PolicyKit: Branch 'wip/js-rule-files'

[David Zeuthen]

 src/polkitbackend/polkitbackendinteractiveauthority.c |   48 +++++++++---------
 1 file changed, 24 insertions(+), 24 deletions(-)

New commits:
commit 956d4e81d0dbb5182a7070f6367c391d69924270
Author: David Zeuthen <davidz at redhat.com>
Date:   Wed May 23 17:44:43 2012 -0400

    Pass expanded identity list to the AuthenticationSession
    
    ... otherwise it things like admin-identities being set to
    ["unix-group:session"] won't work.
    
    Signed-off-by: David Zeuthen <davidz at redhat.com>

diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c
index 171e686..86e7134 100644
--- a/src/polkitbackend/polkitbackendinteractiveauthority.c
+++ b/src/polkitbackend/polkitbackendinteractiveauthority.c
@@ -2211,13 +2211,36 @@ authentication_agent_initiate_challenge (AuthenticationAgent         *agent,
       identities = g_list_prepend (identities, g_object_ref (user_of_subject));
     }
 
+  /* expand groups/netgroups to users */
+  user_identities = NULL;
+  for (l = identities; l != NULL; l = l->next)
+    {
+      PolkitIdentity *identity = POLKIT_IDENTITY (l->data);
+      if (POLKIT_IS_UNIX_USER (identity))
+        {
+          user_identities = g_list_append (user_identities, g_object_ref (identity));
+        }
+      else if (POLKIT_IS_UNIX_GROUP (identity))
+        {
+          user_identities = g_list_concat (user_identities, get_users_in_group (identity, FALSE));
+        }
+      else if (POLKIT_IS_UNIX_NETGROUP (identity))
+        {
+          user_identities =  g_list_concat (user_identities, get_users_in_net_group (identity, FALSE));
+        }
+      else
+        {
+          g_warning ("Unsupported identity");
+        }
+    }
+
   session = authentication_session_new (agent,
                                         cookie,
                                         subject,
                                         user_of_subject,
                                         caller,
                                         authority,
-                                        identities,
+                                        user_identities,
                                         action_id,
                                         details,
                                         polkit_system_bus_name_get_name (POLKIT_SYSTEM_BUS_NAME (caller)),
@@ -2236,29 +2259,6 @@ authentication_agent_initiate_challenge (AuthenticationAgent         *agent,
   details_gvariant = polkit_details_to_gvariant (localized_details);
   g_variant_ref_sink (details_gvariant);
 
-  /* expand groups/netgroups to users */
-  user_identities = NULL;
-  for (l = identities; l != NULL; l = l->next)
-    {
-      PolkitIdentity *identity = POLKIT_IDENTITY (l->data);
-      if (POLKIT_IS_UNIX_USER (identity))
-        {
-          user_identities = g_list_append (user_identities, g_object_ref (identity));
-        }
-      else if (POLKIT_IS_UNIX_GROUP (identity))
-        {
-          user_identities = g_list_concat (user_identities, get_users_in_group (identity, FALSE));
-        }
-      else if (POLKIT_IS_UNIX_NETGROUP (identity))
-        {
-          user_identities =  g_list_concat (user_identities, get_users_in_net_group (identity, FALSE));
-        }
-      else
-        {
-          g_warning ("Unsupported identity");
-        }
-    }
-
   g_variant_builder_init (&identities_builder, G_VARIANT_TYPE ("a(sa{sv})"));
   for (l = user_identities; l != NULL; l = l->next)
     {