Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Initial support for IPP / driverless printing #2332

Draft
wants to merge 5 commits into
base: main
Choose a base branch
from
Draft

Initial support for IPP / driverless printing #2332

wants to merge 5 commits into from
+225 −67

Conversation

deeplow
Copy link
Contributor

@deeplow deeplow commented Dec 13, 2024
edited
Loading

This PR includes two sets of changes: ( ⚠️ NOTE I originally thought they had to be in the same PR, but I may be able to split them for easier review)

  • Print: Find alternative to PPD #2088 Changes export logic (in sd-devices) to be able to detect IPP printers without breaking compatibility with the old system.
    • To achieve this, ipp-usb is used in combination with Avahi. The former detects IPP-compatible printers and creates a local IPP server. Avahi allows for the discovery of these printing servers such that print dialogs can display print information.
    • Contrary to the legacy printer support, for driverless printing, no print queue is setup with lpadmin. Printers are automatically discovered.
  • Switch printer front-end for SecureDrop Workstation #2156 Replacing XPP with a more modern alternative

To achieve this, ipp-usb is used in combination with Avahi. The former detects IPP-compatible printers and creates a local IPP server. Avahi allows for the discovery of these printing servers such that print dialogs can display print information.

Contrary to the legacy printer support, for driverless printing, no print queue is setup with lpadmin. Printers are automatically discovered.

Status

Work in progress

Description

Fixes #2088 #2156.

TODO:

  • Find a way to have avahi enabled (preset as enabled is not cutting it)
  • add print dialog code (and get PyGObject wheels to build) (used system packages in venv instead)
  • handle exceptions
  • add tests

Test Plan

Checklist

If these changes modify code paths involving cryptography, the opening of files in VMs or network (via the RPC service) traffic, Qubes testing in the staging environment is required. For fine tuning of the graphical user interface, testing in any environment in Qubes is required. Please check as applicable:

  • I have tested these changes in the appropriate Qubes environment
  • I do not have an appropriate Qubes OS workstation set up (the reviewer will need to test these changes)
  • These changes should not need testing in Qubes

If these changes add or remove files other than client code, the AppArmor profile may need to be updated. Please check as applicable:

  • I have updated the AppArmor profile
  • No update to the AppArmor profile is required for these changes
  • I don't know and would appreciate guidance

If these changes modify the database schema, you should include a database migration. Please check as applicable:

  • I have written a migration and upgraded a test database based on main and confirmed that the migration is self-contained and applies cleanly
  • I have written a migration but have not upgraded a test database based on main and would like the reviewer to do so
  • I need help writing a database migration
  • No database schema changes are needed

@deeplow
Copy link
Contributor Author

deeplow commented Jan 13, 2025

Progress update

I have now added the GTK dialog itself. As you can see it gets information from the printer before it shows the options. It's a bit of downside of driverless printing when the printer was not previously added. The user has to wait a tiny bit until the printer configurations are obtained. There are ways around that (i.e. adding a print queue), but that requires state, which we're avoiding in disposables. (we decided that here)

20652

Next steps

I have updated the TODO list on the first post

@deeplow
Copy link
Contributor Author

deeplow commented Jan 13, 2025
edited
Loading

@legoktm regarding the following comment:

securedrop-client/export/pyproject.toml

Lines 14 to 21 in bdf52bc

# In production these two are installed using a system package
# so match those versions exactly
pygobject = [
{version = "=3.42.2", python = ">=3.11"}, # bookworm
]
pycairo = [
{version = "=1.20.1", python = ">=3.11"}, # bookworm
]

How critical is is that we keep this in sync? Should some sort of CI warning to update this when the debian packages have been updated? How is it handled for Qt in securedrop-client?

Also, do we need it in the root pyproject.toml? It's causing problems in the CI / safety (could be because it's asking for a later version).

@legoktm
Copy link
Member

legoktm commented Jan 13, 2025

How critical is is that we keep this in sync? Should some sort of CI warning to update this when the debian packages have been updated? How is it handled for Qt in securedrop-client?

Relatively important, mostly so that our local operation and tests are using the same version that the package is. Realistically the version should only change when we switch Debian versions (e.g. bookworm -> trixie), so we can handle it then. It would be pretty rare for a version bump to come out once a version has already been made stable.

Also, do we need it in the root pyproject.toml?

No, just in export's. The only things in the root pyproject.toml should be the various CI tools we run across the whole project.

@deeplow
Copy link
Contributor Author

deeplow commented Jan 15, 2025

How critical is is that we keep this in sync? Should some sort of CI warning to update this when the debian packages have been updated? How is it handled for Qt in securedrop-client?

