[auth] Fix #13507; ensure auth widgets are disabled if auth system is

qgis · Oct 6, 2015 · 6a7332f · 6a7332f
1 parent e933332
commit 6a7332f
Show file tree

Hide file tree

Showing 31 changed files with 542 additions and 163 deletions.
diff --git a/src/app/qgisapp.cpp b/src/app/qgisapp.cpp
@@ -564,7 +564,8 @@ QgisApp::QgisApp( QSplashScreen *splash, bool restorePlugins, QWidget * parent,
   QgsAuthManager::instance()->init( QgsApplication::pluginPath() );
   if ( QgsAuthManager::instance()->isDisabled() )
   {
-    QMessageBox::warning( this, tr( "Authentication System" ),
+    // Don't pass 'this' as parent, or menubar doesn't complete loading of submenus (at least on Mac)
+    QMessageBox::warning( 0, tr( "Authentication System" ),
                           QgsAuthManager::instance()->disabledMessage() + "\n\n" +
                           tr( "Resources authenticating via the system can not be accessed." ) );
   }

diff --git a/src/core/qgsnetworkaccessmanager.cpp b/src/core/qgsnetworkaccessmanager.cpp
@@ -172,7 +172,7 @@ QNetworkReply *QgsNetworkAccessManager::createRequest( QNetworkAccessManager::Op
 #ifndef QT_NO_OPENSSL
   bool ishttps = pReq->url().scheme().toLower() == "https";
   QgsAuthConfigSslServer servconfig;
-  if ( ishttps )
+  if ( ishttps && !QgsAuthManager::instance()->isDisabled() )
   {
     // check for SSL cert custom config
     QString hostport( QString( "%1:%2" )

diff --git a/src/gui/auth/qgsauthauthoritieseditor.cpp b/src/gui/auth/qgsauthauthoritieseditor.cpp
@@ -48,11 +48,13 @@ QgsAuthAuthoritiesEditor::QgsAuthAuthoritiesEditor( QWidget *parent )
     , mDbCaSecItem( 0 )
     , mDefaultTrustPolicy( QgsAuthCertUtils::DefaultTrust )
     , mUtilitiesMenu( 0 )
+    , mDisabled( false )
     , mActionDefaultTrustPolicy( 0 )
     , mActionShowTrustedCAs( 0 )
 {
   if ( QgsAuthManager::instance()->isDisabled() )
   {
+    mDisabled = true;
     mAuthNotifyLayout = new QVBoxLayout;
     this->setLayout( mAuthNotifyLayout );
     mAuthNotify = new QLabel( QgsAuthManager::instance()->disabledMessage(), this );
@@ -775,7 +777,10 @@ void QgsAuthAuthoritiesEditor::authMessageOut( const QString& message, const QSt
 
 void QgsAuthAuthoritiesEditor::showEvent( QShowEvent * e )
 {
-  treeWidgetCAs->setFocus();
+  if ( !mDisabled )
+  {
+    treeWidgetCAs->setFocus();
+  }
   QWidget::showEvent( e );
 }
 

diff --git a/src/gui/auth/qgsauthauthoritieseditor.h b/src/gui/auth/qgsauthauthoritieseditor.h
@@ -129,6 +129,7 @@ class GUI_EXPORT QgsAuthAuthoritiesEditor : public QWidget, private Ui::QgsAuthA
     QMap<QgsAuthCertUtils::CertTrustPolicy, QStringList > mCertTrustCache;
 
     QMenu * mUtilitiesMenu;
+    bool mDisabled;
     QAction * mActionDefaultTrustPolicy;
     QAction * mActionShowTrustedCAs;
 };

diff --git a/src/gui/auth/qgsauthcertificateinfo.cpp b/src/gui/auth/qgsauthcertificateinfo.cpp
@@ -64,37 +64,49 @@ QgsAuthCertInfo::QgsAuthCertInfo( QSslCertificate cert,
     , mGrpCert( 0 )
     , mGrpPkey( 0 )
     , mGrpExts( 0 )
+    , mAuthNotifyLayout( 0 )
+    , mAuthNotify( 0 )
 {
-  setupUi( this );
+  if ( QgsAuthManager::instance()->isDisabled() )
+  {
+    mAuthNotifyLayout = new QVBoxLayout;
+    this->setLayout( mAuthNotifyLayout );
+    mAuthNotify = new QLabel( QgsAuthManager::instance()->disabledMessage(), this );
+    mAuthNotifyLayout->addWidget( mAuthNotify );
+  }
+  else
+  {
+    setupUi( this );
 
-  lblError->setHidden( true );
+    lblError->setHidden( true );
 
-  treeHierarchy->setRootIsDecorated( false );
+    treeHierarchy->setRootIsDecorated( false );
 
