xref: /trunk/main/sfx2/source/doc/docmacromode.cxx (revision d119d52d)
1 /**************************************************************
2  *
3  * Licensed to the Apache Software Foundation (ASF) under one
4  * or more contributor license agreements.  See the NOTICE file
5  * distributed with this work for additional information
6  * regarding copyright ownership.  The ASF licenses this file
7  * to you under the Apache License, Version 2.0 (the
8  * "License"); you may not use this file except in compliance
9  * with the License.  You may obtain a copy of the License at
10  *
11  *   http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing,
14  * software distributed under the License is distributed on an
15  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16  * KIND, either express or implied.  See the License for the
17  * specific language governing permissions and limitations
18  * under the License.
19  *
20  *************************************************************/
21 
22 
23 
24 // MARKER(update_precomp.py): autogen include statement, do not remove
25 #include "precompiled_sfx2.hxx"
26 
27 #include "sfx2/docmacromode.hxx"
28 #include "sfx2/signaturestate.hxx"
29 #include "sfx2/docfile.hxx"
30 
31 /** === begin UNO includes === **/
32 #include <com/sun/star/document/MacroExecMode.hpp>
33 #include <com/sun/star/task/ErrorCodeRequest.hpp>
34 #include <com/sun/star/task/DocumentMacroConfirmationRequest.hpp>
35 #include <com/sun/star/task/InteractionClassification.hpp>
36 #include <com/sun/star/security/XDocumentDigitalSignatures.hpp>
37 /** === end UNO includes === **/
38 
39 #include <comphelper/componentcontext.hxx>
40 #include <comphelper/processfactory.hxx>
41 #include <framework/interaction.hxx>
42 #include <osl/file.hxx>
43 #include <rtl/ref.hxx>
44 #include <unotools/securityoptions.hxx>
45 #include <svtools/sfxecode.hxx>
46 #include <tools/diagnose_ex.h>
47 #include <tools/urlobj.hxx>
48 
49 //........................................................................
50 namespace sfx2
51 {
52 //........................................................................
53 
54 	/** === begin UNO using === **/
55     using ::com::sun::star::uno::Reference;
56     using ::com::sun::star::task::XInteractionHandler;
57     using ::com::sun::star::uno::Any;
58     using ::com::sun::star::task::XInteractionHandler;
59     using ::com::sun::star::uno::Sequence;
60     using ::com::sun::star::task::XInteractionContinuation;
61     using ::com::sun::star::task::XInteractionRequest;
62     using ::com::sun::star::task::DocumentMacroConfirmationRequest;
63     using ::com::sun::star::task::ErrorCodeRequest;
64     using ::com::sun::star::uno::Exception;
65     using ::com::sun::star::security::XDocumentDigitalSignatures;
66     using ::com::sun::star::security::DocumentSignatureInformation;
67     using ::com::sun::star::embed::XStorage;
68     using ::com::sun::star::task::InteractionClassification_QUERY;
69     using ::com::sun::star::document::XEmbeddedScripts;
70     using ::com::sun::star::uno::UNO_SET_THROW;
71     using ::com::sun::star::script::XLibraryContainer;
72     using ::com::sun::star::container::XNameAccess;
73     using ::com::sun::star::uno::UNO_QUERY_THROW;
74 	/** === end UNO using === **/
75     namespace MacroExecMode = ::com::sun::star::document::MacroExecMode;
76 
77 	//====================================================================
78 	//= DocumentMacroMode_Data
79 	//====================================================================
80     struct DocumentMacroMode_Data
81     {
82         IMacroDocumentAccess&       m_rDocumentAccess;
83         sal_Bool                    m_bMacroDisabledMessageShown;
84         sal_Bool                    m_bDocMacroDisabledMessageShown;
85 
86         DocumentMacroMode_Data( IMacroDocumentAccess& rDocumentAccess )
87             :m_rDocumentAccess( rDocumentAccess )
88             ,m_bMacroDisabledMessageShown( sal_False )
89             ,m_bDocMacroDisabledMessageShown( sal_False )
90         {
91         }
92     };
93 
94 	//====================================================================
95 	//= helper
96 	//====================================================================
97     namespace
98     {
99         //................................................................
100         void lcl_showGeneralSfxErrorOnce( const Reference< XInteractionHandler >& rxHandler, const sal_Int32 nSfxErrorCode, sal_Bool& rbAlreadyShown )
101         {
102             if ( rbAlreadyShown )
103                 return;
104 
105             ErrorCodeRequest aErrorCodeRequest;
106             aErrorCodeRequest.ErrCode = nSfxErrorCode;
107 
108             SfxMedium::CallApproveHandler( rxHandler, makeAny( aErrorCodeRequest ), sal_False );
109             rbAlreadyShown = sal_True;
110         }
111 
112 	    //................................................................
