1 /**************************************************************
2  *
3  * Licensed to the Apache Software Foundation (ASF) under one
4  * or more contributor license agreements.  See the NOTICE file
5  * distributed with this work for additional information
6  * regarding copyright ownership.  The ASF licenses this file
7  * to you under the Apache License, Version 2.0 (the
8  * "License"); you may not use this file except in compliance
9  * with the License.  You may obtain a copy of the License at
10  *
11  *   http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing,
14  * software distributed under the License is distributed on an
15  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16  * KIND, either express or implied.  See the License for the
17  * specific language governing permissions and limitations
18  * under the License.
19  *
20  *************************************************************/
21 
22 
23 
24 // MARKER(update_precomp.py): autogen include statement, do not remove
25 #include "precompiled_unotools.hxx"
26 #ifndef GCC
27 #endif
28 
29 //_________________________________________________________________________________________________________________
30 //	includes
31 //_________________________________________________________________________________________________________________
32 
33 #include <unotools/securityoptions.hxx>
34 #include <unotools/configmgr.hxx>
35 #include <unotools/configitem.hxx>
36 #include <tools/debug.hxx>
37 #include <com/sun/star/uno/Any.hxx>
38 #include <com/sun/star/uno/Sequence.hxx>
39 
40 #include <com/sun/star/beans/PropertyValue.hpp>
41 #include <tools/urlobj.hxx>
42 #include <tools/wldcrd.hxx>
43 
44 #include <unotools/pathoptions.hxx>
45 
46 #include <rtl/logfile.hxx>
47 #include "itemholder1.hxx"
48 
49 //_________________________________________________________________________________________________________________
50 //	namespaces
51 //_________________________________________________________________________________________________________________
52 
53 using namespace ::utl					;
54 using namespace ::rtl					;
55 using namespace ::osl					;
56 using namespace ::com::sun::star::uno	;
57 
58 //_________________________________________________________________________________________________________________
59 //	const
60 //_________________________________________________________________________________________________________________
61 
62 #define	ROOTNODE_SECURITY				OUString(RTL_CONSTASCII_USTRINGPARAM("Office.Common/Security/Scripting"))
63 #define	DEFAULT_SECUREURL				Sequence< OUString >()
64 #define	DEFAULT_SECLEVEL				3
65 #define DEFAULT_TRUSTEDAUTHORS			Sequence< SvtSecurityOptions::Certificate >()
66 
67 // xmlsec05 depricated
68 #define	DEFAULT_STAROFFICEBASIC			eALWAYS_EXECUTE
69 
70 #define	CSTR_SECUREURL					"SecureURL"
71 #define CSTR_DOCWARN_SAVEORSEND			"WarnSaveOrSendDoc"
72 #define CSTR_DOCWARN_SIGNING			"WarnSignDoc"
73 #define CSTR_DOCWARN_PRINT				"WarnPrintDoc"
74 #define CSTR_DOCWARN_CREATEPDF			"WarnCreatePDF"
75 #define CSTR_DOCWARN_REMOVEPERSONALINFO	"RemovePersonalInfoOnSaving"
76 #define CSTR_DOCWARN_RECOMMENDPASSWORD	"RecommendPasswordProtection"
77 #define CSTR_CTRLCLICK_HYPERLINK        "HyperlinksWithCtrlClick"
78 #define CSTR_MACRO_SECLEVEL				"MacroSecurityLevel"
79 #define CSTR_MACRO_TRUSTEDAUTHORS		"TrustedAuthors"
80 #define CSTR_MACRO_DISABLE				"DisableMacrosExecution"
81 #define CSTR_TRUSTEDAUTHOR_SUBJECTNAME	"SubjectName"
82 #define CSTR_TRUSTEDAUTHOR_SERIALNUMBER	"SerialNumber"
83 #define CSTR_TRUSTEDAUTHOR_RAWDATA		"RawData"
84 
85 #define	PROPERTYNAME_SECUREURL					OUString(RTL_CONSTASCII_USTRINGPARAM(CSTR_SECUREURL						))
86 #define PROPERTYNAME_DOCWARN_SAVEORSEND			OUString(RTL_CONSTASCII_USTRINGPARAM(CSTR_DOCWARN_SAVEORSEND			))
87 #define PROPERTYNAME_DOCWARN_SIGNING			OUString(RTL_CONSTASCII_USTRINGPARAM(CSTR_DOCWARN_SIGNING				))
88 #define PROPERTYNAME_DOCWARN_PRINT				OUString(RTL_CONSTASCII_USTRINGPARAM(CSTR_DOCWARN_PRINT					))
89 #define PROPERTYNAME_DOCWARN_CREATEPDF			OUString(RTL_CONSTASCII_USTRINGPARAM(CSTR_DOCWARN_CREATEPDF				))
90 #define PROPERTYNAME_DOCWARN_REMOVEPERSONALINFO	OUString(RTL_CONSTASCII_USTRINGPARAM(CSTR_DOCWARN_REMOVEPERSONALINFO	))
91 #define PROPERTYNAME_DOCWARN_RECOMMENDPASSWORD  OUString(RTL_CONSTASCII_USTRINGPARAM(CSTR_DOCWARN_RECOMMENDPASSWORD     ))
92 #define PROPERTYNAME_CTRLCLICK_HYPERLINK        OUString(RTL_CONSTASCII_USTRINGPARAM(CSTR_CTRLCLICK_HYPERLINK           ))
93 #define PROPERTYNAME_MACRO_SECLEVEL				OUString(RTL_CONSTASCII_USTRINGPARAM(CSTR_MACRO_SECLEVEL				))
94 #define PROPERTYNAME_MACRO_TRUSTEDAUTHORS		OUString(RTL_CONSTASCII_USTRINGPARAM(CSTR_MACRO_TRUSTEDAUTHORS			))
95 #define PROPERTYNAME_MACRO_DISABLE				OUString(RTL_CONSTASCII_USTRINGPARAM(CSTR_MACRO_DISABLE					))
96 #define PROPERTYNAME_TRUSTEDAUTHOR_SUBJECTNAME	OUString(RTL_CONSTASCII_USTRINGPARAM(CSTR_TRUSTEDAUTHOR_SUBJECTNAME))
97 #define PROPERTYNAME_TRUSTEDAUTHOR_SERIALNUMBER	OUString(RTL_CONSTASCII_USTRINGPARAM(CSTR_TRUSTEDAUTHOR_SERIALNUMBER))
98 #define PROPERTYNAME_TRUSTEDAUTHOR_RAWDATA		OUString(RTL_CONSTASCII_USTRINGPARAM(CSTR_TRUSTEDAUTHOR_RAWDATA))
99 
100 // xmlsec05 depricated
101 #define	PROPERTYNAME_STAROFFICEBASIC	OUString(RTL_CONSTASCII_USTRINGPARAM("OfficeBasic"	))
102 #define PROPERTYNAME_EXECUTEPLUGINS     OUString(RTL_CONSTASCII_USTRINGPARAM("ExecutePlugins"  ))
103 #define PROPERTYNAME_WARNINGENABLED     OUString(RTL_CONSTASCII_USTRINGPARAM("Warning"  ))
104 #define PROPERTYNAME_CONFIRMATIONENABLED OUString(RTL_CONSTASCII_USTRINGPARAM("Confirmation"  ))
105 // xmlsec05 depricated
106 
107 
108 #define	PROPERTYHANDLE_SECUREURL					0
109 
110 // xmlsec05 depricated
111 #define	PROPERTYHANDLE_STAROFFICEBASIC	1
112 #define PROPERTYHANDLE_EXECUTEPLUGINS   2
113 #define PROPERTYHANDLE_WARNINGENABLED   3
114 #define PROPERTYHANDLE_CONFIRMATIONENABLED 4
115 // xmlsec05 depricated
116 
117 #define PROPERTYHANDLE_DOCWARN_SAVEORSEND			5
118 #define PROPERTYHANDLE_DOCWARN_SIGNING				6
119 #define PROPERTYHANDLE_DOCWARN_PRINT				7
120 #define PROPERTYHANDLE_DOCWARN_CREATEPDF			8
121 #define PROPERTYHANDLE_DOCWARN_REMOVEPERSONALINFO	9
122 #define PROPERTYHANDLE_DOCWARN_RECOMMENDPASSWORD    10
123 #define PROPERTYHANDLE_CTRLCLICK_HYPERLINK          11
124 #define PROPERTYHANDLE_MACRO_SECLEVEL               12
125 #define PROPERTYHANDLE_MACRO_TRUSTEDAUTHORS         13
126 #define PROPERTYHANDLE_MACRO_DISABLE                14
127 
128 #define PROPERTYCOUNT                               15
129 #define PROPERTYHANDLE_INVALID						-1
130 
131 #define CFG_READONLY_DEFAULT						sal_False
132 
133 //_________________________________________________________________________________________________________________
134 //	private declarations!
