Commit ea7da4ea authored by David Zeuthen's avatar David Zeuthen
Browse files

don't require .policy files for auth lookups

With this change, 'make check' now works even when PolicyKit isn't
installed (as it should). Before this change it failed because the
.policy files for org.freedesktop.policykit.read and .grant was not
available.
parent fb84bb8b
......@@ -467,8 +467,6 @@ polkit_context_is_session_authorized (PolKitContext *pk_context,
PolKitError **error)
{
PolKitPolicyCache *cache;
PolKitPolicyFileEntry *pfe;
PolKitPolicyDefault *policy_default;
PolKitResult result_from_config;
PolKitResult result_from_grantdb;
polkit_bool_t from_authdb;
......@@ -497,24 +495,6 @@ polkit_context_is_session_authorized (PolKitContext *pk_context,
if (cache == NULL)
goto out;
_pk_debug ("entering polkit_can_session_do_action()");
polkit_action_debug (action);
polkit_session_debug (session);
pfe = polkit_policy_cache_get_entry (cache, action);
if (pfe == NULL) {
char *action_name;
if (!polkit_action_get_action_id (action, &action_name)) {
kit_warning ("given action has no name");
} else {
kit_warning ("no action with name '%s'", action_name);
}
result = POLKIT_RESULT_UNKNOWN;
goto out;
}
polkit_policy_file_entry_debug (pfe);
result_from_config = polkit_config_can_session_do_action (config, action, session);
result_from_grantdb = POLKIT_RESULT_UNKNOWN;
......@@ -559,12 +539,17 @@ polkit_context_is_session_authorized (PolKitContext *pk_context,
/* Otherwise, unless we found a negative auth, fall back to defaults as specified in the .policy file */
if (!from_authdb_negative) {
policy_default = polkit_policy_file_entry_get_default (pfe);
if (policy_default == NULL) {
kit_warning ("no default policy for action!");
goto out;
PolKitPolicyFileEntry *pfe;
pfe = polkit_policy_cache_get_entry (cache, action);
if (pfe != NULL) {
PolKitPolicyDefault *policy_default;
policy_default = polkit_policy_file_entry_get_default (pfe);
if (policy_default != NULL) {
result = polkit_policy_default_can_session_do_action (policy_default, action, session);
}
}
result = polkit_policy_default_can_session_do_action (policy_default, action, session);
}
found:
......@@ -620,14 +605,10 @@ polkit_context_is_caller_authorized (PolKitContext *pk_context,
polkit_bool_t revoke_if_one_shot,
PolKitError **error)
{
PolKitPolicyCache *cache;
PolKitPolicyFileEntry *pfe;
PolKitResult result;
PolKitResult result_from_config;
PolKitResult result_from_grantdb;
PolKitPolicyDefault *policy_default;
PolKitConfig *config;
polkit_bool_t from_authdb;
polkit_bool_t from_authdb_negative;
......@@ -653,24 +634,6 @@ polkit_context_is_caller_authorized (PolKitContext *pk_context,
if (!polkit_caller_validate (caller))
goto out;
_pk_debug ("entering polkit_can_caller_do_action()");
polkit_action_debug (action);
polkit_caller_debug (caller);
pfe = polkit_policy_cache_get_entry (cache, action);
if (pfe == NULL) {
char *action_name;
if (!polkit_action_get_action_id (action, &action_name)) {
kit_warning ("given action has no name");
} else {
kit_warning ("no action with name '%s'", action_name);
}
result = POLKIT_RESULT_UNKNOWN;
goto out;
}
polkit_policy_file_entry_debug (pfe);
result_from_config = polkit_config_can_caller_do_action (config, action, caller);
result_from_grantdb = POLKIT_RESULT_UNKNOWN;
......@@ -716,12 +679,17 @@ polkit_context_is_caller_authorized (PolKitContext *pk_context,
/* Otherwise, unless we found a negative auth, fall back to defaults as specified in the .policy file */
if (!from_authdb_negative) {
policy_default = polkit_policy_file_entry_get_default (pfe);
if (policy_default == NULL) {
kit_warning ("no default policy for action!");
goto out;
PolKitPolicyFileEntry *pfe;
pfe = polkit_policy_cache_get_entry (cache, action);
if (pfe != NULL) {
PolKitPolicyDefault *policy_default;
policy_default = polkit_policy_file_entry_get_default (pfe);
if (policy_default != NULL) {
result = polkit_policy_default_can_caller_do_action (policy_default, action, caller);
}
}
result = polkit_policy_default_can_caller_do_action (policy_default, action, caller);
}
found:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment