QGIS API Documentation 3.41.0-Master (57ec4277f5e)
Loading...
Searching...
No Matches
qgsauthserverseditor.cpp
Go to the documentation of this file.
1/***************************************************************************
2 qgsauthserverseditor.cpp
3 ---------------------
4 begin : April 26, 2015
5 copyright : (C) 2015 by Boundless Spatial, Inc. USA
6 author : Larry Shaffer
7 email : lshaffer at boundlessgeo dot com
8 ***************************************************************************
9 * *
10 * This program is free software; you can redistribute it and/or modify *
11 * it under the terms of the GNU General Public License as published by *
12 * the Free Software Foundation; either version 2 of the License, or *
13 * (at your option) any later version. *
14 * *
15 ***************************************************************************/
16
17#include "qgsauthserverseditor.h"
18#include "moc_qgsauthserverseditor.cpp"
19#include "ui_qgsauthserverseditor.h"
20#include "qgsauthsslimportdialog.h"
21
22#include <QMenu>
23#include <QMessageBox>
24
25#include "qgssettings.h"
26#include "qgsapplication.h"
27#include "qgsauthcertificateinfo.h"
28#include "qgsauthcertutils.h"
29#include "qgsauthmanager.h"
30#include "qgsauthguiutils.h"
31#include "qgslogger.h"
32#include "qgsvariantutils.h"
33
34QgsAuthServersEditor::QgsAuthServersEditor( QWidget *parent )
35 : QWidget( parent )
36{
37 if ( QgsApplication::authManager()->isDisabled() )
38 {
39 mDisabled = true;
40 mAuthNotifyLayout = new QVBoxLayout;
41 this->setLayout( mAuthNotifyLayout );
42 mAuthNotify = new QLabel( QgsApplication::authManager()->disabledMessage(), this );
43 mAuthNotifyLayout->addWidget( mAuthNotify );
44 }
45 else
46 {
47 setupUi( this );
48 connect( btnAddServer, &QToolButton::clicked, this, &QgsAuthServersEditor::btnAddServer_clicked );
49 connect( btnRemoveServer, &QToolButton::clicked, this, &QgsAuthServersEditor::btnRemoveServer_clicked );
50 connect( btnEditServer, &QToolButton::clicked, this, &QgsAuthServersEditor::btnEditServer_clicked );
51 connect( btnGroupByOrg, &QToolButton::toggled, this, &QgsAuthServersEditor::btnGroupByOrg_toggled );
52
53 connect( QgsApplication::authManager(), &QgsAuthManager::messageLog, this, &QgsAuthServersEditor::authMessageLog );
54
55 connect( QgsApplication::authManager(), &QgsAuthManager::authDatabaseChanged, this, &QgsAuthServersEditor::refreshSslConfigsView );
56
57 setupSslConfigsTree();
58
59 connect( treeServerConfigs->selectionModel(), &QItemSelectionModel::selectionChanged, this, &QgsAuthServersEditor::selectionChanged );
60
61 connect( treeServerConfigs, &QTreeWidget::itemDoubleClicked, this, &QgsAuthServersEditor::handleDoubleClick );
62
63 connect( btnViewRefresh, &QAbstractButton::clicked, this, &QgsAuthServersEditor::refreshSslConfigsView );
64
65 btnGroupByOrg->setChecked( false );
66 const QVariant sortbyval = QgsApplication::authManager()->authSetting( QStringLiteral( "serverssortby" ), QVariant( false ) );
67 if ( !QgsVariantUtils::isNull( sortbyval ) )
68 btnGroupByOrg->setChecked( sortbyval.toBool() );
69
70 populateSslConfigsView();
71 checkSelection();
72 }
73}
74
75void QgsAuthServersEditor::setupSslConfigsTree()
76{
77 treeServerConfigs->setColumnCount( 3 );
78 treeServerConfigs->setHeaderLabels(
79 QStringList() << tr( "Common Name" )
80 << tr( "Host" )
81 << tr( "Expiry Date" )
82 );
83 treeServerConfigs->setColumnWidth( 0, 275 );
84 treeServerConfigs->setColumnWidth( 1, 200 );
