diff options
| author | David Zeuthen <davidz@redhat.com> | 2012-05-24 14:51:46 -0400 |
|---|---|---|
| committer | David Zeuthen <davidz@redhat.com> | 2012-05-24 14:51:46 -0400 |
| commit | 0e85f07781f8eab9670e06cee32b38657e3b62ce (patch) | |
| tree | 49d2f57f45e52265ab2d678803fa2ade40cde31e /src | |
| parent | 2ec9e681e0ee17bcc60a0724b201b2e19b573abb (diff) | |
| download | polkit-0e85f07781f8eab9670e06cee32b38657e3b62ce.tar.gz | |
Combine action and details parameters
This also removes the ability to change detail parameters which is
actually a good thing. If we later need a way to change the
authentication message, we can always add something like
polkit.addAuthenticationMessageRule() so the user can register a
function returning a string.
Signed-off-by: David Zeuthen <davidz@redhat.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/polkitbackend/50-default.rules | 2 | ||||
| -rw-r--r-- | src/polkitbackend/init.js | 26 | ||||
| -rw-r--r-- | src/polkitbackend/polkitbackendjsauthority.c | 106 |
3 files changed, 39 insertions, 95 deletions
diff --git a/src/polkitbackend/50-default.rules b/src/polkitbackend/50-default.rules index 9d3c33d..f427ae1 100644 --- a/src/polkitbackend/50-default.rules +++ b/src/polkitbackend/50-default.rules @@ -7,6 +7,6 @@ // See the polkit(8) man page for more information // about configuring polkit. -polkit.addAdminRule(function(action, subject, details) { +polkit.addAdminRule(function(action, subject) { return ["unix-group:wheel"]; }); diff --git a/src/polkitbackend/init.js b/src/polkitbackend/init.js index 29f13fc..16862d4 100644 --- a/src/polkitbackend/init.js +++ b/src/polkitbackend/init.js @@ -1,14 +1,17 @@ /* -*- mode: js; js-indent-level: 4; indent-tabs-mode: nil -*- */ -function Details() { +function Action() { + this.lookup = function(name) { + return this["_detail_" + name]; + }, + this.toString = function() { - var ret = "[Details"; + var ret = "[Action id='" + this.id + "'"; for (var i in this) { - if (typeof this[i] != "function") { - if (typeof this[i] == "string") - ret += " " + i + "='" + this[i] + "'"; - else - ret += " " + i + "=" + this[i]; + if (i.indexOf("_detail_") == 0) { + var key = i.substr(8); + var value = this[i]; + ret += " " + key + "='" + value + "'"; } } ret += "]"; @@ -17,7 +20,6 @@ function Details() { }; function Subject() { - this.isInGroup = function(group) { for (var n = 0; n < this.groups.length; n++) { if (this.groups[n] == group) @@ -47,11 +49,11 @@ function Subject() { polkit._adminRuleFuncs = []; polkit.addAdminRule = function(callback) {this._adminRuleFuncs.push(callback);}; -polkit._runAdminRules = function(action, subject, details) { +polkit._runAdminRules = function(action, subject) { var ret = null; for (var n = 0; n < this._adminRuleFuncs.length; n++) { var func = this._adminRuleFuncs[n]; - var func_ret = func(action, subject, details); + var func_ret = func(action, subject); if (func_ret) { ret = func_ret; break @@ -62,11 +64,11 @@ polkit._runAdminRules = function(action, subject, details) { polkit._ruleFuncs = []; polkit.addRule = function(callback) {this._ruleFuncs.push(callback);}; -polkit._runRules = function(action, subject, details) { +polkit._runRules = function(action, subject) { var ret = null; for (var n = 0; n < this._ruleFuncs.length; n++) { var func = this._ruleFuncs[n]; - var func_ret = func(action, subject, details); + var func_ret = func(action, subject); if (func_ret) { ret = func_ret; break diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c index cc805e8..d71f85f 100644 --- a/src/polkitbackend/polkitbackendjsauthority.c +++ b/src/polkitbackend/polkitbackendjsauthority.c @@ -806,10 +806,11 @@ subject_to_jsval (PolkitBackendJsAuthority *authority, /* ---------------------------------------------------------------------------------------------------- */ static gboolean -details_to_jsval (PolkitBackendJsAuthority *authority, - PolkitDetails *details, - jsval *out_jsval, - GError **error) +action_and_details_to_jsval (PolkitBackendJsAuthority *authority, + const gchar *action_id, + PolkitDetails *details, + jsval *out_jsval, + GError **error) { gboolean ret = FALSE; jsval ret_jsval; @@ -818,8 +819,7 @@ details_to_jsval (PolkitBackendJsAuthority *authority, gchar **keys; guint n; - src = "new Details();"; - + src = "new Action();"; if (!JS_EvaluateScript (authority->priv->cx, authority->priv->js_global, src, strlen (src), @@ -831,18 +831,18 @@ details_to_jsval (PolkitBackendJsAuthority *authority, } obj = JSVAL_TO_OBJECT (ret_jsval); + + set_property_str (authority, obj, "id", action_id); + keys = polkit_details_get_keys (details); for (n = 0; keys != NULL && keys[n] != NULL; n++) { - const