Commit 6486dea3 authored by David Zeuthen's avatar David Zeuthen

Port CK class to gdbus

Also simplify the code it by using the on-disk database. Makes
everything a lot simpler.
Signed-off-by: default avatarDavid Zeuthen <davidz@redhat.com>
parent 3fee2254
......@@ -262,6 +262,14 @@ polkit_authority_class_init (PolkitAuthorityClass *klass)
PolkitAuthority *
polkit_authority_get (void)
{
static volatile GQuark error_quark = 0;
if (error_quark == 0)
{
error_quark = POLKIT_ERROR;
}
if (the_authority != NULL)
{
g_object_ref (the_authority);
......
......@@ -17,22 +17,6 @@ INCLUDES = \
-DEGG_DBUS_I_KNOW_API_IS_SUBJECT_TO_CHANGE \
$(NULL)
BUILT_SOURCES = \
ck-built-sources.stamp \
$(NULL)
ck-built-sources.stamp : Makefile.am $(srcdir)/org.freedesktop.ConsoleKit.xml
eggdbus-binding-tool \
--namespace "Ck" \
--dbus-namespace "org.freedesktop.ConsoleKit" \
--introspection-xml $(top_srcdir)/src/polkitbackend/org.freedesktop.ConsoleKit.xml \
--stamp-file ck-built-sources.stamp \
$(NULL)
# keep in sync with contents of ck-built-sources.stamp (Thanks autotools)
#
ck_built_sources = ckbindingsmarshal.c ckbindingsmarshal.h ckbindingsmarshal.list ckbindings.c ckbindings.h ckbindingstypes.h cksession.c cksession.h docbook-interface-org.freedesktop.ConsoleKit.Session.xml ckseat.c ckseat.h docbook-interface-org.freedesktop.ConsoleKit.Seat.xml ckmanager.c ckmanager.h docbook-interface-org.freedesktop.ConsoleKit.Manager.xml ckerror.c ckerror.h docbook-enum-Error.xml ckdevice.c ckdevice.h docbook-struct-Device.xml
lib_LTLIBRARIES=libpolkit-backend-1.la
libpolkit_backend_1includedir=$(includedir)/polkit-1/polkitbackend
......@@ -51,7 +35,6 @@ libpolkit_backend_1include_HEADERS = \
$(NULL)
libpolkit_backend_1_la_SOURCES = \
$(ck_built_sources) \
$(BUILT_SOURCES) \
polkitbackend.h \
polkitbackendtypes.h \
......@@ -94,10 +77,10 @@ EXTRA_DIST = \
$(NULL)
dist-hook :
(for i in $(ck_built_sources) $(BUILT_SOURCES) ; do rm -f $(distdir)/$$i ; done)
(for i in $(BUILT_SOURCES) ; do rm -f $(distdir)/$$i ; done)
clean-local :
rm -f *~ $(ck_built_sources) $(BUILT_SOURCES)
rm -f *~ $(BUILT_SOURCES)
install-exec-hook:
mkdir -p $(DESTDIR)$(localstatedir)/lib/polkit-1
......
<!DOCTYPE node PUBLIC "-//freedesktop//DTD D-BUS Object Introspection 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd">
<node>
<!-- The error domain used for reporting errors -->
<annotation name="org.gtk.EggDBus.DeclareErrorDomain" value="Error">
<annotation name="org.gtk.EggDBus.ErrorDomain.Member" value="org.freedesktop.ConsoleKit.Manager.GeneralError">
<annotation name="org.gtk.EggDBus.ErrorDomain.Member.Value" value="0"/>
</annotation>
<annotation name="org.gtk.EggDBus.ErrorDomain.Member" value="org.freedesktop.ConsoleKit.Manager.NotPrivileged"/>
<annotation name="org.gtk.EggDBus.ErrorDomain.Member" value="org.freedesktop.ConsoleKit.Seat.GeneralError">
<annotation name="org.gtk.EggDBus.ErrorDomain.Member.Value" value="100"/>
</annotation>
<annotation name="org.gtk.EggDBus.ErrorDomain.Member" value="org.freedesktop.ConsoleKit.Session.GeneralError">
<annotation name="org.gtk.EggDBus.ErrorDomain.Member.Value" value="200"/>
</annotation>
</annotation>
<!-- Device -->
<annotation name="org.gtk.EggDBus.DeclareStruct" value="Device">
<annotation name="org.gtk.EggDBus.DocString" value="The #Device type represents devices that are associated with seats."/>
<annotation name="org.gtk.EggDBus.DocString.Summary" value="Devices"/>
<annotation name="org.gtk.EggDBus.Struct.Member" value="String:id1">
<annotation name="org.gtk.EggDBus.DocString" value="The first device identifier"/>
</annotation>
<annotation name="org.gtk.EggDBus.Struct.Member" value="String:id2">
<annotation name="org.gtk.EggDBus.DocString" value="The second device identifier"/>
</annotation>
</annotation>
<!-- -->