-  connect( treeHierarchy, SIGNAL( currentItemChanged( QTreeWidgetItem *, QTreeWidgetItem * ) ),
-           this, SLOT( currentCertItemChanged( QTreeWidgetItem*, QTreeWidgetItem* ) ) );
+    connect( treeHierarchy, SIGNAL( currentItemChanged( QTreeWidgetItem *, QTreeWidgetItem * ) ),
+             this, SLOT( currentCertItemChanged( QTreeWidgetItem*, QTreeWidgetItem* ) ) );
 
-  mCaCertsCache = QgsAuthManager::instance()->getCaCertsCache();
+    mCaCertsCache = QgsAuthManager::instance()->getCaCertsCache();
 
-  setUpCertDetailsTree();
+    setUpCertDetailsTree();
 
-  grpbxTrust->setVisible( mManageTrust );
+    grpbxTrust->setVisible( mManageTrust );
 
-  // trust policy is still queried, even if not managing the policy, so public getter will work
-  mDefaultTrustPolicy = QgsAuthManager::instance()->defaultCertTrustPolicy();
-  mCurrentTrustPolicy = QgsAuthCertUtils::DefaultTrust;
+    // trust policy is still queried, even if not managing the policy, so public getter will work
+    mDefaultTrustPolicy = QgsAuthManager::instance()->defaultCertTrustPolicy();
+    mCurrentTrustPolicy = QgsAuthCertUtils::DefaultTrust;
 
-  bool res;
-  res = populateQcaCertCollection();
-  if ( res )
-    res = setQcaCertificate( cert );
-  if ( res )
-    res = populateCertChain();
-  if ( res )
-    setCertHierarchy();
+    bool res;
+    res = populateQcaCertCollection();
+    if ( res )
+      res = setQcaCertificate( cert );
+    if ( res )
+      res = populateCertChain();
+    if ( res )
+      setCertHierarchy();
 
-  connect( cmbbxTrust, SIGNAL( currentIndexChanged( int ) ),
-           this, SLOT( currentPolicyIndexChanged( int ) ) );
+    connect( cmbbxTrust, SIGNAL( currentIndexChanged( int ) ),
+             this, SLOT( currentPolicyIndexChanged( int ) ) );
+  }
 }
 
 QgsAuthCertInfo::~QgsAuthCertInfo()

diff --git a/src/gui/auth/qgsauthcertificateinfo.h b/src/gui/auth/qgsauthcertificateinfo.h
@@ -126,6 +126,8 @@ class GUI_EXPORT QgsAuthCertInfo : public QWidget, private Ui::QgsAuthCertInfo
     QTreeWidgetItem *mGrpPkey;
     QTreeWidgetItem *mGrpExts;
 
+    QVBoxLayout *mAuthNotifyLayout;
+    QLabel *mAuthNotify;
 };
 
 //////////////// Embed in dialog ///////////////////

diff --git a/src/gui/auth/qgsauthcerttrustpolicycombobox.cpp b/src/gui/auth/qgsauthcerttrustpolicycombobox.cpp
@@ -113,7 +113,14 @@ const QString QgsAuthCertTrustPolicyComboBox::defaultTrustText( QgsAuthCertUtils
 {
   if ( defaultpolicy == QgsAuthCertUtils::DefaultTrust )
   {
-    defaultpolicy = QgsAuthManager::instance()->defaultCertTrustPolicy();
+    if ( !QgsAuthManager::instance()->isDisabled() )
+    {
+      defaultpolicy = QgsAuthManager::instance()->defaultCertTrustPolicy();
+    }
+    else
+    {
+      defaultpolicy = QgsAuthCertUtils::Trusted;
+    }
   }
   return QString( "%1 (%2)" )
          .arg( QgsAuthCertUtils::getCertTrustName( QgsAuthCertUtils::DefaultTrust ) )

diff --git a/src/gui/auth/qgsauthconfigeditor.cpp b/src/gui/auth/qgsauthconfigeditor.cpp
@@ -37,11 +37,13 @@ QgsAuthConfigEditor::QgsAuthConfigEditor( QWidget *parent, bool showUtilities, b
     , mActionClearCachedAuthConfigs( 0 )
     , mActionRemoveAuthConfigs( 0 )
     , mActionEraseAuthDatabase( 0 )
+    , mDisabled( false )
     , mAuthNotifyLayout( 0 )
     , mAuthNotify( 0 )
 {
   if ( QgsAuthManager::instance()->isDisabled() )
   {
+    mDisabled = true;
     mAuthNotifyLayout = new QVBoxLayout;
     this->setLayout( mAuthNotifyLayout );
     mAuthNotify = new QLabel( QgsAuthManager::instance()->disabledMessage(), this );
@@ -166,19 +168,26 @@ void QgsAuthConfigEditor::authMessageOut( const QString& message, const QString&
 
