* @pk_context: the PolicyKit context
* @action: the type of access to check for
* @session: the session in question
- * @revoke_if_oneshot: TODO
+ * @is_mechanism: Whether the mechanism carrying out the action is
+ * asking. This can be used to revoke one-time-only authorizations.
*
* Determine if any caller from a giver session is authorized to do a
* given action.
polkit_context_is_session_authorized (PolKitContext *pk_context,
PolKitAction *action,
PolKitSession *session,
- polkit_bool_t revoke_if_oneshot)
+ polkit_bool_t is_mechanism)
{
/* TODO: properly implement */
return polkit_context_can_session_do_action (pk_context, action, session);
* @pk_context: the PolicyKit context
* @action: the type of access to check for
* @caller: the caller in question
- * @revoke_if_oneshot: TODO
+ * @is_mechanism: Whether the mechanism carrying out the action is
+ * asking. This can be used to revoke one-time-only authorizations.
*
* Determine if a given caller is authorized to do a given action.
*
polkit_context_is_caller_authorized (PolKitContext *pk_context,
PolKitAction *action,
PolKitCaller *caller,
- polkit_bool_t revoke_if_oneshot)
+ polkit_bool_t is_mechnanism)
{
/* TODO: properly implement */
return polkit_context_can_caller_do_action (pk_context, action, caller);
PolKitResult polkit_context_is_caller_authorized (PolKitContext *pk_context,
PolKitAction *action,
PolKitCaller *caller,
- polkit_bool_t revoke_if_oneshot);
+ polkit_bool_t is_mechanism);
PolKitResult polkit_context_is_session_authorized (PolKitContext *pk_context,
PolKitAction *action,
PolKitSession *session,
- polkit_bool_t revoke_if_oneshot);
+ polkit_bool_t is_mechanism);
PolKitAuthorizationDB *polkit_context_get_authorization_db (PolKitContext *pk_context);
<arg name="action_id" direction="in" type="s"/>
<!-- IN: process id of caller to check for -->
<arg name="pid" direction="in" type="u"/>
+ <!-- IN: see parameter 'is_mechanism' in polkit_context_is_caller_authorized() -->
+ <arg name="is_mechanism" direction="in" type="b"/>
+
<!-- OUT: the PolKitResult in textual form -->
<arg name="result" direction="out" type="s"/>
</method>
<arg name="action_id" direction="in" type="s"/>
<!-- IN: Unique name on the system bus of the caller to check for -->
<arg name="system_bus_name" direction="in" type="s"/>
+ <!-- IN: see parameter 'is_mechanism' in polkit_context_is_caller_authorized() -->
+ <arg name="is_mechanism" direction="in" type="b"/>
<!-- OUT: the PolKitResult in textual form -->
<arg name="result" direction="out" type="s"/>
</method>
+ <!-- Both methods can throw these exceptions:
+
+ org.freedesktop.PolicyKit.GeneralError
+ if e.g. the passed parameters are bogus
+
+ org.freedesktop.PolicyKit.NotAuthorized
+ if the caller is not authorized to know this; e.g. if he
+ lacks the org.freedesktop.policykit.read authorization
+ -->
+
</interface>
</node>
(dbus_message_get_interface (message) != NULL &&
g_str_has_prefix (dbus_message_get_interface (message), "org.freedesktop.ConsoleKit"))) {
if (polkit_tracker_dbus_func (daemon->priv->pk_tracker, message)) {
-
/* Something has changed! TODO: emit D-Bus signal? */
- g_debug ("Something has changed!");
}
}
is_caller_authorized (PolKitDaemon *daemon,
const char *action_id,
PolKitCaller *pk_caller,
+ gboolean is_mechanism,
DBusGMethodInvocation *context)
{
gboolean ret;
pk_action = polkit_action_new ();
polkit_action_set_action_id (pk_action, action_id);
- pk_result = polkit_context_is_caller_authorized (daemon->priv->pk_context, pk_action, pk_caller, FALSE);
+ pk_result = polkit_context_is_caller_authorized (daemon->priv->pk_context, pk_action, pk_caller, is_mechanism);
polkit_action_unref (pk_action);
dbus_g_method_return (context, polkit_result_to_string_representation (pk_result));
polkit_daemon_is_process_authorized (PolKitDaemon *daemon,
const char *action_id,
guint32 pid,
+ gboolean is_mechanism,
DBusGMethodInvocation *context)
{
gboolean ret;
goto out;
}
- ret = is_caller_authorized (daemon, action_id, pk_caller, context);
+ ret = is_caller_authorized (daemon, action_id, pk_caller, is_mechanism, context);
out:
return ret;
polkit_daemon_is_system_bus_name_authorized (PolKitDaemon *daemon,
const char *action_id,
const char *system_bus_name,
+ gboolean is_mechanism,
DBusGMethodInvocation *context)
{
gboolean ret;
error = g_error_new (POLKIT_DAEMON_ERROR,
POLKIT_DAEMON_ERROR_GENERAL,
"Given system bus name is not a valid unique system bus name");
- dbus_error_free (&dbus_error);
dbus_g_method_return_error (context, error);
g_error_free (error);
goto out;
goto out;
}
- ret = is_caller_authorized (daemon, action_id, pk_caller, context);
+ ret = is_caller_authorized (daemon, action_id, pk_caller, is_mechanism, context);
out:
return ret;
*
*/
+#ifndef __POLKIT_DAEMON_H__
+#define __POLKIT_DAEMON_H__
+
+#include <glib-object.h>
+#include <polkit-dbus/polkit-dbus.h>
+
+G_BEGIN_DECLS
+
#define POLKIT_TYPE_DAEMON (polkit_daemon_get_type ())
#define POLKIT_DAEMON(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_DAEMON, PolKitDaemon))
#define POLKIT_DAEMON_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_DAEMON, PolKitDaemonClass))
/* exported methods */
-gboolean polkit_daemon_is_session_authorized (PolKitDaemon *daemon,
- const char *action_id,
- const char *ck_session_id,
- DBusGMethodInvocation *context);
-
gboolean polkit_daemon_is_process_authorized (PolKitDaemon *daemon,
const char *action_id,
guint32 pid,
+ gboolean is_mechanism,
DBusGMethodInvocation *context);
gboolean polkit_daemon_is_system_bus_name_authorized (PolKitDaemon *daemon,
const char *action_id,
const char *system_bus_name,
+ gboolean is_mechanism,
DBusGMethodInvocation *context);
+
+G_END_DECLS
+
+#endif /* __POLKIT_DAEMON_H__ */