113         void lcl_showMacrosDisabledError( const Reference< XInteractionHandler >& rxHandler, sal_Bool& rbAlreadyShown )
114         {
115             lcl_showGeneralSfxErrorOnce( rxHandler, ERRCODE_SFX_MACROS_SUPPORT_DISABLED, rbAlreadyShown );
116         }
117 
118         //................................................................
119         void lcl_showDocumentMacrosDisabledError( const Reference< XInteractionHandler >& rxHandler, sal_Bool& rbAlreadyShown )
120         {
121             lcl_showGeneralSfxErrorOnce( rxHandler, ERRCODE_SFX_DOCUMENT_MACRO_DISABLED, rbAlreadyShown );
122         }
123 
124         //................................................................
125         sal_Bool lcl_showMacroWarning( const Reference< XInteractionHandler >& rxHandler,
126             const ::rtl::OUString& rDocumentLocation )
127         {
128             DocumentMacroConfirmationRequest aRequest;
129             aRequest.DocumentURL = rDocumentLocation;
130             return SfxMedium::CallApproveHandler( rxHandler, makeAny( aRequest ), sal_True );
131         }
132     }
133 
134 	//====================================================================
135 	//= DocumentMacroMode
136 	//====================================================================
137 	//--------------------------------------------------------------------
138     DocumentMacroMode::DocumentMacroMode( IMacroDocumentAccess& rDocumentAccess )
139         :m_pData( new DocumentMacroMode_Data( rDocumentAccess ) )
140     {
141     }
142 
143 	//--------------------------------------------------------------------
144     DocumentMacroMode::~DocumentMacroMode()
145     {
146     }
147 
148 	//--------------------------------------------------------------------
149     sal_Bool DocumentMacroMode::allowMacroExecution()
150     {
151         m_pData->m_rDocumentAccess.setCurrentMacroExecMode( MacroExecMode::ALWAYS_EXECUTE_NO_WARN );
152         return sal_True;
153     }
154 
155 	//--------------------------------------------------------------------
156     sal_Bool DocumentMacroMode::disallowMacroExecution()
157     {
158         m_pData->m_rDocumentAccess.setCurrentMacroExecMode( MacroExecMode::NEVER_EXECUTE );
159         return sal_False;
160     }
161 
162 	//--------------------------------------------------------------------
163     sal_Bool DocumentMacroMode::adjustMacroMode( const Reference< XInteractionHandler >& rxInteraction )
164     {
165         sal_uInt16 nMacroExecutionMode = m_pData->m_rDocumentAccess.getCurrentMacroExecMode();
166 
167         if ( SvtSecurityOptions().IsMacroDisabled() )
168         {
169             // no macro should be executed at all
170             lcl_showMacrosDisabledError( rxInteraction, m_pData->m_bMacroDisabledMessageShown );
171             return disallowMacroExecution();
172         }
173 
174         // get setting from configuration if required
175         enum AutoConfirmation
176         {
177             eNoAutoConfirm,
178             eAutoConfirmApprove,
179             eAutoConfirmReject
180         };
181         AutoConfirmation eAutoConfirm( eNoAutoConfirm );
182 
183         if  (   ( nMacroExecutionMode == MacroExecMode::USE_CONFIG )
184             ||  ( nMacroExecutionMode == MacroExecMode::USE_CONFIG_REJECT_CONFIRMATION )
185             ||  ( nMacroExecutionMode == MacroExecMode::USE_CONFIG_APPROVE_CONFIRMATION )
186             )
187         {
188             SvtSecurityOptions aOpt;
189             switch ( aOpt.GetMacroSecurityLevel() )
190             {
191                 case 3:
192                     nMacroExecutionMode = MacroExecMode::FROM_LIST_NO_WARN;
193                     break;
194                 case 2:
195                     nMacroExecutionMode = MacroExecMode::FROM_LIST_AND_SIGNED_WARN;
196                     break;
197                 case 1:
198                     nMacroExecutionMode = MacroExecMode::ALWAYS_EXECUTE;
199                     break;
200                 case 0:
201                     nMacroExecutionMode = MacroExecMode::ALWAYS_EXECUTE_NO_WARN;
202                     break;
203                 default:
204                     OSL_ENSURE( sal_False, "DocumentMacroMode::adjustMacroMode: unexpected macro security level!" );
205                     nMacroExecutionMode = MacroExecMode::NEVER_EXECUTE;
206             }
207 
208             if ( nMacroExecutionMode == MacroExecMode::USE_CONFIG_REJECT_CONFIRMATION )
209                 eAutoConfirm = eAutoConfirmReject;
210             else if ( nMacroExecutionMode == MacroExecMode::USE_CONFIG_APPROVE_CONFIRMATION )
211                 eAutoConfirm = eAutoConfirmApprove;
212         }
213 
214         if ( nMacroExecutionMode == MacroExecMode::NEVER_EXECUTE )
215             return sal_False;
216 
217         if ( nMacroExecutionMode == MacroExecMode::ALWAYS_EXECUTE_NO_WARN )
218             return sal_True;
219 
220         try
221         {
