1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
|
/* This file is part of the KDE libraries
SPDX-FileCopyrightText: 1997 Matthias Kalle Dalheimer <kalle@kde.org>
SPDX-FileCopyrightText: 1998, 1999 Waldo Bastian <bastian@kde.org>
SPDX-License-Identifier: LGPL-2.0-or-later
*/
#ifndef KAUTHORIZED_H
#define KAUTHORIZED_H
#include <kconfigcore_export.h>
#include <QMetaEnum>
#include <QObject>
#include <QStringList>
#include <QVariant>
class QUrl;
class QString;
/**
* The functions in this namespace provide the core of the Kiosk action
* restriction system; the KIO and KXMLGui frameworks build on this.
*
* The relevant settings are read from the application's KSharedConfig
* instance, so actions can be disabled on a per-application or global
* basis (by using the kdeglobals file).
*/
namespace KAuthorized
{
Q_NAMESPACE_EXPORT(KCONFIGCORE_EXPORT)
/**
* The enum values lower cased represent the action that is authorized
* For example the SHELL_ACCESS value is converted to the "shell_access" string.
*
* @since 5.88
*/
enum GenericRestriction {
SHELL_ACCESS = 1, // if the user is authorized to open a shell or execute shell commands
GHNS, /// if the collaborative data sharing framework KNewStuff is authorized
// GUI behavior
LINEEDIT_REVEAL_PASSWORD, /// if typed characters in password fields can be made visible
LINEEDIT_TEXT_COMPLETION, /// if line edits should be allowed to display completions
MOVABLE_TOOLBARS, /// if toolbars of of apps should be movable
RUN_DESKTOP_FILES, /// if .desktop files should be run as executables when clicked
};
Q_ENUM_NS(GenericRestriction)
/**
*
* @since 5.88
*/
enum GenericAction {
OPEN_WITH = 1, /// if the open-with menu should be shown for files etc.
EDITFILETYPE, /// if mime-type accociations are allowed to be configured
OPTIONS_SHOW_TOOLBAR, /// if the toolbar should be displayed in apps
SWITCH_APPLICATION_LANGUAGE, /// if an action to switch the app language should be shown
BOOKMARKS, /// saving bookmarks is allowed
};
Q_ENUM_NS(GenericAction)
/**
* Returns whether the user is permitted to perform a certain action.
*
* All settings are read from the "[KDE Action Restrictions]" group.
* For example, if kdeglobals contains
* @verbatim
[KDE Action Restrictions][$i]
shell_access=false
@endverbatim
* then
* @code
* KAuthorized::authorize("shell_access");
* @endcode
* will return @c false.
*
* This method is intended for actions that do not necessarily have a
* one-to-one correspondence with a menu or toolbar item (ie: a QAction
* in a KXMLGui application). "shell_access" is an example of such a
* "generic" action.
*
* The convention for actions like "File->New" is to prepend the action
* name with "action/", for example "action/file_new". This is what
* authorizeAction() does.
*
* @param action The name of the action.
* @return @c true if the action is authorized, @c false
* otherwise.
*
* @see authorizeAction()
*/
KCONFIGCORE_EXPORT bool authorize(const QString &action);
/**
* Returns whether the user is permitted to perform a common action.
* The enum values lower cased represent the action that is
* passed in to @p authorize(QString)
*
* @overload
* @since 5.88
*/
KCONFIGCORE_EXPORT bool authorize(GenericRestriction action);
/**
* Returns whether the user is permitted to perform a certain action.
*
* This behaves like authorize(), except that "action/" is prepended to
* @p action. So if kdeglobals contains
* @verbatim
[KDE Action Restrictions][$i]
action/file_new=false
@endverbatim
* then
* @code
* KAuthorized::authorizeAction("file_new");
* @endcode
* will return @c false.
*
* KXMLGui-based applications should not normally need to call this
* function, as KActionCollection will do it automatically.
*
* @param action The name of a QAction action.
* @return @c true if the QAction is authorized, @c false
* otherwise.
* @since 5.24
*
* @see authorize()
*/
KCONFIGCORE_EXPORT bool authorizeAction(const QString &action);
/**
* Overload to authorize common actions.
*
* @overload
* @since 5.88
*/
KCONFIGCORE_EXPORT bool authorizeAction(GenericAction action);
#if KCONFIGCORE_ENABLE_DEPRECATED_SINCE(5, 24)
/**
* Returns whether the user is permitted to perform a certain action.
*
* This behaves like authorize(), except that "action/" is prepended to
* @p action. So if kdeglobals contains
* @verbatim
[KDE Action Restrictions][$i]
action/file_new=false
@endverbatim
* then
* @code
* KAuthorized::authorizeKAction("file_new");
* @endcode
* will return @c false.
*
* KXMLGui-based applications should not normally need to call this
* function, as KActionCollection will do it automatically.
*
* @param action The name of a KAction action.
* @return @c true if the KAction is authorized, @c false
* otherwise.
*
* @see authorize()
* @deprecated since 5.24, use authorizeAction() instead.
*/
KCONFIGCORE_EXPORT
KCONFIGCORE_DEPRECATED_VERSION(5, 24, "Use KAuthorized::authorizeAction(const QString&)")
bool authorizeKAction(const QString &action);
#endif
/**
* Returns whether the user is permitted to use a certain control
* module.
*
* All settings are read from the "[KDE Control Module Restrictions]"
* group. For example, if kdeglobals contains
* @verbatim
[KDE Control Module Restrictions][$i]
desktop-settings.desktop=false
@endverbatim
* then
* @code
* KAuthorized::authorizeControlModule("desktop-settings.desktop");
* @endcode
* will return @c false.
*
* @param menuId The desktop menu ID for the control module.
* @return @c true if access to the module is authorized,
* @c false otherwise.
*
* @see authorizeControlModules()
*/
KCONFIGCORE_EXPORT bool authorizeControlModule(const QString &menuId);
/**
* Determines which control modules from a list the user is permitted to
* use.
*
* @param menuIds A list of desktop menu IDs for control modules.
* @return The entries in @p menuIds for which
* authorizeControlModule() returns @c true.
*
* @see authorizeControlModule()
*/
KCONFIGCORE_EXPORT QStringList authorizeControlModules(const QStringList &menuIds);
}
#endif
|
