Merge branch 'CURA-6856_signed_plugins_and_packages' of github.com:Ultimaker/Cura

cura/ApplicationMetadata.py

@@ -49,7 +49,6 @@ try:
 except ImportError:
     CuraDebugMode = DEFAULT_CURA_DEBUG_MODE
 
-
 # CURA-6569
 # Various convenience flags indicating what kind of Cura build it is.
 __ENTERPRISE_VERSION_TYPE = "enterprise"

cura/CuraApplication.py

@@ -720,6 +720,8 @@ class CuraApplication(QtApplication):
     ##  Handle loading of all plugin types (and the backend explicitly)
     #   \sa PluginRegistry
     def _loadPlugins(self) -> None:
+        self._plugin_registry.setCheckIfTrusted(ApplicationMetadata.IsEnterpriseVersion)
+
         self._plugin_registry.addType("profile_reader", self._addProfileReader)
         self._plugin_registry.addType("profile_writer", self._addProfileWriter)
 

cura/Settings/ContainerManager.py

@@ -247,7 +247,7 @@ class ContainerManager(QObject):
 
         try:
             with open(file_url, "rt", encoding = "utf-8") as f:
-                container.deserialize(f.read())
+                container.deserialize(f.read(), file_url)
         except PermissionError:
             return {"status": "error", "message": "Permission denied when trying to read the file."}
         except ContainerFormatError:

plugins/LegacyProfileReader/LegacyProfileReader.py

@@ -157,7 +157,7 @@ class LegacyProfileReader(ProfileReader):
         data = stream.getvalue()
 
         profile = InstanceContainer(profile_id)
-        profile.deserialize(data) # Also performs the version upgrade.
+        profile.deserialize(data, file_name) # Also performs the version upgrade.
         profile.setDirty(True)
 
         #We need to return one extruder stack and one global stack.

plugins/LegacyProfileReader/tests/TestLegacyProfileReader.py

@@ -15,6 +15,7 @@ import UM.Settings.InstanceContainer # To intercept the serialised data from the
 
 import LegacyProfileReader as LegacyProfileReaderModule # To get the directory of the module.
 
+
 @pytest.fixture
 def legacy_profile_reader():
     try:
@@ -161,7 +162,7 @@ def test_read(legacy_profile_reader, file_name):
     plugin_registry.getPluginPath = unittest.mock.MagicMock(return_value = os.path.dirname(LegacyProfileReaderModule.__file__))
 
     # Mock out the resulting InstanceContainer so that we can intercept the data before it's passed through the version upgrader.
-    def deserialize(self, data): # Intercepts the serialised data that we'd perform the version upgrade from when deserializing.
+    def deserialize(self, data, filename): # Intercepts the serialised data that we'd perform the version upgrade from when deserializing.
         global intercepted_data
         intercepted_data = data
 

plugins/XmlMaterialProfile/XmlMaterialProfile.py

@@ -720,6 +720,8 @@ class XmlMaterialProfile(InstanceContainer):
                         new_hotend_material._dirty = False
 
                         if is_new_material:
+                            if ContainerRegistry.getInstance().isReadOnly(self.getId()):
+                                ContainerRegistry.getInstance().setExplicitReadOnly(new_hotend_material.getId())
                             containers_to_add.append(new_hotend_material)
 
                     # there is only one ID for a machine. Once we have reached here, it means we have already found

tests/Settings/MockContainer.py

@@ -78,6 +78,10 @@ class MockContainer(ContainerInterface, UM.PluginObject.PluginObject):
     def getAllKeys(self):
         pass
 
+    # Should return false (or even throw an exception) if trust (or other verification) is invalidated.
+    def _trustHook(self, file_name: Optional[str]) -> bool:
+        return True
+
     def setProperty(self, key, property_name, property_value, container = None, set_from_cache = False):
         pass