config: add "macro_security_level" item
"Level of Macro security". Change-Id: I491648f2a89289c7f4455dfad76d73ac8449b965 Signed-off-by: Henry Castro <hcastro@collabora.com>pull/1713/head
parent
50c0fc4492
commit
1df271b363
|
@ -200,6 +200,11 @@ void Session::parseDocOptions(const StringVector& tokens, int& part, std::string
|
|||
_enableMacrosExecution = value;
|
||||
++offset;
|
||||
}
|
||||
else if (name == "macroSecurityLevel")
|
||||
{
|
||||
_macroSecurityLevel = value;
|
||||
++offset;
|
||||
}
|
||||
}
|
||||
|
||||
Util::mapAnonymized(_userId, _userIdAnonym);
|
||||
|
|
|
@ -231,6 +231,8 @@ public:
|
|||
|
||||
const std::string& getEnableMacrosExecution() const { return _enableMacrosExecution; }
|
||||
|
||||
const std::string& getMacroSecurityLevel() const { return _macroSecurityLevel; }
|
||||
|
||||
protected:
|
||||
Session(const std::shared_ptr<ProtocolHandlerInterface> &handler,
|
||||
const std::string& name, const std::string& id, bool readonly);
|
||||
|
@ -335,6 +337,9 @@ private:
|
|||
|
||||
/// Specifies whether the macro execution is enabled in general.
|
||||
std::string _enableMacrosExecution;
|
||||
|
||||
/// Level of Macro security.
|
||||
std::string _macroSecurityLevel;
|
||||
};
|
||||
|
||||
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
|
||||
|
|
|
@ -1194,6 +1194,7 @@ private:
|
|||
const std::string& deviceFormFactor = session->getDeviceFormFactor();
|
||||
const std::string& batchMode = session->getBatchMode();
|
||||
const std::string& enableMacrosExecution = session->getEnableMacrosExecution();
|
||||
const std::string& macroSecurityLevel = session->getMacroSecurityLevel();
|
||||
std::string spellOnline;
|
||||
|
||||
std::string options;
|
||||
|
@ -1209,6 +1210,9 @@ private:
|
|||
if (!enableMacrosExecution.empty())
|
||||
options += ",EnableMacrosExecution=" + enableMacrosExecution;
|
||||
|
||||
if (!macroSecurityLevel.empty())
|
||||
options += ",MacroSecurityLevel=" + macroSecurityLevel;
|
||||
|
||||
if (!_loKitDocument)
|
||||
{
|
||||
// This is the first time we are loading the document
|
||||
|
|
|
@ -15,6 +15,7 @@
|
|||
<memproportion desc="The maximum percentage of system memory consumed by all of the @APP_NAME@, after which we start cleaning up idle documents" type="double" default="80.0"></memproportion>
|
||||
<num_prespawn_children desc="Number of child processes to keep started in advance and waiting for new clients." type="uint" default="1">1</num_prespawn_children>
|
||||
<per_document desc="Document-specific settings, including LO Core settings.">
|
||||
|
||||
<max_concurrency desc="The maximum number of threads to use while processing a document." type="uint" default="4">4</max_concurrency>
|
||||
<batch_priority desc="A (lower) priority for use by batch eg. convert-to processes to avoid starving interactive ones" type="uint" default="5">5</batch_priority>
|
||||
<document_signing_url desc="The endpoint URL of signing server, if empty the document signing is disabled" type="string" default="@VEREIGN_URL@">@VEREIGN_URL@</document_signing_url>
|
||||
|
@ -124,6 +125,7 @@
|
|||
<capabilities desc="Should we require capabilities to isolate processes into chroot jails" type="bool" default="true">true</capabilities>
|
||||
<jwt_expiry_secs desc="Time in seconds before the Admin Console's JWT token expires" type="int" default="1800">1800</jwt_expiry_secs>
|
||||
<enable_macros_execution desc="Specifies whether the macro execution is enabled in general. This will enable Basic, Beanshell, Javascript and Python scripts. If it is set to false, the macro_security_level is ignored. If it is set to true, the mentioned entry specified the level of macro security." type="bool" default="false">false</enable_macros_execution>
|
||||
<macro_security_level desc="Level of Macro security. 1 (Medium) Confirmation required before executing macros from untrusted sources. 0 (Low, not recommended) All macros will be executed without confirmation." type="int" default="1">1</macro_security_level>
|
||||
</security>
|
||||
|
||||
<watermark>
|
||||
|
|
|
@ -849,6 +849,11 @@ bool ClientSession::loadDocument(const char* /*buffer*/, int /*length*/,
|
|||
<< LOOLWSD::getConfigValue<bool>("security.enable_macros_execution", false);
|
||||
}
|
||||
|
||||
if (LOOLWSD::hasProperty("security.macro_security_level"))
|
||||
{
|
||||
oss << " macroSecurityLevel=" << LOOLWSD::getConfigValue<int>("security.macro_security_level", 1);
|
||||
}
|
||||
|
||||
if (!getDocOptions().empty())
|
||||
{
|
||||
oss << " options=" << getDocOptions();
|
||||
|
|
Loading…
Reference in New Issue