bool xml() const { return xml_; }
///
bool need_aux() const { return need_aux_; }
+ /// Return whether or not the needauth option is set for this converter
+ bool need_auth() const { return need_auth_; }
///
bool nice() const { return nice_; }
///
std::string const result_file() const { return result_file_; }
///
std::string const parselog() const { return parselog_; }
+
private:
///
trivstring from_;
bool need_aux_;
/// we need a "nice" file from the backend, c.f. OutputParams.nice.
bool nice_;
+ /// Use of this converter needs explicit user authorization
+ bool need_auth_;
/// If the converter put the result in a directory, then result_dir
/// is the name of the directory
trivstring result_dir_;
//
void erase(std::string const & from, std::string const & to);
///
- FormatList const
+ FormatList const
getReachableTo(std::string const & target, bool clear_visited);
///
FormatList const
const_iterator end() const { return converterlist_.end(); }
///
void buildGraph();
+
+ /// Check whether converter conv is authorized to be run for elements
+ /// within document doc_fname.
+ /// The check succeeds for safe converters, whilst for those potentially
+ /// able to execute arbitrary code, tagged with the 'needauth' option,
+ /// authorization is: always denied if lyxrc.use_converter_needauth_forbidden
+ /// is enabled; always allowed if the lyxrc.use_converter_needauth
+ /// is disabled; user is prompted otherwise.
+ /// However, if use_shell_escape is true and a LaTeX backend is
+ /// going to be executed, both lyxrc.use_converter_needauth and
+ /// lyxrc.use_converter_needauth_forbidden are ignored, because in
+ /// this case the backend has to be executed and LyX will add the
+ /// -shell-escape option, so that user consent is always needed.
+ bool checkAuth(Converter const & conv, std::string const & doc_fname,
+ bool use_shell_escape = false);
+
private:
///
FormatList const