135 //_________________________________________________________________________________________________________________
136 
137 class SvtSecurityOptions_Impl : public ConfigItem
138 {
139 	//-------------------------------------------------------------------------------------------------------------
140 	//	public methods
141 	//-------------------------------------------------------------------------------------------------------------
142 
143 	public:
144 
145 		//---------------------------------------------------------------------------------------------------------
146 		//	constructor / destructor
147 		//---------------------------------------------------------------------------------------------------------
148 
149 		 SvtSecurityOptions_Impl();
150 		~SvtSecurityOptions_Impl();
151 
152 		//---------------------------------------------------------------------------------------------------------
153 		//	overloaded methods of baseclass
154 		//---------------------------------------------------------------------------------------------------------
155 
156 		/*-****************************************************************************************************//**
157 			@short		called for notify of configmanager
158 			@descr		These method is called from the ConfigManager before application ends or from the
159 			 			PropertyChangeListener if the sub tree broadcasts changes. You must update your
160 						internal values.
161 
162 			@seealso	baseclass ConfigItem
163 
164 			@param		"seqPropertyNames" is the list of properties which should be updated.
165 			@return		-
166 
167 			@onerror	-
168 		*//*-*****************************************************************************************************/
169 
170     	virtual void Notify( const Sequence< OUString >& seqPropertyNames );
171 
172 		/*-****************************************************************************************************//**
173 			@short		write changes to configuration
174 			@descr		These method writes the changed values into the sub tree
175 						and should always called in our destructor to guarantee consistency of config data.
176 
177 			@seealso	baseclass ConfigItem
178 
179 			@param		-
180 			@return		-
181 
182 			@onerror	-
183 		*//*-*****************************************************************************************************/
184 
185     	virtual void Commit();
186 
187 		//---------------------------------------------------------------------------------------------------------
188 		//	public interface
189 		//---------------------------------------------------------------------------------------------------------
190 
191 		sal_Bool				IsReadOnly		( SvtSecurityOptions::EOption eOption					) const	;
192 
193 		Sequence< OUString >	GetSecureURLs	(														) const	;
194 		void					SetSecureURLs	(	const	Sequence< OUString >&	seqURLList			)		;
195 		sal_Bool				IsSecureURL		(	const	OUString&				sURL,
196 													const	OUString&				sReferer			) const	;
197 		inline sal_Int32		GetMacroSecurityLevel	(												) const	;
198 		void					SetMacroSecurityLevel	( sal_Int32 _nLevel								)		;
199 
200 		inline sal_Bool			IsMacroDisabled			(												) const	;
201 
202 		Sequence< SvtSecurityOptions::Certificate >	GetTrustedAuthors		(																						) const	;
203 		void										SetTrustedAuthors		( const Sequence< SvtSecurityOptions::Certificate >& rAuthors							)		;
204 		sal_Bool									IsTrustedAuthorsEnabled	(																						)		;
205 
206 		sal_Bool				IsOptionSet		( SvtSecurityOptions::EOption eOption					) const	;
207 		sal_Bool				SetOption		( SvtSecurityOptions::EOption eOption, sal_Bool bValue	)		;
208 		sal_Bool				IsOptionEnabled	( SvtSecurityOptions::EOption eOption					) const	;
209 private:
210 
211 		/*-****************************************************************************************************//**
212 			@short		return list of key names of ouer configuration management which represent our module tree
213 			@descr		These methods return a static const list of key names. We need it to get needed values from our
214 						configuration management.
215 
216 			@seealso	-
217 
218 			@param		-
219 			@return		A list of needed configuration keys is returned.
220 
221 			@onerror	-
222 		*//*-*****************************************************************************************************/
223 
224 		void					SetProperty( sal_Int32 nHandle, const Any& rValue, sal_Bool bReadOnly );
225 		void					LoadAuthors( void );
226 		static sal_Int32		GetHandle( const OUString& rPropertyName );
227 		bool					GetOption( SvtSecurityOptions::EOption eOption, sal_Bool*& rpValue, sal_Bool*& rpRO );
228 
229 		static Sequence< OUString > GetPropertyNames();
230 
231         Sequence< OUString >					    m_seqSecureURLs;
232 		sal_Bool									m_bSaveOrSend;
233 		sal_Bool									m_bSigning;
234 		sal_Bool									m_bPrint;
235 		sal_Bool									m_bCreatePDF;
236 		sal_Bool									m_bRemoveInfo;
237         sal_Bool                                    m_bRecommendPwd;
238         sal_Bool                                    m_bCtrlClickHyperlink;
239 		sal_Int32									m_nSecLevel;
240 		Sequence< SvtSecurityOptions::Certificate >	m_seqTrustedAuthors;
241 		sal_Bool									m_bDisableMacros;
242 
243         sal_Bool                					m_bROSecureURLs;
244 		sal_Bool									m_bROSaveOrSend;
245 		sal_Bool									m_bROSigning;
246 		sal_Bool									m_bROPrint;
247 		sal_Bool									m_bROCreatePDF;
248 		sal_Bool									m_bRORemoveInfo;
249         sal_Bool                                    m_bRORecommendPwd;
250         sal_Bool                                    m_bROCtrlClickHyperlink;
251 		sal_Bool									m_bROSecLevel;
252 		sal_Bool									m_bROTrustedAuthors;
253 		sal_Bool									m_bRODisableMacros;
254 
255 
256 		// xmlsec05 depricated
257         EBasicSecurityMode      m_eBasicMode;
258         sal_Bool                m_bExecutePlugins;
259         sal_Bool                m_bWarning;
260         sal_Bool                m_bConfirmation;
261 
262         sal_Bool                m_bROConfirmation;
263         sal_Bool                m_bROWarning;
264         sal_Bool                m_bROExecutePlugins;
265         sal_Bool                m_bROBasicMode;
266 		public:
267         sal_Bool IsWarningEnabled() const;
268         void SetWarningEnabled( sal_Bool bSet );
269         sal_Bool IsConfirmationEnabled() const;
270         void SetConfirmationEnabled( sal_Bool bSet );
271         sal_Bool    IsExecutePlugins() const;
272         void        SetExecutePlugins( sal_Bool bSet );
273 		EBasicSecurityMode		GetBasicMode	(												) const	;
274 		void					SetBasicMode	(			EBasicSecurityMode		eMode		)		;
275 };
276 
277 //_________________________________________________________________________________________________________________
278 //	definitions
279 //_________________________________________________________________________________________________________________
280 
281 //*****************************************************************************************************************
282 //	constructor
283 //*****************************************************************************************************************
SvtSecurityOptions_Impl()284 SvtSecurityOptions_Impl::SvtSecurityOptions_Impl()
285 	:ConfigItem				( ROOTNODE_SECURITY			)
286 	,m_seqSecureURLs		( DEFAULT_SECUREURL			)
287 	,m_bSaveOrSend			( sal_True					)
288 	,m_bSigning				( sal_True					)
289 	,m_bPrint				( sal_True					)
290 	,m_bCreatePDF			( sal_True					)
291 	,m_bRemoveInfo			( sal_True					)
292 	,m_nSecLevel			( sal_True					)
293 	,m_seqTrustedAuthors	( DEFAULT_TRUSTEDAUTHORS	)
294 	,m_bDisableMacros		( sal_False					)
295 	,m_bROSecureURLs		( CFG_READONLY_DEFAULT		)
296 	,m_bROSaveOrSend		( CFG_READONLY_DEFAULT		)
297 	,m_bROSigning			( CFG_READONLY_DEFAULT		)
298 	,m_bROPrint				( CFG_READONLY_DEFAULT		)
299 	,m_bROCreatePDF			( CFG_READONLY_DEFAULT		)
300 	,m_bRORemoveInfo		( CFG_READONLY_DEFAULT		)
301 	,m_bROSecLevel			( CFG_READONLY_DEFAULT		)
302 	,m_bROTrustedAuthors	( CFG_READONLY_DEFAULT		)
303 	,m_bRODisableMacros		( sal_True					) // currently is not intended to be changed
304 
305 	// xmlsec05 depricated
306     ,   m_eBasicMode        ( DEFAULT_STAROFFICEBASIC )
307     ,   m_bExecutePlugins   ( sal_True                )
308     ,   m_bWarning          ( sal_True                )
309     ,   m_bConfirmation     ( sal_True                )
310     ,   m_bROConfirmation   ( CFG_READONLY_DEFAULT    )
311     ,   m_bROWarning        ( CFG_READONLY_DEFAULT    )
312     ,   m_bROExecutePlugins ( CFG_READONLY_DEFAULT    )
313     ,   m_bROBasicMode      ( CFG_READONLY_DEFAULT    )
314 	// xmlsec05 depricated
315 
316 {
317 	Sequence< OUString >	seqNames	= GetPropertyNames	(			);
318 	Sequence< Any >			seqValues	= GetProperties		( seqNames	);
319 	Sequence< sal_Bool >	seqRO		= GetReadOnlyStates	( seqNames	);
320 
321 	// Safe impossible cases.
