Commit affe51cb authored by David Zeuthen's avatar David Zeuthen

add enumeration and handling of implicit authorizations

Now to actually use them...
parent d1baf04d
......@@ -15,7 +15,7 @@
<defaults>
<allow_any>no</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>auth_admin_keep_always</allow_active>
<allow_active>auth_admin_keep</allow_active>
</defaults>
</action>
......@@ -25,7 +25,7 @@
<defaults>
<allow_any>no</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>auth_admin_keep_always</allow_active>
<allow_active>auth_admin_keep</allow_active>
</defaults>
</action>
......@@ -35,7 +35,7 @@
<defaults>
<allow_any>no</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>auth_admin_keep_always</allow_active>
<allow_active>auth_admin_keep</allow_active>
</defaults>
</action>
......@@ -45,7 +45,7 @@
<defaults>
<allow_any>no</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>auth_admin_keep_always</allow_active>
<allow_active>auth_admin_keep</allow_active>
</defaults>
</action>
</policyconfig>
......@@ -32,33 +32,81 @@
</annotation>
<!-- An enumeration for implicit authorizations -->
<annotation name="org.gtk.EggDBus.DeclareEnum" value="ImplicitAuthorization">
<annotation name="org.gtk.EggDBus.Enum.Member" value="NotAuthorized">
<annotation name="org.gtk.EggDBus.DocString" value="Subject is not authorized."/>
</annotation>
<annotation name="org.gtk.EggDBus.Enum.Member" value="AuthenticationRequired">
<annotation name="org.gtk.EggDBus.DocString" value="Authentication is required."/>
</annotation>
<annotation name="org.gtk.EggDBus.Enum.Member" value="AdministratorAuthenticationRequired">
<annotation name="org.gtk.EggDBus.DocString" value="Authentication as an administrator is required."/>
</annotation>
<annotation name="org.gtk.EggDBus.Enum.Member" value="AuthenticationRequiredRetained">
<annotation name="org.gtk.EggDBus.DocString" value="Authentication is required. If the authorization is obtained, it is retained."/>
</annotation>
<annotation name="org.gtk.EggDBus.Enum.Member" value="AdministratorAuthenticationRequiredRetained">
<annotation name="org.gtk.EggDBus.DocString" value="Authentication as an administrator is required. If the authorization is obtained, it is retained."/>
</annotation>
<annotation name="org.gtk.EggDBus.Enum.Member" value="Authorized">
<annotation name="org.gtk.EggDBus.DocString" value="The subject is authorized"/>
</annotation>
</annotation>
<!-- ActionDescription struct -->
<annotation name="org.gtk.EggDBus.DeclareStruct" value="ActionDescription">
<annotation name="org.gtk.EggDBus.Struct.Member" value="s:action_id">
<annotation name="org.gtk.EggDBus.DocString" value="Action Identifier"/>
</annotation>
<annotation name="org.gtk.EggDBus.Struct.Member" value="s:description">
<annotation name="org.gtk.EggDBus.DocString" value="Action Description"/>
</annotation>
<annotation name="org.gtk.EggDBus.Struct.Member" value="s:message">
<annotation name="org.gtk.EggDBus.DocString" value="Action Message"/>
</annotation>
<annotation name="org.gtk.EggDBus.Struct.Member" value="s:vendor_name">
<annotation name="org.gtk.EggDBus.DocString" value="Vendor Name"/>
</annotation>
<annotation name="org.gtk.EggDBus.Struct.Member" value="s:vendor_url">
<annotation name="org.gtk.EggDBus.DocString" value="Vendor URL"/>
</annotation>
<annotation name="org.gtk.EggDBus.Struct.Member" value="s:icon_name">
<annotation name="org.gtk.EggDBus.DocString" value="Icon Name"/>
</annotation>
<annotation name="org.gtk.EggDBus.Struct.Member" value="i:implicit_any">
<annotation name="org.gtk.EggDBus.EnumType" value="ImplicitAuthorization"/>
<annotation name="org.gtk.EggDBus.DocString" value="Defaults for any kind of subject"/>
</annotation>
<annotation name="org.gtk.EggDBus.Struct.Member" value="i:implicit_inactive">
<annotation name="org.gtk.EggDBus.EnumType" value="ImplicitAuthorization"/>
<annotation name="org.gtk.EggDBus.DocString" value="Defaults for subjects in local inactive sessions"/>
</annotation>
<annotation name="org.gtk.EggDBus.Struct.Member" value="i:implicit_active">
<annotation name="org.gtk.EggDBus.EnumType" value="ImplicitAuthorization"/>
<annotation name="org.gtk.EggDBus.DocString" value="Defaults for subjects in local active sessions"/>
</annotation>
<annotation name="org.gtk.EggDBus.Struct.Member" value="a{ss}:annotations">
<annotation name="org.gtk.EggDBus.DocString" value="Annotations"/>
</annotation>
<!-- TODO: also include defaults -->
</annotation>
<!-- The error domain used for reporting errors -->
......@@ -126,7 +174,7 @@
<method name="EnumerateActions">
<arg name="locale" direction="in" type="s"/>
<arg name="action_descriptions" direction="out" type="a(ssssssa{ss})">
<arg name="action_descriptions" direction="out" type="a(ssssssiiia{ss})">
<annotation name="org.gtk.EggDBus.StructType" value="ActionDescription"/>
</arg>
</method>
......
