Ubuntu
ubuntu-system-settings package

Lock Security - Passcode and Passphrase input field: selectall/cut/copy entry should not be available

Bug #1438976 reported by Wenfang Si
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
ubuntu-system-settings (Ubuntu)
In Progress
High
Unassigned
ubuntu-ui-toolkit (Ubuntu)
Fix Released
High
Cris Dywan
Vivid
New
Undecided
Unassigned

Bug Description

r155, vivid-proposed channel

Steps:
1) Enter "Security & Privacy -> Phone locking -> Lock security"
2) Select "4-digit passcode" or "Passphrase"
3) In the "Choose/Confirm passcode/passfhrase" fileds, input several charactors, and hold down on field

Result:
selectall/cut/copy are seen

Expected:
These edit operations should not be available

Related branches

lp:~ubuntu-sdk-team/ubuntu-ui-toolkit/noCopyPass
PS Jenkins bot: Approve (continuous-integration)
Zsombor Egri: Approve
Diff: 504 lines (+406/-13)
4 files modified
modules/Ubuntu/Components/1.2/TextInputPopover.qml (+7/-6)
modules/Ubuntu/Components/1.3/TextInputPopover.qml (+7/-6)
tests/unit_x11/tst_components/tst_textinput_common.qml (+43/-1)
tests/unit_x11/tst_components/tst_textinput_common13.qml (+349/-0)
lp:ubuntu/wily-proposed/ubuntu-ui-toolkit
lp:~ken-vandine/ubuntu-system-settings/1_3_deprecations
Jonas G. Drange (community): Approve
PS Jenkins bot: Needs Fixing (continuous-integration)
Diff: 2139 lines (+346/-348)
123 files modified
debian/control (+1/-1)
plugins/about/DevMode.qml (+3/-3)
plugins/about/EntryComponent.qml (+3/-3)
plugins/about/License.qml (+3/-3)
plugins/about/PageComponent.qml (+3/-3)
plugins/about/SingleValueStacked.qml (+3/-3)
plugins/about/Software.qml (+3/-3)
plugins/about/Storage.qml (+3/-3)
plugins/about/StorageBar.qml (+4/-4)
plugins/about/StorageItem.qml (+3/-3)
plugins/about/Version.qml (+3/-3)
plugins/background/Components/AddRemove.qml (+2/-2)
plugins/background/Components/HighlightedOverlay.qml (+2/-2)
plugins/background/Components/ListItemsHeader.qml (+3/-3)
plugins/background/Components/OverlayImage.qml (+2/-2)
plugins/background/Components/SelectedOverlay.qml (+1/-1)
plugins/background/MainPage.qml (+4/-4)
plugins/background/Preview.qml (+3/-4)
plugins/background/WallpaperGrid.qml (+4/-4)
plugins/battery/PageComponent.qml (+3/-3)
plugins/battery/SleepValues.qml (+3/-3)
plugins/bluetooth/ConfirmPasskeyDialog.qml (+3/-3)
plugins/bluetooth/DevicePage.qml (+3/-3)
plugins/bluetooth/DisplayPasskeyDialog.qml (+3/-3)
plugins/bluetooth/PageComponent.qml (+4/-4)
plugins/bluetooth/ProvidePasskeyDialog.qml (+3/-3)
plugins/bluetooth/ProvidePinCodeDialog.qml (+3/-3)
plugins/brightness/PageComponent.qml (+3/-3)
plugins/cellular/Components/DataMultiSim.qml (+3/-3)
plugins/cellular/Components/DefaultSim.qml (+3/-3)
plugins/cellular/Components/KeyboardRectangle.qml (+1/-1)
plugins/cellular/Components/LabelTextField.qml (+3/-3)
plugins/cellular/Components/MultiSim.qml (+3/-3)
plugins/cellular/Components/NoSim.qml (+2/-2)
plugins/cellular/Components/RadioSingleSim.qml (+3/-3)
plugins/cellular/Components/Sim.qml (+1/-1)
plugins/cellular/Components/SimEditor.qml (+3/-3)
plugins/cellular/Components/SingleSim.qml (+3/-3)
plugins/cellular/Components/StandardAnimation.qml (+1/-1)
plugins/cellular/PageApnEditor.qml (+4/-4)
plugins/cellular/PageCarrierAndApn.qml (+3/-3)
plugins/cellular/PageCarriersAndApns.qml (+3/-3)
plugins/cellular/PageChooseApn.qml (+4/-4)
plugins/cellular/PageChooseCarrier.qml (+3/-3)