<interface name="org.freedesktop.ConsoleKit.Manager">
<!-- All of these should probably be read-only properties instead of methods -->
<method name="GetSystemIdleSinceHint">
<arg name="iso8601_datetime" type="s" direction="out"/>
</method>
<method name="GetSystemIdleHint">
<arg name="idle_hint" type="b" direction="out"/>
</method>
<method name="GetSessions">
<arg name="sessions" type="ao" direction="out"/>
</method>
<method name="GetSeats">
<arg name="seats" type="ao" direction="out"/>
</method>
<method name="GetCurrentSession">
<arg name="ssid" type="o" direction="out"/>
</method>
<method name="GetSessionsForUser">
<arg name="uid" type="u" direction="in"/>
<arg name="sessions" type="ao" direction="out"/>
</method>
<method name="GetSessionsForUnixUser">
<arg name="uid" type="u" direction="in"/>
<arg name="sessions" type="ao" direction="out"/>
</method>
<method name="GetSessionForUnixProcess">
<arg name="pid" type="u" direction="in"/>
<arg name="ssid" type="o" direction="out"/>
</method>
<method name="GetSessionForCookie">
<arg name="cookie" type="s" direction="in"/>
<arg name="ssid" type="o" direction="out"/>
</method>
<method name="CloseSession">
<arg name="cookie" type="s" direction="in"/>
<arg name="result" type="b" direction="out"/>
</method>
<method name="OpenSessionWithParameters">
<arg name="parameters" type="a(sv)" direction="in">
<annotation name="org.gtk.EggDBus.Type" value="Array<Struct<String,Variant>>"/>
</arg>
<arg name="cookie" type="s" direction="out"/>
</method>
<method name="OpenSession">
<arg name="cookie" type="s" direction="out"/>
</method>
<method name="Stop">
</method>
<method name="Restart">
</method>
<!-- If the above Get*() methods are properties and we have org.fd.Properties.Changed() these signals
are not needed -->
<signal name="SystemIdleHintChanged">
<arg type="b"/>
</signal>
<signal name="SeatRemoved">
<arg type="o"/>
</signal>
<signal name="SeatAdded">
<arg type="o"/>
</signal>
</interface>
<interface name="org.freedesktop.ConsoleKit.Seat">
<method name="ActivateSession">
<arg name="ssid" type="o" direction="in"/>
</method>
<!-- All of these should probably be read-only properties instead of Get*() methods -->
<method name="CanActivateSessions">
<arg name="can_activate" type="b" direction="out"/>
</method>
<method name="GetActiveSession">
<arg name="ssid" type="o" direction="out"/>
</method>
<method name="GetDevices">
<arg name="devices" type="a(ss)" direction="out"/>
</method>
<method name="GetSessions">
<arg name="sessions" type="ao" direction="out"/>
</method>
<method name="GetId">
<arg name="sid" type="o" direction="out"/>
</method>
<signal name="DeviceRemoved">
<arg type="(ss)"/>
</signal>
<signal name="DeviceAdded">
<arg type="(ss)"/>
</signal>
<!-- If the above Get*() methods are properties and we have org.fd.Properties.Changed() these signals
are not needed -->
<signal name="SessionRemoved">
<arg type="o"/>
</signal>
<signal name="SessionAdded">
<arg type="o"/>
</signal>
<signal name="ActiveSessionChanged">
<arg type="s"/>
</signal>
</interface>
<interface name="org.freedesktop.ConsoleKit.Session">
<method name="SetIdleHint">
<arg name="idle_hint" type="b" direction="in"/>
</method>
<!-- This should really be a read-only property, not a method -->
<method name="GetIdleSinceHint">
<arg name="iso8601_datetime" type="s" direction="out"/>
</method>
<!-- superfluous: there's already :idle-hint
<method name="GetIdleHint">
<arg name="idle_hint" type="b" direction="out"/>
</method>
-->
<method name="Unlock">
</method>
<method name="Lock">
</method>
<method name="Activate">
</method>
<!-- This should really be a read-only property, not a method -->
<method name="GetCreationTime">
<arg name="iso8601_datetime" type="s" direction="out"/>
</method>
<!-- superfluous: there's already :is-local
<method name="IsLocal">
<arg name="local" type="b" direction="out"/>
</method>
-->
<!-- superfluous: there's already :is-active
<method name="IsActive">
<arg name="active" type="b" direction="out"/>
</method>
-->
<method name="GetLoginSessionId">
<arg name="login_session_id" type="s" direction="out"/>
</method>
<!-- superfluous: there's already :remote-host-name
<method name="GetRemoteHostName">
<arg name="remote_host_name" type="s" direction="out"/>
</method>
-->
<!-- superfluous: there's already :display-device
<method name="GetDisplayDevice">
<arg name="display_device" type="s" direction="out"/>
</method>
-->
<!-- superfluous: there's already :x11-display-device
<method name="GetX11DisplayDevice">
<arg name="x11_display_device" type="s" direction="out"/>
</method>
-->
<!-- superfluous: there's already :x11-display
<method name="GetX11Display">
<arg name="display" type="s" direction="out"/>
</method>
-->
<!-- superfluous: there's already :unix-user
<method name="GetUnixUser">
<arg name="uid" type="u" direction="out"/>
</method>
-->
<!-- superfluous: there's already :user
<method name="GetUser">
<arg name="uid" type="u" direction="out"/>
</method>
-->
<!-- superfluous: there's already :session-type
<method name="GetSessionType">
<arg name="type" type="s" direction="out"/>
</method>
-->
<!-- This should really be a read-only property, not a method -->
<method name="GetSeatId">
<arg name="sid" type="o" direction="out"/>
</method>
<!-- This should really be a read-only property, not a method -->
<method name="GetId">
<arg name="ssid" type="o" direction="out"/>
</method>
<!-- This should probably be called Unlocked -->
<signal name="Unlock">
</signal>
<!-- This should probably be called Locked -->
<signal name="Lock">
</signal>
<!-- superfluous if you have the org.fd.Properties.Changed() signal -->
<signal name="IdleHintChanged">
<arg type="b"/>
</signal>
<!-- superfluous if you have the org.fd.Properties.Changed() signal -->
<signal name="ActiveChanged">
<arg type="b"/>
</signal>
<!--
Note: ConsoleKit declares these as readwrite but since setting may fail (due to lack
of privilege) they shouldn't be properties [1]; instead use Set* methods.
[1] : most object systems, specifically GObject, don't have a way to return
errors when setting properties
-->
<property name="idle-hint" type="b" access="read"/>
<property name="is-local" type="b" access="read"/>
<property name="active" type="b" access="read"/>
<property name="x11-display-device" type="s" access="read"/>
<property name="x11-display" type="s" access="read"/>
<property name="display-device" type="s" access="read"/>
<property name="remote-host-name" type="s" access="read"/>
<property name="session-type" type="s" access="read"/>
<property name="user" type="u" access="read"/>
<property name="unix-user" type="u" access="read"/>
</interface>
</node>
......@@ -769,11 +769,22 @@ polkit_backend_interactive_authority_check_authorization (PolkitBackendAuthority
if (!POLKIT_IS_UNIX_USER (user_of_caller) ||
polkit_unix_user_get_uid (POLKIT_UNIX_USER (user_of_caller)) != 0)
{
g_simple_async_result_set_error (simple,
POLKIT_ERROR,
POLKIT_ERROR_NOT_AUTHORIZED,
"Only trusted callers can use CheckAuthorization() for subjects "
"belonging to other identities and/or pass details");
if (has_details)
{
g_simple_async_result_set_error (simple,
POLKIT_ERROR,
POLKIT_ERROR_NOT_AUTHORIZED,
"Only trusted callers (e.g. uid 0) can use CheckAuthorization() and "
"pass details");
}
else
{
g_simple_async_result_set_error (simple,
POLKIT_ERROR,
POLKIT_ERROR_NOT_AUTHORIZED,
"Only trusted callers (e.g. uid 0) can use CheckAuthorization() for "
"subjects belonging to other identities");
}
g_simple_async_result_complete (simple);
g_object_unref (simple);
goto out;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment