From: kremlin <ian@kremlin.cc>
Date: Sat, 16 Aug 2014 05:08:08 +0000 (-0500)
Subject: complete polkit-auth functionality
X-Git-Tag: gsoc-final~12
X-Git-Url: https://uglyman.kremlin.cc/gitweb/gitweb.cgi?p=systembsd.git;a=commitdiff_plain;h=2f9f652486e216a480f11969099171858eedb64f;hp=483e90b704090617eba8bf030d23eca616063b21

complete polkit-auth functionality

polkit-auth exposes one function taking an alleged unique bus name
and alleged action name (id) and returns an enum describing if and
how action is authorized.
---

diff --git a/src/polkit-auth.c b/src/polkit-auth.c
index 2e4178f..31320a9 100644
--- a/src/polkit-auth.c
+++ b/src/polkit-auth.c
@@ -24,6 +24,68 @@
 
 #include "polkit-auth.h"
 
-void test_func() {
-    g_printf("test!\n");
+static gboolean is_valid_action(GList *action_list, const gchar *action) {
+
+    PolkitActionDescription *action_descr;
+    action_descr = (PolkitActionDescription *)g_list_first(action_list);
+
+    while((action_descr = (PolkitActionDescription *)g_list_next(action_list)))
+        if(!g_strcmp0(action, polkit_action_description_get_action_id(action_descr)))
+            return TRUE;
+
+    return FALSE;
+}
+
+check_auth_result polkit_try_auth(const gchar *bus, const gchar *action) {
+
+    GList           *valid_actions;
+    PolkitAuthority *auth;
+    PolkitSubject   *subj;
+    PolkitAuthorizationResult *result;
+    gboolean authorized, challenge;
+
+    auth  = NULL;
+    subj  = NULL;
+    result = NULL;
+    valid_actions = NULL;
+    authorized = challenge = FALSE;
+
+    auth = polkit_authority_get_sync(NULL, NULL); /* TODO timeout for this */
+    subj = polkit_system_bus_name_new(bus);
+    valid_actions = polkit_authority_enumerate_actions_sync(auth, NULL, NULL);
+
+   if(!auth || !valid_actions)
+        return ERROR_GENERIC; /* extremely unlikely */
+    else if(!subj)
+        return ERROR_BADBUS;
+    else if(!is_valid_action(valid_actions, action))
+        return ERROR_BADACTION;
+
+   if(!(result = polkit_authority_check_authorization_sync(auth, subj, action, NULL, POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION, NULL, NULL)))
+        return ERROR_GENERIC; /* TODO pass, check gerror and return more relevant error */
+
+    authorized = polkit_authorization_result_get_is_authorized(result);
+    challenge = polkit_authorization_result_get_is_challenge(result);
+
+    /* free()'s before return */
+    if(valid_actions)
+        g_object_unref(valid_actions);
+    if(auth)
+        g_object_unref(auth);
+    if(subj)
+        g_object_unref(subj);
+    if(result)
+        g_object_unref(result);
+
+    if(authorized) {
+
+        if(challenge)
+            return AUTHORIZED_BY_PROMPT;
+        
+        return AUTHORIZED_NATIVELY;
+
+    } else if(challenge)
+        return UNAUTHORIZED_FAILED_PROMPT;
+
+    return UNAUTHORIZED_NATIVELY;
 }
diff --git a/src/polkit-auth.h b/src/polkit-auth.h
index 17a919b..b672e67 100644
--- a/src/polkit-auth.h
+++ b/src/polkit-auth.h
@@ -14,5 +14,10 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
+typedef enum {
+    AUTHORIZED_NATIVELY,   AUTHORIZED_BY_PROMPT,
+    UNAUTHORIZED_NATIVELY, UNAUTHORIZED_FAILED_PROMPT,
+    ERROR_BADBUS, ERROR_BADACTION, ERROR_GENERIC
+} check_auth_result;
 
-void test_func();
+check_auth_result polkit_try_auth(const gchar *bus, const gchar *action);