diff options
author | David Zeuthen <davidz@redhat.com> | 2011-03-03 13:13:11 -0500 |
---|---|---|
committer | David Zeuthen <davidz@redhat.com> | 2011-03-03 13:18:05 -0500 |
commit | 02cebdb060e76e6d176f05ef24968e6d17225edb (patch) | |
tree | ad0bf3810442b299a21e5014364ab6733ead4475 | |
parent | 76792accc8c846059b551dfba91ec3cd24d45d71 (diff) |
Deprecated PolkitBackendActionLookup
Instead, pass the untranslated message as polkit.message and set the
gettext domain on polkit.gettext_domain. For printf()-style messages,
occurences of the form $(name_of_key) in the translated version of
polkit.message are expanded with the value of the property
name_of_key. See the pkexec(1) mechanism for an example of how to use
this.
Additionally, the property polkit.icon_name can be set to the
icon. Note that not all authentication agents use this - in
particular, gnome-shell does not.
It is no longer possible to set the details to be shown in the
authentication dialog. It was never a good idea to hide information
there anyway. Instead, the mechanism should format a meaningful
message.
Signed-off-by: David Zeuthen <davidz@redhat.com>
-rw-r--r-- | docs/man/pkexec.xml | 20 | ||||
-rw-r--r-- | docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml | 10 | ||||
-rw-r--r-- | docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.Authority.xml | 45 | ||||
-rw-r--r-- | docs/polkit/overview.xml | 9 | ||||
-rw-r--r-- | docs/polkit/polkit-1-docs.xml | 1 | ||||
-rw-r--r-- | po/POTFILES.in | 2 | ||||
-rw-r--r-- | po/da.po | 90 | ||||
-rw-r--r-- | src/examples/org.freedesktop.policykit.examples.pkexec.policy.in | 2 | ||||
-rw-r--r-- | src/polkit/polkitauthority.c | 22 | ||||
-rw-r--r-- | src/polkitbackend/polkitbackendactionlookup.c | 3 | ||||
-rw-r--r-- | src/polkitbackend/polkitbackendactionlookup.h | 16 | ||||
-rw-r--r-- | src/polkitbackend/polkitbackendauthority.c | 7 | ||||
-rw-r--r-- | src/polkitbackend/polkitbackendinteractiveauthority.c | 145 | ||||
-rw-r--r-- | src/polkitbackend/polkitbackendlocalauthority.c | 1 | ||||
-rw-r--r-- | src/programs/Makefile.am | 22 | ||||
-rw-r--r-- | src/programs/pkexec-action-lookup.c | 202 | ||||
-rw-r--r-- | src/programs/pkexec.c | 42 |
17 files changed, 238 insertions, 401 deletions
diff --git a/docs/man/pkexec.xml b/docs/man/pkexec.xml index 97ab315..2a0e721 100644 --- a/docs/man/pkexec.xml +++ b/docs/man/pkexec.xml @@ -152,13 +152,21 @@ <programlisting> <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" parse="text" href="../../src/examples/org.freedesktop.policykit.examples.pkexec.policy"><xi:fallback>FIXME: MISSING XINCLUDE CONTENT</xi:fallback></xi:include></programlisting> <para> - and drop it in - the <filename>/usr/share/polkit-1/actions</filename> directory - under a suitable name (e.g. matching the namespace of the - action). Note that in addition to specifying the program, the + and drop it in the + <filename>/usr/share/polkit-1/actions</filename> directory under + a suitable name (e.g. matching the namespace of the action). + Note that in addition to specifying the program, the authentication message, description, icon and defaults can be - specified. For example, for the action defined above, the following - authentication dialog will be shown: + specified. Note that occurences of the strings + <literal>$(user)</literal>, <literal>$(program)</literal> and + <literal>$(command_line)</literal> in the message will be + replaced with respectively the user (of the form "Real Name + (username)" or just "username" if there is no real name for the + username), the binary to execute (a fully-qualified path, + e.g. "<literal>/usr/bin/pk-example-frobnicate</literal>") and + the command-line, e.g. "<literal>pk-example-frobnicate foo + bar</literal>". For example, for the action defined above, the + following authentication dialog will be shown: </para> <mediaobject id="pkexec-frobnicate"> <imageobject> diff --git a/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml b/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml index b01fceb..ec59626 100644 --- a/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml +++ b/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml @@ -87,9 +87,13 @@ The themed icon describing the action or the empty string if no icon is set. <term><literal>IN Dict<String,String> <parameter>details</parameter></literal>:</term> <listitem> <para> -Details about the authentication request. This is a dictionary of key/value pairs where both key and value are strings. These strings are translated into the locale passed when registering the authentication agent using <link linkend="eggdbus-method-org.freedesktop.PolicyKit1.Authority.RegisterAuthenticationAgent">RegisterAuthenticationAgent()</link>. -Keys starting with <literal>polkit.