From 00dbf6e90ab238dc5d8fea52ec82e2b1b5ef5602 Mon Sep 17 00:00:00 2001 From: Lubomir Rintel Date: Fri, 11 Nov 2016 17:39:03 +0100 Subject: [PATCH] auth-utils: don't fail the auth chain if we can't get a single permissions It could be that the client is just newer and it's just too harsh to fail the whole request. Leave the unknown permission in unknown and possibly proceed filling in the rest. --- src/nm-auth-utils.c | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/src/nm-auth-utils.c b/src/nm-auth-utils.c index a6bc506cfb..930f6d0ff9 100644 --- a/src/nm-auth-utils.c +++ b/src/nm-auth-utils.c @@ -320,6 +320,7 @@ pk_call_cb (GObject *object, GAsyncResult *result, gpointer user_data) AuthCall *call = user_data; GError *error = NULL; gboolean is_authorized, is_challenge; + guint call_result = NM_AUTH_CALL_RESULT_UNKNOWN; nm_auth_manager_polkit_authority_check_authorization_finish (NM_AUTH_MANAGER (object), result, @@ -336,17 +337,11 @@ pk_call_cb (GObject *object, GAsyncResult *result, gpointer user_data) } if (error) { + /* Don't ruin the chain. Just leave the result unknown. */ nm_log_warn (LOGD_CORE, "error requesting auth for %s: %s", call->permission, error->message); - - if (!call->chain->error) { - call->chain->error = error; - error = NULL; - } else - g_clear_error (&error); + g_clear_error (&error); } else { - guint call_result = NM_AUTH_CALL_RESULT_UNKNOWN; - if (is_authorized) { /* Caller has the permission */ call_result = NM_AUTH_CALL_RESULT_YES; @@ -355,10 +350,10 @@ pk_call_cb (GObject *object, GAsyncResult *result, gpointer user_data) call_result = NM_AUTH_CALL_RESULT_AUTH; } else call_result = NM_AUTH_CALL_RESULT_NO; - - nm_auth_chain_set_data (call->chain, call->permission, GUINT_TO_POINTER (call_result), NULL); } + nm_auth_chain_set_data (call->chain, call->permission, GUINT_TO_POINTER (call_result), NULL); + auth_call_complete (call); } #endif