Commit 1dd82a14 authored by David Zeuthen's avatar David Zeuthen

add remaining glue for {Add,Remove,Enumerate}Authorization

Now to finish implementing the local files backend....
parent 4653150b
......@@ -197,4 +197,10 @@ echo "
Building verbose mode: ${enable_verbose_mode}
Building api docs: ${enable_gtk_doc}
Building man pages: ${enable_man_pages}
"
echo "NOTE: The directory ${localstatedir}/lib/polkit-1 must be owned by root"
echo " and have mode 700"
echo
......@@ -82,11 +82,16 @@
<!-- Authorization struct -->
<annotation name="org.gtk.EggDBus.DeclareStruct" value="Authorization">
<annotation name="org.gtk.EggDBus.Struct.Member" value="s:action_id">
<annotation name="org.gtk.EggDBus.DocString" value="Action Identifier for the authorization"/>
<annotation name="org.gtk.EggDBus.DocString" value="Identifier for the action the authorization is for"/>
</annotation>
<annotation name="org.gtk.EggDBus.Struct.Member" value="a{sv}:attributes">
<annotation name="org.gtk.EggDBus.DocString" value="Attributes of the authorization"/>
<annotation name="org.gtk.EggDBus.Struct.Member" value="(sa{sv}):subject">
<annotation name="org.gtk.EggDBus.StructType" value="Subject"/>
<annotation name="org.gtk.EggDBus.DocString" value="Subject that the authorization applies to"/>
</annotation>
<annotation name="org.gtk.EggDBus.Struct.Member" value="b:is_negative">
<annotation name="org.gtk.EggDBus.DocString" value="Whether the authorization is negative"/>
</annotation>
</annotation>
......@@ -131,25 +136,23 @@
</arg>
</method>
<method name="GrantAuthorization">
<arg name="subject" direction="in" type="(sa{sv})">
<annotation name="org.gtk.EggDBus.StructType" value="Subject"/>
<method name="AddAuthorization">
<arg name="authorization" direction="in" type="(s(sa{sv})b)">
<annotation name="org.gtk.EggDBus.StructType" value="Authorization"/>
</arg>
<arg name="action_id" direction="in" type="s"/>
</method>
<method name="RevokeAuthorization">
<arg name="subject" direction="in" type="(sa{sv})">
<annotation name="org.gtk.EggDBus.StructType" value="Subject"/>
<method name="RemoveAuthorization">
<arg name="authorization" direction="in" type="(s(sa{sv})b)">
<annotation name="org.gtk.EggDBus.StructType" value="Authorization"/>
</arg>
<arg name="action_id" direction="in" type="s"/>
</method>
<method name="EnumerateAuthorizations">
<arg name="subject" direction="in" type="(sa{sv})">
<annotation name="org.gtk.EggDBus.StructType" value="Subject"/>
</arg>
<arg name="authorizations" direction="out" type="a(sa{sv})">
<arg name="authorizations" direction="out" type="a(s(sa{sv})b)">
<annotation name="org.gtk.EggDBus.StructType" value="Authorization"/>
</arg>
</method>
......
......@@ -52,6 +52,7 @@ libpolkit_gobject_1include_HEADERS = \
polkitsystembusname.h \
polkitauthorizationresult.h \
polkitcheckauthorizationflags.h \
polkitauthorization.h \
$(NULL)
libpolkit_gobject_1_la_SOURCES = \
......@@ -68,6 +69,7 @@ libpolkit_gobject_1_la_SOURCES = \
polkitsystembusname.c polkitsystembusname.h \
polkitauthorizationresult.c polkitauthorizationresult.h \
polkitcheckauthorizationflags.c polkitcheckauthorizationflags.h \
polkitauthorization.c polkitauthorization.h \
$(NULL)
libpolkit_gobject_1_la_CFLAGS = \
......
......@@ -35,6 +35,7 @@
#include <polkit/polkitauthorizationresult.h>
#include <polkit/polkitcheckauthorizationflags.h>
#include <polkit/polkitauthority.h>
#include <polkit/polkitauthorization.h>
#undef _POLKIT_INSIDE_POLKIT_H
......
This diff is collapsed.
