1 <?xml version="1.0" encoding="UTF-8"?>
2 <node xmlns:tp="http://telepathy.freedesktop.org/wiki/DbusSpec#extensions-v0" name="/node">
3 <interface name="org.freedesktop.atspi.LoginHelper">
4 <tp:docstring xmlns="http://www.w3.org/1999/xhtml">
5 <p>@brief An interface for use by assistive technologies by which
6 they can access system information and services on a 'need to know'
7 basis while the screen is locked, during user authentication, or
8 during other sensitive operations. </p>
10 <p>This interface is intended for use by assistive technologies
11 and related user-enabling services, and by applications and
12 utilities which may wish to restrict access to certain system
13 devices and services during security-sensitive states, e.g. when
14 the screen is locked or during authentication into some secure
17 <p>Such 'applications' (for instance, screen lock dialogs and
18 security-enabled web browsers) use the ::LoginHelper client
19 interfaces, and the bonobo-activation query service, to
20 query for assistive technologies which advertise the ::LoginHelper
21 service. The client then queries these assistive technologies
22 for their device I/O requirements, via the ::getDeviceReqs call.
23 The client may then issue the advisory request ::setSafe (TRUE),
24 which requests that the ::LoginHelper -implementing service make a
25 best-effort attempt to make itself more secure (for instance,
26 an onscreen keyboard might turn off word prediction, and a
27 screenreader may turn off keyboard echo via speech). The return
28 value of ::setSafe is an advisory indication of whether this attempt
29 was successful (no specific guarantees are implied).
30 Once the 'security sensitive' state is exited, the client should
31 call ::setSafe (FALSE). </p>
33 <p>The return values from ::getDeviceReqs inform the client of which
34 services the ::LoginHelper service (e. g. assistive technology) needs
35 in order to do its job. The client may use this information to
36 loosen any restrictions on access which it may currently have in
37 place (for instance, keyboard grabs, etc.). If it does not do so,
38 the likely outcome is that the end-user will experience loss
39 of access to the system. </p>
41 <tp:struct name="WindowInfo">
42 <tp:docstring xmlns="http://www.w3.org/1999/xhtml">
43 <p>A structure containing info about toplevel X windows that
44 the ::LoginHelper instance wishes to have raised. </p>
46 <tp:member type="i" tp:name="winID">
47 <tp:docstring xmlns="http://www.w3.org/1999/xhtml">
53 <tp:enum name="DeviceReq" type="u">
54 <tp:docstring xmlns="http://www.w3.org/1999/xhtml">
57 <p>The system and device access and services which the LoginHelper-implementing
58 assistive technology requires in order to enable the user to use the system. </p>
60 <tp:enumvalue suffix="GUI_EVENTS">
62 !<: Needs access to the GUI event subsystem (e.g. Xserver)
65 <tp:enumvalue suffix="CORE_KEYBOARD" value="1">
67 !<: Needs access to the system keyboard events (read and write)
70 <tp:enumvalue suffix="CORE_POINTER" value="2">
72 !<: Needs access to the onscreen pointer (e.g. mouse pointer)
75 <tp:enumvalue suffix="EXT_INPUT" value="3">
77 !<: Reads XInput extended input devices
80 <tp:enumvalue suffix="POST_WINDOWS" value="4">
82 !<: Posts Windows, and needs for toplevel windows to be visible
85 <tp:enumvalue suffix="AUDIO_OUT" value="5">
87 !<: Writes to audio device
90 <tp:enumvalue suffix="AUDIO_IN" value="6">
92 !<: Reads from audio device
95 <tp:enumvalue suffix="NETWORK" value="7">
97 !<: Requires access to general network services, including remote access
100 <tp:enumvalue suffix="LOCALHOST" value="8">
102 !<: Requires network services hosted on LOCALHOST only
105 <tp:enumvalue suffix="SERIAL_OUT" value="9">
107 !<: Writes to a serial port
110 <tp:enumvalue suffix="SERIAL_IN" value="10">
112 !<: Reads from a serial port
116 <method name="setSafe">
120 <arg direction="in" name="safe_mode" type="b" tp:type="boolean">
122 \c TRUE if the client is requesting that 'safe mode' be initiated, \c FALSE if the client is advising that 'safe mode' may beexited, i.e. normal operation may be resumed.Request a LoginHelper to enter "safe" mode, orinform LoginHelper that "safe" mode may be exited.If \a safe_mode is \c TRUE, but the return value is \c FALSE,the requesting client may wish to deny services to the ::LoginHelper, for instance avoid raising its toplevels.The return value is purely advisory, and no guarantees are intended about what the implementing LoginHelper will do to improve security when in "safe" mode.
125 <arg direction="out" type="b" tp:type="boolean">
127 whether the ::LoginHelper is now "safe" or not.
131 <method name="getDeviceReqs">
132 <tp:docstring xmlns="http://www.w3.org/1999/xhtml">
133 <p>getDeviceReqs: </p>
135 <p>Query a ::LoginHelper for the types of
136 device I/O it requires, in order to do its job.
137 For instance, a ::LoginHelper which needs to receive keyboard
139 Accessibility_LoginHelper_CORE_KEYBOARD in this list. </p>
141 <arg direction="out" type="u" tp:type="DeviceReqList">
143 A sequence of ::LoginHelper_DeviceReq indicatingthe device I/O required in order to facilitate end-user access to the system.
147 <method name="getRaiseWindows">
148 <tp:docstring xmlns="http://www.w3.org/1999/xhtml">
149 <p>getRaiseWindows: </p>
151 <p>Get a list of window IDs that need raising on login. </p>
153 <arg direction="out" type="ai" tp:type="WindowList">
155 a sequence containing window IDS for toplevels whichneed to be raised/made visible during user authentication, inorder for the ::LoginHelper to facilitate end-user access to the system.