ubuntu-system-settings

Merge lp:~mardy/ubuntu-system-settings/other-app-access into lp:ubuntu-system-settings

other-app-access
Merge into trunk

Proposed by Alberto Mardegan on 2014-07-25

Status:	Merged
Approved by:	Ken VanDine on 2014-08-13
Approved revision:	823
Merged at revision:	907
Proposed branch:	lp:~mardy/ubuntu-system-settings/other-app-access
Merge into:	lp:ubuntu-system-settings
Diff against target:	1079 lines (+965/-2) 12 files modified debian/control (+1/-0) plugins/security-privacy/AppAccess.qml (+74/-0) plugins/security-privacy/AppAccessControl.qml (+53/-0) plugins/security-privacy/CMakeLists.txt (+20/-1) plugins/security-privacy/PageComponent.qml (+1/-1) plugins/security-privacy/plugin.cpp (+2/-0) plugins/security-privacy/trust-store-model.cpp (+333/-0) plugins/security-privacy/trust-store-model.h (+74/-0) po/CMakeLists.txt (+1/-0) tests/plugins/CMakeLists.txt (+1/-0) tests/plugins/security-privacy/CMakeLists.txt (+11/-0) tests/plugins/security-privacy/tst_trust_store_model.cpp (+394/-0)
To merge this branch:	bzr merge lp:~mardy/ubuntu-system-settings/other-app-access
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
Ken VanDine			Approve on 2014-08-13
Thomas Voß (community)		2014-07-25	Approve on 2014-08-13
PS Jenkins bot	continuous-integration		Approve on 2014-08-12
Sebastien Bacher (community)		2014-07-25	Needs Information on 2014-07-28
Review via email: mp+228299@code.launchpad.net

Commit message

Implement the "Other App Access" screen

As per https://wiki.ubuntu.com/AccountPrivileges#Phone

Description of the change

Implement the "Other App Access" screen

As per https://wiki.ubuntu.com/AccountPrivileges#Phone

The UI strings needs to be confirmed with design, before landing this.

Testing instructions
====================

At the moment, the CameraService and PulseAudio helper services are not implemented, so the UI will always show "0" applications using them. However, it's possible to test the feature by using a couple of command line utilities from this branch: https://code.launchpad.net/~thomas-voss/trust-store/add-trust-stored/+merge/227685

(replace "x86_64-linux-gnu" with your architecture)

1) Run this on a terminal:
    /usr/lib/x86_64-linux-gnu/trust-stored-stub --remote-agent UnixDomainSocketRemoteAgent --endpoint=/tmp/endpoint.for.testing --for-service CameraService
2) Run this on another terminal:
    /usr/lib/x86_64-linux-gnu/trust-stored-skeleton --local-agent TerminalAgent --remote-agent UnixDomainSocketRemoteAgent --endpoint=/tmp/endpoint.for.testing --for-service CameraService
3) Launch an application which has is registered in "~/.local/share/applications/" (if you are on the desktop and don't have any, copy the .desktop file from the system location), take a note of its pid and on the terminal where you launched the command at step #1 type (replace 1000 with your user id):
    <pid> 1000 0
4) Go to the terminal from step #2, and either accept or deny the request
5) (desktop only) Fire up "sqlitebrowser ~/.local/share/CameraService/trust.db", and change the "undefined" string to the application ID of your app. Remember to save the changes!

Repeat steps 3-5 as many times as you want (with different apps).

6) Start system-settings, go to "Security & Privacy" -> "Other App Access"; play with the UI, and verify that it behaves as expected. From time to time, close it and re-open it, and make sure that it preserves the last state.

Revision history for this message

PS Jenkins bot (ps-jenkins) wrote on 2014-07-25:

Click here to trigger a rebuild:
http://s-jenkins.ubuntu-ci:8080/job/ubuntu-system-settings-ci/1065/rebuild

review: Approve (continuous-integration)

Revision history for this message

Sebastien Bacher (seb128) wrote on 2014-07-28:

Thanks, should the listmodel values be translated? Or do you plan to do that when used in an U.I (btw are the title/caption used somewhere, they are pushed to the appaccesscontrol page but don't seem used there)

review: Needs Information

Revision history for this message

Alberto Mardegan (mardy) wrote on 2014-07-28:

I'll push one more commit to add translations for those strings (I first wanted to read the designers' feedback, which just came).
As for the properties,
"title" is set to the ItemPage's title
"caption" is set as the captionLabel.text
so it seems that they are all used.

Revision history for this message

Sebastien Bacher (seb128) wrote on 2014-07-28:

Where did you get feedback from the designerS?

> "title" is set to the ItemPage's title

I didn't see it used in the other files, I guess pushing with a title property is enough to make it work by magic, right?

Revision history for this message

Alberto Mardegan (mardy) wrote on 2014-07-28:

> Where did you get feedback from the designerS?

JohnLea on IRC :-)

> > "title" is set to the ItemPage's title
>
> I didn't see it used in the other files, I guess pushing with a title property
> is enough to make it work by magic, right?

Yes, ItemPage has a "title" property, and we are specifying that when calling pageStack.push()

lp:~mardy/ubuntu-system-settings/other-app-access updated on 2014-07-28

819. By Alberto Mardegan on 2014-07-28

Translate all texts

820. By Alberto Mardegan on 2014-07-28

Merge trunk

[ Ken VanDine ]
* [sound] Added volume slider to the sound pane
[ jonas-drange ]
* Cellular panel changes: new carrier design. Carrier selection for
  two sims (individual selection). Using either sim1 or sim2 for
  cellular data. Data technology preference selection refactor to work
  for dual sim scenario as well.
[ Ken VanDine ]
* [phone] Call forwarding implementation
[ CI bot ]
* Resync trunk
[ Oliver Grawert ]
* Add DeveloperMode page to "About this device" (see: .
  https://wiki.ubuntu.com/AboutThisDevice#developer-mode) Enable
  toggling of the adb usb gadget driver in DeveloperMode page through
  the dbus-property-service interface. Add shortcut from DeveloperMode
  page to Lock screen settings (since the final dev mode will require
  that you can lock before enabling it). Depend on suru-icon-theme
  since we are using the security alert icon on the Developer Mode
  page. Depend on dbus-property-service on the arches where it is
  available since we use it in Developer Mode .
[ jonas-drange ]
* Hi, this branch seeks to address most of the design changes to the
  Background panel in System Settings (post Malta) The current spec
  and designs are here:
  https://wiki.ubuntu.com/Appearance#Phone.2BAC8-tablet Related bugs:
  https://bugs.launchpad.net/ubuntu/+source/ubuntu-system-
  settings/+bug/1297418 https://bugs.launchpad.net/ubuntu-autopilot-
  tests/+bug/1322074 Changes: Removed all functionality and code
  related to changing scope background. Added autopilot tests. New
  header design that collapses/expands. Not part of this branch:
  Scaling in preview has not been implemented. It should have its own
  branch. After rotating the phone in system settings, the default
  background will appear to have been deselected. This is because the
  current background is now the default tablet background. Confirmed
  on mako. Will file bug. Thank you. (LP: #1322074)
[ Iain Lane ]
* Add 1 gu of spacing between rows in the main screen's grid
[ Pawel Stolowski ]
* Added X-Ubuntu-Default-Department-ID key to the desktop file. This
  is required by click scope to support departments for preinstalled
  applications.
[ Ubuntu daily release ]
* debian/ubuntu-system-settings.maintscript: auto-update to released
  version
[ Iain Lane ]
* Remove leftover /etc/apparmor.d/usr.bin.system-settings conffile.
* Use the last updated date returned by 'Info' on system-image's D-Bus
  interface instead of reading a file on the fs, which is an
  implementation detail.
* Clean up AP tests to try to fix test failures. Run ofono and system-
  image tests on the about page under mocks.

