fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-01-02 03:00:37 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

settings: add function for validating connection's active user permissions

Browse source 
Returns TRUE if any user the connection is visible too is active and
has the given permission.
This commit is contained in:
Dan Williams 2011-07-01 14:58:22 -05:00
parent 5cf1addbdf
commit f9aa019ba8
2 changed files with 55 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

52
src/settings/nm-settings-connection.c
View file

@ -242,6 +242,58 @@ session_changed_cb (NMSessionMonitor *self, gpointer user_data)
/**************************************************************/
/* Return TRUE if any active user in the connection's ACL has the given
* permission without having to authorize for it via PolicyKit. Connections
* visible to everyone automatically pass the check.
*/
gboolean
nm_settings_connection_check_permission (NMSettingsConnection *self,
const char *permission)
{
NMSettingsConnectionPrivate *priv;
NMSettingConnection *s_con;
guint32 num, i;
const char *puser;
g_return_val_if_fail (self != NULL, FALSE);
g_return_val_if_fail (NM_IS_SETTINGS_CONNECTION (self), FALSE);
priv = NM_SETTINGS_CONNECTION_GET_PRIVATE (self);
if (priv->visible == FALSE)
return FALSE;
s_con = nm_connection_get_setting_connection (NM_CONNECTION (self));
g_assert (s_con);
/* Check every user in the ACL for a session */
num = nm_setting_connection_get_num_permissions (s_con);
if (num == 0) {
/* Visible to all so it's OK to auto-activate */
return TRUE;
}
for (i = 0; i < num; i++) {
/* For each user get their secret agent and check if that agent has the
* required permission.
*
* FIXME: what if the user isn't running an agent? PolKit needs a bus
* name or a PID but if the user isn't running an agent they won't have
* either.
*/
if (nm_setting_connection_get_permission (s_con, i, NULL, &puser, NULL)) {
NMSecretAgent *agent = nm_agent_manager_get_agent_by_user (priv->agent_mgr, puser);
if (agent && nm_secret_agent_has_permission (agent, permission))
return TRUE;
}
}
return FALSE;
}
/**************************************************************/
static void
only_system_secrets_cb (NMSetting *setting,
const char *key,

3
src/settings/nm-settings-connection.h
View file

@ -117,6 +117,9 @@ gboolean nm_settings_connection_is_visible (NMSettingsConnection *self);
void nm_settings_connection_recheck_visibility (NMSettingsConnection *self);
gboolean nm_settings_connection_check_permission (NMSettingsConnection *self,
const char *permission);
void nm_settings_connection_signal_remove (NMSettingsConnection *self);
guint64 nm_settings_connection_get_timestamp (NMSettingsConnection *connection);