......@@ -20,6 +20,7 @@ BUILT_SOURCES = \
_polkitauthority.c _polkitauthority.h \
_polkitauthorization.c _polkitauthorization.h \
_polkitauthorizationresult.c _polkitauthorizationresult.h \
_polkitimplicitauthorization.c _polkitimplicitauthorization.h \
_polkitcheckauthorizationflags.c _polkitcheckauthorizationflags.h \
_polkitbindings.c _polkitbindings.h \
_polkitbindingsmarshal.c _polkitbindingsmarshal.h \
......@@ -56,6 +57,7 @@ libpolkit_gobject_1include_HEADERS = \
polkitauthorizationresult.h \
polkitcheckauthorizationflags.h \
polkitauthorization.h \
polkitimplicitauthorization.h \
$(NULL)
libpolkit_gobject_1_la_SOURCES = \
......@@ -74,6 +76,7 @@ libpolkit_gobject_1_la_SOURCES = \
polkitauthorizationresult.c polkitauthorizationresult.h \
polkitcheckauthorizationflags.c polkitcheckauthorizationflags.h \
polkitauthorization.c polkitauthorization.h \
polkitimplicitauthorization.c polkitimplicitauthorization.h \
$(NULL)
libpolkit_gobject_1_la_CFLAGS = \
......
......@@ -24,6 +24,7 @@
#define _POLKIT_INSIDE_POLKIT_H 1
#include <polkit/polkitimplicitauthorization.h>
#include <polkit/polkitactiondescription.h>
#include <polkit/polkiterror.h>
#include <polkit/polkitidentity.h>
......
......@@ -24,6 +24,7 @@
#endif
#include <string.h>
#include "polkitimplicitauthorization.h"
#include "polkitactiondescription.h"
#include "_polkitactiondescription.h"
......@@ -133,6 +134,25 @@ polkit_action_description_get_vendor_url (PolkitActionDescription *action_descri
return _polkit_action_description_get_vendor_url (action_description->real);
}
PolkitImplicitAuthorization
polkit_action_description_get_implicit_any (PolkitActionDescription *action_description)
{
return _polkit_action_description_get_implicit_any (action_description->real);
}
PolkitImplicitAuthorization
polkit_action_description_get_implicit_inactive (PolkitActionDescription *action_description)
{
return _polkit_action_description_get_implicit_inactive (action_description->real);
}
PolkitImplicitAuthorization
polkit_action_description_get_implicit_active (PolkitActionDescription *action_description)
{
return _polkit_action_description_get_implicit_active (action_description->real);
}
GIcon *
polkit_action_description_get_icon (PolkitActionDescription *action_description)
{
......
......@@ -47,6 +47,11 @@ const gchar *polkit_action_description_get_message (PolkitActi
const gchar *polkit_action_description_get_vendor_name (PolkitActionDescription *action_description);
const gchar *polkit_action_description_get_vendor_url (PolkitActionDescription *action_description);
GIcon *polkit_action_description_get_icon (PolkitActionDescription *action_description);
PolkitImplicitAuthorization polkit_action_description_get_implicit_any (PolkitActionDescription *action_description);
PolkitImplicitAuthorization polkit_action_description_get_implicit_inactive (PolkitActionDescription *action_description);
PolkitImplicitAuthorization polkit_action_description_get_implicit_active (PolkitActionDescription *action_description);
const gchar *polkit_action_description_get_annotation (PolkitActionDescription *action_description,
const gchar *key);
const gchar * const *polkit_action_description_get_annotation_keys (PolkitActionDescription *action_description);
......
/*
* Copyright (C) 2008 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General
* Public License along with this library; if not, write to the
* Free Software Foundation, Inc., 59 Temple Place, Suite 330,
* Boston, MA 02111-1307, USA.
