search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
lok: impress: show only supported transitions in the side pane
[LibreOffice.git] / sfx2 / source / doc / docmacromode.cxx
blob13954b06f6d87651673d98dc69404bd8ded960ad
1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /*
3 * This file is part of the LibreOffice project.
4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 *
9 * This file incorporates work covered by the following license notice:
10 *
11 * Licensed to the Apache Software Foundation (ASF) under one or more
12 * contributor license agreements. See the NOTICE file distributed
13 * with this work for additional information regarding copyright
14 * ownership. The ASF licenses this file to you under the Apache
15 * License, Version 2.0 (the "License"); you may not use this file
16 * except in compliance with the License. You may obtain a copy of
17 * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 */
19
20 #include <config_features.h>
21
22 #include <sfx2/docmacromode.hxx>
23 #include <sfx2/signaturestate.hxx>
24 #include <sfx2/docfile.hxx>
25
26 #include <com/sun/star/document/MacroExecMode.hpp>
27 #include <com/sun/star/task/ErrorCodeRequest.hpp>
28 #include <com/sun/star/task/DocumentMacroConfirmationRequest.hpp>
29 #include <com/sun/star/task/InteractionClassification.hpp>
30 #include <com/sun/star/security/DocumentDigitalSignatures.hpp>
31 #include <com/sun/star/script/XLibraryContainer.hpp>
32 #include <com/sun/star/document/XEmbeddedScripts.hpp>
33
34 #include <comphelper/processfactory.hxx>
35 #include <framework/interaction.hxx>
36 #include <osl/file.hxx>
37 #include <rtl/ref.hxx>
38 #include <unotools/securityoptions.hxx>
39 #include <svtools/sfxecode.hxx>
40 #include <tools/diagnose_ex.h>
41 #include <tools/urlobj.hxx>
42
43
44 namespace sfx2
45 {
46
47
48 using ::com::sun::star::uno::Reference;
49 using ::com::sun::star::task::XInteractionHandler;
50 using ::com::sun::star::uno::Any;
51 using ::com::sun::star::uno::Sequence;
52 using ::com::sun::star::task::DocumentMacroConfirmationRequest;
53 using ::com::sun::star::task::ErrorCodeRequest;
54 using ::com::sun::star::uno::Exception;
55 using ::com::sun::star::security::DocumentDigitalSignatures;
56 using ::com::sun::star::security::XDocumentDigitalSignatures;
57 using ::com::sun::star::embed::XStorage;
58 using ::com::sun::star::document::XEmbeddedScripts;
59 using ::com::sun::star::script::XLibraryContainer;
60 using ::com::sun::star::container::XNameAccess;
61 using ::com::sun::star::uno::UNO_QUERY_THROW;
62
63 namespace MacroExecMode = ::com::sun::star::document::MacroExecMode;
64
65
66 //= DocumentMacroMode_Data
67
68 struct DocumentMacroMode_Data
69 {
70 IMacroDocumentAccess& m_rDocumentAccess;
71 bool m_bMacroDisabledMessageShown;
72 bool m_bDocMacroDisabledMessageShown;
73
74 explicit DocumentMacroMode_Data( IMacroDocumentAccess& rDocumentAccess )
75 :m_rDocumentAccess( rDocumentAccess )
76 ,m_bMacroDisabledMessageShown( false )
77 ,m_bDocMacroDisabledMessageShown( false )
78 {
79 }
80 };
81
82
83 //= helper
84
85 namespace
86 {
87
88 void lcl_showGeneralSfxErrorOnce( const Reference< XInteractionHandler >& rxHandler, ErrCode nSfxErrorCode, bool& rbAlreadyShown )
89 {
90 if ( rbAlreadyShown )
91 return;
92
93 ErrorCodeRequest aErrorCodeRequest;
94 aErrorCodeRequest.ErrCode = sal_uInt32(nSfxErrorCode);
95
96 SfxMedium::CallApproveHandler( rxHandler, makeAny( aErrorCodeRequest ), false );
