1c external processing safe mode. Safe operating mode. Start external processing in normal application mode

In version 8.3.9.2170, security has been increased - now the system asks for confirmation to start external processing, extensions, etc. Apparently after the Trojan:

A mechanism for protection against dangerous actions has been implemented. When a potentially dangerous action is performed, the system issues a warning containing information about the action being performed and the potential danger of this action. Potentially hazardous activities include:

  • Loading an external report, processing or expanding the configuration.
  • Load or update configuration / extension.
  • Access from an external report / processing or extension to the following features:
  • Operating system command execution.
  • User management.

The user has the ability to allow or deny a potentially dangerous action. If an action is allowed, in some cases it may be necessary to re-execute the allowed action.

The message looks like this:

Security warning

Opens "" from the file "C: \ ....... epf". It is recommended to pay attention to the source from which it was obtained this file... If there is no agreement with the source about the development of additional modules, or there are doubts about the contents of the file, then it is not recommended to open it, as this may harm the computer and data. Allow this file to be opened. NOT REALLY

Solution:

In the configurator, in the properties of the IB user, uncheck the "Protection against dangerous actions" box.

From the documentation:Disabling the mechanism of protection against dangerous actions

In some cases, it is necessary to disable the protection mechanism against dangerous actions. To do this, you can use the following features:

1. Disable the Protection against dangerous actions (Protection against dangerous actions) checkbox in the properties of a specific user. This will disable protection for that user.

2. Use the ProtectionOfDangerousActions parameter of the Connect () methods of external processing (report) managers. In this case, it is possible to load external processing (report) without user requests.

3. Use the ProtectionOnDangerousActions property of the ConfigurationExtension object before calling the Write () method of this object.

4. Use the DisableUnsafeActionProtection parameter of the conf.cfg file. In this case, the mechanism of protection against dangerous actions will be disabled for all infobase users whose connection strings satisfy the specified masks.

Disabling protection against dangerous actions is performed according to the following rules (in the specified order):

1. Protection is considered disabled if the Protection against dangerous actions checkbox is cleared for the current user.

2. Protection is considered disabled if the infobase connection string matches one of the templates specified in the DisableUnsafeActionProtection parameter of the conf.cfg file.

3. If an external processing (report) is connected with protection explicitly disabled using the AntiDangerousActions parameter.

4. If protection is explicitly disabled using the AntiDangerousActions extension property.

When you start the program Uploading documents as a regular user, the error "Safe mode is set. Operation is prohibited."

This complexity arises because not enough rights to start external processing. To set up access rights, go to the database in 1C Enterprise mode on behalf of Administrator and go to section User and rights settings / Access group profiles, click To create a group.

Enter the name of the group and check the boxes available to users of this group of roles -

  • Interactive opening of external reports and processors
  • Using additional reports and processing

Click on Burn and close


Return to the Users menu and select from the list the employee who will work with the Download Documents program. Click Permissions. In the list of profiles, mark the previously created profile. Click on Write down.


It is recommended to add Document Upload to the list of external processors so that users can start processing. For this in the menu Administration / Printing forms and processing / Additional reports and processing create a new treatment. Browse to and name the LoadDocuments.epf file. Specify the location of the processing in the menu from where the user can launch it in the future, for example, select the menu Directories

By clicking on the item Fast access you indicate to which of the users the processing is available:


After setting, click Burn and close... To start processing, users will just need to re-enter the database and open it from the access menu (in the example, References) and click Execute.


Open up Menu - All functions ..... and find the Security Profiles in use option in the list.


It is enough to uncheck the "Security profiles are used" option.


After that, the program will start successfully.

External processing is programmatically opened using the ExternalProcessing global context object, which has the type ExternalProcessingManager... For each operating mode of the 1C platform (normal application mode and managed application) are used different methods object for working with external treatments.

Start external processing in normal application mode

In a typical application, you must use the Create () method of the ExternalProcessing object, which is passed the full name of the external processing file. The method returns an object of type External Processing, this object is the external processing being opened. If you need to open an external processing form, then call the GetForm () method on the resulting object, which will return the main form, and then call the Open () method to open it.


Processing = ExternalProcessing.Create (FullFileName);
Processing.GetForm (). Open ();

In external processors, the main form must always be a regular form, and the managed form must always be an additional one, otherwise the GetForm () method will not work in the normal application mode.

Starting external processing in managed application mode

In the mode managed forms the division of the algorithm according to the execution context appears. On the client, we get binary data by the full name of the external processing file. We transfer the received binary data to the server and put it in temporary storage. Next, you need to call the Connect () method of the ExternalProcessing object, to which the address to the temporary storage is passed. The method returns the name of the connected external processing. We return the name of the external processing to the client, form a string path to the processing form and use the OpenForm () method to open the external processing form.

