Mirrors/overte
3
0
Fork 0
mirror of https://github.com/overte-org/overte.git synced 2025-08-08 13:38:02 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added permissions to avatar bookmarks

Browse source
This commit is contained in:
ksuprynowicz 2024-03-24 22:36:26 +01:00
parent 16530b2334
commit 076bd2dbee
3 changed files with 55 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
interface/src/AvatarBookmarks.cpp
View file

@ -41,6 +41,15 @@
#include <QtQuick/QQuickWindow> #include <QtQuick/QQuickWindow>
#include <memory> #include <memory>
#include "WarningsSuppression.h" #include "WarningsSuppression.h"
#include "ScriptPermissions.h"
QVariantMap AvatarBookmarks::getBookmarks() {
if (ScriptPermissions::isCurrentScriptAllowed(ScriptPermissions::Permission::SCRIPT_PERMISSION_GET_AVATAR_URL)) {
return _bookmarks;
} else {
return {};
}
}
void addAvatarEntities(const QVariantList& avatarEntities) { void addAvatarEntities(const QVariantList& avatarEntities) {
auto nodeList = DependencyManager::get<NodeList>(); auto nodeList = DependencyManager::get<NodeList>();
@ -123,6 +132,12 @@ AvatarBookmarks::AvatarBookmarks() {
} }
void AvatarBookmarks::addBookmark(const QString& bookmarkName) { void AvatarBookmarks::addBookmark(const QString& bookmarkName) {
if (ScriptPermissions::isCurrentScriptAllowed(ScriptPermissions::Permission::SCRIPT_PERMISSION_GET_AVATAR_URL)) {
addBookmarkInternal(bookmarkName);
}
}
void AvatarBookmarks::addBookmarkInternal(const QString& bookmarkName) {
if (QThread::currentThread() != thread()) { if (QThread::currentThread() != thread()) {
BLOCKING_INVOKE_METHOD(this, "addBookmark", Q_ARG(QString, bookmarkName)); BLOCKING_INVOKE_METHOD(this, "addBookmark", Q_ARG(QString, bookmarkName));
return; return;
@ -134,6 +149,12 @@ void AvatarBookmarks::addBookmark(const QString& bookmarkName) {
} }
void AvatarBookmarks::saveBookmark(const QString& bookmarkName) { void AvatarBookmarks::saveBookmark(const QString& bookmarkName) {
if (ScriptPermissions::isCurrentScriptAllowed(ScriptPermissions::Permission::SCRIPT_PERMISSION_GET_AVATAR_URL)) {
saveBookmarkInternal(bookmarkName);
}
}
void AvatarBookmarks::saveBookmarkInternal(const QString& bookmarkName) {
if (QThread::currentThread() != thread()) { if (QThread::currentThread() != thread()) {
BLOCKING_INVOKE_METHOD(this, "saveBookmark", Q_ARG(QString, bookmarkName)); BLOCKING_INVOKE_METHOD(this, "saveBookmark", Q_ARG(QString, bookmarkName));
return; return;
@ -145,6 +166,12 @@ void AvatarBookmarks::saveBookmark(const QString& bookmarkName) {
} }
void AvatarBookmarks::removeBookmark(const QString& bookmarkName) { void AvatarBookmarks::removeBookmark(const QString& bookmarkName) {
if (ScriptPermissions::isCurrentScriptAllowed(ScriptPermissions::Permission::SCRIPT_PERMISSION_GET_AVATAR_URL)) {
removeBookmarkInternal(bookmarkName);
}
}
void AvatarBookmarks::removeBookmarkInternal(const QString& bookmarkName) {
if (QThread::currentThread() != thread()) { if (QThread::currentThread() != thread()) {
BLOCKING_INVOKE_METHOD(this, "removeBookmark", Q_ARG(QString, bookmarkName)); BLOCKING_INVOKE_METHOD(this, "removeBookmark", Q_ARG(QString, bookmarkName));
return; return;
@ -200,6 +227,12 @@ void AvatarBookmarks::updateAvatarEntities(const QVariantList &avatarEntities) {
*/ */
void AvatarBookmarks::loadBookmark(const QString& bookmarkName) { void AvatarBookmarks::loadBookmark(const QString& bookmarkName) {
if (ScriptPermissions::isCurrentScriptAllowed(ScriptPermissions::Permission::SCRIPT_PERMISSION_GET_AVATAR_URL)) {
loadBookmarkInternal(bookmarkName);
}
}
void AvatarBookmarks::loadBookmarkInternal(const QString& bookmarkName) {
if (QThread::currentThread() != thread()) { if (QThread::currentThread() != thread()) {
BLOCKING_INVOKE_METHOD(this, "loadBookmark", Q_ARG(QString, bookmarkName)); BLOCKING_INVOKE_METHOD(this, "loadBookmark", Q_ARG(QString, bookmarkName));
return; return;
@ -268,6 +301,15 @@ void AvatarBookmarks::readFromFile() {
} }
QVariantMap AvatarBookmarks::getBookmark(const QString &bookmarkName) QVariantMap AvatarBookmarks::getBookmark(const QString &bookmarkName)
{
if (ScriptPermissions::isCurrentScriptAllowed(ScriptPermissions::Permission::SCRIPT_PERMISSION_GET_AVATAR_URL)) {
return getBookmarkInternal(bookmarkName);
} else {
return {};
}
}
QVariantMap AvatarBookmarks::getBookmarkInternal(const QString &bookmarkName)
{ {
if (QThread::currentThread() != thread()) { if (QThread::currentThread() != thread()) {
QVariantMap result; QVariantMap result;

