232 {
233 leImportFile->setText( fn );
234 }
235 validateCertificates();
236}
237
238void QgsAuthImportCertDialog::chkAllowInvalid_toggled( bool checked )
239{
240 Q_UNUSED( checked )
241 validateCertificates();
242}
243
244QString QgsAuthImportCertDialog::getOpenFileName( const QString &title, const QString &extfilter )
245{
246 QgsSettings settings;
247 const QString recentdir = settings.value( QStringLiteral( "UI/lastAuthImportCertOpenFileDir" ), QDir::homePath() ).toString();
248 QString f = QFileDialog::getOpenFileName( this, title, recentdir, extfilter );
249
250 // return dialog focus on Mac
251 this->raise();
252 this->activateWindow();
253
254 if ( !f.isEmpty() )
255 {
256 settings.setValue( QStringLiteral( "UI/lastAuthImportCertOpenFileDir" ), QFileInfo( f ).absoluteDir().path() );
257 }
258 return f;
259}
260
261QPushButton *QgsAuthImportCertDialog::okButton()
262{
263 return buttonBox->button( QDialogButtonBox::Ok );
264}
static QgsAuthManager * authManager()
Returns the application's authentication manager instance.
CertTrustPolicy
Type of certificate trust policy.
static bool certIsViable(const QSslCertificate &cert)
certIsViable checks for viability errors of cert and whether it is NULL
static QList< QSslCertificate > certsFromFile(const QString &certspath)
Returns a list of concatenated certs from a PEM or DER formatted file.
static bool certificateIsAuthorityOrIssuer(const QSslCertificate &cert)
Gets whether a certificate is an Authority or can at least sign other certificates.
static QList< QSslCertificate > certsFromString(const QString &pemtext)
Returns a list of concatenated certs from a PEM Base64 text block.
Utility functions for use by authentication GUI widgets or standalone apps.
static QString greenTextStyleSheet(const QString &selector="*")
Green text stylesheet representing valid, trusted, etc. certificate.
QgsAuthCertUtils::CertTrustPolicy certTrustPolicy()
Defined trust policy for imported certificates.
const QString certFileToImport()
Gets the file path to a certificate to import.
CertFilter
Type of filter to apply to dialog.
QgsAuthImportCertDialog(QWidget *parent=nullptr, QgsAuthImportCertDialog::CertFilter filter=NoFilter, QgsAuthImportCertDialog::CertInput input=AllInputs)
Construct a dialog for importing certificates.
const QList< QSslCertificate > certificatesToImport()
Gets list of certificate objects to import.
const QString certTextToImport()
Gets certificate text to import.
CertInput
Type of inputs for certificates.
bool allowInvalidCerts()
Whether to allow importation of invalid certificates (so trust policy can be overridden)
This class is a composition of two QSettings instances:
Definition qgssettings.h:64
QVariant value(const QString &key, const QVariant &defaultValue=QVariant(), Section section=NoSection) const
Returns the value for setting key.
void setValue(const QString &key, const QVariant &value, QgsSettings::Section section=QgsSettings::NoSection)
Sets the value of setting key to value.