&On server
GetExternalProcessingName Function (BinaryData)
AddressToTemporaryStorage = PutToTemporalStore (BinaryData);
Return ExternalProcessing.Connect (AddressInTemporaryStorage);
EndFunction

& OnClient
FullFileName = ""; // Full name of the external processing file.
FileData = New BinaryData (FullFileName);
ExternalProcessingName = GetExternalProcessingName (FileData);
OpenForm ("ExternalProcessing." + ExternalProcessingName + ".Form");

Safe mode for external treatments

The Create () and Connect () methods of the ExternalProcessing object have an input parameter SafeMode - a sign of connecting external processing in safe mode. If the parameter is not specified, the connection will be made in safe mode.
Safe mode work is designed to protect the system from executing "unreliable" program code on the server. Potential danger is external processing or program code entered by the user for use in the Execute () and Calculate () methods.
Safe mode has the following restrictions:
  • privileged mode is canceled if it was set;
  • attempts to enter privileged mode are ignored;
  • operations with COM objects are prohibited;
  • loading and connecting external components is prohibited;
  • denied access to file system(except for temporary files);
  • Internet access is denied.
Processings opened interactively are not performed in safe mode, therefore it is recommended to implement a mechanism for opening external processors in safe mode, as well as to prevent the user from interactively opening external processors at the level of rights.
To prohibit the interactive opening of processing, in all roles assigned to the user, you must remove the "Open external processing interactively" right (see Figure 1).
Figure 1. Rights of interactive opening of external processings / reports
The Open External Processors interactively right does not affect the ExternalProcessing object in any way.

Opening external reports programmatically, similar to external processors, you should only use the External Reports global context object, which has the type ExternalReportManager.

Print (Ctrl + P)

Configuration objects

If you need to use "unreliable" program code on the server: external processing or program code entered by the user for use in the Execute () and Calculate () methods, you can use the safe mode of operation.

In safe mode:

  • Privileged mode canceled.
  • Entering privileged mode ignored.
  • Are prohibited operations leading to the use of external funds in relation to the 1C: Enterprise platform (including non-blocking analogues of the above methods):
  • COM mechanisms:
    • COM Object ();
    • GetCOMObject ();
    • Wrapper HTMLDocument.GetCOMObject ().
  • Loading external components:
    • Load ExternalComponent ();
    • Connect External Component ().
  • File system access:
    • ValueInFile ();
    • CopyFile ();
    • CombineFiles ();
    • MoveFile ();
    • SplitFile ();
    • CreateDirectory ();
    • DeleteFiles ();
    • New File;
    • New xBase;
    • HTMLWrite.OpenFile ();
    • Reading HTML.OpenFile ();
    • Read XML.OpenFile ();
    • XMLWrite.OpenFile ();
    • ReadingFastInfoset.OpenFile ();
    • WriteFastInfoset.OpenFile ();
    • CanonicalXMLWriter.OpenFile ();
    • ConversionXSL.LoadFromFile ();
    • WriteZipFile.Open ();
    • Reading a ZipFile.Open ();
    • NewTextReader (), if the first parameter is a string;
    • ReadText.Open () if the first parameter is a string;
    • NewWriteText (), if the first parameter is a string;
    • WriteText.Open (), if the first parameter is a string;
    • NewExtractText ();
    • changing the RetrieveText.FileName property;
    • ExtractText.Write ();
    • New Picture (), if the first parameter is a string;
    • Picture.Write ();
    • New BinaryData ();
    • BinaryData.Write ();
    • NewDataWrite (), if the first parameter is a string;
    • NewReaderData (), there is the first parameter - a string;
    • all methods of the FileStreamManager object;
    • New FileStream ();
    • FormattedDocument.Write ();
    • GeographicSchema.Read ();
    • GeographicSchema.Record ();
    • GeographicSchema.Print ();
    • TabularDocument.Read ();
    • TabularDocument.Write ();
    • TabularDocument.Print (); GraphicSchema.Read ();
    • GraphicalScheme.Write ();
    • GraphicalScheme.Print ();
    • TextDocument.Read ();
    • TextDocument.Write ().
  • Internet access:
    • New InternetConnection,
    • New Internet Mail,
    • New InternetProxy,
    • New HTTPConnection,
    • New FTPConnection.

ATTENTION! Throws an exception when performing prohibited operations at runtime.

Note. External reports and processing opened using the File - Open menu are executed in safe mode if the user does not have administrative access rights.

The number of failures must be the same as the number of shutdowns. However, if a safe mode was turned on (once or more) within a procedure or function, but it was not turned off, the system will automatically shut down as many times as there were unfinished turn-ons in the procedure or function to be abandoned.