97 rbAlreadyShown = true;
98 }
99
100
101 void lcl_showMacrosDisabledError( const Reference< XInteractionHandler >& rxHandler, bool& rbAlreadyShown )
102 {
103 lcl_showGeneralSfxErrorOnce( rxHandler, ERRCODE_SFX_MACROS_SUPPORT_DISABLED, rbAlreadyShown );
104 }
105
106
107 void lcl_showDocumentMacrosDisabledError( const Reference< XInteractionHandler >& rxHandler, bool& rbAlreadyShown )
108 {
109 #ifdef MACOSX
110 lcl_showGeneralSfxErrorOnce( rxHandler, ERRCODE_SFX_DOCUMENT_MACRO_DISABLED_MAC, rbAlreadyShown );
111 #else
112 lcl_showGeneralSfxErrorOnce( rxHandler, ERRCODE_SFX_DOCUMENT_MACRO_DISABLED, rbAlreadyShown );
113 #endif
114 }
115
116
117 bool lcl_showMacroWarning( const Reference< XInteractionHandler >& rxHandler,
118 const OUString& rDocumentLocation )
119 {
120 DocumentMacroConfirmationRequest aRequest;
121 aRequest.DocumentURL = rDocumentLocation;
122 return SfxMedium::CallApproveHandler( rxHandler, makeAny( aRequest ), true );
123 }
124 }
125
126 //= DocumentMacroMode
127 DocumentMacroMode::DocumentMacroMode( IMacroDocumentAccess& rDocumentAccess )
128 :m_xData( new DocumentMacroMode_Data( rDocumentAccess ) )
129 {
130 }
131
132 bool DocumentMacroMode::allowMacroExecution()
133 {
134 m_xData->m_rDocumentAccess.setCurrentMacroExecMode( MacroExecMode::ALWAYS_EXECUTE_NO_WARN );
135 return true;
136 }
137
138 bool DocumentMacroMode::disallowMacroExecution()
139 {
140 m_xData->m_rDocumentAccess.setCurrentMacroExecMode( MacroExecMode::NEVER_EXECUTE );
141 return false;
142 }
143
144 bool DocumentMacroMode::adjustMacroMode( const Reference< XInteractionHandler >& rxInteraction )
145 {
146 sal_uInt16 nMacroExecutionMode = m_xData->m_rDocumentAccess.getCurrentMacroExecMode();
147
148 if ( SvtSecurityOptions().IsMacroDisabled() )
149 {
150 // no macro should be executed at all
151 lcl_showMacrosDisabledError( rxInteraction, m_xData->m_bMacroDisabledMessageShown );
152 return disallowMacroExecution();
153 }
154
155 // get setting from configuration if required
156 enum AutoConfirmation
157 {
158 eNoAutoConfirm,
159 eAutoConfirmApprove,
160 eAutoConfirmReject
161 };
162 AutoConfirmation eAutoConfirm( eNoAutoConfirm );
163
164 if ( ( nMacroExecutionMode == MacroExecMode::USE_CONFIG )
165 || ( nMacroExecutionMode == MacroExecMode::USE_CONFIG_REJECT_CONFIRMATION )
166 || ( nMacroExecutionMode == MacroExecMode::USE_CONFIG_APPROVE_CONFIRMATION )
167 )
168 {
169 SvtSecurityOptions aOpt;
170 switch ( aOpt.GetMacroSecurityLevel() )
171 {
172 case 3:
173 nMacroExecutionMode = MacroExecMode::FROM_LIST_NO_WARN;
174 break;
175 case 2:
176 nMacroExecutionMode = MacroExecMode::FROM_LIST_AND_SIGNED_WARN;
177 break;
178 case 1:
179 nMacroExecutionMode = MacroExecMode::ALWAYS_EXECUTE;
180 break;
181 case 0:
182 nMacroExecutionMode = MacroExecMode::ALWAYS_EXECUTE_NO_WARN;
183 break;
184 default:
185 OSL_FAIL( "DocumentMacroMode::adjustMacroMode: unexpected macro security level!" );
186 nMacroExecutionMode = MacroExecMode::NEVER_EXECUTE;
187 }
188
189 if ( nMacroExecutionMode == MacroExecMode::USE_CONFIG_REJECT_CONFIRMATION )
190 eAutoConfirm = eAutoConfirmReject;
191 else if ( nMacroExecutionMode == MacroExecMode::USE_CONFIG_APPROVE_CONFIRMATION )
192 eAutoConfirm = eAutoConfirmApprove;
193 }
194
195 if ( nMacroExecutionMode == MacroExecMode::NEVER_EXECUTE )
196 return false;
197
198 if ( nMacroExecutionMode == MacroExecMode::ALWAYS_EXECUTE_NO_WARN )
199 return true;
200