85
86 // add root sections
87 mRootSslConfigItem = new QTreeWidgetItem(
88 treeServerConfigs,
89 QStringList( tr( "SSL Server Configurations" ) ),
90 static_cast<int>( QgsAuthServersEditor::Section )
91 );
92 QgsAuthGuiUtils::setItemBold( mRootSslConfigItem );
93 mRootSslConfigItem->setFlags( Qt::ItemIsEnabled );
94 mRootSslConfigItem->setExpanded( true );
95 treeServerConfigs->insertTopLevelItem( 0, mRootSslConfigItem );
96}
97
98void QgsAuthServersEditor::populateSslConfigsView()
99{
100 QgsAuthGuiUtils::removeChildren( mRootSslConfigItem );
101
102 populateSslConfigsSection( mRootSslConfigItem, QgsApplication::authManager()->sslCertCustomConfigs(), QgsAuthServersEditor::ServerConfig );
103}
104
105void QgsAuthServersEditor::refreshSslConfigsView()
106{
107 populateSslConfigsView();
108}
109
110void QgsAuthServersEditor::populateSslConfigsSection( QTreeWidgetItem *item, const QList<QgsAuthConfigSslServer> &configs, QgsAuthServersEditor::ConfigType conftype )
111{
112 if ( btnGroupByOrg->isChecked() )
113 {
114 appendSslConfigsToGroup( configs, conftype, item );
115 }
116 else
117 {
118 appendSslConfigsToItem( configs, conftype, item );
119 }
120}
121
122void QgsAuthServersEditor::appendSslConfigsToGroup( const QList<QgsAuthConfigSslServer> &configs, QgsAuthServersEditor::ConfigType conftype, QTreeWidgetItem *parent )
123{
124 if ( configs.empty() )
125 return;
126
127 if ( !parent )
128 {
129 parent = treeServerConfigs->currentItem();
130 }
131
132 // TODO: find all organizational name, sort and make subsections
133 const QMap<QString, QList<QgsAuthConfigSslServer>> orgconfigs(
134 QgsAuthCertUtils::sslConfigsGroupedByOrg( configs )
135 );
136
137 QMap<QString, QList<QgsAuthConfigSslServer>>::const_iterator it = orgconfigs.constBegin();
138 for ( ; it != orgconfigs.constEnd(); ++it )
139 {
140 QTreeWidgetItem *grpitem( new QTreeWidgetItem( parent, QStringList() << it.key(), static_cast<int>( QgsAuthServersEditor::OrgName ) ) );
141 grpitem->setFirstColumnSpanned( true );
142 grpitem->setFlags( Qt::ItemIsEnabled );
143 grpitem->setExpanded( true );
144
145 QBrush orgb( grpitem->foreground( 0 ) );
146 orgb.setColor( QColor::fromRgb( 90, 90, 90 ) );
147 grpitem->setForeground( 0, orgb );
148 QFont grpf( grpitem->font( 0 ) );
149 grpf.setItalic( true );
150 grpitem->setFont( 0, grpf );
151
152 appendSslConfigsToItem( it.value(), conftype, grpitem );
153 }
154
155 parent->sortChildren( 0, Qt::AscendingOrder );
156}
157
158void QgsAuthServersEditor::appendSslConfigsToItem( const QList<QgsAuthConfigSslServer> &configs, QgsAuthServersEditor::ConfigType conftype, QTreeWidgetItem *parent )
159{
160 if ( configs.empty() )
161 return;
162
163 if ( !parent )
164 {
165 parent = treeServerConfigs->currentItem();
166 }
167
168 const QBrush redb( QgsAuthGuiUtils::redColor() );
169
170 // Columns: Common Name, Host, Expiry Date
171 const auto constConfigs = configs;
172 for ( const QgsAuthConfigSslServer &config : constConfigs )
173 {
174 const QSslCertificate cert( config.sslCertificate() );
175 const QString id( QgsAuthCertUtils::shaHexForCert( cert ) );
176
177 QStringList coltxts;
178 coltxts << QgsAuthCertUtils::resolvedCertName( cert );
179 coltxts << QString( config.sslHostPort() );
180 coltxts << cert.expiryDate().toString();
181
182 QTreeWidgetItem *item( new QTreeWidgetItem( parent, coltxts, static_cast<int>( conftype ) ) );
183
