Commit e701ee4c authored by David Zeuthen's avatar David Zeuthen
Browse files

rename revoke_if_oneshot to is_mechanism and also expose this on D-Bus

parent 44434ffa
......@@ -426,7 +426,8 @@ polkit_context_get_policy_cache (PolKitContext *pk_context)
* @pk_context: the PolicyKit context
* @action: the type of access to check for
* @session: the session in question
* @revoke_if_oneshot: TODO
* @is_mechanism: Whether the mechanism carrying out the action is
* asking. This can be used to revoke one-time-only authorizations.
*
* Determine if any caller from a giver session is authorized to do a
* given action.
......@@ -440,7 +441,7 @@ PolKitResult
polkit_context_is_session_authorized (PolKitContext *pk_context,
PolKitAction *action,
PolKitSession *session,
polkit_bool_t revoke_if_oneshot)
polkit_bool_t is_mechanism)
{
/* TODO: properly implement */
return polkit_context_can_session_do_action (pk_context, action, session);
......@@ -451,7 +452,8 @@ polkit_context_is_session_authorized (PolKitContext *pk_context,
* @pk_context: the PolicyKit context
* @action: the type of access to check for
* @caller: the caller in question
* @revoke_if_oneshot: TODO
* @is_mechanism: Whether the mechanism carrying out the action is
* asking. This can be used to revoke one-time-only authorizations.
*
* Determine if a given caller is authorized to do a given action.
*
......@@ -464,7 +466,7 @@ PolKitResult
polkit_context_is_caller_authorized (PolKitContext *pk_context,
PolKitAction *action,
PolKitCaller *caller,
polkit_bool_t revoke_if_oneshot)
polkit_bool_t is_mechnanism)
{
/* TODO: properly implement */
return polkit_context_can_caller_do_action (pk_context, action, caller);
......
......@@ -173,12 +173,12 @@ PolKitConfig *polkit_context_get_config (PolKitContext *pk_context, PolKitError
PolKitResult polkit_context_is_caller_authorized (PolKitContext *pk_context,
PolKitAction *action,
PolKitCaller *caller,
polkit_bool_t revoke_if_oneshot);
polkit_bool_t is_mechanism);
PolKitResult polkit_context_is_session_authorized (PolKitContext *pk_context,
PolKitAction *action,
PolKitSession *session,
polkit_bool_t revoke_if_oneshot);
polkit_bool_t is_mechanism);
PolKitAuthorizationDB *polkit_context_get_authorization_db (PolKitContext *pk_context);
......
......@@ -9,6 +9,9 @@
<arg name="action_id" direction="in" type="s"/>
<!-- IN: process id of caller to check for -->
<arg name="pid" direction="in" type="u"/>
<!-- IN: see parameter 'is_mechanism' in polkit_context_is_caller_authorized() -->
<arg name="is_mechanism" direction="in" type="b"/>
<!-- OUT: the PolKitResult in textual form -->
<arg name="result" direction="out" type="s"/>
</method>
......@@ -19,9 +22,21 @@
<arg name="action_id" direction="in" type="s"/>
<!-- IN: Unique name on the system bus of the caller to check for -->
<arg name="system_bus_name" direction="in" type="s"/>
<!-- IN: see parameter 'is_mechanism' in polkit_context_is_caller_authorized() -->
<arg name="is_mechanism" direction="in" type="b"/>
<!-- OUT: the PolKitResult in textual form -->
<arg name="result" direction="out" type="s"/>
</method>
<!-- Both methods can throw these exceptions:
org.freedesktop.PolicyKit.GeneralError
if e.g. the passed parameters are bogus
org.freedesktop.PolicyKit.NotAuthorized
if the caller is not authorized to know this; e.g. if he
lacks the org.freedesktop.policykit.read authorization
-->
</interface>
</node>
......@@ -231,9 +231,7 @@ _filter (DBusConnection *connection, DBusMessage *message, void *user_data)
