1/* This file is part of the KDE libraries
2 SPDX-FileCopyrightText: 1997 Matthias Kalle Dalheimer <kalle@kde.org>
3 SPDX-FileCopyrightText: 1998, 1999 Waldo Bastian <bastian@kde.org>
4
5 SPDX-License-Identifier: LGPL-2.0-or-later
6*/
7
8#ifndef KAUTHORIZED_H
9#define KAUTHORIZED_H
10
11#include <kconfigcore_export.h>
12
13#include <QMetaEnum>
14#include <QObject>
15#include <QStringList>
16#include <QVariant>
17
18class QUrl;
19class QString;
20class QQmlEngine;
21class QJSEngine;
22
23/*!
24 * \class KAuthorized
25 * \inmodule KConfigCore
26 *
27 * \brief The functions in this namespace provide the core of the Kiosk action
28 * restriction system; the KIO and KXMLGui frameworks build on this.
29 *
30 * The relevant settings are read from the application's KSharedConfig
31 * instance, so actions can be disabled on a per-application or global
32 * basis (by using the kdeglobals file).
33 */
34class KCONFIGCORE_EXPORT KAuthorized : public QObject
35{
36 Q_OBJECT
37public:
38 /*!
39 * The enum values lower cased represent the action that is authorized
40 * For example the SHELL_ACCESS value is converted to the "shell_access" string.
41 *
42 * \value SHELL_ACCESS If the user is authorized to open a shell or execute shell commands
43 * \value GHNS If the collaborative data sharing framework KNewStuff is authorized GUI behavior
44 * \value LINEEDIT_REVEAL_PASSWORD If typed characters in password fields can be made visible
45 * \value LINEEDIT_TEXT_COMPLETION If line edits should be allowed to display completions
46 * \value MOVABLE_TOOLBARS If toolbars of apps should be movable
47 * \value RUN_DESKTOP_FILES If .desktop files should be run as executables when clicked
48 *
49 * \since 5.88
50 */
51 enum GenericRestriction {
52 SHELL_ACCESS = 1,
53 GHNS,
54 LINEEDIT_REVEAL_PASSWORD,
55 LINEEDIT_TEXT_COMPLETION,
56 MOVABLE_TOOLBARS,
57 RUN_DESKTOP_FILES,
58 };
59 Q_ENUM(GenericRestriction)
60
61 /*!
62 * \value OPEN_WITH If the open-with menu should be shown for files etc.
63 * \value EDITFILETYPE If mime-type accociations are allowed to be configured
64 * \value OPTIONS_SHOW_TOOLBAR If the toolbar should be displayed in apps
65 * \value SWITCH_APPLICATION_LANGUAGE If an action to switch the app language should be shown
66 * \value BOOKMARKS If saving bookmarks is allowed
67 * \since 5.88
68 */
69 enum GenericAction {
70 OPEN_WITH = 1,
71 EDITFILETYPE,
72
73 OPTIONS_SHOW_TOOLBAR,
74 SWITCH_APPLICATION_LANGUAGE,
75 BOOKMARKS,
76 };
77 Q_ENUM(GenericAction)
78
79 /*!
80 * Returns whether the user is permitted to perform a certain action.
81 *
82 * All settings are read from the "[KDE Action Restrictions]" group.
83 * For example, if kdeglobals contains
84 * \badcode
85 * [KDE Action Restrictions][$i]
86 * shell_access=false
87 * \endcode
88 * then
89 * \code
90 * KAuthorized::authorize("shell_access");
91 * \endcode
92 * will return \c false.
93 *
94 * This method is intended for actions that do not necessarily have a
95 * one-to-one correspondence with a menu or toolbar item (ie: a QAction
96 * in a KXMLGui application). "shell_access" is an example of such a
97 * "generic" action.
98 *
99 * The convention for actions like "File->New" is to prepend the action
100 * name with "action/", for example "action/file_new". This is what
101 * authorizeAction() does.
102 *
103 * \a action The name of the action.
104 *
105 * Returns \c true if the action is authorized, \c false otherwise.
106 *
107 * \sa authorizeAction()
108 */
109 Q_INVOKABLE static bool authorize(const QString &action);
110
111 /*!
112 * Returns whether the user is permitted to perform a common action.
113 *
114 * The enum values lower cased represent the action that is
115 * passed in to \a authorize(QString)
116 *
117 * \overload
118 * \since 5.88
119 */
120 Q_INVOKABLE static bool authorize(GenericRestriction action);
121
122 /*!
123 * Returns whether the user is permitted to perform a certain action.
124 *
125 * This behaves like authorize(), except that "action/" is prepended to
126 * \a action. So if kdeglobals contains
127 * \badcode
128 * [KDE Action Restrictions][$i]
129 * action/file_new=false
130 * \endcode
131 * then
132 * \code
133 * KAuthorized::authorizeAction("file_new");
134 * \endcode
135 * will return \c false.
136 *
137 * KXMLGui-based applications should not normally need to call this
138 * function, as KActionCollection will do it automatically.
139 *
140 * \a action The name of a QAction action.
141 *
142 * Returns \c true if the QAction is authorized, \c false
143 * otherwise.
144 * \since 5.24
145 *
146 * \sa authorize()
147 */
148 Q_INVOKABLE static bool authorizeAction(const QString &action);
149
150 /*!
151 * Overload to authorize common actions.
152 *
153 * \overload
154 * \since 5.88
155 */
156 Q_INVOKABLE static bool authorizeAction(GenericAction action);
157
158 /*!
159 * Returns whether the user is permitted to use a certain control module.
160 *
161 * All settings are read from the "[KDE Control Module Restrictions]"
162 * group. For example, if kdeglobals contains
163 * \badcode
164 * [KDE Control Module Restrictions][$i]
165 * kcm_desktop-settings=false
166 * \endcode
167 * then
168 * \code
169 * KAuthorized::authorizeControlModule("kcm_desktop-settings");
170 * \endcode
171 * will return \c false.
172 *
173 * \a pluginId The desktop menu ID for the control module.
174 *
175 * Returns \c true if access to the module is authorized, \c false otherwise.
176 */
177 Q_INVOKABLE static bool authorizeControlModule(const QString &pluginId);
178
179 static KAuthorized *create(QQmlEngine *, QJSEngine *)
180 {
181 return new KAuthorized;
182 }
183
184private:
185 friend class KConfigQmlPlugin;
186 explicit KAuthorized();
187};
188
189#endif
190

source code of kconfig/src/core/kauthorized.h