7
interface/src/AvatarBookmarks.h
View file

@ -100,7 +100,7 @@ public slots:
* print("- " + key + " " + bookmarks[key].avatarUrl); * print("- " + key + " " + bookmarks[key].avatarUrl);
* }; * };
*/ */
QVariantMap getBookmarks() { return _bookmarks; } QVariantMap getBookmarks();
signals: signals:
/*@jsdoc /*@jsdoc
@ -147,6 +147,11 @@ protected slots:
void deleteBookmark() override; void deleteBookmark() override;
private: private:
QVariantMap getBookmarkInternal(const QString &bookmarkName);
void addBookmarkInternal(const QString& bookmarkName);
void saveBookmarkInternal(const QString& bookmarkName);
void loadBookmarkInternal(const QString& bookmarkName);
void removeBookmarkInternal(const QString& bookmarkName);
const QString AVATARBOOKMARKS_FILENAME = "avatarbookmarks.json"; const QString AVATARBOOKMARKS_FILENAME = "avatarbookmarks.json";
const QString ENTRY_AVATAR_URL = "avatarUrl"; const QString ENTRY_AVATAR_URL = "avatarUrl";
const QString ENTRY_AVATAR_ICON = "avatarIcon"; const QString ENTRY_AVATAR_ICON = "avatarIcon";

10
libraries/script-engine/src/ScriptPermissions.cpp
View file

@ -46,8 +46,12 @@ bool ScriptPermissions::isCurrentScriptAllowed(ScriptPermissions::Permission per
// Get the script manager: // Get the script manager:
auto engine = Scriptable::engine(); auto engine = Scriptable::engine();
if (!engine) { if (!engine) {
qDebug() << "ScriptPermissions::isCurrentScriptAllowed called outside script engine for permission: " << scriptPermissionNames[permissionIndex]; // When this happens it means that function was called from QML or C++ and should always be allowed
return false; if (PERMISSIONS_DEBUG_ENABLED) {
qDebug() << "ScriptPermissions::isCurrentScriptAllowed called outside script engine for permission: "
<< scriptPermissionNames[permissionIndex];
}
return true;
} }
auto manager = engine->manager(); auto manager = engine->manager();
if (!manager) { if (!manager) {
@ -76,7 +80,7 @@ bool ScriptPermissions::isCurrentScriptAllowed(ScriptPermissions::Permission per
} }
// Check if the script is allowed: // Check if the script is allowed:
QList<QString> safeURLPrefixes = { "file:///", "qrc:/", NetworkingConstants::OVERTE_COMMUNITY_APPLICATIONS, QList<QString> safeURLPrefixes = { "file:///", "qrc:/", NetworkingConstants::OVERTE_COMMUNITY_APPLICATIONS,
NetworkingConstants::OVERTE_TUTORIAL_SCRIPTS/*, "about:console"*/}; NetworkingConstants::OVERTE_TUTORIAL_SCRIPTS, "about:console"};
Setting::Handle<QString> allowedURLsSetting(scriptPermissionSettingKeyNames[permissionIndex]); Setting::Handle<QString> allowedURLsSetting(scriptPermissionSettingKeyNames[permissionIndex]);
QList<QString> allowedURLs = allowedURLsSetting.get().split("\n"); QList<QString> allowedURLs = allowedURLsSetting.get().split("\n");