 void QgsAuthConfigEditor::toggleTitleVisibility( bool visible )
 {
-  if ( !QgsAuthManager::instance()->isDisabled() )
+  if ( !mDisabled )
   {
     lblAuthConfigDb->setVisible( visible );
   }
 }
 
 void QgsAuthConfigEditor::setShowUtilitiesButton( bool show )
 {
-  btnAuthUtilities->setVisible( show );
+  if ( !mDisabled )
+  {
+    btnAuthUtilities->setVisible( show );
+  }
 }
 
 void QgsAuthConfigEditor::setRelayMessages( bool relay )
 {
+  if ( mDisabled )
+  {
+    return;
+  }
   if ( relay == mRelayMessages )
   {
     return;

diff --git a/src/gui/auth/qgsauthconfigeditor.h b/src/gui/auth/qgsauthconfigeditor.h
@@ -105,6 +105,7 @@ class GUI_EXPORT QgsAuthConfigEditor : public QWidget, private Ui::QgsAuthConfig
     QAction *mActionRemoveAuthConfigs;
     QAction *mActionEraseAuthDatabase;
 
+    bool mDisabled;
     QVBoxLayout *mAuthNotifyLayout;
     QLabel *mAuthNotify;
 };

diff --git a/src/gui/auth/qgsauthconfigidedit.cpp b/src/gui/auth/qgsauthconfigidedit.cpp
@@ -56,7 +56,7 @@ bool QgsAuthConfigIdEdit::validate()
   bool curvalid = (( authcfg == mAuthCfgOrig && authcfg.size() == 7 )
                    || ( mAllowEmpty && authcfg.size() == 0 ) );
 
-  if ( !curvalid && authcfg.size() == 7 && isAlphaNumeric( authcfg ) )
+  if ( !QgsAuthManager::instance()->isDisabled() && !curvalid && authcfg.size() == 7 && isAlphaNumeric( authcfg ) )
   {
     curvalid = QgsAuthManager::instance()->configIdUnique( authcfg );
   }

diff --git a/src/gui/auth/qgsauthconfigselect.cpp b/src/gui/auth/qgsauthconfigselect.cpp
@@ -33,11 +33,13 @@ QgsAuthConfigSelect::QgsAuthConfigSelect( QWidget *parent, const QString &datapr
     , mAuthCfg( QString() )
     , mDataProvider( dataprovider )
     , mConfigs( QgsAuthMethodConfigsMap() )
+    , mDisabled( false )
     , mAuthNotifyLayout( 0 )
     , mAuthNotify( 0 )
 {
   if ( QgsAuthManager::instance()->isDisabled() )
   {
+    mDisabled = true;
     mAuthNotifyLayout = new QVBoxLayout;
     this->setLayout( mAuthNotifyLayout );
     mAuthNotify = new QLabel( QgsAuthManager::instance()->disabledMessage(), this );
@@ -62,7 +64,7 @@ QgsAuthConfigSelect::~QgsAuthConfigSelect()
 
 void QgsAuthConfigSelect::setConfigId( const QString& authcfg )
 {
-  if ( QgsAuthManager::instance()->isDisabled() && mAuthNotify )
+  if ( mDisabled && mAuthNotify )
   {
     mAuthNotify->setText( QgsAuthManager::instance()->disabledMessage() + "\n\n" +
                           tr( "Authentication config id not loaded: %1" ).arg( authcfg ) );
@@ -80,6 +82,11 @@ void QgsAuthConfigSelect::setConfigId( const QString& authcfg )
 
 void QgsAuthConfigSelect::setDataProviderKey( const QString &key )
 {
+  if ( mDisabled )
+  {
+    return;
+  }
+
   mDataProvider = key;
   populateConfigSelector();
 }
@@ -156,12 +163,20 @@ void QgsAuthConfigSelect::populateConfigSelector()
 
 void QgsAuthConfigSelect::showMessage( const QString &msg )
 {
+  if ( mDisabled )
+  {
+    return;
+  }
   leConfigMsg->setText( msg );
   frConfigMsg->setVisible( true );
 }
 
 void QgsAuthConfigSelect::clearMessage()
 {
+  if ( mDisabled )
+  {
+    return;
+  }
   leConfigMsg->clear();
   frConfigMsg->setVisible( false );
 }
@@ -241,22 +256,36 @@ QgsAuthConfigUriEdit::QgsAuthConfigUriEdit( QWidget *parent, const QString &data
     , mAuthCfg( QString() )
     , mDataUri( QString() )
     , mDataUriOrig( QString() )
+    , mDisabled( false )
+    , mAuthNotifyLayout( 0 )
+    , mAuthNotify( 0 )
 {
-  setupUi( this );
+  if ( QgsAuthManager::instance()->isDisabled() )
+  {
+    mDisabled = true;
+    mAuthNotifyLayout = new QVBoxLayout;
+    this->setLayout( mAuthNotifyLayout );
+    mAuthNotify = new QLabel( QgsAuthManager::instance()->disabledMessage(), this );
+    mAuthNotifyLayout->addWidget( mAuthNotify );
+  }
+  else
+  {
+    setupUi( this );
 
