Commit 41fbdb3e authored by David Zeuthen's avatar David Zeuthen

make authentication agents pass a session_id parameter

The session_id has got to be empty for now. The thinking is that in
the future we might want to register an authentication agent that runs
in secure desktop, e.g. a separate session from the user session.
parent 21cdbad0
......@@ -198,7 +198,11 @@
</method>
<method name="RegisterAuthenticationAgent">
<annotation name="org.gtk.EggDBus.DocString" value="Register an authentication agent."/>
<annotation name="org.gtk.EggDBus.DocString" value="<para>Register an authentication agent.</para><para>Note that current versions of PolicyKit will only work if @session_id is set to the empty string. In the future it might work for non-empty strings if the caller is sufficiently privileged.</para>"/>
<arg name="session_id" direction="in" type="s">
<annotation name="org.gtk.EggDBus.DocString" value="The session to register the authentication for or blank for the session the caller of the method is in."/>
</arg>
<arg name="object_path" direction="in" type="s">
<annotation name="org.gtk.EggDBus.DocString" value="The object path of authentication agent object on the unique name of the caller."/>
......@@ -208,6 +212,10 @@
<method name="UnregisterAuthenticationAgent">
<annotation name="org.gtk.EggDBus.DocString" value="Unregister an authentication agent."/>
<arg name="session_id" direction="in" type="s">
<annotation name="org.gtk.EggDBus.DocString" value="The session identifier passed to org.freedesktop.PolicyKit1.Authority.RegisterAuthenticationAgent()."/>
</arg>
<arg name="object_path" direction="in" type="s">
<annotation name="org.gtk.EggDBus.DocString" value="The object path of authentication agent object on the unique name of the caller."/>
</arg>
......
......@@ -475,6 +475,7 @@ polkit_authority_check_authorization_sync (PolkitAuthority *author
static guint
polkit_authority_register_authentication_agent_async (PolkitAuthority *authority,
const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GAsyncReadyCallback callback,
......@@ -490,6 +491,7 @@ polkit_authority_register_authentication_agent_async (PolkitAuthority *auth
call_id = _polkit_authority_register_authentication_agent (authority->real,
EGG_DBUS_CALL_FLAGS_NONE,
session_id,
object_path,
cancellable,
generic_async_cb,
......@@ -501,6 +503,7 @@ polkit_authority_register_authentication_agent_async (PolkitAuthority *auth
/**
* polkit_authority_register_authentication_agent:
* @authority: A #PolkitAuthority.
* @session_id: The identifier of the session to register for or %NULL for the session of the caller.
* @object_path: The object path for the authentication agent.
* @cancellable: A #GCancellable or %NULL.
* @callback: A #GAsyncReadyCallback to call when the request is satisfied.
......@@ -514,12 +517,14 @@ polkit_authority_register_authentication_agent_async (PolkitAuthority *auth
**/
void
polkit_authority_register_authentication_agent (PolkitAuthority *authority,
const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data)
{
polkit_authority_register_authentication_agent_async (authority,
session_id,
object_path,
cancellable,
callback,
......@@ -566,6 +571,7 @@ polkit_authority_register_authentication_agent_finish (PolkitAuthority *authorit
/**
* polkit_authority_register_authentication_agent_sync:
* @authority: A #PolkitAuthority.
* @session_id: The identifier of the session to register for or %NULL for the session of the caller.
* @object_path: The object path for the authentication agent.
* @cancellable: A #GCancellable or %NULL.
* @error: Return location for error or %NULL.
......@@ -576,6 +582,7 @@ polkit_authority_register_authentication_agent_finish (PolkitAuthority *authorit
**/
gboolean
polkit_authority_register_authentication_agent_sync (PolkitAuthority *authority,
const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GError **error)
......@@ -585,6 +592,7 @@ polkit_authority_register_authentication_agent_sync (PolkitAuthority *author
gboolean ret;
call_id = polkit_authority_register_authentication_agent_async (authority,
session_id,
object_path,
cancellable,
generic_cb,
......@@ -603,6 +611,7 @@ polkit_authority_register_authentication_agent_sync (PolkitAuthority *author
static guint
polkit_authority_unregister_authentication_agent_async (PolkitAuthority *authority,
const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GAsyncReadyCallback callback,
......@@ -617,11 +626,12 @@ polkit_authority_unregister_authentication_agent_async (PolkitAuthority *au
polkit_authority_unregister_authentication_agent_async);
call_id = _polkit_authority_unregister_authentication_agent (authority->real,
EGG_DBUS_CALL_FLAGS_NONE,
object_path,
cancellable,
generic_async_cb,
simple);
EGG_DBUS_CALL_FLAGS_NONE,
session_id,
object_path,
cancellable,
generic_async_cb,
simple);
return call_id;
}
......@@ -629,6 +639,7 @@ polkit_authority_unregister_authentication_agent_async (PolkitAuthority *au
/**
* polkit_authority_unregister_authentication_agent:
* @authority: A #PolkitAuthority.
* @session_id: The identifier of the session the agent is registered at or %NULL for the session of the caller.
* @object_path: The object path that the authentication agent is registered at.
* @cancellable: A #GCancellable or %NULL.
* @callback: A #GAsyncReadyCallback to call when the request is satisfied.
......@@ -642,16 +653,18 @@ polkit_authority_unregister_authentication_agent_async (PolkitAuthority *au
**/
void
polkit_authority_unregister_authentication_agent (PolkitAuthority *authority,
const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data)
{
polkit_authority_unregister_authentication_agent_async (authority,
object_path,
cancellable,
callback,
user_data);
session_id,
object_path,
cancellable,
callback,
user_data);
}
/**
......@@ -693,6 +706,7 @@ polkit_authority_unregister_authentication_agent_finish (PolkitAuthority *author
/**
* polkit_authority_unregister_authentication_agent_sync:
* @authority: A #PolkitAuthority.
* @session_id: The identifier of the session the agent is registered at or %NULL for the session of the caller.
* @object_path: The object path that the authentication agent is registered at.
* @cancellable: A #GCancellable or %NULL.
* @error: Return location for error or %NULL.
......@@ -703,6 +717,7 @@ polkit_authority_unregister_authentication_agent_finish (PolkitAuthority *author
**/
gboolean
polkit_authority_unregister_authentication_agent_sync (PolkitAuthority *authority,
const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GError **error)
......@@ -712,6 +727,7 @@ polkit_authority_unregister_authentication_agent_sync (PolkitAuthority *auth
gboolean ret;
call_id = polkit_authority_unregister_authentication_agent_async (authority,
session_id,
object_path,
cancellable,
generic_cb,
......
......@@ -83,11 +83,13 @@ gboolean polkit_authority_remove_authorization_sync (PolkitAut
GError **error);
gboolean polkit_authority_register_authentication_agent_sync (PolkitAuthority *authority,
const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GError **error);
gboolean polkit_authority_unregister_authentication_agent_sync (PolkitAuthority *authority,
const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GError **error);
......@@ -173,6 +175,7 @@ gboolean polkit_authority_remove_authorization_finish (PolkitA
void polkit_authority_register_authentication_agent (PolkitAuthority *authority,
const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GAsyncReadyCallback callback,
......@@ -183,6 +186,7 @@ gboolean polkit_authority_register_authentication_agent_finish
GError **error);
void polkit_authority_unregister_authentication_agent (PolkitAuthority *authority,
const gchar *session_id,
const gchar *object_path,
GCancellable *cancellable,
GAsyncReadyCallback callback,
......
......@@ -102,8 +102,8 @@ server_register (Server *server,
ret = FALSE;
local_error = NULL;
/* TODO: also pass server->session_id */
if (!polkit_authority_register_authentication_agent_sync (server->authority,
server->session_id,
server->object_path,
NULL,
&local_error))
......@@ -198,6 +198,7 @@ server_finalize (GObject *object)
error = NULL;
if (!polkit_authority_unregister_authentication_agent_sync (server->authority,
server->session_id,
server->object_path,
NULL,
&error))
......
......@@ -391,6 +391,7 @@ polkit_backend_authority_remove_authorization (PolkitBackendAuthority *autho
* polkit_backend_authority_register_authentication_agent:
* @authority: A #PolkitBackendAuthority.
* @caller: The system bus name that initiated the query.
* @session_id: The identifier of the session to register for or %NULL for the session of the caller.
* @object_path: The object path for the authentication agent.
* @error: Return location for error or %NULL.
*
......@@ -401,6 +402,7 @@ polkit_backend_authority_remove_authorization (PolkitBackendAuthority *autho
gboolean
polkit_backend_authority_register_authentication_agent (PolkitBackendAuthority *authority,
PolkitSubject *caller,
const gchar *session_id,
const gchar *object_path,
GError **error)
{
......@@ -418,7 +420,7 @@ polkit_backend_authority_register_authentication_agent (PolkitBackendAuthority
}
else
{
return klass->register_authentication_agent (authority, caller, object_path, error);
return klass->register_authentication_agent (authority, caller, session_id, object_path, error);
}
}
......@@ -426,6 +428,7 @@ polkit_backend_authority_register_authentication_agent (PolkitBackendAuthority
* polkit_backend_authority_unregister_authentication_agent:
* @authority: A #PolkitBackendAuthority.
* @caller: The system bus name that initiated the query.
* @session_id: The identifier of the session the agent is registered at or %NULL for the session of the caller.
* @object_path: The object path that the authentication agent is registered at.
* @error: Return location for error or %NULL.
