lp:~seb128/ubuntu-system-settings/security-confirmation-enabled

Branch merges

Propose for merging

No branches dependent on this one.

Merged into lp:ubuntu-system-settings at revision 1284

Ken VanDine: Approve on 2015-01-28

PS Jenkins bot: Approve (continuous-integration) on 2015-01-28

Diff: 28 lines (+17/-1)

1 file modified

plugins/security-privacy/LockSecurity.qml (+17/-1)

api

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Bug #1412523: In "Switch to passcode", "Set" is available when passcode or passphrase not supplied	Low	Fix Released
Bug #1412527: In "Switch to swipe", "Unset" is available when passcode or passphrase not supplied	Low	Fix Released

Link a bug report

Related blueprints

1280. By Sebastien Bacher on 2015-01-28

[security-privacy] enable the confirmation button only in the cases
described by the specification

1279. By Launchpad Translations on behalf of system-settings-touch on 2015-01-28

Launchpad automatic translations update.

1278. By CI Train Bot Account on 2015-01-27

Releasing 0.3+15.04.20150127.1-0ubuntu1

1277. By Jonas G. Drange on 2015-01-27

[wifi] updates AP test because of a new backend
Approved by: Ken VanDine, PS Jenkins bot

1276. By Jonas G. Drange on 2015-01-27

[ap] avoid use of scroll_to_and_click where the element to be clicked is visible without scrolling
Approved by: Ken VanDine

1275. By Michael Terry on 2015-01-27

Revoke any cached authorizations before trying to change password mode. This makes sure that we authenticate the user again even if we just did so (for UX consistency).

Note that this is kind of an involved change:

- I took out the trySetSecurity call which doesn't make sense anymore if we don't allow cached authorization.

- I changed the policykit agent to register as a session-wide agent (not just for the system-settings process). This is because polkitd does not yet allow you to revoke cached authorizations for processes. Registering and revoking as a session-wide agent should be fine.

- I also had to use the call to revoke all authorizations. There is a more targeted call, to only remove one authorization, by ID. But polkitd didn't let me find the authorization ID when I queried for it. So... I figured just revoking all of them was fine. We are changing the password after all. Either the user changes it and it makes sense to revoke all auths from the old password or the user fails to change it and it makes sense to revoke all auths as a security measure (some non-owner is holding the phone). Between the problems revoking-by-process and revoking-by-ID, I get the sense that the revokation API isn't often used.

- Adding more calls to the policykit agent made it more noticeable that we were using a blocking call to wait for the agent to finish. That's bad UX. So I changed system-settings to call QCoreApplication::processEvents every now and then while waiting.

- Now that Qt was processing events while waiting, I had introduced a new problem: the user can interact with the main page (even pressing the "back" button) while the dialog is waiting -- you can see this by going to landscape mode). So I made sure that the page and back button are disabled while the dialog is up. (And to get access to the back button, I had to bump the Ubuntu.Components API version to 1.1 to get the 'head' property on a Page.) Fixes: #1371655
Approved by: Ken VanDine, PS Jenkins bot

1274. By CI Train Bot Account on 2015-01-27

Releasing 0.3+15.04.20150127-0ubuntu1

1273. By Alberto Mardegan on 2015-01-27

Security: ignore older requests when building the applications' grants

Also update the unit tests to ensure that we'll compute the same results no matter what the order of the rows is. Fixes: #1387734
Approved by: Sebastien Bacher, Thomas Voß

1272. By CI Train Bot Account on 2015-01-26

Releasing 0.3+15.04.20150126-0ubuntu1

1271. By Sebastien Bacher on 2015-01-26

security-privacy: give default focus to the first entry Fixes: #1412530
Approved by: Ken VanDine, PS Jenkins bot