sfx2/source/doc/docmacromode.cxx | 7 +++++++ 1 file changed, 7 insertions(+)
New commits: commit 505f97b5b23954d689d55640977da6ec1af523b9 Author: Mike Kaganski <mike.kagan...@collabora.com> AuthorDate: Tue Nov 7 13:38:33 2023 +0300 Commit: Mike Kaganski <mike.kagan...@collabora.com> CommitDate: Tue Nov 7 17:38:33 2023 +0100 Add a description comment Basically describing commit 71c6f438cecc3ce5e8060efe1df840652885701c (tdf#129311 don't allow temporary trusted certs, 2019-12-17). Change-Id: I4d947014b09412638560e9249f242cf6ff222cc2 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/159069 Tested-by: Jenkins Reviewed-by: Mike Kaganski <mike.kagan...@collabora.com> diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx index ec56e3f529e7..637f137866ba 100644 --- a/sfx2/source/doc/docmacromode.cxx +++ b/sfx2/source/doc/docmacromode.cxx @@ -189,6 +189,13 @@ namespace sfx2 // check whether the document is signed with trusted certificate if ( nMacroExecutionMode != MacroExecMode::FROM_LIST ) { + // At this point, the possible values of nMacroExecutionMode are: ALWAYS_EXECUTE, + // FROM_LIST_AND_SIGNED_WARN (the default), FROM_LIST_AND_SIGNED_NO_WARN. + // ALWAYS_EXECUTE corresponds to the Medium security level; it should ask for + // confirmation when macros are unsigned or untrusted. FROM_LIST_AND_SIGNED_NO_WARN + // should not ask any confirmations. FROM_LIST_AND_SIGNED_WARN should only allow + // trusted signed macros at this point; so it may only ask for confirmation to add + // certificates to trusted, and shouldn't show UI when trusted list is read-only. // the trusted macro check will also retrieve the signature state ( small optimization ) const bool bAllowUI = nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN && (nMacroExecutionMode == MacroExecMode::ALWAYS_EXECUTE