Revision history for this message

Alberto Mardegan (mardy) wrote on 2014-07-28:

I marked the strings as translatable.

Revision history for this message

PS Jenkins bot (ps-jenkins) wrote on 2014-07-28:

Click here to trigger a rebuild:
http://s-jenkins.ubuntu-ci:8080/job/ubuntu-system-settings-ci/1074/rebuild

review: Approve (continuous-integration)

Revision history for this message

Ken VanDine (ken-vandine) wrote on 2014-08-04:

I suspect the author line in the new QML files should be mardy instead of seb128.

Would there be any value in providing (in the future) TrustStoreModel bindings separately, or is use outside of system-settings unlikely?

review: Needs Information

lp:~mardy/ubuntu-system-settings/other-app-access updated on 2014-08-05

821. By Alberto Mardegan on 2014-08-05: Fix author line

Revision history for this message

Alberto Mardegan (mardy) wrote on 2014-08-05:

I fixed the author lines.

As for providing the TrustStoreModel bindings separately, I don't think it will be needed, since I'd thing that most trusted helpers would use the C++ bindings. But anyway this is something that can be changed later, should the need arise.

Revision history for this message

PS Jenkins bot (ps-jenkins) wrote on 2014-08-05:

FAILED: Continuous integration, rev:821
http://jenkins.qa.ubuntu.com/job/ubuntu-system-settings-ci/1143/
Executed test runs:
    FAILURE: http://jenkins.qa.ubuntu.com/job/generic-deb-autopilot-utopic-touch/3021/console
    FAILURE: http://jenkins.qa.ubuntu.com/job/generic-mediumtests-utopic/2397/console
    FAILURE: http://jenkins.qa.ubuntu.com/job/ubuntu-system-settings-utopic-amd64-ci/335/console
    FAILURE: http://jenkins.qa.ubuntu.com/job/ubuntu-system-settings-utopic-armhf-ci/335/console
    FAILURE: http://jenkins.qa.ubuntu.com/job/ubuntu-system-settings-utopic-i386-ci/335/console
    FAILURE: http://jenkins.qa.ubuntu.com/job/generic-mediumtests-builder-utopic-armhf/4264/console
    FAILURE: http://jenkins.qa.ubuntu.com/job/generic-mediumtests-builder-utopic-amd64/2664/console

Click here to trigger a rebuild:
http://s-jenkins.ubuntu-ci:8080/job/ubuntu-system-settings-ci/1143/rebuild

review: Needs Fixing (continuous-integration)

Revision history for this message

Thomas Voß (thomas-voss) wrote on 2014-08-05:

I'm not sure about the general system settings policy, but build-time tests for the model are missing. Having standalone tests in place that we can use to exercise the model should help a lot in tracking down errors.

review: Needs Fixing

lp:~mardy/ubuntu-system-settings/other-app-access updated on 2014-08-11

822. By Alberto Mardegan on 2014-08-11

Added unit tests

823. By Alberto Mardegan on 2014-08-11

merge from trunk

[ Michael Terry ]
* Only turn the wizard off if the user actively presses the Finished
  button. That is, don't disable the wizard if we crash or the user
  turns off the phone while still in the wizard. (LP: #1348577)
* Avoid making a method call that can return undefined results,
  potentially causing password or language setting to not work
  correctly.
[ jonas-drange ]
* [reset] bring back reset and hook it up to the backend. Added happy
  path tests.
[ CI bot ]
* Resync trunk
[ Oliver Grawert ]
* Tie activity of the developer mode toggle to the selected password
  type (only make the toggle switch active if the password type is not
  set to "swipe")
[ Michael Terry ]
* Stop the wizard from crashing on exit by not redefining a property
  that blew up when the wifi list was emptied. (LP: #1335298)
[ John R. Lenton ]
* Fix the depends to be on the right gsettings schema version.
[ Ken VanDine ]
* handle qtdeclarative5-ubuntu-content1 package rename
[ John R. Lenton ]
* This makes the category grid a little bit looser. (LP: #1352866)
[ Iain Lane ]
* Add a 'reset' API so that plugins can reset their settings to
  default. They can do this in one of two ways: by providing a
  function 'bool reset()' in their 'plugin' which returns true or by
  providing a top-level javascript function 'reset' in their page
  component.
[ Diego Sarmentero ]
* Add a plugin for enabling/disabling push notification per-app.
[ Roberto Alsina ]
* Add a plugin for enabling/disabling push notification per-app.
[ Mathieu Trudel-Lapierre ]
* Bluetooth UI redesign:
  - Redesign the UI to follow the specification.
  - Create devices only when attempting to connect.
  - Bugfixes for displaying icons for devices.
  - Show new icons for common device types.
  - Support more device types.
  - Show Trusted (known) devices in a separate list from the devices detected
    by Discovery.
  - Allow for a way to forget (unpair) a known device. (LP: #1336197)
  - Follow the state of the Bluetooth adapter for whether Bluetooth
    is enabled. (LP: #1272317)
  - Miscellaneous bug fixes.
* debian/control: add Build-Depends on libqtdbusmock1-dev and
  libqtdbustest1-dev for Bluetooth testing.
[ Ken VanDine ]
* [sound] exposed silentMode and vibrate settings
* Set anchorToKeyboard in the MainView, to fix issues found on screens
  with multiple input fields. Most noticeable is in the apneditor
  branch that is still being worked on.
[ CI bot ]
* Resync trunk
[ Ubuntu daily release ]
* New rebuild forced
[ Michael Terry ]
* Make the buttons in the password change dialog conform to the color
  scheme preferred by design (green for accept buttons, grey for
  neutral buttons).
[ jonas-drange ]
* [cellular] add sim name editor for dual sim scenario
[ CI bot ]
* Resync trunk
[ Iain Lane ]
* Move the arch-restricted Depends on qtmir to the wizard binary
  package which uses it, and lower it to Recommends since there's a
  non-mir path too.
[ Adolfo Jayme Barrientos ]
* Fix typo in user-facing strings: user → use (LP: #1349855)
[ Michael Terry ]
* Stop storing user's password in plaintext. Instead, store it in PAM
  the same way the Desktop images do. Also, expose the UI to set it.
  (LP: #1234983)
[ Gerry Boland ]
* Use QtMir instead of the older Unity-Mir Need for Qt Compositor.
[ Iain Lane ]
* Update pot
[ Michał Sawicz ]
* Use QtMir instead of the older Unity-Mir Need for Qt Compositor.
[ Robert Bruce Park ]
* Add a build-dep on qtmir to avoid building on inappropriate arches.
[ Ubuntu daily release ]
* New rebuild forced

