PolicyKit: Branch 'master'
Colin Walters
walters at kemper.freedesktop.org
Wed Jun 10 11:17:24 PDT 2015
src/polkitbackend/polkitbackendinteractiveauthority.c | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)
New commits:
commit 8277d89eb530db5254aed1a66cf52c11243675a8
Author: Colin Walters <walters at verbum.org>
Date: Sat Jun 6 17:17:11 2015 -0400
authority: Add a helper method for checking whether an identity is root
We had lots of copies of this.
diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c
index dab2756..3f339e9 100644
--- a/src/polkitbackend/polkitbackendinteractiveauthority.c
+++ b/src/polkitbackend/polkitbackendinteractiveauthority.c
@@ -224,6 +224,14 @@ G_DEFINE_TYPE (PolkitBackendInteractiveAuthority,
#define POLKIT_BACKEND_INTERACTIVE_AUTHORITY_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_BACKEND_TYPE_INTERACTIVE_AUTHORITY, PolkitBackendInteractiveAuthorityPrivate))
+static gboolean
+identity_is_root_user (PolkitIdentity *user)
+{
+ if (!POLKIT_IS_UNIX_USER (user))
+ return FALSE;
+ return polkit_unix_user_get_uid (POLKIT_UNIX_USER (user)) == 0;
+}
+
/* ---------------------------------------------------------------------------------------------------- */
static void
@@ -767,7 +775,7 @@ may_identity_check_authorization (PolkitBackendInteractiveAuthority *interacti
guint n;
/* uid 0 may check anything */
- if (POLKIT_IS_UNIX_USER (identity) && polkit_unix_user_get_uid (POLKIT_UNIX_USER (identity)) == 0)
+ if (identity_is_root_user (identity))
{
ret = TRUE;
goto out;
@@ -1095,7 +1103,7 @@ check_authorization_sync (PolkitBackendAuthority *authority,
goto out;
/* special case: uid 0, root, is _always_ authorized for anything */
- if (POLKIT_IS_UNIX_USER (user_of_subject) && polkit_unix_user_get_uid (POLKIT_UNIX_USER (user_of_subject)) == 0)
+ if (identity_is_root_user (user_of_subject))
{
result = polkit_authorization_result_new (TRUE, FALSE, NULL);
goto out;
@@ -2450,7 +2458,7 @@ polkit_backend_interactive_authority_register_authentication_agent (PolkitBacken
}
if (!polkit_identity_equal (user_of_caller, user_of_subject))
{
- if (POLKIT_IS_UNIX_USER (user_of_caller) && polkit_unix_user_get_uid (POLKIT_UNIX_USER (user_of_caller)) == 0)
+ if (identity_is_root_user (user_of_caller))
{
/* explicitly allow uid 0 to register for other users */
}
@@ -2606,7 +2614,7 @@ polkit_backend_interactive_authority_unregister_authentication_agent (PolkitBack
}
if (!polkit_identity_equal (user_of_caller, user_of_subject))
{
- if (POLKIT_IS_UNIX_USER (user_of_caller) && polkit_unix_user_get_uid (POLKIT_UNIX_USER (user_of_caller)) == 0)
+ if (identity_is_root_user (user_of_caller))
{
/* explicitly allow uid 0 to register for other users */
}
@@ -2719,7 +2727,7 @@ polkit_backend_interactive_authority_authentication_agent_response (PolkitBacken
goto out;
/* only uid 0 is allowed to invoke this method */
- if (!POLKIT_IS_UNIX_USER (user_of_caller) || polkit_unix_user_get_uid (POLKIT_UNIX_USER (user_of_caller)) != 0)
+ if (!identity_is_root_user (user_of_caller))
{
g_set_error (error,
POLKIT_ERROR,
More information about the hal-commit
mailing list