201 try
202 {
203 // get document location from medium name and check whether it is a trusted one
204 // the service is created without document version, since it is not of interest here
205 Reference< XDocumentDigitalSignatures > xSignatures(DocumentDigitalSignatures::createDefault(::comphelper::getProcessComponentContext()));
206 INetURLObject aURLReferer( m_xData->m_rDocumentAccess.getDocumentLocation() );
207
208 OUString aLocation;
209 if ( aURLReferer.removeSegment() )
210 aLocation = aURLReferer.GetMainURL( INetURLObject::DecodeMechanism::NONE );
211
212 if ( !aLocation.isEmpty() && xSignatures->isLocationTrusted( aLocation ) )
213 {
214 return allowMacroExecution();
215 }
216
217 // at this point it is clear that the document is not in the secure location
218 if ( nMacroExecutionMode == MacroExecMode::FROM_LIST_NO_WARN )
219 {
220 lcl_showDocumentMacrosDisabledError( rxInteraction, m_xData->m_bDocMacroDisabledMessageShown );
221 return disallowMacroExecution();
222 }
223
224 // check whether the document is signed with trusted certificate
225 if ( nMacroExecutionMode != MacroExecMode::FROM_LIST )
226 {
227 // the trusted macro check will also retrieve the signature state ( small optimization )
228 bool bHasTrustedMacroSignature = m_xData->m_rDocumentAccess.hasTrustedScriptingSignature( nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN );
229
230 SignatureState nSignatureState = m_xData->m_rDocumentAccess.getScriptingSignatureState();
231 if ( nSignatureState == SignatureState::BROKEN )
232 {
233 return disallowMacroExecution();
234 }
235 else if ( bHasTrustedMacroSignature )
236 {
237 // there is trusted macro signature, allow macro execution
238 return allowMacroExecution();
239 }
240 else if ( nSignatureState == SignatureState::OK
241 || nSignatureState == SignatureState::NOTVALIDATED )
242 {
243 // there is valid signature, but it is not from the trusted author
244 return disallowMacroExecution();
245 }
246 }
247
248 // at this point it is clear that the document is neither in secure location nor signed with trusted certificate
249 if ( ( nMacroExecutionMode == MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN )
250 || ( nMacroExecutionMode == MacroExecMode::FROM_LIST_AND_SIGNED_WARN )
251 )
252 {
253 if ( nMacroExecutionMode == MacroExecMode::FROM_LIST_AND_SIGNED_WARN )
254 lcl_showDocumentMacrosDisabledError( rxInteraction, m_xData->m_bDocMacroDisabledMessageShown );
255
256 return disallowMacroExecution();
257 }
258 }
259 catch ( const Exception& )
260 {
261 if ( ( nMacroExecutionMode == MacroExecMode::FROM_LIST_NO_WARN )
262 || ( nMacroExecutionMode == MacroExecMode::FROM_LIST_AND_SIGNED_WARN )
263 || ( nMacroExecutionMode == MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN )
264 )
265 {
266 return disallowMacroExecution();
267 }
268 }
269
270 // confirmation is required
271 bool bSecure = false;
272
273 if ( eAutoConfirm == eNoAutoConfirm )
274 {
275 OUString sReferrer( m_xData->m_rDocumentAccess.getDocumentLocation() );
276
277 OUString aSystemFileURL;
278 if ( osl::FileBase::getSystemPathFromFileURL( sReferrer, aSystemFileURL ) == osl::FileBase::E_None )
279 sReferrer = aSystemFileURL;
280
281 bSecure = lcl_showMacroWarning( rxInteraction, sReferrer );
282 }
283 else
284 bSecure = ( eAutoConfirm == eAutoConfirmApprove );
285
286 return ( bSecure ? allowMacroExecution() : disallowMacroExecution() );
287 }
288
289
