api/qgsauthimportcertdialog_8cpp_source.html

/***************************************************************************

    qgsauthimportcertdialog.cpp

    ---------------------

    begin                : April 30, 2015

    copyright            : (C) 2015 by Boundless Spatial, Inc. USA

    author               : Larry Shaffer

    email                : lshaffer at boundlessgeo dot com

 ***************************************************************************

 *                                                                         *

 *   This program is free software; you can redistribute it and/or modify  *

 *   it under the terms of the GNU General Public License as published by  *

 *   the Free Software Foundation; either version 2 of the License, or     *

 *   (at your option) any later version.                                   *

 *                                                                         *

 ***************************************************************************/


#include "qgsauthimportcertdialog.h"

#include "moc_qgsauthimportcertdialog.cpp"


#include <QDir>

#include <QFileDialog>

#include <QFileInfo>

#include <QPushButton>


#include <QtCrypto>


#include "qgssettings.h"

#include "qgsauthcertutils.h"

#include "qgsauthguiutils.h"

#include "qgsauthmanager.h"

#include "qgsapplication.h"


QgsAuthImportCertDialog::QgsAuthImportCertDialog( QWidget *parent,

    QgsAuthImportCertDialog::CertFilter filter,

    QgsAuthImportCertDialog::CertInput input )

  : QDialog( parent )

  , mFilter( filter )

  , mInput( input )

{

  if ( QgsApplication::authManager()->isDisabled() )

  {

    mDisabled = true;

    mAuthNotifyLayout = new QVBoxLayout;

    this->setLayout( mAuthNotifyLayout );

    mAuthNotify = new QLabel( QgsApplication::authManager()->disabledMessage(), this );

    mAuthNotifyLayout->addWidget( mAuthNotify );

  }

  else

  {

    setupUi( this );

    connect( btnImportFile, &QToolButton::clicked, this, &QgsAuthImportCertDialog::btnImportFile_clicked );

    connect( chkAllowInvalid, &QCheckBox::toggled, this, &QgsAuthImportCertDialog::chkAllowInvalid_toggled );


    connect( buttonBox, &QDialogButtonBox::accepted, this, &QDialog::accept );

    connect( buttonBox, &QDialogButtonBox::rejected, this, &QDialog::reject );


    connect( teCertText, &QPlainTextEdit::textChanged, this, &QgsAuthImportCertDialog::validateCertificates );


    connect( radioImportFile, &QAbstractButton::toggled, this, &QgsAuthImportCertDialog::updateGui );

    connect( radioImportText, &QAbstractButton::toggled, this, &QgsAuthImportCertDialog::updateGui );


    // hide unused widgets

    if ( mInput == FileInput )

    {

      radioImportText->setHidden( true );

      teCertText->setHidden( true );

    }

    else if ( mInput == TextInput )

    {

      radioImportFile->setHidden( true );

      frameImportFile->setHidden( true );

    }


    radioImportFile->setChecked( true );

    updateGui();


    if ( mFilter == CaFilter )

    {

      grpbxImportCert->setTitle( tr( "Import Certificate Authorities" ) );

    }


    okButton()->setText( tr( "Import" ) );

    okButton()->setEnabled( false );

    teValidation->setFocus();

  }

}


const QList<QSslCertificate> QgsAuthImportCertDialog::certificatesToImport()

{

  if ( mDisabled )

  {

    return QList<QSslCertificate>();

  }

  return mCerts;

}


const QString QgsAuthImportCertDialog::certFileToImport()

{

  if ( mDisabled )

  {

    return QString();

  }

  if ( !radioImportFile->isChecked() )

    return QString();


  return leImportFile->text();

}


const QString QgsAuthImportCertDialog::certTextToImport()

{

  if ( mDisabled )

  {

    return QString();

  }

  if ( !radioImportText->isChecked() )

    return QString();


  return teCertText->toPlainText().trimmed();

}


bool QgsAuthImportCertDialog::allowInvalidCerts()

{

  if ( mDisabled )

  {

    return false;

  }

  return chkAllowInvalid->isChecked();

}


QgsAuthCertUtils::CertTrustPolicy QgsAuthImportCertDialog::certTrustPolicy()

{

  if ( mDisabled )

  {

    return QgsAuthCertUtils::DefaultTrust;