plugins/cellular/PageComponent.qml (+3/-3)
plugins/example/PageComponent.qml (+2/-2)
plugins/flight-mode/EntryComponent.qml (+3/-3)
plugins/hotspot/Common.qml (+1/-1)
plugins/hotspot/HotspotSetup.qml (+4/-4)
plugins/hotspot/PageComponent.qml (+4/-4)
plugins/language/DisplayLanguage.qml (+4/-4)
plugins/language/KeyboardLayoutItem.qml (+3/-3)
plugins/language/KeyboardLayouts.qml (+1/-1)
plugins/language/PageComponent.qml (+4/-4)
plugins/language/RebootNecessary.qml (+3/-3)
plugins/language/SpellChecking.qml (+3/-3)
plugins/language/SubsetView.qml (+3/-3)
plugins/notifications/PageComponent.qml (+3/-3)
plugins/orientation-lock/EntryComponent.qml (+3/-3)
plugins/phone/CallForwardItem.qml (+3/-3)
plugins/phone/CallForwarding.qml (+4/-4)
plugins/phone/CallWaiting.qml (+3/-3)
plugins/phone/KeyboardRectangle.qml (+1/-1)
plugins/phone/MultiSim.qml (+3/-3)
plugins/phone/NoSims.qml (+3/-3)
plugins/phone/Ofono.qml (+1/-1)
plugins/phone/PageComponent.qml (+3/-3)
plugins/phone/ServiceInfo.qml (+3/-3)
plugins/phone/Services.qml (+3/-3)
plugins/phone/SingleSim.qml (+3/-3)
plugins/phone/VCardParser.qml (+1/-1)
plugins/reset/EntryComponent.qml (+3/-3)
plugins/reset/EraseEverything.qml (+3/-3)
plugins/reset/PageComponent.qml (+4/-4)
plugins/reset/ResetAllSettings.qml (+3/-3)
plugins/reset/ResetLauncherHome.qml (+3/-3)
plugins/security-privacy/AppAccess.qml (+3/-3)
plugins/security-privacy/AppAccessControl.qml (+3/-3)
plugins/security-privacy/Location.qml (+3/-3)
plugins/security-privacy/LockSecurity.qml (+4/-4)
plugins/security-privacy/Ofono.qml (+1/-1)
plugins/security-privacy/PageComponent.qml (+3/-3)
plugins/security-privacy/PhoneLocking.qml (+3/-3)
plugins/security-privacy/SimPin.qml (+4/-4)
plugins/security-privacy/diagnostics/DiagnosticsCheckEntry.qml (+3/-3)
plugins/security-privacy/diagnostics/PageComponent.qml (+3/-3)
plugins/security-privacy/here-terms.qml (+2/-2)
plugins/sound/PageComponent.qml (+3/-3)
plugins/sound/SoundsList.qml (+3/-3)
plugins/system-update/Configuration.qml (+3/-3)
plugins/system-update/EntryComponent.qml (+3/-3)
plugins/system-update/PageComponent.qml (+4/-4)
plugins/time-date/ChooseTimeZone.qml (+3/-3)
plugins/time-date/PageComponent.qml (+4/-4)
plugins/time-date/Scroller.qml (+3/-3)
plugins/time-date/TimePicker.qml (+4/-4)
plugins/wifi/AccessPoint.qml (+3/-3)
plugins/wifi/BaseMenuItem.qml (+2/-2)
plugins/wifi/CertDialog.qml (+4/-4)
plugins/wifi/CertPicker.qml (+3/-3)
plugins/wifi/Common.qml (+1/-1)
plugins/wifi/DivMenuItem.qml (+2/-2)
plugins/wifi/FramedMenuItem.qml (+3/-3)
plugins/wifi/HLine.qml (+2/-2)
plugins/wifi/IndicatorBase.qml (+2/-2)
plugins/wifi/MenuItemFactory.qml (+1/-1)
plugins/wifi/NetworkDetails.qml (+3/-3)
plugins/wifi/NetworkDetailsBrief.qml (+3/-3)
plugins/wifi/OtherNetwork.qml (+4/-4)
plugins/wifi/PageComponent.qml (+4/-4)
plugins/wifi/PreviousNetworks.qml (+3/-3)
plugins/wifi/RemoveBackground.qml (+2/-2)
plugins/wifi/SectionMenuItem.qml (+3/-3)
plugins/wifi/StandardMenuItem.qml (+2/-2)
plugins/wifi/SwitchMenuItem.qml (+2/-2)
src/SystemSettings/ItemPage.qml (+2/-2)
src/SystemSettings/SettingsItemTitle.qml (+3/-3)
src/qml/CategoryGrid.qml (+3/-3)
src/qml/EntryComponent.qml (+3/-3)
src/qml/MainWindow.qml (+3/-4)
src/qml/UncategorizedItemsView.qml (+3/-3)
tests/autopilot/ubuntu_system_settings/__init__.py (+2/-2)
tests/test-plugin.cpp (+1/-1)
Revision history for this message
Sebastien Bacher (seb128) wrote :

