[WIP] Create new KeepassHTTP KeyAcceptDialog #850
Conversation
|
This needs to jive with #608 as well. We are likely going to pull support for the HTTP protocol in a couple releases due to its insecurity. I really like the dialog and modification though! It is sorely needed. |
|
What extensions are going to replace chromeIPass and passIFox? |
|
The author of the new method actually created a new plugin as well. |
|
I see - I checked this out, I'll keep it in mind. thanks. As far as a quick check tells me, the "semantic model" of remote connections will remain the same so I should be fine with just continuing work on this and adapting it for any changes based on keepassxc-browser should be easy once that is merged. |
|
I have a question: It seems that the EDIT: In |
|
I've now added a proper feature: All databases are listed in the dialog and keys are inserted into all selected databases. It would be very nice to get a proper review of my changes at this point (of course keeping in mind that it's still WIP). |
|
Should we postpone this to 2.3.0 ? |
|
I think so, it should be synced with the new browser integration. I'll look at this tonight. |
|
I've tested this and it works well, however if you do not enter a name in the top box it fails to find the database. Recommend adding an error if no name is supplied or use the name of the database by default. There is also commented out code and XXX comments that need to be removed or addressed. |
|
Thank you for testing this, will check your feedback! I will add some inline comments to the things I marked with XXX, because this is where I'm unsure how exactly C++ and Qt work. |
| } | ||
| } | ||
|
|
||
| return resultList; |
There was a problem hiding this comment.
Is it okay to stack-allocate (? - I am not sure if that is what happens, and whether Qt transforms that into something else) resultList here and then return it to the caller, where the caller will simply let it go out of scope?
I.e. will the object be destroyed once it runs out of scope in the caller, and is this the proper way to do it or should this be done differently?
There was a problem hiding this comment.
Answered on second question
src/http/Service.cpp
Outdated
|
|
||
| //XXX | ||
| //bool Service::attributeExists(QList<Entry*> entries, const QString &attribute) | ||
| bool Service::attributeExists(QList<Entry*> entries, const QString attribute) |
There was a problem hiding this comment.
Is const QString attribute or const QString &attribute correct here?
There was a problem hiding this comment.
Yes this is correct. The data you allocate as part of the list gets shared with the calling scope's new QList object.
duk3luk3
force-pushed
the
feature/838-keepasshttp-keys
branch
from
c513ffe
to
2eec43e
Compare
|
I rebased for now. To resolve to "TODOs", I still need an answer to my question upthread. |
|
I will be updating this behavior in my database pointer refactoring. Proceed with the ugly code for now. |
I've fixed this by not allowing to submit the dialog if the key name is empty. Are you happy with that solution? |
|
I added some more cleanup and additional verification to the key accept dialog. The only thing left to do for now is adding translation support. |
duk3luk3
changed the title
|
Translation wrappers added. @droidmonkey please review, then I will rebase and squash. |
|
@keepassxreboot/core-developers can someone review this? |
src/http/KeyAcceptDialog.cpp
Outdated
| #include <QDialogButtonBox> | ||
| #include <QPushButton> | ||
|
|
||
| KeyAcceptDialog::KeyAcceptDialog(QWidget *parent) : |
There was a problem hiding this comment.
QWidget* parent
Pointers on left side.
src/http/KeyAcceptDialog.h
Outdated
| Q_OBJECT | ||
|
|
||
| public: | ||
| explicit KeyAcceptDialog(QWidget *parent = nullptr); |
src/http/KeyAcceptDialog.h
Outdated
|
|
||
| private slots: | ||
| void keyEditChanged(const QString &text); | ||
| void modelItemChanged(QStandardItem *item); |
src/http/Service.cpp
Outdated
| if (DatabaseWidget* dbWidget = m_dbTabWidget->currentDatabaseWidget()) | ||
| QList<Entry*> entries; | ||
|
|
||
| for (int i = 0; i < m_dbTabWidget->count(); i++) |
There was a problem hiding this comment.
This for block should be wrapped with braces.
There was a problem hiding this comment.
That is inconsistent with the style of the rest of the file. Should I really partially fix the style of the file(s)? A separate code style commit would probably be better.
The same applies for NULL vs. nullptr.
There was a problem hiding this comment.
That is inconsistent with the style of the rest of the file
Older code, mostly before the fork, don't necessarily follow the current coding style, but all new PR's should stick to the project coding style guide.
Should I really partially fix the style of the file(s)?
It's not required to fix the style where you didn't modify/add code, but we would appreciate if you do. :)
A separate code style commit would probably be better.
Concur.
There was a problem hiding this comment.
Run this command to fix all the file codestyle to project standard
clang-format -i -style=file src/http/Service.cpp in the project root.
Yes, fix the codestyle in a new commit please
src/http/Service.cpp
Outdated
| QList<Entry*> entries; | ||
|
|
||
| for (int i = 0; i < m_dbTabWidget->count(); i++) | ||
| if (DatabaseWidget* dbWidget = qobject_cast<DatabaseWidget*>(m_dbTabWidget->widget(i))) |
src/http/Server.h
Outdated
| @@ -44,7 +46,7 @@ class Server : public QObject | |||
| public: | |||
| explicit Server(QObject *parent = 0); | |||
|
|
|||
| virtual bool isDatabaseOpened() const = 0; | |||
| virtual bool isDatabaseOpened(DatabaseWidget* dbWidget = NULL) const = 0; | |||
There was a problem hiding this comment.
Use nullptr instead of NULL.
src/http/Service.cpp
Outdated
| if (create) | ||
| entry->setGroup(db->rootGroup()); | ||
| else | ||
| entry = NULL; |
src/http/Service.cpp
Outdated
| @@ -522,7 +589,7 @@ QString Service::generatePassword() | |||
|
|
|||
| void Service::removeSharedEncryptionKeys() | |||
| { | |||
| if (!isDatabaseOpened()) { | |||
| if (!isDatabaseOpened(NULL)) { | |||
There was a problem hiding this comment.
@duk3luk3 This one wasn't addressed
src/http/Service.cpp
Outdated
| @@ -561,7 +628,7 @@ void Service::removeSharedEncryptionKeys() | |||
|
|
|||
| void Service::removeStoredPermissions() | |||
| { | |||
| if (!isDatabaseOpened()) { | |||
| if (!isDatabaseOpened(NULL)) { | |||
There was a problem hiding this comment.
@duk3luk3 This one wasn't addressed
src/http/KeyAcceptDialog.cpp
Outdated
| ui->buttonBox->button(QDialogButtonBox::Ok)->setEnabled(false); | ||
| ui->buttonBox->button(QDialogButtonBox::Ok)->setToolTip(tr("Make sure the key name is not empty!")); | ||
| } | ||
| else if (!hasChecked) { |
There was a problem hiding this comment.
Remove newline between } and else if
|
@duk3luk3 will you be submitting revisions for Weslley's comments? |
|
Hi, sure! Will do as soon as I am able. |
|
@droidmonkey @weslly Please let me know if there are any other issues, and then I'll rebase the PR. |
src/http/Service.cpp
Outdated
| @@ -522,7 +589,7 @@ QString Service::generatePassword() | |||
|
|
|||
| void Service::removeSharedEncryptionKeys() | |||
| { | |||
| if (!isDatabaseOpened()) { | |||
| if (!isDatabaseOpened(NULL)) { | |||
There was a problem hiding this comment.
@duk3luk3 This one wasn't addressed
src/http/Service.cpp
Outdated
| @@ -561,7 +628,7 @@ void Service::removeSharedEncryptionKeys() | |||
|
|
|||
| void Service::removeStoredPermissions() | |||
| { | |||
| if (!isDatabaseOpened()) { | |||
| if (!isDatabaseOpened(NULL)) { | |||
There was a problem hiding this comment.
@duk3luk3 This one wasn't addressed
duk3luk3
force-pushed
the
feature/838-keepasshttp-keys
branch
from
e74839b
to
e514437
Compare
|
@weslly Ah, I assumed clang-format would catch those. I amended the formatting commit. |
|
@duk3luk3 can you rebase on top of develop? There are some conflict with |
* !WIP! * Creates a new dialog widget for accepting keys - needed for keepassxreboot#838 For keepassxreboot#838, keepassxreboot#530
Basic implementation of allowing user to select which DBs to insert KeepassHTTP Authentication Keys into. For keepassxreboot#535
Disables the "OK" button when the key name edit is empty. This avoids saving a KeepassHTTP key with empty key name, which causes problems later.
To improve multi-db handling, we can move the checking for open (unlocked) databases to the key accept dialog. This means that even if the selected db is not open, the key can be stored in another db as selected by the user. This commit also adds a check for selected db's to the key accept dialog so the dialog cannot be submitted if no db's to store the key are selected.
Wrap strings presented to user in tr() for localization
Run clang-format and replace NULLs in all files touched by the PR
duk3luk3
force-pushed
the
feature/838-keepasshttp-keys
branch
from
e514437
to
e97dacb
Compare
|
Rebased, test failures appear to come from develop: https://travis-ci.org/keepassxreboot/keepassxc/builds/315131994 I will do some more cleanup as soon as I am able. |
|
@duk3luk3 can you please rebase again? we changed our CI @droidmonkey can you please review your requested changes? |
|
I will have to do some more work now that #608 has been merged. Will do it asap. |
|
No problem @duk3luk3. Ping me when you are done :) |
|
This PR has been overcome by the KeePassXC-Browser. HTTP is deprecated and will be removed in 2.4.0. |
|
The changes in this PR should be 100% applicable to KeePassXC-Browser. I just need to port them - I will do that as soon as I find time. |
|
I agree with that, thanks! |
WIP - Creates a new dialog widget for accepting keys - needed for #838
For #838, #530
This is a proof-of-concept for myself that I can make changes to KeePassXC and a first step towards making some big changes to the KeepassHTTP authorization key management in order to address #838 and #530 and my own usability / workflow itches as someone who generally works with multiple databases open at the same time.
Please give this change a quick look and tell me if this is a good direction to go in, as well as anything problematic in the code I've changed (as far as it isn't a temporary mock-up / stub)
Description
Planned changes:
Motivation and context
See #530, #838
How has this been tested?
Screenshots (if appropriate):
Types of changes
Checklist:
-DWITH_ASAN=ON. [REQUIRED]