(dbus_message_get_interface (message) != NULL &&
g_str_has_prefix (dbus_message_get_interface (message), "org.freedesktop.ConsoleKit"))) {
if (polkit_tracker_dbus_func (daemon->priv->pk_tracker, message)) {
/* Something has changed! TODO: emit D-Bus signal? */
g_debug ("Something has changed!");
}
}
......@@ -383,6 +381,7 @@ static gboolean
is_caller_authorized (PolKitDaemon *daemon,
const char *action_id,
PolKitCaller *pk_caller,
gboolean is_mechanism,
DBusGMethodInvocation *context)
{
gboolean ret;
......@@ -433,7 +432,7 @@ is_caller_authorized (PolKitDaemon *daemon,
pk_action = polkit_action_new ();
polkit_action_set_action_id (pk_action, action_id);
pk_result = polkit_context_is_caller_authorized (daemon->priv->pk_context, pk_action, pk_caller, FALSE);
pk_result = polkit_context_is_caller_authorized (daemon->priv->pk_context, pk_action, pk_caller, is_mechanism);
polkit_action_unref (pk_action);
dbus_g_method_return (context, polkit_result_to_string_representation (pk_result));
......@@ -452,6 +451,7 @@ gboolean
polkit_daemon_is_process_authorized (PolKitDaemon *daemon,
const char *action_id,
guint32 pid,
gboolean is_mechanism,
DBusGMethodInvocation *context)
{
gboolean ret;
......@@ -478,7 +478,7 @@ polkit_daemon_is_process_authorized (PolKitDaemon *daemon,
goto out;
}
ret = is_caller_authorized (daemon, action_id, pk_caller, context);
ret = is_caller_authorized (daemon, action_id, pk_caller, is_mechanism, context);
out:
return ret;
......@@ -488,6 +488,7 @@ gboolean
polkit_daemon_is_system_bus_name_authorized (PolKitDaemon *daemon,
const char *action_id,
const char *system_bus_name,
gboolean is_mechanism,
DBusGMethodInvocation *context)
{
gboolean ret;
......@@ -504,7 +505,6 @@ polkit_daemon_is_system_bus_name_authorized (PolKitDaemon *daemon,
error = g_error_new (POLKIT_DAEMON_ERROR,
POLKIT_DAEMON_ERROR_GENERAL,
"Given system bus name is not a valid unique system bus name");
dbus_error_free (&dbus_error);
dbus_g_method_return_error (context, error);
g_error_free (error);
goto out;
......@@ -524,7 +524,7 @@ polkit_daemon_is_system_bus_name_authorized (PolKitDaemon *daemon,
goto out;
}
ret = is_caller_authorized (daemon, action_id, pk_caller, context);
ret = is_caller_authorized (daemon, action_id, pk_caller, is_mechanism, context);
out:
return ret;
......
......@@ -18,6 +18,14 @@
*
*/
#ifndef __POLKIT_DAEMON_H__
#define __POLKIT_DAEMON_H__
#include <glib-object.h>
#include <polkit-dbus/polkit-dbus.h>
G_BEGIN_DECLS
#define POLKIT_TYPE_DAEMON (polkit_daemon_get_type ())
#define POLKIT_DAEMON(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_DAEMON, PolKitDaemon))
#define POLKIT_DAEMON_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_DAEMON, PolKitDaemonClass))
......@@ -56,17 +64,18 @@ PolKitDaemon *polkit_daemon_new (gboolean no_exit);
/* exported methods */
gboolean polkit_daemon_is_session_authorized (PolKitDaemon *daemon,
const char *action_id,
const char *ck_session_id,
DBusGMethodInvocation *context);
gboolean polkit_daemon_is_process_authorized (PolKitDaemon *daemon,
const char *action_id,
guint32 pid,
gboolean is_mechanism,
DBusGMethodInvocation *context);
gboolean polkit_daemon_is_system_bus_name_authorized (PolKitDaemon *daemon,
const char *action_id,
const char *system_bus_name,
gboolean is_mechanism,
DBusGMethodInvocation *context);
G_END_DECLS
#endif /* __POLKIT_DAEMON_H__ */
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment