PolicyKit: Branch 'master'
David Zeuthen
david at kemper.freedesktop.org
Wed Jul 15 10:16:10 PDT 2009
src/polkitbackend/polkitbackendinteractiveauthority.c | 8 ++++
src/polkitbackend/polkitbackendinteractiveauthority.h | 4 ++
src/polkitbackend/polkitbackendlocalauthority.c | 36 +++++++++++++++++-
3 files changed, 46 insertions(+), 2 deletions(-)
New commits:
commit 38f472c1c8c3868bab9950403272060b20ead0e2
Author: David Zeuthen <davidz at redhat.com>
Date: Wed Jul 15 13:13:05 2009 -0400
Also pass the identity of the subject we are checking for
diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c
index 8018b00..9046938 100644
--- a/src/polkitbackend/polkitbackendinteractiveauthority.c
+++ b/src/polkitbackend/polkitbackendinteractiveauthority.c
@@ -632,6 +632,7 @@ check_authorization_sync (PolkitBackendAuthority *authority,
implicit_authorization = polkit_backend_interactive_authority_check_authorization_sync (interactive_authority,
caller,
subject,
+ user_of_subject,
action_id,
details,
implicit_authorization);
@@ -723,6 +724,7 @@ check_authorization_sync (PolkitBackendAuthority *authority,
* @authority: A #PolkitBackendInteractiveAuthority.
* @caller: The subject that is inquiring whether @subject is authorized.
* @subject: The subject we are about to authenticate for.
+ * @user_for_subject: The user of the subject we are about to authenticate for.
* @action_id: The action we are about to authenticate for.
* @details: Details about the action.
*
@@ -737,6 +739,7 @@ GList *
polkit_backend_interactive_authority_get_admin_identities (PolkitBackendInteractiveAuthority *authority,
PolkitSubject *caller,
PolkitSubject *subject,
+ PolkitIdentity *user_for_subject,
const gchar *action_id,
PolkitDetails *details)
{
@@ -754,6 +757,7 @@ polkit_backend_interactive_authority_get_admin_identities (PolkitBackendInteract
ret = klass->get_admin_identities (authority,
caller,
subject,
+ user_for_subject,
action_id,
details);
}
@@ -766,6 +770,7 @@ polkit_backend_interactive_authority_get_admin_identities (PolkitBackendInteract
* @authority: A #PolkitBackendInteractiveAuthority.
* @caller: The subject that is inquiring whether @subject is authorized.
* @subject: The subject we are checking an authorization for.
+ * @user_for_subject: The user of the subject we are checking an authorization for.
* @action_id: The action we are checking an authorization for.
* @details: Details about the action.
* @implicit: A #PolkitImplicitAuthorization value computed from the policy file and @subject.
@@ -782,6 +787,7 @@ PolkitImplicitAuthorization
polkit_backend_interactive_authority_check_authorization_sync (PolkitBackendInteractiveAuthority *authority,
PolkitSubject *caller,
PolkitSubject *subject,
+ PolkitIdentity *user_for_subject,
const gchar *action_id,
PolkitDetails *details,
PolkitImplicitAuthorization implicit)
@@ -800,6 +806,7 @@ polkit_backend_interactive_authority_check_authorization_sync (PolkitBackendInte
ret = klass->check_authorization_sync (authority,
caller,
subject,
+ user_for_subject,
action_id,
details,
implicit);
@@ -1381,6 +1388,7 @@ authentication_agent_initiate_challenge (AuthenticationAgent *agent,
identities = polkit_backend_interactive_authority_get_admin_identities (authority,
caller,
subject,
+ user_of_subject,
action_id,
details);
}
diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.h b/src/polkitbackend/polkitbackendinteractiveauthority.h
index efef0a4..8331af0 100644
--- a/src/polkitbackend/polkitbackendinteractiveauthority.h
+++ b/src/polkitbackend/polkitbackendinteractiveauthority.h
@@ -71,12 +71,14 @@ struct _PolkitBackendInteractiveAuthorityClass
GList * (*get_admin_identities) (PolkitBackendInteractiveAuthority *authority,
PolkitSubject *caller,
PolkitSubject *subject,
+ PolkitIdentity *user_for_subject,
const gchar *action_id,
PolkitDetails *details);
PolkitImplicitAuthorization (*check_authorization_sync) (PolkitBackendInteractiveAuthority *authority,
PolkitSubject *caller,
PolkitSubject *subject,
+ PolkitIdentity *user_for_subject,
const gchar *action_id,
PolkitDetails *details,
PolkitImplicitAuthorization implicit);
@@ -121,6 +123,7 @@ GType polkit_backend_interactive_authority_get_type (void) G_GNUC_C
GList *polkit_backend_interactive_authority_get_admin_identities (PolkitBackendInteractiveAuthority *authority,
PolkitSubject *caller,
PolkitSubject *subject,
+ PolkitIdentity *user_for_subject,
const gchar *action_id,
PolkitDetails *details);
@@ -128,6 +131,7 @@ PolkitImplicitAuthorization polkit_backend_interactive_authority_check_authoriza
PolkitBackendInteractiveAuthority *authority,
PolkitSubject *caller,
PolkitSubject *subject,
+ PolkitIdentity *user_for_subject,
const gchar *action_id,
PolkitDetails *details,
PolkitImplicitAuthorization implicit);
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index a68663d..d18108e 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -67,9 +67,20 @@ typedef struct
static GList *polkit_backend_local_authority_get_admin_auth_identities (PolkitBackendInteractiveAuthority *authority,
PolkitSubject *caller,
PolkitSubject *subject,
+ PolkitIdentity *user_for_subject,
const gchar *action_id,
PolkitDetails *details);
+static PolkitImplicitAuthorization polkit_backend_local_authority_check_authorization_sync (
+ PolkitBackendInteractiveAuthority *authority,
+ PolkitSubject *caller,
+ PolkitSubject *subject,
+ PolkitIdentity *user_for_subject,
+ const gchar *action_id,
+ PolkitDetails *details,
+ PolkitImplicitAuthorization implicit);
+
+
G_DEFINE_TYPE_WITH_CODE (PolkitBackendLocalAuthority,
polkit_backend_local_authority,
POLKIT_BACKEND_TYPE_INTERACTIVE_AUTHORITY,
@@ -119,8 +130,9 @@ polkit_backend_local_authority_class_init (PolkitBackendLocalAuthorityClass *kla
gobject_class = G_OBJECT_CLASS (klass);
interactive_authority_class = POLKIT_BACKEND_INTERACTIVE_AUTHORITY_CLASS (klass);
- gobject_class->finalize = polkit_backend_local_authority_finalize;
- interactive_authority_class->get_admin_identities = polkit_backend_local_authority_get_admin_auth_identities;
+ gobject_class->finalize = polkit_backend_local_authority_finalize;
+ interactive_authority_class->get_admin_identities = polkit_backend_local_authority_get_admin_auth_identities;
+ interactive_authority_class->check_authorization_sync = polkit_backend_local_authority_check_authorization_sync;
g_type_class_add_private (klass, sizeof (PolkitBackendLocalAuthorityPrivate));
}
@@ -129,6 +141,7 @@ static GList *
polkit_backend_local_authority_get_admin_auth_identities (PolkitBackendInteractiveAuthority *authority,
PolkitSubject *caller,
PolkitSubject *subject,
+ PolkitIdentity *user_for_subject,
const gchar *action_id,
PolkitDetails *details)
{
@@ -196,6 +209,25 @@ polkit_backend_local_authority_get_admin_auth_identities (PolkitBackendInteracti
/* ---------------------------------------------------------------------------------------------------- */
+static PolkitImplicitAuthorization
+polkit_backend_local_authority_check_authorization_sync (PolkitBackendInteractiveAuthority *authority,
+ PolkitSubject *caller,
+ PolkitSubject *subject,
+ PolkitIdentity *user_for_subject,
+ const gchar *action_id,
+ PolkitDetails *details,
+ PolkitImplicitAuthorization implicit)
+{
+ g_debug ("local: checking `%s' for subject `%s' (user `%s')",
+ action_id,
+ polkit_subject_to_string (subject),
+ polkit_identity_to_string (user_for_subject));
+
+ return implicit;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
static GList *
get_users_in_group (PolkitBackendInteractiveAuthority *authority,
PolkitIdentity *group,
More information about the hal-commit
mailing list