......@@ -70,6 +70,21 @@ PolkitAuthorizationResult polkit_authority_check_authorization_sync (PolkitAuth
GCancellable *cancellable,
GError **error);
GList *polkit_authority_enumerate_authorizations_sync (PolkitAuthority *authority,
PolkitSubject *subject,
GCancellable *cancellable,
GError **error);
gboolean polkit_authority_add_authorization_sync (PolkitAuthority *authority,
PolkitAuthorization *authorization,
GCancellable *cancellable,
GError **error);
gboolean polkit_authority_remove_authorization_sync (PolkitAuthority *authority,
PolkitAuthorization *authorization,
GCancellable *cancellable,
GError **error);
/* ---------------------------------------------------------------------------------------------------- */
void polkit_authority_enumerate_actions (PolkitAuthority *authority,
......@@ -121,6 +136,37 @@ PolkitAuthorizationResult polkit_authority_check_authorization_finish (PolkitAu
GAsyncResult *res,
GError **error);
void polkit_authority_enumerate_authorizations (PolkitAuthority *authority,
PolkitSubject *subject,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data);
GList * polkit_authority_enumerate_authorizations_finish (PolkitAuthority *authority,
GAsyncResult *res,
GError **error);
void polkit_authority_add_authorization (PolkitAuthority *authority,
PolkitAuthorization *authorization,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data);
gboolean polkit_authority_add_authorization_finish (PolkitAuthority *authority,
GAsyncResult *res,
GError **error);
void polkit_authority_remove_authorization (PolkitAuthority *authority,
PolkitAuthorization *authorization,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data);
gboolean polkit_authority_remove_authorization_finish (PolkitAuthority *authority,
GAsyncResult *res,
GError **error);
/* ---------------------------------------------------------------------------------------------------- */
G_END_DECLS
......
/*
* Copyright (C) 2008 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General
* Public License along with this library; if not, write to the
* Free Software Foundation, Inc., 59 Temple Place, Suite 330,
* Boston, MA 02111-1307, USA.
*
* Author: David Zeuthen <davidz@redhat.com>
*/
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif
#include "polkitauthorization.h"
#include "polkitprivate.h"
/**
* SECTION:polkitauthorization
* @title: PolkitAuthorization
* @short_description: Authorization
*
* This class represents an explicit authorization.
*/
struct _PolkitAuthorization
{
GObject parent_instance;
_PolkitAuthorization *real;
PolkitSubject *subject;
};
struct _PolkitAuthorizationClass
{
GObjectClass parent_class;
};
G_DEFINE_TYPE (PolkitAuthorization, polkit_authorization, G_TYPE_OBJECT);
static void
polkit_authorization_init (PolkitAuthorization *authorization)
{
}
static void
polkit_authorization_finalize (GObject *object)
{
PolkitAuthorization *authorization;
authorization = POLKIT_AUTHORIZATION (object);
if (authorization->subject != NULL)
g_object_unref (authorization->subject);
g_object_unref (authorization->real);
if (G_OBJECT_CLASS (polkit_authorization_parent_class)->finalize != NULL)
G_OBJECT_CLASS (polkit_authorization_parent_class)->finalize (object);
}
static void
polkit_authorization_class_init (PolkitAuthorizationClass *klass)
{
GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
gobject_class->finalize = polkit_authorization_finalize;
}
PolkitAuthorization *
polkit_authorization_new (const gchar *action_id,
PolkitSubject *subject,
gboolean is_negative)
{
PolkitAuthorization *authorization;
_PolkitAuthorization *real;
_PolkitSubject *real_subject;
real_subject = polkit_subject_get_real (subject);
real = _polkit_authorization_new (action_id, real_subject, is_negative);
g_object_unref (real_subject);
authorization = polkit_authorization_new_for_real (real);
g_object_unref (real);
return authorization;
}
PolkitAuthorization *
polkit_authorization_new_for_real (_PolkitAuthorization *real)
{
PolkitAuthorization *authorization;
authorization = POLKIT_AUTHORIZATION (g_object_new (POLKIT_TYPE_AUTHORIZATION, NULL));
authorization->real = g_object_ref (real);
return authorization;
}
_PolkitAuthorization *
polkit_authorization_get_real (PolkitAuthorization *authorization)
{
return g_object_ref (authorization->real);
}
/* ---------------------------------------------------------------------------------------------------- */
const gchar *
polkit_authorization_get_action_id (PolkitAuthorization *authorization)
{
return _polkit_authorization_get_action_id (authorization->real);
}
PolkitSubject *
polkit_authorization_get_subject (PolkitAuthorization *authorization)
{
if (authorization->subject == NULL)
authorization->subject = polkit_subject_new_for_real (_polkit_authorization_get_subject (authorization->real));
return authorization->subject;
}
gboolean
polkit_authorization_get_is_negative (PolkitAuthorization *authorization)
{
return _polkit_authorization_get_is_negative (authorization->real);
}
/*
* Copyright (C) 2008 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General
* Public License along with this library; if not, write to the
* Free Software Foundation, Inc., 59 Temple Place, Suite 330,
* Boston, MA 02111-1307, USA.