gchar *key = keys[n]; - JSString *value_jsstr; - jsval value_jsval; + gchar *key; const gchar *value; - + key = g_strdup_printf ("_detail_%s", keys[n]); value = polkit_details_lookup (details, keys[n]); - value_jsstr = JS_NewStringCopyZ (authority->priv->cx, value); - value_jsval = STRING_TO_JSVAL (value_jsstr); - JS_SetProperty (authority->priv->cx, obj, key, &value_jsval); + set_property_str (authority, obj, key, value); + g_free (key); } g_free (keys); @@ -990,31 +990,27 @@ polkit_backend_js_authority_get_admin_auth_identities (PolkitBackendInteractiveA { PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (_authority); GList *ret = NULL; - jsval argv[3] = {0}; + jsval argv[2] = {0}; jsval rval = {0}; - JSString *action_id_jstr; guint n; GError *error = NULL; JSString *ret_jsstr; gchar *ret_str = NULL; gchar **ret_strs = NULL; - action_id_jstr = JS_NewStringCopyZ (authority->priv->cx, action_id); - argv[0] = STRING_TO_JSVAL (action_id_jstr); - - if (!subject_to_jsval (authority, subject, user_for_subject, &argv[1], &error)) + if (!action_and_details_to_jsval (authority, action_id, details, &argv[0], &error)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), - "Error converting subject to JS object: %s", + "Error converting action and details to JS object: %s", error->message); g_clear_error (&error); goto out; } - if (!details_to_jsval (authority, details, &argv[2], &error)) + if (!subject_to_jsval (authority, subject, user_for_subject, &argv[1], &error)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), - "Error converting details to JS object: %s", + "Error converting subject to JS object: %s", error->message); g_clear_error (&error); goto out; @@ -1022,7 +1018,7 @@ polkit_backend_js_authority_get_admin_auth_identities (PolkitBackendInteractiveA if (!call_js_function_with_runaway_killer (authority, "_runAdminRules", - 3, + 2, argv, &rval)) { @@ -1093,34 +1089,27 @@ polkit_backend_js_authority_check_authorization_sync (PolkitBackendInteractiveAu { PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (_authority); PolkitImplicitAuthorization ret = implicit; - jsval argv[3] = {0}; + jsval argv[2] = {0}; jsval rval = {0}; - JSString *action_id_jstr; GError *error = NULL; JSString *ret_jsstr; const jschar *ret_utf16; gchar *ret_str = NULL; gboolean good = FALSE; - JSIdArray *ids; - JSObject *details_obj; - gint n; - action_id_jstr = JS_NewStringCopyZ (authority->priv->cx, action_id); - argv[0] = STRING_TO_JSVAL (action_id_jstr); - - if (!subject_to_jsval (authority, subject, user_for_subject, &argv[1], &error)) + if (!action_and_details_to_jsval (authority, action_id, details, &argv[0], &error)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), - "Error converting subject to JS object: %s", + "Error converting action and details to JS object: %s", error->message); g_clear_error (&error); goto out; } - if (!details_to_jsval (authority, details, &argv[2], &error)) + if (!subject_to_jsval (authority, subject, user_for_subject, &argv[1], &error)) { polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), - "Error converting details to JS object: %s", + "Error converting subject to JS object: %s", error->message); g_clear_error (&error); goto out; @@ -1169,53 +1158,6 @@ polkit_backend_js_authority_check_authorization_sync (PolkitBackendInteractiveAu goto out; } - - /* the JS code may have modifed @details - update PolkitDetails - * object accordingly - */ - details_obj = JSVAL_TO_OBJECT (argv[2]); - ids = JS_Enumerate (authority->priv->cx, details_obj); - if (ids == NULL) - { - polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority), - "Failed to enumerate properties of Details object"); - goto out; - } - for (n = 0; n < ids->length; n++) - { - jsval id_val; - jsval value_val; - char *id_s = NULL; - char *value_s = NULL; - - if (!JS_IdToValue (authority->priv->cx, ids->vector[n], &id_val)) - { - g_warning ("Error getting string for property id %d", n); - goto cont; - } - id_s = JS_EncodeString (authority->priv->cx, JSVAL_TO_STRING (id_val)); - - if (!JS_GetPropertyById (authority->priv->cx, details_obj, ids->vector[n], &value_val)) - { - g_warning ("Error getting value string for property value %s", id_s); - goto cont; - } - - /* skip e.g. functions */ - if (!JSVAL_IS_STRING (value_val) && !JSVAL_IS_NULL (value_val)) - goto cont; - - value_s = JS_EncodeString (authority->priv->cx, JSVAL_TO_STRING (value_val)); - - polkit_details_insert (details, id_s, value_s); - cont: - if (id_s != NULL) - JS_free (authority->priv->cx, id_s); - if (value_s != NULL) - JS_free (authority->priv->cx, value_s); - } - JS_DestroyIdArray (authority->priv->cx, ids); - good = TRUE; out: |