diff options
| author | kremlin <ian@kremlin.cc> | 2014-08-16 13:08:08 +0800 |
|---|---|---|
| committer | kremlin <ian@kremlin.cc> | 2014-08-16 13:08:08 +0800 |
| commit | 2f9f652486e216a480f11969099171858eedb64f (patch) | |
| tree | 740ab0fe0009f56ce75775e0c32224ed7a367aee | |
| parent | 483e90b704090617eba8bf030d23eca616063b21 (diff) | |
| download | systembsd-2f9f652486e216a480f11969099171858eedb64f.tar systembsd-2f9f652486e216a480f11969099171858eedb64f.tar.gz systembsd-2f9f652486e216a480f11969099171858eedb64f.tar.bz2 systembsd-2f9f652486e216a480f11969099171858eedb64f.tar.lz systembsd-2f9f652486e216a480f11969099171858eedb64f.tar.xz systembsd-2f9f652486e216a480f11969099171858eedb64f.tar.zst systembsd-2f9f652486e216a480f11969099171858eedb64f.zip | |
complete polkit-auth functionality
polkit-auth exposes one function taking an alleged unique bus name
and alleged action name (id) and returns an enum describing if and
how action is authorized.
| -rw-r--r-- | src/polkit-auth.c | 66 | ||||
| -rw-r--r-- | src/polkit-auth.h | 7 |
2 files changed, 70 insertions, 3 deletions
diff --git a/src/polkit-auth.c b/src/polkit-auth.c index 2e4178f..31320a9 100644 --- a/src/polkit-auth.c +++ b/src/polkit-auth.c @@ -24,6 +24,68 @@ #include "polkit-auth.h" -void test_func() { - g_printf("test!\n"); +static gboolean is_valid_action(GList *action_list, const gchar *action) { + + PolkitActionDescription *action_descr; + action_descr = (PolkitActionDescription *)g_list_first(action_list); + + while((action_descr = (PolkitActionDescription *)g_list_next(action_list))) + if(!g_strcmp0(action, polkit_action_description_get_action_id(action_descr))) + return TRUE; + + return FALSE; +} + +check_auth_result polkit_try_auth(const gchar *bus, const gchar *action) { + + GList *valid_actions; + PolkitAuthority *auth; + PolkitSubject *subj; + PolkitAuthorizationResult *result; + gboolean authorized, challenge; + + auth = NULL; + subj = NULL; + result = NULL; + valid_actions = NULL; + authorized = challenge = FALSE; + + auth = polkit_authority_get_sync(NULL, NULL); /* TODO timeout for this */ + subj = polkit_system_bus_name_new(bus); + valid_actions = polkit_authority_enumerate_actions_sync(auth, NULL, NULL); + + if(!auth || !valid_actions) + return ERROR_GENERIC; /* extremely unlikely */ + else if(!subj) + return ERROR_BADBUS; + else if(!is_valid_action(valid_actions, action)) + return ERROR_BADACTION; + + if(!(result = polkit_authority_check_authorization_sync(auth, subj, action, NULL, POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION, NULL, NULL))) + return ERROR_GENERIC; /* TODO pass, check gerror and return more relevant error */ + + authorized = polkit_authorization_result_get_is_authorized(result); + challenge = polkit_authorization_result_get_is_challenge(result); + + /* free()'s before return */ + if(valid_actions) + g_object_unref(valid_actions); + if(auth) + g_object_unref(auth); + if(subj) + g_object_unref(subj); + if(result) + g_object_unref(result); + + if(authorized) { + + if(challenge) + return AUTHORIZED_BY_PROMPT; + + return AUTHORIZED_NATIVELY; + + } else if(challenge) + return UNAUTHORIZED_FAILED_PROMPT; + + return UNAUTHORIZED_NATIVELY; } diff --git a/src/polkit-auth.h b/src/polkit-auth.h index 17a919b..b672e67 100644 --- a/src/polkit-auth.h +++ b/src/polkit-auth.h @@ -14,5 +14,10 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ +typedef enum { + AUTHORIZED_NATIVELY, AUTHORIZED_BY_PROMPT, + UNAUTHORIZED_NATIVELY, UNAUTHORIZED_FAILED_PROMPT, + ERROR_BADBUS, ERROR_BADACTION, ERROR_GENERIC +} check_auth_result; -void test_func(); +check_auth_result polkit_try_auth(const gchar *bus, const gchar *action); |