Revision history for this message

PS Jenkins bot (ps-jenkins) wrote on 2014-08-11:

FAILED: Continuous integration, rev:822
http://jenkins.qa.ubuntu.com/job/ubuntu-system-settings-ci/1186/
Executed test runs:
    FAILURE: http://jenkins.qa.ubuntu.com/job/generic-deb-autopilot-utopic-touch/3297/console
    FAILURE: http://jenkins.qa.ubuntu.com/job/generic-mediumtests-utopic/2581/console
    FAILURE: http://jenkins.qa.ubuntu.com/job/ubuntu-system-settings-utopic-amd64-ci/379/console
    FAILURE: http://jenkins.qa.ubuntu.com/job/ubuntu-system-settings-utopic-armhf-ci/377/console
    FAILURE: http://jenkins.qa.ubuntu.com/job/ubuntu-system-settings-utopic-i386-ci/378/console
    FAILURE: http://jenkins.qa.ubuntu.com/job/generic-mediumtests-builder-utopic-armhf/4542/console
    FAILURE: http://jenkins.qa.ubuntu.com/job/generic-mediumtests-builder-utopic-amd64/2855/console

Click here to trigger a rebuild:
http://s-jenkins.ubuntu-ci:8080/job/ubuntu-system-settings-ci/1186/rebuild

review: Needs Fixing (continuous-integration)

Revision history for this message

PS Jenkins bot (ps-jenkins) wrote on 2014-08-11:

Click here to trigger a rebuild:
http://s-jenkins.ubuntu-ci:8080/job/ubuntu-system-settings-ci/1189/rebuild

review: Needs Fixing (continuous-integration)

Revision history for this message

Alberto Mardegan (mardy) wrote on 2014-08-12:

The build times out but otherwise is successful:
https://jenkins.qa.ubuntu.com/job/ubuntu-system-settings-utopic-amd64-ci/382/console

Revision history for this message

PS Jenkins bot (ps-jenkins) wrote on 2014-08-12:

Click here to trigger a rebuild:
http://s-jenkins.ubuntu-ci:8080/job/ubuntu-system-settings-ci/1214/rebuild

review: Approve (continuous-integration)

Revision history for this message

PS Jenkins bot (ps-jenkins) wrote on 2014-08-12:

Click here to trigger a rebuild:
http://s-jenkins.ubuntu-ci:8080/job/ubuntu-system-settings-ci/1215/rebuild

review: Approve (continuous-integration)

Revision history for this message

Thomas Voß (thomas-voss) wrote on 2014-08-13:

LGTM.

review: Approve

Revision history for this message

Ken VanDine (ken-vandine) wrote on 2014-08-13:

Thanks, looks good.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Alberto Mardegan