If a procedure or function calls a method Set Safe Mode (False) done more than method calls Set Safe Mode (True) then an exception will be thrown.

Safe mode software setting may be required when the configuration developer assumes the use of third-party (in relation to the configuration) program code, the reliability of which the developer cannot guarantee. An example of such code is the execution of the Execute () and Compute () methods in cases where the executable code is obtained from the outside world. In this case, it is good practice to set safe mode before executing these methods:

// A program code is generated that should be executed // It is possible that the code is loaded from external sources // or entered manually ExecutableCode = GetExecutiveCodeFrom the ExternalWorld (); // Enable Safe Mode Set Safe Mode (True); // Execute potentially dangerous code Execute (Executable Code); // Turn off Safe Mode Set Safe Mode (False);

In some cases, safe mode settings may conflict with privileged mode settings. An example of such a conflict is posting a document that has the Privileged mode on posting property set from embedded code that runs in safe mode. In this case, privileged mode is disabled, and attempts to enable it are ignored. As a result, code in the embedded language that "relies" on the enabled privileged mode "collides" with its absence, which leads to errors with non-obvious reasons. To prevent such a situation, the 1C: Enterprise system automatically disables the safe mode for event handlers that are available in the object module or manager module, provided that the executable code in the embedded language is not located in the configuration extension. Such handlers are marked in a special way in the syntax helper.

It also provides the option to disable safe mode from the embedded language (if the program code from which the disconnect is attempted is not in a configuration extension). To disable safe mode, use the method Set Safe Mode Disable ()... Check that safe mode is in this moment disabled (automatically or by calling a method), you can use the method GetDisableSafeMode ().

Within a single embedded language method, there can be no more than one nesting level of setting safe mode (by calling the SetSafeMode () method) and setting to disable safe mode (automatically for the duration of the event handlers of metadata objects or by calling the SetDisableSafeMode () method). When trying to increase nesting, an exception is thrown:

// Correct use Procedure ProcedureName () SetSafeModeDisable (True); Set Safe Mode (True); Set Safe Mode (False); Set Safe Mode Disable (False); EndProcedure // Incorrect use Procedure ProcedureName () SetSafeModeDisable (True); Set Safe Mode (True); Set Safe Mode Disable (False); // Exception EndProcedure Procedure ProcedureName () SetSafeMode (True); Set Safe Mode Disable (False); // Exception EndProcedure

The fact is that when using the client-server version of 1C operation, external processing / reports are opened in safe mode, in which the use of privileged mode is prohibited. And the privileged mode is used very often in typical configurations: formation printed forms, various official checks (registration of exchanges), etc. As a result, even using a regular report on the ACS without a form (by default, the general "Report Form" form is used) and saving the custom report settings (to the corresponding reference), you will receive an error about insufficient access rights to various constants and session parameters used for service purposes after the line SetPrivilegedMode (True);

The "correct" solution would be to connect external processes and reports through the mechanisms of the BSP "Additional reports and processing" with disabling the safe mode or adding permissions (in my opinion, from the BSP version 2.2.2.1). But if for some reason it is necessary to use external report / processing files, then you can configure a cluster security profile used as a safe mode security profile for a specific information base.

I would like to note right away that this option is not preferable, but due to various circumstances, it can be used in such a simplified form. For example, I have several bases in different cities, a common local sit down with strictly limited rights, closed USB, etc., somewhere I use Accounting 2.0, and somewhere 3.0, I make almost all reports using ACS without forms, so that they opened in both versions. Serve all these reports for different versions and different bases is a laborious and hopeless business, tk. plans include a transition to a single configuration and base ...

We create a profile.
In the cluster console, create a security profile in which we set flags "Can be used as a safe mode security profile" and "under" Allowed full access:" "to privileged mode".

In many use cases for reports and simple processings this method will be applicable. For more complex situations, it makes no sense to describe the process, because it is stated in the documentation (the ability to customize security profiles for specific external files by specifying its hash, etc.).

P.S. I thought that security profiles function only when using licenses for the platform and server of the CORP level, but this functionality is also fulfilled on the 1C: Enterprise 8.3 platform (conditionally, you can call PROF by analogy with typical configurations Basic / PROF / CORP)

Similar articles
Fiscal registrar bar fr-k is out of production Procedure for modernization bar-fr-kFiscal registrar bar fr-k is out of production Procedure for modernization bar-fr-k G-Series - Wide Range of PC Connection MethodsG-Series - Wide Range of PC Connection Methods We print the lost check and Z-report Atol print a copy of the checkWe print the lost check and Z-report Atol print a copy of the check Data collection terminal in a warehouse: we turn expensive equipment into profitable investments Data collection terminal instructions for useData collection terminal in a warehouse: we turn expensive equipment into profitable investments Data collection terminal instructions for use