PolicyKit: Branch 'master'
David Zeuthen
david at kemper.freedesktop.org
Wed Nov 11 07:47:41 PST 2009
data/org.freedesktop.PolicyKit1.Authority.xml | 20 +-
docs/polkit/polkit-1-sections.txt | 10 +
src/polkit/polkitauthority.c | 238 +++++++++++++++++++++++++
src/polkit/polkitauthority.h | 30 +++
src/polkitbackend/polkitbackendauthority.c | 241 +++++++++++++++++++++++++-
src/polkitbackend/polkitbackendauthority.h | 46 ++++
6 files changed, 581 insertions(+), 4 deletions(-)
New commits:
commit 00c00948004b605d424d1e74c91dea5521042571
Author: David Zeuthen <davidz at redhat.com>
Date: Wed Nov 11 10:46:50 2009 -0500
Add methods AddLockdownForAction() and RemoveLockdownForAction()
Now to implement this in the interactive authority...
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml
index 0263c16..fbfb9cd 100644
--- a/data/org.freedesktop.PolicyKit1.Authority.xml
+++ b/data/org.freedesktop.PolicyKit1.Authority.xml
@@ -129,7 +129,7 @@
</annotation>
<annotation name="org.gtk.EggDBus.Struct.Member" value="Dict<String,String>:details">
- <annotation name="org.gtk.EggDBus.DocString" value="Details for the result or empty if not authorized. Known key/value-pairs include <literal>polkit.temporary_authorization_id</literal> (if the authorization is temporary, this is set to the opaque temporary authorization id), <literal>polkit.retains_authorization_after_challenge</literal> (Set to a non-empty string if the authorization will be retained after authentication (if is_challenge is TRUE)) and <literal>polkit.localauthority.lockdown</literal> (set to a non-empty string if the action is locked down via pklalockdown(1))."/>
+ <annotation name="org.gtk.EggDBus.DocString" value="Details for the result or empty if not authorized. Known key/value-pairs include <literal>polkit.temporary_authorization_id</literal> (if the authorization is temporary, this is set to the opaque temporary authorization id), <literal>polkit.retains_authorization_after_challenge</literal> (Set to a non-empty string if the authorization will be retained after authentication (if is_challenge is TRUE)) and <literal>polkit.lockdown</literal> (set to a non-empty string if the action is locked down)."/>
</annotation>
</annotation>
@@ -205,7 +205,7 @@
</annotation>
<annotation name="org.gtk.EggDBus.Flags.Member" value="Lockdown">
- <annotation name="org.gtk.EggDBus.DocString" value="The authority supports the XXX method."/>
+ <annotation name="org.gtk.EggDBus.DocString" value="The authority supports the org.freedesktop.PolicyKit1.Authority.AddLockdownForAction() and org.freedesktop.PolicyKit1.Authority.RemoveLockdownForAction() methods."/>
</annotation>
</annotation>
@@ -389,6 +389,22 @@
<!-- ---------------------------------------------------------------------------------------------------- -->
+ <method name="AddLockdownForAction">
+ <annotation name="org.gtk.EggDBus.DocString" value="Locks down an action so administrator authentication is always needed to obtain a temporary authorization for the action."/>
+ <arg name="action_id" direction="in" type="s">
+ <annotation name="org.gtk.EggDBus.DocString" value="Identifier for the action."/>
+ </arg>
+ </method>
+
+ <method name="RemoveLockdownForAction">
+ <annotation name="org.gtk.EggDBus.DocString" value="Removes the effect of a previous org.freedesktop.PolicyKit1.Authority.AddLockdownForAction() call."/>
+ <arg name="action_id" direction="in" type="s">
+ <annotation name="org.gtk.EggDBus.DocString" value="Identifier for the action."/>
+ </arg>
+ </method>
+
+ <!-- ---------------------------------------------------------------------------------------------------- -->
+
<signal name="Changed">
<annotation name="org.gtk.EggDBus.DocString" value="This signal is emitted when actions and/or authorizations change"/>
</signal>
diff --git a/docs/polkit/polkit-1-sections.txt b/docs/polkit/polkit-1-sections.txt
index 6c2be93..2d24e98 100644
--- a/docs/polkit/polkit-1-sections.txt
+++ b/docs/polkit/polkit-1-sections.txt
@@ -41,6 +41,10 @@ polkit_authority_revoke_temporary_authorizations
polkit_authority_revoke_temporary_authorizations_finish
polkit_authority_revoke_temporary_authorization_by_id
polkit_authority_revoke_temporary_authorization_by_id_finish
+polkit_authority_add_lockdown_for_action
+polkit_authority_add_lockdown_for_action_finish
+polkit_authority_remove_lockdown_for_action
+polkit_authority_remove_lockdown_for_action_finish
polkit_authority_check_authorization_sync
polkit_authority_enumerate_actions_sync
polkit_authority_register_authentication_agent_sync
@@ -49,6 +53,8 @@ polkit_authority_authentication_agent_response_sync
polkit_authority_enumerate_temporary_authorizations_sync
polkit_authority_revoke_temporary_authorizations_sync
polkit_authority_revoke_temporary_authorization_by_id_sync
+polkit_authority_add_lockdown_for_action_sync
+polkit_authority_remove_lockdown_for_action_sync
<SUBSECTION Standard>
PolkitAuthorityClass
POLKIT_AUTHORITY
@@ -281,6 +287,10 @@ polkit_backend_authority_enumerate_actions
polkit_backend_authority_system_bus_name_owner_changed
polkit_backend_authority_enumerate_temporary_authorizations
polkit_backend_authority_revoke_temporary_authorizations
+polkit_backend_authority_add_lockdown_for_action
+polkit_backend_authority_add_lockdown_for_action_finish
+polkit_backend_authority_remove_lockdown_for_action
+polkit_backend_authority_remove_lockdown_for_action_finish
polkit_backend_authority_get
polkit_backend_register_authority
<SUBSECTION Standard>
diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c
index 39b98e9..0a75b6d 100644
--- a/src/polkit/polkitauthority.c
+++ b/src/polkit/polkitauthority.c
@@ -1495,6 +1495,244 @@ polkit_authority_revoke_temporary_authorization_by_id_sync (PolkitAuthority
/* ---------------------------------------------------------------------------------------------------- */
+static guint
+polkit_authority_add_lockdown_for_action_async (PolkitAuthority *authority,
+ const gchar *action_id,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ guint call_id;
+ GSimpleAsyncResult *simple;
+
+ simple = g_simple_async_result_new (G_OBJECT (authority),
+ callback,
+ user_data,
+ polkit_authority_add_lockdown_for_action_async);
+
+ call_id = _polkit_authority_add_lockdown_for_action (authority->real,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ action_id,
+ cancellable,
+ generic_async_cb,
+ simple);
+
+ return call_id;
+}
+
+/**
+ * polkit_authority_add_lockdown_for_action:
+ * @authority: A #PolkitAuthority.
+ * @action_id: The identifier for the action.
+ * @cancellable: A #GCancellable or %NULL.
+ * @callback: A #GAsyncReadyCallback to call when the request is satisfied.
+ * @user_data: The data to pass to @callback.
+ *
+ * Locks down the action identified by @action_id.
+ *
+ * When the operation is finished, @callback will be invoked. You can then
+ * call polkit_authority_add_lockdown_for_action_finish() to get the result of
+ * the operation.
+ */
+void
+polkit_authority_add_lockdown_for_action (PolkitAuthority *authority,
+ const gchar *action_id,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ polkit_authority_add_lockdown_for_action_async (authority, action_id, cancellable, callback, user_data);
+}
+
+/**
+ * polkit_authority_add_lockdown_for_action_finish:
+ * @authority: A #PolkitAuthority.
+ * @res: A #GAsyncResult obtained from the callback.
+ * @error: Return location for error or %NULL.