*
......@@ -436,6 +439,7 @@ polkit_backend_authority_register_authentication_agent (PolkitBackendAuthority
gboolean
polkit_backend_authority_unregister_authentication_agent (PolkitBackendAuthority *authority,
PolkitSubject *caller,
const gchar *session_id,
const gchar *object_path,
GError **error)
{
......@@ -453,7 +457,7 @@ polkit_backend_authority_unregister_authentication_agent (PolkitBackendAuthority
}
else
{
return klass->unregister_authentication_agent (authority, caller, object_path, error);
return klass->unregister_authentication_agent (authority, caller, session_id, object_path, error);
}
}
......@@ -956,6 +960,7 @@ authority_manager_handle_remove_authorization (_PolkitAuthorityManager *i
static void
authority_handle_register_authentication_agent (_PolkitAuthority *instance,
const gchar *session_id,
const gchar *object_path,
EggDBusMethodInvocation *method_invocation)
{
......@@ -968,6 +973,7 @@ authority_handle_register_authentication_agent (_PolkitAuthority *
error = NULL;
if (!polkit_backend_authority_register_authentication_agent (server->authority,
caller,
session_id,
object_path,
&error))
{
......@@ -986,6 +992,7 @@ authority_handle_register_authentication_agent (_PolkitAuthority *
static void
authority_handle_unregister_authentication_agent (_PolkitAuthority *instance,
const gchar *session_id,
const gchar *object_path,
EggDBusMethodInvocation *method_invocation)
{
......@@ -998,6 +1005,7 @@ authority_handle_unregister_authentication_agent (_PolkitAuthority
error = NULL;
if (!polkit_backend_authority_unregister_authentication_agent (server->authority,
caller,
session_id,
object_path,
&error))
{
......
......@@ -127,11 +127,13 @@ struct _PolkitBackendAuthorityClass
gboolean (*register_authentication_agent) (PolkitBackendAuthority *authority,
PolkitSubject *caller,
const gchar *session_id,
const gchar *object_path,
GError **error);
gboolean (*unregister_authentication_agent) (PolkitBackendAuthority *authority,
PolkitSubject *caller,
const gchar *session_id,
const gchar *object_path,
GError **error);
......@@ -238,11 +240,13 @@ gboolean polkit_backend_authority_remove_authorization (PolkitBackendAuthor
gboolean polkit_backend_authority_register_authentication_agent (PolkitBackendAuthority *authority,
PolkitSubject *caller,
const gchar *session_id,
const gchar *object_path,
GError **error);
gboolean polkit_backend_authority_unregister_authentication_agent (PolkitBackendAuthority *authority,
PolkitSubject *caller,
const gchar *session_id,
const gchar *object_path,
GError **error);
......
......@@ -192,11 +192,13 @@ static gboolean polkit_backend_local_authority_remove_authorization (PolkitBacke
static gboolean polkit_backend_local_authority_register_authentication_agent (PolkitBackendAuthority *authority,
PolkitSubject *caller,
const gchar *session_id,
const gchar *object_path,
GError **error);
static gboolean polkit_backend_local_authority_unregister_authentication_agent (PolkitBackendAuthority *authority,
PolkitSubject *caller,
const gchar *session_id,
const gchar *object_path,
GError **error);
......@@ -1435,6 +1437,7 @@ authentication_session_cancel (AuthenticationSession *session)
static gboolean
polkit_backend_local_authority_register_authentication_agent (PolkitBackendAuthority *authority,
PolkitSubject *caller,
const gchar *session_id,
const gchar *object_path,
GError **error)
{
......@@ -1450,6 +1453,15 @@ polkit_backend_local_authority_register_authentication_agent (PolkitBackendAutho
local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority);
priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority);
if (session_id != NULL && strlen (session_id) > 0)
{
g_set_error (error,
POLKIT_ERROR,
POLKIT_ERROR_FAILED,
"The session_id parameter must be blank for now.");
goto out;
}
session_for_caller = polkit_backend_session_monitor_get_session_for_subject (priv->session_monitor,
caller,
NULL);
......@@ -1499,6 +1511,7 @@ polkit_backend_local_authority_register_authentication_agent (PolkitBackendAutho
static gboolean
polkit_backend_local_authority_unregister_authentication_agent (PolkitBackendAuthority *authority,
PolkitSubject *caller,
const gchar *session_id,
const gchar *object_path,
GError **error)
{
......@@ -1513,6 +1526,15 @@ polkit_backend_local_authority_unregister_authentication_agent (PolkitBackendAut
ret = FALSE;
if (session_id != NULL && strlen (session_id) > 0)
{
g_set_error (error,
POLKIT_ERROR,
POLKIT_ERROR_FAILED,
"The session_id parameter must be blank for now.");
goto out;
}
session_for_caller = polkit_backend_session_monitor_get_session_for_subject (priv->session_monitor,
caller,
NULL);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment