PolicyKit: Branch 'master'
David Zeuthen
david at kemper.freedesktop.org
Mon Aug 20 17:42:30 PDT 2007
doc/spec/polkit-spec-configuration.xml | 135 +++++++++++++--------------------
polkit/polkit-action.c | 41 +++++++++-
polkit/polkit-action.h | 2
polkit/polkit-policy-file-entry.c | 48 -----------
polkit/polkit-policy-file-entry.h | 2
polkit/polkit-policy-file.c | 118 +++++++---------------------
6 files changed, 129 insertions(+), 217 deletions(-)
New commits:
diff-tree 829838ea1df46923f9cdfe93af74c44c7e1752b2 (from 1f431e5f5bdf251edad794ec2259e8576d2892f7)
Author: David Zeuthen <davidz at redhat.com>
Date: Mon Aug 20 20:38:24 2007 -0400
rip out group concept from .policy files and rename <policy> element to <action>
diff --git a/doc/spec/polkit-spec-configuration.xml b/doc/spec/polkit-spec-configuration.xml
index b2fb7f3..a3c9046 100644
--- a/doc/spec/polkit-spec-configuration.xml
+++ b/doc/spec/polkit-spec-configuration.xml
@@ -14,72 +14,38 @@
</para>
<programlisting>
<![CDATA[
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policyconfig PUBLIC
+ "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd">
<policyconfig>
- <group id="polkit-gnome-examples">
- <description>PolicyKit examples for PolicyKit-gnome</description>
- <policy id="polkit-gnome-examples-frobnicate">
- <description>Let the example Frobnicate</description>
- <defaults>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_self</allow_active>
- </defaults>
- </policy>
-
- <policy id="polkit-gnome-examples-tweak">
- <description>Let the example Tweak</description>
- <defaults>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin</allow_active>
- </defaults>
- </policy>
-
- <policy id="polkit-gnome-examples-twiddle">
- <description>Twiddle</description>
- <defaults>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
- </defaults>
- </policy>
-
- <policy id="polkit-gnome-examples-punch">
- <description>Punch</description>
- <defaults>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_self_keep_session</allow_active>
- </defaults>
- </policy>
+ <action id="org.gnome.policykit.examples.frobnicate">
+ <description>Frobnicate</description>
+ <description xml:lang="da">Frobniker</description>
+ <description xml:lang="en_CA">Frobnicate, Aye!</description>
+ <message>System policy prevents the PolicyKit-gnome example helper from Frobnicating</message>
+ <message xml:lang="da">System indstillinger forhindrer PolicyKit-gnome eksempel hjælper i at Frobnikere!</message>
+ <message xml:lang="en_CA">System policy prevents the PolicyKit-gnome example helper from Frobnicating, Aye!</message>
+ <defaults>
+ <allow_inactive>no</allow_inactive>
+ <allow_active>auth_self</allow_active>
+ </defaults>
+ </action>
+
+ <action id="org.gnome.policykit.examples.tweak">
+ <description>Tweak</description>
+ <description xml:lang="da">Tvæk</description>
+ <description xml:lang="en_CA">Tweak, Aye!</description>
+ <message>System policy prevents the PolicyKit-gnome example helper from Tweaking</message>
+ <message xml:lang="da">System indstillinger forhindrer PolicyKit-gnome eksempel hjælper i at Tvække!</message>
+ <message xml:lang="en_CA">System policy prevents the PolicyKit-gnome example helper from Tweaking, Aye!</message>
+ <defaults>
+ <allow_inactive>no</allow_inactive>
+ <allow_active>auth_admin</allow_active>
+ </defaults>
+ </action>
- </group>
-</policyconfig>
-]]>
- </programlisting>
- <para>
- Here's a more real-world example from HAL:
- </para>
- <programlisting>
- <![CDATA[
-<policyconfig>
- <group id="hal-storage">
- <description>Storage Drives and Media</description>
-
- <policy id="hal-storage-mount-fixed">
- <description>Mount file systems from internal drives</description>
- <defaults>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
- </defaults>
- </policy>
-
- <policy id="hal-storage-unmount-others">
- <description>Unmount file systems mounted by other users</description>
- <defaults>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep_always</allow_active>
- </defaults>
- </policy>
-
- </group>
</policyconfig>
]]>
</programlisting>
@@ -89,10 +55,22 @@
<listitem>
<para>
<emphasis>Action Identifier:</emphasis> This identifies
- the action - it needs to be namespaced accordingly using
- some unique name of the mechanism. This could be
- e.g. <literal>dialup-connect-trusted</literal>
- or <literal>dialup-connect-untrusted</literal>.
+ the action and can only contain the
+ characters <literal>[a-z][0-9].-</literal>,
+ e.g. lower-case ASCII, digits, period and hyphen. In
+ addition the identifier needs to start with a lower-case
+ ASCII character. The rationale for having everything is
+ lower case is to make it easy to make a distinction
+ between PolicyKit actions and D-Bus methods / interfaces
+ as the latter is normally using CamelCase.
+ </para><para>
+ In order for the identifier to be unique, it is
+ recommended that a revser domain name is chosen, for
+ example if the company Acme Inc. has a product called
+ Frakker that exports two Actions Blit and Blop the action
+ names should be chosen
+ as <literal>com.acme.frakker.blit</literal>
+ and <literal>com.acme.frakker.blop</literal>.
</para>
</listitem>
<listitem>
@@ -107,16 +85,12 @@
</listitem>
<listitem>
<para>
- <emphasis>Grouping:</emphasis> This is purely for
- organizational purposes. The group identifier needs to be
- properly namespaced as well.
- </para>
- </listitem>
- <listitem>
- <para>
<emphasis>Textual descriptions:</emphasis> Simply included
- for convenience and organizational purposes (TODO: think
- about i18n).
+ for convenience and organizational
+ purposes. Standard <literal>xml:lang</literal> mechnanisms
+ are used to convey localized strings (note that intltool
+ 0.36 or greater includes native support for
+ handling <literal>.policy</literal> files).
</para>
</listitem>
</itemizedlist>
@@ -166,10 +140,10 @@
The main point here is that individual upstream software
projects can provide sensible defaults, e.g. it's sensible for
the example with a dial-up mechanism to configure
- the <literal>dialup-connect-trusted</literal> Action to
+ the <literal>org.freedesktop.networkmanager.dialup-trusted</literal> Action to
return <emphasis>yes</emphasis> for local active sessions and
the Action
- <literal>dialup-connect-untrusted</literal> to perhaps
+ <literal>org.freedesktop.networkmanager.dialup-untrusted</literal> to perhaps
return <emphasis>auth_admin_keep_session</emphasis>. See
<xref linkend="beyond-defaults"/> for how individual machines
and sites can customize this.
@@ -178,7 +152,10 @@
<para>
The <literal>polkit-list-actions</literal>(1) tool will list all
the Actions known to <literal>libpolkit</literal> in a
- convenient format.
+ convenient
+ format. The <literal>polkit-policy-file-validate</literal>(1)
+ tool can be used to check policy files as part of the software
+ release and installation process.
</para>
</sect1>
diff --git a/polkit/polkit-action.c b/polkit/polkit-action.c
index d9ad78a..4fe93aa 100644
--- a/polkit/polkit-action.c
+++ b/polkit/polkit-action.c
@@ -170,6 +170,41 @@ polkit_action_debug (PolKitAction *actio
}
/**
+ * polkit_action_validate_id:
+ * @action_id: the action identifier to validate
+ *
+ * Validate whether an action identifier is well formed. To be well
+ * formed, an action identifier needs to start with a lower case ASCII
+ * character and can only contain the characters "[a-z][0-9].-".
+ *
+ * Returns: #TRUE iff the action identifier is well formed
+ **/
+polkit_bool_t
+polkit_action_validate_id (const char *action_id)
+{
+ int n;
+
+ g_return_val_if_fail (action_id != NULL, FALSE);
+
+ /* validate that the form of the action identifier is correct */
+ if (!g_ascii_islower (action_id[0]))
+ goto malformed;
+
+ for (n = 1; action_id[n] != '\0'; n++) {
+ if (! (g_ascii_islower (action_id[n]) ||
+ g_ascii_isdigit (action_id[n]) ||
+ action_id[n] == '.' ||
+ action_id[n] == '-'))
+ goto malformed;
+ }
+
+ return TRUE;
+
+malformed:
+ return FALSE;
+}
+
+/**
* polkit_action_validate:
* @action: the object
*
@@ -182,5 +217,9 @@ polkit_action_validate (PolKitAction *ac
{
g_return_val_if_fail (action != NULL, FALSE);
g_return_val_if_fail (action->id != NULL, FALSE);
- return TRUE;
+
+ return polkit_action_validate_id (action->id);
}
+
+
+
diff --git a/polkit/polkit-action.h b/polkit/polkit-action.h
index af89f81..b3ed94c 100644
--- a/polkit/polkit-action.h
+++ b/polkit/polkit-action.h
@@ -44,6 +44,8 @@ polkit_bool_t polkit_action_get_action_i
void polkit_action_debug (PolKitAction *action);
polkit_bool_t polkit_action_validate (PolKitAction *action);
+polkit_bool_t polkit_action_validate_id (const char *action_id);
+
#endif /* POLKIT_ACTION_H */
diff --git a/polkit/polkit-policy-file-entry.c b/polkit/polkit-policy-file-entry.c
index ec26291..22be5db 100644
--- a/polkit/polkit-policy-file-entry.c
+++ b/polkit/polkit-policy-file-entry.c
@@ -59,16 +59,13 @@ struct PolKitPolicyFileEntry
{
int refcount;
char *action;
- char *group;
PolKitPolicyDefault *defaults;
- char *group_description;
char *policy_description;
char *policy_message;
};
extern void _polkit_policy_file_entry_set_descriptions (PolKitPolicyFileEntry *pfe,
- const char *group_description,
const char *policy_description,
const char *policy_message);
@@ -76,14 +73,12 @@ extern void _polkit_policy_file_entry_se
extern PolKitPolicyDefault *_polkit_policy_default_new (PolKitResult defaults_allow_inactive,
PolKitResult defaults_allow_active);
-extern PolKitPolicyFileEntry *_polkit_policy_file_entry_new (const char *action_group_id,
- const char *action_id,
+extern PolKitPolicyFileEntry *_polkit_policy_file_entry_new (const char *action_id,
PolKitResult defaults_allow_inactive,
PolKitResult defaults_allow_active);
extern PolKitPolicyFileEntry *
-_polkit_policy_file_entry_new (const char *action_group_id,
- const char *action_id,
+_polkit_policy_file_entry_new (const char *action_id,
PolKitResult defaults_allow_inactive,
PolKitResult defaults_allow_active)
{
@@ -92,7 +87,6 @@ _polkit_policy_file_entry_new (const c
pfe = g_new0 (PolKitPolicyFileEntry, 1);
pfe->refcount = 1;
pfe->action = g_strdup (action_id);
- pfe->group = g_strdup (action_group_id);
pfe->defaults = _polkit_policy_default_new (defaults_allow_inactive,
defaults_allow_active);
@@ -108,36 +102,15 @@ error:
void
_polkit_policy_file_entry_set_descriptions (PolKitPolicyFileEntry *policy_file_entry,
- const char *group_description,
const char *policy_description,
const char *policy_message)
{
g_return_if_fail (policy_file_entry != NULL);
- policy_file_entry->group_description = g_strdup (group_description);
policy_file_entry->policy_description = g_strdup (policy_description);
policy_file_entry->policy_message = g_strdup (policy_message);
}
/**
- * polkit_policy_file_entry_get_group_description:
- * @policy_file_entry: the object
- *
- * Get the description of the group that this policy entry describes.
- *
- * Note, if polkit_context_set_load_descriptions() on the
- * #PolKitContext object used to get this object wasn't called, this
- * method will return #NULL.