+ *
+ * Finished locking down an action.
+ *
+ * Returns: %TRUE if the action was locked down, %FALSE if error is set.
+ **/
+gboolean
+polkit_authority_add_lockdown_for_action_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error)
+{
+ GSimpleAsyncResult *simple;
+ GAsyncResult *real_res;
+ gboolean ret;
+
+ simple = G_SIMPLE_ASYNC_RESULT (res);
+ real_res = G_ASYNC_RESULT (g_simple_async_result_get_op_res_gpointer (simple));
+
+ g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_add_lockdown_for_action_async);
+
+ ret = _polkit_authority_add_lockdown_for_action_finish (authority->real,
+ real_res,
+ error);
+
+ if (!ret)
+ goto out;
+
+ out:
+ g_object_unref (real_res);
+ return ret;
+}
+
+/**
+ * polkit_authority_add_lockdown_for_action_sync:
+ * @authority: A #PolkitAuthority.
+ * @action_id: The identifier for the action.
+ * @cancellable: A #GCancellable or %NULL.
+ * @error: Return location for error or %NULL.
+ *
+ * Synchronously locks down an action.
+ *
+ * Returns: %TRUE if the action was locked down, %FALSE if error is set.
+ **/
+gboolean
+polkit_authority_add_lockdown_for_action_sync (PolkitAuthority *authority,
+ const gchar *action_id,
+ GCancellable *cancellable,
+ GError **error)
+{
+ guint call_id;
+ GAsyncResult *res;
+ gboolean result;
+
+ call_id = polkit_authority_add_lockdown_for_action_async (authority, action_id, cancellable, generic_cb, &res);
+
+ egg_dbus_connection_pending_call_block (authority->system_bus, call_id);
+
+ result = polkit_authority_add_lockdown_for_action_finish (authority, res, error);
+
+ g_object_unref (res);
+
+ return result;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static guint
+polkit_authority_remove_lockdown_for_action_async (PolkitAuthority *authority,
+ const gchar *action_id,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ guint call_id;
+ GSimpleAsyncResult *simple;
+
+ simple = g_simple_async_result_new (G_OBJECT (authority),
+ callback,
+ user_data,
+ polkit_authority_remove_lockdown_for_action_async);
+
+ call_id = _polkit_authority_remove_lockdown_for_action (authority->real,
+ EGG_DBUS_CALL_FLAGS_NONE,
+ action_id,
+ cancellable,
+ generic_async_cb,
+ simple);
+
+ return call_id;
+}
+
+/**
+ * polkit_authority_remove_lockdown_for_action:
+ * @authority: A #PolkitAuthority.
+ * @action_id: The identifier for the action.
+ * @cancellable: A #GCancellable or %NULL.
+ * @callback: A #GAsyncReadyCallback to call when the request is satisfied.
+ * @user_data: The data to pass to @callback.
+ *
+ * Removes locks down the action identified by @action_id.
+ *
+ * When the operation is finished, @callback will be invoked. You can then
+ * call polkit_authority_remove_lockdown_for_action_finish() to get the result of
+ * the operation.
+ */
+void
+polkit_authority_remove_lockdown_for_action (PolkitAuthority *authority,
+ const gchar *action_id,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ polkit_authority_remove_lockdown_for_action_async (authority, action_id, cancellable, callback, user_data);
+}
+
+/**
+ * polkit_authority_remove_lockdown_for_action_finish:
+ * @authority: A #PolkitAuthority.
+ * @res: A #GAsyncResult obtained from the callback.
+ * @error: Return location for error or %NULL.
+ *
+ * Finishes removing lock down for an action.
+ *
+ * Returns: %TRUE if the action was locked down, %FALSE if error is set.
+ **/
+gboolean
+polkit_authority_remove_lockdown_for_action_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error)
+{
+ GSimpleAsyncResult *simple;
+ GAsyncResult *real_res;
+ gboolean ret;
+
+ simple = G_SIMPLE_ASYNC_RESULT (res);
+ real_res = G_ASYNC_RESULT (g_simple_async_result_get_op_res_gpointer (simple));
+
+ g_warn_if_fail (g_simple_async_result_get_source_tag (simple) == polkit_authority_remove_lockdown_for_action_async);
+
+ ret = _polkit_authority_remove_lockdown_for_action_finish (authority->real,
+ real_res,
+ error);
+
+ if (!ret)
+ goto out;
+
+ out:
+ g_object_unref (real_res);
+ return ret;
+}
+
+/**
+ * polkit_authority_remove_lockdown_for_action_sync:
+ * @authority: A #PolkitAuthority.
+ * @action_id: The identifier for the action.
+ * @cancellable: A #GCancellable or %NULL.
+ * @error: Return location for error or %NULL.
+ *
+ * Synchronously removes lock down for an action.
+ *
+ * Returns: %TRUE if the action was locked down, %FALSE if error is set.
+ **/
+gboolean
+polkit_authority_remove_lockdown_for_action_sync (PolkitAuthority *authority,
+ const gchar *action_id,
+ GCancellable *cancellable,
+ GError **error)
+{
+ guint call_id;
+ GAsyncResult *res;
+ gboolean result;
+
+ call_id = polkit_authority_remove_lockdown_for_action_async (authority, action_id, cancellable, generic_cb, &res);
+
+ egg_dbus_connection_pending_call_block (authority->system_bus, call_id);
+
+ result = polkit_authority_remove_lockdown_for_action_finish (authority, res, error);
+
+ g_object_unref (res);
+
+ return result;
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
/**
* polkit_authority_get_backend_name:
* @authority: A #PolkitAuthority.
diff --git a/src/polkit/polkitauthority.h b/src/polkit/polkitauthority.h
index 6575d27..e0ad31c 100644
--- a/src/polkit/polkitauthority.h
+++ b/src/polkit/polkitauthority.h
@@ -109,6 +109,16 @@ gboolean polkit_authority_revoke_temporary_authorization_by_id
GCancellable *cancellable,
GError **error);
+gboolean polkit_authority_add_lockdown_for_action_sync (PolkitAuthority *authority,
+ const gchar *action_id,
+ GCancellable *cancellable,
+ GError **error);
+
+gboolean polkit_authority_remove_lockdown_for_action_sync (PolkitAuthority *authority,
+ const gchar *action_id,
+ GCancellable *cancellable,
+ GError **error);
+
/* ---------------------------------------------------------------------------------------------------- */
void polkit_authority_enumerate_actions (PolkitAuthority *authority,
@@ -197,6 +207,26 @@ gboolean polkit_authority_revoke_temporary_authorization_by_id
GAsyncResult *res,
GError **error);
+void polkit_authority_add_lockdown_for_action (PolkitAuthority *authority,
+ const gchar *action_id,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+gboolean polkit_authority_add_lockdown_for_action_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
+
+void polkit_authority_remove_lockdown_for_action (PolkitAuthority *authority,
+ const gchar *action_id,
+ GCancellable *cancellable,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+gboolean polkit_authority_remove_lockdown_for_action_finish (PolkitAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
+
/* ---------------------------------------------------------------------------------------------------- */
G_END_DECLS
diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c
index 9735cdf..4ed97e3 100644
--- a/src/polkitbackend/polkitbackendauthority.c
+++ b/src/polkitbackend/polkitbackendauthority.c
@@ -470,7 +470,7 @@ polkit_backend_authority_revoke_temporary_authorizations (PolkitBackendAuthority
*
* Revokes a temporary authorizations with opaque identifier @id.
*
- * Returns: %TRUE if the operatoin succeeded, %FALSE if @error is set.
+ * Returns: %TRUE if the operation succeeded, %FALSE if @error is set.
**/
gboolean
polkit_backend_authority_revoke_temporary_authorization_by_id (PolkitBackendAuthority *authority,
@@ -496,6 +496,153 @@ polkit_backend_authority_revoke_temporary_authorization_by_id (PolkitBackendAuth
}
}
+/**
+ * polkit_backend_authority_add_lockdown_for_action:
+ * @authority: A #PolkitBackendAuthority.