Ubuntu Touch System Settings

 === modified file 'debian/control'
 --- debian/control	2014-08-06 05:57:42 +0000
 +++ debian/control	2014-08-11 11:06:25 +0000
@@ -17,6 +17,7 @@
                 libpolkit-agent-1-dev,
                 libqmenumodel-dev,
                 libtimezonemap1-dev (>= 0.4.1),
++               libtrust-store-dev,
                 libunity-api-dev,
                 libupower-glib-dev,
                 pkg-config,
 === added file 'plugins/security-privacy/AppAccess.qml'
 --- plugins/security-privacy/AppAccess.qml	1970-01-01 00:00:00 +0000
 +++ plugins/security-privacy/AppAccess.qml	2014-08-11 11:06:25 +0000
@@ -0,0 +1,74 @@
++/*
++ * Copyright (C) 2013 Canonical Ltd
++ *
++ * This program is free software: you can redistribute it and/or modify
++ * it under the terms of the GNU General Public License version 3 as
++ * published by the Free Software Foundation.
++ *
++ * This program is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++ * GNU General Public License for more details.
++ *
++ * You should have received a copy of the GNU General Public License
++ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
++ *
++ * Authors:
++ * Alberto Mardegan <alberto.mardegan@canonical.com>
++ */
++
++import QtQuick 2.0
++import Ubuntu.Components 0.1
++import Ubuntu.Components.ListItems 0.1 as ListItem
++import Ubuntu.SystemSettings.SecurityPrivacy 1.0
++import SystemSettings 1.0
++
++ItemPage {
++    id: root
++    title: i18n.tr("Other app access")
++
++    Column {
++        anchors.left: parent.left
++        anchors.right: parent.right
++
++        ListItem.Caption {
++            text: i18n.tr("Apps that you have granted and have requested access to:")
++        }
++
++        ListModel {
++            id: appsModel
++            ListElement {
++                name: QT_TR_NOOP("Camera")
++                caption: QT_TR_NOOP("Apps that have requested access to your camera")
++                trustStoreService: "CameraService"
++            }
++            ListElement {
++                name: QT_TR_NOOP("Mic")
++                caption: QT_TR_NOOP("Apps that have requested access to your mic")
++                trustStoreService: "PulseAudio"
++            }
++        }
++
++        Repeater {
++            model: appsModel
++
++            ListItem.SingleValue {
++                text: model.name
++                enabled: trustStoreModel.count > 0
++                value: trustStoreModel.count > 0 ?
++                    i18n.tr("%1/%2").arg(trustStoreModel.grantedCount).arg(trustStoreModel.count) :
++                    i18n.tr("0")
++                onClicked: pageStack.push(Qt.resolvedUrl("AppAccessControl.qml"), {
++                    "title": i18n.tr(model.name),
++                    "caption": i18n.tr(model.caption),
++                    "model": trustStoreModel,
++                })
++
++                TrustStoreModel {
++                    id: trustStoreModel
++                    serviceName: model.trustStoreService
++                }
++            }
++        }
++    }
++}
 === added file 'plugins/security-privacy/AppAccessControl.qml'
 --- plugins/security-privacy/AppAccessControl.qml	1970-01-01 00:00:00 +0000
 +++ plugins/security-privacy/AppAccessControl.qml	2014-08-11 11:06:25 +0000
@@ -0,0 +1,53 @@
++/*
++ * Copyright (C) 2013 Canonical Ltd
++ *
++ * This program is free software: you can redistribute it and/or modify
++ * it under the terms of the GNU General Public License version 3 as
++ * published by the Free Software Foundation.
++ *
++ * This program is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++ * GNU General Public License for more details.
++ *
++ * You should have received a copy of the GNU General Public License
++ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
++ *
++ * Authors:
++ * Alberto Mardegan <alberto.mardegan@canonical.com>
++ */
++
++import QtQuick 2.0
++import Ubuntu.Components 0.1
++import Ubuntu.Components.ListItems 0.1 as ListItem
++import SystemSettings 1.0
++
++ItemPage {
++    id: root
++
++    property alias model: repeater.model
++    property alias caption: captionLabel.text
++
++    Column {
++        anchors.left: parent.left
++        anchors.right: parent.right
++
++        ListItem.Caption {
++            id: captionLabel
++        }
++
++        Repeater {
++            id: repeater
++
++            ListItem.Standard {
++                text: model.applicationName
++                iconSource: "image://theme/" + model.iconName
++                control: Switch {
++                    id: welcomeStatsSwitch
++                    checked: model.granted
++                    onClicked: root.model.setEnabled(index, !model.granted)
++                }
++            }
++        }
++    }
++}
 === modified file 'plugins/security-privacy/CMakeLists.txt'
 --- plugins/security-privacy/CMakeLists.txt	2014-07-13 23:57:50 +0000
 +++ plugins/security-privacy/CMakeLists.txt	2014-08-11 11:06:25 +0000
@@ -17,6 +17,8 @@
  add_definitions(-DHELPER_EXEC="${PLUG_DIR}/UbuntuSecurityPrivacyHelper" -DQT_NO_KEYWORDS)
  set(QML_SOURCES
++    AppAccess.qml
++    AppAccessControl.qml
      Dash.qml
      Location.qml
      LockSecurity.qml
@@ -26,13 +28,30 @@
  set(PANEL_SOURCES
      plugin.cpp
++    plugin.h
      securityprivacy.cpp
++    securityprivacy.h
++    trust-store-model.cpp
++    trust-store-model.h
++    ${QML_SOURCES}
+ )
  add_library(UbuntuSecurityPrivacyPanel MODULE ${PANEL_SOURCES} ${QML_SOURCES})
  qt5_use_modules(UbuntuSecurityPrivacyPanel Qml Quick DBus)
--target_link_libraries (UbuntuSecurityPrivacyPanel uss-accountsservice ${ACCOUNTSSERVICE_LDFLAGS})
++pkg_check_modules(TRUST_STORE REQUIRED trust-store)
++
++include_directories(
++    ${CMAKE_CURRENT_BINARY_DIR}
++    ${TRUST_STORE_INCLUDE_DIRS}
++)
++
++set(PLUG_DIR ${PLUGIN_PRIVATE_MODULE_DIR}/Ubuntu/SystemSettings/SecurityPrivacy)
++target_link_libraries (UbuntuSecurityPrivacyPanel
++    uss-accountsservice
++    ${ACCOUNTSSERVICE_LDFLAGS}
++    ${TRUST_STORE_LDFLAGS}
++)
  install(TARGETS UbuntuSecurityPrivacyPanel UbuntuSecurityPrivacyHelper DESTINATION ${PLUG_DIR})
  install(FILES qmldir DESTINATION ${PLUG_DIR})
  install(FILES ${QML_SOURCES} DESTINATION ${PLUGIN_QML_DIR}/security-privacy)
 === modified file 'plugins/security-privacy/PageComponent.qml'
 --- plugins/security-privacy/PageComponent.qml	2014-07-13 23:57:50 +0000
 +++ plugins/security-privacy/PageComponent.qml	2014-08-11 11:06:25 +0000
@@ -173,7 +173,7 @@
              ListItem.SingleValue {
                  text: i18n.tr("Other app access")
                  progression: true