184 item->setIcon( 0, QgsApplication::getThemeIcon( QStringLiteral( "/mIconCertificate.svg" ) ) );
185 if ( !QgsAuthCertUtils::certIsViable( cert ) )
186 {
187 item->setForeground( 2, redb );
188 item->setIcon( 0, QgsApplication::getThemeIcon( QStringLiteral( "/mIconCertificateUntrusted.svg" ) ) );
189 }
190
191 item->setData( 0, Qt::UserRole, id );
192 }
193
194 parent->sortChildren( 0, Qt::AscendingOrder );
195}
196
197void QgsAuthServersEditor::selectionChanged( const QItemSelection &selected, const QItemSelection &deselected )
198{
199 Q_UNUSED( selected )
200 Q_UNUSED( deselected )
201 checkSelection();
202}
203
204void QgsAuthServersEditor::checkSelection()
205{
206 bool isconfig = false;
207 if ( treeServerConfigs->selectionModel()->selection().length() > 0 )
208 {
209 QTreeWidgetItem *item( treeServerConfigs->currentItem() );
210
211 switch ( ( QgsAuthServersEditor::ConfigType ) item->type() )
212 {
213 case QgsAuthServersEditor::ServerConfig:
214 isconfig = true;
215 break;
216 default:
217 break;
218 }
219 }
220
221 btnRemoveServer->setEnabled( isconfig );
222 btnEditServer->setEnabled( isconfig );
223}
224
225void QgsAuthServersEditor::handleDoubleClick( QTreeWidgetItem *item, int col )
226{
227 Q_UNUSED( col )
228 bool isconfig = true;
229
230 switch ( ( QgsAuthServersEditor::ConfigType ) item->type() )
231 {
232 case QgsAuthServersEditor::Section:
233 isconfig = false;
234 break;
235 case QgsAuthServersEditor::OrgName:
236 isconfig = false;
237 break;
238 default:
239 break;
240 }
241
242 if ( isconfig )
243 {
244 btnEditServer_clicked();
245 }
246}
247
248void QgsAuthServersEditor::btnAddServer_clicked()
249{
250 QgsAuthSslImportDialog *dlg = new QgsAuthSslImportDialog( this );
251 dlg->setWindowModality( Qt::WindowModal );
252 dlg->resize( 580, 512 );
253 if ( dlg->exec() )
254 {
255 refreshSslConfigsView();
256 }
257 dlg->deleteLater();
258}
259
260void QgsAuthServersEditor::btnRemoveServer_clicked()
261{
262 QTreeWidgetItem *item( treeServerConfigs->currentItem() );
263
264 if ( !item )
265 {
266 QgsDebugMsgLevel( QStringLiteral( "Current tree widget item not set" ), 2 );
267 return;
268 }
269
270 const QString digest( item->data( 0, Qt::UserRole ).toString() );
271 const QString hostport( item->text( 1 ) );
272
273 if ( digest.isEmpty() )
274 {
275 messageBar()->pushMessage( tr( "SSL custom config id missing" ), Qgis::MessageLevel::Warning );
276 return;
277 }
278 if ( hostport.isEmpty() )
279 {
280 messageBar()->pushMessage( tr( "SSL custom config host:port missing" ), Qgis::MessageLevel::Warning );
281 return;
282 }
283
284 if ( !QgsApplication::authManager()->existsSslCertCustomConfig( digest, hostport ) )
285 {
286 QgsDebugError( QStringLiteral( "SSL custom config does not exist in database for host:port, id %1:" )
287 .arg( hostport, digest ) );
288 return;
289 }
290
291 if ( QMessageBox::warning(
292 this, tr( "Remove SSL Custom Configuration" ),
293 tr( "Are you sure you want to remove the selected "
294 "SSL custom configuration from the database?\n\n"
295 "Operation can NOT be undone!" ),
296 QMessageBox::Ok | QMessageBox::Cancel,
297 QMessageBox::Cancel
298 )
299 == QMessageBox::Cancel )
300 {
301 return;
302 }
303
304 if ( !QgsApplication::authManager()->removeSslCertCustomConfig( digest, hostport ) )
305 {
306 messageBar()->pushMessage( tr( "ERROR removing SSL custom config from authentication database for host:port, id %1:" ).arg( hostport, digest ), Qgis::MessageLevel::Critical );
307 return;
308 }
309
310 item->parent()->removeChild( item );
311 delete item;
312}
313
314void QgsAuthServersEditor::btnEditServer_clicked()
315{
316 QTreeWidgetItem *item( treeServerConfigs->currentItem() );
317
318 if ( !item )
319 {
320 QgsDebugMsgLevel( QStringLiteral( "Current tree widget item not set" ), 2 );
321 return;
322 }
323
324 const QString digest( item->data( 0, Qt::UserRole ).toString() );
325 const QString hostport( item->text( 1 ) );
326
327 if ( digest.isEmpty() )
328 {
329 messageBar()->pushMessage( tr( "SSL custom config id missing." ), Qgis::MessageLevel::Warning );
330 return;
331 }
332 if ( hostport.isEmpty() )
333 {
334 messageBar()->pushMessage( tr( "SSL custom config host:port missing." ), Qgis::MessageLevel::Warning );
335 return;
336 }
337
338 if ( !QgsApplication::authManager()->existsSslCertCustomConfig( digest, hostport ) )
339 {
340 QgsDebugError( QStringLiteral( "SSL custom config does not exist in database" ) );
341 return;
342 }
343
344 const QgsAuthConfigSslServer config( QgsApplication::authManager()->sslCertCustomConfig( digest, hostport ) );
345 const QSslCertificate cert( config.sslCertificate() );
346
347 QgsAuthSslConfigDialog *dlg = new QgsAuthSslConfigDialog( this, cert, hostport );
348 dlg->sslCustomConfigWidget()->setConfigCheckable( false );
349 dlg->setWindowModality( Qt::WindowModal );
350 dlg->resize( 500, 500 );
351 if ( dlg->exec() )
352 {
353 refreshSslConfigsView();
354 }
355 dlg->deleteLater();
356}
357
358void QgsAuthServersEditor::btnGroupByOrg_toggled( bool checked )
359{
360 if ( !QgsApplication::authManager()->storeAuthSetting( QStringLiteral( "serverssortby" ), QVariant( checked ) ) )
361 {
362 authMessageLog( QObject::tr( "Could not store sort by preference." ), QObject::tr( "Authentication SSL Configs" ), Qgis::MessageLevel::Warning );
363 }
364 populateSslConfigsView();
365}
366
367void QgsAuthServersEditor::authMessageLog( const QString &message, const QString &authtag, Qgis::MessageLevel level )
368{
369 messageBar()->pushMessage( authtag, message, level, 7 );
370}
371
372void QgsAuthServersEditor::showEvent( QShowEvent *e )
373{
374 if ( !mDisabled )
375 {
376 treeServerConfigs->setFocus();
377 }
378 QWidget::showEvent( e );
379}
380
381QgsMessageBar *QgsAuthServersEditor::messageBar()
382{
383 return msgBar;
384}
385
386int QgsAuthServersEditor::messageTimeout()
387{
388 const QgsSettings settings;
389 return settings.value( QStringLiteral( "qgis/messageTimeout" ), 5 ).toInt();
390}
Qgis::MessageLevel
MessageLevel
Level for messages This will be used both for message log and message bar in application.
Definition qgis.h:154
Qgis::Warning
@ Warning
Warning message.
Definition qgis.h:156
Qgis::Critical
@ Critical
Critical/error message.
Definition qgis.h:157
QgsApplication::getThemeIcon
static QIcon getThemeIcon(const QString &name, const QColor &fillColor=QColor(), const QColor &strokeColor=QColor())
Helper to get a theme icon.
Definition qgsapplication.cpp:796
QgsApplication::authManager
static QgsAuthManager * authManager()
Returns the application's authentication manager instance.
Definition qgsapplication.cpp:1577
QgsAuthCertUtils::resolvedCertName
static QString resolvedCertName(const QSslCertificate &cert, bool issuer=false)
Gets the general name via RFC 5280 resolution.
Definition qgsauthcertutils.cpp:612
QgsAuthCertUtils::shaHexForCert
static QString shaHexForCert(const QSslCertificate &cert, bool formatted=false)
Gets the sha1 hash for certificate.
