From: David Zeuthen Date: Tue, 20 Jan 2009 21:18:18 +0000 (-0500) Subject: add enumeration and handling of implicit authorizations X-Git-Tag: 0.91~48^2~9 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=affe51cb9543dd6091d9722b15902e29a8610b7c;p=platform%2Fupstream%2Fpolkit.git add enumeration and handling of implicit authorizations Now to actually use them... --- diff --git a/actions/org.freedesktop.policykit.policy.in b/actions/org.freedesktop.policykit.policy.in index 9613355..72aa67e 100644 --- a/actions/org.freedesktop.policykit.policy.in +++ b/actions/org.freedesktop.policykit.policy.in @@ -15,7 +15,7 @@ no no - auth_admin_keep_always + auth_admin_keep @@ -25,7 +25,7 @@ no no - auth_admin_keep_always + auth_admin_keep @@ -35,7 +35,7 @@ no no - auth_admin_keep_always + auth_admin_keep @@ -45,7 +45,7 @@ no no - auth_admin_keep_always + auth_admin_keep diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml index 840a79a..c21fa84 100644 --- a/data/org.freedesktop.PolicyKit1.Authority.xml +++ b/data/org.freedesktop.PolicyKit1.Authority.xml @@ -32,33 +32,81 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - - @@ -126,7 +174,7 @@ - + diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am index 6d8ba69..9251ef6 100644 --- a/src/polkit/Makefile.am +++ b/src/polkit/Makefile.am @@ -20,6 +20,7 @@ BUILT_SOURCES = \ _polkitauthority.c _polkitauthority.h \ _polkitauthorization.c _polkitauthorization.h \ _polkitauthorizationresult.c _polkitauthorizationresult.h \ + _polkitimplicitauthorization.c _polkitimplicitauthorization.h \ _polkitcheckauthorizationflags.c _polkitcheckauthorizationflags.h \ _polkitbindings.c _polkitbindings.h \ _polkitbindingsmarshal.c _polkitbindingsmarshal.h \ @@ -56,6 +57,7 @@ libpolkit_gobject_1include_HEADERS = \ polkitauthorizationresult.h \ polkitcheckauthorizationflags.h \ polkitauthorization.h \ + polkitimplicitauthorization.h \ $(NULL) libpolkit_gobject_1_la_SOURCES = \ @@ -74,6 +76,7 @@ libpolkit_gobject_1_la_SOURCES = \ polkitauthorizationresult.c polkitauthorizationresult.h \ polkitcheckauthorizationflags.c polkitcheckauthorizationflags.h \ polkitauthorization.c polkitauthorization.h \ + polkitimplicitauthorization.c polkitimplicitauthorization.h \ $(NULL) libpolkit_gobject_1_la_CFLAGS = \ diff --git a/src/polkit/polkit.h b/src/polkit/polkit.h index 19d130d..6de31f2 100644 --- a/src/polkit/polkit.h +++ b/src/polkit/polkit.h @@ -24,6 +24,7 @@ #define _POLKIT_INSIDE_POLKIT_H 1 +#include #include #include #include diff --git a/src/polkit/polkitactiondescription.c b/src/polkit/polkitactiondescription.c index 2133024..44e14a1 100644 --- a/src/polkit/polkitactiondescription.c +++ b/src/polkit/polkitactiondescription.c @@ -24,6 +24,7 @@ #endif #include +#include "polkitimplicitauthorization.h" #include "polkitactiondescription.h" #include "_polkitactiondescription.h" @@ -133,6 +134,25 @@ polkit_action_description_get_vendor_url (PolkitActionDescription *action_descri return _polkit_action_description_get_vendor_url (action_description->real); } +PolkitImplicitAuthorization +polkit_action_description_get_implicit_any (PolkitActionDescription *action_description) +{ + return _polkit_action_description_get_implicit_any (action_description->real); +} + +PolkitImplicitAuthorization +polkit_action_description_get_implicit_inactive (PolkitActionDescription *action_description) +{ + return _polkit_action_description_get_implicit_inactive (action_description->real); +} + +PolkitImplicitAuthorization +polkit_action_description_get_implicit_active (PolkitActionDescription *action_description) +{ + return _polkit_action_description_get_implicit_active (action_description->real); +} + + GIcon * polkit_action_description_get_icon (PolkitActionDescription *action_description) { diff --git a/src/polkit/polkitactiondescription.h b/src/polkit/polkitactiondescription.h index 60f1b3d..948d0c1 100644 --- a/src/polkit/polkitactiondescription.h +++ b/src/polkit/polkitactiondescription.h @@ -47,6 +47,11 @@ const