*
* Author: David Zeuthen <davidz@redhat.com>
*/
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif
#include <string.h>
#include "polkitimplicitauthorization.h"
#include "polkitprivate.h"
/**
* SECTION:polkitimplicitauthorization
* @title: PolkitImplicitAuthorization
* @short_result: Implicit Authorizations
*
* Possible implicit authorizations.
*/
GType
polkit_implicit_authorization_get_type (void)
{
return _polkit_implicit_authorization_get_type ();
}
gboolean
polkit_implicit_authorization_from_string (const gchar *string,
PolkitImplicitAuthorization *out_implicit_authorization)
{
PolkitImplicitAuthorization result;
gboolean ret;
ret = TRUE;
result = POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED;
if (strcmp (string, "no") == 0)
{
result = POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED;
}
else if (strcmp (string, "auth_self") == 0)
{
result = POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED;
}
else if (strcmp (string, "auth_admin") == 0)
{
result = POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED;
}
else if (strcmp (string, "auth_self_keep") == 0)
{
result = POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED_RETAINED;
}
else if (strcmp (string, "auth_admin_keep") == 0)
{
result = POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED_RETAINED;
}
else if (strcmp (string, "yes") == 0)
{
result = POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED;
}
else
{
g_warning ("Unknown PolkitImplicitAuthorization string '%s'", string);
ret = FALSE;
}
if (out_implicit_authorization != NULL)
*out_implicit_authorization = result;
g_debug ("parsed '%s' to %d", string, result);
return ret;
}
const gchar *
polkit_implicit_authorization_to_string (PolkitImplicitAuthorization implicit_authorization)
{
const gchar *s;
s = "(unknown)";
switch (implicit_authorization)
{
case POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED:
s = "no";
break;
case POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED:
s = "auth_self";
break;
case POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED:
s = "auth_admin";
break;
case POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED_RETAINED:
s = "auth_self_keep";
break;
case POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED_RETAINED:
s = "auth_admin_keep";
break;
case POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED:
s = "yes";
break;
}
return s;
}
/*
* Copyright (C) 2008 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General
* Public License along with this library; if not, write to the
* Free Software Foundation, Inc., 59 Temple Place, Suite 330,
* Boston, MA 02111-1307, USA.
*
* Author: David Zeuthen <davidz@redhat.com>
*/
#ifndef __POLKIT_IMPLICIT_AUTHORIZATION_H
#define __POLKIT_IMPLICIT_AUTHORIZATION_H
#include <glib-object.h>
G_BEGIN_DECLS
GType polkit_implicit_authorization_get_type (void) G_GNUC_CONST;
#define POLKIT_TYPE_IMPLICIT_AUTHORIZATION (polkit_implicit_authorization_get_type ())
/**
* PolkitImplicitAuthorization:
* @POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED: Subject is not authorized.
* @POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED: Authentication is required.
* @POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED: Authentication as an administrator is required.
* @POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED_RETAINED: Authentication is required. If the authorization is obtained, it is retained.
* @POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED_RETAINED: Authentication as an administrator is required. If the authorization is obtained, it is retained.
* @POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED: The subject is authorized
*
* Possible implicit authorizations.
*/
typedef enum
{
POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED = 0,
POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED = 1,
POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED = 2,
POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED_RETAINED = 3,
POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED_RETAINED = 4,
POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED = 5,
} PolkitImplicitAuthorization;
const gchar *polkit_implicit_authorization_to_string (PolkitImplicitAuthorization implicit_authorization);
gboolean polkit_implicit_authorization_from_string (const gchar *string,
PolkitImplicitAuthorization *out_implicit_authorization);
G_END_DECLS
#endif /* __POLKIT_IMPLICIT_AUTHORIZATION_H */
......@@ -22,6 +22,7 @@
#ifndef __POLKIT_PRIVATE_H
#define __POLKIT_PRIVATE_H
#include "polkitimplicitauthorization.h"
#include "polkitactiondescription.h"
#include "polkitsubject.h"
#include "_polkitbindings.h"
......
