PolicyKit: Branch 'master'
David Zeuthen
david at kemper.freedesktop.org
Thu Mar 3 10:18:27 PST 2011
docs/man/pkexec.xml | 20
docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml | 10
docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.Authority.xml | 45 +-
docs/polkit/overview.xml | 9
docs/polkit/polkit-1-docs.xml | 1
po/POTFILES.in | 2
po/da.po | 90 +---
src/examples/org.freedesktop.policykit.examples.pkexec.policy.in | 2
src/polkit/polkitauthority.c | 22 -
src/polkitbackend/polkitbackendactionlookup.c | 3
src/polkitbackend/polkitbackendactionlookup.h | 16
src/polkitbackend/polkitbackendauthority.c | 7
src/polkitbackend/polkitbackendinteractiveauthority.c | 145 ++++---
src/polkitbackend/polkitbackendlocalauthority.c | 1
src/programs/Makefile.am | 22 -
src/programs/pkexec-action-lookup.c | 202 ----------
src/programs/pkexec.c | 42 +-
17 files changed, 238 insertions(+), 401 deletions(-)
New commits:
commit 02cebdb060e76e6d176f05ef24968e6d17225edb
Author: David Zeuthen <davidz at redhat.com>
Date: Thu Mar 3 13:13:11 2011 -0500
Deprecated PolkitBackendActionLookup
Instead, pass the untranslated message as polkit.message and set the
gettext domain on polkit.gettext_domain. For printf()-style messages,
occurences of the form $(name_of_key) in the translated version of
polkit.message are expanded with the value of the property
name_of_key. See the pkexec(1) mechanism for an example of how to use
this.
Additionally, the property polkit.icon_name can be set to the
icon. Note that not all authentication agents use this - in
particular, gnome-shell does not.
It is no longer possible to set the details to be shown in the
authentication dialog. It was never a good idea to hide information
there anyway. Instead, the mechanism should format a meaningful
message.
Signed-off-by: David Zeuthen <davidz at redhat.com>
diff --git a/docs/man/pkexec.xml b/docs/man/pkexec.xml
index 97ab315..2a0e721 100644
--- a/docs/man/pkexec.xml
+++ b/docs/man/pkexec.xml
@@ -152,13 +152,21 @@
<programlisting>
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" parse="text" href="../../src/examples/org.freedesktop.policykit.examples.pkexec.policy"><xi:fallback>FIXME: MISSING XINCLUDE CONTENT</xi:fallback></xi:include></programlisting>
<para>
- and drop it in
- the <filename>/usr/share/polkit-1/actions</filename> directory
- under a suitable name (e.g. matching the namespace of the
- action). Note that in addition to specifying the program, the
+ and drop it in the
+ <filename>/usr/share/polkit-1/actions</filename> directory under
+ a suitable name (e.g. matching the namespace of the action).
+ Note that in addition to specifying the program, the
authentication message, description, icon and defaults can be
- specified. For example, for the action defined above, the following
- authentication dialog will be shown:
+ specified. Note that occurences of the strings
+ <literal>$(user)</literal>, <literal>$(program)</literal> and
+ <literal>$(command_line)</literal> in the message will be
+ replaced with respectively the user (of the form "Real Name
+ (username)" or just "username" if there is no real name for the
+ username), the binary to execute (a fully-qualified path,
+ e.g. "<literal>/usr/bin/pk-example-frobnicate</literal>") and
+ the command-line, e.g. "<literal>pk-example-frobnicate foo
+ bar</literal>". For example, for the action defined above, the
+ following authentication dialog will be shown:
</para>
<mediaobject id="pkexec-frobnicate">
<imageobject>
diff --git a/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml b/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml
index b01fceb..ec59626 100644
--- a/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml
+++ b/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml
@@ -87,9 +87,13 @@ The themed icon describing the action or the empty string if no icon is set.
<term><literal>IN Dict<String,String> <parameter>details</parameter></literal>:</term>
<listitem>
<para>
-Details about the authentication request. This is a dictionary of key/value pairs where both key and value are strings. These strings are translated into the locale passed when registering the authentication agent using <link linkend="eggdbus-method-org.freedesktop.PolicyKit1.Authority.RegisterAuthenticationAgent">RegisterAuthenticationAgent()</link>.
-Keys starting with <literal>polkit.</literal> are reserved for internal use and should never be displayed in the UI.
-Known key/value-pairs include <literal>polkit.caller-pid</literal> (the process id of the mechanism making the authorization check) and <literal>polkit.subject-pid</literal> (the process id of the subject the check is for).
+ Details about the authentication request. This is a dictionary
+ of key/value pairs where both key and value are strings.
+ Known key/value-pairs include
+ <literal>polkit.caller-pid</literal> (the process id of the
+ mechanism making the authorization check) and
+ <literal>polkit.subject-pid</literal> (the process id of the
+ subject the check is for).
</para>
</listitem>
</varlistentry>
diff --git a/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.Authority.xml b/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.Authority.xml
index ee29c4c..74338c3 100644
--- a/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.Authority.xml
+++ b/docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.Authority.xml
@@ -571,7 +571,26 @@ CheckAuthorization (IN <link linkend="eggdbus-struct-Subject">Subject</link>
OUT <link linkend="eggdbus-struct-AuthorizationResult">AuthorizationResult</link> result)
</programlisting>
<para>
-<para>Checks if <parameter>subject</parameter> is authorized to perform the action with identifier <parameter>action_id</parameter>.</para><para>If <parameter>cancellation_id</parameter> is non-empty and already in use for the caller, the <link linkend="eggdbus-constant-Error.org.freedesktop.PolicyKit1.Error.CancellationIdNotUnique">org.freedesktop.PolicyKit1.Error.CancellationIdNotUnique</link> error is returned.</para><para>Note that <link linkend="eggdbus-constant-CheckAuthorizationFlags.AllowUserInteraction">CheckAuthorizationFlags.AllowUserInteraction</link> SHOULD be passed ONLY if the event that triggered the authorization check is stemming from an user action, e.g. the user pressing a button or attaching a device.</para>
+ <para>
+ Checks if <parameter>subject</parameter> is authorized to
+ perform the action with identifier
+ <parameter>action_id</parameter>
+ </para>
+ <para>
+ If <parameter>cancellation_id</parameter> is non-empty and
+ already in use for the caller, the <link
+ linkend="eggdbus-constant-Error.org.freedesktop.PolicyKit1.Error.CancellationIdNotUnique">org.freedesktop.PolicyKit1.Error.CancellationIdNotUnique</link>
+ error is returned.
+ </para>
+ <para>
+ Note that <link
+ linkend="eggdbus-constant-CheckAuthorizationFlags.AllowUserInteraction">CheckAuthorizationFlags.AllowUserInteraction</link>
+ SHOULD be passed ONLY if the event that triggered the
+ authorization check is stemming from an user action, e.g. the
+ user pressing a button or attaching a device.
+ </para>
+ <para>
+ </para>
</para>
<variablelist role="params">
<varlistentry>
@@ -594,15 +613,27 @@ Identifier for the action that <parameter>subject</parameter> is attempting to d
<term><literal>IN Dict<String,String> <parameter>details</parameter></literal>:</term>
<listitem>
<para>
-Details describing the action. Keys starting with <literal>polkit.</literal> are reserved for internal use and cannot be used.
+Details describing the action. Keys starting with <literal>polkit.</literal> are can only be set if defined in this document.
</para>
<para>
Known keys include <literal>polkit.message</literal> and
- <literal>polkit.message.gettext-domain</literal> that can be
- used to override the message shown to the user (the user might
- be running an authentication agent in another locale than the
- calling process so that's why both the message and gettext
- domain is needed.
+ <literal>polkit.gettext_domain</literal> that can be used to
+ override the message shown to the user. This latter is needed
+ because the user could be running an authentication agent in
+ another locale than the calling process.
+ </para>
+ <para>
+ The (translated version of) <literal>polkit.message</literal>
+ may include references to other keys that are expanded with
+ their respective values. For example if the key
+ <literal>device_file</literal> has the value
+ <literal>/dev/sda</literal> then the message
+ "<literal>Authenticate to format $(device_file)</literal>" is
+ expanded to "<literal>Authenticate to format
+ /dev/sda</literal>".
+ </para>
+ <para>
+ The key <literal>polkit.icon_name</literal> is used to override the icon shown in the authentication dialog.
</para>
<para>
If non-empty, then the request will fail with
diff --git a/docs/polkit/overview.xml b/docs/polkit/overview.xml
index 31f856f..20f019c 100644
--- a/docs/polkit/overview.xml
+++ b/docs/polkit/overview.xml
@@ -123,14 +123,5 @@
</para>
</formalpara>
- <formalpara>
- <title>POLKIT_BACKEND_ACTION_LOOKUP_EXTENSION_POINT_NAME</title>
- <para>
- Allows a mechanism to customize the contents of authentication
- dialogs. Implementations of this extension point must
- implement the #PolkitBackendActionLookup interface.
- </para>
- </formalpara>
-
</chapter>
</part>
diff --git a/docs/polkit/polkit-1-docs.xml b/docs/polkit/polkit-1-docs.xml
index 06510ca..22092d9 100644
--- a/docs/polkit/polkit-1-docs.xml
+++ b/docs/polkit/polkit-1-docs.xml
@@ -94,7 +94,6 @@
<xi:include href="xml/polkitbackendauthority.xml"/>
<xi:include href="xml/polkitbackendinteractiveauthority.xml"/>
<xi:include href="xml/polkitbackendlocalauthority.xml"/>
- <xi:include href="xml/polkitbackendactionlookup.xml"/>
</part>
<part id="ref-authentication-agent-api">
diff --git a/po/POTFILES.in b/po/POTFILES.in
index 6998ef3..02f8255 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -4,4 +4,4 @@
actions/org.freedesktop.policykit.policy.in
src/examples/org.freedesktop.policykit.examples.pkexec.policy.in
src/polkitbackend/polkitbackendlocalauthority.c
-src/programs/pkexec-action-lookup.c
+src/programs/pkexec.c
diff --git a/po/da.po b/po/da.po
index bd88712..c8c542b 100644
--- a/po/da.po
+++ b/po/da.po
@@ -8,86 +8,58 @@ msgid ""
msgstr ""
"Project-Id-Version: DeviceKit-disks\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2009-05-15 13:45-0400\n"
-"PO-Revision-Date: 2009-05-12 17:01-0400\n"
+"POT-Creation-Date: 2011-03-03 13:03-0500\n"
+"PO-Revision-Date: 2011-03-03 13:05-0500\n"
"Last-Translator: David Zeuthen <davidz at redhat.com>\n"
"Language-Team: Danish <dansk at dansk-gruppen.dk>\n"
+"Language: da\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
#: ../actions/org.freedesktop.policykit.policy.in.h:1
-msgid "Authentication is required to grant authorizations to other users"
-msgstr "Autorisering er påkrævet for at autorisere andre brugere"
+msgid "Authentication is required to configure lock down policy"
+msgstr "Autorisering er påkrævet for at konfigurer lock down"
#: ../actions/org.freedesktop.policykit.policy.in.h:2
-msgid ""
-"Authentication is required to modify the defaults for implicit authorizations"
-msgstr "Autorisering er påkrævet for ændre implicit autorisering"
-
-#: ../actions/org.freedesktop.policykit.policy.in.h:3
-msgid "Authentication is required to read authorizations of other users"
-msgstr "Autorisering er påkrævet for at læse andre brugers autoriseringer"
-
-#: ../actions/org.freedesktop.policykit.policy.in.h:4
-msgid "Authentication is required to revoke authorizations other users"
-msgstr ""
-"Autorisering er påkrævet for at fjerne en autosering fra en anden bruger"
-
-#: ../actions/org.freedesktop.policykit.policy.in.h:5
msgid "Authentication is required to run a program as another user"
msgstr "Autorisering er påkrævet for at afvikle et program som en anden bruger"
-#: ../actions/org.freedesktop.policykit.policy.in.h:6
-msgid "Grant authorizations to other users"
-msgstr "Autoriser en anden bruger"
-
-#: ../actions/org.freedesktop.policykit.policy.in.h:7
-msgid "Modify defaults for implicit authorizations"
-msgstr "Konfigurer implicit autorisering"
-
-#: ../actions/org.freedesktop.policykit.policy.in.h:8
-msgid "Read authorizations of other users"
-msgstr "Læs andre brugers autoriseringer"
-
-#: ../actions/org.freedesktop.policykit.policy.in.h:9
-msgid "Revoke authorizations from other users"
-msgstr "Fjern autorisering fra en anden bruger"
+#: ../actions/org.freedesktop.policykit.policy.in.h:3
+msgid "Configure lock down for an action"
+msgstr "Konfigurer lock down for en action"
-#: ../actions/org.freedesktop.policykit.policy.in.h:10
+#: ../actions/org.freedesktop.policykit.policy.in.h:4
msgid "Run programs as another user"
msgstr "Kør et program som en anden bruger"
#: ../src/examples/org.freedesktop.policykit.examples.pkexec.policy.in.h:1
msgid ""
-"Authentication is required to run the PolicyKit example program Frobnicate"
-msgstr "Autorisering er påkrævet for at afvikle PolicyKit eksemplet Frobnicate"
+"Authentication is required to run the PolicyKit example program Frobnicate "
+"(user=$(user), program=$(program), command_line=$(command_line))"
+msgstr ""
+"Autorisering er påkrævet for at afvikle PolicyKit eksemplet Frobnicate (user="
+"$(user), program=$(program), command_line=$(command_line))"
#: ../src/examples/org.freedesktop.policykit.examples.pkexec.policy.in.h:2
msgid "Run the PolicyKit example program Frobnicate"
msgstr "Kør PolicyKit eksemplet Frobnicate"
-#. Translator: %s is a fully qualified path to the executable
-#: ../src/programs/pkexec-action-lookup.c:110
-#, c-format
-msgid "Authentication is needed to run `%s' as the super user"
-msgstr "Autorisering er påkrævet for at afvikle `%s' som super bruger"
-
-#. Translator: %s is a fully qualified path to the executable
-#: ../src/programs/pkexec-action-lookup.c:115
-#, c-format
-msgid "Authentication is needed to run `%s' as another user"
-msgstr "Autorisering er påkrævet for at afvikle `%s' som en anden bruger"
-
-#: ../src/programs/pkexec-action-lookup.c:159
-msgid "Command"
-msgstr "Program"
-
-#: ../src/programs/pkexec-action-lookup.c:168
-msgid "Super User (root)"
-msgstr "Super Bruger (root)"
-
-#: ../src/programs/pkexec-action-lookup.c:170
-msgid "Run As"
-msgstr "Bruger"
+#. Translators: message shown when trying to run a program as root. Do not
+#. * translate the $(program) fragment - it will be expanded to the path
+#. * of the program e.g. /bin/bash.
+#.
+#: ../src/programs/pkexec.c:666
+msgid "Authentication is needed to run `$(program)' as the super user"
+msgstr "Autorisering er påkrævet for at afvikle `$(program)' som super bruger"
+
+#. Translators: message shown when trying to run a program as another user.
+#. * Do not translate the $(program) or $(user) fragments - the former will
+#. * be expanded to the path of the program e.g. "/bin/bash" and the latter
+#. * to the user e.g. "John Doe (johndoe)" or "johndoe".
+#.
+#: ../src/programs/pkexec.c:676
+msgid "Authentication is needed to run `$(program)' as user $(user)"
+msgstr ""
+"Autorisering er påkrævet for at afvikle `$(program)' som bruger $(user)"
diff --git a/src/examples/org.freedesktop.policykit.examples.pkexec.policy.in b/src/examples/org.freedesktop.policykit.examples.pkexec.policy.in
index ad08340..9c05b77 100644
--- a/src/examples/org.freedesktop.policykit.examples.pkexec.policy.in
+++ b/src/examples/org.freedesktop.policykit.examples.pkexec.policy.in
@@ -9,7 +9,7 @@
<action id="org.freedesktop.policykit.example.pkexec.run-frobnicate">
<_description>Run the PolicyKit example program Frobnicate</_description>
- <_message>Authentication is required to run the PolicyKit example program Frobnicate</_message>
+ <_message>Authentication is required to run the PolicyKit example program Frobnicate (user=$(user), program=$(program), command_line=$(command_line))</_message>
<icon_name>audio-x-generic</icon_name> <!-- just an example -->
<defaults>
<allow_any>no</allow_any>
diff --git a/src/polkit/polkitauthority.c b/src/polkit/polkitauthority.c
index 3dc257f..468421e 100644
--- a/src/polkit/polkitauthority.c
+++ b/src/polkit/polkitauthority.c
@@ -846,9 +846,7 @@ check_authorization_cb (GDBusProxy *proxy,
* @authority: A #PolkitAuthority.
* @subject: A #PolkitSubject.
* @action_id: The action to check for.
- * @details: (allow-none): Details about the action or %NULL. Keys
- * starting with <literal>polkit.</literal> are reserved for internal
- * use and cannot be used.
+ * @details: (allow-none): Details about the action or %NULL.
* @flags: A set of #PolkitCheckAuthorizationFlags.
* @cancellable: (allow-none): A #GCancellable or %NULL.
* @callback: A #GAsyncReadyCallback to call when the request is satisfied.
@@ -871,11 +869,9 @@ check_authorization_cb (GDBusProxy *proxy,
* the operation.
*
* Known keys in @details include <literal>polkit.message</literal>
- * and <literal>polkit.message.gettext-domain</literal> that can be
- * used to override the message shown to the user (the user might be
- * running an authentication agent in another locale than the calling
- * process so that's why both the message and gettext domain is
- * needed).
+ * and <literal>polkit.gettext_domain</literal> that can be used to
+ * override the message shown to the user. See the documentation for
+ * the <link linkend="eggdbus-method-org.freedesktop.PolicyKit1.Authority.CheckAuthorization">D-Bus method</link> for more details.
*
* If @details is non-empty then the request will fail with
* #POLKIT_ERROR_FAILED unless the process doing the check itsef is
@@ -972,9 +968,7 @@ polkit_authority_check_authorization_finish (PolkitAuthority *authority
* @authority: A #PolkitAuthority.
* @subject: A #PolkitSubject.
* @action_id: The action to check for.
- * @details: (allow-none): Details about the action or %NULL. Keys
- * starting with <literal>polkit.</literal> are reserved for internal
- * use and cannot be used.
+ * @details: (allow-none): Details about the action or %NULL.
* @flags: A set of #PolkitCheckAuthorizationFlags.
* @cancellable: (allow-none): A #GCancellable or %NULL.
* @error: (allow-none): Return location for error or %NULL.
@@ -996,8 +990,10 @@ polkit_authority_check_authorization_finish (PolkitAuthority *authority
* operation to complete because it involves waiting for the user to
* authenticate.
*
- * See polkit_authority_check_authorization_sync() for how @details is
- * handled.
+ * Known keys in @details include <literal>polkit.message</literal>
+ * and <literal>polkit.gettext_domain</literal> that can be used to
+ * override the message shown to the user. See the documentation for
+ * the <link linkend="eggdbus-method-org.freedesktop.PolicyKit1.Authority.CheckAuthorization">D-Bus method</link> for more details.
*
* Returns: (transfer full): A #PolkitAuthorizationResult or %NULL if @error is set. Free with g_object_unref().
*/
diff --git a/src/polkitbackend/polkitbackendactionlookup.c b/src/polkitbackend/polkitbackendactionlookup.c
index dcc972a..5a1a228 100644
--- a/src/polkitbackend/polkitbackendactionlookup.c
+++ b/src/polkitbackend/polkitbackendactionlookup.c
@@ -23,6 +23,9 @@
#include <errno.h>
#include <pwd.h>
#include <string.h>
+
+#define _POLKIT_BACKEND_ACTION_LOOKUP_NO_DEPRECATED_WARNING
+
#include <polkit/polkit.h>
#include <polkit/polkitprivate.h>
#include "polkitbackendactionlookup.h"
diff --git a/src/polkitbackend/polkitbackendactionlookup.h b/src/polkitbackend/polkitbackendactionlookup.h
index 1fbae16..254507b 100644
--- a/src/polkitbackend/polkitbackendactionlookup.h
+++ b/src/polkitbackend/polkitbackendactionlookup.h
@@ -88,6 +88,7 @@ struct _PolkitBackendActionLookupIface
PolkitActionDescription *action_description);
};
+#ifdef _POLKIT_BACKEND_ACTION_LOOKUP_NO_DEPRECATED_WARNING
GType polkit_backend_action_lookup_get_type (void) G_GNUC_CONST;
gchar *polkit_backend_action_lookup_get_message (PolkitBackendActionLookup *lookup,
const gchar *action_id,
@@ -101,6 +102,21 @@ PolkitDetails *polkit_backend_action_lookup_get_details (PolkitBackendActionLo
const gchar *action_id,
PolkitDetails *details,
PolkitActionDescription *action_description);
+#else
+GType polkit_backend_action_lookup_get_type (void) G_GNUC_CONST G_GNUC_DEPRECATED_FOR (use_PolkitDetails_instead);
+gchar *polkit_backend_action_lookup_get_message (PolkitBackendActionLookup *lookup,
+ const gchar *action_id,
+ PolkitDetails *details,
+ PolkitActionDescription *action_description) G_GNUC_DEPRECATED_FOR (use_PolkitDetails_instead);
+gchar *polkit_backend_action_lookup_get_icon_name (PolkitBackendActionLookup *lookup,
+ const gchar *action_id,
+ PolkitDetails *details,
+ PolkitActionDescription *action_description) G_GNUC_DEPRECATED_FOR (use_PolkitDetails_instead);
+PolkitDetails *polkit_backend_action_lookup_get_details (PolkitBackendActionLookup *lookup,
+ const gchar *action_id,
+ PolkitDetails *details,
+ PolkitActionDescription *action_description) G_GNUC_DEPRECATED_FOR (use_PolkitDetails_instead);
+#endif
G_END_DECLS
diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c
index 9dc8943..44b7493 100644
--- a/src/polkitbackend/polkitbackendauthority.c
+++ b/src/polkitbackend/polkitbackendauthority.c
@@ -30,7 +30,6 @@
#include <polkit/polkitprivate.h>
#include "polkitbackendauthority.h"
-#include "polkitbackendactionlookup.h"
#include "polkitbackendlocalauthority.h"
#include "polkitbackendprivate.h"
@@ -1291,7 +1290,6 @@ PolkitBackendAuthority *
polkit_backend_authority_get (void)
{
static GIOExtensionPoint *ep = NULL;
- static GIOExtensionPoint *ep_action_lookup = NULL;
static volatile GType local_authority_type = G_TYPE_INVALID;
GList *modules;
GList *authority_implementations;
@@ -1305,11 +1303,6 @@ polkit_backend_authority_get (void)
ep = g_io_extension_point_register (POLKIT_BACKEND_AUTHORITY_EXTENSION_POINT_NAME);
g_io_extension_point_set_required_type (ep, POLKIT_BACKEND_TYPE_AUTHORITY);
}
- if (ep_action_lookup == NULL)
- {
- ep_action_lookup = g_io_extension_point_register (POLKIT_BACKEND_ACTION_LOOKUP_EXTENSION_POINT_NAME);
- g_io_extension_point_set_required_type (ep_action_lookup, POLKIT_BACKEND_TYPE_ACTION_LOOKUP);
- }
/* make sure local types are registered */
if (local_authority_type == G_TYPE_INVALID)
diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c
index 462f334..4f7828a 100644
--- a/src/polkitbackend/polkitbackendinteractiveauthority.c
+++ b/src/polkitbackend/polkitbackendinteractiveauthority.c
@@ -32,7 +32,6 @@
#include "polkitbackendactionpool.h"
#include "polkitbackendsessionmonitor.h"
#include "polkitbackendconfigsource.h"
-#include "polkitbackendactionlookup.h"
#include <polkit/polkitprivate.h>
@@ -1693,35 +1692,81 @@ authentication_agent_begin_cb (GDBusProxy *proxy,
authentication_session_free (session);
}
-static GList *
-get_action_lookup_list (void)
+static void
+append_property (GString *dest,
+ PolkitDetails *details,
+ const gchar *key,
+ PolkitBackendInteractiveAuthority *authority,
+ const gchar *message,
+ const gchar *action_id)
{
- GList *extensions;
- GList *l;
- GIOExtensionPoint *action_lookup_ep;
- static GList *action_lookup_list = NULL;
- static gboolean have_looked_up_extensions = FALSE;
+ const gchar *value;
- if (have_looked_up_extensions)
- goto out;
+ value = polkit_details_lookup (details, key);
+ if (value != NULL)
+ {
+ g_string_append (dest, value);
+ }
+ else
+ {
+ polkit_backend_authority_log (POLKIT_BACKEND_AUTHORITY (authority),
+ "Error substituting value for property $(%s) when preparing message `%s' for action-id %s",
+ key,
+ message,
+ action_id);
+ g_string_append (dest, "$(");
+ g_string_append (dest, key);
+ g_string_append (dest, ")");
+ }
+}
+
+static gchar *
+expand_properties (const gchar *message,
+ PolkitDetails *details,
+ PolkitBackendInteractiveAuthority *authority,
+ const gchar *action_id)
+{
+ GString *ret;
+ GString *var;
+ guint n;
+ gboolean in_resolve;
- action_lookup_ep = g_io_extension_point_lookup (POLKIT_BACKEND_ACTION_LOOKUP_EXTENSION_POINT_NAME);
- g_assert (action_lookup_ep != NULL);
+ ret = g_string_new (NULL);
+ var = g_string_new (NULL);
- extensions = g_io_extension_point_get_extensions (action_lookup_ep);
- for (l = extensions; l != NULL; l = l->next)
+ in_resolve = FALSE;
+ for (n = 0; message[n] != '\0'; n++)
{
- GIOExtension *extension = l->data;
- PolkitBackendActionLookup *lookup;
-
- lookup = g_object_new (g_io_extension_get_type (extension), NULL);
- action_lookup_list = g_list_prepend (action_lookup_list, lookup);
+ gint c = message[n];
+ if (c == '$' && message[n+1] == '(')
+ {
+ in_resolve = TRUE;
+ n += 1;
+ }
+ else
+ {
+ if (in_resolve)
+ {
+ if (c == ')')
+ {
+ append_property (ret, details, var->str, authority, message, action_id);
+ g_string_set_size (var, 0);
+ in_resolve = FALSE;
+ }
+ else
+ {
+ g_string_append_c (var, c);
+ }
+ }
+ else
+ {
+ g_string_append_c (ret, c);
+ }
+ }
}
- action_lookup_list = g_list_reverse (action_lookup_list);
+ g_string_free (var, TRUE);
- out:
- have_looked_up_extensions = TRUE;
- return action_lookup_list;
+ return g_string_free (ret, FALSE);
}
static void
@@ -1738,12 +1783,12 @@ get_localized_data_for_challenge (PolkitBackendInteractiveAuthority *authority,
{
PolkitBackendInteractiveAuthorityPrivate *priv;
PolkitActionDescription *action_desc;
- GList *action_lookup_list;
- GList *l;
gchar *message;
gchar *icon_name;
PolkitDetails *localized_details;
const gchar *message_to_use;
+ const gchar *gettext_domain;
+ gchar *s;
priv = POLKIT_BACKEND_INTERACTIVE_AUTHORITY_GET_PRIVATE (authority);
@@ -1762,52 +1807,21 @@ get_localized_data_for_challenge (PolkitBackendInteractiveAuthority *authority,
if (action_desc == NULL)
goto out;
- /* Set LANG and locale so gettext() + friends work when running the code in the extensions */
+ /* Set LANG and locale so g_dgettext() + friends work below */
if (setlocale (LC_ALL, locale) == NULL)
{
g_printerr ("Invalid locale '%s'\n", locale);
}
g_setenv ("LANG", locale, TRUE);
+ gettext_domain = polkit_details_lookup (details, "polkit.gettext_domain");
message_to_use = polkit_details_lookup (details, "polkit.message");
if (message_to_use != NULL)
{
- const gchar *gettext_domain;
- gettext_domain = polkit_details_lookup (details, "polkit.message.gettext-domain");
message = g_strdup (g_dgettext (gettext_domain, message_to_use));
+ /* g_print ("locale=%s, domain=%s, msg=`%s' -> `%s'\n", locale, gettext_domain, message_to_use, message); */
}
-
- /* call into extension points to get localized auth dialog data - the list is sorted by priority */
- action_lookup_list = get_action_lookup_list ();
- for (l = action_lookup_list; l != NULL; l = l->next)
- {
- PolkitBackendActionLookup *lookup = POLKIT_BACKEND_ACTION_LOOKUP (l->data);
-
- if (message != NULL && icon_name != NULL && localized_details != NULL)
- break;
-
- if (message == NULL)
- message = polkit_backend_action_lookup_get_message (lookup,
- action_id,
- details,
- action_desc);
-
- if (icon_name == NULL)
- icon_name = polkit_backend_action_lookup_get_icon_name (lookup,
- action_id,
- details,
- action_desc);
-
- if (localized_details == NULL)
- localized_details = polkit_backend_action_lookup_get_details (lookup,
- action_id,
- details,
- action_desc);
- }
-
- /* Back to C! */
- setlocale (LC_ALL, "C");
- g_setenv ("LANG", "C", TRUE);
+ icon_name = g_strdup (polkit_details_lookup (details, "polkit.icon_name"));
/* fall back to action description */
if (message == NULL)
@@ -1819,6 +1833,15 @@ get_localized_data_for_challenge (PolkitBackendInteractiveAuthority *authority,
icon_name = g_strdup (polkit_action_description_get_icon_name (action_desc));
}
+ /* replace $(property) with values */
+ s = message;
+ message = expand_properties (message, details, authority, action_id);
+ g_free (s);
+
+ /* Back to C! */
+ setlocale (LC_ALL, "C");
+ g_setenv ("LANG", "C", TRUE);
+
out:
if (message == NULL)
message = g_strdup ("");
@@ -1956,6 +1979,8 @@ authentication_agent_initiate_challenge (AuthenticationAgent *agent,
agent->active_sessions = g_list_prepend (agent->active_sessions, session);
+ if (localized_details == NULL)
+ localized_details = polkit_details_new ();
add_pid (localized_details, caller, "polkit.caller-pid");
add_pid (localized_details, subject, "polkit.subject-pid");
diff --git a/src/polkitbackend/polkitbackendlocalauthority.c b/src/polkitbackend/polkitbackendlocalauthority.c
index 23407e9..dc6b36c 100644
--- a/src/polkitbackend/polkitbackendlocalauthority.c
+++ b/src/polkitbackend/polkitbackendlocalauthority.c
@@ -32,7 +32,6 @@
#include "polkitbackendconfigsource.h"
#include "polkitbackendlocalauthority.h"
#include "polkitbackendlocalauthorizationstore.h"
-#include "polkitbackendactionlookup.h"
#include <polkit/polkitprivate.h>
diff --git a/src/programs/Makefile.am b/src/programs/Makefile.am
index 943df31..c260dee 100644
--- a/src/programs/Makefile.am
+++ b/src/programs/Makefile.am
@@ -34,28 +34,6 @@ pkexec_LDADD = \
$(top_builddir)/src/polkitagent/libpolkit-agent-1.la \
$(NULL)
-polkitmodulesdir = $(libdir)/polkit-1/extensions
-polkitmodules_LTLIBRARIES = libpkexec-action-lookup.la
-
-libpkexec_action_lookup_la_SOURCES = \
- pkexec-action-lookup.c \
- $(NULL)
-
-libpkexec_action_lookup_la_CFLAGS = \
- -DPOLKIT_BACKEND_I_KNOW_API_IS_SUBJECT_TO_CHANGE \
- -DG_LOG_DOMAIN=\"pkexec-action-lookup\" \
- $(GLIB_CFLAGS) \
- $(NULL)
-
-libpkexec_action_lookup_la_LDFLAGS = \
- -export_dynamic -avoid-version -module -no-undefined \
- -export-symbols-regex '^g_io_module_(load|unload)' \
- $(NULL)
-
-libpkexec_action_lookup_la_LIBADD = \
- $(top_builddir)/src/polkitbackend/libpolkit-backend-1.la \
- $(NULL)
-
# ----------------------------------------------------------------------------------------------------
pkcheck_SOURCES = pkcheck.c
diff --git a/src/programs/pkexec-action-lookup.c b/src/programs/pkexec-action-lookup.c
deleted file mode 100644
index 75ef8a9..0000000
--- a/src/programs/pkexec-action-lookup.c
+++ /dev/null
@@ -1,202 +0,0 @@
-/*
- * Copyright (C) 2009 Red Hat, Inc.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General
- * Public License along with this library; if not, write to the
- * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
- * Boston, MA 02111-1307, USA.
- *
- * Author: David Zeuthen <davidz at redhat.com>
- */
-
-#include "config.h"
-
-#include <polkitbackend/polkitbackend.h>
-
-#include <glib/gi18n-lib.h>
-
-#define POLKIT_EXEC_TYPE_ACTION_LOOKUP (polkit_exec_action_lookup_get_type())
-#define POLKIT_EXEC_ACTION_LOOKUP(o) (G_TYPE_CHECK_INSTANCE_CAST ((o), POLKIT_EXEC_TYPE_ACTION_LOOKUP, PolkitExecActionLookup))
-#define POLKIT_EXEC_ACTION_LOOKUP_CLASS(k) (G_TYPE_CHECK_CLASS_CAST((k), POLKIT_EXEC_TYPE_ACTION_LOOKUP, PolkitExecActionLookupClass))
-#define POLKIT_EXEC_ACTION_LOOKUP_GET_CLASS(o) (G_TYPE_INSTANCE_GET_CLASS ((o), POLKIT_EXEC_TYPE_ACTION_LOOKUP, PolkitExecActionLookupClass))
-#define POLKIT_EXEC_IS_ACTION_LOOKUP(o) (G_TYPE_CHECK_INSTANCE_TYPE ((o), POLKIT_EXEC_TYPE_ACTION_LOOKUP))
-#define POLKIT_EXEC_IS_ACTION_LOOKUP_CLASS(k) (G_TYPE_CHECK_CLASS_TYPE ((k), POLKIT_EXEC_TYPE_ACTION_LOOKUP))
-
-typedef struct _PolkitExecActionLookup PolkitExecActionLookup;
-typedef struct _PolkitExecActionLookupClass PolkitExecActionLookupClass;
-
-struct _PolkitExecActionLookup
-{
- GObject parent;
-};
-
-struct _PolkitExecActionLookupClass
-{
- GObjectClass parent_class;
-};
-
-GType polkit_exec_action_lookup_get_type (void) G_GNUC_CONST;
-
-static void polkit_backend_action_lookup_iface_init (PolkitBackendActionLookupIface *iface);
-
-#define _G_IMPLEMENT_INTERFACE_DYNAMIC(TYPE_IFACE, iface_init) \
-{ \
- const GInterfaceInfo g_implement_interface_info = { \
- (GInterfaceInitFunc) iface_init, NULL, NULL \
- }; \
- g_type_module_add_interface (type_module, g_define_type_id, TYPE_IFACE, &g_implement_interface_info); \
-}
-
-G_DEFINE_DYNAMIC_TYPE_EXTENDED (PolkitExecActionLookup,
- polkit_exec_action_lookup,
- G_TYPE_OBJECT,
- 0,
- _G_IMPLEMENT_INTERFACE_DYNAMIC (POLKIT_BACKEND_TYPE_ACTION_LOOKUP,
- polkit_backend_action_lookup_iface_init))
-
-static void
-polkit_exec_action_lookup_init (PolkitExecActionLookup *lookup)
-{
-}
-
-static void
-polkit_exec_action_lookup_class_finalize (PolkitExecActionLookupClass *klass)
-{
-}
-
-static void
-polkit_exec_action_lookup_class_init (PolkitExecActionLookupClass *klass)
-{
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-static gchar *
-polkit_exec_action_lookup_get_message (PolkitBackendActionLookup *lookup,
- const gchar *action_id,
- PolkitDetails *details,
- PolkitActionDescription *action_description)
-{
- gchar *ret;
- const gchar *s;
- const gchar *s2;
-
- ret = NULL;
-
- if (g_strcmp0 (action_id, "org.freedesktop.policykit.exec") != 0)
- goto out;
-
- s = polkit_details_lookup (details, "program");
- if (s == NULL)
- goto out;
-
- s2 = polkit_details_lookup (details, "uid");
- if (s2 == NULL)
- goto out;
-
- if (g_strcmp0 (s2, "0") == 0)
- {
- /* Translator: %s is a fully qualified path to the executable */
- ret = g_strdup_printf (_("Authentication is needed to run `%s' as the super user"), s);
- }
- else
- {
- /* Translator: %s is a fully qualified path to the executable */
- ret = g_strdup_printf (_("Authentication is needed to run `%s' as another user"), s);
- }
-
- out:
- return ret;
-}
-
-static gchar *
-polkit_exec_action_lookup_get_icon_name (PolkitBackendActionLookup *lookup,
- const gchar *action_id,
- PolkitDetails *details,
- PolkitActionDescription *action_description)
-{
- gchar *ret;
-
- ret = NULL;
-
- /* explicitly left blank for now */
-
- return ret;
-}
-
-static PolkitDetails *
-polkit_exec_action_lookup_get_details (PolkitBackendActionLookup *lookup,
- const gchar *action_id,
- PolkitDetails *details,
- PolkitActionDescription *action_desc)
-{
- const gchar *s;
- const gchar *s2;
- PolkitDetails *ret;
-
- ret = NULL;
-
- if (!(g_strcmp0 (action_id, "org.freedesktop.policykit.exec") == 0 ||
- (action_desc != NULL &&
- polkit_action_description_get_annotation (action_desc, "org.freedesktop.policykit.exec.path") != NULL)))
- goto out;
-
- ret = polkit_details_new ();
-
- s = polkit_details_lookup (details, "command-line");
- if (s != NULL)
- {
- polkit_details_insert (ret, _("Command"), s);
- }
-
- s = polkit_details_lookup (details, "user");
- s2 = polkit_details_lookup (details, "uid");
- if (s != NULL)
- {
- if (g_strcmp0 (s2, "0") == 0)
- s = _("Super User (root)");
- polkit_details_insert (ret, _("Run As"), s);
- }
-
- out:
- return ret;
-}
-
-static void
-polkit_backend_action_lookup_iface_init (PolkitBackendActionLookupIface *iface)
-{
- iface->get_message = polkit_exec_action_lookup_get_message;
- iface->get_icon_name = polkit_exec_action_lookup_get_icon_name;
- iface->get_details = polkit_exec_action_lookup_get_details;
-}
-
-/* ---------------------------------------------------------------------------------------------------- */
-
-void
-g_io_module_load (GIOModule *module)
-{
- bindtextdomain (GETTEXT_PACKAGE, PACKAGE_LOCALE_DIR);
- bind_textdomain_codeset (GETTEXT_PACKAGE, "UTF-8");
-
- polkit_exec_action_lookup_register_type (G_TYPE_MODULE (module));
-
- g_io_extension_point_implement (POLKIT_BACKEND_ACTION_LOOKUP_EXTENSION_POINT_NAME,
- POLKIT_EXEC_TYPE_ACTION_LOOKUP,
- "pkexec action lookup extension " PACKAGE_VERSION,
- 0);
-}
-
-void
-g_io_module_unload (GIOModule *module)
-{
-}
diff --git a/src/programs/pkexec.c b/src/programs/pkexec.c
index 5952c47..9217954 100644
--- a/src/programs/pkexec.c
+++ b/src/programs/pkexec.c
@@ -35,6 +35,8 @@
#include <pwd.h>
#include <errno.h>
+#include <glib/gi18n.h>
+
#ifdef POLKIT_AUTHFW_PAM
#include <security/pam_appl.h>
#endif /* POLKIT_AUTHFW_PAM */
@@ -640,19 +642,41 @@ main (int argc, char *argv[])
goto out;
}
- details = polkit_details_new ();
+ action_id = find_action_for_path (authority, path);
+ g_assert (action_id != NULL);
- polkit_details_insert (details, "command-line", command_line);
- s = g_strdup_printf ("%s (%s)", pw->pw_gecos, pw->pw_name);
+ details = polkit_details_new ();
+ if (pw->pw_gecos != NULL && strlen (pw->pw_gecos) > 0)
+ s = g_strdup_printf ("%s (%s)", pw->pw_gecos, pw->pw_name);
+ else
+ s = g_strdup_printf ("%s", pw->pw_name);
polkit_details_insert (details, "user", s);
g_free (s);
- s = g_strdup_printf ("%d", (gint) pw->pw_uid);
- polkit_details_insert (details, "uid", s);
- g_free (s);
polkit_details_insert (details, "program", path);
-
- action_id = find_action_for_path (authority, path);
- g_assert (action_id != NULL);
+ polkit_details_insert (details, "command_line", command_line);
+ if (g_strcmp0 (action_id, "org.freedesktop.policykit.exec") == 0)
+ {
+ if (pw->pw_uid == 0)
+ {
+ polkit_details_insert (details, "polkit.message",
+ /* Translators: message shown when trying to run a program as root. Do not
+ * translate the $(program) fragment - it will be expanded to the path
+ * of the program e.g. /bin/bash.
+ */
+ N_("Authentication is needed to run `$(program)' as the super user"));
+ }
+ else
+ {
+ polkit_details_insert (details, "polkit.message",
+ /* Translators: message shown when trying to run a program as another user.
+ * Do not translate the $(program) or $(user) fragments - the former will
+ * be expanded to the path of the program e.g. "/bin/bash" and the latter
+ * to the user e.g. "John Doe (johndoe)" or "johndoe".
+ */
+ N_("Authentication is needed to run `$(program)' as user $(user)"));
+ }
+ }
+ polkit_details_insert (details, "polkit.gettext_domain", GETTEXT_PACKAGE);
try_again:
error = NULL;
More information about the hal-commit
mailing list