gchar *polkit_action_description_get_message (PolkitActi const gchar *polkit_action_description_get_vendor_name (PolkitActionDescription *action_description); const gchar *polkit_action_description_get_vendor_url (PolkitActionDescription *action_description); GIcon *polkit_action_description_get_icon (PolkitActionDescription *action_description); + +PolkitImplicitAuthorization polkit_action_description_get_implicit_any (PolkitActionDescription *action_description); +PolkitImplicitAuthorization polkit_action_description_get_implicit_inactive (PolkitActionDescription *action_description); +PolkitImplicitAuthorization polkit_action_description_get_implicit_active (PolkitActionDescription *action_description); + const gchar *polkit_action_description_get_annotation (PolkitActionDescription *action_description, const gchar *key); const gchar * const *polkit_action_description_get_annotation_keys (PolkitActionDescription *action_description); diff --git a/src/polkit/polkitimplicitauthorization.c b/src/polkit/polkitimplicitauthorization.c new file mode 100644 index 0000000..a691160 --- /dev/null +++ b/src/polkit/polkitimplicitauthorization.c @@ -0,0 +1,128 @@ +/* + * Copyright (C) 2008 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General + * Public License along with this library; if not, write to the + * Free Software Foundation, Inc., 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. + * + * Author: David Zeuthen + */ + +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#include + +#include "polkitimplicitauthorization.h" +#include "polkitprivate.h" + +/** + * SECTION:polkitimplicitauthorization + * @title: PolkitImplicitAuthorization + * @short_result: Implicit Authorizations + * + * Possible implicit authorizations. + */ + +GType +polkit_implicit_authorization_get_type (void) +{ + return _polkit_implicit_authorization_get_type (); +} + +gboolean +polkit_implicit_authorization_from_string (const gchar *string, + PolkitImplicitAuthorization *out_implicit_authorization) +{ + PolkitImplicitAuthorization result; + gboolean ret; + + ret = TRUE; + result = POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED; + + if (strcmp (string, "no") == 0) + { + result = POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED; + } + else if (strcmp (string, "auth_self") == 0) + { + result = POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED; + } + else if (strcmp (string, "auth_admin") == 0) + { + result = POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED; + } + else if (strcmp (string, "auth_self_keep") == 0) + { + result = POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED_RETAINED; + } + else if (strcmp (string, "auth_admin_keep") == 0) + { + result = POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED_RETAINED; + } + else if (strcmp (string, "yes") == 0) + { + result = POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED; + } + else + { + g_warning ("Unknown PolkitImplicitAuthorization string '%s'", string); + ret = FALSE; + } + + if (out_implicit_authorization != NULL) + *out_implicit_authorization = result; + + g_debug ("parsed '%s' to %d", string, result); + + return ret; +} + +const gchar * +polkit_implicit_authorization_to_string (PolkitImplicitAuthorization implicit_authorization) +{ + const gchar *s; + + s = "(unknown)"; + + switch (implicit_authorization) + { + case POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED: + s = "no"; + break; + + case POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED: + s = "auth_self"; + break; + + case POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED: + s = "auth_admin"; + break; + + case POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED_RETAINED: + s = "auth_self_keep"; + break; + + case POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED_RETAINED: + s = "auth_admin_keep"; + break; + + case POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED: + s = "yes"; + break; + } + + return s; +} diff --git