diff options
| -rw-r--r-- | data/org.freedesktop.PolicyKit1.Authority.xml | 42 | ||||
| -rw-r--r-- | docs/man/polkit.xml | 59 | ||||
| -rw-r--r-- | docs/polkit/polkit-docs.xml | 10 | ||||
| -rw-r--r-- | src/polkit/Makefile.am | 11 | ||||
| -rw-r--r-- | src/polkit/polkit.h | 3 | ||||
| -rw-r--r-- | src/polkit/polkitauthority.c | 186 | ||||
| -rw-r--r-- | src/polkit/polkitauthority.h | 21 | ||||
| -rw-r--r-- | src/polkit/polkitprivate.h | 3 | ||||
| -rw-r--r-- | src/polkit/polkitsubject.c | 50 | ||||
| -rw-r--r-- | src/polkit/polkittypes.h | 14 | ||||
| -rw-r--r-- | src/polkit/polkitunixgroup.c | 34 | ||||
| -rw-r--r-- | src/polkit/polkitunixgroup.h | 4 | ||||
| -rw-r--r-- | src/polkit/polkitunixuser.c | 38 | ||||
| -rw-r--r-- | src/polkit/polkitunixuser.h | 4 | ||||
| -rw-r--r-- | src/polkitbackend/polkitbackendauthority.c | 21 | ||||
| -rw-r--r-- | src/polkitbackend/polkitbackendauthority.h | 19 | ||||
| -rw-r--r-- | src/polkitbackend/polkitbackendlocalauthority.c | 86 | ||||
| -rw-r--r-- | src/polkitbackend/polkitbackendserver.c | 82 | ||||
| -rw-r--r-- | src/polkitbackend/polkitbackendsessionmonitor.c | 10 | ||||
| -rw-r--r-- | src/polkitbackend/polkitbackendsessionmonitor.h | 2 | ||||
| -rw-r--r-- | src/programs/polkit.c | 109 |
21 files changed, 325 insertions, 483 deletions
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml index f258c53..6b33bc1 100644 --- a/data/org.freedesktop.PolicyKit1.Authority.xml +++ b/data/org.freedesktop.PolicyKit1.Authority.xml @@ -17,6 +17,21 @@ </annotation> + <!-- Identity struct --> + <annotation name="org.gtk.EggDBus.DeclareStruct" value="Identity"> + + <annotation name="org.gtk.EggDBus.Struct.Member" value="s:identity_kind"> + <annotation name="org.gtk.EggDBus.DocString" value="Kind of identity"/> + </annotation> + + <annotation name="org.gtk.EggDBus.Struct.Member" value="a{sv}:identity_details"> + <annotation name="org.gtk.EggDBus.DocString" value="Details about the identity"/> + </annotation> + + <!-- TODO: document values in hash map for each identity type--> + + </annotation> + <!-- ActionDescription struct --> <annotation name="org.gtk.EggDBus.DeclareStruct" value="ActionDescription"> @@ -99,19 +114,13 @@ <method name="EnumerateUsers"> <arg name="users" direction="out" type="a(sa{sv})"> - <annotation name="org.gtk.EggDBus.StructType" value="Subject"/> + <annotation name="org.gtk.EggDBus.StructType" value="Identity"/> </arg> </method> <method name="EnumerateGroups"> <arg name="groups" direction="out" type="a(sa{sv})"> - <annotation name="org.gtk.EggDBus.StructType" value="Subject"/> - </arg> - </method> - - <method name="EnumerateSessions"> - <arg name="sessions" direction="out" type="a(sa{sv})"> - <annotation name="org.gtk.EggDBus.StructType" value="Subject"/> + <annotation name="org.gtk.EggDBus.StructType" value="Identity"/> </arg> </method> @@ -137,26 +146,37 @@ </method> <method name="AddAuthorization"> + <arg name="identity" direction="in" type="(sa{sv})"> + <annotation name="org.gtk.EggDBus.StructType" value="Identity"/> + <annotation name="org.gtk.EggDBus.DocString" value="The identity to add @authorization to"/> + </arg> <arg name="authorization" direction="in" type="(s(sa{sv})b)"> <annotation name="org.gtk.EggDBus.StructType" value="Authorization"/> + <annotation name="org.gtk.EggDBus.DocString" value="The authorization to add for @identity"/> </arg> </method> <method name="RemoveAuthorization"> + <arg name="identity" direction="in" type="(sa{sv})"> + <annotation name="org.gtk.EggDBus.StructType" value="Identity"/> + <annotation name="org.gtk.EggDBus.DocString" value="The identity to remove @authorization from"/> + </arg> <arg name="authorization" direction="in" type="(s(sa{sv})b)"> <annotation name="org.gtk.EggDBus.StructType" value="Authorization"/> + <annotation name="org.gtk.EggDBus.DocString" value="The authorization to remove from @identity"/> </arg> </method> <method name="EnumerateAuthorizations"> - <arg name="subject" direction="in" type="(sa{sv})"> - <annotation name="org.gtk.EggDBus.StructType" value="Subject"/> + <arg name="identity" direction="in" type="(sa{sv})"> + <annotation name="org.gtk.EggDBus.StructType" value="Identity"/> + <annotation name="org.gtk.EggDBus.DocString" value="The identity to enumerate authorizations for"/> </arg> <arg name="authorizations" direction="out" type="a(s(sa{sv})b)"> <annotation name="org.gtk.EggDBus.StructType" value="Authorization"/> + <annotation name="org.gtk.EggDBus.DocString" value="An array of authorizations for @identity"/> </arg> </method> - </interface> </node> diff --git a/docs/man/polkit.xml b/docs/man/polkit.xml index 680b964..38efe66 100644 --- a/docs/man/polkit.xml +++ b/docs/man/polkit.xml @@ -42,16 +42,11 @@ </arg> <arg choice="plain"> <sbr/> - sessions - <arg><option>--verbose</option></arg> - </arg> - <arg choice="plain"> - <sbr/> authorizations </arg> <arg choice="plain"> <sbr/> - explicit-authorizations <replaceable>subject</replaceable> + explicit-authorizations <replaceable>identity</replaceable> <arg><option>--verbose</option></arg> </arg> </group> @@ -65,13 +60,13 @@ <cmdsynopsis> <command>polkit-1 grant</command> - <arg choice="plain"><replaceable>subject</replaceable></arg> + <arg choice="plain"><replaceable>identity</replaceable></arg> <arg choice="plain"><replaceable>action-id</replaceable></arg> </cmdsynopsis> <cmdsynopsis> <command>polkit-1 revoke</command> - <arg choice="plain"><replaceable>subject</replaceable></arg> + <arg choice="plain"><replaceable>identity</replaceable></arg> <arg choice="plain"><replaceable>action-id</replaceable></arg> </cmdsynopsis> @@ -159,8 +154,9 @@ </para> <para> Lists all users. - The returned identifiers can be used as <replaceable>subject</replaceable> parameters. + The returned identifiers can be used as <replaceable>identity</replaceable> parameters. Prints detailed information about each user if <option>--verbose</option> is given. + See <xref linkend="polkit-1-identity"/> for details about <replaceable>identity</replaceable>. </para> </refsect2> @@ -171,20 +167,9 @@ </para> <para> Lists all groups. - The returned identifiers can be used as <replaceable>subject</replaceable> parameters. + The returned identifiers can be used as <replaceable>identity</replaceable> parameters. Prints detailed information about each group if <option>--verbose</option> is given. - </para> - </refsect2> - - <refsect2> - <para> - <command>polkit-1 list sessions</command> - <arg><option>--verbose</option></arg> - </para> - <para> - Lists all sessions. - The returned identifiers can be used as <replaceable>subject</replaceable> parameters. - Prints detailed information about each session if <option>--verbose</option> is given. + See <xref linkend="polkit-1-identity"/> for details about <replaceable>identity</replaceable>. </para> </refsect2> @@ -199,12 +184,13 @@ <refsect2> <para> - <command>polkit-1 list explicit-authorizations <replaceable>subject</replaceable></command> + <command>polkit-1 list explicit-authorizations <replaceable>identity</replaceable></command> <arg><option>--verbose</option></arg> </para> <para> - Lists all explicit authorizations for <replaceable>subject</replaceable>. + Lists all explicit authorizations for <replaceable>identity</replaceable>. Prints detailed information about each authorization if <option>--verbose</option> is given. + See <xref linkend="polkit-1-identity"/> for details about <replaceable>identity</replaceable>. </para> </refsect2> @@ -216,28 +202,31 @@ </para> <para> Checks if <replaceable>subject</replaceable> is authorized for <replaceable>action-id</replaceable>. + See <xref linkend="polkit-1-subject"/> for details about <replaceable>subject</replaceable>. </para> </refsect2> <refsect2> <para> <command>polkit-1 grant</command> - <arg choice="plain"><replaceable>subject</replaceable></arg> + <arg choice="plain"><replaceable>identity</replaceable></arg> <arg choice="plain"><replaceable>action-id</replaceable></arg> </para> <para> - Grants an authorization to <replaceable>subject</replaceable> for <replaceable>action-id</replaceable>. + Grants an authorization to <replaceable>identity</replaceable> for <replaceable>action-id</replaceable>. + See <xref linkend="polkit-1-identity"/> for details about <replaceable>identity</replaceable>. </para> </refsect2> <refsect2> <para> <command>polkit-1 revoke</command> - <arg choice="plain"><replaceable>subject</replaceable></arg> + <arg choice="plain"><replaceable>identity</replaceable></arg> <arg choice="plain"><replaceable>action-id</replaceable></arg> </para> <para> - Revokes an authorization from <replaceable>subject</replaceable> for <replaceable>action-id</replaceable>. + Revokes an authorization from <replaceable>identity</replaceable> for <replaceable>action-id</replaceable>. + See <xref linkend="polkit-1-identity"/> for details about <replaceable>identity</replaceable>. </para> </refsect2> @@ -319,6 +308,20 @@ </refsect1> + <refsect1 id="polkit-1-subject"> + <title>SUBJECTS</title> + <para> + TODO: Write me. + </para> + </refsect1> + + <refsect1 id="polkit-1-identity"> + <title>IDENTITIES</title> + <para> + TODO: Write me. + </para> + </refsect1> + <refsect1><title>AUTHOR</title> <para> Written by David Zeuthen <email>davidz@redhat.com</email> with diff --git a/docs/polkit/polkit-docs.xml b/docs/polkit/polkit-docs.xml index df9a03d..6a779f1 100644 --- a/docs/polkit/polkit-docs.xml +++ b/docs/polkit/polkit-docs.xml @@ -69,14 +69,18 @@ <xi:include href="xml/polkitactiondescription.xml"/> <xi:include href="xml/polkiterror.xml"/> <chapter id="subjects"> - <title>Subjects and Identities</title> + <title>Subjects</title> <xi:include href="xml/polkitsubject.xml"/> - <xi:include href="xml/polkitunixuser.xml"/> - <xi:include href="xml/polkitunixgroup.xml"/> <xi:include href="xml/polkitunixprocess.xml"/> <xi:include href="xml/polkitunixsession.xml"/> <xi:include href="xml/polkitsystembusname.xml"/> </chapter> + <chapter id="Identities"> + <title>Identities</title> + <xi:include href="xml/polkitidentity.xml"/> + <xi:include href="xml/polkitunixuser.xml"/> + <xi:include href="xml/polkitunixgroup.xml"/> + </chapter> <chapter id="extending"> <title>Extending PolicyKit</title> <xi:include href="../polkitbackend/xml/polkitbackendauthority.xml"/> diff --git a/src/polkit/Makefile.am b/src/polkit/Makefile.am index 4b490e3..89752db 100644 --- a/src/polkit/Makefile.am +++ b/src/polkit/Makefile.am @@ -26,6 +26,7 @@ BUILT_SOURCES = \ _polkitbindingstypes.h \ _polkiterror.c _polkiterror.h \ _polkitsubject.c _polkitsubject.h \ + _polkitidentity.c _polkitidentity.h \ $(NULL) $(BUILT_SOURCES) : Makefile.am $(top_srcdir)/data/org.freedesktop.PolicyKit1.Authority.xml @@ -45,11 +46,12 @@ libpolkit_gobject_1include_HEADERS = \ polkitauthority.h \ polkiterror.h \ polkitsubject.h \ - polkitunixuser.h \ - polkitunixgroup.h \ polkitunixprocess.h \ polkitunixsession.h \ polkitsystembusname.h \ + polkitidentity.h \ + polkitunixuser.h \ + polkitunixgroup.h \ polkitauthorizationresult.h \ polkitcheckauthorizationflags.h \ polkitauthorization.h \ @@ -62,11 +64,12 @@ libpolkit_gobject_1_la_SOURCES = \ polkitauthority.c polkitauthority.h \ polkiterror.c polkiterror.h \ polkitsubject.c polkitsubject.h \ - polkitunixuser.c polkitunixuser.h \ - polkitunixgroup.c polkitunixgroup.h \ polkitunixprocess.c polkitunixprocess.h \ polkitunixsession.c polkitunixsession.h \ polkitsystembusname.c polkitsystembusname.h \ + polkitidentity.c polkitidentity.h \ + polkitunixuser.c polkitunixuser.h \ + polkitunixgroup.c polkitunixgroup.h \ polkitauthorizationresult.c polkitauthorizationresult.h \ polkitcheckauthorizationflags.c polkitcheckauthorizationflags.h \ polkitauthorization.c polkitauthorization.h \ diff --git a/src/polkit/polkit.h b/src/polkit/polkit.h index 7f025eb..19d130d 100644 --- a/src/polkit/polkit.h +++ b/src/polkit/polkit.h @@ -26,9 +26,10 @@ #include <polkit/polkitactiondescription.h> #include <polkit/polkiterror.h> -#include <polkit/polkitsubject.h> +#include <polkit/polkitidentity.h> #include <polkit/polkitunixuser.h> #include <polkit/polkitunixgroup.h> +#include <polkit/polkitsubject.h> #include <polkit/polkitunixprocess.h> #include <polkit/polkitunixsession.h> #include <polkit/polkitsystembusname.h> diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c index 31450b4..6a17036 100644 --- a/src/polkit/polkitauthority.c +++ b/src/polkit/polkitauthority.c @@ -289,11 +289,11 @@ polkit_authority_enumerate_users_finish (PolkitAuthority *authority, for (n = 0; n < array_seq->size; n++) { - _PolkitSubject *real_subject; + _PolkitIdentity *real_identity; - real_subject = array_seq->data.v_ptr[n]; + real_identity = array_seq->data.v_ptr[n]; - result = g_list_prepend (result, polkit_subject_new_for_real (real_subject)); + result = g_list_prepend (result, polkit_identity_new_for_real (real_identity)); } result = g_list_reverse (result); @@ -385,11 +385,11 @@ polkit_authority_enumerate_groups_finish (PolkitAuthority *authority, for (n = 0; n < array_seq->size; n++) { - _PolkitSubject *real_subject; + _PolkitIdentity *real_identity; - real_subject = array_seq->data.v_ptr[n]; + real_identity = array_seq->data.v_ptr[n]; - result = g_list_prepend (result, polkit_subject_new_for_real (real_subject)); + result = g_list_prepend (result, polkit_identity_new_for_real (real_identity)); } result = g_list_reverse (result); @@ -424,102 +424,6 @@ polkit_authority_enumerate_groups_sync (PolkitAuthority *authority, /* ---------------------------------------------------------------------------------------------------- */ static guint -polkit_authority_enumerate_sessions_async (PolkitAuthority *authority, - GCancellable *cancellable, - GAsyncReadyCallback callback, - gpointer user_data) -{ - guint call_id; - GSimpleAsyncResult *simple; - - simple = g_simple_async_result_new (G_OBJECT (authority), - callback, - user_data, - polkit_authority_enumerate_sessions_async); - - call_id = _polkit_authority_enumerate_sessions (authority->real, - EGG_DBUS_CALL_FLAGS_NONE, - cancellable, - generic_async_cb, - simple); - - return call_id; -} - -void -polkit_authority_enumerate_sessions (PolkitAuthority *authority, - GCancellable *cancellable, - GAsyncReadyCallback callback, - gpointer user_data) -{ - polkit_authority_enumerate_sessions_async (authority, cancellable, callback, user_data); -} - -GList * -polkit_authority_enumerate_sessions_finish (PolkitAuthority *authority, - GAsyncResult *res, - GError **error) -{ - EggDBusArraySeq *array_seq; - GList *result; - guint n; - GSimpleAsyncResult *simple; - GAsyncResult *real_res; - - simple = G_SIMPLE_ASYNC_RESULT (res); - real_res = G_ASYNC_RESULT (g_simple_async_result_get_op_res_gpointer (simple)); - - g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_enumerate_sessions_async); - - result = NULL; - - if (!_polkit_authority_enumerate_sessions_finish (authority->real, - &array_seq, - real_res, - error)) - goto out; - - for (n = 0; n < array_seq->size; n++) - { - _PolkitSubject *real_subject; - - real_subject = array_seq->data.v_ptr[n]; - - result = g_list_prepend (result, polkit_subject_new_for_real (real_subject)); - } - - result = g_list_reverse (result); - - g_object_unref (array_seq); - - out: - g_object_unref (real_res); - return result; -} - -GList * -polkit_authority_enumerate_sessions_sync (PolkitAuthority *authority, - GCancellable *cancellable, - GError **error) -{ - guint call_id; - GAsyncResult *res; - GList *result; - - call_id = polkit_authority_enumerate_sessions_async (authority, cancellable, generic_cb, &res); - - egg_dbus_connection_pending_call_block (authority->system_bus, call_id); - - result = polkit_authority_enumerate_sessions_finish (authority, res, error); - - g_object_unref (res); - - return result; -} - -/* ---------------------------------------------------------------------------------------------------- */ - -static guint polkit_authority_check_authorization_async (PolkitAuthority *authority, PolkitSubject *subject, const gchar *action_id, @@ -631,42 +535,46 @@ polkit_authority_check_authorization_sync (PolkitAuthority *author static guint polkit_authority_enumerate_authorizations_async (PolkitAuthority *authority, - PolkitSubject *subject, + PolkitIdentity *identity, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { guint call_id; GSimpleAsyncResult *simple; - _PolkitSubject *real_subject; + _PolkitIdentity *real_identity; simple = g_simple_async_result_new (G_OBJECT (authority), callback, user_data, polkit_authority_enumerate_authorizations_async); - real_subject = polkit_subject_get_real (subject); + real_identity = polkit_identity_get_real (identity); call_id = _polkit_authority_enumerate_authorizations (authority->real, EGG_DBUS_CALL_FLAGS_NONE, - real_subject, + real_identity, cancellable, generic_async_cb, simple); - g_object_unref (real_subject); + g_object_unref (real_identity); return call_id; } void polkit_authority_enumerate_authorizations (PolkitAuthority *authority, - PolkitSubject *subject, + PolkitIdentity *identity, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { - polkit_authority_enumerate_authorizations_async (authority, subject, cancellable, callback, user_data); + polkit_authority_enumerate_authorizations_async (authority, + identity, + cancellable, + callback, + user_data); } GList * @@ -714,7 +622,7 @@ polkit_authority_enumerate_authorizations_finish (PolkitAuthority *authority, GList * polkit_authority_enumerate_authorizations_sync (PolkitAuthority *authority, - PolkitSubject *subject, + PolkitIdentity *identity, GCancellable *cancellable, GError **error) { @@ -722,7 +630,11 @@ polkit_authority_enumerate_authorizations_sync (PolkitAuthority *authority, GAsyncResult *res; GList *result; - call_id = polkit_authority_enumerate_authorizations_async (authority, subject, cancellable, generic_cb, &res); + call_id = polkit_authority_enumerate_authorizations_async (authority, + identity, + cancellable, + generic_cb, + &res); egg_dbus_connection_pending_call_block (authority->system_bus, call_id); @@ -737,6 +649,7 @@ polkit_authority_enumerate_authorizations_sync (PolkitAuthority *authority, static guint polkit_authority_add_authorization_async (PolkitAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, GCancellable *cancellable, GAsyncReadyCallback callback, @@ -745,34 +658,44 @@ polkit_authority_add_authorization_async (PolkitAuthority *authority, guint call_id; GSimpleAsyncResult *simple; _PolkitAuthorization *real_authorization; + _PolkitIdentity *real_identity; simple = g_simple_async_result_new (G_OBJECT (authority), callback, user_data, polkit_authority_add_authorization_async); + real_identity = polkit_identity_get_real (identity); real_authorization = polkit_authorization_get_real (authorization); call_id = _polkit_authority_add_authorization (authority->real, EGG_DBUS_CALL_FLAGS_NONE, + real_identity, real_authorization, cancellable, generic_async_cb, simple); g_object_unref (real_authorization); + g_object_unref (real_identity); return call_id; } void polkit_authority_add_authorization (PolkitAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { - polkit_authority_add_authorization_async (authority, authorization, cancellable, callback, user_data); + polkit_authority_add_authorization_async (authority, + identity, + authorization, + cancellable, + callback, + user_data); } gboolean @@ -804,6 +727,7 @@ polkit_authority_add_authorization_finish (PolkitAuthority *authority, gboolean polkit_authority_add_authorization_sync (PolkitAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, GCancellable *cancellable, GError **error) @@ -812,7 +736,12 @@ polkit_authority_add_authorization_sync (PolkitAuthority *authority, GAsyncResult *res; gboolean ret; - call_id = polkit_authority_add_authorization_async (authority, authorization, cancellable, generic_cb, &res); + call_id = polkit_authority_add_authorization_async (authority, + identity, + authorization, + cancellable, + generic_cb, + &res); egg_dbus_connection_pending_call_block (authority->system_bus, call_id); @@ -827,6 +756,7 @@ polkit_authority_add_authorization_sync (PolkitAuthority *authority, static guint polkit_authority_remove_authorization_async (PolkitAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, GCancellable *cancellable, GAsyncReadyCallback callback, @@ -835,34 +765,44 @@ polkit_authority_remove_authorization_async (PolkitAuthority *authority, guint call_id; GSimpleAsyncResult *simple; _PolkitAuthorization *real_authorization; + _PolkitIdentity *real_identity; simple = g_simple_async_result_new (G_OBJECT (authority), callback, user_data, polkit_authority_remove_authorization_async); + real_identity = polkit_identity_get_real (identity); real_authorization = polkit_authorization_get_real (authorization); call_id = _polkit_authority_remove_authorization (authority->real, - EGG_DBUS_CALL_FLAGS_NONE, - real_authorization, - cancellable, - generic_async_cb, - simple); + EGG_DBUS_CALL_FLAGS_NONE, + real_identity, + real_authorization, + cancellable, + generic_async_cb, + simple); g_object_unref (real_authorization); + g_object_unref (real_identity); return call_id; } void polkit_authority_remove_authorization (PolkitAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { - polkit_authority_remove_authorization_async (authority, authorization, cancellable, callback, user_data); + polkit_authority_remove_authorization_async (authority, + identity, + authorization, + cancellable, + callback, + user_data); } gboolean @@ -894,6 +834,7 @@ polkit_authority_remove_authorization_finish (PolkitAuthority *authority, gboolean polkit_authority_remove_authorization_sync (PolkitAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, GCancellable *cancellable, GError **error) @@ -902,7 +843,12 @@ polkit_authority_remove_authorization_sync (PolkitAuthority *authority, GAsyncResult *res; gboolean ret; - call_id = polkit_authority_remove_authorization_async (authority, authorization, cancellable, generic_cb, &res); + call_id = polkit_authority_remove_authorization_async (authority, + identity, + authorization, + cancellable, + generic_cb, + &res); egg_dbus_connection_pending_call_block (authority->system_bus, call_id); diff --git a/src/polkit/polkitauthority.h b/src/polkit/polkitauthority.h index e5937a2..bd41107 100644 --- a/src/polkit/polkitauthority.h +++ b/src/polkit/polkitauthority.h @@ -59,10 +59,6 @@ GList *polkit_authority_enumerate_groups_sync (PolkitAuthori GCancellable *cancellable, GError **error); -GList *polkit_authority_enumerate_sessions_sync (PolkitAuthority *authority, - GCancellable *cancellable, - GError **error); - PolkitAuthorizationResult polkit_authority_check_authorization_sync (PolkitAuthority *authority, PolkitSubject *subject, const gchar *action_id, @@ -71,16 +67,18 @@ PolkitAuthorizationResult polkit_authority_check_authorization_sync (PolkitAuth GError **error); GList *polkit_authority_enumerate_authorizations_sync (PolkitAuthority *authority, - PolkitSubject *subject, + PolkitIdentity *identity, GCancellable *cancellable, GError **error); gboolean polkit_authority_add_authorization_sync (PolkitAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, GCancellable *cancellable, GError **error); gboolean polkit_authority_remove_authorization_sync (PolkitAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, GCancellable *cancellable, GError **error); @@ -115,15 +113,6 @@ GList * polkit_authority_enumerate_groups_finish (PolkitAutho GAsyncResult *res, GError **error); -void polkit_authority_enumerate_sessions (PolkitAuthority *authority, - GCancellable *cancellable, - GAsyncReadyCallback callback, - gpointer user_data); - -GList * polkit_authority_enumerate_sessions_finish (PolkitAuthority *authority, - GAsyncResult *res, - GError **error); - void polkit_authority_check_authorization (PolkitAuthority *authority, PolkitSubject *subject, const gchar *action_id, @@ -137,7 +126,7 @@ PolkitAuthorizationResult polkit_authority_check_authorization_finish (PolkitAu GError **error); void polkit_authority_enumerate_authorizations (PolkitAuthority *authority, - PolkitSubject *subject, + PolkitIdentity *identity, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data); @@ -147,6 +136,7 @@ GList * polkit_authority_enumerate_authorizations_finish (Pol GError **error); void polkit_authority_add_authorization (PolkitAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, GCancellable *cancellable, GAsyncReadyCallback callback, @@ -157,6 +147,7 @@ gboolean polkit_authority_add_authorization_finish (PolkitAuth GError **error); void polkit_authority_remove_authorization (PolkitAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, GCancellable *cancellable, GAsyncReadyCallback callback, diff --git a/src/polkit/polkitprivate.h b/src/polkit/polkitprivate.h index 9eec3a2..2ec46b5 100644 --- a/src/polkit/polkitprivate.h +++ b/src/polkit/polkitprivate.h @@ -39,6 +39,9 @@ _PolkitActionDescription *polkit_action_description_get_real (PolkitActionDe PolkitSubject *polkit_subject_new_for_real (_PolkitSubject *real); _PolkitSubject *polkit_subject_get_real (PolkitSubject *subject); +PolkitIdentity *polkit_identity_new_for_real (_PolkitIdentity *real); +_PolkitIdentity *polkit_identity_get_real (PolkitIdentity *identity); + PolkitAuthorization *polkit_authorization_new_for_real (_PolkitAuthorization *real); _PolkitAuthorization *polkit_authorization_get_real (PolkitAuthorization *authorization); diff --git a/src/polkit/polkitsubject.c b/src/polkit/polkitsubject.c index e34bddc..5df1a65 100644 --- a/src/polkit/polkitsubject.c +++ b/src/polkit/polkitsubject.c @@ -26,8 +26,6 @@ #include <string.h> #include "polkitsubject.h" -#include "polkitunixuser.h" -#include "polkitunixgroup.h" #include "polkitunixprocess.h" #include "polkitunixsession.h" #include "polkitsystembusname.h" @@ -98,29 +96,7 @@ polkit_subject_from_string (const gchar *str, subject = NULL; - if (g_str_has_prefix (str, "unix-user:")) - { - val = g_ascii_strtoull (str + sizeof "unix-user:" - 1, - &endptr, - 10); - if (*endptr == '\0') - subject = polkit_unix_user_new ((uid_t) val); - else - subject = polkit_unix_user_new_for_name (str + sizeof "unix-user:" - 1, - error); - } - else if (g_str_has_prefix (str, "unix-group:")) - { - val = g_ascii_strtoull (str + sizeof "unix-group:" - 1, - &endptr, - 10); - if (*endptr == '\0') - subject = polkit_unix_group_new ((gid_t) val); - else - subject = polkit_unix_group_new_for_name (str + sizeof "unix-group:" - 1, - error); - } - else if (g_str_has_prefix (str, "unix-process:")) + if (g_str_has_prefix (str, "unix-process:")) { val = g_ascii_strtoull (str + sizeof "unix-process:" - 1, &endptr, @@ -176,15 +152,9 @@ polkit_subject_new_for_real (_PolkitSubject *real) kind = _polkit_subject_get_subject_kind (real); details = _polkit_subject_get_subject_details (real); - if (strcmp (kind, "unix-user") == 0) - { - variant = egg_dbus_hash_map_lookup (details, "uid"); - s = polkit_unix_user_new (egg_dbus_variant_get_uint (variant)); - } - else if (strcmp (kind, "unix-group") == 0) + if (strcmp (kind, "") == 0) { - variant = egg_dbus_hash_map_lookup (details, "gid"); - s = polkit_unix_group_new (egg_dbus_variant_get_uint (variant)); + /* explicitly left blank (for subjects that are NULL) */ } else if (strcmp (kind, "unix-process") == 0) { @@ -222,19 +192,9 @@ polkit_subject_get_real (PolkitSubject *subject) kind = NULL; details = egg_dbus_hash_map_new (G_TYPE_STRING, NULL, EGG_DBUS_TYPE_VARIANT, (GDestroyNotify) g_object_unref); - if (POLKIT_IS_UNIX_USER (subject)) + if (subject == NULL) { - kind = "unix-user"; - egg_dbus_hash_map_insert (details, - "uid", - egg_dbus_variant_new_for_uint (polkit_unix_user_get_uid (POLKIT_UNIX_USER (subject)))); - } - else if (POLKIT_IS_UNIX_GROUP (subject)) - { - kind = "unix-group"; - egg_dbus_hash_map_insert (details, - "gid", - egg_dbus_variant_new_for_uint (polkit_unix_group_get_gid (POLKIT_UNIX_GROUP (subject)))); + kind = ""; } else if (POLKIT_IS_UNIX_PROCESS (subject)) { diff --git a/src/polkit/polkittypes.h b/src/polkit/polkittypes.h index bc089c4..4d6aa28 100644 --- a/src/polkit/polkittypes.h +++ b/src/polkit/polkittypes.h @@ -32,12 +32,6 @@ typedef struct _PolkitActionDescription PolkitActionDescription; typedef struct _PolkitSubject PolkitSubject; /* Dummy typedef */ -struct _PolkitUnixUser; -typedef struct _PolkitUnixUser PolkitUnixUser; - -struct _PolkitUnixGroup; -typedef struct _PolkitUnixGroup PolkitUnixGroup; - struct _PolkitUnixProcess; typedef struct _PolkitUnixProcess PolkitUnixProcess; @@ -47,6 +41,14 @@ typedef struct _PolkitUnixSession PolkitUnixSession; struct _PolkitSystemBusName; typedef struct _PolkitSystemBusName PolkitSystemBusName; +typedef struct _PolkitIdentity PolkitIdentity; /* Dummy typedef */ + +struct _PolkitUnixUser; +typedef struct _PolkitUnixUser PolkitUnixUser; + +struct _PolkitUnixGroup; +typedef struct _PolkitUnixGroup PolkitUnixGroup; + struct _PolkitAuthorization; typedef struct _PolkitAuthorization PolkitAuthorization; diff --git a/src/polkit/polkitunixgroup.c b/src/polkit/polkitunixgroup.c index b5aed68..67f6387 100644 --- a/src/polkit/polkitunixgroup.c +++ b/src/polkit/polkitunixgroup.c @@ -26,7 +26,7 @@ #include <string.h> #include <grp.h> #include "polkitunixgroup.h" -#include "polkitsubject.h" +#include "polkitidentity.h" #include "polkiterror.h" #include "polkitprivate.h" @@ -56,10 +56,10 @@ enum PROP_GID, }; -static void subject_iface_init (PolkitSubjectIface *subject_iface); +static void identity_iface_init (PolkitIdentityIface *identity_iface); G_DEFINE_TYPE_WITH_CODE (PolkitUnixGroup, polkit_unix_group, G_TYPE_OBJECT, - G_IMPLEMENT_INTERFACE (POLKIT_TYPE_SUBJECT, subject_iface_init) + G_IMPLEMENT_INTERFACE (POLKIT_TYPE_IDENTITY, identity_iface_init) ); static void @@ -149,22 +149,22 @@ polkit_unix_group_set_gid (PolkitUnixGroup *group, group->gid = gid; } -PolkitSubject * +PolkitIdentity * polkit_unix_group_new (gid_t gid) { - return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_UNIX_GROUP, + return POLKIT_IDENTITY (g_object_new (POLKIT_TYPE_UNIX_GROUP, "gid", gid, NULL)); } -PolkitSubject * +PolkitIdentity * polkit_unix_group_new_for_name (const gchar *name, GError **error) { struct group *group; - PolkitSubject *subject; + PolkitIdentity *identity; - subject = NULL; + identity = NULL; group = getgrnam (name); if (group == NULL) @@ -177,15 +177,15 @@ polkit_unix_group_new_for_name (const gchar *name, goto out; } - subject = polkit_unix_group_new (group->gr_gid); + identity = polkit_unix_group_new (group->gr_gid); out: - return subject; + return identity; } static gboolean -polkit_unix_group_equal (PolkitSubject *a, - PolkitSubject *b) +polkit_unix_group_equal (PolkitIdentity *a, + PolkitIdentity *b) { PolkitUnixGroup *group_a; PolkitUnixGroup *group_b; @@ -197,9 +197,9 @@ polkit_unix_group_equal (PolkitSubject *a, } static gchar * -polkit_unix_group_to_string (PolkitSubject *subject) +polkit_unix_group_to_string (PolkitIdentity *identity) { - PolkitUnixGroup *group = POLKIT_UNIX_GROUP (subject); + PolkitUnixGroup *group = POLKIT_UNIX_GROUP (identity); struct group *gr; gr = getgrgid (group->gid); @@ -211,8 +211,8 @@ polkit_unix_group_to_string (PolkitSubject *subject) } static void -subject_iface_init (PolkitSubjectIface *subject_iface) +identity_iface_init (PolkitIdentityIface *identity_iface) { - subject_iface->equal = polkit_unix_group_equal; - subject_iface->to_string = polkit_unix_group_to_string; + identity_iface->equal = polkit_unix_group_equal; + identity_iface->to_string = polkit_unix_group_to_string; } diff --git a/src/polkit/polkitunixgroup.h b/src/polkit/polkitunixgroup.h index 548e963..714b1b1 100644 --- a/src/polkit/polkitunixgroup.h +++ b/src/polkit/polkitunixgroup.h @@ -43,8 +43,8 @@ typedef struct _PolkitUnixGroup PolkitUnixGroup; typedef struct _PolkitUnixGroupClass PolkitUnixGroupClass; GType polkit_unix_group_get_type (void) G_GNUC_CONST; -PolkitSubject *polkit_unix_group_new (gid_t gid); -PolkitSubject *polkit_unix_group_new_for_name (const gchar *name, +PolkitIdentity *polkit_unix_group_new (gid_t gid); +PolkitIdentity *polkit_unix_group_new_for_name (const gchar *name, GError **error); gid_t polkit_unix_group_get_gid (PolkitUnixGroup *group); void polkit_unix_group_set_gid (PolkitUnixGroup *group, diff --git a/src/polkit/polkitunixuser.c b/src/polkit/polkitunixuser.c index ca637ba..830fc79 100644 --- a/src/polkit/polkitunixuser.c +++ b/src/polkit/polkitunixuser.c @@ -26,7 +26,7 @@ #include <string.h> #include <pwd.h> #include "polkitunixuser.h" -#include "polkitsubject.h" +#include "polkitidentity.h" #include "polkiterror.h" #include "polkitprivate.h" @@ -56,10 +56,10 @@ enum PROP_UID, }; -static void subject_iface_init (PolkitSubjectIface *subject_iface); +static void identity_iface_init (PolkitIdentityIface *identity_iface); G_DEFINE_TYPE_WITH_CODE (PolkitUnixUser, polkit_unix_user, G_TYPE_OBJECT, - G_IMPLEMENT_INTERFACE (POLKIT_TYPE_SUBJECT, subject_iface_init) + G_IMPLEMENT_INTERFACE (POLKIT_TYPE_IDENTITY, identity_iface_init) ); static void @@ -149,22 +149,22 @@ polkit_unix_user_set_uid (PolkitUnixUser *user, user->uid = uid; } -PolkitSubject * +PolkitIdentity * polkit_unix_user_new (uid_t uid) { - return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_UNIX_USER, - "uid", uid, - NULL)); + return POLKIT_IDENTITY (g_object_new (POLKIT_TYPE_UNIX_USER, + "uid", uid, + NULL)); } -PolkitSubject * +PolkitIdentity * polkit_unix_user_new_for_name (const gchar *name, GError **error) { struct passwd *passwd; - PolkitSubject *subject; + PolkitIdentity *identity; - subject = NULL; + identity = NULL; passwd = getpwnam (name); if (passwd == NULL) @@ -177,15 +177,15 @@ polkit_unix_user_new_for_name (const gchar *name, goto out; } - subject = polkit_unix_user_new (passwd->pw_uid); + identity = polkit_unix_user_new (passwd->pw_uid); out: - return subject; + return identity; } static gboolean -polkit_unix_user_equal (PolkitSubject *a, - PolkitSubject *b) +polkit_unix_user_equal (PolkitIdentity *a, + PolkitIdentity *b) { PolkitUnixUser *user_a; PolkitUnixUser *user_b; @@ -197,9 +197,9 @@ polkit_unix_user_equal (PolkitSubject *a, } static gchar * -polkit_unix_user_to_string (PolkitSubject *subject) +polkit_unix_user_to_string (PolkitIdentity *identity) { - PolkitUnixUser *user = POLKIT_UNIX_USER (subject); + PolkitUnixUser *user = POLKIT_UNIX_USER (identity); struct passwd *passwd; passwd = getpwuid (user->uid); @@ -211,8 +211,8 @@ polkit_unix_user_to_string (PolkitSubject *subject) } static void -subject_iface_init (PolkitSubjectIface *subject_iface) +identity_iface_init (PolkitIdentityIface *identity_iface) { - subject_iface->equal = polkit_unix_user_equal; - subject_iface->to_string = polkit_unix_user_to_string; + identity_iface->equal = polkit_unix_user_equal; + identity_iface->to_string = polkit_unix_user_to_string; } diff --git a/src/polkit/polkitunixuser.h b/src/polkit/polkitunixuser.h index 1140789..012856c 100644 --- a/src/polkit/polkitunixuser.h +++ b/src/polkit/polkitunixuser.h @@ -43,8 +43,8 @@ typedef struct _PolkitUnixUser PolkitUnixUser; typedef struct _PolkitUnixUserClass PolkitUnixUserClass; GType polkit_unix_user_get_type (void) G_GNUC_CONST; -PolkitSubject *polkit_unix_user_new (uid_t uid); -PolkitSubject *polkit_unix_user_new_for_name (const gchar *name, +PolkitIdentity *polkit_unix_user_new (uid_t uid); +PolkitIdentity *polkit_unix_user_new_for_name (const gchar *name, GError **error); uid_t polkit_unix_user_get_uid (PolkitUnixUser *user); void polkit_unix_user_set_uid (PolkitUnixUser *user, diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c index 3de7e8a..b18ac0f 100644 --- a/src/polkitbackend/polkitbackendauthority.c +++ b/src/polkitbackend/polkitbackendauthority.c @@ -73,17 +73,6 @@ polkit_backend_authority_enumerate_groups (PolkitBackendAuthority *authority, } void -polkit_backend_authority_enumerate_sessions (PolkitBackendAuthority *authority, - PolkitBackendPendingCall *pending_call) -{ - PolkitBackendAuthorityClass *klass; - - klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority); - - klass->enumerate_sessions (authority, pending_call); -} - -void polkit_backend_authority_check_authorization (PolkitBackendAuthority *authority, PolkitSubject *subject, const gchar *action_id, @@ -99,18 +88,19 @@ polkit_backend_authority_check_authorization (PolkitBackendAuthority *aut void polkit_backend_authority_enumerate_authorizations (PolkitBackendAuthority *authority, - PolkitSubject *subject, + PolkitIdentity *identity, PolkitBackendPendingCall *pending_call) { PolkitBackendAuthorityClass *klass; klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority); - klass->enumerate_authorizations (authority, subject, pending_call); + klass->enumerate_authorizations (authority, identity, pending_call); } void polkit_backend_authority_add_authorization (PolkitBackendAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, PolkitBackendPendingCall *pending_call) { @@ -118,11 +108,12 @@ polkit_backend_authority_add_authorization (PolkitBackendAuthority *authorit klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority); - klass->add_authorization (authority, authorization, pending_call); + klass->add_authorization (authority, identity, authorization, pending_call); } void polkit_backend_authority_remove_authorization (PolkitBackendAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, PolkitBackendPendingCall *pending_call) { @@ -130,5 +121,5 @@ polkit_backend_authority_remove_authorization (PolkitBackendAuthority *autho klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority); - klass->remove_authorization (authority, authorization, pending_call); + klass->remove_authorization (authority, identity, authorization, pending_call); } diff --git a/src/polkitbackend/polkitbackendauthority.h b/src/polkitbackend/polkitbackendauthority.h index 1220ada..09ef3f5 100644 --- a/src/polkitbackend/polkitbackendauthority.h +++ b/src/polkitbackend/polkitbackendauthority.h @@ -61,9 +61,6 @@ struct _PolkitBackendAuthorityClass void (*enumerate_groups) (PolkitBackendAuthority *authority, PolkitBackendPendingCall *pending_call); - void (*enumerate_sessions) (PolkitBackendAuthority *authority, - PolkitBackendPendingCall *pending_call); - void (*check_authorization) (PolkitBackendAuthority *authority, PolkitSubject *subject, const gchar *action_id, @@ -71,14 +68,16 @@ struct _PolkitBackendAuthorityClass PolkitBackendPendingCall *pending_call); void (*enumerate_authorizations) (PolkitBackendAuthority *authority, - PolkitSubject *subject, + PolkitIdentity *identity, PolkitBackendPendingCall *pending_call); void (*add_authorization) (PolkitBackendAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, PolkitBackendPendingCall *pending_call); void (*remove_authorization) (PolkitBackendAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, PolkitBackendPendingCall *pending_call); @@ -108,9 +107,6 @@ void polkit_backend_authority_enumerate_users (PolkitBackendAuthor void polkit_backend_authority_enumerate_groups (PolkitBackendAuthority *authority, PolkitBackendPendingCall *pending_call); -void polkit_backend_authority_enumerate_sessions (PolkitBackendAuthority *authority, - PolkitBackendPendingCall *pending_call); - void polkit_backend_authority_check_authorization (PolkitBackendAuthority *authority, PolkitSubject *subject, const gchar *action_id, @@ -118,14 +114,16 @@ void polkit_backend_authority_check_authorization (PolkitBackendAuthor PolkitBackendPendingCall *pending_call); void polkit_backend_authority_enumerate_authorizations (PolkitBackendAuthority *authority, - PolkitSubject *subject, + PolkitIdentity *identity, PolkitBackendPendingCall *pending_call); void polkit_backend_authority_add_authorization (PolkitBackendAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, PolkitBackendPendingCall *pending_call); void polkit_backend_authority_remove_authorization (PolkitBackendAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, PolkitBackendPendingCall *pending_call); @@ -140,14 +138,11 @@ void polkit_backend_authority_enumerate_users_finish (PolkitBackend void polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendingCall *pending_call, GList *groups); -void polkit_backend_authority_enumerate_sessions_finish (PolkitBackendPendingCall *pending_call, - GList *sessions); - void polkit_backend_authority_check_authorization_finish (PolkitBackendPendingCall *pending_call, PolkitAuthorizationResult result); void polkit_backend_authority_enumerate_authorizations_finish (PolkitBackendPendingCall *pending_call, - GList *sessions); + GList *authorizations); void polkit_backend_authority_add_authorization_finish (PolkitBackendPendingCall *pending_call); diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c index 5d76f16..b9f3e98 100644 --- a/src/polkitbackend/polkitbackendlocalauthority.c +++ b/src/polkitbackend/polkitbackendlocalauthority.c @@ -48,9 +48,6 @@ static void polkit_backend_local_authority_enumerate_users (PolkitBackendAuth static void polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *authority, PolkitBackendPendingCall *pending_call); -static void polkit_backend_local_authority_enumerate_sessions (PolkitBackendAuthority *authority, - PolkitBackendPendingCall *pending_call); - static void polkit_backend_local_authority_check_authorization (PolkitBackendAuthority *authority, PolkitSubject *subject, const gchar *action_id, @@ -64,14 +61,16 @@ static PolkitAuthorizationResult check_authorization_sync (PolkitBackendAuthorit GError **error); static void polkit_backend_local_authority_enumerate_authorizations (PolkitBackendAuthority *authority, - PolkitSubject *subject, + PolkitIdentity *identity, PolkitBackendPendingCall *pending_call); static void polkit_backend_local_authority_add_authorization (PolkitBackendAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, PolkitBackendPendingCall *pending_call); static void polkit_backend_local_authority_remove_authorization (PolkitBackendAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, PolkitBackendPendingCall *pending_call); @@ -126,7 +125,6 @@ polkit_backend_local_authority_class_init (PolkitBackendLocalAuthorityClass *kla authority_class->enumerate_actions = polkit_backend_local_authority_enumerate_actions; authority_class->enumerate_users = polkit_backend_local_authority_enumerate_users; authority_class->enumerate_groups = polkit_backend_local_authority_enumerate_groups; - authority_class->enumerate_sessions = polkit_backend_local_authority_enumerate_sessions; authority_class->check_authorization = polkit_backend_local_authority_check_authorization; authority_class->enumerate_authorizations = polkit_backend_local_authority_enumerate_authorizations; authority_class->add_authorization = polkit_backend_local_authority_add_authorization; @@ -191,11 +189,11 @@ polkit_backend_local_authority_enumerate_users (PolkitBackendAuthority *author do { - PolkitSubject *subject; + PolkitIdentity *identity; - subject = polkit_unix_user_new (passwd->pw_uid); + identity = polkit_unix_user_new (passwd->pw_uid); - list = g_list_prepend (list, subject); + list = g_list_prepend (list, identity); } while ((passwd = getpwent ()) != NULL); endpwent (); @@ -237,11 +235,11 @@ polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *autho do { - PolkitSubject *subject; + PolkitIdentity *identity; - subject = polkit_unix_group_new (group->gr_gid); + identity = polkit_unix_group_new (group->gr_gid); - list = g_list_prepend (list, subject); + list = g_list_prepend (list, identity); } while ((group = getgrent ()) != NULL); endgrent (); @@ -257,24 +255,6 @@ polkit_backend_local_authority_enumerate_groups (PolkitBackendAuthority *autho /* ---------------------------------------------------------------------------------------------------- */ static void -polkit_backend_local_authority_enumerate_sessions (PolkitBackendAuthority *authority, - PolkitBackendPendingCall *pending_call) -{ - PolkitBackendLocalAuthority *local_authority; - PolkitBackendLocalAuthorityPrivate *priv; - GList *list; - - local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority); - priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority); - - list = polkit_backend_session_monitor_get_sessions (priv->session_monitor); - - polkit_backend_authority_enumerate_sessions_finish (pending_call, list); -} - -/* ---------------------------------------------------------------------------------------------------- */ - -static void polkit_backend_local_authority_check_authorization (PolkitBackendAuthority *authority, PolkitSubject *subject, const gchar *action_id, @@ -286,8 +266,8 @@ polkit_backend_local_authority_check_authorization (PolkitBackendAuthority PolkitSubject *inquirer; gchar *inquirer_str; gchar *subject_str; - PolkitSubject *user_of_inquirer; - PolkitSubject *user_of_subject; + PolkitIdentity *user_of_inquirer; + PolkitIdentity *user_of_subject; gchar *user_of_inquirer_str; gchar *user_of_subject_str; PolkitAuthorizationResult result; @@ -325,7 +305,7 @@ polkit_backend_local_authority_check_authorization (PolkitBackendAuthority goto out; } - user_of_inquirer_str = polkit_subject_to_string (user_of_inquirer); + user_of_inquirer_str = polkit_identity_to_string (user_of_inquirer); g_debug (" user of inquirer is %s", user_of_inquirer_str); user_of_subject = polkit_backend_session_monitor_get_user_for_subject (priv->session_monitor, @@ -338,19 +318,23 @@ polkit_backend_local_authority_check_authorization (PolkitBackendAuthority goto out; } - user_of_subject_str = polkit_subject_to_string (user_of_subject); + user_of_subject_str = polkit_identity_to_string (user_of_subject); g_debug (" user of subject is %s", user_of_subject_str); /* if the user of the inquirer and the user of the subject isn't the same, then * the org.freedesktop.policykit.read authorization is required for the inquirer */ - if (!polkit_subject_equal (user_of_inquirer, user_of_subject)) + if (!polkit_identity_equal (user_of_inquirer, user_of_subject)) { + /* TODO */ + result = POLKIT_AUTHORIZATION_RESULT_NOT_AUTHORIZED; +#if 0 result = check_authorization_sync (authority, user_of_inquirer, "org.freedesktop.policykit.read", POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE, /* no user interaction */ &error); +#endif if (error != NULL) { @@ -407,7 +391,7 @@ check_authorization_sync (PolkitBackendAuthority *authority, PolkitBackendLocalAuthority *local_authority; PolkitBackendLocalAuthorityPrivate *priv; PolkitAuthorizationResult result; - PolkitSubject *user_of_subject; + PolkitIdentity *user_of_subject; gchar *subject_str; local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority); @@ -460,32 +444,33 @@ check_authorization_sync (PolkitBackendAuthority *authority, static void polkit_backend_local_authority_enumerate_authorizations (PolkitBackendAuthority *authority, - PolkitSubject *subject, + PolkitIdentity *identity, PolkitBackendPendingCall *pending_call) { PolkitBackendLocalAuthority *local_authority; PolkitBackendLocalAuthorityPrivate *priv; - gchar *subject_str; + gchar *identity_str; local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority); priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority); - subject_str = polkit_subject_to_string (subject); + identity_str = polkit_identity_to_string (identity); - g_debug ("enumerating authorizations for %s", subject_str); + g_debug ("enumerating authorizations for %s", identity_str); polkit_backend_pending_call_return_error (pending_call, POLKIT_ERROR, POLKIT_ERROR_NOT_SUPPORTED, - "Not implemented (subject=%s)", subject_str); + "Not implemented (identity=%s)", identity_str); - g_free (subject_str); + g_free (identity_str); } /* ---------------------------------------------------------------------------------------------------- */ static void polkit_backend_local_authority_add_authorization (PolkitBackendAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, PolkitBackendPendingCall *pending_call) { @@ -499,14 +484,19 @@ polkit_backend_local_authority_add_authorization (PolkitBackendAuthority *auth local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority); priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority); + subject_str = NULL; + subject = polkit_authorization_get_subject (authorization); action_id = polkit_authorization_get_action_id (authorization); is_negative = polkit_authorization_get_is_negative (authorization); - subject_str = polkit_subject_to_string (subject); + if (subject != NULL) + subject_str = polkit_subject_to_string (subject); g_debug ("add authorization with subject=%s, action_id=%s, is_negative=%d", - subject_str, action_id, is_negative); + subject_str != NULL ? subject_str : "<none>", + action_id, + is_negative); polkit_backend_pending_call_return_error (pending_call, POLKIT_ERROR, @@ -521,6 +511,7 @@ polkit_backend_local_authority_add_authorization (PolkitBackendAuthority *auth static void polkit_backend_local_authority_remove_authorization (PolkitBackendAuthority *authority, + PolkitIdentity *identity, PolkitAuthorization *authorization, PolkitBackendPendingCall *pending_call) { @@ -534,14 +525,19 @@ polkit_backend_local_authority_remove_authorization (PolkitBackendAuthority *a local_authority = POLKIT_BACKEND_LOCAL_AUTHORITY (authority); priv = POLKIT_BACKEND_LOCAL_AUTHORITY_GET_PRIVATE (local_authority); + subject_str = NULL; + subject = polkit_authorization_get_subject (authorization); action_id = polkit_authorization_get_action_id (authorization); is_negative = polkit_authorization_get_is_negative (authorization); - subject_str = polkit_subject_to_string (subject); + if (subject != NULL) + subject_str = polkit_subject_to_string (subject); g_debug ("remove authorization with subject=%s, action_id=%s, is_negative=%d", - subject_str, action_id, is_negative); + subject_str != NULL ? subject_str : "<none>", + action_id, + is_negative); polkit_backend_pending_call_return_error (pending_call, POLKIT_ERROR, diff --git a/src/polkitbackend/polkitbackendserver.c b/src/polkitbackend/polkitbackendserver.c index 3a8637c..1b31371 100644 --- a/src/polkitbackend/polkitbackendserver.c +++ b/src/polkitbackend/polkitbackendserver.c @@ -150,14 +150,14 @@ polkit_backend_authority_enumerate_users_finish (PolkitBackendPendingCall *pendi EggDBusArraySeq *array; GList *l; - array = egg_dbus_array_seq_new (_POLKIT_TYPE_SUBJECT, (GDestroyNotify) g_object_unref, NULL, NULL); + array = egg_dbus_array_seq_new (_POLKIT_TYPE_IDENTITY, (GDestroyNotify) g_object_unref, NULL, NULL); for (l = users; l != NULL; l = l->next) { - PolkitSubject *subject = POLKIT_SUBJECT (l->data); - _PolkitSubject *real; + PolkitIdentity *identity = POLKIT_IDENTITY (l->data); + _PolkitIdentity *real; - real = polkit_subject_get_real (subject); + real = polkit_identity_get_real (identity); egg_dbus_array_seq_add (array, real); } @@ -193,14 +193,14 @@ polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendingCall *pend EggDBusArraySeq *array; GList *l; - array = egg_dbus_array_seq_new (_POLKIT_TYPE_SUBJECT, (GDestroyNotify) g_object_unref, NULL, NULL); + array = egg_dbus_array_seq_new (_POLKIT_TYPE_IDENTITY, (GDestroyNotify) g_object_unref, NULL, NULL); for (l = groups; l != NULL; l = l->next) { - PolkitSubject *subject = POLKIT_SUBJECT (l->data); - _PolkitSubject *real; + PolkitIdentity *identity = POLKIT_IDENTITY (l->data); + _PolkitIdentity *real; - real = polkit_subject_get_real (subject); + real = polkit_identity_get_real (identity); egg_dbus_array_seq_add (array, real); } @@ -218,49 +218,6 @@ polkit_backend_authority_enumerate_groups_finish (PolkitBackendPendingCall *pend /* ---------------------------------------------------------------------------------------------------- */ static void -authority_handle_enumerate_sessions (_PolkitAuthority *instance, - EggDBusMethodInvocation *method_invocation) -{ - PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance); - PolkitBackendPendingCall *pending_call; - - pending_call = _polkit_backend_pending_call_new (method_invocation, server); - - polkit_backend_authority_enumerate_sessions (server->authority, pending_call); -} - -void -polkit_backend_authority_enumerate_sessions_finish (PolkitBackendPendingCall *pending_call, - GList *sessions) -{ - EggDBusArraySeq *array; - GList *l; - - array = egg_dbus_array_seq_new (_POLKIT_TYPE_SUBJECT, (GDestroyNotify) g_object_unref, NULL, NULL); - - for (l = sessions; l != NULL; l = l->next) - { - PolkitSubject *subject = POLKIT_SUBJECT (l->data); - _PolkitSubject *real; - - real = polkit_subject_get_real (subject); - egg_dbus_array_seq_add (array, real); - } - - _polkit_authority_handle_enumerate_sessions_finish (_polkit_backend_pending_call_get_method_invocation (pending_call), - array); - - g_object_unref (array); - - g_list_foreach (sessions, (GFunc) g_object_unref, NULL); - g_list_free (sessions); - - g_object_unref (pending_call); -} - -/* ---------------------------------------------------------------------------------------------------- */ - -static void authority_handle_check_authorization (_PolkitAuthority *instance, _PolkitSubject *real_subject, const gchar *action_id, @@ -298,21 +255,21 @@ polkit_backend_authority_check_authorization_finish (PolkitBackendPendingCall * static void authority_handle_enumerate_authorizations (_PolkitAuthority *instance, - _PolkitSubject *real_subject, + _PolkitIdentity *real_identity, EggDBusMethodInvocation *method_invocation) { PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance); PolkitBackendPendingCall *pending_call; - PolkitSubject *subject; + PolkitIdentity *identity; pending_call = _polkit_backend_pending_call_new (method_invocation, server); - subject = polkit_subject_new_for_real (real_subject); + identity = polkit_identity_new_for_real (real_identity); - g_object_set_data_full (G_OBJECT (pending_call), "subject", subject, (GDestroyNotify) g_object_unref); + g_object_set_data_full (G_OBJECT (pending_call), "identity", identity, (GDestroyNotify) g_object_unref); polkit_backend_authority_enumerate_authorizations (server->authority, - subject, + identity, pending_call); } @@ -349,20 +306,26 @@ polkit_backend_authority_enumerate_authorizations_finish (PolkitBackendPendingCa static void authority_handle_add_authorization (_PolkitAuthority *instance, + _PolkitIdentity *real_identity, _PolkitAuthorization *real_authorization, EggDBusMethodInvocation *method_invocation) { PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance); PolkitBackendPendingCall *pending_call; + PolkitIdentity *identity; PolkitAuthorization *authorization; pending_call = _polkit_backend_pending_call_new (method_invocation, server); + identity = polkit_identity_new_for_real (real_identity); + authorization = polkit_authorization_new_for_real (real_authorization); + g_object_set_data_full (G_OBJECT (pending_call), "identity", identity, (GDestroyNotify) g_object_unref); g_object_set_data_full (G_OBJECT (pending_call), "authorization", authorization, (GDestroyNotify) g_object_unref); polkit_backend_authority_add_authorization (server->authority, + identity, authorization, pending_call); } @@ -378,20 +341,26 @@ polkit_backend_authority_add_authorization_finish (PolkitBackendPendingCall *pe static void authority_handle_remove_authorization (_PolkitAuthority *instance, + _PolkitIdentity *real_identity, _PolkitAuthorization *real_authorization, EggDBusMethodInvocation *method_invocation) { PolkitBackendServer *server = POLKIT_BACKEND_SERVER (instance); PolkitBackendPendingCall *pending_call; + PolkitIdentity *identity; PolkitAuthorization *authorization; pending_call = _polkit_backend_pending_call_new (method_invocation, server); + identity = polkit_identity_new_for_real (real_identity); + authorization = polkit_authorization_new_for_real (real_authorization); + g_object_set_data_full (G_OBJECT (pending_call), "identity", identity, (GDestroyNotify) g_object_unref); g_object_set_data_full (G_OBJECT (pending_call), "authorization", authorization, (GDestroyNotify) g_object_unref); polkit_backend_authority_remove_authorization (server->authority, + identity, authorization, pending_call); } @@ -411,7 +380,6 @@ authority_iface_init (_PolkitAuthorityIface *authority_iface) authority_iface->handle_enumerate_actions = authority_handle_enumerate_actions; authority_iface->handle_enumerate_users = authority_handle_enumerate_users; authority_iface->handle_enumerate_groups = authority_handle_enumerate_groups; - authority_iface->handle_enumerate_sessions = authority_handle_enumerate_sessions; authority_iface->handle_check_authorization = authority_handle_check_authorization; authority_iface->handle_enumerate_authorizations = authority_handle_enumerate_authorizations; authority_iface->handle_add_authorization = authority_handle_add_authorization; diff --git a/src/polkitbackend/polkitbackendsessionmonitor.c b/src/polkitbackend/polkitbackendsessionmonitor.c index de69ba1..ee225ca 100644 --- a/src/polkitbackend/polkitbackendsessionmonitor.c +++ b/src/polkitbackend/polkitbackendsessionmonitor.c @@ -361,21 +361,17 @@ polkit_backend_session_monitor_get_sessions (PolkitBackendSessionMonitor *monito * * Returns: %NULL if @error is set otherwise a #PolkitUnixUser that should be freed with g_object_unref(). */ -PolkitSubject * +PolkitIdentity * polkit_backend_session_monitor_get_user_for_subject (PolkitBackendSessionMonitor *monitor, PolkitSubject *subject, GError **error) { - PolkitSubject *user; + PolkitIdentity *user; uid_t uid; user = NULL; - if (POLKIT_IS_UNIX_USER (subject)) - { - user = g_object_ref (subject); - } - else if (POLKIT_IS_UNIX_PROCESS (subject)) + if (POLKIT_IS_UNIX_PROCESS (subject)) { pid_t pid; diff --git a/src/polkitbackend/polkitbackendsessionmonitor.h b/src/polkitbackend/polkitbackendsessionmonitor.h index 46ca247..8569266 100644 --- a/src/polkitbackend/polkitbackendsessionmonitor.h +++ b/src/polkitbackend/polkitbackendsessionmonitor.h @@ -47,7 +47,7 @@ GType polkit_backend_session_monitor_get_type (void) PolkitBackendSessionMonitor *polkit_backend_session_monitor_new (void); GList *polkit_backend_session_monitor_get_sessions (PolkitBackendSessionMonitor *monitor); -PolkitSubject *polkit_backend_session_monitor_get_user_for_subject (PolkitBackendSessionMonitor *monitor, +PolkitIdentity *polkit_backend_session_monitor_get_user_for_subject (PolkitBackendSessionMonitor *monitor, PolkitSubject *subject, GError **error); diff --git a/src/programs/polkit.c b/src/programs/polkit.c index c276970..83c3313 100644 --- a/src/programs/polkit.c +++ b/src/programs/polkit.c @@ -31,7 +31,6 @@ static PolkitAuthority *authority; static gboolean opt_list_actions = FALSE; static gboolean opt_list_users = FALSE; static gboolean opt_list_groups = FALSE; -static gboolean opt_list_sessions = FALSE; static gboolean opt_list_authorizations = FALSE; static gboolean opt_list_explicit_authorizations = FALSE; static gboolean opt_check = FALSE; @@ -44,6 +43,7 @@ static gboolean opt_show_version = FALSE; static gboolean opt_verbose = FALSE; static PolkitSubject *subject = NULL; +static PolkitIdentity *identity = NULL; static gchar *action_id = NULL; @@ -52,7 +52,6 @@ static gchar *action_id = NULL; static gboolean list_actions (void); static gboolean list_users (void); static gboolean list_groups (void); -static gboolean list_sessions (void); static gboolean list_authorizations (void); static gboolean list_explicit_authorizations (void); @@ -113,10 +112,6 @@ main (int argc, char *argv[]) { opt_list_groups = TRUE; } - else if (strcmp (argv[n], "sessions") == 0) - { - opt_list_sessions = TRUE; - } else if (strcmp (argv[n], "authorizations") == 0) { opt_list_authorizations = TRUE; @@ -132,10 +127,10 @@ main (int argc, char *argv[]) goto out; } - subject = polkit_subject_from_string (argv[n], &error); - if (subject == NULL) + identity = polkit_identity_from_string (argv[n], &error); + if (identity == NULL) { - g_printerr ("Error parsing subject: %s\n", error->message); + g_printerr ("Error parsing identity: %s\n", error->message); g_error_free (error); goto out; } @@ -193,10 +188,10 @@ main (int argc, char *argv[]) goto out; } - subject = polkit_subject_from_string (argv[n], &error); - if (subject == NULL) + identity = polkit_identity_from_string (argv[n], &error); + if (identity == NULL) { - g_printerr ("Error parsing subject: %s\n", error->message); + g_printerr ("Error parsing identity: %s\n", error->message); g_error_free (error); goto out; } @@ -221,10 +216,10 @@ main (int argc, char *argv[]) goto out; } - subject = polkit_subject_from_string (argv[n], &error); - if (subject == NULL) + identity = polkit_identity_from_string (argv[n], &error); + if (identity == NULL) { - g_printerr ("Error parsing subject: %s\n", error->message); + g_printerr ("Error parsing identity: %s\n", error->message); g_error_free (error); goto out; } @@ -284,10 +279,6 @@ main (int argc, char *argv[]) { ret = list_groups (); } - else if (opt_list_sessions) - { - ret = list_sessions (); - } else if (opt_list_authorizations) { ret = list_authorizations (); @@ -308,7 +299,7 @@ main (int argc, char *argv[]) } else if (opt_grant) { - if (subject == NULL || action_id == NULL) + if (identity == NULL || action_id == NULL) { usage (argc, argv); goto out; @@ -318,7 +309,7 @@ main (int argc, char *argv[]) } else if (opt_revoke) { - if (subject == NULL || action_id == NULL) + if (identity == NULL || action_id == NULL) { usage (argc, argv); goto out; @@ -339,6 +330,9 @@ main (int argc, char *argv[]) if (subject != NULL) g_object_unref (subject); + if (identity != NULL) + g_object_unref (identity); + g_free (action_id); return ret ? 0 : 1; @@ -493,16 +487,16 @@ list_actions (void) /* ---------------------------------------------------------------------------------------------------- */ static void -print_subjects (GList *subjects) +print_identities (GList *identities) { GList *l; - for (l = subjects; l != NULL; l = l->next) + for (l = identities; l != NULL; l = l->next) { - PolkitSubject *subject = POLKIT_SUBJECT (l->data); + PolkitIdentity *identity = POLKIT_IDENTITY (l->data); gchar *s; - s = polkit_subject_to_string (subject); + s = polkit_identity_to_string (identity); g_print ("%s\n", s); g_free (s); } @@ -515,12 +509,12 @@ list_users (void) { gboolean ret; GError *error; - GList *subjects; + GList *identities; ret = FALSE; error = NULL; - subjects = polkit_authority_enumerate_users_sync (authority, + identities = polkit_authority_enumerate_users_sync (authority, NULL, &error); if (error != NULL) @@ -530,10 +524,10 @@ list_users (void) goto out; } - print_subjects (subjects); + print_identities (identities); - g_list_foreach (subjects, (GFunc) g_object_unref, NULL); - g_list_free (subjects); + g_list_foreach (identities, (GFunc) g_object_unref, NULL); + g_list_free (identities); ret = TRUE; @@ -548,12 +542,12 @@ list_groups (void) { gboolean ret; GError *error; - GList *subjects; + GList *identities; ret = FALSE; error = NULL; - subjects = polkit_authority_enumerate_groups_sync (authority, + identities = polkit_authority_enumerate_groups_sync (authority, NULL, &error); if (error != NULL) @@ -563,43 +557,10 @@ list_groups (void) goto out; } - print_subjects (subjects); - - g_list_foreach (subjects, (GFunc) g_object_unref, NULL); - g_list_free (subjects); - - ret = TRUE; - - out: - return ret; -} - -/* ---------------------------------------------------------------------------------------------------- */ - -static gboolean -list_sessions (void) -{ - gboolean ret; - GError *error; - GList *subjects; - - ret = FALSE; - - error = NULL; - subjects = polkit_authority_enumerate_sessions_sync (authority, - NULL, - &error); - if (error != NULL) - { - g_printerr ("Error enumerating sessions: %s\n", error->message); - g_error_free (error); - goto out; - } - - print_subjects (subjects); + print_identities (identities); - g_list_foreach (subjects, (GFunc) g_object_unref, NULL); - g_list_free (subjects); + g_list_foreach (identities, (GFunc) g_object_unref, NULL); + g_list_free (identities); ret = TRUE; @@ -801,9 +762,9 @@ list_explicit_authorizations (void) error = NULL; authorizations = polkit_authority_enumerate_authorizations_sync (authority, - subject, - NULL, - &error); + identity, + NULL, + &error); if (error != NULL) { g_printerr ("Error enumerating authorizations: %s\n", error->message); @@ -845,10 +806,11 @@ do_grant (void) ret = FALSE; authorization = polkit_authorization_new (action_id, - subject, + NULL, /* TODO: handle subject */ FALSE); /* TODO: handle negative */ if (!polkit_authority_add_authorization_sync (authority, + identity, authorization, NULL, &error)) @@ -880,10 +842,11 @@ do_revoke (void) ret = FALSE; authorization = polkit_authorization_new (action_id, - subject, + NULL, /* TODO: handle subject */ FALSE); /* TODO: handle negative */ if (!polkit_authority_remove_authorization_sync (authority, + identity, authorization, NULL, &error)) |