--                visible: showAllUI
++                onClicked: pageStack.push(Qt.resolvedUrl("AppAccess.qml"))
+             }
              ListItem.SingleValue {
                  text: i18n.tr("Diagnostics")
 === modified file 'plugins/security-privacy/plugin.cpp'
 --- plugins/security-privacy/plugin.cpp	2013-08-29 14:20:50 +0000
 +++ plugins/security-privacy/plugin.cpp	2014-08-11 11:06:25 +0000
@@ -18,6 +18,7 @@
  #include "plugin.h"
  #include "securityprivacy.h"
++#include "trust-store-model.h"
  #include <QtQml/QtQml>
@@ -25,6 +26,7 @@
+ {
      Q_ASSERT(uri == QLatin1String("Ubuntu.SystemSettings.SecurityPrivacy"));
      qmlRegisterType<SecurityPrivacy>(uri, 1, 0, "UbuntuSecurityPrivacyPanel");
++    qmlRegisterType<TrustStoreModel>(uri, 1, 0, "TrustStoreModel");
+ }
  void BackendPlugin::initializeEngine(QQmlEngine *engine, const char *uri)
 === added file 'plugins/security-privacy/trust-store-model.cpp'
 --- plugins/security-privacy/trust-store-model.cpp	1970-01-01 00:00:00 +0000
 +++ plugins/security-privacy/trust-store-model.cpp	2014-08-11 11:06:25 +0000
@@ -0,0 +1,333 @@
++/*
++ * Copyright (C) 2014 Canonical, Ltd.
++ *
++ * This program is free software; you can redistribute it and/or modify
++ * it under the terms of the GNU General Public License as published by
++ * the Free Software Foundation; version 3.
++ *
++ * This program is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++ * GNU General Public License for more details.
++ *
++ * You should have received a copy of the GNU General Public License
++ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
++ *
++ * Authors: Alberto Mardegan <alberto.mardegan@canonical.com>
++ */
++
++#include "trust-store-model.h"
++
++#include <QDebug>
++#include <QList>
++#include <QMap>
++#include <QSet>
++#include <QSettings>
++#include <QStandardPaths>
++
++#include <core/trust/resolve.h>
++#include <core/trust/store.h>
++
++class Application
++{
++public:
++    Application() {}
++
++    void setId(const QString &id) {
++        this->id = id;
++
++        QString localShare =
++            QStandardPaths::writableLocation(QStandardPaths::GenericDataLocation);
++        QSettings desktopFile(QString("%1/applications/%2.desktop").
++                              arg(localShare).arg(id),
++                              QSettings::IniFormat);
++        desktopFile.beginGroup("Desktop Entry");
++        displayName = desktopFile.value("Name").toString();
++        iconName = desktopFile.value("Icon").toString();
++    }
++
++    void addRequest(const core::trust::Request &request) {
++        if (request.answer == core::trust::Request::Answer::granted) {
++            grantedFeatures.insert(request.feature.value);
++        } else {
++            grantedFeatures.remove(request.feature.value);
++        }
++    }
++
++    bool hasGrants() const { return !grantedFeatures.isEmpty(); }
++
++    QString id;
++    QString displayName;
++    QString iconName;
++    QSet<std::uint64_t> grantedFeatures;
++};
++
++class TrustStoreModelPrivate: public QObject
++{
++    Q_OBJECT
++    Q_DECLARE_PUBLIC(TrustStoreModel)
++
++public:
++    TrustStoreModelPrivate(TrustStoreModel *model);
++    ~TrustStoreModelPrivate();
++
++    void update();
++    void updateRow(int row);
++    void updateGrantedCount();
++
++private:
++    QHash<int, QByteArray> roleNames;
++    bool componentCompleted;
++    QString serviceName;
++    int grantedCount;
++    std::shared_ptr<core::trust::Store> trustStore;
++    QList<Application> applications;
++    mutable TrustStoreModel *q_ptr;
++};
++
++TrustStoreModelPrivate::TrustStoreModelPrivate(TrustStoreModel *model):
++    QObject(model),
++    componentCompleted(false),
++    grantedCount(0),
++    q_ptr(model)
++{
++}
++
++TrustStoreModelPrivate::~TrustStoreModelPrivate()
++{
++}
++
++void TrustStoreModelPrivate::update()
++{
++    Q_Q(TrustStoreModel);
++
++    if (!componentCompleted) return;
++
++    q->beginResetModel();
++
++    if (trustStore) {
++        trustStore.reset();
++    }
++
++    trustStore = core::trust::resolve_store_in_session_with_name(
++        serviceName.toStdString());
++
++    /* Test is the trustStore is valid; ideally, there should be an API on the
++     * trust-store to check this. See
++     * https://bugs.launchpad.net/bugs/1348215 */
++    try {
++        auto query = trustStore->query();
++    } catch (std::exception &e) {
++        qWarning() << "Exception " << e.what();
++        trustStore.reset();
++    }
++
++    QMap<QString,Application> appMap;
++
++    if (trustStore) {
++        auto query = trustStore->query();
++        query->execute();
++
++        while (query->status() != core::trust::Store::Query::Status::eor) {
++            auto r = query->current();
++
++            QString applicationId = QString::fromStdString(r.from);
++
++            Application &app = appMap[applicationId];
++            app.setId(applicationId);
++            app.addRequest(r);
++
++            query->next();
++        }
++    }
++
++    applications = appMap.values();
++    updateGrantedCount();
++
++    q->endResetModel();
++}
++
++void TrustStoreModelPrivate::updateRow(int row)
++{
++    Q_Q(TrustStoreModel);
++
++    Q_ASSERT(trustStore);
++    Q_ASSERT(row >= 0 && row < d->applications.count());
++
++    Application &app = applications[row];
++    app.grantedFeatures.clear();
++
++    auto query = trustStore->query();
++    query->for_application_id(app.id.toStdString());
++    query->execute();
++
++    while (query->status() != core::trust::Store::Query::Status::eor) {
++        auto r = query->current();
++
++        app.addRequest(r);
++
++        query->next();
++    }
++
++    updateGrantedCount();
++
++    /* Let the model emit the change notification */
++    QModelIndex index = q->index(row);
++    q->dataChanged(index, index);
++}
++
++void TrustStoreModelPrivate::updateGrantedCount()
++{
++    Q_Q(TrustStoreModel);
++
++    int count = 0;
++
++    Q_FOREACH(const Application &app, applications) {
++        if (app.hasGrants()) count++;
++    }
++
++    if (count != grantedCount) {
++        grantedCount = count;
++        Q_EMIT q->grantedCountChanged();
++    }
++}
++
++TrustStoreModel::TrustStoreModel(QObject *parent):
++    QAbstractListModel(parent),
++    d_ptr(new TrustStoreModelPrivate(this))
++{
++    Q_D(TrustStoreModel);
++    d->roleNames[Qt::DisplayRole] = "applicationName";
++    d->roleNames[ApplicationIdRole] = "applicationId";
++    d->roleNames[IconNameRole] = "iconName";
++    d->roleNames[GrantedRole] = "granted";
++
