struct AuthorizationStore;
typedef struct AuthorizationStore AuthorizationStore;
-static AuthorizationStore *authorization_store_new (PolkitIdentity *identity);
-
static void authorization_store_free (AuthorizationStore *store);
-static GList *authorization_store_get_all_authorizations (AuthorizationStore *store);
-
/* ---------------------------------------------------------------------------------------------------- */
static AuthorizationStore *get_authorization_store_for_identity (PolkitBackendLocalAuthority *authority,
/* then see if there's a temporary authorization for the subject */
if (check_temporary_authorization_for_subject (local_authority, subject, action_id))
{
+ g_debug (" is authorized (has temporary authorization)");
result = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
goto out;
}
/* then see if we have an authorization for the user */
if (check_authorization_for_identity (local_authority, user_of_subject, action_id))
{
+ g_debug (" is authorized (user identity has authorization)");
result = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
goto out;
}
if (check_authorization_for_identity (local_authority, group, action_id))
{
+ g_debug (" is authorized (group identity has authorization)");
result = POLKIT_AUTHORIZATION_RESULT_AUTHORIZED;
goto out;
}
}
-#if 0
- g_set_error (error,
- POLKIT_ERROR,
- POLKIT_ERROR_NOT_SUPPORTED,
- "Not implemented (subject=%s action_id=%s)",
- subject_str, action_id);
-#endif
-
- /* TODO */
+ g_debug (" not authorized");
out:
g_free (subject_str);
if (user_of_subject != NULL)
g_object_unref (user_of_subject);
+ g_debug (" ");
+
return result;
}
g_debug ("enumerating authorizations for %s", identity_str);
- /* TODO: check caller is authorized */
+ /* TODO: check if caller is authorized */
polkit_backend_authority_enumerate_authorizations_finish (pending_call,
get_authorizations_for_identity (local_authority,
action_id,
is_negative);
+ /* TODO: check if caller is authorized */
+
polkit_backend_pending_call_return_error (pending_call,
POLKIT_ERROR,
POLKIT_ERROR_NOT_SUPPORTED,
action_id,
is_negative);
+ /* TODO: check if caller is authorized */
+
polkit_backend_pending_call_return_error (pending_call,
POLKIT_ERROR,
POLKIT_ERROR_NOT_SUPPORTED,
};
+static AuthorizationStore *authorization_store_new (PolkitIdentity *identity);
+static GList *authorization_store_get_all_authorizations (AuthorizationStore *store);
+
+static gboolean authorization_store_has_permanent_authorization (AuthorizationStore *store,
+ const gchar *action_id);
+
/* private */
static void authorization_store_reload_permanent_authorizations (AuthorizationStore *store);
gboolean is_negative;
PolkitAuthorization *authorization;
+ /* skip blank lines and comments */
+ if (strlen (line) == 0 || line[0] == '#')
+ continue;
+
tokens = g_strsplit (line, " ", 0);
num_tokens = g_strv_length (tokens);
return result;
}
+static gboolean
+authorization_store_has_permanent_authorization (AuthorizationStore *store,
+ const gchar *action_id)
+{
+ GList *l;
+ gboolean ret;
+
+ ret = FALSE;
+
+ for (l = store->authorizations; l != NULL; l = l->next)
+ {
+ PolkitAuthorization *authorization = POLKIT_AUTHORIZATION (l->data);
+ const gchar *authorization_action_id;
+
+ authorization_action_id = polkit_authorization_get_action_id (authorization);
+ if (strcmp (authorization_action_id, action_id) == 0)
+ {
+ ret = TRUE;
+ goto out;
+ }
+ }
+
+ out:
+ return ret;
+}
+
/* ---------------------------------------------------------------------------------------------------- */
static AuthorizationStore *
PolkitIdentity *identity,
const gchar *action_id)
{
- /* TODO */
- return FALSE;
+ AuthorizationStore *store;
+ gboolean result;
+
+ result = FALSE;
+
+ store = get_authorization_store_for_identity (authority, identity);
+ if (store == NULL)
+ goto out;
+
+ result = authorization_store_has_permanent_authorization (store, action_id);
+
+ out:
+ return result;
}
static gboolean
AuthorizationStore *store;
GList *result;
+ result = NULL;
+
store = get_authorization_store_for_identity (authority, identity);
if (store == NULL)
goto out;