sfx2/source/doc/docmacromode.cxx | 10 +++++++++-
uui/source/secmacrowarnings.cxx | 11 ++++++++---
2 files changed, 17 insertions(+), 4 deletions(-)
New commits:
commit 47175e935411a2f772adc284474e3c64104f4762
Author: Jan-Marek Glogowski <jan-marek.glogow...@extern.cib.de>
AuthorDate: Tue Dec 10 18:42:40 2019 +0100
Commit: Caolán McNamara <caolan.mcnam...@collabora.com>
CommitDate: Wed Jul 31 15:50:42 2024 +0200
tdf#129311 don't allow temporary trusted certs
This simply skips the DocumentMacroConfirmationRequest, if the
macro security level (MSL) is *High* and the list of trusted
authors is read-only. For the MSL *Medium*, the check box of
the dialog is hidden with read-only trusted authors.
Change-Id: If6c08e4fdbf200e778d181370cc73fd947cecff5
Reviewed-on: https://gerrit.libreoffice.org/84887
Tested-by: Jenkins
Reviewed-by: Jan-Marek Glogowski <glo...@fbihome.de>
(cherry picked from commit 71c6f438cecc3ce5e8060efe1df840652885701c)
Reviewed-on: https://gerrit.libreoffice.org/85299
(cherry picked from commit 9cdb97cd93e60a0faf0a531949d94cff79e1aab9)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171324
Tested-by: Caolán McNamara <caolan.mcnam...@collabora.com>
Reviewed-by: Caolán McNamara <caolan.mcnam...@collabora.com>
Reviewed-by: Miklos Vajna <vmik...@collabora.com>
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171326
diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx
index 8462298f680f..9b41b6a1b7ad 100644
--- a/sfx2/source/doc/docmacromode.cxx
+++ b/sfx2/source/doc/docmacromode.cxx
@@ -228,11 +228,17 @@ namespace sfx2
if ( nMacroExecutionMode != MacroExecMode::FROM_LIST )
{
// the trusted macro check will also retrieve the signature
state ( small optimization )
- bool bHasTrustedMacroSignature =
m_xData->m_rDocumentAccess.hasTrustedScriptingSignature( nMacroExecutionMode !=
MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN );
+ const SvtSecurityOptions aSecOption;
+ const bool bAllowUIToAddAuthor = nMacroExecutionMode !=
MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN
+ && (nMacroExecutionMode ==
MacroExecMode::ALWAYS_EXECUTE
+ ||
!aSecOption.IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors));
+ const bool bHasTrustedMacroSignature =
m_xData->m_rDocumentAccess.hasTrustedScriptingSignature(bAllowUIToAddAuthor);
SignatureState nSignatureState =
m_xData->m_rDocumentAccess.getScriptingSignatureState();
if ( nSignatureState == SignatureState::BROKEN )
{
+ if (!bAllowUIToAddAuthor)
+ lcl_showDocumentMacrosDisabledError(rxInteraction,
m_xData->m_bDocMacroDisabledMessageShown);
return disallowMacroExecution();
}
else if (
m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading() &&
@@ -252,6 +258,8 @@ namespace sfx2
|| nSignatureState == SignatureState::NOTVALIDATED )
{
// there is valid signature, but it is not from the
trusted author
+ if (!bAllowUIToAddAuthor)
+ lcl_showDocumentMacrosDisabledError(rxInteraction,
m_xData->m_bDocMacroDisabledMessageShown);
return disallowMacroExecution();
}
}
diff --git a/uui/source/secmacrowarnings.cxx b/uui/source/secmacrowarnings.cxx
index d92e9f3bcf0a..c45c584063d9 100644
--- a/uui/source/secmacrowarnings.cxx
+++ b/uui/source/secmacrowarnings.cxx
@@ -133,10 +133,15 @@ void MacroWarning::InitControls()
if (mbShowSignatures)
{
mxViewSignsBtn->connect_clicked(LINK(this, MacroWarning,
ViewSignsBtnHdl));
- mxViewSignsBtn->set_sensitive(false); // default
- mxAlwaysTrustCB->connect_clicked(LINK(this, MacroWarning,
AlwaysTrustCheckHdl));
+ mxViewSignsBtn->set_sensitive(false);
- mnActSecLevel = SvtSecurityOptions().GetMacroSecurityLevel();
+ const SvtSecurityOptions aSecOption;
+ if
(!aSecOption.IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors))
+ mxAlwaysTrustCB->connect_clicked(LINK(this, MacroWarning,
AlwaysTrustCheckHdl));
+ else
+ mxAlwaysTrustCB->set_visible(false);
+
+ mnActSecLevel = aSecOption.GetMacroSecurityLevel();
if ( mnActSecLevel >= 2 )
mxEnableBtn->set_sensitive(false);
}