322 	// We need values from ALL configuration keys.
323 	// Follow assignment use order of values in relation to our list of key names!
324 	DBG_ASSERT( !(seqNames.getLength()!=seqValues.getLength()), "SvtSecurityOptions_Impl::SvtSecurityOptions_Impl()\nI miss some values of configuration keys!\n" );
325 
326 	// Copy values from list in right order to our internal member.
327 	sal_Int32				nPropertyCount = seqValues.getLength();
328 	for( sal_Int32 nProperty = 0 ; nProperty < nPropertyCount ; ++nProperty )
329 		SetProperty( nProperty, seqValues[ nProperty ], seqRO[ nProperty ] );
330 
331 	LoadAuthors();
332 
333 	// Enable notification mechanism of our baseclass.
334 	// We need it to get information about changes outside these class on our used configuration keys!*/
335 
336 	EnableNotification( seqNames );
337 }
338 
339 //*****************************************************************************************************************
340 //	destructor
341 //*****************************************************************************************************************
~SvtSecurityOptions_Impl()342 SvtSecurityOptions_Impl::~SvtSecurityOptions_Impl()
343 {
344 	if( IsModified() )
345 		Commit();
346 }
347 
SetProperty(sal_Int32 nProperty,const Any & rValue,sal_Bool bRO)348 void SvtSecurityOptions_Impl::SetProperty( sal_Int32 nProperty, const Any& rValue, sal_Bool bRO )
349 {
350 	switch( nProperty )
351 	{
352 		case PROPERTYHANDLE_SECUREURL:
353 		{
354 			m_seqSecureURLs.realloc( 0 );
355 			rValue >>= m_seqSecureURLs;
356 			SvtPathOptions	aOpt;
357         	sal_uInt32		nCount = m_seqSecureURLs.getLength();
358         	for( sal_uInt32 nItem = 0 ; nItem < nCount ; ++nItem )
359 				m_seqSecureURLs[ nItem ] = aOpt.SubstituteVariable( m_seqSecureURLs[ nItem ] );
360 			m_bROSecureURLs = bRO;
361 		}
362 		break;
363 
364 		case PROPERTYHANDLE_DOCWARN_SAVEORSEND:
365 		{
366 			rValue >>= m_bSaveOrSend;
367 			m_bROSaveOrSend = bRO;
368 		}
369 		break;
370 
371 		case PROPERTYHANDLE_DOCWARN_SIGNING:
372 		{
373 			rValue >>= m_bSigning;
374 			m_bROSigning = bRO;
375 		}
376 		break;
377 
378 		case PROPERTYHANDLE_DOCWARN_PRINT:
379 		{
380 			rValue >>= m_bPrint;
381 			m_bROPrint = bRO;
382 		}
383 		break;
384 
385 		case PROPERTYHANDLE_DOCWARN_CREATEPDF:
386 		{
387 			rValue >>= m_bCreatePDF;
388 			m_bROCreatePDF = bRO;
389 		}
390 		break;
391 
392 		case PROPERTYHANDLE_DOCWARN_REMOVEPERSONALINFO:
393 		{
394 			rValue >>= m_bRemoveInfo;
395 			m_bRORemoveInfo = bRO;
396 		}
397 		break;
398 
399         case PROPERTYHANDLE_DOCWARN_RECOMMENDPASSWORD:
400         {
401             rValue >>= m_bRecommendPwd;
402             m_bRORecommendPwd = bRO;
403         }
404 		break;
405 
406         case PROPERTYHANDLE_CTRLCLICK_HYPERLINK:
407         {
408             rValue >>= m_bCtrlClickHyperlink;
409             m_bROCtrlClickHyperlink = bRO;
410         }
411 		break;
412 
413 		case PROPERTYHANDLE_MACRO_SECLEVEL:
414 		{
415 			rValue >>= m_nSecLevel;
416 			m_bROSecLevel = bRO;
417 		}
418 		break;
419 
420 		case PROPERTYHANDLE_MACRO_TRUSTEDAUTHORS:
421         {
422 			// don't care about value here...