  }

  return cmbbxTrust->trustPolicy();

}


void QgsAuthImportCertDialog::updateGui()

{

  frameImportFile->setEnabled( radioImportFile->isChecked() );

  teCertText->setEnabled( radioImportText->isChecked() );

  validateCertificates();

}


void QgsAuthImportCertDialog::validateCertificates()

{

  mCerts.clear();

  teValidation->clear();

  teValidation->setStyleSheet( QString() );


  bool valid = false;

  QList<QSslCertificate> certs;

  QList<QSslCertificate> nixcerts;

  int validcerts = 0;

  const bool allowinvalid = chkAllowInvalid->isChecked();

  const bool filterCAs = ( mFilter == CaFilter );

  int cas = 0;


  if ( radioImportFile->isChecked() && !leImportFile->text().isEmpty() )

  {

    certs = QgsAuthCertUtils::certsFromFile( leImportFile->text() );

  }

  else if ( radioImportText->isChecked() && !teCertText->toPlainText().trimmed().isEmpty() )

  {

    certs = QgsAuthCertUtils::certsFromString( teCertText->toPlainText().trimmed() );

  }


  const int certssize = certs.size();


  const auto constCerts = certs;

  for ( const QSslCertificate &cert : constCerts )

  {

    if ( QgsAuthCertUtils::certIsViable( cert ) )

      ++validcerts;


    if ( filterCAs )

    {

      if ( QgsAuthCertUtils::certificateIsAuthorityOrIssuer( cert ) )

      {

        ++cas;

      }

      else

      {

        nixcerts << cert;

      }

    }

  }


  valid = ( certssize > 0

            && ( allowinvalid || certssize == validcerts )

            && ( !filterCAs || nixcerts.size() < certssize ) );


  if ( !nixcerts.isEmpty() )

  {

    const auto constNixcerts = nixcerts;

    for ( const QSslCertificate &nixcert : constNixcerts )

    {

      certs.removeOne( nixcert );

    }

  }


  if ( valid )

    mCerts = certs;


  if ( certssize > 0 )

  {

    teValidation->setStyleSheet(

      valid ? QgsAuthGuiUtils::greenTextStyleSheet( QStringLiteral( "QTextEdit" ) )

      : QgsAuthGuiUtils::redTextStyleSheet( QStringLiteral( "QTextEdit" ) ) );

  }


  QString msg = tr( "Certificates found: %1\n"

                    "Certificates valid: %2" ).arg( certssize ).arg( validcerts );


  if ( filterCAs )

  {

    msg += tr( "\nAuthorities/Issuers: %1%2" ).arg( cas )

           .arg( !nixcerts.isEmpty() && nixcerts.size() < certssize ? " (others not imported)" : "" );

  }


  teValidation->setText( msg );


  okButton()->setEnabled( valid );

}


void QgsAuthImportCertDialog::btnImportFile_clicked()

{

  const QString &fn = getOpenFileName( tr( "Open Certificate File" ),  tr( "All files (*.*);;PEM (*.pem);;DER (*.der)" ) );

  if ( !fn.isEmpty() )

  {

    leImportFile->setText( fn );

  }

  validateCertificates();

}


void QgsAuthImportCertDialog::chkAllowInvalid_toggled( bool checked )

{

  Q_UNUSED( checked )

  validateCertificates();

}


QString QgsAuthImportCertDialog::getOpenFileName( const QString &title, const QString &extfilter )

{

  QgsSettings settings;

  const QString recentdir = settings.value( QStringLiteral( "UI/lastAuthImportCertOpenFileDir" ), QDir::homePath() ).toString();

  QString f = QFileDialog::getOpenFileName( this, title, recentdir, extfilter );


  // return dialog focus on Mac

  this->raise();

  this->activateWindow();


  if ( !f.isEmpty() )

  {

    settings.setValue( QStringLiteral( "UI/lastAuthImportCertOpenFileDir" ), QFileInfo( f ).absoluteDir().path() );

  }

  return f;

}


QPushButton *QgsAuthImportCertDialog::okButton()

{

  return buttonBox->button( QDialogButtonBox::Ok );

}

QgsApplication::authManager
static QgsAuthManager * authManager()
Returns the application's authentication manager instance.
Definition qgsapplication.cpp:1577