+ * @caller: The system bus name that called the method.
+ * @action_id: The action id.
+ * @callback: A #GAsyncReadyCallback to call when the request is satisfied.
+ * @user_data: The data to pass to @callback.
+ *
+ * Asynchronously add locks down for @action_id.
+ *
+ * When the operation is finished, @callback will be invoked. You can
+ * then call polkit_backend_authority_add_lockdown_for_action_finish()
+ * to get the result of the operation.
+ */
+void
+polkit_backend_authority_add_lockdown_for_action (PolkitBackendAuthority *authority,
+ PolkitSubject *caller,
+ const gchar *action_id,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ PolkitBackendAuthorityClass *klass;
+
+ klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
+
+ if (klass->add_lockdown_for_action == NULL)
+ {
+ GSimpleAsyncResult *simple;
+
+ simple = g_simple_async_result_new_error (G_OBJECT (authority),
+ callback,
+ user_data,
+ POLKIT_ERROR,
+ POLKIT_ERROR_NOT_SUPPORTED,
+ "Operation not supported");
+ g_simple_async_result_complete (simple);
+ g_object_unref (simple);
+ }
+ else
+ {
+ klass->add_lockdown_for_action (authority, caller, action_id, callback, user_data);
+ }
+}
+
+/**
+ * polkit_backend_authority_add_lockdown_for_action_finish:
+ * @authority: A #PolkitBackendAuthority.
+ * @res: A #GAsyncResult obtained from the callback.
+ * @error: Return location for error or %NULL.
+ *
+ * Finishes adding lock down for an action.
+ *
+ * Returns: %TRUE if the operation succeeded or, %FALE if @error is set.
+ */
+gboolean
+polkit_backend_authority_add_lockdown_for_action_finish (PolkitBackendAuthority *authority,
+ GAsyncResult *res,
+ GError **error)
+{
+ PolkitBackendAuthorityClass *klass;
+
+ klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
+
+ if (klass->add_lockdown_for_action_finish == NULL)
+ {
+ g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (res), error);
+ return FALSE;
+ }
+ else
+ {
+ return klass->add_lockdown_for_action_finish (authority, res, error);
+ }
+}
+
+/**
+ * polkit_backend_authority_remove_lockdown_for_action:
+ * @authority: A #PolkitBackendAuthority.
+ * @caller: The system bus name that called the method.
+ * @action_id: The action id.
+ * @callback: A #GAsyncReadyCallback to call when the request is satisfied.
+ * @user_data: The data to pass to @callback.
+ *
+ * Asynchronously remove locks down for @action_id.
+ *
+ * When the operation is finished, @callback will be invoked. You can
+ * then call polkit_backend_authority_remove_lockdown_for_action_finish()
+ * to get the result of the operation.
+ */
+void
+polkit_backend_authority_remove_lockdown_for_action (PolkitBackendAuthority *authority,
+ PolkitSubject *caller,
+ const gchar *action_id,
+ GAsyncReadyCallback callback,
+ gpointer user_data)
+{
+ PolkitBackendAuthorityClass *klass;
+
+ klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
+
+ if (klass->remove_lockdown_for_action == NULL)
+ {
+ GSimpleAsyncResult *simple;
+
+ simple = g_simple_async_result_new_error (G_OBJECT (authority),
+ callback,
+ user_data,
+ POLKIT_ERROR,
+ POLKIT_ERROR_NOT_SUPPORTED,
+ "Operation not supported");
+ g_simple_async_result_complete (simple);
+ g_object_unref (simple);
+ }
+ else
+ {
+ klass->remove_lockdown_for_action (authority, caller, action_id, callback, user_data);
+ }
+}
+
+/**
+ * polkit_backend_authority_remove_lockdown_for_action_finish:
+ * @authority: A #PolkitBackendAuthority.
+ * @res: A #GAsyncResult obtained from the callback.
+ * @error: Return location for error or %NULL.
+ *
+ * Finishes removing lock down for an action.
+ *
+ * Returns: %TRUE if the operation succeeded or, %FALE if @error is set.
+ */
+gboolean
+polkit_backend_authority_remove_lockdown_for_action_finish (PolkitBackendAuthority *authority,
+ GAsyncResult *res,
+ GError **error)
+{
+ PolkitBackendAuthorityClass *klass;
+
+ klass = POLKIT_BACKEND_AUTHORITY_GET_CLASS (authority);
+
+ if (klass->remove_lockdown_for_action_finish == NULL)
+ {
+ g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (res), error);
+ return FALSE;
+ }
+ else
+ {
+ return klass->remove_lockdown_for_action_finish (authority, res, error);
+ }
+}
/* ---------------------------------------------------------------------------------------------------- */
@@ -1078,6 +1225,96 @@ authority_handle_revoke_temporary_authorization_by_id (_PolkitAuthority *
/* ---------------------------------------------------------------------------------------------------- */
static void
+add_lockdown_cb (GObject *source_object,
+ GAsyncResult *res,
+ gpointer user_data)
+{
+ EggDBusMethodInvocation *method_invocation = EGG_DBUS_METHOD_INVOCATION (user_data);
+ GError *error;
+
+ error = NULL;
+ polkit_backend_authority_add_lockdown_for_action_finish (POLKIT_BACKEND_AUTHORITY (source_object),
+ res,
+ &error);
+
+ if (error != NULL)
+ {
+ egg_dbus_method_invocation_return_gerror (method_invocation, error);
+ g_error_free (error);
+ }
+ else
+ {
+ _polkit_authority_handle_add_lockdown_for_action_finish (method_invocation);
+ }
+}
+
+static void
+authority_handle_add_lockdown_for_action (_PolkitAuthority *instance,
+ const gchar *action_id,
+ EggDBusMethodInvocation *method_invocation)
+{
+ Server *server = SERVER (instance);
+ const gchar *caller_name;
+ PolkitSubject *caller;
+
+ caller_name = egg_dbus_method_invocation_get_caller (method_invocation);
+ caller = polkit_system_bus_name_new (caller_name);
+
+ polkit_backend_authority_add_lockdown_for_action (server->authority,
+ caller,
+ action_id,
+ add_lockdown_cb,
+ method_invocation);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
+remove_lockdown_cb (GObject *source_object,
+ GAsyncResult *res,
+ gpointer user_data)
+{
+ EggDBusMethodInvocation *method_invocation = EGG_DBUS_METHOD_INVOCATION (user_data);
+ GError *error;
+
+ error = NULL;
+ polkit_backend_authority_remove_lockdown_for_action_finish (POLKIT_BACKEND_AUTHORITY (source_object),
+ res,
+ &error);
+
+ if (error != NULL)
+ {
+ egg_dbus_method_invocation_return_gerror (method_invocation, error);
+ g_error_free (error);
+ }
+ else
+ {
+ _polkit_authority_handle_remove_lockdown_for_action_finish (method_invocation);
+ }
+}
+
+static void
+authority_handle_remove_lockdown_for_action (_PolkitAuthority *instance,
+ const gchar *action_id,
+ EggDBusMethodInvocation *method_invocation)
+{
+ Server *server = SERVER (instance);
+ const gchar *caller_name;
+ PolkitSubject *caller;
+
+ caller_name = egg_dbus_method_invocation_get_caller (method_invocation);
+ caller = polkit_system_bus_name_new (caller_name);
+
+ polkit_backend_authority_remove_lockdown_for_action (server->authority,
+ caller,
+ action_id,
+ remove_lockdown_cb,
+ method_invocation);
+}
+
+/* ---------------------------------------------------------------------------------------------------- */
+
+static void
authority_iface_init (_PolkitAuthorityIface *authority_iface)
{
authority_iface->handle_enumerate_actions = authority_handle_enumerate_actions;
@@ -1089,6 +1326,8 @@ authority_iface_init (_PolkitAuthorityIface *authority_iface)
authority_iface->handle_enumerate_temporary_authorizations = authority_handle_enumerate_temporary_authorizations;