a/src/polkit/polkitimplicitauthorization.h b/src/polkit/polkitimplicitauthorization.h new file mode 100644 index 0000000..12d2880 --- /dev/null +++ b/src/polkit/polkitimplicitauthorization.h @@ -0,0 +1,62 @@ +/* + * Copyright (C) 2008 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General + * Public License along with this library; if not, write to the + * Free Software Foundation, Inc., 59 Temple Place, Suite 330, + * Boston, MA 02111-1307, USA. + * + * Author: David Zeuthen + */ + +#ifndef __POLKIT_IMPLICIT_AUTHORIZATION_H +#define __POLKIT_IMPLICIT_AUTHORIZATION_H + +#include + +G_BEGIN_DECLS + +GType polkit_implicit_authorization_get_type (void) G_GNUC_CONST; + +#define POLKIT_TYPE_IMPLICIT_AUTHORIZATION (polkit_implicit_authorization_get_type ()) + +/** + * PolkitImplicitAuthorization: + * @POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED: Subject is not authorized. + * @POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED: Authentication is required. + * @POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED: Authentication as an administrator is required. + * @POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED_RETAINED: Authentication is required. If the authorization is obtained, it is retained. + * @POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED_RETAINED: Authentication as an administrator is required. If the authorization is obtained, it is retained. + * @POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED: The subject is authorized + * + * Possible implicit authorizations. + */ +typedef enum +{ + POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED = 0, + POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED = 1, + POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED = 2, + POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED_RETAINED = 3, + POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED_RETAINED = 4, + POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED = 5, +} PolkitImplicitAuthorization; + +const gchar *polkit_implicit_authorization_to_string (PolkitImplicitAuthorization implicit_authorization); + +gboolean polkit_implicit_authorization_from_string (const gchar *string, + PolkitImplicitAuthorization *out_implicit_authorization); + + +G_END_DECLS + +#endif /* __POLKIT_IMPLICIT_AUTHORIZATION_H */ diff --git a/src/polkit/polkitprivate.h b/src/polkit/polkitprivate.h index 2ec46b5..88b4b41 100644 --- a/src/polkit/polkitprivate.h +++ b/src/polkit/polkitprivate.h @@ -22,6 +22,7 @@ #ifndef __POLKIT_PRIVATE_H #define __POLKIT_PRIVATE_H +#include "polkitimplicitauthorization.h" #include "polkitactiondescription.h" #include "polkitsubject.h" #include "_polkitbindings.h" diff --git a/src/polkitbackend/polkitbackendactionpool.c b/src/polkitbackend/polkitbackendactionpool.c index b5a7398..7604906 100644 --- a/src/polkitbackend/polkitbackendactionpool.c +++ b/src/polkitbackend/polkitbackendactionpool.c @@ -41,6 +41,10 @@ typedef struct gchar *description; gchar *message; + PolkitImplicitAuthorization implicit_authorization_any; + PolkitImplicitAuthorization implicit_authorization_inactive; + PolkitImplicitAuthorization implicit_authorization_active; + /* each of these map from the locale identifer (e.g. da_DK) to the localized value */ GHashTable *localized_description; GHashTable *localized_message; @@ -293,6 +297,9 @@ polkit_backend_action_pool_get_action (PolkitBackendActionPool *pool, parsed_action->vendor_name, parsed_action->vendor_url, parsed_action->icon_name, + parsed_action->implicit_authorization_any, + parsed_action->implicit_authorization_inactive, + parsed_action->implicit_authorization_active, parsed_action->annotations); ret = polkit_action_description_new_for_real (real); @@ -492,9 +499,9 @@ typedef struct { char *vendor_url; char *icon_name; - //PolKitResult defaults_allow_any; - //PolKitResult defaults_allow_inactive; - //PolKitResult defaults_allow_active; + PolkitImplicitAuthorization implicit_authorization_any; + PolkitImplicitAuthorization implicit_authorization_inactive; + PolkitImplicitAuthorization implicit_authorization_active; GHashTable *policy_descriptions; GHashTable *policy_messages; @@ -605,9 +612,9 @@ _start (void *data, const char *el, const char **attr) g_free); pd->annotations = egg_dbus_hash_map_new (G_TYPE_STRING, g_free, G_TYPE_STRING, g_free); /* initialize defaults */ - //pd->defaults_allow_any = POLKIT_RESULT_NO; - //pd->defaults_allow_inactive = POLKIT_RESULT_NO; - //pd->defaults_allow_active = POLKIT_RESULT_NO; + pd->implicit_authorization_any = POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED; + pd->implicit_authorization_inactive = POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED; + pd->implicit_authorization_active = POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED; } else if (strcmp (el, "vendor") == 0 && num_attr == 0) { @@ -819,18 +826,18 @@ _cdata (void *data, const char *s, int len) break; case STATE_IN_DEFAULTS_ALLOW_ANY: - //if (!polkit_result_from_string_representation (str, &pd->defaults_allow_any)) - // goto error; + if (!polkit_implicit_authorization_from_string (str, &pd->implicit_authorization_any)) + goto error; break; case STATE_IN_DEFAULTS_ALLOW_INACTIVE: - //if (!polkit_result_from_string_representation (str, &pd->defaults_allow_inactive)) - // goto error; + if (!polkit_implicit_authorization_from_string (str, &pd->implicit_authorization_inactive)) + goto error; break; case STATE_IN_DEFAULTS_ALLOW_ACTIVE: - //if (!polkit_result_from_string_representation (str, &pd->defaults_allow_active)) - // goto error; + if (!polkit_implicit_authorization_from_string (str, &pd->implicit_authorization_active)) + goto error; break; case STATE_IN_ANNOTATE: @@ -896,6 +903,10 @@ _end (void *data, const char *el) action->localized_message = pd->policy_messages; action->annotations = pd->annotations; + action->implicit_authorization_any = pd->implicit_authorization_any; + action->implicit_authorization_inactive = pd->implicit_authorization_inactive; + action->implicit_authorization_active = pd->implicit_authorization_active; + g_hash_table_insert (priv->parsed_actions, action->action_id, action); /* we steal these hash tables */ diff --git a/src/programs/polkit.c b/src/programs/polkit.c index ce730fb..25d8891 100644 --- a/src/programs/polkit.c +++ b/src/programs/polkit.c @@ -371,21 +371,25 @@ print_action (PolkitActionDescription *action) icon = polkit_action_description_get_icon (action); g_print ("%s:\n", polkit_action_description_get_action_id (action)); - g_print (" description: %s\n", polkit_action_description_get_description (action)); - g_print (" message: %s\n", polkit_action_description_get_message (action)); + g_print (" description: %s\n", polkit_action_description_get_description (action)); + g_print (" message: %s\n", polkit_action_description_get_message (action)); if (vendor != NULL) - g_print (" vendor: %s\n", vendor); + g_print (" vendor: %s\n", vendor); if (vendor_url != NULL) - g_print (" vendor_url: %s\n", vendor_url); + g_print (" vendor_url: %s\n", vendor_url); if (icon != NULL) { gchar *s; s = g_icon_to_string (icon); - g_print (" icon: %s\n", s); + g_print (" icon: %s\n", s); g_free (s); } + g_print (" implicit any: %s\n", polkit_implicit_authorization_to_string (polkit_action_description_get_implicit_any (action))); + g_print (" implicit inactive: %s\n", polkit_implicit_authorization_to_string (polkit_action_description_get_implicit_inactive (action))); + g_print (" implicit active: %s\n", polkit_implicit_authorization_to_string (polkit_action_description_get_implicit_active (action))); + annotation_keys = polkit_action_description_get_annotation_keys (action); for (n = 0; annotation_keys[n] != NULL; n++) { @@ -394,7 +398,7 @@ print_action (PolkitActionDescription *action) key = annotation_keys[n]; value = polkit_action_description_get_annotation (action, key); - g_print (" annotation: %s -> %s\n", key, value); + g_print (" annotation: %s -> %s\n", key, value); } }