Main window entry details improvements #477
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
QtPass::connectPassSignalHandlers() will be called twice, the first time for the real pass and the second time for a pass imitator. This means that we can't connect MainWindow::passShowHandlerFinished signal in this function or it will be connected (and so then invoked) twice. Connect it in the QtPass::connectPassSignalHandlers() single caller instead.
Commit 3cb140c ("Trying to use QtPass as process handler and connector for Pass") removed a DisplayInTextBrowser() call from MainWindow::passShowHandler() and added a similar QtPass::showInTextBrowser() function that is invoked by QtPass::passShowHandlerFinished() slot. This slot is in turn connected to MainWindow::passShowHandlerFinished signal which wasn't emitted anywhere in the code. Emit it where the old DisplayInTextBrowser() call was so password entry non-template details are actually displayed upon selecting it in the main QtPass window.
…window Knowing the TOTP secret for a password entry allows somebody to recreate the whole OTP sequence so it definitely shouldn't be displayed in the clear. In fact, it shouldn't be displayed at all in the main window since the proper way to utilize a TOTP entry is to click the "OTP" button to generate a new OTP (rather than to copy the secret to the clipboard like it was a password). The password edit dialog isn't affected by this change and will still show the whole entry, including its TOTP secret if present.
Codecov Report
@@ Coverage Diff @@
## master #477 +/- ##
=========================================
+ Coverage 7.3% 7.46% +0.16%
=========================================
Files 44 44
Lines 2806 2812 +6
=========================================
+ Hits 205 210 +5
- Misses 2601 2602 +1
Continue to review full report at Codecov.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains two main window entry details improvements:
Make password entry non-template details actually display upon selecting the entry in the main
QtPass window (fixes a regression introduced by commit 3cb140c),
Don't show a TOTP secret when selecting a password entry since it isn't a proper way to utilize a
OTP and also it isn't safe.
Also included here is a commit that removes an unused signal and an unused function from
MainWindow class.