18 #include "ui_qgsauthauthoritieseditor.h"
24 #include <QFileDialog>
27 #include <QMessageBox>
29 #include <QPushButton>
31 #include <QSslConfiguration>
44 , mAuthNotifyLayout( 0 )
52 , mActionDefaultTrustPolicy( 0 )
53 , mActionShowTrustedCAs( 0 )
61 mAuthNotifyLayout->
addWidget( mAuthNotify );
71 this, SLOT( refreshCaCertsView() ) );
81 connect( btnViewRefresh, SIGNAL( clicked() ),
this, SLOT( refreshCaCertsView() ) );
86 leCaFile->setText( cafileval.
toString() );
89 btnGroupByOrg->setChecked(
false );
92 btnGroupByOrg->setChecked( sortbyval.
toBool() );
95 populateCaCertsView();
98 populateUtilitiesMenu();
114 void QgsAuthAuthoritiesEditor::setupCaCertsTree()
116 treeWidgetCAs->setColumnCount( 4 );
117 treeWidgetCAs->setHeaderLabels(
120 <<
tr(
"Expiry Date" )
121 <<
tr(
"Trust Policy" ) );
122 treeWidgetCAs->setColumnWidth( 0, 300 );
123 treeWidgetCAs->setColumnWidth( 1, 75 );
124 treeWidgetCAs->setColumnWidth( 2, 200 );
130 (
int )QgsAuthAuthoritiesEditor::Section );
132 mDbCaSecItem->
setFlags( Qt::ItemIsEnabled );
134 treeWidgetCAs->insertTopLevelItem( 0, mDbCaSecItem );
139 (
int )QgsAuthAuthoritiesEditor::Section );
141 mFileCaSecItem->
setFlags( Qt::ItemIsEnabled );
143 treeWidgetCAs->insertTopLevelItem( 0, mFileCaSecItem );
148 (
int )QgsAuthAuthoritiesEditor::Section );
150 mRootCaSecItem->
setFlags( Qt::ItemIsEnabled );
152 treeWidgetCAs->insertTopLevelItem( 0, mRootCaSecItem );
155 void QgsAuthAuthoritiesEditor::populateCaCertsView()
157 updateCertTrustPolicyCache();
158 populateDatabaseCaCerts();
159 populateFileCaCerts();
160 populateRootCaCerts();
163 void QgsAuthAuthoritiesEditor::refreshCaCertsView()
166 populateCaCertsView();
177 void QgsAuthAuthoritiesEditor::populateDatabaseCaCerts()
182 populateCaCertsSection( mDbCaSecItem,
184 QgsAuthAuthoritiesEditor::DbCaCert );
188 void QgsAuthAuthoritiesEditor::populateFileCaCerts()
193 populateCaCertsSection( mFileCaSecItem,
195 QgsAuthAuthoritiesEditor::FileCaCert );
199 void QgsAuthAuthoritiesEditor::populateRootCaCerts()
204 populateCaCertsSection( mRootCaSecItem,
206 QgsAuthAuthoritiesEditor::RootCaCert );
211 QgsAuthAuthoritiesEditor::CaType catype )
213 if ( btnGroupByOrg->isChecked() )
215 appendCertsToGroup( certs, catype, item );
219 appendCertsToItem( certs, catype, item );
224 QgsAuthAuthoritiesEditor::CaType catype,
227 if ( certs.
size() < 1 )
232 parent = treeWidgetCAs->currentItem();
240 for ( ; it != orgcerts.
constEnd(); ++it )
244 ( int )QgsAuthAuthoritiesEditor::OrgName ) );
246 grpitem->setFlags( Qt::ItemIsEnabled );
247 grpitem->setExpanded(
true );
249 QBrush orgb( grpitem->foreground( 0 ) );
251 grpitem->setForeground( 0, orgb );
252 QFont grpf( grpitem->font( 0 ) );
254 grpitem->setFont( 0, grpf );
256 appendCertsToItem( it.