- *
- * Returns: string or #NULL if descriptions are not loaded - caller shall not free this string
- **/
-const char *
-polkit_policy_file_entry_get_group_description (PolKitPolicyFileEntry *policy_file_entry)
-{
- g_return_val_if_fail (policy_file_entry != NULL, NULL);
- return policy_file_entry->group_description;
-}
-
-/**
* polkit_policy_file_entry_get_action_description:
* @policy_file_entry: the object
*
@@ -217,7 +190,6 @@ polkit_policy_file_entry_unref (PolKitPo
if (policy_file_entry->defaults != NULL)
polkit_policy_default_unref (policy_file_entry->defaults);
- g_free (policy_file_entry->group_description);
g_free (policy_file_entry->policy_description);
g_free (policy_file_entry);
@@ -255,22 +227,6 @@ polkit_policy_file_entry_get_id (PolKitP
}
/**
- * polkit_policy_file_entry_get_group_id:
- * @policy_file_entry: the file entry
- *
- * Get the action group identifier.
- *
- * Returns: A string - caller shall not free this string.
- **/
-const char *
-polkit_policy_file_entry_get_group_id (PolKitPolicyFileEntry *policy_file_entry)
-{
- g_return_val_if_fail (policy_file_entry != NULL, NULL);
- return policy_file_entry->group;
-}
-
-
-/**
* polkit_policy_file_entry_get_default:
* @policy_file_entry: the file entry
*
diff --git a/polkit/polkit-policy-file-entry.h b/polkit/polkit-policy-file-entry.h
index 7eac213..6e3e347 100644
--- a/polkit/polkit-policy-file-entry.h
+++ b/polkit/polkit-policy-file-entry.h
@@ -41,10 +41,8 @@ void polkit_policy_fil
void polkit_policy_file_entry_debug (PolKitPolicyFileEntry *policy_file_entry);
const char *polkit_policy_file_entry_get_id (PolKitPolicyFileEntry *policy_file_entry);
-const char *polkit_policy_file_entry_get_group_id (PolKitPolicyFileEntry *policy_file_entry);
PolKitPolicyDefault *polkit_policy_file_entry_get_default (PolKitPolicyFileEntry *policy_file_entry);
-const char *polkit_policy_file_entry_get_group_description (PolKitPolicyFileEntry *policy_file_entry);
const char *polkit_policy_file_entry_get_action_description (PolKitPolicyFileEntry *policy_file_entry);
const char *polkit_policy_file_entry_get_action_message (PolKitPolicyFileEntry *policy_file_entry);
diff --git a/polkit/polkit-policy-file.c b/polkit/polkit-policy-file.c
index c31dc24..0d6a9d9 100644
--- a/polkit/polkit-policy-file.c
+++ b/polkit/polkit-policy-file.c
@@ -64,19 +64,16 @@ struct PolKitPolicyFile
GSList *entries;
};
-extern PolKitPolicyFileEntry *_polkit_policy_file_entry_new (const char *action_group_id,
- const char *action_id,
+extern PolKitPolicyFileEntry *_polkit_policy_file_entry_new (const char *action_id,
PolKitResult defaults_allow_inactive,
PolKitResult defaults_allow_active);
enum {
STATE_NONE,
STATE_IN_POLICY_CONFIG,
- STATE_IN_GROUP,
- STATE_IN_GROUP_DESCRIPTION,
- STATE_IN_POLICY,
- STATE_IN_POLICY_DESCRIPTION,
- STATE_IN_POLICY_MESSAGE,
+ STATE_IN_ACTION,
+ STATE_IN_ACTION_DESCRIPTION,
+ STATE_IN_ACTION_MESSAGE,
STATE_IN_DEFAULTS,
STATE_IN_DEFAULTS_ALLOW_INACTIVE,
STATE_IN_DEFAULTS_ALLOW_ACTIVE
@@ -86,7 +83,6 @@ typedef struct {
XML_Parser parser;
int state;
- char *group_id;
char *action_id;
PolKitResult defaults_allow_inactive;
