PolicyKit: Branch 'master'

David Zeuthen david at kemper.freedesktop.org
Wed Feb 23 07:04:26 PST 2011 

 docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.Authority.xml |    2 -
 src/polkitbackend/polkitbackendinteractiveauthority.c                  |   18 +++-------
 2 files changed, 8 insertions(+), 12 deletions(-)

New commits:
commit 135d8a3311f9d40087294e33bd199045bc401dd8
Author: David Zeuthen <davidz at redhat.com>
Date:   Wed Feb 23 09:56:17 2011 -0500

    Bug 32334 – Always set polkit.retains_authorization_after_challenge
    
    Otherwise it's impossible to implement lock buttons.
    
    https://bugs.freedesktop.org/show_bug.cgi?id=32334
    
    Signed-off-by: David Zeuthen <davidz at redhat.com>

diff --git a/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.Authority.xml b/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.Authority.xml
index 93f8cfa..515ccf7 100644
--- a/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.Authority.xml
+++ b/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.Authority.xml
@@ -461,7 +461,7 @@ TRUE if the given <link linkend="eggdbus-struct-Subject">Subject</link> could be
     <term><literal>Dict&lt;String,String&gt; <structfield>details</structfield></literal></term>
     <listitem>
       <para>
-Details for the result or empty if not authorized. Known key/value-pairs include <literal>polkit.temporary_authorization_id</literal> (if the authorization is temporary, this is set to the opaque temporary authorization id), <literal>polkit.retains_authorization_after_challenge</literal> (Set to a non-empty string if the authorization will be retained after authentication (if is_challenge is TRUE)), <literal>polkit.dismissed</literal> (Set to a non-empty string if the authentication dialog was dismissed by the user).
+Details for the result. Known key/value-pairs include <literal>polkit.temporary_authorization_id</literal> (if the authorization is temporary, this is set to the opaque temporary authorization id), <literal>polkit.retains_authorization_after_challenge</literal> (Set to a non-empty string if the authorization will be retained after authentication (if is_challenge is TRUE)), <literal>polkit.dismissed</literal> (Set to a non-empty string if the authentication dialog was dismissed by the user).
       </para>
     </listitem>
   </varlistentry>
diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c
index 4107e2d..567cdb5 100644
--- a/src/polkitbackend/polkitbackendinteractiveauthority.c
+++ b/src/polkitbackend/polkitbackendinteractiveauthority.c
@@ -600,6 +600,7 @@ check_authorization_challenge_cb (AuthenticationAgent         *agent,
   gchar *authenticated_identity_str;
   gchar *subject_cmdline;
   gboolean is_temp;
+  PolkitDetails *details;
 
   priv = POLKIT_BACKEND_INTERACTIVE_AUTHORITY_GET_PRIVATE (authority);
 
@@ -626,13 +627,14 @@ check_authorization_challenge_cb (AuthenticationAgent         *agent,
            was_dismissed,
            authentication_success);
 
+  details = polkit_details_new ();
+  if (implicit_authorization == POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED_RETAINED ||
+      implicit_authorization == POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED_RETAINED)
+    polkit_details_insert (details, "polkit.retains_authorization_after_challenge", "true");
+
   is_temp = FALSE;
   if (authentication_success)
     {
-      PolkitDetails *details;
-
-      details = polkit_details_new ();
-
       /* store temporary authorization depending on value of implicit_authorization */
       if (implicit_authorization == POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED_RETAINED ||
           implicit_authorization == POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED_RETAINED)
@@ -651,21 +653,14 @@ check_authorization_challenge_cb (AuthenticationAgent         *agent,
           /* we've added a temporary authorization, let the user know */
           g_signal_emit_by_name (authority, "changed");
         }
-
       result = polkit_authorization_result_new (TRUE, FALSE, details);
-      g_object_unref (details);
     }
   else
     {
-      PolkitDetails *details;
-
       /* TODO: maybe return set is_challenge? */
-
-      details = polkit_details_new ();
       if (was_dismissed)
         polkit_details_insert (details, "polkit.dismissed", "true");
       result = polkit_authorization_result_new (FALSE, FALSE, details);
-      g_object_unref (details);
     }
 
   /* Log the event */
@@ -710,6 +705,7 @@ check_authorization_challenge_cb (AuthenticationAgent         *agent,
 
   /* log_result (authority, action_id, subject, caller, result); */
 
+  g_object_unref (details);
   g_simple_async_result_set_op_res_gpointer (simple,
                                              result,
                                              g_object_unref);

More information about the hal-commit mailing list