value(), catype, grpitem );
263 QgsAuthAuthoritiesEditor::CaType catype,
266 if ( certs.
size() < 1 )
271 parent = treeWidgetCAs->currentItem();
319 else if ( untrustedids.
contains(
id ) )
329 item->
setData( 0, Qt::UserRole,
id );
335 void QgsAuthAuthoritiesEditor::updateCertTrustPolicyCache()
340 void QgsAuthAuthoritiesEditor::populateUtilitiesMenu()
342 mActionDefaultTrustPolicy =
new QAction(
"Change default trust policy",
this );
343 connect( mActionDefaultTrustPolicy, SIGNAL( triggered() ),
this, SLOT( editDefaultTrustPolicy() ) );
345 mActionShowTrustedCAs =
new QAction(
"Show trusted authorities/issuers",
this );
346 connect( mActionShowTrustedCAs, SIGNAL( triggered() ),
this, SLOT( showTrustedCertificateAuthorities() ) );
348 mUtilitiesMenu =
new QMenu(
this );
349 mUtilitiesMenu->
addAction( mActionDefaultTrustPolicy );
351 mUtilitiesMenu->
addAction( mActionShowTrustedCAs );
353 btnUtilities->setMenu( mUtilitiesMenu );
366 if ( !cacertscache.contains( digest ) )
368 QgsDebugMsg(
"Certificate Authority not in CA certs cache" );
375 dlg->setWindowModality( Qt::WindowModal );
376 dlg->resize( 675, 500 );
378 if ( dlg->trustCacheRebuilt() )
381 populateCaCertsView();
388 Q_UNUSED( selected );
389 Q_UNUSED( deselected );
393 void QgsAuthAuthoritiesEditor::checkSelection()
396 bool isdbcert =
false;
397 if ( treeWidgetCAs->selectionModel()->selection().length() > 0 )
401 switch (( QgsAuthAuthoritiesEditor::CaType )item->
type() )
403 case QgsAuthAuthoritiesEditor::RootCaCert:
406 case QgsAuthAuthoritiesEditor::FileCaCert:
409 case QgsAuthAuthoritiesEditor::DbCaCert:
418 btnRemoveCa->setEnabled( isdbcert );
419 btnInfoCa->setEnabled( iscert );
422 void QgsAuthAuthoritiesEditor::handleDoubleClick(
QTreeWidgetItem *item,
int col )
427 switch (( QgsAuthAuthoritiesEditor::CaType )item->
type() )
429 case QgsAuthAuthoritiesEditor::Section:
432 case QgsAuthAuthoritiesEditor::OrgName:
441 showCertInfo( item );
445 void QgsAuthAuthoritiesEditor::on_btnAddCa_clicked()
455 messageBar()->
pushMessage(
tr(
"ERROR storing CA(s) in authentication database" ),
467 authMessageOut(
QObject::tr(
"Could not set trust policy for imported certificates" ),
473 updateCertTrustPolicyCache();
477 populateDatabaseCaCerts();
483 void QgsAuthAuthoritiesEditor::on_btnRemoveCa_clicked()
495 if ( digest.isEmpty() )
505 if ( !mappedcerts.contains( digest ) )
507 QgsDebugMsg(
"Certificate Authority not in mapped database CAs" );
512 this,
tr(
"Remove Certificate Authority" ),
513 tr(
"Are you sure you want to remove the selected "
514 "Certificate Authority from the database?\n\n"
515 "Operation can NOT be undone!" ),
516 QMessageBox::Ok | QMessageBox::Cancel,
517 QMessageBox::Cancel ) == QMessageBox::Cancel )
526 messageBar()->
pushMessage(
tr(
"Certificate could not found in database for id %1:" ).arg( digest ),
533 messageBar()->
pushMessage(
tr(
"ERROR removing CA from authentication database for id %1:" ).arg( digest ),
540 messageBar()->
pushMessage(
tr(
"ERROR removing cert trust policy from authentication database for id %1:" ).arg( digest ),
547 updateCertTrustPolicyCache();
556 void QgsAuthAuthoritiesEditor::on_btnInfoCa_clicked()
558 if ( treeWidgetCAs->selectionModel()->selection().length() > 0 )
561 handleDoubleClick( item, 0 );
565 void QgsAuthAuthoritiesEditor::on_btnGroupByOrg_toggled(
bool checked )
569 authMessageOut(
QObject::tr(
"Could not store sort by preference" ),
573 populateCaCertsView();
576 void QgsAuthAuthoritiesEditor::editDefaultTrustPolicy()
587 lblwarn->
setSizePolicy( QSizePolicy::Fixed, QSizePolicy::Fixed );
591 lbltxt->
setText(
tr(
"Changing the default certificate authority trust policy to 'Untrusted' "
592 "can cause unexpected SSL network connection results." ) );
601 lblpolicy->
setSizePolicy( QSizePolicy::Maximum, QSizePolicy::Preferred );
611 for (
int i = 0; i < policies.