222             ::rtl::OUString sReferrer( m_pData->m_rDocumentAccess.getDocumentLocation() );
223 
224             // get document location from medium name and check whether it is a trusted one
225             // the service is created ohne document version, since it is not of interest here
226             ::comphelper::ComponentContext aContext( ::comphelper::getProcessServiceFactory() );
227             Reference< XDocumentDigitalSignatures > xSignatures;
228             if ( aContext.createComponent( "com.sun.star.security.DocumentDigitalSignatures", xSignatures ) )
229             {
230                 INetURLObject aURLReferer( sReferrer );
231 
232                 ::rtl::OUString aLocation;
233                 if ( aURLReferer.removeSegment() )
234                     aLocation = aURLReferer.GetMainURL( INetURLObject::NO_DECODE );
235 
236                 if ( aLocation.getLength() && xSignatures->isLocationTrusted( aLocation ) )
237                 {
238                     return allowMacroExecution();
239                 }
240             }
241 
242             // at this point it is clear that the document is not in the secure location
243             if ( nMacroExecutionMode == MacroExecMode::FROM_LIST_NO_WARN )
244             {
245                 lcl_showDocumentMacrosDisabledError( rxInteraction, m_pData->m_bDocMacroDisabledMessageShown );
246                 return disallowMacroExecution();
247             }
248 
249             // check whether the document is signed with trusted certificate
250             if ( nMacroExecutionMode != MacroExecMode::FROM_LIST )
251             {
252                 // the trusted macro check will also retrieve the signature state ( small optimization )
253                 sal_Bool bHasTrustedMacroSignature = m_pData->m_rDocumentAccess.hasTrustedScriptingSignature( nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN );
254 
255                 sal_uInt16 nSignatureState = m_pData->m_rDocumentAccess.getScriptingSignatureState();
256                 if ( nSignatureState == SIGNATURESTATE_SIGNATURES_BROKEN )
257                 {
258                     // the signature is broken, no macro execution
259                     if ( nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN )
260                         m_pData->m_rDocumentAccess.showBrokenSignatureWarning( rxInteraction );
261 
262                     return disallowMacroExecution();
263                 }
264                 else if ( bHasTrustedMacroSignature )
265                 {
266                     // there is trusted macro signature, allow macro execution
267                     return allowMacroExecution();
268                 }
269                 else if ( nSignatureState == SIGNATURESTATE_SIGNATURES_OK
270                        || nSignatureState == SIGNATURESTATE_SIGNATURES_NOTVALIDATED )
271                 {
272                     // there is valid signature, but it is not from the trusted author
273                     return disallowMacroExecution();
274                 }
275             }
276 
277             // at this point it is clear that the document is neither in secure location nor signed with trusted certificate
278             if  (   ( nMacroExecutionMode == MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN )
279                 ||  ( nMacroExecutionMode == MacroExecMode::FROM_LIST_AND_SIGNED_WARN )
280                 )
281             {
282                 if  ( nMacroExecutionMode == MacroExecMode::FROM_LIST_AND_SIGNED_WARN )
283                     lcl_showDocumentMacrosDisabledError( rxInteraction, m_pData->m_bDocMacroDisabledMessageShown );
284 
285                 return disallowMacroExecution();
286             }
287         }
288         catch ( Exception& )
289         {
290             if  (   ( nMacroExecutionMode == MacroExecMode::FROM_LIST_NO_WARN )
291                 ||  ( nMacroExecutionMode == MacroExecMode::FROM_LIST_AND_SIGNED_WARN )
292                 ||  ( nMacroExecutionMode == MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN )
293                 )
294             {
295                 return disallowMacroExecution();
296             }
297         }
298 
299         // conformation is required
300         sal_Bool bSecure = sal_False;
301 
302         if ( eAutoConfirm == eNoAutoConfirm )
303         {
304             ::rtl::OUString sReferrer( m_pData->m_rDocumentAccess.getDocumentLocation() );
305 
306             ::rtl::OUString aSystemFileURL;
307             if ( osl::FileBase::getSystemPathFromFileURL( sReferrer, aSystemFileURL ) == osl::FileBase::E_None )
308                 sReferrer = aSystemFileURL;
309 
310             bSecure = lcl_showMacroWarning( rxInteraction, sReferrer );
311         }
312         else
313             bSecure = ( eAutoConfirm == eAutoConfirmApprove );
314 
315         return ( bSecure ? allowMacroExecution() : disallowMacroExecution() );
316     }
317 
