Menu
homeiOS

Safe operating mode. How to add an external printing form or processing 1s 8.2 I can’t install safe mode

With the release of platform 8.3.9.2033, a new mechanism appeared "Protection from dangerous actions".

Thanks to this innovation, 1C now began to swear at the opening of processing (and not only):

Security Warning

Opens “My External Processing” from the file “My_External_Processing.epf”

It is recommended to pay attention to the source from which this file was obtained. If there is no agreement with the source on the development of additional modules, or there are doubts about the contents of the file, then it is not recommended to open it, as this may harm the computer and data.

Allow me to open this file?

So 1C decided to fight malicious code!

Where this “malicious code” will come from in an enterprise is still a mystery)

Potentially dangerous actions included:

  • Loading an external report, processing or configuration extension.
  • Loading or updating configuration/extension.
  • Access from an external report/processor or extension to the following capabilities:
  • Executing an operating system command.
  • User management (recording or deleting information about an infobase user).
  • Calling the Connect() method of the manager of external processing (reports).
  • Calling the method ExtendConfiguration.Write().
  • Working with COM objects.

How can this “miracle” be turned off?

To do this, you need to launch 1C Enterprise in configurator mode.
Select the menu “Administration” - “Users”.
In the window that opens for our users, you need to open the user settings window and uncheck the “Basic” tab "Protection from dangerous actions"

There are other ways to disable this:

It is now possible to specify a list of infobases, when working with which protection against dangerous actions will be disabled.
This function is responsible for the DisableUnsafeActionProtection parameter in the conf.cfg file, which allows you to disable the protection mechanism against dangerous actions for all users of certain infobases whose connection strings satisfy the masks specified in the DisableUnsafeActionProtection parameter.

In this parameter you can specify several masks separated by the “;” symbol, for example:

DisableUnsafeActionProtection=test_.*;stage_.*;

In addition, protection against dangerous user actions can be disabled programmatically, for which the following parameters and properties are available:

  • Parameter Protection from Dangerous Actions of the Connect() methods of external processing (report) managers
  • The Protection Against Dangerous Actions property of the Configuration Extension object before calling the Write() method of this object.

Checking the need to use protection against hazardous actions is carried out in the following order:

1. If the current user’s “Protection against dangerous activities” checkbox is cleared, then the protection is considered disabled.

2. If the connection string to the infobase satisfies one of the patterns specified in the DisableUnsafeActionProtection parameter of the conf.cfg file, then the protection is considered disabled.

3. If protection is explicitly disabled using the Protection Against Dangerous Actions parameter of external processing or report.

4. If protection is explicitly disabled using the extension property Protection from Dangerous Actions.

Print (Ctrl+P)

Configuration Objects

If it is necessary to use “untrusted” program code on the server: external processing or program code entered by the user for use in the Run() and Calculate() methods, you can use the safe operating mode.

In safe mode:

  • Privileged mode canceled.
  • Switching to privileged mode ignored.
  • Prohibited operations leading to the use of external means in relation to the 1C:Enterprise platform (including non-blocking analogues of the specified methods):
  • COM mechanisms:
    • COMObject();
    • GetCOMObject();
    • WrapperHTMLDocument.GetCOMObject().
  • Loading external components:
    • LoadExternalComponent();
    • ConnectExternalComponent().
  • File system access:
    • ValueInFile();
    • CopyFile();
    • MergeFiles();
    • MoveFile();
    • SplitFile();
    • CreateDirectory();
    • DeleteFiles();
    • New File;
    • New xBase;
    • EntryHTML.OpenFile();
    • ReadHTML.OpenFile();
    • ReadXML.OpenFile();
    • WriteXML.OpenFile();
    • ReadingFastInfoset.OpenFile();
    • RecordFastInfoset.OpenFile();
    • CanonicalXMLRecord.OpenFile();
    • TransformXSL.LoadFromFile();
    • WriteZipFile.Open();
    • ReadingZipFile.Open();
    • New ReadText(), if the first parameter is a string;
    • ReadText.Open(), if the first parameter is a string;
    • NewTextRecord(), if the first parameter is a string;
    • WriteText.Open(), if the first parameter is a string;
    • NewTextExtract();
    • changing the property ExtractText.FileName;
    • ExtractText.Write();
    • New Picture(), if the first parameter is a string;
    • Picture.Write();
    • new BinaryData();
    • BinaryData.Write();
    • NewDataRecord(), if the first parameter is a string;
    • New ReadData(), there is a first parameter - a string;
    • all methods of the FileStreamManager object;
    • New FileStream();
    • FormattedDocument.Write();
    • GeographicScheme.Read();
    • GeographicScheme.Write();
    • GeographicScheme.Print();
    • TabularDocument.Read();
    • TabularDocument.Write();
    • TabularDocument.Print(); GraphicScheme.Read();
    • GraphicScheme.Write();
    • GraphicScheme.Print();
    • TextDocument.Read();
    • TextDocument.Write().
  • Internet access:
    • New Internet Connection,
    • New InternetMail,
    • New InternetProxy,
    • New HTTPConnection,
    • New FTPConnection.

ATTENTION! When performing prohibited operations, an exception is thrown at runtime.

Note. External reports and processing opened using the File - Open menu are executed in safe mode if the user does not have administrative access rights.

The number of times you turn on safe mode must match the number of times you turn it off. However, if safe mode was turned on within a procedure or function (once or more), but was not turned off, the system will automatically shut down as many times as there were incomplete turns on in the procedure or function being left.

If in a procedure or function calls a method SetSafeMode(False) made more than method calls SetSafeMode(True), then an exception will be thrown.

Software installation of safe mode may be required when the configuration developer intends to use third-party (in relation to the configuration) program code, the reliability of which the developer cannot guarantee. An example of such code is the execution of the Execute() and Compute() methods in cases where the executable code is obtained from the outside world. In this case, a good practice would be to set Safe Mode before executing these methods:

// Program code is generated that should be executed // It is possible that the code is loaded from external sources // or entered manually ExecutableCode = GetExecutedCodeFromExternalWorld(); // Enable safe mode SetSafeMode(True); // Execute potentially dangerous code Execute(ExecutableCode); // Turn off safe mode SetSafeMode(False);

In some cases, Safe Mode settings may conflict with Privileged Mode settings. An example of such a conflict is the posting of a document for which the Privileged mode when posting property is set, from code in the built-in language that is executed in safe mode. In this case, privileged mode is disabled and attempts to enable it are ignored. As a result, the code in the embedded language, which “counts” on the enabled privileged mode, “encounters” its absence, which leads to errors with non-obvious reasons for their appearance. To prevent this situation, the 1C:Enterprise system automatically disables safe mode for event handlers that are available in the object module or manager module, provided that the executable code in the built-in language is not located in the configuration extension. Such handlers are marked in a special way in the syntax assistant.

It also provides the ability to disable Safe Mode from the built-in language (if the program code that is attempting to disable it is not in a configuration extension). To disable safe mode there is a method SetDisableSafeMode(). You can check that safe mode is currently disabled (automatically or by calling a method) using the method GetDisableSafeMode().

Within one method in the built-in language, there cannot be more than one level of nesting of setting the safe mode (by calling the SetSafeMode() method) and setting the disabling of the safe mode (automatically during the execution of metadata object event handlers or by calling the SetSafeModeDisable() method). When trying to increase nesting, an exception is thrown:

// Correct use of ProcedureProcedureName() SetDisableSafeMode(True);

When you run the Document Upload program as a regular user, the error "Safe mode is set. The operation is prohibited."

This difficulty arises because There are not enough rights to start external processing. To configure access rights, log into the database in 1C Enterprise mode on behalf of Administrator and go to the section User and rights settings / Access group profiles, click To create a group.

Enter the name of the group and check the boxes for the roles available to users of this group -

  • Interactive opening of external reports and processing
  • Using additional reports and processing

Click Save and close


Return to the Users menu and select from the list the employee who will work with the Document Upload program. Click Permissions. In the list of profiles, select the previously created profile. Click Write down.


So that users can start processing, it is recommended to add Document Loading to the list of external processing. To do this in the menu Administration / Printed forms and processing / Additional reports and processing create a new processing. Specify the path to the file "Download Documents.epf" and assign a name. Specify the location of the processing in the menu, from where the user can launch it later, for example, select the menu Directories

By clicking on the Quick access item, you indicate which users have access to processing:


After setting, click Save and close. To start processing, users will only need to re-enter the database and open it from the access menu (in the example - Directories) and click Execute.


Open Menu - All functions.... and find the option "Security profiles are used" in the list.


Just uncheck the "Security profiles are used" option.


After this, the program will launch successfully.

Programmatic opening of external processing is carried out using the global context object ExternalProcessing, which has the type ExternalProcessingManager. For each operating mode of the 1C platform (regular application mode and managed application mode), different object methods are used to work with external processing.

Running external processing in normal application mode

In a typical application, you must use the Create() method of the ExternalProcessing object, which is passed the full name of the external processing file. The method returns an object of type ExternalProcessing, this object is the external processing being opened. If you need to open an external processing form, then call the GetForm() method on the received object, which will return the main form, and then call the Open() method to open it.