size(); i++ )
623 Qt::Horizontal, dlg );
628 connect( buttonBox, SIGNAL( accepted() ), dlg, SLOT( accept() ) );
629 connect( buttonBox, SIGNAL( rejected() ), dlg, SLOT(
close() ) );
640 if ( mDefaultTrustPolicy != trustpolicy )
642 defaultTrustPolicyChanged( trustpolicy );
652 authMessageOut(
QObject::tr(
"Could not store default trust policy" ),
656 mDefaultTrustPolicy = trustpolicy;
659 populateCaCertsView();
662 void QgsAuthAuthoritiesEditor::on_btnCaFile_clicked()
672 if ( !leCaFile->text().isEmpty() )
674 on_btnCaFileClear_clicked();
678 leCaFile->setText( fn );
682 authMessageOut(
QObject::tr(
"Could not store 'CA file path' in authentication database" ),
689 authMessageOut(
QObject::tr(
"Could not store 'CA file allow invalids' setting in authentication database" ),
703 authMessageOut(
QObject::tr(
"Could not set trust policy for imported certificates" ),
709 updateCertTrustPolicyCache();
714 populateFileCaCerts();
720 void QgsAuthAuthoritiesEditor::on_btnCaFileClear_clicked()
724 authMessageOut(
QObject::tr(
"Could not remove 'CA file path' from authentication database" ),
731 authMessageOut(
QObject::tr(
"Could not remove 'CA file allow invalids' setting from authentication database" ),
739 QString fn( leCaFile->text() );
744 if ( certs.
size() > 0 )
748 messageBar()->
pushMessage(
tr(
"ERROR removing cert(s) trust policy from authentication database" ),
753 updateCertTrustPolicyCache();
760 populateFileCaCerts();
763 void QgsAuthAuthoritiesEditor::showTrustedCertificateAuthorities()
774 int levelint = ( int )level;
782 treeWidgetCAs->setFocus();
792 int QgsAuthAuthoritiesEditor::messageTimeout()
795 return settings.
value(
"/qgis/messageTimeout", 5 ).
toInt();
bool rebuildTrustedCaCertsCache()
Rebuild trusted certificate authorities cache.
void pushMessage(const QString &text, MessageLevel level=INFO, int duration=0)
convenience method for pushing a message to the bar
QString toString(Qt::DateFormat format) const
static QgsAuthManager * instance()
Enforce singleton pattern.
static QIcon getThemeIcon(const QString &theName)
Helper to get a theme icon.
void setPixmap(const QPixmap &)
const_iterator constBegin() const
static void setItemBold_(QTreeWidgetItem *item)
CertTrustPolicy
Type of certificate trust policy.
const T & at(int i) const
static QList< QSslCertificate > certsFromFile(const QString &certspath)
Return list of concatenated certs from a PEM or DER formatted file.
bool contains(const QString &str, Qt::CaseSensitivity cs) const
A bar for displaying non-blocking messages to the user.
bool allowInvalidCerts()
Whether to allow importation of invalid certificates (so trust policy can be overridden) ...
const QString certFileToImport()
Get the file path to a certificate to import.
