Skip to content

Commit 8dd70c1

Browse files
authored
Merge pull request #5526 from boundlessgeo/ogr_authconfig_2
[auth][needs-docs] Authentication configuration support in OGR provider
2 parents 0bd5107 + 72af1a0 commit 8dd70c1

16 files changed

+903
-274
lines changed

.ci/travis/linux/blacklist.txt

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,3 +33,4 @@ PyQgsServerAccessControl
3333
# Need a local postgres installation
3434
PyQgsAuthManagerPKIPostgresTest
3535
PyQgsAuthManagerPasswordPostgresTest
36+
PyQgsAuthManagerOgrPostgresTest

src/auth/basic/qgsauthbasicmethod.cpp

Lines changed: 154 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -42,6 +42,7 @@ QgsAuthBasicMethod::QgsAuthBasicMethod()
4242
<< QStringLiteral( "wfs" ) // convert to lowercase
4343
<< QStringLiteral( "wcs" )
4444
<< QStringLiteral( "wms" )
45+
<< QStringLiteral( "ogr" )
4546
<< QStringLiteral( "proxy" ) );
4647
}
4748

@@ -85,7 +86,6 @@ bool QgsAuthBasicMethod::updateNetworkRequest( QNetworkRequest &request, const Q
8586
bool QgsAuthBasicMethod::updateDataSourceUriItems( QStringList &connectionItems, const QString &authcfg,
8687
const QString &dataprovider )
8788
{
88-
Q_UNUSED( dataprovider )
8989
QgsAuthMethodConfig mconfig = getMethodConfig( authcfg );
9090
if ( !mconfig.isValid() )
9191
{
@@ -102,29 +102,8 @@ bool QgsAuthBasicMethod::updateDataSourceUriItems( QStringList &connectionItems,
102102
return false;
103103
}
104104

105-
QString userparam = "user='" + escapeUserPass( username ) + '\'';
106-
int userindx = connectionItems.indexOf( QRegExp( "^user='.*" ) );
107-
if ( userindx != -1 )
108-
{
109-
connectionItems.replace( userindx, userparam );
110-
}
111-
else
112-
{
113-
connectionItems.append( userparam );
114-
}
115-
116-
QString passparam = "password='" + escapeUserPass( password ) + '\'';
117-
int passindx = connectionItems.indexOf( QRegExp( "^password='.*" ) );
118-
if ( passindx != -1 )
119-
{
120-
connectionItems.replace( passindx, passparam );
121-
}
122-
else
123-
{
124-
connectionItems.append( passparam );
125-
}
126-
127-
// add extra CAs
105+
// SSL Extra CAs
106+
QString caparam;
128107
QList<QSslCertificate> cas;
129108
cas = QgsApplication::authManager()->trustedCaCerts();
130109
// save CAs to temp file
@@ -134,17 +113,163 @@ bool QgsAuthBasicMethod::updateDataSourceUriItems( QStringList &connectionItems,
134113
QgsAuthCertUtils::certsToPemText( cas ) );
135114
if ( ! caFilePath.isEmpty() )
136115
{
137-
QString caparam = "sslrootcert='" + caFilePath + "'";
138-
int sslcaindx = connectionItems.indexOf( QRegExp( "^sslrootcert='.*" ) );
139-
if ( sslcaindx != -1 )
116+
caparam = "sslrootcert='" + caFilePath + "'";
117+
}
118+
119+
// Branch for OGR
120+
if ( dataprovider == QStringLiteral( "ogr" ) )
121+
{
122+
if ( ! password.isEmpty() )
140123
{
141-
connectionItems.replace( sslcaindx, caparam );
124+
QString fullUri( connectionItems.first() );
125+
QString uri( fullUri );
126+
// Handle sub-layers
127+
if ( fullUri.contains( '|' ) )
128+
{
129+
uri = uri.left( uri.indexOf( '|' ) );
130+
}
131+
// At least username must be set... password can be empty
132+
if ( ! username.isEmpty() )
133+
{
134+
// Inject credentials
135+
if ( uri.startsWith( QStringLiteral( "PG:" ) ) )
136+
{
137+
bool chopped = false;
138+
if ( uri.endsWith( '"' ) )
139+
{
140+
uri.chop( 1 );
141+
chopped = true;
142+
}
143+
if ( !username.isEmpty() )
144+
{
145+
uri += QStringLiteral( " user='%1'" ).arg( username );
146+
147+
if ( !password.isEmpty() )
148+
uri += QStringLiteral( " password='%1'" ).arg( password );
149+
}
150+
// add extra CAs
151+
if ( ! caparam.isEmpty() )
152+
{
153+
uri += ' ' + caparam;
154+
}
155+
if ( chopped )
156+
uri += '"';
157+
}
158+
else if ( uri.startsWith( QStringLiteral( "SDE:" ) ) )
159+
{
160+
uri = uri.replace( QRegExp( ",$" ), QStringLiteral( ",%1,%2" ).arg( username, password ) );
161+
}
162+
else if ( uri.startsWith( QStringLiteral( "IDB" ) ) )
163+
{
164+
bool chopped = false;
165+
if ( uri.endsWith( '"' ) )
166+
{
167+
uri.chop( 1 );
168+
chopped = true;
169+
}
170+
uri += QStringLiteral( " user=%1" ).arg( username );
171+
if ( !password.isEmpty() )
172+
uri += QStringLiteral( " pass=%1" ).arg( password );
173+
if ( chopped )
174+
uri += '"';
175+
}
176+
else if ( uri.startsWith( QStringLiteral( "@driver=ingres" ) ) )
177+
{
178+
uri += QStringLiteral( ",userid=%1" ).arg( username );
179+
if ( !password.isEmpty() )
180+
uri += QStringLiteral( ",password=%1" ).arg( password );
181+
}
182+
else if ( uri.startsWith( QStringLiteral( "MySQL:" ) ) )
183+
{
184+
uri += QStringLiteral( ",user=%1" ).arg( username );
185+
if ( !password.isEmpty() )
186+
uri += QStringLiteral( ",password=%1" ).arg( password );
187+
}
188+
else if ( uri.startsWith( QStringLiteral( "MSSQL:" ) ) )
189+
{
190+
uri += QStringLiteral( ";uid=%1" ).arg( username );
191+
uri = uri.replace( QLatin1String( ";trusted_connection=yes" ), QString() );
192+
193+
if ( !password.isEmpty() )
194+
uri += QStringLiteral( ";pwd=%1" ).arg( password );
195+
}
196+
else if ( uri.startsWith( QStringLiteral( "OCI:" ) ) )
197+
{
198+
// OCI:userid/password@database_instance:table,table
199+
uri = uri.replace( QStringLiteral( "OCI:/" ), QStringLiteral( "OCI:%1/%2" ).arg( username, password ) );
200+
}
201+
else if ( uri.startsWith( QStringLiteral( "ODBC:" ) ) )
202+
{
203+
if ( password.isEmpty() )
204+
{
205+
uri = uri.replace( QRegExp( "^ODBC:@?" ), "ODBC:" + username + '@' );
206+
}
207+
else
208+
{
209+
uri = uri.replace( QRegExp( "^ODBC:@?" ), "ODBC:" + username + '/' + password + '@' );
210+
}
211+
}
212+
else if ( uri.startsWith( QStringLiteral( "couchdb" ) )
213+
|| uri.startsWith( QStringLiteral( "DODS" ) )
214+
|| uri.startsWith( "http://" )
215+
|| uri.startsWith( "https://" )
216+
|| uri.startsWith( "ftp://" ) // not really sure that this is supported ...
217+
)
218+
{
219+
uri = uri.replace( QStringLiteral( "://" ), QStringLiteral( "://%1:%2@" ).arg( username, password ) );
220+
}
221+
}
222+
// Handle sub-layers
223+
if ( fullUri.contains( '|' ) )
224+
{
225+
uri += '|' + fullUri.right( fullUri.length() - fullUri.lastIndexOf( '|' ) - 1 );
226+
}
227+
connectionItems.replace( 0, uri );
142228
}
143229
else
144230
{
145-
connectionItems.append( caparam );
231+
QgsDebugMsg( QString( "Update URI items FAILED for authcfg: %1: password empty" ).arg( authcfg ) );
146232
}
233+
147234
}
235+
else // Not-ogr
236+
{
237+
QString userparam = "user='" + escapeUserPass( username ) + '\'';
238+
int userindx = connectionItems.indexOf( QRegExp( "^user='.*" ) );
239+
if ( userindx != -1 )
240+
{
241+
connectionItems.replace( userindx, userparam );
242+
}
243+
else
244+
{
245+
connectionItems.append( userparam );
246+
}
247+
248+
QString passparam = "password='" + escapeUserPass( password ) + '\'';
249+
int passindx = connectionItems.indexOf( QRegExp( "^password='.*" ) );
250+
if ( passindx != -1 )
251+
{
252+
connectionItems.replace( passindx, passparam );
253+
}
254+
else
255+
{
256+
connectionItems.append( passparam );
257+
}
258+
// add extra CAs
259+
if ( ! caparam.isEmpty() )
260+
{
261+
int sslcaindx = connectionItems.indexOf( QRegExp( "^sslrootcert='.*" ) );
262+
if ( sslcaindx != -1 )
263+
{
264+
connectionItems.replace( sslcaindx, caparam );
265+
}
266+
else
267+
{
268+
connectionItems.append( caparam );
269+
}
270+
}
271+
}
272+
148273