QgsAuthCertUtils::CertTrustPolicy
CertTrustPolicy
Type of certificate trust policy.
Definition qgsauthcertutils.h:54

QgsAuthCertUtils::DefaultTrust
@ DefaultTrust
Definition qgsauthcertutils.h:55

QgsAuthCertUtils::certIsViable
static bool certIsViable(const QSslCertificate &cert)
certIsViable checks for viability errors of cert and whether it is NULL
Definition qgsauthcertutils.cpp:1292

QgsAuthCertUtils::certsFromFile
static QList< QSslCertificate > certsFromFile(const QString &certspath)
Returns a list of concatenated certs from a PEM or DER formatted file.
Definition qgsauthcertutils.cpp:119

QgsAuthCertUtils::certificateIsAuthorityOrIssuer
static bool certificateIsAuthorityOrIssuer(const QSslCertificate &cert)
Gets whether a certificate is an Authority or can at least sign other certificates.
Definition qgsauthcertutils.cpp:1013

QgsAuthCertUtils::certsFromString
static QList< QSslCertificate > certsFromString(const QString &pemtext)
Returns a list of concatenated certs from a PEM Base64 text block.
Definition qgsauthcertutils.cpp:236

QgsAuthGuiUtils
Utility functions for use by authentication GUI widgets or standalone apps.
Definition qgsauthguiutils.h:35

QgsAuthGuiUtils::greenTextStyleSheet
static QString greenTextStyleSheet(const QString &selector="*")
Green text stylesheet representing valid, trusted, etc. certificate.
Definition qgsauthguiutils.cpp:52

QgsAuthImportCertDialog::certTrustPolicy
QgsAuthCertUtils::CertTrustPolicy certTrustPolicy()
Defined trust policy for imported certificates.
Definition qgsauthimportcertdialog.cpp:131

QgsAuthImportCertDialog::certFileToImport
const QString certFileToImport()
Gets the file path to a certificate to import.
Definition qgsauthimportcertdialog.cpp:98

QgsAuthImportCertDialog::CertFilter
CertFilter
Type of filter to apply to dialog.
Definition qgsauthimportcertdialog.h:40

QgsAuthImportCertDialog::CaFilter
@ CaFilter
Definition qgsauthimportcertdialog.h:42

QgsAuthImportCertDialog::QgsAuthImportCertDialog
QgsAuthImportCertDialog(QWidget *parent=nullptr, QgsAuthImportCertDialog::CertFilter filter=NoFilter, QgsAuthImportCertDialog::CertInput input=AllInputs)
Construct a dialog for importing certificates.
Definition qgsauthimportcertdialog.cpp:34

QgsAuthImportCertDialog::certificatesToImport
const QList< QSslCertificate > certificatesToImport()
Gets list of certificate objects to import.
Definition qgsauthimportcertdialog.cpp:89

QgsAuthImportCertDialog::certTextToImport
const QString certTextToImport()
Gets certificate text to import.
Definition qgsauthimportcertdialog.cpp:110

QgsAuthImportCertDialog::CertInput
CertInput
Type of inputs for certificates.
Definition qgsauthimportcertdialog.h:47

QgsAuthImportCertDialog::FileInput
@ FileInput
Definition qgsauthimportcertdialog.h:49

QgsAuthImportCertDialog::TextInput
@ TextInput
Definition qgsauthimportcertdialog.h:50

QgsAuthImportCertDialog::allowInvalidCerts
bool allowInvalidCerts()
Whether to allow importation of invalid certificates (so trust policy can be overridden)
Definition qgsauthimportcertdialog.cpp:122

QgsSettings
This class is a composition of two QSettings instances:
Definition qgssettings.h:64

QgsSettings::value
QVariant value(const QString &key, const QVariant &defaultValue=QVariant(), Section section=NoSection) const
Returns the value for setting key.
Definition qgssettings.cpp:175

QgsSettings::setValue
void setValue(const QString &key, const QVariant &value, QgsSettings::Section section=QgsSettings::NoSection)
Sets the value of setting key to value.
Definition qgssettings.cpp:304

qgsapplication.h

qgsauthcertutils.h

qgsauthguiutils.h

qgsauthimportcertdialog.h

qgsauthmanager.h

qgssettings.h