From 397995055c5f865fec3e9d14c646518b5014f6bf Mon Sep 17 00:00:00 2001
From: Benjamin Berg <bberg@redhat.com>
Date: Fri, 4 Dec 2020 14:10:03 +0100
Subject: [PATCH] device: Only interactively authorize if requested to do so

DBus sends a flags for whether interactive authorization is desired.
Adher to it instead of just assuming we can go ahead with doing an
interactive authoritzation.
---
 src/device.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/device.c b/src/device.c
index 4de4a10..2fda598 100644
--- a/src/device.c
+++ b/src/device.c
@@ -819,6 +819,8 @@ _fprint_device_check_polkit_for_action (FprintDevice          *rdev,
                                         GError               **error)
 {
   FprintDevicePrivate *priv = fprint_device_get_instance_private (rdev);
+  PolkitCheckAuthorizationFlags flags = POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE;
+  GDBusMessage *message;
   const char *sender;
 
   g_autoptr(GError) local_error = NULL;
@@ -829,11 +831,15 @@ _fprint_device_check_polkit_for_action (FprintDevice          *rdev,
   sender = g_dbus_method_invocation_get_sender (invocation);
   subject = polkit_system_bus_name_new (sender);
 
+  message = g_dbus_method_invocation_get_message (invocation);
+  if (g_dbus_message_get_flags (message) & G_DBUS_MESSAGE_FLAGS_ALLOW_INTERACTIVE_AUTHORIZATION)
+    flags |= POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION;
+
   result = polkit_authority_check_authorization_sync (priv->auth,
                                                       subject,
                                                       action,
                                                       NULL,
-                                                      POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION,
+                                                      flags,
                                                       NULL, &local_error);
   if (result == NULL)
     {