423             m_bROTrustedAuthors = bRO;
424         }
425 		break;
426 
427 		case PROPERTYHANDLE_MACRO_DISABLE:
428 		{
429 			rValue >>= m_bDisableMacros;
430 			m_bRODisableMacros = bRO;
431 		}
432 		break;
433 
434 
435 		// xmlsec05 depricated
436         case PROPERTYHANDLE_STAROFFICEBASIC:
437 		{
438 			sal_Int32 nMode = 0;
439 			rValue >>= nMode;
440 			m_eBasicMode = (EBasicSecurityMode)nMode;
441             m_bROBasicMode = bRO;
442 		}
443 		break;
444         case PROPERTYHANDLE_EXECUTEPLUGINS:
445 		{
446 			rValue >>= m_bExecutePlugins;
447 			m_bROExecutePlugins = bRO;
448 		}
449 		break;
450         case PROPERTYHANDLE_WARNINGENABLED:
451 		{
452 			rValue >>= m_bWarning;
453 			m_bROWarning = bRO;
454 		}
455 		break;
456         case PROPERTYHANDLE_CONFIRMATIONENABLED:
457 		{
458 			rValue >>= m_bConfirmation;
459 			m_bROConfirmation = bRO;
460 		}
461 		break;
462 		// xmlsec05 depricated
463 
464 
465 		#if OSL_DEBUG_LEVEL > 1
466 		default:
467 			DBG_ASSERT( false, "SvtSecurityOptions_Impl::SetProperty()\nUnkown property!\n" );
468 		#endif
469 	}
470 }
471 
LoadAuthors(void)472 void SvtSecurityOptions_Impl::LoadAuthors( void )
473 {
474 	m_seqTrustedAuthors.realloc( 0 );		// first clear
475 	Sequence< OUString >	lAuthors = GetNodeNames( PROPERTYNAME_MACRO_TRUSTEDAUTHORS );
476 	sal_Int32				c1 = lAuthors.getLength();
477 	if( c1 )
478 	{
479 		sal_Int32				c2 = c1 * 3;				// 3 Properties inside Struct TrustedAuthor
480 		Sequence< OUString >	lAllAuthors( c2 );
481 
482 		sal_Int32				i1;
483 		sal_Int32				i2;
484 		OUString				aSep( RTL_CONSTASCII_USTRINGPARAM( "/" ) );
485 		for( i1 = 0, i2 = 0 ; i1 < c1 ; ++i1 )
486 		{
487 			lAllAuthors[ i2 ] = PROPERTYNAME_MACRO_TRUSTEDAUTHORS + aSep + lAuthors[ i1 ] + aSep + PROPERTYNAME_TRUSTEDAUTHOR_SUBJECTNAME;
488 			++i2;
489 			lAllAuthors[ i2 ] = PROPERTYNAME_MACRO_TRUSTEDAUTHORS + aSep + lAuthors[ i1 ] + aSep + PROPERTYNAME_TRUSTEDAUTHOR_SERIALNUMBER;
490 			++i2;
491 			lAllAuthors[ i2 ] = PROPERTYNAME_MACRO_TRUSTEDAUTHORS + aSep + lAuthors[ i1 ] + aSep + PROPERTYNAME_TRUSTEDAUTHOR_RAWDATA;
492 			++i2;
493 		}
494 
495 		Sequence< Any >			lValues = GetProperties( lAllAuthors );
496 		if( lValues.getLength() == c2 )
497 		{
498 			m_seqTrustedAuthors.realloc( c1 );
499 			SvtSecurityOptions::Certificate aCert( 3 );
500 			for( i1 = 0, i2 = 0 ; i1 < c1 ; ++i1 )
501 			{
502 				lValues[ i2 ] >>= aCert[ 0 ];
503 				++i2;
504 				lValues[ i2 ] >>= aCert[ 1 ];
505 				++i2;
506 				lValues[ i2 ] >>= aCert[ 2 ];
507 				++i2;
508 				m_seqTrustedAuthors[ i1 ] = aCert;
509 			}
510 		}
511 	}
512 }
513 
GetHandle(const OUString & rName)514 sal_Int32 SvtSecurityOptions_Impl::GetHandle( const OUString& rName )
515 {
516 	sal_Int32	nHandle;
517 
518 	if( rName.compareToAscii( CSTR_SECUREURL ) == 0 )
519 		nHandle = PROPERTYHANDLE_SECUREURL;
520 	else if( rName.compareToAscii( CSTR_DOCWARN_SAVEORSEND ) == 0 )
521 		nHandle = PROPERTYHANDLE_DOCWARN_SAVEORSEND;
522 	else if( rName.compareToAscii( CSTR_DOCWARN_SIGNING ) == 0 )
523 		nHandle = PROPERTYHANDLE_DOCWARN_SIGNING;
524 	else if( rName.compareToAscii( CSTR_DOCWARN_PRINT ) == 0 )
525 		nHandle = PROPERTYHANDLE_DOCWARN_PRINT;
526 	else if( rName.compareToAscii( CSTR_DOCWARN_CREATEPDF ) == 0 )
527 		nHandle = PROPERTYHANDLE_DOCWARN_CREATEPDF;
528 	else if( rName.compareToAscii( CSTR_DOCWARN_REMOVEPERSONALINFO ) == 0 )
529 		nHandle = PROPERTYHANDLE_DOCWARN_REMOVEPERSONALINFO;
530     else if( rName.compareToAscii( CSTR_DOCWARN_RECOMMENDPASSWORD ) == 0 )
531         nHandle = PROPERTYHANDLE_DOCWARN_RECOMMENDPASSWORD;
532     else if( rName.compareToAscii( CSTR_CTRLCLICK_HYPERLINK ) == 0 )
533         nHandle = PROPERTYHANDLE_CTRLCLICK_HYPERLINK;
534 	else if( rName.compareToAscii( CSTR_MACRO_SECLEVEL ) == 0 )
535 		nHandle = PROPERTYHANDLE_MACRO_SECLEVEL;
536 	else if( rName.compareToAscii( CSTR_MACRO_TRUSTEDAUTHORS ) == 0 )
537 		nHandle = PROPERTYHANDLE_MACRO_TRUSTEDAUTHORS;
538 	else if( rName.compareToAscii( CSTR_MACRO_DISABLE ) == 0 )
539 		nHandle = PROPERTYHANDLE_MACRO_DISABLE;
540 
541 	// xmlsec05 depricated
542 	else if( rName == PROPERTYNAME_STAROFFICEBASIC )
543 		nHandle = PROPERTYHANDLE_STAROFFICEBASIC;
544 	else if( rName == PROPERTYNAME_EXECUTEPLUGINS )
545 		nHandle = PROPERTYHANDLE_EXECUTEPLUGINS;
546 	else if( rName == PROPERTYNAME_WARNINGENABLED )
547 		nHandle = PROPERTYHANDLE_WARNINGENABLED;
548 	else if( rName == PROPERTYNAME_CONFIRMATIONENABLED )
549 		nHandle = PROPERTYHANDLE_CONFIRMATIONENABLED;
550 	// xmlsec05 depricated
551 
552 	else
553 		nHandle = PROPERTYHANDLE_INVALID;
554 
555 	return nHandle;
556 }
557 
GetOption(SvtSecurityOptions::EOption eOption,sal_Bool * & rpValue,sal_Bool * & rpRO)558 bool SvtSecurityOptions_Impl::GetOption( SvtSecurityOptions::EOption eOption, sal_Bool*& rpValue, sal_Bool*& rpRO )
559 {
560 	switch( eOption )
561 	{
562 		case SvtSecurityOptions::E_DOCWARN_SAVEORSEND:
563 			rpValue = &m_bSaveOrSend;
564 			rpRO = &m_bROSaveOrSend;
565 			break;
566 		case SvtSecurityOptions::E_DOCWARN_SIGNING:
567 			rpValue = &m_bSigning;
568 			rpRO = &m_bROSigning;
569 			break;
570 		case SvtSecurityOptions::E_DOCWARN_PRINT:
571 			rpValue = &m_bPrint;
572 			rpRO = &m_bROPrint;
573 			break;
574 		case SvtSecurityOptions::E_DOCWARN_CREATEPDF:
575 			rpValue = &m_bCreatePDF;
576 			rpRO = &m_bROCreatePDF;
577 			break;
578 		case SvtSecurityOptions::E_DOCWARN_REMOVEPERSONALINFO:
579 			rpValue = &m_bRemoveInfo;
580 			rpRO = &m_bRORemoveInfo;
581 			break;
582         case SvtSecurityOptions::E_DOCWARN_RECOMMENDPASSWORD:
583             rpValue = &m_bRecommendPwd;
584             rpRO = &m_bRORecommendPwd;
585             break;
586         case SvtSecurityOptions::E_CTRLCLICK_HYPERLINK:
587             rpValue = &m_bCtrlClickHyperlink;
588             rpRO = &m_bROCtrlClickHyperlink;
589             break;
590 		default:
591 			rpValue = NULL;
592 			rpRO = NULL;
593 			break;
594 	}
595 
596 	return rpValue != NULL;
597 }
598 
Notify(const Sequence<OUString> & seqPropertyNames)599 void SvtSecurityOptions_Impl::Notify( const Sequence< OUString >& seqPropertyNames )
600 {
601 	// Use given list of updated properties to get his values from configuration directly!
