1/* This file is part of the KDE libraries
2 SPDX-FileCopyrightText: 1997 Matthias Kalle Dalheimer <kalle@kde.org>
3 SPDX-FileCopyrightText: 1998, 1999 Waldo Bastian <bastian@kde.org>
4
5 SPDX-License-Identifier: LGPL-2.0-or-later
6*/
7
8#ifndef KAUTHORIZED_H
9#define KAUTHORIZED_H
10
11#include <kconfigcore_export.h>
12
13#include <QMetaEnum>
14#include <QObject>
15#include <QStringList>
16#include <QVariant>
17
18class QUrl;
19class QString;
20class QQmlEngine;
21class QJSEngine;
22
23/**
24 * The functions in this namespace provide the core of the Kiosk action
25 * restriction system; the KIO and KXMLGui frameworks build on this.
26 *
27 * The relevant settings are read from the application's KSharedConfig
28 * instance, so actions can be disabled on a per-application or global
29 * basis (by using the kdeglobals file).
30 */
31class KCONFIGCORE_EXPORT KAuthorized : public QObject
32{
33 Q_OBJECT
34public:
35 /**
36 * The enum values lower cased represent the action that is authorized
37 * For example the SHELL_ACCESS value is converted to the "shell_access" string.
38 *
39 * @since 5.88
40 */
41 enum GenericRestriction {
42 SHELL_ACCESS = 1, // if the user is authorized to open a shell or execute shell commands
43 GHNS, /// if the collaborative data sharing framework KNewStuff is authorized
44 // GUI behavior
45 LINEEDIT_REVEAL_PASSWORD, /// if typed characters in password fields can be made visible
46 LINEEDIT_TEXT_COMPLETION, /// if line edits should be allowed to display completions
47 MOVABLE_TOOLBARS, /// if toolbars of apps should be movable
48 RUN_DESKTOP_FILES, /// if .desktop files should be run as executables when clicked
49 };
50 Q_ENUM(GenericRestriction)
51
52 /**
53 *
54 * @since 5.88
55 */
56 enum GenericAction {
57 OPEN_WITH = 1, /// if the open-with menu should be shown for files etc.
58 EDITFILETYPE, /// if mime-type accociations are allowed to be configured
59
60 OPTIONS_SHOW_TOOLBAR, /// if the toolbar should be displayed in apps
61 SWITCH_APPLICATION_LANGUAGE, /// if an action to switch the app language should be shown
62 BOOKMARKS, /// saving bookmarks is allowed
63 };
64 Q_ENUM(GenericAction)
65
66 /**
67 * Returns whether the user is permitted to perform a certain action.
68 *
69 * All settings are read from the "[KDE Action Restrictions]" group.
70 * For example, if kdeglobals contains
71 * @verbatim
72 [KDE Action Restrictions][$i]
73 shell_access=false
74 @endverbatim
75 * then
76 * @code
77 * KAuthorized::authorize("shell_access");
78 * @endcode
79 * will return @c false.
80 *
81 * This method is intended for actions that do not necessarily have a
82 * one-to-one correspondence with a menu or toolbar item (ie: a QAction
83 * in a KXMLGui application). "shell_access" is an example of such a
84 * "generic" action.
85 *
86 * The convention for actions like "File->New" is to prepend the action
87 * name with "action/", for example "action/file_new". This is what
88 * authorizeAction() does.
89 *
90 * @param action The name of the action.
91 * @return @c true if the action is authorized, @c false
92 * otherwise.
93 *
94 * @see authorizeAction()
95 */
96 Q_INVOKABLE static bool authorize(const QString &action);
97
98 /**
99 * Returns whether the user is permitted to perform a common action.
100 * The enum values lower cased represent the action that is
101 * passed in to @p authorize(QString)
102 *
103 * @overload
104 * @since 5.88
105 */
106 Q_INVOKABLE static bool authorize(GenericRestriction action);
107
108 /**
109 * Returns whether the user is permitted to perform a certain action.
110 *
111 * This behaves like authorize(), except that "action/" is prepended to
112 * @p action. So if kdeglobals contains
113 * @verbatim
114 [KDE Action Restrictions][$i]
115 action/file_new=false
116 @endverbatim
117 * then
118 * @code
119 * KAuthorized::authorizeAction("file_new");
120 * @endcode
121 * will return @c false.
122 *
123 * KXMLGui-based applications should not normally need to call this
124 * function, as KActionCollection will do it automatically.
125 *
126 * @param action The name of a QAction action.
127 * @return @c true if the QAction is authorized, @c false
128 * otherwise.
129 * @since 5.24
130 *
131 * @see authorize()
132 */
133 Q_INVOKABLE static bool authorizeAction(const QString &action);
134
135 /**
136 * Overload to authorize common actions.
137 *
138 * @overload
139 * @since 5.88
140 */
141 Q_INVOKABLE static bool authorizeAction(GenericAction action);
142
143 /**
144 * Returns whether the user is permitted to use a certain control module.
145 *
146 * All settings are read from the "[KDE Control Module Restrictions]"
147 * group. For example, if kdeglobals contains
148 * @verbatim
149 [KDE Control Module Restrictions][$i]
150 kcm_desktop-settings=false
151 @endverbatim
152 * then
153 * @code
154 * KAuthorized::authorizeControlModule("kcm_desktop-settings");
155 * @endcode
156 * will return @c false.
157 *
158 * @param pluginId The desktop menu ID for the control module.
159 * @return @c true if access to the module is authorized, @c false otherwise.
160 *
161 */
162 Q_INVOKABLE static bool authorizeControlModule(const QString &pluginId);
163
164 static KAuthorized *create(QQmlEngine *, QJSEngine *)
165 {
166 return new KAuthorized;
167 }
168
169private:
170 friend class KConfigQmlPlugin;
171 explicit KAuthorized();
172};
173
174#endif
175

source code of kconfig/src/core/kauthorized.h