</literal> are reserved for internal use and should never be displayed in the UI. -Known key/value-pairs include <literal>polkit.caller-pid</literal> (the process id of the mechanism making the authorization check) and <literal>polkit.subject-pid</literal> (the process id of the subject the check is for). + Details about the authentication request. This is a dictionary + of key/value pairs where both key and value are strings. + Known key/value-pairs include + <literal>polkit.caller-pid</literal> (the process id of the + mechanism making the authorization check) and + <literal>polkit.subject-pid</literal> (the process id of the + subject the check is for). </para> </listitem> </varlistentry> diff --git a/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.Authority.xml b/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.Authority.xml index ee29c4c..74338c3 100644 --- a/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.Authority.xml +++ b/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.Authority.xml @@ -571,7 +571,26 @@ CheckAuthorization (IN <link linkend="eggdbus-struct-Subject">Subject</link> OUT <link linkend="eggdbus-struct-AuthorizationResult">AuthorizationResult</link> result) </programlisting> <para> -<para>Checks if <parameter>subject</parameter> is authorized to perform the action with identifier <parameter>action_id</parameter>.</para><para>If <parameter>cancellation_id</parameter> is non-empty and already in use for the caller, the <link linkend="eggdbus-constant-Error.org.freedesktop.PolicyKit1.Error.CancellationIdNotUnique">org.freedesktop.PolicyKit1.Error.CancellationIdNotUnique</link> error is returned.</para><para>Note that <link linkend="eggdbus-constant-CheckAuthorizationFlags.AllowUserInteraction">CheckAuthorizationFlags.AllowUserInteraction</link> SHOULD be passed ONLY if the event that triggered the authorization check is stemming from an user action, e.g. the user pressing a button or attaching a device.</para> + <para> + Checks if <parameter>subject</parameter> is authorized to + perform the action with identifier + <parameter>action_id</parameter> + </para> + <para> + If <parameter>cancellation_id</parameter> is non-empty and + already in use for the caller, the <link + linkend="eggdbus-constant-Error.org.freedesktop.PolicyKit1.Error.CancellationIdNotUnique">org.freedesktop.PolicyKit1.Error.CancellationIdNotUnique</link> + error is returned. + </para> + <para> + Note that <link + linkend="eggdbus-constant-CheckAuthorizationFlags.AllowUserInteraction">CheckAuthorizationFlags.AllowUserInteraction</link> + SHOULD be passed ONLY if the event that triggered the + authorization check is stemming from an user action, e.g. the + user pressing a button or attaching a device. + </para> + <para> + </para> </para> <variablelist role="params"> <varlistentry> @@ -594,15 +613,27 @@ Identifier for the action that <parameter>subject</parameter> is attempting to d <term><literal>IN Dict<String,String> <parameter>details</parameter></literal>:</term> <listitem> <para> -Details describing the action. Keys starting with <literal>polkit.</literal> are reserved for internal use and cannot be used. +Details describing the action. Keys starting with <literal>polkit.</literal> are can only be set if defined in this document. </para> <para> Known keys include <literal>polkit.message</literal> and - <literal>polkit.message.gettext-domain</literal> that can be - used to override the message shown to the user (the user might - be running an authentication agent in another locale than the - calling process so that's why both the message and gettext - domain is needed. + <literal>polkit.gettext_domain</literal> that can be used to + override the message shown to the user. This latter is needed + because the user could be running an authentication agent in + another locale than the calling process. + </para> + <para> + The (translated version of) <literal>polkit.message</literal> + may include references to other keys that are expanded with + their respective values. For example if the key + <literal>device_file</literal> has the value + <literal>/dev/sda</literal> then the message + "<literal>Authenticate to format $(device_file)</literal>" is + expanded to "<literal>Authenticate to format + /dev/sda</literal>". + </para> + <para> + The key <literal>polkit.icon_name</literal> is used to override the icon shown in the authentication dialog. </para> <para> If non-empty, then the request will fail with diff --git a/docs/polkit/overview.xml b/docs/polkit/overview.xml index 31f856f..20f019c 100644 --- a/docs/polkit/overview.xml +++ b/docs/polkit/overview.xml @@ -123,14 +123,5 @@ </para> </formalpara> - <formalpara> - <title>POLKIT_BACKEND_ACTION_LOOKUP_EXTENSION_POINT_NAME</title> - <para> - Allows a mechanism to customize the contents of authentication - dialogs. Implementations of this extension point must - implement the #PolkitBackendActionLookup interface. - </para> - </formalpara> - </chapter> </part> diff --git a/docs/polkit/polkit-1-docs.xml b/docs/polkit/polkit-1-docs.xml index 06510ca..22092d9 100644 --- a/docs/polkit/polkit-1-docs.xml +++ b/docs/polkit/polkit-1-docs.xml @@ -94,7 +94,6 @@ <xi:include href="xml/polkitbackendauthority.xml"/> <xi:include href="xml/polkitbackendinteractiveauthority.xml"/> <xi:include href="xml/polkitbackendlocalauthority.xml"/> - <xi:include href="xml/polkitbackendactionlookup.xml"/> </part> <part id="ref-authentication-agent-api"> diff --git a/po/POTFILES.in b/po/POTFILES.in index 6998ef3..02f8255 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -4,4 +4,4 @@ actions/org.freedesktop.policykit.policy.in src/examples/org.freedesktop.policykit.examples.pkexec.policy.in src/polkitbackend/polkitbackendlocalauthority.c -src/programs/pkexec-action-lookup.c +src/programs/pkexec.c @@ -8,86 +8,58 @@ msgid "" msgstr "" "Project-Id-Version: DeviceKit-disks\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2009-05-15 13:45-0400\n" -"PO-Revision-Date: 2009-05-12 17:01-0400\n" +"POT-Creation-Date: 2011-03-03 13:03-0500\n" +"PO-Revision-Date: 2011-03-03 13:05-0500\n" "Last-Translator: David Zeuthen <davidz@redhat.com>\n" "Language-Team: Danish <dansk@dansk-gruppen.dk>\n" +"Language: da\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" #: ../actions/org.freedesktop.policykit.policy.in.h:1 -msgid "Authentication is required to grant authorizations to other users" -msgstr "Autorisering er påkrævet for at autorisere andre brugere" +msgid "Authentication is required to configure lock down policy" +msgstr "Autorisering er påkrævet for at konfigurer lock down" #: ../actions/org.freedesktop.policykit.policy.in.h:2 -msgid "" -"Authentication is required to modify the defaults for implicit authorizations" -msgstr "Autorisering er påkrævet for ændre implicit autorisering" - -#: ../actions/org.freedesktop.policykit.policy.in.h:3 -msgid "Authentication is required to read authorizations of other users" -msgstr "Autorisering er påkrævet for at læse andre brugers autoriseringer" - -#: ../actions/org.freedesktop.policykit.policy.in.h:4 -msgid "Authentication is required to revoke authorizations other users" -msgstr "" -"Autorisering er påkrævet for at fjerne en autosering fra en anden bruger" - -#: ../actions/org.freedesktop.policykit.policy.in.h:5 msgid "Authentication is required to run a program as another user" msgstr "Autorisering er påkrævet for at afvikle et program som en anden bruger" -#: ../actions/org.freedesktop.policykit.policy.in.h:6 -msgid "Grant authorizations to other users" -msgstr "Autoriser en anden bruger" - -#: ../actions/org.freedesktop.policykit.policy.in.h:7 -msgid "Modify defaults for implicit authorizations" -msgstr "Konfigurer implicit autorisering" - -#: ../actions/org.freedesktop.policykit.policy.in.h:8 -msgid "Read authorizations of other users" -msgstr "Læs andre brugers autoriseringer" - -#: ../actions/org.freedesktop.policykit.policy.in.h:9 -msgid "Revoke authorizations from other users" -msgstr "Fjern autorisering fra en anden bruger" +#: ../actions/org.freedesktop.policykit.policy.in.h:3 +msgid "Configure lock down for an action" +msgstr "Konfigurer lock down for en action" -#: ../actions/org.freedesktop.policykit.policy.in.h:10 +#: ../actions/org.freedesktop.policykit.policy.in.h:4 msgid "Run programs as another user" msgstr "Kør et program som en anden bruger" #: ../src/examples/org.freedesktop.policykit.examples.pkexec.policy.in.h:1 msgid "" -"Authentication is required to run the PolicyKit example program Frobnicate" -msgstr "Autorisering er påkrævet for at afvikle PolicyKit eksemplet Frobnicate" +"Authentication is required to run the PolicyKit example program Frobnicate " +"(user=$(user), program=$(program), command_line=$(command_line))" +msgstr "" +"Autorisering er påkrævet for at afvikle PolicyKit eksemplet Frobnicate (user=" +"$(user), program=$(program), command_line=$(command_line))" #: ../src/examples/org.freedesktop.policykit.examples.pkexec.policy.in.h:2 msgid "Run the PolicyKit example program Frobnicate" msgstr "Kør PolicyKit eksemplet Frobnicate" -#. Translator: %s is a fully qualified path to the executable -#: ../src/programs/pkexec-action-lookup.c:110 -#, c-format -msgid "Authentication is needed to run `%s' as the super user" -msgstr "Autorisering er påkrævet for at afvikle `%s' som super bruger" - -#. Translator: %s is a fully qualified path to the executable -#: ../src/programs/pkexec-action-lookup.c:115 -#, c-format -msgid "Authentication is needed to run `%s' as another user" -msgstr "Autorisering er påkrævet for at afvikle `%s' som en anden bruger" - -#: ../src/programs/pkexec-action-lookup.c:159 -msgid "Command" -msgstr "Program" - -#: ../src/programs/pkexec-action-lookup.c:168 -msgid "Super User (root)" -msgstr "Super Bruger (root)" - -#: ../src/programs/pkexec-action-lookup.c:170 -msgid "Run As" -msgstr "Bruger" +#. Translators: message shown when trying to run a program as root. Do not +#. * translate the $(program) fragment - it will be expanded to the path +#. * of the program e.g. /bin/bash. +#. +#: ../src/programs/pkexec.c:666 +msgid "Authentication is needed to run `$(program)' as the super user" +msgstr "Autorisering er påkrævet for at afvikle `$(program)' som super bruger" + +#. Translators: message shown when trying to run a program as another user. +#. * Do not translate the $(program) or $(user) fragments - the former will +#. * be expanded to the path of the program e.g. "/bin/bash" and the latter +#. * to the user e.g. "John Doe (johndoe)" or "johndoe". +#. +#: ../src/programs/pkexec.c:676 +msgid "Authentication is needed to run `$(program)' as user $(user)" +msgstr "" +"Autorisering er påkrævet for at afvikle `$(program)' som bruger $(user)" diff --git a/src/examples/org.freedesktop.policykit.examples.pkexec.policy.in b/src/examples/org.freedesktop.policykit.examples.pkexec.policy.in index ad08340..9c05b77 100644 --- a/src/examples/org.freedesktop.policykit.examples.pkexec.policy.in +++ b/src/examples/org.freedesktop.policykit.examples.pkexec.policy.in @@ -9,7 +9,7 @@ <action id="org.freedesktop.policykit.example.pkexec.run-frobnicate"> <_description>Run the PolicyKit example program Frobnicate</_description> - <_message>Authentication is required to run the PolicyKit example program Frobnicate</_message> + <_message>Authentication is required to run the PolicyKit example program Frobnicate (user=$(user), program=$(program), command_line=$(command_line))</_message> <icon_name>audio-x-generic</icon_name> <!-- just an example --> <defaults> <allow_any>no</allow_any> diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c index 3dc257f..468421e 100644 --- a/src/polkit/polkitauthority.c +++ b/src/polkit/polkitauthority.c @@ -846,9 +846,7 @@ check_authorization_cb (GDBusProxy *proxy, * @authority: A #PolkitAuthority. * @subject: A #PolkitSubject. * @action_id: The action to check for. - * @details: (allow-none): Details about the action or %NULL. Keys - * starting with <literal>polkit.</literal> are reserved for internal - * use and cannot be used. + * @details: (allow-none): Details about the action or %NULL. * @flags: A set of #PolkitCheckAuthorizationFlags. * @cancellable: (allow-none): A #GCancellable or %NULL. * @callback: A #GAsyncReadyCallback to call when the request is satisfied. @@ -871,11 +869,9 @@ check_authorization_cb (GDBusProxy *proxy, * the operation. * * Known keys in @details include <literal>polkit.message</literal> - * and <literal>polkit.message.gettext-domain</literal> that can be - * used to override the message shown to the user (the user might be - * running an authentication agent in another locale than the calling - * process so that's why both the message and gettext domain is - * needed). + * and <literal>polkit.gettext_domain</literal> that can be used to + * override the message shown to the user. See the documentation for + * the <link linkend="eggdbus-method-org.freedesktop.PolicyKit1.Authority.CheckAuthorization">D-Bus method</link> for more details. * * If @details is non-empty then the request will fail with * #POLKIT_ERROR_FAILED unless the process doing the check itsef is @@ -972,9 +968,7 @@ polkit_authority_check_authorization_finish (PolkitAuthority *authority * @authority: A #PolkitAuthority. * @subject: A #PolkitSubject. * @action_id: The action to check for. - * @details: (allow-none): Details about the action or %NULL. Keys - * starting with <literal>polkit.</literal> are reserved for internal - * use and cannot be used. + * @details: (allow-none): Details about the action or %NULL. * @flags: A set of #PolkitCheckAuthorizationFlags. * @cancellable: (allow-none): A #GCancellable or %NULL. * @error: (allow-none): Return location for error or %NULL. @@ -996,8 +990,10 @@ polkit_authority_check_authorization_finish (PolkitAuthority *authority * operation to complete because it involves waiting for the user to * authenticate. * - * See polkit_authority_check_authorization_sync() for how @details is - * handled. + * Known keys in @details include <literal>polkit.message</literal> + * and <literal>polkit.gettext_domain</literal> that can be used to + * override the