QString tr(const char *sourceText, const char *disambiguation, int n)
bool rebuildCaCertsCache()
Rebuild certificate authority cache.
Utilities for working with certificates and keys.
void showEvent(QShowEvent *e) override
Overridden show event of base widget.
QPixmap pixmap(const QSize &size, Mode mode, State state) const
QVariant getAuthSetting(const QString &key, const QVariant &defaultValue=QVariant(), bool decrypt=false)
Get an authentication setting (retrieved as string and returned as QVariant( QString )) ...
void addItem(const QString &text, const QVariant &userData)
void setBold(bool enable)
QgsAuthCertUtils::CertTrustPolicy certTrustPolicy()
Defined trust policy for imported certificates.
static QColor redColor()
Red color representing invalid, untrusted, etc.
Dialog wrapper for widget displaying detailed info on a certificate and its hierarchical trust chain...
static QColor greenColor()
Green color representing valid, trusted, etc.
int toInt(bool *ok) const
const_iterator constEnd() const
bool removeCertTrustPolicies(const QList< QSslCertificate > &certs)
Remove a group certificate authorities.
void setText(const QString &)
MessageLevel
Message log level (mirrors that of QgsMessageLog, so it can also output there)
Widget for importing a certificate into the authentication database.
const QMap< QgsAuthCertUtils::CertTrustPolicy, QStringList > getCertTrustCache()
Get cache of certificate sha1s, per trust policy.
QVariant itemData(int index, int role) const
QIcon standardIcon(StandardPixmap standardIcon, const QStyleOption *option, const QWidget *widget) const
bool storeCertAuthorities(const QList< QSslCertificate > &certs)
Store multiple certificate authorities.
const QList< QSslCertificate > certificatesToImport()
Get list of certificate objects to import.
void setItalic(bool enable)
const Key key(const T &value) const
static QString shaHexForCert(const QSslCertificate &cert, bool formatted=false)
Get the sha1 hash for certificate.
QVariant value(const QString &key, const QVariant &defaultValue) const
QByteArray serialNumber() const
QDateTime expiryDate() const
int findData(const QVariant &data, int role, QFlags< Qt::MatchFlag > flags) const
static void removeChildren_(QTreeWidgetItem *item)
void setCurrentIndex(int index)
~QgsAuthAuthoritiesEditor()
StandardButton warning(QWidget *parent, const QString &title, const QString &text, QFlags< QMessageBox::StandardButton > buttons, StandardButton defaultButton)
static QMap< QString, QList< QSslCertificate > > certsGroupedByOrg(const QList< QSslCertificate > &certs)
Map certificates to their oraganization.
Widget for listing trusted Certificate (Intermediate) Authorities used in secure connections.
QgsAuthCertUtils::CertTrustPolicy defaultCertTrustPolicy()
Get the default certificate trust policy perferred by user.
bool connect(const QObject *sender, const char *signal, const QObject *receiver, const char *method, Qt::ConnectionType type)
static QString getCertTrustName(QgsAuthCertUtils::CertTrustPolicy trust)
Get the general name for certificate trust.
void setColor(const QColor &color)
static QString getCaSourceName(QgsAuthCertUtils::CaCertSource source, bool single=false)
Get the general name for CA source enum type.
static QString resolvedCertName(const QSslCertificate &cert, bool issuer=false)
Get the general name via RFC 5280 resolution.
void setWordWrap(bool on)
QgsAuthAuthoritiesEditor(QWidget *parent=0)
Widget for viewing and editing certificate authorities directly in database.
void addLayout(QLayout *layout, int stretch)
const T value(const Key &key) const
bool rebuildCertTrustCache()
Rebuild certificate authority cache.