++    QObject::connect(this, SIGNAL(rowsInserted(const QModelIndex &,int,int)),
++                     this, SIGNAL(countChanged()));
++    QObject::connect(this, SIGNAL(rowsRemoved(const QModelIndex &,int,int)),
++                     this, SIGNAL(countChanged()));
++    QObject::connect(this, SIGNAL(modelReset()),
++                     this, SIGNAL(countChanged()));
++}
++
++TrustStoreModel::~TrustStoreModel()
++{
++}
++
++void TrustStoreModel::classBegin()
++{
++}
++
++void TrustStoreModel::componentComplete()
++{
++    Q_D(TrustStoreModel);
++    d->componentCompleted = true;
++    d->update();
++}
++
++void TrustStoreModel::setServiceName(const QString &serviceName)
++{
++    Q_D(TrustStoreModel);
++
++    if (serviceName == d->serviceName) return;
++    d->serviceName = serviceName;
++    d->update();
++    Q_EMIT serviceNameChanged();
++}
++
++QString TrustStoreModel::serviceName() const
++{
++    Q_D(const TrustStoreModel);
++    return d->serviceName;
++}
++
++int TrustStoreModel::grantedCount() const
++{
++    Q_D(const TrustStoreModel);
++    return d->grantedCount;
++}
++
++void TrustStoreModel::setEnabled(int row, bool enabled)
++{
++    Q_D(TrustStoreModel);
++
++    if (Q_UNLIKELY(!d->trustStore)) {
++        qWarning() << "Trust store is NULL on setEnabled call";
++        return;
++    }
++
++    if (Q_UNLIKELY(row >= d->applications.count())) return;
++
++    const Application &app = d->applications.at(row);
++
++    core::trust::Request r;
++    r.from = app.id.toStdString();
++    r.feature = core::trust::Feature(core::trust::Request::default_feature);
++    r.answer = enabled ?
++        core::trust::Request::Answer::granted : core::trust::Request::Answer::denied;
++    r.when = std::chrono::system_clock::now();
++
++    d->trustStore->add(r);
++
++    /* When disabling, we must disable all the features */
++    if (!enabled) {
++        Q_FOREACH(std::int64_t feature, app.grantedFeatures) {
++            /* Skip the default feature, we already disabled it */
++            if (feature == core::trust::Request::default_feature) continue;
++
++            r.feature = core::trust::Feature(feature);
++            d->trustStore->add(r);
++        }
++    }
++
++    /* Reload the application from the trust store */
++    d->updateRow(row);
++}
++
++QVariant TrustStoreModel::get(int row, const QString &roleName) const
++{
++    int role = roleNames().key(roleName.toLatin1(), -1);
++    return data(index(row), role);
++}
++
++int TrustStoreModel::rowCount(const QModelIndex &parent) const
++{
++    Q_D(const TrustStoreModel);
++    Q_UNUSED(parent);
++    return d->applications.count();
++}
++
++QVariant TrustStoreModel::data(const QModelIndex &index, int role) const
++{
++    Q_D(const TrustStoreModel);
++
++    if (index.row() >= d->applications.count()) return QVariant();
++
++    const Application &app = d->applications.at(index.row());
++    QVariant ret;
++
++    switch (role) {
++    case Qt::DisplayRole:
++        ret = app.displayName;
++        break;
++    case IconNameRole:
++        ret = app.iconName;
++        break;
++    case ApplicationIdRole:
++        ret = app.id;
++        break;
++    case GrantedRole:
++        ret = app.hasGrants();
++        break;
++    }
++
++    return ret;
++}
++
++QHash<int, QByteArray> TrustStoreModel::roleNames() const
++{
++    Q_D(const TrustStoreModel);
++    return d->roleNames;
++}
++
++#include "trust-store-model.moc"
 === added file 'plugins/security-privacy/trust-store-model.h'
 --- plugins/security-privacy/trust-store-model.h	1970-01-01 00:00:00 +0000
 +++ plugins/security-privacy/trust-store-model.h	2014-08-11 11:06:25 +0000
@@ -0,0 +1,74 @@
++/*
++ * Copyright (C) 2014 Canonical, Ltd.
++ *
++ * This program is free software; you can redistribute it and/or modify
++ * it under the terms of the GNU General Public License as published by
++ * the Free Software Foundation; version 3.
++ *
++ * This program is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++ * GNU General Public License for more details.
++ *
++ * You should have received a copy of the GNU General Public License
++ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
++ *
++ * Authors: Alberto Mardegan <alberto.mardegan@canonical.com>
++ */
++
++#ifndef TRUST_STORE_MODEL_H
++#define TRUST_STORE_MODEL_H
++
++#include <QAbstractListModel>
++#include <QQmlParserStatus>
++#include <QString>
++
++class TrustStoreModelPrivate;
++
++class TrustStoreModel: public QAbstractListModel, public QQmlParserStatus
++{
++    Q_OBJECT
++    Q_INTERFACES(QQmlParserStatus)
++    Q_PROPERTY(QString serviceName READ serviceName WRITE setServiceName
++               NOTIFY serviceNameChanged)
++    Q_PROPERTY(int count READ rowCount NOTIFY countChanged)
++    Q_PROPERTY(int grantedCount READ grantedCount NOTIFY grantedCountChanged)
++
++public:
++    explicit TrustStoreModel(QObject *parent = 0);
++    ~TrustStoreModel();
++
++    enum Roles {
++        ApplicationIdRole = Qt::UserRole + 1,
++        IconNameRole,
++        GrantedRole,
++    };
++
++    void setServiceName(const QString &serviceName);
++    QString serviceName() const;
++
++    int grantedCount() const;
++
++    Q_INVOKABLE void setEnabled(int row, bool enabled);
++    Q_INVOKABLE QVariant get(int row, const QString &roleName) const;
++
++    // reimplemented virtual methods
++    int rowCount(const QModelIndex &parent = QModelIndex()) const Q_DECL_OVERRIDE;
++    QVariant data(const QModelIndex &index,
++                  int role = Qt::DisplayRole) const Q_DECL_OVERRIDE;
++    QHash<int, QByteArray> roleNames() const Q_DECL_OVERRIDE;
++
++    void classBegin() Q_DECL_OVERRIDE;
++    void componentComplete() Q_DECL_OVERRIDE;
++
++Q_SIGNALS:
++    void serviceNameChanged();
++    void countChanged();
++    void grantedCountChanged();
++
++private:
++    TrustStoreModelPrivate *d_ptr;
++    Q_DECLARE_PRIVATE(TrustStoreModel)
++};
++
++#endif // TRUST_STORE_MODEL_H
 === modified file 'po/CMakeLists.txt'
 --- po/CMakeLists.txt	2013-12-31 19:30:03 +0000
 +++ po/CMakeLists.txt	2014-08-11 11:06:25 +0000
@@ -23,6 +23,7 @@
                              --copyright=\"Canonical Ltd.\"
                              --package-name ubuntu-system-settings
                              --qt --c++ --add-comments=TRANSLATORS
++                            --keyword=QT_TR_NOOP
                              --keyword=tr --keyword=tr:1,2 --from-code=UTF-8
                              ${QMLFILES} "${CMAKE_CURRENT_BINARY_DIR}/settings.js"
      WORKING_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}"
 === modified file 'tests/plugins/CMakeLists.txt'
 --- tests/plugins/CMakeLists.txt	2014-07-31 13:43:09 +0000
 +++ tests/plugins/CMakeLists.txt	2014-08-11 11:06:25 +0000
@@ -1,2 +1,3 @@
++add_subdirectory(security-privacy)
  add_subdirectory(system-update)
  add_subdirectory(bluetooth)
 === added directory 'tests/plugins/security-privacy'
 === added file 'tests/plugins/security-privacy/CMakeLists.txt'
 --- tests/plugins/security-privacy/CMakeLists.txt	1970-01-01 00:00:00 +0000
 +++ tests/plugins/security-privacy/CMakeLists.txt	2014-08-11 11:06:25 +0000
@@ -0,0 +1,11 @@
++set(XVFB_CMD xvfb-run -a -s "-screen 0 640x480x24")
++include_directories(${CMAKE_CURRENT_BINARY_DIR} ../../../plugins/security-privacy)
++add_definitions(-DTESTS)
++
++add_executable(tst-trust-store-model
++    tst_trust_store_model.cpp
++    ../../../plugins/security-privacy/trust-store-model.cpp
++)
++
++qt5_use_modules(tst-trust-store-model Core DBus Qml Test)
++add_test(NAME tst-trust-store-model COMMAND ${XVFB_CMD} ${CMAKE_CURRENT_BINARY_DIR}/tst-trust-store-model)
 === added file 'tests/plugins/security-privacy/tst_trust_store_model.cpp'
 --- tests/plugins/security-privacy/tst_trust_store_model.cpp	1970-01-01 00:00:00 +0000
 +++ tests/plugins/security-privacy/tst_trust_store_model.cpp	2014-08-11 11:06:25 +0000
@@ -0,0 +1,394 @@
++/*
++ * Copyright 2013 Canonical Ltd.
++ *
++ * This library is free software; you can redistribute it and/or
++ * modify it under the terms of version 3 of the GNU Lesser General Public
++ * License as published by the Free Software Foundation.
++ *
++ * This program is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
++ * General Public License for more details.
++ *
++ * You should have received a copy of the GNU Lesser General Public
++ * License along with this library; if not, write to the
++ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
++ * Boston, MA 02110-1301, USA.
++ */
++
++#include <QTest>
++#include <QSignalSpy>
++#include <QtQml>
++
++#include <core/trust/resolve.h>
++#include <core/trust/store.h>
++
++#include "trust-store-model.h"
++
++/* mocking trust-store { */
++namespace
++{
++namespace mock
++{
++struct Store: public core::trust::Store
++{
++    std::string m_name;
++    std::list<core::trust::Request> m_allRequests;
++    static std::shared_ptr<mock::Store> m_instance;
++
++    Store()
++    {
++    }
++
++    ~Store()
++    {
++    }
++
++    static void setInstance(std::shared_ptr<mock::Store> store) {
++        m_instance = store;
++    }
++
++    struct Query: public core::trust::Store::Query
++    {
++        mock::Store *m_store;
++        std::list<core::trust::Request> m_requests;
++        std::list<core::trust::Request>::iterator m_it;
++        std::string m_applicationFilter;
++        core::trust::Store::Query::Status m_status;
++
++        Query(mock::Store *store):
++            m_store(store)
++        {
++        }
++
++        ~Query()
++        {
++        }
++
++        void all()
++        {
++            m_applicationFilter.clear();
++        }
++
++        core::trust::Request current()
++        {
++            if (m_it == m_requests.end())
++            {
++                throw core::trust::Store::Query::Errors::NoCurrentResult{};
++            }
++
++            return *m_it;
++        }
++
++        void erase()
++        {
++        }
++
++        void execute()
++        {
++            if (m_applicationFilter.empty()) {
++                m_requests = m_store->m_allRequests;
++            } else {
++                m_requests.clear();
++                for (auto it = m_store->m_allRequests.begin();
++                     it != m_store->m_allRequests.end();
++                     it++) {
++                    if (it->from == m_applicationFilter) {
++                        m_requests.push_back(*it);
++                    }
++                }
++            }
++            m_it = m_requests.begin();
++            m_status = (m_it == m_requests.end()) ?
++                core::trust::Store::Query::Status::eor :
++                core::trust::Store::Query::Status::has_more_results;
++        }
++
++        void for_answer(core::trust::Request::Answer)
++        {
++        }
++
++        void for_application_id(const std::string &id)
++        {
++            m_applicationFilter = id;
++        }
++
++        void for_feature(core::trust::Feature)
++        {
++        }
++
++        void for_interval(const core::trust::Request::Timestamp &,
++                          const core::trust::Request::Timestamp &)
++        {
++        }
++
++        void next()
++        {
++            m_it++;
++            m_status = (m_it == m_requests.end()) ?
++                core::trust::Store::Query::Status::eor :
++                core::trust::Store::Query::Status::has_more_results;
++        }
++
++        core::trust::Store::Query::Status status() const
++        {
++            return m_status;
++        }
++    };
++
++    void add(const core::trust::Request &r)
++    {
++        m_allRequests.push_back(r);
++    }
++
++    void reset()
++    {
++    }
++
++    std::shared_ptr<core::trust::Store::Query> query()
++    {
++        auto query =
++            std::shared_ptr<core::trust::Store::Query>(new mock::Store::Query(
++                this));
++
++        return query;
++    }
++};
++}
++}
++
++std::shared_ptr<mock::Store> mock::Store::m_instance;
++
++std::shared_ptr<core::trust::Store> core::trust::resolve_store_in_session_with_name(
++        const std::string &name)
++{
++    if (name.empty())
++        throw Errors::ServiceNameMustNotBeEmpty{};
++
++    mock::Store::m_instance->m_name = name;
++    return mock::Store::m_instance;
++}
++/* } mocking trust-store */
++
++class TrustStoreModelTest: public QObject
++{
++    Q_OBJECT
++
++private Q_SLOTS:
++    void initTestCase();
++    void init();
++    void cleanup();
++    void testEmpty();
++    void testList_data();
++    void testList();
++    void testAppEnabling_data();
++    void testAppEnabling();
++
++private:
++    QVariant get(const QAbstractListModel *model, int row, QString roleName);
++
++private:
++    std::shared_ptr<mock::Store> m_store;
++};
++
++QVariant TrustStoreModelTest::get(const QAbstractListModel *model, int row,
++                                  QString roleName)
++{
++    QHash<int, QByteArray> roleNames = model->roleNames();
++
++    int role = roleNames.key(roleName.toLatin1(), -1);
++    return model->data(model->index(row), role);
++}
++
++void TrustStoreModelTest::initTestCase()
++{
++    qmlRegisterType<TrustStoreModel>("TrustStore.Test", 0, 1,