318 	//--------------------------------------------------------------------
319     sal_Bool DocumentMacroMode::isMacroExecutionDisallowed() const
320     {
321         return m_pData->m_rDocumentAccess.getCurrentMacroExecMode() == MacroExecMode::NEVER_EXECUTE;
322     }
323 
324     //--------------------------------------------------------------------
325     sal_Bool DocumentMacroMode::hasMacroLibrary() const
326     {
327         sal_Bool bHasMacroLib = sal_False;
328         try
329         {
330             Reference< XEmbeddedScripts > xScripts( m_pData->m_rDocumentAccess.getEmbeddedDocumentScripts() );
331             Reference< XLibraryContainer > xContainer;
332             if ( xScripts.is() )
333                 xContainer.set( xScripts->getBasicLibraries(), UNO_QUERY_THROW );
334 
335             if ( xContainer.is() )
336             {
337                 // a library container exists; check if it's empty
338 
339 			    // if there are libraries except the "Standard" library
340 			    // we assume that they are not empty (because they have been created by the user)
341 			    if ( !xContainer->hasElements() )
342                     bHasMacroLib = sal_False;
343                 else
344 			    {
345 				    ::rtl::OUString aStdLibName( RTL_CONSTASCII_USTRINGPARAM( "Standard" ) );
346 				    Sequence< ::rtl::OUString > aElements = xContainer->getElementNames();
347 				    if ( aElements.getLength() )
348 				    {
349 					    if ( aElements.getLength() > 1 || !aElements[0].equals( aStdLibName ) )
350 						    bHasMacroLib = sal_True;
351 					    else
352 					    {
353 						    // usually a "Standard" library is always present (design)
354 						    // for this reason we must check if it's empty
355                             //
356                             // Note: Since #i73229#, this is not true anymore. There's no default
357                             // "Standard" lib anymore. Wouldn't it be time to get completely
358                             // rid of the "Standard" thingie - this shouldn't be necessary
359                             // anymore, should it?
360                             // 2007-01-25 / frank.schoenheit@sun.com
361 						    Reference < XNameAccess > xLib;
362 						    Any aAny = xContainer->getByName( aStdLibName );
363 						    aAny >>= xLib;
364 						    if ( xLib.is() )
365 							    bHasMacroLib = xLib->hasElements();
366 					    }
367 				    }
368 			    }
369 		    }
370         }
371         catch( const Exception& )
372         {
373             DBG_UNHANDLED_EXCEPTION();
374         }
375 
376         return bHasMacroLib;
377     }
378 
379 	//--------------------------------------------------------------------
380     sal_Bool DocumentMacroMode::storageHasMacros( const Reference< XStorage >& rxStorage )
381     {
382 	    sal_Bool bHasMacros = sal_False;
383 	    if ( rxStorage.is() )
384 	    {
385 		    try
386 		    {
387                 static const ::rtl::OUString s_sBasicStorageName( ::rtl::OUString::intern( RTL_CONSTASCII_USTRINGPARAM( "Basic" ) ) );
388                 static const ::rtl::OUString s_sScriptsStorageName( ::rtl::OUString::intern( RTL_CONSTASCII_USTRINGPARAM( "Scripts" ) ) );
389 
390                 bHasMacros =(   (   rxStorage->hasByName( s_sBasicStorageName )
391                                 &&  rxStorage->isStorageElement( s_sBasicStorageName )
392                                 )
393                             ||  (   rxStorage->hasByName( s_sScriptsStorageName )
394                                 &&  rxStorage->isStorageElement( s_sScriptsStorageName )
395                                 )
396                             );
397 		    }
398 		    catch ( const Exception& )
399 		    {
400 			    DBG_UNHANDLED_EXCEPTION();
401 		    }
402 	    }
403         return bHasMacros;
404     }
405 
406 	//--------------------------------------------------------------------
407     sal_Bool DocumentMacroMode::checkMacrosOnLoading( const Reference< XInteractionHandler >& rxInteraction )
408     {
409         sal_Bool bAllow = sal_False;
410         if ( SvtSecurityOptions().IsMacroDisabled() )
411         {
412             // no macro should be executed at all
413             bAllow = disallowMacroExecution();
414         }
415         else
416         {
417             if ( m_pData->m_rDocumentAccess.documentStorageHasMacros() || hasMacroLibrary() )
418             {
419                 bAllow = adjustMacroMode( rxInteraction );
420             }
421             else if ( !isMacroExecutionDisallowed() )
422             {
423                 // if macros will be added by the user later, the security check is obsolete
424                 bAllow = allowMacroExecution();
425             }
426         }
427         return bAllow;
428     }
429 
430 //........................................................................
431 } // namespace sfx2
432 //........................................................................
433