290 bool DocumentMacroMode::isMacroExecutionDisallowed() const
291 {
292 return m_xData->m_rDocumentAccess.getCurrentMacroExecMode() == MacroExecMode::NEVER_EXECUTE;
293 }
294
295
296 bool DocumentMacroMode::containerHasBasicMacros( const Reference< XLibraryContainer >& xContainer )
297 {
298 bool bHasMacroLib = false;
299 try
300 {
301 if ( xContainer.is() )
302 {
303 // a library container exists; check if it's empty
304
305 // if there are libraries except the "Standard" library
306 // we assume that they are not empty (because they have been created by the user)
307 if ( !xContainer->hasElements() )
308 bHasMacroLib = false;
309 else
310 {
311 const OUString aStdLibName( "Standard" );
312 const OUString aVBAProject( "VBAProject" );
313 const Sequence< OUString > aElements = xContainer->getElementNames();
314 for( const OUString& aElement : aElements )
315 {
316 if( aElement == aStdLibName || aElement == aVBAProject )
317 {
318 Reference < XNameAccess > xLib;
319 Any aAny = xContainer->getByName( aElement );
320 aAny >>= xLib;
321 if ( xLib.is() && xLib->hasElements() )
322 return true;
323 }
324 else
325 return true;
326 }
327 }
328 }
329 }
330 catch( const Exception& )
331 {
332 DBG_UNHANDLED_EXCEPTION("sfx.doc");
333 }
334 return bHasMacroLib;
335 }
336
337
338 bool DocumentMacroMode::hasMacroLibrary() const
339 {
340 bool bHasMacroLib = false;
341 #if HAVE_FEATURE_SCRIPTING
342 try
343 {
344 Reference< XEmbeddedScripts > xScripts( m_xData->m_rDocumentAccess.getEmbeddedDocumentScripts() );
345 Reference< XLibraryContainer > xContainer;
346 if ( xScripts.is() )
347 xContainer.set( xScripts->getBasicLibraries(), UNO_QUERY_THROW );
348 bHasMacroLib = containerHasBasicMacros( xContainer );
349
350 }
351 catch( const Exception& )
352 {
353 DBG_UNHANDLED_EXCEPTION("sfx.doc");
354 }
355 #endif
356 return bHasMacroLib;
357 }
358
359
360 bool DocumentMacroMode::storageHasMacros( const Reference< XStorage >& rxStorage )
361 {
362 bool bHasMacros = false;
363 if ( rxStorage.is() )
364 {
365 try
366 {
367 const OUString s_sBasicStorageName( OUString::intern( RTL_CONSTASCII_USTRINGPARAM( "Basic" ) ) );
368 const OUString s_sScriptsStorageName( OUString::intern( RTL_CONSTASCII_USTRINGPARAM( "Scripts" ) ) );
369
370 bHasMacros =( ( rxStorage->hasByName( s_sBasicStorageName )
371 && rxStorage->isStorageElement( s_sBasicStorageName )
372 )
373 || ( rxStorage->hasByName( s_sScriptsStorageName )
374 && rxStorage->isStorageElement( s_sScriptsStorageName )
375 )
376 );
377 }
378 catch ( const Exception& )
379 {
380 DBG_UNHANDLED_EXCEPTION("sfx.doc");
381 }
382 }
383 return bHasMacros;
384 }
385
386
387 bool DocumentMacroMode::checkMacrosOnLoading( const Reference< XInteractionHandler >& rxInteraction )
388 {
389 bool bAllow = false;
390 if ( SvtSecurityOptions().IsMacroDisabled() )
391 {
392 // no macro should be executed at all
393 bAllow = disallowMacroExecution();
394 }
395 else
396 {
397 if (m_xData->m_rDocumentAccess.documentStorageHasMacros() || hasMacroLibrary() || m_xData->m_rDocumentAccess.macroCallsSeenWhileLoading())
398 {
399 bAllow = adjustMacroMode( rxInteraction );
400 }
401 else if ( !isMacroExecutionDisallowed() )
402 {
403 // if macros will be added by the user later, the security check is obsolete
404 bAllow = allowMacroExecution();
405 }
406 }
407 return bAllow;
408 }
409
410
411 } // namespace sfx2
412
413
414 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
FREE OFFICE SUITE