*
* Author: David Zeuthen <davidz@redhat.com>
*/
#ifndef __POLKIT_AUTHORIZATION_H
#define __POLKIT_AUTHORIZATION_H
#include <glib-object.h>
#include <gio/gio.h>
#include <polkit/polkittypes.h>
G_BEGIN_DECLS
#define POLKIT_TYPE_AUTHORIZATION (polkit_authorization_get_type())
#define POLKIT_AUTHORIZATION(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_TYPE_AUTHORIZATION, PolkitAuthorization))
#define POLKIT_AUTHORIZATION_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_TYPE_AUTHORIZATION, PolkitAuthorizationClass))
#define POLKIT_AUTHORIZATION_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_TYPE_AUTHORIZATION, PolkitAuthorizationClass))
#define POLKIT_IS_AUTHORIZATION(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_TYPE_AUTHORIZATION))
#define POLKIT_IS_AUTHORIZATION_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_TYPE_AUTHORIZATION))
#if 0
typedef struct _PolkitAuthorization PolkitAuthorization;
#endif
typedef struct _PolkitAuthorizationClass PolkitAuthorizationClass;
GType polkit_authorization_get_type (void) G_GNUC_CONST;
PolkitAuthorization *polkit_authorization_new (const gchar *action_id,
PolkitSubject *subject,
gboolean is_negative);
const gchar *polkit_authorization_get_action_id (PolkitAuthorization *authorization);
PolkitSubject *polkit_authorization_get_subject (PolkitAuthorization *authorization);
gboolean polkit_authorization_get_is_negative (PolkitAuthorization *authorization);
G_END_DECLS
#endif /* __POLKIT_AUTHORIZATION_H */
......@@ -24,7 +24,6 @@
#include "polkitactiondescription.h"
#include "polkitsubject.h"
#include "polkitauthorizationclaim.h"
#include "_polkitbindings.h"
/* notes:
......@@ -40,9 +39,7 @@ _PolkitActionDescription *polkit_action_description_get_real (PolkitActionDe
PolkitSubject *polkit_subject_new_for_real (_PolkitSubject *real);
_PolkitSubject *polkit_subject_get_real (PolkitSubject *subject);
#if 0
PolkitAuthorizationClaim *polkit_authorization_claim_new_for_real (_PolkitAuthorizationClaim *real);
_PolkitAuthorizationClaim *polkit_authorization_claim_get_real (PolkitAuthorizationClaim *claim);
#endif
PolkitAuthorization *polkit_authorization_new_for_real (_PolkitAuthorization *real);
_PolkitAuthorization *polkit_authorization_get_real (PolkitAuthorization *authorization);
#endif /* __POLKIT_PRIVATE_H */
......@@ -47,7 +47,7 @@ typedef struct _PolkitUnixSession PolkitUnixSession;
struct _PolkitSystemBusName;
typedef struct _PolkitSystemBusName PolkitSystemBusName;
struct _PolkitAuthorizationClaim;
typedef struct _PolkitAuthorizationClaim PolkitAuthorizationClaim;
struct _PolkitAuthorization;
typedef struct _PolkitAuthorization PolkitAuthorization;
#endif /* __POLKIT_TYPES_H */
......@@ -79,3 +79,7 @@ CLEANFILES = $(BUILT_SOURCES)
clean-local :
rm -f *~
install-exec-hook:
mkdir -p $(DESTDIR)$(localstatedir)/lib/polkit-1
-chmod 600 $(DESTDIR)$(localstatedir)/lib/polkit-1
......@@ -96,3 +96,39 @@ polkit_backend_authority_check_authorization (PolkitBackendAuthority *aut
klass->check_authorization (authority, subject, action_id, flags, pending_call);
}
void
polkit_backend_authority_enumerate_authorizations (PolkitBackendAuthority *authority,
PolkitSubject *subject,
PolkitBackendPendingCall *pending_call)
{
PolkitBackendAuthorityClass *klass;
klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
klass->enumerate_authorizations (authority, subject, pending_call);
