improve chkCreateToken

The checkbox now offers three states, taking into account the global settings. (SandboxieAllGroup > UseCreateToken > Disabled)
2024-07-26 21:24:41 +03:00 · 2024-07-26 21:24:41 +03:00 · 184e30c65b
parent 03951c62d3
commit 184e30c65b
2 changed files with 28 additions and 6 deletions
--- a/SandboxiePlus/SandMan/Forms/OptionsWindow.ui
+++ b/SandboxiePlus/SandMan/Forms/OptionsWindow.ui
@ -1095,7 +1095,7 @@
         <item row="0" column="0">
          <widget class="QTabWidget" name="tabsSecurity">
           <property name="currentIndex">
-            <number>3</number>
+            <number>4</number>
           </property>
           <widget class="QWidget" name="tabHarden">
            <attribute name="title">
@ -1922,9 +1922,16 @@
               </item>
               <item row="9" column="1" colspan="4">
                <widget class="QCheckBox" name="chkCreateToken">
+                 <property name="toolTip">
+                  <string>Checked: A local group will also be added to the newly created sandboxed token, which allows addressing all sandboxes at once. Would be useful for auditing policies.
+Partially checked: No groups will be added to the newly created sandboxed token.</string>
+                 </property>
                 <property name="text">
                  <string>Create a new sandboxed token instead of stripping down the original token</string>
                 </property>
+                 <property name="tristate">
+                  <bool>true</bool>
+                 </property>
                </widget>
               </item>
              </layout>
--- a/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
+++ b/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
@ -479,7 +479,19 @@ void COptionsWindow::SaveAdvanced()
 	WriteAdvancedCheck(ui.chkSbieLogon, "SandboxieLogon", bGlobalSbieLogon ? "" : "y", bGlobalSbieLogon ? "n" : "");

 	bool bGlobalSandboxGroup = m_pBox->GetAPI()->GetGlobalSettings()->GetBool("SandboxieAllGroup", false);
-	WriteAdvancedCheck(ui.chkCreateToken, "UseCreateToken", bGlobalSandboxGroup ? "" : "y", "");
+	bool bGlobalCreateToken = m_pBox->GetAPI()->GetGlobalSettings()->GetBool("UseCreateToken", false);
+	if (ui.chkCreateToken->checkState() == Qt::Checked) {
+		WriteAdvancedCheck(ui.chkCreateToken, "SandboxieAllGroup", bGlobalSandboxGroup ? "" : "y");
+		m_pBox->DelValue("UseCreateToken");
+	}
+	else if (ui.chkCreateToken->checkState() == Qt::PartiallyChecked) {
+		m_pBox->SetText("SandboxieAllGroup", "n");
+		m_pBox->SetText("UseCreateToken", "y");
+	}
+	else {
+		WriteAdvancedCheck(ui.chkCreateToken, "SandboxieAllGroup", bGlobalSandboxGroup ? "" : "y", bGlobalSandboxGroup ? "n" : "");
+		WriteAdvancedCheck(ui.chkCreateToken, "UseCreateToken", bGlobalCreateToken ? "" : "y", bGlobalCreateToken ? "n" : "");
+	}

 	SaveOptionList();

@ -664,10 +676,13 @@ void COptionsWindow::UpdateBoxIsolation()
 	}
 	else {
 		ReadGlobalCheck(ui.chkSbieLogon, "SandboxieLogon", false);
-		ReadGlobalCheck(ui.chkCreateToken, "UseCreateToken", false);
-		bool bGlobalSandboxGroup = m_pBox->GetAPI()->GetGlobalSettings()->GetBool("SandboxieAllGroup", false);
-		if (bGlobalSandboxGroup) 
-			ui.chkCreateToken->setEnabled(false);
+
+		if (m_pBox->GetBool("SandboxieAllGroup", false, true))
+			ui.chkCreateToken->setCheckState(Qt::Checked);
+		else if (m_pBox->GetBool("UseCreateToken", false, true))
+			ui.chkCreateToken->setCheckState(Qt::PartiallyChecked);
+		else
+			ui.chkCreateToken->setCheckState(Qt::Unchecked);
 	}
 }