149274
return true;
150275
}

src/gui/ogr/qgsnewogrconnection.cpp

Lines changed: 24 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -57,18 +57,25 @@ QgsNewOgrConnection::QgsNewOgrConnection( QWidget *parent, const QString &connTy
5757
txtDatabase->setText( settings.value( key + "/database" ).toString() );
5858
QString port = settings.value( key + "/port" ).toString();
5959
txtPort->setText( port );
60-
txtUsername->setText( settings.value( key + "/username" ).toString() );
61-
if ( settings.value( key + "/save" ).toString() == QLatin1String( "true" ) )
60+
if ( settings.value( key + "/store_username" ).toString() == QLatin1String( "true" ) )
6261
{
63-
txtPassword->setText( settings.value( key + "/password" ).toString() );
64-
chkStorePassword->setChecked( true );
62+
mAuthSettingsDatabase->setUsername( settings.value( key + "/username" ).toString() );
63+
mAuthSettingsDatabase->setStoreUsernameChecked( true );
6564
}
65+
if ( settings.value( key + "/store_password" ).toString() == QLatin1String( "true" ) )
66+
{
67+
mAuthSettingsDatabase->setPassword( settings.value( key + "/password" ).toString() );
68+
mAuthSettingsDatabase->setStorePasswordChecked( true );
69+
}
70+
mAuthSettingsDatabase->setConfigId( settings.value( key + "/configid" ).toString() );
6671
cmbDatabaseTypes->setCurrentIndex( cmbDatabaseTypes->findText( connType ) );
6772
txtName->setText( connName );
6873
txtName->setEnabled( false );
6974
cmbDatabaseTypes->setEnabled( false );
7075
}
7176
txtName->setValidator( new QRegExpValidator( QRegExp( "[^\\/]+" ), txtName ) );
77+
mAuthSettingsDatabase->setDataprovider( QStringLiteral( "ogr" ) );
78+
mAuthSettingsDatabase->showStoreCheckboxes( true );
7279
}
7380

7481
QgsNewOgrConnection::~QgsNewOgrConnection()
@@ -80,9 +87,14 @@ QgsNewOgrConnection::~QgsNewOgrConnection()
8087
void QgsNewOgrConnection::testConnection()
8188
{
8289
QString uri;
83-
uri = createDatabaseURI( cmbDatabaseTypes->currentText(), txtHost->text(),
84-
txtDatabase->text(), txtPort->text(),
85-
txtUsername->text(), txtPassword->text() );
90+
uri = createDatabaseURI( cmbDatabaseTypes->currentText(),
91+
txtHost->text(),
92+
txtDatabase->text(),
93+
txtPort->text(),
94+
mAuthSettingsDatabase->configId(),
95+
mAuthSettingsDatabase->username(),
96+
mAuthSettingsDatabase->password(),
97+
true );
8698
QgsDebugMsg( "Connecting using uri = " + uri );
8799
OGRRegisterAll();
88100
OGRDataSourceH poDS;
@@ -133,9 +145,11 @@ void QgsNewOgrConnection::accept()
133145
settings.setValue( baseKey + "/host", txtHost->text() );
134146
settings.setValue( baseKey + "/database", txtDatabase->text() );
135147
settings.setValue( baseKey + "/port", txtPort->text() );
136-
settings.setValue( baseKey + "/username", txtUsername->text() );
137-
settings.setValue( baseKey + "/password", chkStorePassword->isChecked() ? txtPassword->text() : QLatin1String( "" ) );
138-
settings.setValue( baseKey + "/save", chkStorePassword->isChecked() ? "true" : "false" );
148+
settings.setValue( baseKey + "/username", mAuthSettingsDatabase->storeUsernameIsChecked() ? mAuthSettingsDatabase->username() : QLatin1String( "" ) );
149+
settings.setValue( baseKey + "/password", mAuthSettingsDatabase->storePasswordIsChecked() ? mAuthSettingsDatabase->password() : QLatin1String( "" ) );
150+
settings.setValue( baseKey + "/store_username", mAuthSettingsDatabase->storeUsernameIsChecked() ? "true" : "false" );
151+
settings.setValue( baseKey + "/store_password", mAuthSettingsDatabase->storePasswordIsChecked() ? "true" : "false" );
152+
settings.setValue( baseKey + "/configid", mAuthSettingsDatabase->configId() );
139153

140154
QDialog::accept();
141155
}

0 commit comments

Comments
 (0)