}
void
polkit_backend_authority_add_authorization (PolkitBackendAuthority *authority,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call)
{
PolkitBackendAuthorityClass *klass;
klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
klass->add_authorization (authority, authorization, pending_call);
}
void
polkit_backend_authority_remove_authorization (PolkitBackendAuthority *authority,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call)
{
PolkitBackendAuthorityClass *klass;
klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
klass->remove_authorization (authority, authorization, pending_call);
}
......@@ -70,6 +70,18 @@ struct _PolkitBackendAuthorityClass
PolkitCheckAuthorizationFlags flags,
PolkitBackendPendingCall *pending_call);
void (*enumerate_authorizations) (PolkitBackendAuthority *authority,
PolkitSubject *subject,
PolkitBackendPendingCall *pending_call);
void (*add_authorization) (PolkitBackendAuthority *authority,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call);
void (*remove_authorization) (PolkitBackendAuthority *authority,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call);
/*< private >*/
/* Padding for future expansion */
void (*_polkit_reserved1) (void);
......@@ -105,22 +117,41 @@ void polkit_backend_authority_check_authorization (PolkitBackendAuthor
PolkitCheckAuthorizationFlags flags,
PolkitBackendPendingCall *pending_call);
void polkit_backend_authority_enumerate_authorizations (PolkitBackendAuthority *authority,
PolkitSubject *subject,
PolkitBackendPendingCall *pending_call);
void polkit_backend_authority_add_authorization (PolkitBackendAuthority *authority,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call);
void polkit_backend_authority_remove_authorization (PolkitBackendAuthority *authority,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call);
/* --- */
void polkit_backend_authority_enumerate_actions_finish (PolkitBackendPendingCall *pending_call,
GList *actions);
void polkit_backend_authority_enumerate_actions_finish (PolkitBackendPendingCall *pending_call,
GList *actions);
void polkit_backend_authority_enumerate_users_finish (PolkitBackendPendingCall *pending_call,
GList *users);
void polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendingCall *pending_call,
GList *groups);
void polkit_backend_authority_enumerate_sessions_finish (PolkitBackendPendingCall *pending_call,
GList *sessions);
void polkit_backend_authority_enumerate_users_finish (PolkitBackendPendingCall *pending_call,
GList *users);
void polkit_backend_authority_check_authorization_finish (PolkitBackendPendingCall *pending_call,
PolkitAuthorizationResult result);
void polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendingCall *pending_call,
GList *groups);
void polkit_backend_authority_enumerate_authorizations_finish (PolkitBackendPendingCall *pending_call,
GList *sessions);
void polkit_backend_authority_enumerate_sessions_finish (PolkitBackendPendingCall *pending_call,
GList *sessions);
void polkit_backend_authority_add_authorization_finish (PolkitBackendPendingCall *pending_call);
void polkit_backend_authority_check_authorization_finish (PolkitBackendPendingCall *pending_call,
PolkitAuthorizationResult result);
void polkit_backend_authority_remove_authorization_finish (PolkitBackendPendingCall *pending_call);
G_END_DECLS
......