602 	Sequence< Any >			seqValues = GetProperties( seqPropertyNames );
603     Sequence< sal_Bool >	seqRO = GetReadOnlyStates( seqPropertyNames );
604 	// Safe impossible cases.
605 	// We need values from ALL notified configuration keys.
606 	DBG_ASSERT( !(seqPropertyNames.getLength()!=seqValues.getLength()), "SvtSecurityOptions_Impl::Notify()\nI miss some values of configuration keys!\n" );
607 	// Step over list of property names and get right value from coreesponding value list to set it on internal members!
608 	sal_Int32				nCount = seqPropertyNames.getLength();
609 	for( sal_Int32 nProperty = 0 ; nProperty < nCount ; ++nProperty )
610 		SetProperty( GetHandle( seqPropertyNames[ nProperty ] ), seqValues[ nProperty ], seqRO[ nProperty ] );
611 
612 	// read set of trusted authors separately
613 	LoadAuthors();
614 }
615 
Commit()616 void SvtSecurityOptions_Impl::Commit()
617 {
618 	// Get names of supported properties, create a list for values and copy current values to it.
619     Sequence< OUString >    lOrgNames = GetPropertyNames();
620     sal_Int32               nOrgCount = lOrgNames.getLength();
621 
622     Sequence< OUString >    lNames(nOrgCount);
623     Sequence< Any >         lValues(nOrgCount);
624     sal_Int32               nRealCount = 0;
625 	bool					bDone;
626 
627 	ClearNodeSet( PROPERTYNAME_MACRO_TRUSTEDAUTHORS );
628 
629     for( sal_Int32 nProperty = 0 ; nProperty < nOrgCount ; ++nProperty )
630 	{
631         switch( nProperty )
632         {
633             case PROPERTYHANDLE_SECUREURL:
634 			{
635 				bDone = !m_bROSecureURLs;
636 				if( bDone )
637 				{
638 					Sequence< OUString >	lURLs( m_seqSecureURLs );
639 					SvtPathOptions			aOpt;
640 					sal_Int32				nURLsCnt = lURLs.getLength();
641 					for( sal_Int32 nItem = 0 ; nItem < nURLsCnt ; ++nItem )
642 						lURLs[ nItem ] = aOpt.UseVariable( lURLs[ nItem ] );
643 					lValues[ nRealCount ] <<= lURLs;
644 				}
645 			}
646 			break;
647 
648 			case PROPERTYHANDLE_DOCWARN_SAVEORSEND:
649 			{
650 				bDone = !m_bROSaveOrSend;
651 				if( bDone )
652 					lValues[ nRealCount ] <<= m_bSaveOrSend;
653 			}
654 			break;
655 
656 			case PROPERTYHANDLE_DOCWARN_SIGNING:
657 			{
658 				bDone = !m_bROSigning;
659 				if( bDone )
660 					lValues[ nRealCount ] <<= m_bSigning;
661 			}
662 			break;
663 
664 			case PROPERTYHANDLE_DOCWARN_PRINT:
665 			{
666 				bDone = !m_bROPrint;
667 				if( bDone )
668 					lValues[ nRealCount ] <<= m_bPrint;
669 			}
670 			break;
671 
672 			case PROPERTYHANDLE_DOCWARN_CREATEPDF:
673 			{
674 				bDone = !m_bROCreatePDF;
675 				if( bDone )
676 					lValues[ nRealCount ] <<= m_bCreatePDF;
677 			}
678 			break;
679 
680 			case PROPERTYHANDLE_DOCWARN_REMOVEPERSONALINFO:
681 			{
682 				bDone = !m_bRORemoveInfo;
683 				if( bDone )
684 					lValues[ nRealCount ] <<= m_bRemoveInfo;
685 			}
686 			break;
687 
688             case PROPERTYHANDLE_DOCWARN_RECOMMENDPASSWORD:
689             {
690                 bDone = !m_bRORecommendPwd;
691                 if( bDone )
692                     lValues[ nRealCount ] <<= m_bRecommendPwd;
693             }
694             break;
695 
696             case PROPERTYHANDLE_CTRLCLICK_HYPERLINK:
697             {
698                 bDone = !m_bROCtrlClickHyperlink;
699                 if( bDone )
700                     lValues[ nRealCount ] <<= m_bCtrlClickHyperlink;
701             }
702             break;
703 
704             case PROPERTYHANDLE_MACRO_SECLEVEL:
705 			{
706 				bDone = !m_bROSecLevel;
707 				if( bDone )
708 					lValues[ nRealCount ] <<= m_nSecLevel;
709 			}
710 			break;
711 
712             case PROPERTYHANDLE_MACRO_TRUSTEDAUTHORS:
713 			{
714 				bDone = !m_bROTrustedAuthors;
715 				if( bDone )
716 				{
717 					sal_Int32	nCnt = m_seqTrustedAuthors.getLength();
718 					if( nCnt )
719 					{
720 						String	s;
721 						s.AppendAscii( CSTR_MACRO_TRUSTEDAUTHORS );
722 						s.AppendAscii( "/a" );
723 
724 						Sequence< Sequence< com::sun::star::beans::PropertyValue > > lPropertyValuesSeq( nCnt );
725 						for( sal_Int32 i = 0 ; i < nCnt ; ++i )
726 						{
727 							String	aPrefix( s );
728 							aPrefix += String::CreateFromInt32( i );
729 							aPrefix.AppendAscii( "/" );
730 							Sequence< com::sun::star::beans::PropertyValue >	lPropertyValues( 3 );
731 							lPropertyValues[ 0 ].Name = aPrefix + PROPERTYNAME_TRUSTEDAUTHOR_SUBJECTNAME;
732 							lPropertyValues[ 0 ].Value <<= m_seqTrustedAuthors[ i ][0];
733 							lPropertyValues[ 1 ].Name = aPrefix + PROPERTYNAME_TRUSTEDAUTHOR_SERIALNUMBER;
734 							lPropertyValues[ 1 ].Value <<= m_seqTrustedAuthors[ i ][1];
735 							lPropertyValues[ 2 ].Name = aPrefix + PROPERTYNAME_TRUSTEDAUTHOR_RAWDATA;
736 							lPropertyValues[ 2 ].Value <<= m_seqTrustedAuthors[ i ][2];
737 
738 
739 							SetSetProperties( PROPERTYNAME_MACRO_TRUSTEDAUTHORS, lPropertyValues );
740 						}
741 
742 						bDone = false;		// because we save in loop above!
743 					}
744 					else
745 						bDone = false;
746 				}
747 			}
748 			break;
749 
750             case PROPERTYHANDLE_MACRO_DISABLE:
751 			{
752 				bDone = !m_bRODisableMacros;
753 				if( bDone )
754 					lValues[ nRealCount ] <<= (sal_Bool)m_bDisableMacros;
755 			}
756 			break;
757 
758 
759 			// xmlsec05 depricated
760             case PROPERTYHANDLE_STAROFFICEBASIC:
761 			{
762 				bDone = !m_bROBasicMode;
763 				if( bDone )
764 					lValues[ nRealCount ] <<= (sal_Int32)m_eBasicMode;
765 			}
766 			break;
767             case PROPERTYHANDLE_EXECUTEPLUGINS:
768 			{
769 				bDone = !m_bROExecutePlugins;
770 				if( bDone )
771 					lValues[ nRealCount ] <<= m_bExecutePlugins;
772 			}
773 			break;
774             case PROPERTYHANDLE_WARNINGENABLED:
775 			{
776 				bDone = !m_bROWarning;
777 				if( bDone )
778 					lValues[ nRealCount ] <<= m_bWarning;
779 			}
780 			break;
781             case PROPERTYHANDLE_CONFIRMATIONENABLED:
782 			{
783 				bDone = !m_bROConfirmation;
784 				if( bDone )
785 					lValues[ nRealCount ] <<= m_bConfirmation;
786 			}
787 			break;
788 			// xmlsec05 depricated
789 
790 
791 			default:
792 				bDone = false;
793 		}
794 
795 		if( bDone )
796 		{
797 			lNames[ nRealCount ] = lOrgNames[ nProperty ];
798 			++nRealCount;
799 		}
800 	}
801 	// Set properties in configuration.
802     lNames.realloc(nRealCount);
803     lValues.realloc(nRealCount);
804     PutProperties( lNames, lValues );
805 }
806 
IsReadOnly(SvtSecurityOptions::EOption eOption) const807 sal_Bool SvtSecurityOptions_Impl::IsReadOnly( SvtSecurityOptions::EOption eOption ) const
808 {
809     sal_Bool	bReadonly;
810     switch(eOption)
811     {
812         case SvtSecurityOptions::E_SECUREURLS :
813             bReadonly = m_bROSecureURLs;
814             break;
815 		case SvtSecurityOptions::E_DOCWARN_SAVEORSEND:
816 			bReadonly = m_bROSaveOrSend;
817 			break;
818 		case SvtSecurityOptions::E_DOCWARN_SIGNING:
819 			bReadonly = m_bROSigning;
820 			break;
821 		case SvtSecurityOptions::E_DOCWARN_PRINT:
822 			bReadonly = m_bROPrint;
823 			break;
824 		case SvtSecurityOptions::E_DOCWARN_CREATEPDF:
825 			bReadonly = m_bROCreatePDF;
826 			break;
827 		case SvtSecurityOptions::E_DOCWARN_REMOVEPERSONALINFO:
828 			bReadonly = m_bRORemoveInfo;
829 			break;
830         case SvtSecurityOptions::E_DOCWARN_RECOMMENDPASSWORD:
831             bReadonly = m_bRORecommendPwd;
832             break;
833 		case SvtSecurityOptions::E_MACRO_SECLEVEL:
834 			bReadonly = m_bROSecLevel;
835 			break;
836 		case SvtSecurityOptions::E_MACRO_TRUSTEDAUTHORS:
837 			bReadonly = m_bROTrustedAuthors;
838 			break;
839 		case SvtSecurityOptions::E_MACRO_DISABLE:
840 			bReadonly = m_bRODisableMacros;
841 			break;
842         case SvtSecurityOptions::E_CTRLCLICK_HYPERLINK:
843             bReadonly = m_bROCtrlClickHyperlink;
844             break;
845 
846 
847 		// xmlsec05 depricated
848 		case SvtSecurityOptions::E_BASICMODE:
849 			bReadonly = m_bROBasicMode;
850 			break;
851 		case SvtSecurityOptions::E_EXECUTEPLUGINS:
852 			bReadonly = m_bROExecutePlugins;
853 			break;
854 		case SvtSecurityOptions::E_WARNING:
855 			bReadonly = m_bROWarning;
856 			break;
857 		case SvtSecurityOptions::E_CONFIRMATION:
858 			bReadonly = m_bROConfirmation;
859 			break;
860 		// xmlsec05 depricated
861 
862 
863 		default:
864 			bReadonly = sal_True;
865     }
866 
867     return bReadonly;
868 }
869 
GetSecureURLs() const870 Sequence< OUString > SvtSecurityOptions_Impl::GetSecureURLs() const
871 {
872 	return m_seqSecureURLs;
873 }
874 
SetSecureURLs(const Sequence<OUString> & seqURLList)875 void SvtSecurityOptions_Impl::SetSecureURLs( const Sequence< OUString >& seqURLList )
876 {
877     DBG_ASSERT(!m_bROSecureURLs, "SvtSecurityOptions_Impl::SetSecureURLs()\nYou tried to write on a readonly value!\n");
878     if (!m_bROSecureURLs && m_seqSecureURLs!=seqURLList)
879     {
880         m_seqSecureURLs = seqURLList;
881         SetModified();
882     }
883 }
884 
IsSecureURL(const OUString & sURL,const OUString & sReferer) const885 sal_Bool SvtSecurityOptions_Impl::IsSecureURL(	const	OUString&	sURL	,
886 												const	OUString&	sReferer) const
887 {
888 	sal_Bool bState = sal_False;
889 
890     // Check for uncritical protocols first
891     // All protocols different from "macro..." and "slot..." are secure per definition and must not be checked.
892     // "macro://#..." means AppBasic macros that are considered safe
893     INetURLObject   aURL        ( sURL );
894     INetProtocol    aProtocol   = aURL.GetProtocol();
895 
896     // All other URLs must checked in combination with referer and internal information about security
897     if ( (aProtocol != INET_PROT_MACRO && aProtocol !=  INET_PROT_SLOT) ||
898          aURL.GetMainURL( INetURLObject::NO_DECODE ).matchIgnoreAsciiCaseAsciiL( "macro:///", 9 ) == 0)
899     {
900         // security check only for "macro" ( without app basic ) or "slot" protocols
901         bState = sal_True;
902     }
903     else
904 	{
905         //  check list of allowed URL patterns
906         // Trusted referer given?
907         // NO  => bState will be false per default
908         // YES => search for it in our internal url list
909         if( sReferer.getLength() > 0 )
910         {
911             // Search in internal list
912             ::rtl::OUString sRef = sReferer.toAsciiLowerCase();
913             sal_uInt32 nCount = m_seqSecureURLs.getLength();
914             for( sal_uInt32 nItem=0; nItem<nCount; ++nItem )
915             {
916                 OUString sCheckURL = m_seqSecureURLs[nItem].toAsciiLowerCase();
917                 sCheckURL += OUString(RTL_CONSTASCII_USTRINGPARAM("*"));
918                 if( WildCard( sCheckURL ).Matches( sRef ) == sal_True )
919                 {
920                     bState = sal_True;
921                     break;
922                 }
923             }
924 
925             if ( !bState )
926                 bState = sRef.compareToAscii("private:user") == COMPARE_EQUAL;
927         }
928 	}
929 
930 	// Return result of operation.
931 	return bState;
932 }
933 
GetMacroSecurityLevel() const934 inline sal_Int32 SvtSecurityOptions_Impl::GetMacroSecurityLevel() const
935 {
936 	return m_nSecLevel;
937 }
938 
IsMacroDisabled() const939 inline sal_Bool SvtSecurityOptions_Impl::IsMacroDisabled() const
940 {
941 	return m_bDisableMacros;
942 }
943 
SetMacroSecurityLevel(sal_Int32 _nLevel)944 void SvtSecurityOptions_Impl::SetMacroSecurityLevel( sal_Int32 _nLevel )
945 {
946 	if( !m_bROSecLevel )
947 	{
948 		if( _nLevel > 3 || _nLevel < 0 )
949 			_nLevel = 3;
950 
951 		if( m_nSecLevel != _nLevel )
952 		{
953 			m_nSecLevel = _nLevel;
954 			SetModified();
955 		}
956 	}
957 }
958 
GetTrustedAuthors() const959 Sequence< SvtSecurityOptions::Certificate > SvtSecurityOptions_Impl::GetTrustedAuthors() const
960 {
961 	return m_seqTrustedAuthors;
962 }
963 
SetTrustedAuthors(const Sequence<SvtSecurityOptions::Certificate> & rAuthors)964 void SvtSecurityOptions_Impl::SetTrustedAuthors( const Sequence< SvtSecurityOptions::Certificate >& rAuthors )
965 {
966     DBG_ASSERT(!m_bROTrustedAuthors, "SvtSecurityOptions_Impl::SetTrustedAuthors()\nYou tried to write on a readonly value!\n");
967 	if( !m_bROTrustedAuthors && rAuthors != m_seqTrustedAuthors )
968 	{
969 		m_seqTrustedAuthors = rAuthors;
970 		SetModified();
971 	}
972 }
973 
IsTrustedAuthorsEnabled()974 sal_Bool SvtSecurityOptions_Impl::IsTrustedAuthorsEnabled()
975 {
976 	return m_bROTrustedAuthors;
977 }
978 
IsOptionSet(SvtSecurityOptions::EOption eOption) const979 sal_Bool SvtSecurityOptions_Impl::IsOptionSet( SvtSecurityOptions::EOption eOption ) const
980 {
981 	sal_Bool*	pValue;
982 	sal_Bool*	pRO;
983 	sal_Bool	bRet = sal_False;
984 
985 	if( ( const_cast< SvtSecurityOptions_Impl* >( this ) )->GetOption( eOption, pValue, pRO ) )
986 		bRet = *pValue;
987 
988 	return bRet;
989 }
990 
SetOption(SvtSecurityOptions::EOption eOption,sal_Bool bValue)991 sal_Bool SvtSecurityOptions_Impl::SetOption( SvtSecurityOptions::EOption eOption, sal_Bool bValue )
992 {
993 	sal_Bool*	pValue;
994 	sal_Bool*	pRO;
995 	sal_Bool	bRet = sal_False;
996 
997 	if( GetOption( eOption, pValue, pRO ) )
998 	{
999 		if( !*pRO )
1000 		{
1001 			bRet = sal_True;
1002 			if( *pValue != bValue )
1003 			{
1004 				*pValue = bValue;
1005 				SetModified();
1006 			}
1007 		}
1008 	}
1009 
1010 	return bRet;
1011 }
1012 
IsOptionEnabled(SvtSecurityOptions::EOption eOption) const1013 sal_Bool SvtSecurityOptions_Impl::IsOptionEnabled( SvtSecurityOptions::EOption eOption ) const
1014 {
1015 	sal_Bool*	pValue;
1016 	sal_Bool*	pRO;
1017 	sal_Bool	bRet = sal_False;
1018 
1019 	if( ( const_cast< SvtSecurityOptions_Impl* >( this ) )->GetOption( eOption, pValue, pRO ) )
1020 		bRet = !*pRO;
1021 
1022 	return bRet;
1023 }
1024 
GetPropertyNames()1025 Sequence< OUString > SvtSecurityOptions_Impl::GetPropertyNames()
1026 {
1027 	// Build static list of configuration key names.
1028 	static const OUString pProperties[] =
1029 	{
1030 		PROPERTYNAME_SECUREURL,
1031 		PROPERTYNAME_STAROFFICEBASIC,
1032 		PROPERTYNAME_EXECUTEPLUGINS,
1033 		PROPERTYNAME_WARNINGENABLED,
1034 		PROPERTYNAME_CONFIRMATIONENABLED,
1035 		PROPERTYNAME_DOCWARN_SAVEORSEND,
1036 		PROPERTYNAME_DOCWARN_SIGNING,
1037 		PROPERTYNAME_DOCWARN_PRINT,
1038 		PROPERTYNAME_DOCWARN_CREATEPDF,
1039 		PROPERTYNAME_DOCWARN_REMOVEPERSONALINFO,
1040         PROPERTYNAME_DOCWARN_RECOMMENDPASSWORD,
1041         PROPERTYNAME_CTRLCLICK_HYPERLINK,
1042 		PROPERTYNAME_MACRO_SECLEVEL,
1043 		PROPERTYNAME_MACRO_TRUSTEDAUTHORS,
1044 		PROPERTYNAME_MACRO_DISABLE
1045 	};
1046 	// Initialize return sequence with these list ...
1047 	static const Sequence< OUString > seqPropertyNames( pProperties, PROPERTYCOUNT );
1048 	// ... and return it.
1049 	return seqPropertyNames;
1050 }
1051 
1052 //*****************************************************************************************************************
1053 //	initialize static member
1054 //	DON'T DO IT IN YOUR HEADER!
1055 //	see definition for further informations
1056 //*****************************************************************************************************************
1057 SvtSecurityOptions_Impl*	SvtSecurityOptions::m_pDataContainer	= NULL	;
1058 sal_Int32					SvtSecurityOptions::m_nRefCount			= 0		;
1059 
SvtSecurityOptions()1060 SvtSecurityOptions::SvtSecurityOptions()
1061 {
1062     // Global access, must be guarded (multithreading!).
1063     MutexGuard aGuard( GetInitMutex() );
1064 	// Increase ouer refcount ...
1065 	++m_nRefCount;
1066 	// ... and initialize ouer data container only if it not already exist!
1067     if( m_pDataContainer == NULL )
1068 	{
1069         RTL_LOGFILE_CONTEXT(aLog, "unotools ( ??? ) ::SvtSecurityOptions_Impl::ctor()");
1070         m_pDataContainer = new SvtSecurityOptions_Impl;
1071 
1072         ItemHolder1::holdConfigItem(E_SECURITYOPTIONS);
1073 	}
1074 }
1075 
~SvtSecurityOptions()1076 SvtSecurityOptions::~SvtSecurityOptions()
1077 {
1078     // Global access, must be guarded (multithreading!)
1079     MutexGuard aGuard( GetInitMutex() );
1080 	// Decrease ouer refcount.
1081 	--m_nRefCount;
1082 	// If last instance was deleted ...
1083 	// we must destroy ouer static data container!
1084     if( m_nRefCount <= 0 )
1085 	{
1086 		delete m_pDataContainer;
1087 		m_pDataContainer = NULL;
1088 	}
1089 }
1090 
IsReadOnly(EOption eOption) const1091 sal_Bool SvtSecurityOptions::IsReadOnly( EOption eOption ) const
1092 {
1093     MutexGuard aGuard( GetInitMutex() );
1094     return m_pDataContainer->IsReadOnly(eOption);
1095 }
1096 
GetSecureURLs() const1097 Sequence< OUString > SvtSecurityOptions::GetSecureURLs() const
1098 {
1099     MutexGuard aGuard( GetInitMutex() );
1100 	return m_pDataContainer->GetSecureURLs();
1101 }
1102 
SetSecureURLs(const Sequence<OUString> & seqURLList)1103 void SvtSecurityOptions::SetSecureURLs( const Sequence< OUString >& seqURLList )
1104 {
1105     MutexGuard aGuard( GetInitMutex() );
1106 	m_pDataContainer->SetSecureURLs( seqURLList );
1107 }
1108 
IsSecureURL(const OUString & sURL,const OUString & sReferer) const1109 sal_Bool SvtSecurityOptions::IsSecureURL(	const	OUString&	sURL		,
1110 											const	OUString&	sReferer	) const
1111 {
1112     MutexGuard aGuard( GetInitMutex() );
1113 	return m_pDataContainer->IsSecureURL( sURL, sReferer );
1114 }
1115 
GetMacroSecurityLevel() const1116 sal_Int32 SvtSecurityOptions::GetMacroSecurityLevel() const
1117 {
1118     MutexGuard aGuard( GetInitMutex() );
1119 	return m_pDataContainer->GetMacroSecurityLevel();
1120 }
1121 
SetMacroSecurityLevel(sal_Int32 _nLevel)1122 void SvtSecurityOptions::SetMacroSecurityLevel( sal_Int32 _nLevel )
1123 {
1124     MutexGuard aGuard( GetInitMutex() );
1125 	m_pDataContainer->SetMacroSecurityLevel( _nLevel );
1126 }
1127 
IsMacroDisabled() const1128 sal_Bool SvtSecurityOptions::IsMacroDisabled() const
1129 {
1130     MutexGuard aGuard( GetInitMutex() );
1131 	return m_pDataContainer->IsMacroDisabled();
1132 }
1133 
GetTrustedAuthors() const1134 Sequence< SvtSecurityOptions::Certificate > SvtSecurityOptions::GetTrustedAuthors() const
1135 {
1136     MutexGuard aGuard( GetInitMutex() );
1137 	return m_pDataContainer->GetTrustedAuthors();
1138 }
1139 
SetTrustedAuthors(const Sequence<Certificate> & rAuthors)1140 void SvtSecurityOptions::SetTrustedAuthors( const Sequence< Certificate >& rAuthors	)
1141 {
1142     MutexGuard aGuard( GetInitMutex() );
1143 	m_pDataContainer->SetTrustedAuthors( rAuthors );
1144 }
1145 
IsTrustedAuthorsEnabled()1146 sal_Bool SvtSecurityOptions::IsTrustedAuthorsEnabled()
1147 {
1148     MutexGuard aGuard( GetInitMutex() );
1149 	return m_pDataContainer->IsTrustedAuthorsEnabled();
1150 }
1151 
IsOptionSet(EOption eOption) const1152 bool SvtSecurityOptions::IsOptionSet( EOption eOption ) const
1153 {
1154     MutexGuard aGuard( GetInitMutex() );
1155 	return m_pDataContainer->IsOptionSet( eOption );
1156 }
1157 
SetOption(EOption eOption,bool bValue)1158 bool SvtSecurityOptions::SetOption( EOption eOption, bool bValue )
1159 {
1160     MutexGuard aGuard( GetInitMutex() );
1161 	return m_pDataContainer->SetOption( eOption, bValue );
1162 }
1163 
IsOptionEnabled(EOption eOption) const1164 bool SvtSecurityOptions::IsOptionEnabled( EOption eOption ) const
1165 {
1166     MutexGuard aGuard( GetInitMutex() );
1167 	return m_pDataContainer->IsOptionEnabled( eOption );
1168 }
1169 
GetInitMutex()1170 Mutex& SvtSecurityOptions::GetInitMutex()
1171 {
1172 	// Initialize static mutex only for one time!
1173     static Mutex* pMutex = NULL;
1174 	// If these method first called (Mutex not already exist!) ...
1175     if( pMutex == NULL )
1176     {
1177 		// ... we must create a new one. Protect follow code with the global mutex -
1178 		// It must be - we create a static variable!
1179         MutexGuard aGuard( Mutex::getGlobalMutex() );
1180 		// We must check our pointer again - because it can be that another instance of ouer class will be faster then these!
1181         if( pMutex == NULL )
1182         {
1183 			// Create the new mutex and set it for return on static variable.
1184             static Mutex aMutex;
1185             pMutex = &aMutex;
1186         }
1187     }
1188 	// Return new created or already existing mutex object.
1189     return *pMutex;
1190 }
1191 
1192 
1193 
1194 
1195 // xmlsec05 depricated
1196 
GetBasicMode() const1197 EBasicSecurityMode SvtSecurityOptions_Impl::GetBasicMode() const
1198 {
1199 	return m_eBasicMode;
1200 }
1201 
SetBasicMode(EBasicSecurityMode eMode)1202 void SvtSecurityOptions_Impl::SetBasicMode( EBasicSecurityMode eMode )
1203 {
1204     DBG_ASSERT(!m_bROBasicMode, "SvtSecurityOptions_Impl::SetBasicMode()\nYou tried to write on a readonly value!\n");
1205     if (!m_bROBasicMode && m_eBasicMode!=eMode)
1206     {
1207         m_eBasicMode = eMode;
1208         SetModified();
1209     }
1210 }
1211 
IsExecutePlugins() const1212 sal_Bool SvtSecurityOptions_Impl::IsExecutePlugins() const
1213 {
1214     return m_bExecutePlugins;
1215 }
1216 
SetExecutePlugins(sal_Bool bSet)1217 void SvtSecurityOptions_Impl::SetExecutePlugins( sal_Bool bSet )
1218 {
1219     DBG_ASSERT(!m_bROExecutePlugins, "SvtSecurityOptions_Impl::SetExecutePlugins()\nYou tried to write on a readonly value!\n");
1220     if (!m_bROExecutePlugins && m_bExecutePlugins!=bSet)
1221     {
1222         m_bExecutePlugins = bSet;
1223         SetModified();
1224     }
1225 }
1226 
IsWarningEnabled() const1227 sal_Bool SvtSecurityOptions_Impl::IsWarningEnabled() const
1228 {
1229     return m_bWarning;
1230 }
1231 
SetWarningEnabled(sal_Bool bSet)1232 void SvtSecurityOptions_Impl::SetWarningEnabled( sal_Bool bSet )
1233 {
1234     DBG_ASSERT(!m_bROWarning, "SvtSecurityOptions_Impl::SetWarningEnabled()\nYou tried to write on a readonly value!\n");
1235     if (!m_bROWarning && m_bWarning!=bSet)
1236     {
1237         m_bWarning = bSet;
1238         SetModified();
1239     }
1240 }
1241 
IsConfirmationEnabled() const1242 sal_Bool SvtSecurityOptions_Impl::IsConfirmationEnabled() const
1243 {
1244     return m_bConfirmation;
1245 }
1246 
SetConfirmationEnabled(sal_Bool bSet)1247 void SvtSecurityOptions_Impl::SetConfirmationEnabled( sal_Bool bSet )
1248 {
1249     DBG_ASSERT(!m_bROConfirmation, "SvtSecurityOptions_Impl::SetConfirmationEnabled()\nYou tried to write on a readonly value!\n");
1250     if (!m_bROConfirmation && m_bConfirmation!=bSet)
1251     {
1252         m_bConfirmation = bSet;
1253         SetModified();
1254     }
1255 }
1256 
1257 
IsExecutePlugins() const1258 sal_Bool SvtSecurityOptions::IsExecutePlugins() const
1259 {
1260     MutexGuard aGuard( GetInitMutex() );
1261     return m_pDataContainer->IsExecutePlugins();
1262 }
1263 
SetExecutePlugins(sal_Bool bSet)1264 void SvtSecurityOptions::SetExecutePlugins( sal_Bool bSet )
1265 {
1266     MutexGuard aGuard( GetInitMutex() );
1267     m_pDataContainer->SetExecutePlugins( bSet );
1268 }
1269 
IsWarningEnabled() const1270 sal_Bool SvtSecurityOptions::IsWarningEnabled() const
1271 {
1272     MutexGuard aGuard( GetInitMutex() );
1273     return m_pDataContainer->IsWarningEnabled();
1274 }
1275 
SetWarningEnabled(sal_Bool bSet)1276 void SvtSecurityOptions::SetWarningEnabled( sal_Bool bSet )
1277 {
1278     MutexGuard aGuard( GetInitMutex() );
1279     m_pDataContainer->SetWarningEnabled( bSet );
1280 }
1281 
IsConfirmationEnabled() const1282 sal_Bool SvtSecurityOptions::IsConfirmationEnabled() const
1283 {
1284     MutexGuard aGuard( GetInitMutex() );
1285     return m_pDataContainer->IsConfirmationEnabled();
1286 }
1287 
SetConfirmationEnabled(sal_Bool bSet)1288 void SvtSecurityOptions::SetConfirmationEnabled( sal_Bool bSet )
1289 {
1290     MutexGuard aGuard( GetInitMutex() );
1291     m_pDataContainer->SetConfirmationEnabled( bSet );
1292 }
1293 
SetBasicMode(EBasicSecurityMode eMode)1294 void SvtSecurityOptions::SetBasicMode( EBasicSecurityMode eMode )
1295 {
1296     MutexGuard aGuard( GetInitMutex() );
1297 	m_pDataContainer->SetBasicMode( eMode );
1298 }
1299 
GetBasicMode() const1300 EBasicSecurityMode SvtSecurityOptions::GetBasicMode() const
1301 {
1302     MutexGuard aGuard( GetInitMutex() );
1303 	return m_pDataContainer->GetBasicMode();
1304 }
1305 
1306