authority_iface->handle_revoke_temporary_authorizations = authority_handle_revoke_temporary_authorizations;
authority_iface->handle_revoke_temporary_authorization_by_id = authority_handle_revoke_temporary_authorization_by_id;
+ authority_iface->handle_add_lockdown_for_action = authority_handle_add_lockdown_for_action;
+ authority_iface->handle_remove_lockdown_for_action = authority_handle_remove_lockdown_for_action;
}
static void
diff --git a/src/polkitbackend/polkitbackendauthority.h b/src/polkitbackend/polkitbackendauthority.h
index d87bb14..72bdb61 100644
--- a/src/polkitbackend/polkitbackendauthority.h
+++ b/src/polkitbackend/polkitbackendauthority.h
@@ -98,7 +98,11 @@ struct _PolkitBackendAuthority
* authorization identified by id or %NULL if the backend doesn't support
* the operation. See polkit_backend_authority_revoke_temporary_authorization_by_id()
* for details.
- * @system_bus_name_owner_changed: temporary VFunc, to be removed before 1.0.
+ * @add_lockdown_for_action: Called to add lock down for an action. See polkit_backend_authority_add_lockdown_for_action() for details. Can be %NULL if not supported by the backend.
+ * @add_lockdown_for_action_finish: Called to finish adding lock down for an an action. See polkit_backend_authority_add_lockdown_for_action_finish() for details. Can be %NULL if not supported by the backend.
+ * @remove_lockdown_for_action: Called when removing lock down for an action. See polkit_backend_authority_remove_lockdown_for_action() for details. Can be %NULL if not supported by the backend.
+ * @remove_lockdown_for_action_finish: Called to finish removing lock down for an action. See polkit_backend_authority_remove_lockdown_for_action_finish() for details. Can be %NULL if not supported by the backend.
+ * @system_bus_name_owner_changed: temporary VFunc, to be removed before API is declared stable.
*
* VFuncs that authority backends need to implement.
*/
@@ -169,6 +173,26 @@ struct _PolkitBackendAuthorityClass
const gchar *id,
GError **error);
+ void (*add_lockdown_for_action) (PolkitBackendAuthority *authority,
+ PolkitSubject *caller,
+ const gchar *action_id,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+ gboolean (*add_lockdown_for_action_finish) (PolkitBackendAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
+
+ void (*remove_lockdown_for_action) (PolkitBackendAuthority *authority,
+ PolkitSubject *caller,
+ const gchar *action_id,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+ gboolean (*remove_lockdown_for_action_finish) (PolkitBackendAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
+
/* TODO: need something more efficient such that we don't watch all name changes */
void (*system_bus_name_owner_changed) (PolkitBackendAuthority *authority,
const gchar *name,
@@ -277,6 +301,26 @@ gboolean polkit_backend_authority_revoke_temporary_authorization_by_id (PolkitBa
const gchar *id,
GError **error);
+void polkit_backend_authority_add_lockdown_for_action (PolkitBackendAuthority *authority,
+ PolkitSubject *caller,
+ const gchar *action_id,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+gboolean polkit_backend_authority_add_lockdown_for_action_finish (PolkitBackendAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
+
+void polkit_backend_authority_remove_lockdown_for_action (PolkitBackendAuthority *authority,
+ PolkitSubject *caller,
+ const gchar *action_id,
+ GAsyncReadyCallback callback,
+ gpointer user_data);
+
+gboolean polkit_backend_authority_remove_lockdown_for_action_finish (PolkitBackendAuthority *authority,
+ GAsyncResult *res,
+ GError **error);
+
/* --- */
PolkitBackendAuthority *polkit_backend_authority_get (void);
More information about the hal-commit
mailing list