......@@ -63,6 +63,18 @@ static PolkitAuthorizationResult check_authorization_sync (PolkitBackendAuthorit
PolkitCheckAuthorizationFlags flags,
GError **error);
static void polkit_backend_local_authority_enumerate_authorizations (PolkitBackendAuthority *authority,
PolkitSubject *subject,
PolkitBackendPendingCall *pending_call);
static void polkit_backend_local_authority_add_authorization (PolkitBackendAuthority *authority,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call);
static void polkit_backend_local_authority_remove_authorization (PolkitBackendAuthority *authority,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call);
G_DEFINE_TYPE (PolkitBackendLocalAuthority, polkit_backend_local_authority, POLKIT_BACKEND_TYPE_AUTHORITY);
#define POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_BACKEND_TYPE_LOCAL_AUTHORITY, PolkitBackendLocalAuthorityPrivate))
......@@ -111,11 +123,14 @@ polkit_backend_local_authority_class_init (PolkitBackendLocalAuthorityClass *kla
gobject_class->finalize = polkit_backend_local_authority_finalize;
authority_class->enumerate_actions = polkit_backend_local_authority_enumerate_actions;
authority_class->enumerate_users = polkit_backend_local_authority_enumerate_users;
authority_class->enumerate_groups = polkit_backend_local_authority_enumerate_groups;
authority_class->enumerate_sessions = polkit_backend_local_authority_enumerate_sessions;
authority_class->check_authorization = polkit_backend_local_authority_check_authorization;
authority_class->enumerate_actions = polkit_backend_local_authority_enumerate_actions;
authority_class->enumerate_users = polkit_backend_local_authority_enumerate_users;
authority_class->enumerate_groups = polkit_backend_local_authority_enumerate_groups;
authority_class->enumerate_sessions = polkit_backend_local_authority_enumerate_sessions;
authority_class->check_authorization = polkit_backend_local_authority_check_authorization;
authority_class->enumerate_authorizations = polkit_backend_local_authority_enumerate_authorizations;
authority_class->add_authorization = polkit_backend_local_authority_add_authorization;
authority_class->remove_authorization = polkit_backend_local_authority_remove_authorization;
g_type_class_add_private (klass, sizeof (PolkitBackendLocalAuthorityPrivate));
}
......@@ -442,3 +457,99 @@ check_authorization_sync (PolkitBackendAuthority *authority,
}
/* ---------------------------------------------------------------------------------------------------- */
static void
polkit_backend_local_authority_enumerate_authorizations (PolkitBackendAuthority *authority,
PolkitSubject *subject,
PolkitBackendPendingCall *pending_call)
{
PolkitBackendLocalAuthority *local_authority;
PolkitBackendLocalAuthorityPrivate *priv;
gchar *subject_str;
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
subject_str = polkit_subject_to_string (subject);
g_debug ("enumerating authorizations for %s", subject_str);
polkit_backend_pending_call_return_error (pending_call,
POLKIT_ERROR,
POLKIT_ERROR_NOT_SUPPORTED,
"Not implemented (subject=%s)", subject_str);
g_free (subject_str);
}
/* ---------------------------------------------------------------------------------------------------- */
static void
polkit_backend_local_authority_add_authorization (PolkitBackendAuthority *authority,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call)
{
PolkitBackendLocalAuthority *local_authority;
PolkitBackendLocalAuthorityPrivate *priv;
PolkitSubject *subject;
const gchar *action_id;
gboolean is_negative;
gchar *subject_str;
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
subject = polkit_authorization_get_subject (authorization);
action_id = polkit_authorization_get_action_id (authorization);
is_negative = polkit_authorization_get_is_negative (authorization);
subject_str = polkit_subject_to_string (subject);
g_debug ("add authorization with subject=%s, action_id=%s, is_negative=%d",
subject_str, action_id, is_negative);
polkit_backend_pending_call_return_error (pending_call,
POLKIT_ERROR,
POLKIT_ERROR_NOT_SUPPORTED,
"Not implemented (subject=%s action_id=%s is_negative=%d)",
subject_str, action_id, is_negative);
g_free (subject_str);
}
/* ---------------------------------------------------------------------------------------------------- */
static void
polkit_backend_local_authority_remove_authorization (PolkitBackendAuthority *authority,
PolkitAuthorization *authorization,
PolkitBackendPendingCall *pending_call)
{
PolkitBackendLocalAuthority *local_authority;
PolkitBackendLocalAuthorityPrivate *priv;
PolkitSubject *subject;
const gchar *action_id;
gboolean is_negative;
gchar *subject_str;
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
subject = polkit_authorization_get_subject (authorization);
action_id = polkit_authorization_get_action_id (authorization);
is_negative = polkit_authorization_get_is_negative (authorization);
subject_str = polkit_subject_to_string (subject);
g_debug ("remove authorization with subject=%s, action_id=%s, is_negative=%d",
subject_str, action_id, is_negative);
polkit_backend_pending_call_return_error (pending_call,
POLKIT_ERROR,
POLKIT_ERROR_NOT_SUPPORTED,
"Not implemented (subject=%s action_id=%s is_negative=%d)",