Thank you for your bug report, I had a look but I'm unsure the sdk provides a way to do that at the moment...

Changed in ubuntu-system-settings (Ubuntu):
importance: Undecided → High
status: New → Confirmed
Revision history for this message
Cris Dywan (kalikiana) wrote :

We have bug 1424588 to implement a context menu API. I'd prefer to expose an API rather than simply the internal TextInputPopover we have, and that would allow fixing this bug by easily hiding certain actions (or adding new ones even).

Cris Dywan (kalikiana)
Changed in ubuntu-ui-toolkit (Ubuntu):
assignee: nobody → Christian Dywan (kalikiana)
status: New → Confirmed
importance: Undecided → High
Revision history for this message
Zsombor Egri (zsombi) wrote :

ATM we don't have any possibilities to drive this from outside. We need an API which can tell what clipboard operations are allowed and which don't.

Revision history for this message
Pat McGowan (pat-mcgowan) wrote :

I assume we can override the select/copy/paste methods at least in this case

Revision history for this message
Cris Dywan (kalikiana) wrote :

If by override you mean replace it with a custom popover, yes that is possible if you want to go for a hotfix. Depends on how urgent this is.

Revision history for this message
Matthew Paul Thomas (mpt) wrote :

Is there *ever* a case where a password should be hidden by default but should still be copyable? If not, this is purely a toolkit bug, not a System Settings bug.

Revision history for this message
Cris Dywan (kalikiana) wrote :

Virtual wallets such as LastPass and SeaHorse rely on being able to make passwords visible so you can copy them. Many apps these days have a "show password" button in or next to text input fields.
Although arguably this can be implemented by unsetting the password mode. Or a "show password" button could be part of TextField - which personally I'd find very useful.

Cris Dywan (kalikiana)
Changed in ubuntu-ui-toolkit (Ubuntu):
status: Confirmed → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ubuntu-ui-toolkit - 1.3.1517+15.10.20150523-0ubuntu1

---------------
ubuntu-ui-toolkit (1.3.1517+15.10.20150523-0ubuntu1) wily; urgency=medium

  [ Christian Dywan ]
  * Expose textDocument of TextField. Fixes LP: #1392276
  * Unset GRID_UNIT_PX before checking default value. Fixes LP: #1457421
  * No cutting and copying of passwords. Fixes LP: #1438976
  * Implement new API tool based on qmlplugindump producing JSON.
    Fixes LP: #1187010

  [ Leo Arias ]
  * Make explicit the dependency on upstart for the autopilot helpers.

  [ Timo Jyrinki ]
  * uitk_test_plan.sh: Switch to vivid-overlay & wily instead of rtm-14.09 &
    vivid. Fixes LP: #1457015.

 -- CI Train Bot <email address hidden> Sat, 23 May 2015 17:24:43 +0000

Changed in ubuntu-ui-toolkit (Ubuntu):
status: In Progress → Fix Released
Bartosz Kosiorek (gang65)
Changed in ubuntu-system-settings (Ubuntu):
status: Confirmed → In Progress
Pat McGowan (pat-mcgowan)
Changed in ubuntu-system-settings (Ubuntu):
status: In Progress → Fix Committed
status: Fix Committed → In Progress
Revision history for this message
Matthew Paul Thomas (mpt) wrote :

I’m not sure why this report is still open for System Settings, since it has a merged branch there and r349 shows no Cut/Copy in password fields. But just in case … The original report and (apparently) the toolkit branch disables “Select All”, which is incorrect. There is no reason to disable “Select All” for a password field — you can select the field contents manually anyway — and GTK, Android, and iOS all allow it.

(Purely coincidentally, halfway through writing this comment I had to lock the screen, and returned to find that a stuck key had typed thousands of characters into the password field. Because the field did not let me Select All for deletion, I had to restart the PC.)

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.