org-crypt: make org-decrypt disable auto-save-mode (configurable)
As auto-save-mode can only cause leakage when there's actual decrypted data lying around, don't check for it (and potentially cause annoyance) on init, but only when org-decrypt-entry is called. * lisp/org-crypt.el: - add defcustom `org-crypt-disable-auto-save' - `org-decrypt-entry': before decrypting, check whether `auto-save-mode' is enabled for the current buffer, and act on it according to how `org-crypt-disable-auto-save' is set. - remove comment re "encrypt[ing] Org auto-saved buffers" - remove on-init check for `auto-save-default'
This commit is contained in:
parent
21df1289c7
commit
7bae223536
|
@ -94,6 +94,29 @@ This setting can also be overridden in the CRYPTKEY property."
|
|||
:type 'string
|
||||
:group 'org-crypt)
|
||||
|
||||
(defcustom org-crypt-disable-auto-save 'ask
|
||||
"What org-decrypt should do if `auto-save-mode' is enabled.
|
||||
|
||||
t : Disable auto-save-mode for the current buffer
|
||||
prior to decrypting an entry.
|
||||
|
||||
nil : Leave auto-save-mode enabled.
|
||||
This may cause data to be written to disk unencrypted!
|
||||
|
||||
'ask : Ask user whether or not to disable auto-save-mode
|
||||
for the current buffer.
|
||||
|
||||
'encrypt : Leave auto-save-mode enabled for the current buffer,
|
||||
but automatically re-encrypt all decrypted entries
|
||||
*before* auto-saving.
|
||||
NOTE: This only works for entries which have a tag
|
||||
that matches `org-crypt-tag-matcher'."
|
||||
:group 'org-crypt
|
||||
:type '(choice (const :tag "Always" t)
|
||||
(const :tag "Never" nil)
|
||||
(const :tag "Ask" ask)
|
||||
(const :tag "Encrypt" encrypt)))
|
||||
|
||||
(defun org-crypt-key-for-heading ()
|
||||
"Return the encryption key for the current heading."
|
||||
(save-excursion
|
||||
|
@ -142,6 +165,30 @@ This setting can also be overridden in the CRYPTKEY property."
|
|||
(defun org-decrypt-entry ()
|
||||
"Decrypt the content of the current headline."
|
||||
(interactive)
|
||||
|
||||
; auto-save-mode may cause leakage, so check whether it's enabled.
|
||||
(when buffer-auto-save-file-name
|
||||
(cond
|
||||
((or
|
||||
(eq org-crypt-disable-auto-save t)
|
||||
(and
|
||||
(eq org-crypt-disable-auto-save 'ask)
|
||||
(y-or-n-p "org-decrypt: auto-save-mode may cause leakage. Disable it for current buffer? ")))
|
||||
(message (concat "org-decrypt: Disabling auto-save-mode for " (or (buffer-file-name) (current-buffer))))
|
||||
; The argument to auto-save-mode has to be "-1", since
|
||||
; giving a "nil" argument toggles instead of disabling.
|
||||
(auto-save-mode -1))
|
||||
((eq org-crypt-disable-auto-save nil)
|
||||
(message "org-decrypt: Decrypting entry with auto-save-mode enabled. This may cause leakage."))
|
||||
((eq org-crypt-disable-auto-save 'encrypt)
|
||||
(message "org-decrypt: Enabling re-encryption on auto-save.")
|
||||
(add-hook 'auto-save-hook
|
||||
(lambda ()
|
||||
(message "org-crypt: Re-encrypting all decrypted entries due to auto-save.")
|
||||
(org-encrypt-entries))
|
||||
nil t))
|
||||
(t nil)))
|
||||
|
||||
(require 'epg)
|
||||
(unless (org-before-first-heading-p)
|
||||
(save-excursion
|
||||
|
@ -201,19 +248,6 @@ This setting can also be overridden in the CRYPTKEY property."
|
|||
'org-mode-hook
|
||||
(lambda () (add-hook 'before-save-hook 'org-encrypt-entries nil t))))
|
||||
|
||||
;; FIXME Find a better way to encrypt Org auto-saved buffers?
|
||||
;; When `auto-save-default' is non-nil, make sure entries are
|
||||
;; encrypted before auto-saving
|
||||
;; (when auto-save-default
|
||||
;; (add-hook
|
||||
;; 'org-mode-hook
|
||||
;; (lambda () (add-hook 'auto-save-hook 'org-encrypt-entries nil t))))
|
||||
|
||||
(when (and (functionp 'daemonp)
|
||||
(not (daemonp)) auto-save-default)
|
||||
(message "Warning: turn auto-save-mode off in Org buffers containing crypted entries.")
|
||||
(sit-for 1))
|
||||
|
||||
(add-hook 'org-reveal-start-hook 'org-decrypt-entry)
|
||||
|
||||
(provide 'org-crypt)
|
||||
|
|
Loading…
Reference in New Issue