message shown to the user. See the documentation for + * the <link linkend="eggdbus-method-org.freedesktop.PolicyKit1.Authority.CheckAuthorization">D-Bus method</link> for more details. * * Returns: (transfer full): A #PolkitAuthorizationResult or %NULL if @error is set. Free with g_object_unref(). */ diff --git a/src/polkitbackend/polkitbackendactionlookup.c b/src/polkitbackend/polkitbackendactionlookup.c index dcc972a..5a1a228 100644 --- a/src/polkitbackend/polkitbackendactionlookup.c +++ b/src/polkitbackend/polkitbackendactionlookup.c @@ -23,6 +23,9 @@ #include <errno.h> #include <pwd.h> #include <string.h> + +#define _POLKIT_BACKEND_ACTION_LOOKUP_NO_DEPRECATED_WARNING + #include <polkit/polkit.h> #include <polkit/polkitprivate.h> #include "polkitbackendactionlookup.h" diff --git a/src/polkitbackend/polkitbackendactionlookup.h b/src/polkitbackend/polkitbackendactionlookup.h index 1fbae16..254507b 100644 --- a/src/polkitbackend/polkitbackendactionlookup.h +++ b/src/polkitbackend/polkitbackendactionlookup.h @@ -88,6 +88,7 @@ struct _PolkitBackendActionLookupIface PolkitActionDescription *action_description); }; +#ifdef _POLKIT_BACKEND_ACTION_LOOKUP_NO_DEPRECATED_WARNING GType polkit_backend_action_lookup_get_type (void) G_GNUC_CONST; gchar *polkit_backend_action_lookup_get_message (PolkitBackendActionLookup *lookup, const gchar *action_id, @@ -101,6 +102,21 @@ PolkitDetails *polkit_backend_action_lookup_get_details (PolkitBackendActionLo const gchar *action_id, PolkitDetails *details, PolkitActionDescription *action_description); +#else +GType polkit_backend_action_lookup_get_type (void) G_GNUC_CONST G_GNUC_DEPRECATED_FOR (use_PolkitDetails_instead); +gchar *polkit_backend_action_lookup_get_message (PolkitBackendActionLookup *lookup, + const gchar *action_id, + PolkitDetails *details, + PolkitActionDescription *action_description) G_GNUC_DEPRECATED_FOR (use_PolkitDetails_instead); +gchar *polkit_backend_action_lookup_get_icon_name (PolkitBackendActionLookup *lookup, + const gchar *action_id, + PolkitDetails *details, + PolkitActionDescription *action_description) G_GNUC_DEPRECATED_FOR (use_PolkitDetails_instead); +PolkitDetails *polkit_backend_action_lookup_get_details (PolkitBackendActionLookup *lookup, + const gchar *action_id, + PolkitDetails *details, + PolkitActionDescription *action_description) G_GNUC_DEPRECATED_FOR (use_PolkitDetails_instead); +#endif G_END_DECLS diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c index 9dc8943..44b7493 100644 --- a/src/polkitbackend/polkitbackendauthority.c +++ b/src/polkitbackend/polkitbackendauthority.c @@ -30,7 +30,6 @@ #include <polkit/polkitprivate.h> #include "polkitbackendauthority.h" -#include "polkitbackendactionlookup.h" #include "polkitbackendlocalauthority.h" #include "polkitbackendprivate.h" @@ -1291,7 +1290,6 @@ PolkitBackendAuthority * polkit_backend_authority_get (void) { static GIOExtensionPoint *ep = NULL; - static GIOExtensionPoint *ep_action_lookup = NULL; static volatile GType local_authority_type = G_TYPE_INVALID; GList *modules; GList *authority_implementations; @@ -1305,11 +1303,6 @@ polkit_backend_authority_get (void) ep = g_io_extension_point_register (POLKIT_BACKEND_AUTHORITY_EXTENSION_POINT_NAME); g_io_extension_point_set_required_type (ep, POLKIT_BACKEND_TYPE_AUTHORITY); } - if (ep_action_lookup == NULL) - { - ep_action_lookup = g_io_extension_point_register (POLKIT_BACKEND_ACTION_LOOKUP_EXTENSION_POINT_NAME); - g_io_extension_point_set_required_type (ep_action_lookup, POLKIT_BACKEND_TYPE_ACTION_LOOKUP); - } /* make sure local types are registered */ if (local_authority_type == G_TYPE_INVALID) diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c index 462f334..4f7828a 100644 --- a/src/polkitbackend/polkitbackendinteractiveauthority.c +++ b/src/polkitbackend/polkitbackendinteractiveauthority.c @@ -32,7 +32,6 @@ #include "polkitbackendactionpool.h" #include "polkitbackendsessionmonitor.h" #include "polkitbackendconfigsource.h" -#include "polkitbackendactionlookup.h" #include <polkit/polkitprivate.h> @@ -1693,35 +1692,81 @@ authentication_agent_begin_cb (GDBusProxy *proxy, authentication_session_free (session); } -static GList * -get_action_lookup_list (void) +static void +append_property (GString *dest, + PolkitDetails *details, + const gchar *key, + PolkitBackendInteractiveAuthority *authority, + const gchar *message, + const gchar *action_id) { - GList *extensions; - GList *l; - GIOExtensionPoint *action_lookup_ep; - static GList *action_lookup_list = NULL; - static gboolean have_looked_up_extensions = FALSE; + const gchar *value; - if (have_looked_up_extensions) - goto out; + value = polkit_details_lookup (details, key); + if (value != NULL) + { + g_string_append (dest, value); + } + else + { + polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), + "Error substituting value for property $(%s) when preparing message `%s' for action-id %s", + key, + message, + action_id); + g_string_append (dest, "$("); + g_string_append (dest, key); + g_string_append (dest, ")"); + } +} + +static gchar * +expand_properties (const gchar *message, + PolkitDetails *details, + PolkitBackendInteractiveAuthority *authority, + const gchar *action_id) +{ + GString *ret; + GString *var; + guint n; + gboolean in_resolve; - action_lookup_ep = g_io_extension_point_lookup (POLKIT_BACKEND_ACTION_LOOKUP_EXTENSION_POINT_NAME); - g_assert (action_lookup_ep != NULL); + ret = g_string_new (NULL); + var = g_string_new (NULL); - extensions = g_io_extension_point_get_extensions (action_lookup_ep); - for (l = extensions; l != NULL; l = l->next) + in_resolve = FALSE; + for (n = 0; message[n] != '\0'; n++) { - GIOExtension *extension = l->data; - PolkitBackendActionLookup *lookup; - - lookup = g_object_new (g_io_extension_get_type (extension), NULL); - action_lookup_list = g_list_prepend (action_lookup_list, lookup); + gint c = message[n]; + if (c == '$' && message[n+1] == '(') + { + in_resolve = TRUE; + n += 1; + } + else + { + if (in_resolve) + { + if (c == ')') + { + append_property (ret, details, var->str, authority, message, action_id); + g_string_set_size (var, 0); + in_resolve = FALSE; + } + else + { + g_string_append_c (var, c); + } + } + else + { + g_string_append_c (ret, c); + } + } } - action_lookup_list = g_list_reverse (action_lookup_list); + g_string_free (var, TRUE); - out: - have_looked_up_extensions = TRUE; - return action_lookup_list; + return g_string_free (ret, FALSE); } static void @@ -1738,12 +1783,12 @@ get_localized_data_for_challenge (PolkitBackendInteractiveAuthority *authority, { PolkitBackendInteractiveAuthorityPrivate *priv; PolkitActionDescription *action_desc; - GList *action_lookup_list; - GList *l; gchar *message; gchar *icon_name; PolkitDetails *localized_details; const gchar *message_to_use; + const gchar *gettext_domain; + gchar *s; priv = POLKIT_BACKEND_INTERACTIVE_AUTHORITY_GET_PRIVATE (authority); @@ -1762,52 +1807,21 @@ get_localized_data_for_challenge (PolkitBackendInteractiveAuthority *authority, if (action_desc == NULL) goto out; - /* Set LANG and locale so gettext() + friends work when running the code in the extensions */ + /* Set LANG and locale so g_dgettext() + friends work below */ if (setlocale (LC_ALL, locale) == NULL) { g_printerr ("Invalid locale '%s'\n", locale); } g_setenv ("LANG", locale, TRUE); + gettext_domain = polkit_details_lookup (details, "polkit.gettext_domain"); message_to_use = polkit_details_lookup (details, "polkit.message"); if (message_to_use != NULL) { - const gchar *gettext_domain; - gettext_domain = polkit_details_lookup (details, "polkit.message.gettext-domain"); message = g_strdup (g_dgettext (gettext_domain, message_to_use)); + /* g_print ("locale=%s, domain=%s, msg=`%s' -> `%s'\n", locale, gettext_domain, message_to_use, message); */ } - - /* call into extension points to get localized auth dialog data - the list is sorted by priority */ - action_lookup_list = get_action_lookup_list (); - for (l = action_lookup_list; l != NULL; l = l->next) - { - PolkitBackendActionLookup *lookup = POLKIT_BACKEND_ACTION_LOOKUP (l->data); - - if (message != NULL && icon_name != NULL && localized_details != NULL) - break; - - if (message == NULL) - message = polkit_backend_action_lookup_get_message (lookup, - action_id, - details, - action_desc); - - if (icon_name == NULL) - icon_name = polkit_backend_action_lookup_get_icon_name (lookup, - action_id, - details, - action_desc); - - if (localized_details == NULL) - localized_details = polkit_backend_action_lookup_get_details (lookup, - action_id, - details, - action_desc); - } - - /* Back to C! */ - setlocale (LC_ALL, "C"); - g_setenv ("LANG", "C", TRUE); + icon_name = g_strdup (polkit_details_lookup (details, "polkit.icon_name")); /* fall back to action description */ if (message == NULL) @@ -1819,6 +1833,15 @@ get_localized_data_for_challenge (PolkitBackendInteractiveAuthority *authority, icon_name = g_strdup (polkit_action_description_get_icon_name (action_desc)); } + /* replace $(property) with values */ + s = message; + message = expand_properties (message, details, authority, action_id); + g_free (s); + + /* Back to C! */ + setlocale (LC_ALL, "C"); + g_setenv ("LANG", "C", TRUE); + out: if (message == NULL) message = g_strdup (""); @@ -1956,6 +1979,8 @@ authentication_agent_initiate_challenge (AuthenticationAgent *agent, agent->active_sessions = g_list_prepend (agent->active_sessions, session); + if (localized_details == NULL) + localized_details = polkit_details_new (); add_pid (localized_details, caller, "polkit.caller-pid"); add_pid (localized_details, subject, "polkit.subject-pid"); diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c index 23407e9..dc6b36c 100644 --- a/src/polkitbackend/polkitbackendlocalauthority.c +++ b/src/polkitbackend/polkitbackendlocalauthority.c @@ -32,7 +32,6 @@ #include "polkitbackendconfigsource.h" #include "polkitbackendlocalauthority.h" #include "polkitbackendlocalauthorizationstore.h" -#include "polkitbackendactionlookup.h" #include <polkit/polkitprivate.h> diff --git a/src/programs/Makefile.am b/src/programs/Makefile.am index 943df31..c260dee 100644 --- a/src/programs/Makefile.am +++ b/src/programs/Makefile.am @@ -34,28 +34,6 @@ pkexec_LDADD = \ $(top_builddir)/src/polkitagent/libpolkit-agent-1.la \ $(NULL) -polkitmodulesdir = $(libdir)/polkit-1/extensions -polkitmodules_LTLIBRARIES = libpkexec-action-lookup.la - -libpkexec_action_lookup_la_SOURCES = \ - pkexec-action-lookup.c \ - $(NULL) - -libpkexec_action_lookup_la_CFLAGS = \ - -DPOLKIT_BACKEND_I_KNOW_API_IS_SUBJECT_TO_CHANGE \ - -DG_LOG_DOMAIN=\"pkexec-action-lookup\" \ - $(GLIB_CFLAGS) \ - $(NULL) - -libpkexec_action_lookup_la_LDFLAGS = \ - -export_dynamic -avoid-version -module -no-undefined \ - -export-symbols-regex '^g_io_module_(load|unload)' \ - $(NULL) - -libpkexec_action_lookup_la_LIBADD = \ - $(top_builddir)/src/polkitbackend/libpolkit-backend-1.la \ - $(NULL) - # ---------------------------------------------------------------------------------------------------- pkcheck_SOURCES = pkcheck.c diff --git a/src/programs/pkexec-action-lookup.c b/src/programs/pkexec-action-lookup.c deleted file mode 100644 index 75ef8a9..0000000 --- a/src/programs/pkexec-action-lookup.c +++ /dev/null @@ -1,202 +0,0 @@ -/* - * Copyright (C) 2009 Red Hat, Inc. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 2 of the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General - * Public License along with this library; if not, write to the - * Free Software Foundation, Inc., 59 Temple Place, Suite 330, - * Boston, MA 02111-1307, USA. - * - * Author: David Zeuthen <davidz@redhat.com> - */ - -#include "config.h" - -#include <polkitbackend/polkitbackend.h> - -#include <glib/gi18n-lib.h> - -#define POLKIT_EXEC_TYPE_ACTION_LOOKUP (polkit_exec_action_lookup_get_type()) -#define POLKIT_EXEC_ACTION_LOOKUP(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_EXEC_TYPE_ACTION_LOOKUP, PolkitExecActionLookup)) -#define POLKIT_EXEC_ACTION_LOOKUP_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_EXEC_TYPE_ACTION_LOOKUP, PolkitExecActionLookupClass)) -#define POLKIT_EXEC_ACTION_LOOKUP_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_EXEC_TYPE_ACTION_LOOKUP, PolkitExecActionLookupClass)) -#define POLKIT_EXEC_IS_ACTION_LOOKUP(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_EXEC_TYPE_ACTION_LOOKUP)) -#define POLKIT_EXEC_IS_ACTION_LOOKUP_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_EXEC_TYPE_ACTION_LOOKUP)) - -typedef struct _PolkitExecActionLookup PolkitExecActionLookup; -typedef struct _PolkitExecActionLookupClass PolkitExecActionLookupClass; - -struct _PolkitExecActionLookup -{ - GObject parent; -}; - -struct _PolkitExecActionLookupClass -{ - GObjectClass parent_class; -}; - -GType polkit_exec_action_lookup_get_type (void) G_GNUC_CONST; - -static void polkit_backend_action_lookup_iface_init (PolkitBackendActionLookupIface *iface); - -#define _G_IMPLEMENT_INTERFACE_DYNAMIC(TYPE_IFACE, iface_init) \ -{ \ - const GInterfaceInfo g_implement_interface_info = { \ - (GInterfaceInitFunc) iface_init, NULL, NULL \ - }; \ - g_type_module_add_interface (type_module, g_define_type_id, TYPE_IFACE, &g_implement_interface_info); \ -} - -G_DEFINE_DYNAMIC_TYPE_EXTENDED (PolkitExecActionLookup, - polkit_exec_action_lookup, - G_TYPE_OBJECT, - 0, - _G_IMPLEMENT_INTERFACE_DYNAMIC (POLKIT_BACKEND_TYPE_ACTION_LOOKUP, - polkit_backend_action_lookup_iface_init)) - -static void -polkit_exec_action_lookup_init (PolkitExecActionLookup *lookup) -{ -} - -static void -polkit_exec_action_lookup_class_finalize (PolkitExecActionLookupClass *klass) -{ -} - -static void -polkit_exec_action_lookup_class_init (PolkitExecActionLookupClass *klass) -{ -} - -/* ---------------------------------------------------------------------------------------------------- */ - -static gchar * -polkit_exec_action_lookup_get_message (PolkitBackendActionLookup *lookup, - const gchar *action_id, - PolkitDetails *details, - PolkitActionDescription *action_description) -{ - gchar *ret; - const gchar *s; - const gchar *s2; - - ret = NULL; - - if (g_strcmp0 (action_id, "org.freedesktop.policykit.exec") != 0) - goto out; - - s = polkit_details_lookup (details, "program"); - if (s == NULL) - goto out; - - s2 = polkit_details_lookup (details, "uid"); - if (s2 == NULL) - goto out; - - if (g_strcmp0 (s2, "0") == 0) - { - /* Translator: %s is a fully qualified path to the executable */ - ret = g_strdup_printf (_("Authentication is needed to run `%s' as the super user"), s); - } - else - { - /* Translator: %s is a fully qualified path to the executable */ - ret = g_strdup_printf (_("Authentication is needed to run `%s' as another user"), s); - } - - out: - return ret; -} - -static gchar * -polkit_exec_action_lookup_get_icon_name (PolkitBackendActionLookup *lookup, - const gchar *action_id, - PolkitDetails *details, - PolkitActionDescription *action_description) -{ - gchar *ret; - - ret = NULL; - - /* explicitly left blank for now */ - - return ret; -} - -static PolkitDetails * -polkit_exec_action_lookup_get_details (PolkitBackendActionLookup *lookup, - const gchar *action_id, - PolkitDetails *details, - PolkitActionDescription *action_desc) -{ - const gchar *s; - const gchar *s2; - PolkitDetails *ret; - - ret = NULL; - - if (!(g_strcmp0 (action_id, "org.freedesktop.policykit.exec") == 0 || - (action_desc != NULL && - polkit_action_description_get_annotation (action_desc, "org.freedesktop.policykit.exec.path") != NULL))) - goto out; - - ret = polkit_details_new (); - - s = polkit_details_lookup (details, "command-line"); - if (s != NULL) - { - polkit_details_insert (ret, _("Command"), s); - } - - s = polkit_details_lookup (details, "user"); - s2 = polkit_details_lookup (details, "uid"); - if (s != NULL) - { - if (g_strcmp0 (s2, "0") == 0) - s = _("Super User (root)"); - polkit_details_insert (ret, _("Run As"), s); - } - - out: - return ret; -} - -static void -polkit_backend_action_lookup_iface_init (PolkitBackendActionLookupIface *iface) -{ - iface->get_message = polkit_exec_action_lookup_get_message; - iface->get_icon_name = polkit_exec_action_lookup_get_icon_name; - iface->get_details = polkit_exec_action_lookup_get_details; -} - -/* ---------------------------------------------------------------------------------------------------- */ - -void -g_io_module_load (GIOModule *module) -{ - bindtextdomain (GETTEXT_PACKAGE, PACKAGE_LOCALE_DIR); - bind_textdomain_codeset (GETTEXT_PACKAGE, "UTF-8"); - - polkit_exec_action_lookup_register_type (G_TYPE_MODULE (module)); - - g_io_extension_point_implement (POLKIT_BACKEND_ACTION_LOOKUP_EXTENSION_POINT_NAME, - POLKIT_EXEC_TYPE_ACTION_LOOKUP, - "pkexec action lookup extension " PACKAGE_VERSION, - 0); -} - -void -g_io_module_unload (GIOModule *module) -{ -} diff --git a/src/programs/pkexec.c b/src/programs/pkexec.c index 5952c47..9217954 100644 --- a/src/programs/pkexec.c +++ b/src/programs/pkexec.c @@ -35,6 +35,8 @@ #include <pwd.h> #include <errno.h> +#include <glib/gi18n.h> + #ifdef POLKIT_AUTHFW_PAM #include <security/pam_appl.h> #endif /* POLKIT_AUTHFW_PAM */ @@ -640,19 +642,41 @@ main (int argc, char *argv[]) goto out; } - details = polkit_details_new (); + action_id = find_action_for_path (authority, path); + g_assert (action_id != NULL); - polkit_details_insert (details, "command-line", command_line); - s = g_strdup_printf ("%s (%s)", pw->pw_gecos, pw->pw_name); + details = polkit_details_new (); + if (pw->pw_gecos != NULL && strlen (pw->pw_gecos) > 0) + s = g_strdup_printf ("%s (%s)", pw->pw_gecos, pw->pw_name); + else + s = g_strdup_printf ("%s", pw->pw_name); polkit_details_insert (details, "user", s); g_free (s); - s = g_strdup_printf ("%d", (gint) pw->pw_uid); - polkit_details_insert (details, "uid", s); - g_free (s); polkit_details_insert (details, "program", path); - - action_id = find_action_for_path (authority, path); - g_assert (action_id != NULL); + polkit_details_insert (details, "command_line", command_line); + if (g_strcmp0 (action_id, "org.freedesktop.policykit.exec") == 0) + { + if (pw->pw_uid == 0) + { + polkit_details_insert (details, "polkit.message", + /* Translators: message shown when trying to run a program as root. Do not + * translate the $(program) fragment - it will be expanded to the path + * of the program e.g. /bin/bash. + */ + N_("Authentication is needed to run `$(program)' as the super user")); + } + else + { + polkit_details_insert (details, "polkit.message", + /* Translators: message shown when trying to run a program as another user. + * Do not translate the $(program) or $(user) fragments - the former will + * be expanded to the path of the program e.g. "/bin/bash" and the latter + * to the user e.g. "John Doe (johndoe)" or "johndoe". + */ + N_("Authentication is needed to run `$(program)' as user $(user)")); + } + } + polkit_details_insert (details, "polkit.gettext_domain", GETTEXT_PACKAGE); try_again: error = NULL; |