@@ -96,11 +92,9 @@ typedef struct {
polkit_bool_t load_descriptions;
- GHashTable *group_descriptions;
GHashTable *policy_descriptions;
GHashTable *policy_messages;
- char *group_description_nolang;
char *policy_description_nolang;
char *policy_message_nolang;
@@ -131,21 +125,6 @@ pd_unref_action_data (ParserData *pd)
}
static void
-pd_unref_group_data (ParserData *pd)
-{
- pd_unref_action_data (pd);
-
- g_free (pd->group_id);
- pd->group_id = NULL;
- g_free (pd->group_description_nolang);
- pd->group_description_nolang = NULL;
- if (pd->group_descriptions != NULL) {
- g_hash_table_destroy (pd->group_descriptions);
- pd->group_descriptions = NULL;
- }
-}
-
-static void
_start (void *data, const char *el, const char **attr)
{
int state;
@@ -164,21 +143,13 @@ _start (void *data, const char *el, cons
}
break;
case STATE_IN_POLICY_CONFIG:
- if (strcmp (el, "group") == 0) {
+ if (strcmp (el, "action") == 0) {
if (num_attr != 2 || strcmp (attr[0], "id") != 0)
goto error;
- state = STATE_IN_GROUP;
+ state = STATE_IN_ACTION;
- pd_unref_group_data (pd);
- pd->group_id = g_strdup (attr[1]);
- pd->group_descriptions = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_free);
- }
- break;
- case STATE_IN_GROUP:
- if (strcmp (el, "policy") == 0) {
- if (num_attr != 2 || strcmp (attr[0], "id") != 0)
+ if (!polkit_action_validate_id (attr[1]))
goto error;
- state = STATE_IN_POLICY;
pd_unref_action_data (pd);
pd->action_id = g_strdup (attr[1]);
@@ -188,33 +159,26 @@ _start (void *data, const char *el, cons
/* initialize defaults */
pd->defaults_allow_inactive = POLKIT_RESULT_NO;
pd->defaults_allow_active = POLKIT_RESULT_NO;
- } else if (strcmp (el, "description") == 0) {
- if (num_attr == 2 && strcmp (attr[0], "xml:lang") == 0) {
- pd->elem_lang = g_strdup (attr[1]);
- }
- state = STATE_IN_GROUP_DESCRIPTION;
}
break;
- case STATE_IN_GROUP_DESCRIPTION:
- break;
- case STATE_IN_POLICY:
- if (strcmp (el, "defaults") == 0)
+ case STATE_IN_ACTION:
+ if (strcmp (el, "defaults") == 0) {
state = STATE_IN_DEFAULTS;
- else if (strcmp (el, "description") == 0) {
+ } else if (strcmp (el, "description") == 0) {
if (num_attr == 2 && strcmp (attr[0], "xml:lang") == 0) {
pd->elem_lang = g_strdup (attr[1]);
}
- state = STATE_IN_POLICY_DESCRIPTION;
+ state = STATE_IN_ACTION_DESCRIPTION;
} else if (strcmp (el, "message") == 0) {
if (num_attr == 2 && strcmp (attr[0], "xml:lang") == 0) {
pd->elem_lang = g_strdup (attr[1]);
}
- state = STATE_IN_POLICY_MESSAGE;
+ state = STATE_IN_ACTION_MESSAGE;
}
break;
- case STATE_IN_POLICY_DESCRIPTION:
+ case STATE_IN_ACTION_DESCRIPTION:
break;
- case STATE_IN_POLICY_MESSAGE:
+ case STATE_IN_ACTION_MESSAGE:
break;
case STATE_IN_DEFAULTS:
if (strcmp (el, "allow_inactive") == 0)
@@ -249,19 +213,7 @@ _cdata (void *data, const char *s, int l
str = g_strndup (s, len);
switch (pd->state) {
- case STATE_IN_GROUP_DESCRIPTION:
- if (pd->load_descriptions) {
-
- if (pd->elem_lang == NULL) {
- g_free (pd->group_description_nolang);
- pd->group_description_nolang = g_strdup (str);
- } else {
- g_hash_table_insert (pd->group_descriptions, g_strdup (pd->elem_lang), g_strdup (str));
- }
- }
- break;
-
- case STATE_IN_POLICY_DESCRIPTION:
+ case STATE_IN_ACTION_DESCRIPTION:
if (pd->load_descriptions) {
if (pd->elem_lang == NULL) {
g_free (pd->policy_description_nolang);
@@ -272,7 +224,7 @@ _cdata (void *data, const char *s, int l
}
break;
- case STATE_IN_POLICY_MESSAGE:
+ case STATE_IN_ACTION_MESSAGE:
if (pd->load_descriptions) {
if (pd->elem_lang == NULL) {
g_free (pd->policy_message_nolang);
@@ -303,7 +255,6 @@ error:
extern void _polkit_policy_file_entry_set_descriptions (PolKitPolicyFileEntry *pfe,
- const char *group_description,
const char *policy_description,
const char *policy_message);
@@ -371,54 +322,44 @@ _end (void *data, const char *el)
case STATE_IN_POLICY_CONFIG:
state = STATE_NONE;
break;
- case STATE_IN_GROUP:
- state = STATE_IN_POLICY_CONFIG;
- break;
- case STATE_IN_GROUP_DESCRIPTION:
- state = STATE_IN_GROUP;
- break;
- case STATE_IN_POLICY:
+ case STATE_IN_ACTION:
{
- const char *group_description;
const char *policy_description;
const char *policy_message;
PolKitPolicyFileEntry *pfe;
- pfe = _polkit_policy_file_entry_new (pd->group_id, pd->action_id,
+ pfe = _polkit_policy_file_entry_new (pd->action_id,
pd->defaults_allow_inactive,
pd->defaults_allow_active);
if (pfe == NULL)
goto error;
if (pd->load_descriptions) {
- group_description = _localize (pd->group_descriptions, pd->group_description_nolang, pd->lang);
policy_description = _localize (pd->policy_descriptions, pd->policy_description_nolang, pd->lang);
policy_message = _localize (pd->policy_messages, pd->policy_message_nolang, pd->lang);
} else {
- group_description = NULL;
policy_description = NULL;
policy_message = NULL;
}
if (pd->load_descriptions)
_polkit_policy_file_entry_set_descriptions (pfe,
- group_description,
policy_description,
policy_message);
pd->pf->entries = g_slist_prepend (pd->pf->entries, pfe);
- state = STATE_IN_GROUP;
+ state = STATE_IN_POLICY_CONFIG;
break;
}
- case STATE_IN_POLICY_DESCRIPTION:
- state = STATE_IN_POLICY;
+ case STATE_IN_ACTION_DESCRIPTION:
+ state = STATE_IN_ACTION;
break;
- case STATE_IN_POLICY_MESSAGE:
- state = STATE_IN_POLICY;
+ case STATE_IN_ACTION_MESSAGE:
+ state = STATE_IN_ACTION;
break;
case STATE_IN_DEFAULTS:
- state = STATE_IN_POLICY;
+ state = STATE_IN_ACTION;
break;
case STATE_IN_DEFAULTS_ALLOW_INACTIVE:
state = STATE_IN_DEFAULTS;
@@ -455,6 +396,9 @@ polkit_policy_file_new (const char *path
ParserData pd;
int xml_res;
char *lang;
+ char *buf;
+ gsize buflen;
+ GError *g_error;
pf = NULL;
@@ -465,10 +409,6 @@ polkit_policy_file_new (const char *path
goto error;
}
- char *buf;
- gsize buflen;
- GError *g_error;
-
g_error = NULL;
if (!g_file_get_contents (path, &buf, &buflen, &g_error)) {
polkit_error_set_error (error, POLKIT_ERROR_POLICY_FILE_INVALID,
@@ -528,12 +468,12 @@ polkit_policy_file_new (const char *path
}
XML_ParserFree (pd.parser);
g_free (buf);
- pd_unref_group_data (&pd);
+ pd_unref_action_data (&pd);
return pf;
error:
if (pf != NULL)
polkit_policy_file_unref (pf);
- pd_unref_group_data (&pd);
+ pd_unref_action_data (&pd);
return NULL;
}
More information about the hal-commit
mailing list