Relatively important, mostly so that our local operation and tests are using the same version that the package is. Realistically the version should only change when we switch Debian versions (e.g. bookworm -> trixie), so we can handle it then. It would be pretty rare for a version bump to come out once a version has already been made stable.

OK.

Also, do we need it in the root pyproject.toml?

No, just in export's. The only things in the root pyproject.toml should be the various CI tools we run across the whole project.

I have removed it now. I may have added it originally by mistake.

@deeplow
Copy link
Contributor Author

deeplow commented Jan 15, 2025

Challenge: how to access exceptions raised in GTK?

One challenge I was having was that exceptions were getting trapped in the GTK print dialog. But we needed to access those exceptions from non-GTK code (the one which calls GTK). However, GTK does not seem to like this use-case. I looked at a few alternative approaches:

  • GTK application exit codes - GTK has a way to return some exit codes, but it requires setting up the GTK application as a CLI one. Ultimately this seemed to be more complex than it should for our case and we'd still need a way to map exit codes to print exceptions for proper handling.

  • Modifying excepthook to close the GTK main loop when an exception is raised: Something like this:

      app = PrintDialog()
  def excepthook(type, value, tb):
    if app:
        app.quit()
    sys.__excepthook__(type, value, tb)

    I chose not to go this way given that globals are not ideal and they could introduce other kinds of issues.

  • Context manager to keep track of exceptions - this is the option I went for, which piggy backs on the previous one, but does so with a context manager. The context manager returns a function to pass along the expected exception, which is then raised on exit. See the commit message for more details: e9ee2f0

Am I missing something? Are there better ways to approach this? I am not satisfied with the current solution, but strangely enough I couldn't find many attempts online at solving this particular issue.

@deeplow deeplow force-pushed the 2088-ipp-printers branch 2 times, most recently from e19b9bb to d688731 Compare January 15, 2025 15:11
This was referenced Jan 15, 2025
Open
Open
@deeplow
Initial support for IPP / driverless printing
63a791c 
Changes export logic (in sd-devices) to be able to detect IPP
printers without breaking compatibility with the old system.

To achive this, ipp-usb is used in combination with Avahi.
The former detects IPP-compatible printers and creates a local IPP
server. Avahi allows for the discovery of these printing servers
such that print dialogs can display print information.

Contrary to the legacy printer support, for driverless printing,
no print queue is setup with `lpadmin`. Printers are automatically
discovered.
@deeplow
Pull in pygobject as a Debian package dependency
0bfba7e 
Necessary for GTK print dialog
@deeplow
Replace XPP with Gtk print dialog and dependencies
ffe386a 
Note: system-wide dependencies made available from
securedrop-export venv due to the need to access python3-gi.
Otherwise it would require too many build dependencies and complexity.
Given that python3-gi is already required by some Qubes components,
it does not add too many new dependencies.
@deeplow
WIP: Print Dialog: hack to obtain exceptions raised in print dialog
3e72356 
Exceptions raised in GTK code are trapped. However, the print logic
needs to know the result of the print dialog (usually communicated
through exceptions). A context manager is used to keep track of
the exception the GTK code would ideally raise.
@deeplow
Handle printer discovery failure through exceptions
66eb231 
Incapsulate printer search and possible failure in the respective
printer search methods.
deeplow
deeplow commented Jan 17, 2025
View reviewed changes
export/securedrop_export/print/service.py
@@ -113,62 +113,73 @@ def printer_test(self) -> Status:
# a success status here
return Status.PRINT_TEST_PAGE_SUCCESS

def _wait_for_print(self):
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have removed the _wait_for_print() method because the print dialog can already obtains some eventual errors occurred during the print job. So my implementation simply exits the dialog either with some error or success.

Proposed Troubleshooting Workflow

But not all failures were marked as errors by the print dialog. For example, I tried to print with an open tray and both dialogs were closed (PRINT_SUCCESS), but the printer errored out. Luckily, there is some information on the top right-hand corner of the screen:

Screenshot_2025-01-17_12-59-10

If I wanted to troubleshoot, I could click on the little "printer" icon in the tray menu and it would open the queued print documents and some actions to troubleshoot:

Screenshot_2025-01-17_12-59-31

Instead of waiting for the document to be printed with a spinning icon in the client dialog, I'd propose that we close all dialogs if successfully sent the job to the printer tools. What this means .

I guess ultimately this a UX question. Should I re-implement a way to have the client print dialog hanging / waiting while a document is fully printed, or should all print-related dialogs close as soon as the print is initiated and we let the users troubleshoot via messages in the right-hand corner and the respective print queue utility (accessed from the tray menu)?

@deeplow deeplow added this to the 0.15.0 milestone Jan 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.15.0
Development

Successfully merging this pull request may close these issues.

Print: Find alternative to PPD
2 participants
@deeplow @legoktm