PolicyKit: Branch 'master'

David Zeuthen david at kemper.freedesktop.org
Tue Dec 4 16:36:51 PST 2007 

 src/polkit/polkit-context.c |   72 ++++++++++++--------------------------------
 1 file changed, 20 insertions(+), 52 deletions(-)

New commits:
commit ea7da4ea8962bd6c2f71ffb12b3ab275aec681a6
Author: David Zeuthen <davidz at redhat.com>
Date:   Tue Dec 4 19:39:40 2007 -0500

    don't require .policy files for auth lookups
    
    With this change, 'make check' now works even when PolicyKit isn't
    installed (as it should). Before this change it failed because the
    .policy files for org.freedesktop.policykit.read and .grant was not
    available.

diff --git a/src/polkit/polkit-context.c b/src/polkit/polkit-context.c
index e194eb5..59e0ffe 100644
--- a/src/polkit/polkit-context.c
+++ b/src/polkit/polkit-context.c
@@ -467,8 +467,6 @@ polkit_context_is_session_authorized (PolKitContext         *pk_context,
                                       PolKitError          **error)
 {
         PolKitPolicyCache *cache;
-        PolKitPolicyFileEntry *pfe;
-        PolKitPolicyDefault *policy_default;
         PolKitResult result_from_config;
         PolKitResult result_from_grantdb;
         polkit_bool_t from_authdb;
@@ -497,24 +495,6 @@ polkit_context_is_session_authorized (PolKitContext         *pk_context,
         if (cache == NULL)
                 goto out;
 
-        _pk_debug ("entering polkit_can_session_do_action()");
-        polkit_action_debug (action);
-        polkit_session_debug (session);
-
-        pfe = polkit_policy_cache_get_entry (cache, action);
-        if (pfe == NULL) {
-                char *action_name;
-                if (!polkit_action_get_action_id (action, &action_name)) {
-                        kit_warning ("given action has no name");
-                } else {
-                        kit_warning ("no action with name '%s'", action_name);
-                }
-                result = POLKIT_RESULT_UNKNOWN;
-                goto out;
-        }
-
-        polkit_policy_file_entry_debug (pfe);
-
         result_from_config = polkit_config_can_session_do_action (config, action, session);
 
         result_from_grantdb = POLKIT_RESULT_UNKNOWN;
@@ -559,12 +539,17 @@ polkit_context_is_session_authorized (PolKitContext         *pk_context,
 
         /* Otherwise, unless we found a negative auth, fall back to defaults as specified in the .policy file */
         if (!from_authdb_negative) {
-                policy_default = polkit_policy_file_entry_get_default (pfe);
-                if (policy_default == NULL) {
-                        kit_warning ("no default policy for action!");
-                        goto out;
+                PolKitPolicyFileEntry *pfe;
+
+                pfe = polkit_policy_cache_get_entry (cache, action);
+                if (pfe != NULL) {
+                        PolKitPolicyDefault *policy_default;
+
+                        policy_default = polkit_policy_file_entry_get_default (pfe);
+                        if (policy_default != NULL) {
+                                result = polkit_policy_default_can_session_do_action (policy_default, action, session);
+                        }
                 }
-                result = polkit_policy_default_can_session_do_action (policy_default, action, session);
         }
 
 found:
@@ -620,14 +605,10 @@ polkit_context_is_caller_authorized (PolKitContext         *pk_context,
                                      polkit_bool_t          revoke_if_one_shot,
                                      PolKitError          **error)
 {
-
-
         PolKitPolicyCache *cache;
-        PolKitPolicyFileEntry *pfe;
         PolKitResult result;
         PolKitResult result_from_config;
         PolKitResult result_from_grantdb;
-        PolKitPolicyDefault *policy_default;
         PolKitConfig *config;
         polkit_bool_t from_authdb;
         polkit_bool_t from_authdb_negative;
@@ -653,24 +634,6 @@ polkit_context_is_caller_authorized (PolKitContext         *pk_context,
         if (!polkit_caller_validate (caller))
                 goto out;
 
-        _pk_debug ("entering polkit_can_caller_do_action()");
-        polkit_action_debug (action);
-        polkit_caller_debug (caller);
-
-        pfe = polkit_policy_cache_get_entry (cache, action);
-        if (pfe == NULL) {
-                char *action_name;
-                if (!polkit_action_get_action_id (action, &action_name)) {
-                        kit_warning ("given action has no name");
-                } else {
-                        kit_warning ("no action with name '%s'", action_name);
-                }
-                result = POLKIT_RESULT_UNKNOWN;
-                goto out;
-        }
-
-        polkit_policy_file_entry_debug (pfe);
-
         result_from_config = polkit_config_can_caller_do_action (config, action, caller);
 
         result_from_grantdb = POLKIT_RESULT_UNKNOWN;
@@ -716,12 +679,17 @@ polkit_context_is_caller_authorized (PolKitContext         *pk_context,
 
         /* Otherwise, unless we found a negative auth, fall back to defaults as specified in the .policy file */
         if (!from_authdb_negative) {
-                policy_default = polkit_policy_file_entry_get_default (pfe);
-                if (policy_default == NULL) {
-                        kit_warning ("no default policy for action!");
-                        goto out;
+                PolKitPolicyFileEntry *pfe;
+
+                pfe = polkit_policy_cache_get_entry (cache, action);
+                if (pfe != NULL) {
+                        PolKitPolicyDefault *policy_default;
+
+                        policy_default = polkit_policy_file_entry_get_default (pfe);
+                        if (policy_default != NULL) {
+                                result = polkit_policy_default_can_caller_do_action (policy_default, action, caller);
+                        }
                 }
-                result = polkit_policy_default_can_caller_do_action (policy_default, action, caller);
         }
 
 found:

More information about the hal-commit mailing list