......@@ -41,6 +41,10 @@ typedef struct
gchar *description;
gchar *message;
PolkitImplicitAuthorization implicit_authorization_any;
PolkitImplicitAuthorization implicit_authorization_inactive;
PolkitImplicitAuthorization implicit_authorization_active;
/* each of these map from the locale identifer (e.g. da_DK) to the localized value */
GHashTable *localized_description;
GHashTable *localized_message;
......@@ -293,6 +297,9 @@ polkit_backend_action_pool_get_action (PolkitBackendActionPool *pool,
parsed_action->vendor_name,
parsed_action->vendor_url,
parsed_action->icon_name,
parsed_action->implicit_authorization_any,
parsed_action->implicit_authorization_inactive,
parsed_action->implicit_authorization_active,
parsed_action->annotations);
ret = polkit_action_description_new_for_real (real);
......@@ -492,9 +499,9 @@ typedef struct {
char *vendor_url;
char *icon_name;
//PolKitResult defaults_allow_any;
//PolKitResult defaults_allow_inactive;
//PolKitResult defaults_allow_active;
PolkitImplicitAuthorization implicit_authorization_any;
PolkitImplicitAuthorization implicit_authorization_inactive;
PolkitImplicitAuthorization implicit_authorization_active;
GHashTable *policy_descriptions;
GHashTable *policy_messages;
......@@ -605,9 +612,9 @@ _start (void *data, const char *el, const char **attr)
g_free);
pd->annotations = egg_dbus_hash_map_new (G_TYPE_STRING, g_free, G_TYPE_STRING, g_free);
/* initialize defaults */
//pd->defaults_allow_any = POLKIT_RESULT_NO;
//pd->defaults_allow_inactive = POLKIT_RESULT_NO;
//pd->defaults_allow_active = POLKIT_RESULT_NO;
pd->implicit_authorization_any = POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED;
pd->implicit_authorization_inactive = POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED;
pd->implicit_authorization_active = POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED;
}
else if (strcmp (el, "vendor") == 0 && num_attr == 0)
{
......@@ -819,18 +826,18 @@ _cdata (void *data, const char *s, int len)
break;
case STATE_IN_DEFAULTS_ALLOW_ANY:
//if (!polkit_result_from_string_representation (str, &pd->defaults_allow_any))
// goto error;
if (!polkit_implicit_authorization_from_string (str, &pd->implicit_authorization_any))
goto error;
break;
case STATE_IN_DEFAULTS_ALLOW_INACTIVE:
//if (!polkit_result_from_string_representation (str, &pd->defaults_allow_inactive))
// goto error;
if (!polkit_implicit_authorization_from_string (str, &pd->implicit_authorization_inactive))
goto error;
break;
case STATE_IN_DEFAULTS_ALLOW_ACTIVE:
//if (!polkit_result_from_string_representation (str, &pd->defaults_allow_active))
// goto error;
if (!polkit_implicit_authorization_from_string (str, &pd->implicit_authorization_active))
goto error;
break;
case STATE_IN_ANNOTATE:
......@@ -896,6 +903,10 @@ _end (void *data, const char *el)
action->localized_message = pd->policy_messages;
action->annotations = pd->annotations;
action->implicit_authorization_any = pd->implicit_authorization_any;
action->implicit_authorization_inactive = pd->implicit_authorization_inactive;
action->implicit_authorization_active = pd->implicit_authorization_active;
g_hash_table_insert (priv->parsed_actions, action->action_id, action);
/* we steal these hash tables */
......
......@@ -371,21 +371,25 @@ print_action (PolkitActionDescription *action)
icon = polkit_action_description_get_icon (action);
g_print ("%s:\n", polkit_action_description_get_action_id (action));
g_print (" description: %s\n", polkit_action_description_get_description (action));
g_print (" message: %s\n", polkit_action_description_get_message (action));
g_print (" description: %s\n", polkit_action_description_get_description (action));
g_print (" message: %s\n", polkit_action_description_get_message (action));
if (vendor != NULL)
g_print (" vendor: %s\n", vendor);
g_print (" vendor: %s\n", vendor);
if (vendor_url != NULL)
g_print (" vendor_url: %s\n", vendor_url);
g_print (" vendor_url: %s\n", vendor_url);
if (icon != NULL)
{
gchar *s;
s = g_icon_to_string (icon);
g_print (" icon: %s\n", s);
g_print (" icon: %s\n", s);
g_free (s);
}
g_print (" implicit any: %s\n", polkit_implicit_authorization_to_string (polkit_action_description_get_implicit_any (action)));
g_print (" implicit inactive: %s\n", polkit_implicit_authorization_to_string (polkit_action_description_get_implicit_inactive (action)));
g_print (" implicit active: %s\n", polkit_implicit_authorization_to_string (polkit_action_description_get_implicit_active (action)));
annotation_keys = polkit_action_description_get_annotation_keys (action);
for (n = 0; annotation_keys[n] != NULL; n++)
{
......@@ -394,7 +398,7 @@ print_action (PolkitActionDescription *action)
key = annotation_keys[n];
value = polkit_action_description_get_annotation (action, key);
g_print (" annotation: %s -> %s\n", key, value);
g_print (" annotation: %s -> %s\n", key, value);
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment