sfx2/source/doc/docmacromode.cxx | 10 +++++++++-
uui/source/secmacrowarnings.cxx | 9 +++++++--
2 files changed, 16 insertions(+), 3 deletions(-)
New commits:
commit 71c6f438cecc3ce5e8060efe1df840652885701c
Author: Jan-Marek Glogowski <jan-marek.glogow...@extern.cib.de>
AuthorDate: Tue Dec 10 18:42:40 2019 +0100
Commit: Jan-Marek Glogowski <glo...@fbihome.de>
CommitDate: Tue Dec 17 11:59:08 2019 +0100
tdf#129311 don't allow temporary trusted certs
This simply skips the DocumentMacroConfirmationRequest, if the
macro security level (MSL) is *High* and the list of trusted
authors is read-only. For the MSL *Medium*, the check box of
the dialog is hidden with read-only trusted authors.
Change-Id: If6c08e4fdbf200e778d181370cc73fd947cecff5
Reviewed-on: https://gerrit.libreoffice.org/84887
Tested-by: Jenkins
Reviewed-by: Jan-Marek Glogowski <glo...@fbihome.de>
diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx
index ef5123a2c39d..94d0f076d733 100644
--- a/sfx2/source/doc/docmacromode.cxx
+++ b/sfx2/source/doc/docmacromode.cxx
@@ -226,11 +226,17 @@ namespace sfx2
if ( nMacroExecutionMode != MacroExecMode::FROM_LIST )
{
// the trusted macro check will also retrieve the signature
state ( small optimization )
- bool bHasTrustedMacroSignature =
m_xData->m_rDocumentAccess.hasTrustedScriptingSignature( nMacroExecutionMode !=
MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN );
+ const SvtSecurityOptions aSecOption;
+ const bool bAllowUIToAddAuthor = nMacroExecutionMode !=
MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN
+ && (nMacroExecutionMode ==
MacroExecMode::ALWAYS_EXECUTE
+ ||
!aSecOption.IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors));
+ const bool bHasTrustedMacroSignature =
m_xData->m_rDocumentAccess.hasTrustedScriptingSignature(bAllowUIToAddAuthor);
SignatureState nSignatureState =
m_xData->m_rDocumentAccess.getScriptingSignatureState();
if ( nSignatureState == SignatureState::BROKEN )
{
+ if (!bAllowUIToAddAuthor)
+ lcl_showDocumentMacrosDisabledError(rxInteraction,
m_xData->m_bDocMacroDisabledMessageShown);
return disallowMacroExecution();
}
else if ( bHasTrustedMacroSignature )
@@ -242,6 +248,8 @@ namespace sfx2
|| nSignatureState == SignatureState::NOTVALIDATED )
{
// there is valid signature, but it is not from the
trusted author
+ if (!bAllowUIToAddAuthor)
+ lcl_showDocumentMacrosDisabledError(rxInteraction,
m_xData->m_bDocMacroDisabledMessageShown);
return disallowMacroExecution();
}
}
diff --git a/uui/source/secmacrowarnings.cxx b/uui/source/secmacrowarnings.cxx
index 6c6e343a08f0..0bc2e1d04d72 100644
--- a/uui/source/secmacrowarnings.cxx
+++ b/uui/source/secmacrowarnings.cxx
@@ -137,9 +137,14 @@ void MacroWarning::InitControls()
{
mxViewSignsBtn->connect_clicked(LINK(this, MacroWarning,
ViewSignsBtnHdl));
mxViewSignsBtn->set_sensitive(false);
- mxAlwaysTrustCB->connect_clicked(LINK(this, MacroWarning,
AlwaysTrustCheckHdl));
- mnActSecLevel = SvtSecurityOptions().GetMacroSecurityLevel();
+ const SvtSecurityOptions aSecOption;
+ if
(!aSecOption.IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors))
+ mxAlwaysTrustCB->connect_clicked(LINK(this, MacroWarning,
AlwaysTrustCheckHdl));
+ else
+ mxAlwaysTrustCB->set_visible(false);
+
+ mnActSecLevel = aSecOption.GetMacroSecurityLevel();
if ( mnActSecLevel >= 2 )
mxEnableBtn->set_sensitive(false);
}
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
