Bug 118938 - FILESAVE to Microsoft Excel 2007-2013 XML (.xlsx) files as read-only with additional password protection for editing not working (Calc)
Summary: FILESAVE to Microsoft Excel 2007-2013 XML (.xlsx) files as read-only with add...
Status: NEW
Alias: None
Product: LibreOffice
Classification: Unclassified
Component: Calc (show other bugs)
Version:
(earliest affected)
4.4 all versions
Hardware: All All
: medium normal
Assignee: Not Assigned
URL:
Whiteboard:
Keywords: filter:xlsx
Depends on:
Blocks: XLSX Password-Protected
  Show dependency treegraph
 
Reported: 2018-07-25 19:58 UTC by kam3don
Modified: 2019-05-11 14:03 UTC (History)
5 users (show)

See Also:
Crash report or crash signature:


Attachments
A supposedly read-only password-protected .xlsx spreadsheet (7.50 KB, application/vnd.openxmlformats-officedocument.spreadsheetml.sheet)
2018-07-25 20:01 UTC, kam3don
Details
Example .xlsx document created by LibreOffice, with password "dupa" (7.50 KB, application/vnd.openxmlformats-officedocument.spreadsheetml.sheet)
2018-10-01 20:23 UTC, Bartosz
Details
Example .xlsx document created by MS Excel 2007, with password "dupa" (12.50 KB, application/vnd.openxmlformats-officedocument.spreadsheetml.sheet)
2018-10-01 20:24 UTC, Bartosz
Details

Note You need to log in before you can comment on or make changes to this bug.
Description kam3don 2018-07-25 19:58:52 UTC
Description:
FILESAVE to Microsoft Excel 2007-2013 XML (.xlsx) files as read-only with additional password protection for editing not working (Calc).

SAVE WITH PASSWORD (.xlsx files) working. After closing the file, I am required to enter my password to access the file again. 

SAVE AS WITH PASSWORD (.xlsx files) working. After closing the file, I am required to enter my password to access the file again. 

SAVE OR SAVE AS WITH READ-ONLY PASSWORD AND EDIT PASSWORD OPTIONS SELECTED (.xlsx files) not working. After closing the file, I am required to enter my password to access the file again, but I can then edit and save changes without having to enter my edit password. 




Steps to Reproduce:
1. Create a spreadsheet
2. Save to .xlsx format (same thing happens if you do a Save As of a spreadsheet originally saved in a different format).
3. Select the option to password protect and add the option to make this read-only with an additional password for editing.
4. Enter and confirm your passwords and save the file.
5. Close the file.
6. Open the file, and you will see a password is requested to open the file again. 
7. Edit the file and save it, and you see that you can do so without entering the required editing password you set up.




Actual Results:
When saving a Microsoft Excel 2007-2013 XML (.xlsx) file as read-only with an additional password for editing, I am only required to enter the read-only password. Once I have entered this and the file is opened, I can edit and save changes without ever having to enter the editing password.





Expected Results:
When saving a Microsoft Excel 2007-2013 XML (.xlsx) file as read-only with an additional password for editing, I would expect to be asked to enter the read-only password before being allowed to open the file. 

Then I would expect to be asked to enter the additional editing password upon attempting to edit the file.


Reproducible: Always


User Profile Reset: Yes



Additional Info:
I followed the steps to reset my profile, but the problem remains.

I am not using OpenGL.
Comment 1 kam3don 2018-07-25 20:01:39 UTC
Created attachment 143760 [details]
A supposedly read-only password-protected .xlsx spreadsheet

A supposedly read-only password-protected .xlsx spreadsheet

A simple spreadsheet saved as a read only, password-protected .xlsx file with an additional editing password.

Read-only password: open
Editing password: edit
Comment 2 Alex Thurgood 2018-07-31 07:06:14 UTC
Confirming with

Version: 6.2.0.0.alpha0+
Build ID: 36e1f6ebf0c74b4b90bbf1aab8d9ab69b8746f3a
CPU threads: 4; OS: Mac OS X 10.13.6; UI render: default; 
Locale: fr-FR (fr_FR.UTF-8); Calc: group threaded

At step 7, I have to specifically activate the Edit Mode (Shift-Cmd-M) in order to be able to change the data in the spreadsheet, but I am not asked for the second password.
Comment 3 Alex Thurgood 2018-07-31 07:12:23 UTC
If I open the file in MS Excel 16.15 (180709), I get asked for the first password to load the file. Once the file is open, there is an indication beneath the main toolbar that the file has been marked "FINAL", with an option to reset that status and allow editing. If I click on the "MODIFY" button, the spreadsheet is released for editing and I can make changes, however, I am not asked to enter the second password.
Comment 4 Xisco Faulí 2018-08-01 08:44:51 UTC
Also reproduced in

Version: 6.2.0.0.alpha0+
Build ID: 72b099d279e7096d41a04fe8c0dd493a5fc18a33
CPU threads: 4; OS: Linux 4.15; UI render: default; VCL: gtk3; 
Locale: ca-ES (ca_ES.UTF-8); Calc: group threaded
Comment 5 Xisco Faulí 2018-08-01 08:47:44 UTC
I can't reproduce it if I save it to .ODS
Comment 6 Xisco Faulí 2018-08-01 08:51:14 UTC
Also reproduced in

Version: 5.2.0.0.alpha0+
Build ID: 3ca42d8d51174010d5e8a32b96e9b4c0b3730a53
Threads 4; Ver: 4.10; Render: default; 

Version: 4.3.0.0.alpha1+
Build ID: c15927f20d4727c3b8de68497b6949e72f9e6e9e
Comment 7 Bartosz 2018-10-01 20:23:41 UTC
Created attachment 145306 [details]
Example .xlsx document created by LibreOffice, with password "dupa"
Comment 8 Bartosz 2018-10-01 20:24:30 UTC
Created attachment 145307 [details]
Example .xlsx document created by MS Excel 2007, with password "dupa"
Comment 9 Bartosz 2018-10-01 20:40:23 UTC
It seems that following line needs to be added (in file workbook.xml) to enable ReadOnly mode for .xlsx:

    <fileSharing readOnlyRecommended="1" userName="m" reservationPassword="CC82"/>

More details is available at:
http://www.datypic.com/sc/ooxml/e-ssml_fileSharing-1.html

and 

https://c-rex.net/projects/samples/ooxml/e1/Part4/OOXML_P4_DOCX_fileSharing_topic_ID0E62E4.html
Comment 10 Bartosz 2018-10-01 20:47:04 UTC
It seems that following two lines were needed to enable proper Read-Only mode:

    <fileVersion appName="xl"/>
    <fileSharing readOnlyRecommended="1" userName="m" reservationPassword="CC82"/>        

Unfortunately LibreOffice Calc is not asking for password, even if it is properly set by MS Office
Comment 11 Gabor Kelemen 2019-01-08 13:28:17 UTC
This may be a duplicate.
Comment 12 Adam Kovacs 2019-01-09 12:41:37 UTC
So in an Excel xlsx file I see only this (about filesharing):
<fileSharing userName="Kovács Ádám 2" algorithmName="SHA-512" hashValue="dyDIs0vnG/0BUo+sKak6IUuztKnjI1myOvqj3kadN+pKltb0DJ3vHDFkOARfGAqbMT8C3NwYMKoawbYdmVVuCQ==" saltValue="UaMTB2MJ8TfLvlkZmKk9dg==" spinCount="100000"/>
In this file: xl/workbook.xml
If I unzip the xlsx file.

So we should add these more 2 lines, even if an Excel file doesn't contain it?
<fileVersion appName="xl"/>
<fileSharing readOnlyRecommended="1" userName="m" reservationPassword="CC82"/>
Comment 13 Adam Kovacs 2019-01-09 13:10:00 UTC
In Excel:
Adding readOnlyRecommended="1" to <fileSharing ...> XML tag is only a popup message box with a text "the owner of this document recommends you to open this document as read only" with "yes", "no" and "cancel" buttons, but this is after entering the password.
In Calc:
Nothing change.

Adding reservationPassword="CC82" to it is simply ignored by Excel, and Calc.

So I'm talking about this in xl/workbook.xml:
<fileSharing readOnlyRecommended="1" userName="Kovács Ádám 2" algorithmName="SHA-512" hashValue="dyDIs0vnG/0BUo+sKak6IUuztKnjI1myOvqj3kadN+pKltb0DJ3vHDFkOARfGAqbMT8C3NwYMKoawbYdmVVuCQ==" saltValue="UaMTB2MJ8TfLvlkZmKk9dg==" spinCount="100000" reservationPassword="CC82"/>
Comment 14 Adam Kovacs 2019-01-09 14:40:00 UTC
Related code is here:
https://opengrok.libreoffice.org/xref/core/sc/source/filter/oox/workbooksettings.cxx#204

With this comment:
/*TODO: not setting read-only if only mnPasswordHash ('password'
attribute) is present looks a bit silly, any reason for that?
'readOnlyRecommended' is defined as "indicates on open, whether the
application alerts the user that the file be marked as read-only",
which sounds silly in itself and seems not to be present if the
'password' attribute isn't present, but.. */