++                                     "TrustStoreModel");
++}
++
++void TrustStoreModelTest::init()
++{
++    m_store = std::shared_ptr<mock::Store>(new mock::Store);
++    mock::Store::setInstance(m_store);
++}
++
++void TrustStoreModelTest::cleanup()
++{
++    m_store.reset();
++}
++
++void TrustStoreModelTest::testEmpty()
++{
++    QQmlEngine engine;
++    QQmlComponent component(&engine);
++    component.setData("import TrustStore.Test 0.1\n"
++                      "TrustStoreModel {\n"
++                      "  serviceName: \"storeTest\"\n"
++                      "}",
++                      QUrl());
++    QObject *object = component.create();
++    QVERIFY(object != 0);
++    QAbstractListModel *model = qobject_cast<QAbstractListModel*>(object);
++    QVERIFY(model != 0);
++
++    QCOMPARE(model->rowCount(), 0);
++
++    QCOMPARE(m_store->m_name, std::string("storeTest"));
++}
++
++void TrustStoreModelTest::testList_data()
++{
++    QTest::addColumn<QStringList>("appIds");
++    QTest::addColumn<QList<bool> >("appGrants");
++    QTest::addColumn<QStringList>("expectedAppIds");
++    QTest::addColumn<QList<bool> >("expectedAppGrants");
++
++    QTest::newRow("No repetitions") <<
++        (QStringList() << "Calendar" << "Gallery" << "MyApp") <<
++        (QList<bool>() << true << false << true) <<
++        (QStringList() << "Calendar" << "Gallery" << "MyApp") <<
++        (QList<bool>() << true << false << true);
++
++    QTest::newRow("With repetitions") <<
++        (QStringList() << "Calendar" << "Gallery" << "MyApp" << "Calendar") <<
++        (QList<bool>() << true << false << true << false) <<
++        (QStringList() << "Calendar" << "Gallery" << "MyApp") <<
++        (QList<bool>() << false << false << true);
++}
++
++void TrustStoreModelTest::testList()
++{
++    QFETCH(QStringList, appIds);
++    QFETCH(QList<bool>, appGrants);
++    QFETCH(QStringList, expectedAppIds);
++    QFETCH(QList<bool>, expectedAppGrants);
++
++    for (int i = 0; i < appIds.count(); i++) {
++        core::trust::Request r;
++        r.from = appIds[i].toStdString();
++        r.feature = core::trust::Feature(core::trust::Request::default_feature);
++        r.answer = appGrants[i] ?
++            core::trust::Request::Answer::granted : core::trust::Request::Answer::denied;
++        r.when = std::chrono::system_clock::now();
++        m_store->add(r);
++    }
++
++    QQmlEngine engine;
++    QQmlComponent component(&engine);
++    component.setData("import TrustStore.Test 0.1\n"
++                      "TrustStoreModel {\n"
++                      "  serviceName: \"storeTest\"\n"
++                      "}",
++                      QUrl());
++    QObject *object = component.create();
++    QVERIFY(object != 0);
++    QAbstractListModel *model = qobject_cast<QAbstractListModel*>(object);
++    QVERIFY(model != 0);
++
++    QCOMPARE(model->rowCount(), expectedAppIds.count());
++
++    for (int i = 0; i < model->rowCount(); i++) {
++        QCOMPARE(get(model, i, "applicationId").toString(), expectedAppIds[i]);
++        QCOMPARE(get(model, i, "granted").toBool(), expectedAppGrants[i]);
++    }
++}
++
++void TrustStoreModelTest::testAppEnabling_data()
++{
++    /* In this test the model will be pre-populated with three applications:
++     * - Calendar: enabled
++     * - Gallery: disabled
++     * - MyApp: enabled
++     * We change the enabled status of each one of them at a time, and we check
++     * that the results are consistent. */
++    QTest::addColumn<int>("row");
++    QTest::addColumn<bool>("mustEnable");
++    QTest::addColumn<QStringList>("expectedEnabledApps");
++
++    QTest::newRow("Enabling Calendar") <<
++        0 << true <<
++        (QStringList() << "Calendar" << "MyApp");
++
++    QTest::newRow("Disabling Calendar") <<
++        0 << false <<
++        (QStringList() << "MyApp");
++
++    QTest::newRow("Enabling Gallery") <<
++        1 << true <<
++        (QStringList() << "Calendar" << "Gallery" << "MyApp");
++
++    QTest::newRow("Disabling Gallery") <<
++        1 << false <<
++        (QStringList() << "Calendar" << "MyApp");
++
++    QTest::newRow("Enabling MyApp") <<
++        2 << true <<
++        (QStringList() << "Calendar" << "MyApp");
++
++    QTest::newRow("Disabling MyApp") <<
++        2 << false <<
++        (QStringList() << "Calendar");
++}
++
++void TrustStoreModelTest::testAppEnabling()
++{
++    QFETCH(int, row);
++    QFETCH(bool, mustEnable);
++    QFETCH(QStringList, expectedEnabledApps);
++
++    /* Pre-populate the model (update the comment on top of
++     * testAppEnabling_data() if you change this). */
++    QStringList apps;
++    apps << "Calendar" << "Gallery" << "MyApp";
++    QList<bool> appStatuses;
++    appStatuses << true << false << true;
++    for (int i = 0; i < apps.count(); i++) {
++        core::trust::Request r;
++        r.from = apps[i].toStdString();
++        r.feature = core::trust::Feature(core::trust::Request::default_feature);
++        r.answer = appStatuses[i] ?
++            core::trust::Request::Answer::granted : core::trust::Request::Answer::denied;
++        r.when = std::chrono::system_clock::now();
++        m_store->add(r);
++    }
++
++    QQmlEngine engine;
++    QQmlComponent component(&engine);
++    component.setData("import TrustStore.Test 0.1\n"
++                      "TrustStoreModel {\n"
++                      "  serviceName: \"storeTest\"\n"
++                      "}",
++                      QUrl());
++    QObject *object = component.create();
++    QVERIFY(object != 0);
++    QAbstractListModel *model = qobject_cast<QAbstractListModel*>(object);
++    QVERIFY(model != 0);
++
++    QCOMPARE(model->rowCount(), apps.count());
++
++    QSignalSpy dataChanged(model, SIGNAL(dataChanged(const QModelIndex&, const QModelIndex&)));
++
++    /* Enable or disable an application */
++    bool ok;
++    ok = QMetaObject::invokeMethod(object, "setEnabled",
++                                   Q_ARG(int, row),
++                                   Q_ARG(bool, mustEnable));
++    QVERIFY(ok);
++
++    QTRY_COMPARE(dataChanged.count(), 1);
++
++    QStringList enabledApps;
++    for (int i = 0; i < model->rowCount(); i++) {
++        if (get(model, i, "granted").toBool()) {
++            enabledApps.append(get(model, i, "applicationId").toString());
++        }
++    }
++
++    QCOMPARE(enabledApps, expectedEnabledApps);
++    QCOMPARE(object->property("grantedCount").toInt(),
++             expectedEnabledApps.count());
++}
++
++QTEST_MAIN(TrustStoreModelTest)
++
++#include "tst_trust_store_model.moc"