-  setWindowTitle( tr( "Authentication Config ID String Editor" ) );
+    setWindowTitle( tr( "Authentication Config ID String Editor" ) );
 
-  buttonBox->button( QDialogButtonBox::Close )->setDefault( true );
-  connect( buttonBox, SIGNAL( rejected() ), this, SLOT( close() ) );
-  connect( buttonBox, SIGNAL( accepted() ), this, SLOT( saveChanges() ) );
+    buttonBox->button( QDialogButtonBox::Close )->setDefault( true );
+    connect( buttonBox, SIGNAL( rejected() ), this, SLOT( close() ) );
+    connect( buttonBox, SIGNAL( accepted() ), this, SLOT( saveChanges() ) );
 
-  connect( buttonBox->button( QDialogButtonBox::Reset ), SIGNAL( clicked() ), this, SLOT( resetChanges() ) );
+    connect( buttonBox->button( QDialogButtonBox::Reset ), SIGNAL( clicked() ), this, SLOT( resetChanges() ) );
 
-  connect( wdgtAuthSelect, SIGNAL( selectedConfigIdChanged( QString ) ), this , SLOT( authCfgUpdated( QString ) ) );
-  connect( wdgtAuthSelect, SIGNAL( selectedConfigIdRemoved( QString ) ), this , SLOT( authCfgRemoved( QString ) ) );
+    connect( wdgtAuthSelect, SIGNAL( selectedConfigIdChanged( QString ) ), this , SLOT( authCfgUpdated( QString ) ) );
+    connect( wdgtAuthSelect, SIGNAL( selectedConfigIdRemoved( QString ) ), this , SLOT( authCfgRemoved( QString ) ) );
 
-  wdgtAuthSelect->setDataProviderKey( dataprovider );
-  setDataSourceUri( datauri );
+    wdgtAuthSelect->setDataProviderKey( dataprovider );
+    setDataSourceUri( datauri );
+  }
 }
 
 QgsAuthConfigUriEdit::~QgsAuthConfigUriEdit()
@@ -265,6 +294,10 @@ QgsAuthConfigUriEdit::~QgsAuthConfigUriEdit()
 
 void QgsAuthConfigUriEdit::setDataSourceUri( const QString &datauri )
 {
+  if ( mDisabled )
+  {
+    return;
+  }
   if ( datauri.isEmpty() )
     return;
 
@@ -291,11 +324,19 @@ void QgsAuthConfigUriEdit::setDataSourceUri( const QString &datauri )
 
 QString QgsAuthConfigUriEdit::dataSourceUri()
 {
+  if ( mDisabled )
+  {
+    return QString();
+  }
   return mDataUri;
 }
 
 bool QgsAuthConfigUriEdit::hasConfigID( const QString &txt )
 {
+  if ( QgsAuthManager::instance()->isDisabled() )
+  {
+    return false;
+  }
   return QgsAuthManager::instance()->hasConfigId( txt );
 }
 

diff --git a/src/gui/auth/qgsauthconfigselect.h b/src/gui/auth/qgsauthconfigselect.h
@@ -86,6 +86,7 @@ class GUI_EXPORT QgsAuthConfigSelect : public QWidget, private Ui::QgsAuthConfig
     QString mDataProvider;
     QgsAuthMethodConfigsMap mConfigs;
 
+    bool mDisabled;
     QVBoxLayout *mAuthNotifyLayout;
     QLabel *mAuthNotify;
 };
@@ -122,7 +123,7 @@ class GUI_EXPORT QgsAuthConfigUriEdit : public QDialog, private Ui::QgsAuthConfi
     /** The returned, possibly edited data source URI */
     QString dataSourceUri();
 
-    /** Whether a string conatins an authcfg ID */
+    /** Whether a string contains an authcfg ID */
     static bool hasConfigID( const QString &txt );
 
   private slots:
@@ -148,6 +149,10 @@ class GUI_EXPORT QgsAuthConfigUriEdit : public QDialog, private Ui::QgsAuthConfi
     QString mAuthCfg;
     QString mDataUri;
     QString mDataUriOrig;
+
+    bool mDisabled;
+    QVBoxLayout *mAuthNotifyLayout;
+    QLabel *mAuthNotify;
 };
 
 #endif // QGSAUTHCONFIGSELECT_H