Processing = ExternalProcessing.Create(FullFileName);
Processing.GetForm().Open();

In external processing, the main form must always be a regular one, and the controlled form must always be an additional one, otherwise the GetForm() method will not work in normal application mode.

Running external processing in managed application mode

In managed forms mode, the algorithm is divided by execution context. On the client, we receive binary data using the full name of the external processing file. We transfer the received binary data to the server and place it in temporary storage. Next, you need to call the Connect() method of the ExternalProcessing object, to which the address for temporary storage is passed. The method returns the name of the connected external processing. We return the name of the external processing to the client, create a string path to the processing form, and use the OpenForm() method to open the external processing form.

&On server
Function GetExternalProcessingName(BinaryData)
AddressInTemporaryStorage = PlaceInTemporaryStorage(BinaryData);
Return ExternalProcessing.Connect(AddressInTemporaryStorage);
EndFunction

&OnClient
FullFileName = ""; // Full name of the external processing file.
FileData = new BinaryData(FullFileName);
ExternalProcessingName = GetExternalProcessingName(FileData);
OpenForm("ExternalProcessing." + ExternalProcessingName + ".Form");

Safe mode for external processing

The Create() and Connect() methods of the ExternalProcessing object have an incoming parameter SafeMode - a sign of connecting external processing in safe mode. If the parameter is not specified, the connection will be made in secure mode.
Safe mode is designed to protect the system from executing “untrusted” program code on the server. Potential danger comes from external processing or program code entered by the user for use in the Run() and Calculate() methods.
Safe mode imposes the following restrictions:
  • privileged mode is canceled if it was installed;
  • attempts to enter privileged mode are ignored;
  • operations with COM objects are prohibited;
  • loading and connecting external components is prohibited;
  • access to the file system is prohibited (except for temporary files);
  • Internet access is prohibited.
Processes opened interactively are not performed in safe mode, therefore it is recommended to implement a mechanism for opening external processors in safe mode, as well as at the permission level to prohibit the user from interactively opening external processors.
To prohibit the interactive opening of processing, in all roles assigned to the user, it is necessary to remove the right “Interactive opening of external processing” (see Figure 1).
Figure 1. Rights to interactively open external processing/reports
The "Interactive opening of external processing" right does not affect the External Processing object in any way.

Programmatic opening of external reports is similar to external processing, but you should use the global context object ExternalReports, which has the type ExternalReportsManager.

Using “Trade Management 11.3” as an example, we will consider the simple process of connecting an external printing form. We will also consider the features of the new security system.

Fast passage

Preliminary actions

First you should enable functionality or check its availability

1. Log in with full rights to the information database.

2. Go to the menu “Master data and administration”/Block “Administration”/Command “Printed forms, reports and processing”.

Addition

In the section that opens:

We add processing using the “Create” button (this is important) or “Update!” existing:

  • Select it in the list (if not selected or empty, the command will not work, but will not say anything).
  • Click the “Load from file” button.

After the appearance for 1C in external processing, security checks appeared in new configurations.

You should install only processing created independently or received through known communication channels (not from mail, only from a website with a valid certificate, or provided by the developer’s employees, confirmed by him by phone).

If everything in the processing is prescribed by the developer, then “Placement” will be set - the objects in which the processing will be involved, the command(s) will appear.
To work, just click “Save and close”.

Examination

Immediately after this, depending on the type of treatment:

  • The printed form becomes available when opening a document or from its list (for an already open one when opening it again) by clicking the “Print” button.
  • Processing is available in the “Additional Processing” sections in each subsystem
  • Processing of filling using the “Fill” button of the list or the main command panel of the object form.

For the above processing, the launch will look like this:

If the document is new, it should be written down; the external processing mechanism will warn you about this:

Further behavior depends on the built-in functionality: it is possible to open a form or simply process data.

Security warnings in 1C

New platform releases and configurations have increased protection against the launch of malicious programs.

Processing may cause Excel to launch to load, in which case the new security subsystem will also warn you:

In this case, the handler code is interrupted.

If you click “Yes”, the system will ask you to run the command again:

It is possible for an infobase user to disable protection from dangerous actions through the “Configurator”:

This cannot be changed from the “Enterprise” mode, perhaps this was done on purpose, and may appear after the update.

It should also be noted that if processing uses Excel, it must run in unsafe mode (this was the case before the introduction of the new system, this works in parallel):

"Unable to load MS EXCEL!!!" “Safe mode has been set. The operation is prohibited"

In external processing it looks like this:

The developer should set it to “False” in the internal processing description, then everything will be fine:

Function InformationOnExternalProcessing() ExportRegistrationParameters = New Structure;

Registration Parameters.Insert("SafeMode", False);