Definition qgsauthcertutils.cpp:735
QgsAuthCertUtils::certIsViable
static bool certIsViable(const QSslCertificate &cert)
certIsViable checks for viability errors of cert and whether it is NULL
Definition qgsauthcertutils.cpp:1292
QgsAuthCertUtils::sslConfigsGroupedByOrg
static QMap< QString, QList< QgsAuthConfigSslServer > > sslConfigsGroupedByOrg(const QList< QgsAuthConfigSslServer > &configs)
Map SSL custom configs' certificates to their oraganization.
Definition qgsauthcertutils.cpp:83
QgsAuthConfigSslServer
Configuration container for SSL server connection exceptions or overrides.
Definition qgsauthconfig.h:390
QgsAuthGuiUtils::setItemBold
static void setItemBold(QTreeWidgetItem *item)
Call setFirstColumnSpanned(true) on the item and make its font bold.
Definition qgsauthguiutils.cpp:400
QgsAuthGuiUtils::removeChildren
static void removeChildren(QTreeWidgetItem *item)
Remove the children of the passed item.
Definition qgsauthguiutils.cpp:408
QgsAuthGuiUtils::redColor
static QColor redColor()
Red color representing invalid, untrusted, etc. certificate.
Definition qgsauthguiutils.cpp:43
QgsAuthManager::authDatabaseChanged
void authDatabaseChanged()
Emitted when the authentication db is significantly changed, e.g. large record removal,...
QgsAuthManager::authSetting
QVariant authSetting(const QString &key, const QVariant &defaultValue=QVariant(), bool decrypt=false)
authSetting get an authentication setting (retrieved as string and returned as QVariant( QString ))
Definition qgsauthmanager.cpp:1704
QgsAuthManager::messageLog
void messageLog(const QString &message, const QString &tag=QgsAuthManager::AUTH_MAN_TAG, Qgis::MessageLevel level=Qgis::MessageLevel::Info) const
Custom logging signal to relay to console output and QgsMessageLog.
QgsAuthServersEditor::QgsAuthServersEditor
QgsAuthServersEditor(QWidget *parent=nullptr)
Widget for editing authentication configurations directly in database.
Definition qgsauthserverseditor.cpp:34
QgsAuthServersEditor::showEvent
void showEvent(QShowEvent *e) override
Definition qgsauthserverseditor.cpp:372
QgsAuthSslConfigDialog
Dialog wrapper of widget for editing an SSL server configuration.
Definition qgsauthsslconfigwidget.h:188
QgsAuthSslConfigDialog::sslCustomConfigWidget
QgsAuthSslConfigWidget * sslCustomConfigWidget()
Access the embedded SSL server configuration widget.
Definition qgsauthsslconfigwidget.h:201
QgsAuthSslConfigWidget::setConfigCheckable
void setConfigCheckable(bool checkable)
Sets whether the config group box is checkable.
Definition qgsauthsslconfigwidget.cpp:539
QgsAuthSslImportDialog
Widget for importing an SSL server certificate exception into the authentication database.
Definition qgsauthsslimportdialog.h:83
QgsMessageBar
A bar for displaying non-blocking messages to the user.
Definition qgsmessagebar.h:61
QgsMessageBar::pushMessage
void pushMessage(const QString &text, Qgis::MessageLevel level=Qgis::MessageLevel::Info, int duration=-1)
A convenience method for pushing a message with the specified text to the bar.
Definition qgsmessagebar.cpp:408
QgsSettings
This class is a composition of two QSettings instances:
Definition qgssettings.h:64
QgsSettings::value
QVariant value(const QString &key, const QVariant &defaultValue=QVariant(), Section section=NoSection) const
Returns the value for setting key.
Definition qgssettings.cpp:175
QgsVariantUtils::isNull
static bool isNull(const QVariant &variant, bool silenceNullWarnings=false)
Returns true if the specified variant should be considered a NULL value.
Definition qgsvariantutils.cpp:169
QgsDebugMsgLevel
#define QgsDebugMsgLevel(str, level)
Definition qgslogger.h:39
QgsDebugError
#define QgsDebugError(str)
Definition qgslogger.h:38
Generated on Sun Dec 29 2024 04:59:01 for QGIS API Documentation by doxygen 1.9.8