diff options
author | Matthias Clasen <mclasen@redhat.com> | 2018-06-27 14:34:26 -0400 |
---|---|---|
committer | Atomic Bot <atomic-devel@projectatomic.io> | 2018-06-29 11:52:40 +0000 |
commit | 5d9bbeaed2486fdd261d34d32caf947d1dc93ebf (patch) | |
tree | d05ede74a88483c34742559928ee3b199c217059 | |
parent | 2a095814b510bb26414612737c66bbabb9481165 (diff) | |
download | flatpak-5d9bbeaed2486fdd261d34d32caf947d1dc93ebf.tar.gz |
Add a permission-list command
This command dumps the content of the permission store
database(s).
Closes: #1837
Approved by: alexlarsson
-rw-r--r-- | app/Makefile.am.inc | 1 | ||||
-rw-r--r-- | app/flatpak-builtins-permission-list.c | 285 | ||||
-rw-r--r-- | app/flatpak-builtins.h | 1 | ||||
-rw-r--r-- | app/flatpak-main.c | 4 | ||||
-rw-r--r-- | doc/Makefile.am | 1 | ||||
-rw-r--r-- | doc/flatpak-docs.xml.in | 1 | ||||
-rw-r--r-- | doc/flatpak-permission-list.xml | 111 |
7 files changed, 404 insertions, 0 deletions
diff --git a/app/Makefile.am.inc b/app/Makefile.am.inc index 1a522f60..46eb1c50 100644 --- a/app/Makefile.am.inc +++ b/app/Makefile.am.inc @@ -51,6 +51,7 @@ flatpak_SOURCES = \ app/flatpak-builtins-document-unexport.c \ app/flatpak-builtins-document-info.c \ app/flatpak-builtins-document-list.c \ + app/flatpak-builtins-permission-list.c \ app/flatpak-builtins-search.c \ app/flatpak-builtins-repair.c \ app/flatpak-table-printer.c \ diff --git a/app/flatpak-builtins-permission-list.c b/app/flatpak-builtins-permission-list.c new file mode 100644 index 00000000..f0f89435 --- /dev/null +++ b/app/flatpak-builtins-permission-list.c @@ -0,0 +1,285 @@ +/* + * Copyright © 2018 Red Hat, Inc + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see <http://www.gnu.org/licenses/>. + * + * Authors: + * Matthias Clasen <mclasen@redhat.com> + */ + +#include "config.h" + +#include <locale.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> +#include <errno.h> + +#include <glib/gi18n.h> + +#include "libglnx/libglnx.h" +#include "flatpak-permission-dbus-generated.h" + +#include "flatpak-builtins.h" +#include "flatpak-table-printer.h" +#include "flatpak-utils-private.h" +#include "flatpak-run-private.h" + +static GOptionEntry options[] = { + { NULL } +}; + +static char ** +get_permission_tables (XdpDbusPermissionStore *store) +{ + g_autofree char *path = NULL; + GDir *dir; + const char *name; + GPtrArray *tables = NULL; + + tables = g_ptr_array_new (); + + path = g_build_filename (g_get_user_data_dir (), "flatpak/db", NULL); + dir = g_dir_open (path, 0, NULL); + if (dir != NULL) + { + while ((name = g_dir_read_name (dir)) != NULL) + { + g_ptr_array_add (tables, g_strdup (name)); + } + } + + g_dir_close (dir); + + g_ptr_array_add (tables, NULL); + + return (char **)g_ptr_array_free (tables, FALSE); +} + +static char ** +get_ids_for_table (XdpDbusPermissionStore *store, + const char *table) +{ + char **ids = NULL; + + xdp_dbus_permission_store_call_list_sync (store, table, &ids, NULL, NULL); + + return ids; +} + +static gboolean +list_table (XdpDbusPermissionStore *store, + const char *table, + const char *id, + FlatpakTablePrinter *printer, + GError **error) +{ + const char *one_id[2]; + char **ids; + int i; + + if (id) + { + one_id[0] = id; + one_id[1] = NULL; + ids = (char **)one_id; + } + else + { + if (!xdp_dbus_permission_store_call_list_sync (store, table, &ids, NULL, error)) + return FALSE; + } + + for (i = 0; ids[i]; i++) + { + g_autoptr(GVariant) permissions = NULL; + g_autoptr(GVariant) data = NULL; + g_autoptr(GVariant) d = NULL; + g_autofree char *txt = NULL; + GVariantIter iter; + char *key; + GVariantIter *val; + + if (!xdp_dbus_permission_store_call_lookup_sync (store, table, ids[i], &permissions, &data, NULL, error)) + return FALSE; + + d = g_variant_get_child_value (data, 0); + txt = g_variant_print (d, FALSE); + + if (g_variant_iter_init (&iter, permissions) == 0 && id != 0) + { + flatpak_table_printer_add_column (printer, table); + flatpak_table_printer_add_column (printer, ids[i]); + flatpak_table_printer_add_column (printer, ""); + flatpak_table_printer_add_column (printer, ""); + flatpak_table_printer_add_column (printer, txt); + flatpak_table_printer_finish_row (printer); + } + + while (g_variant_iter_loop (&iter, "{sas}", &key, &val)) + { + char *p; + + flatpak_table_printer_add_column (printer, table); + flatpak_table_printer_add_column (printer, ids[i]); + flatpak_table_printer_add_column (printer, key); + flatpak_table_printer_add_column (printer, ""); + + while (g_variant_iter_loop (val, "s", &p)) + { + flatpak_table_printer_append_with_comma (printer, p); + } + + flatpak_table_printer_add_column (printer, txt); + flatpak_table_printer_finish_row (printer); + } + } + + return TRUE; +} + +gboolean +flatpak_builtin_permission_list (int argc, char **argv, + GCancellable *cancellable, + GError **error) +{ + g_autoptr(GOptionContext) context = NULL; + g_autoptr(GDBusConnection) session_bus = NULL; + XdpDbusPermissionStore *store = NULL; + const char *table; + const char *id; + FlatpakTablePrinter *printer = NULL; + + context = g_option_context_new (_("[TABLE] [ID] - List permissions")); + g_option_context_set_translation_domain (context, GETTEXT_PACKAGE); + + if (!flatpak_option_context_parse (context, options, &argc, &argv, + FLATPAK_BUILTIN_FLAG_NO_DIR, + NULL, cancellable, error)) + return FALSE; + + if (argc < 2) + table = NULL; + else + table = argv[1]; + + if (argc < 3) + id = NULL; + else + id = argv[2]; + + if (argc > 3) + return usage_error (context, _("Too many arguments"), error); + + session_bus = g_bus_get_sync (G_BUS_TYPE_SESSION, NULL, error); + if (session_bus == NULL) + return FALSE; + + store = xdp_dbus_permission_store_proxy_new_sync (session_bus, 0, + "org.freedesktop.impl.portal.PermissionStore", + "/org/freedesktop/impl/portal/PermissionStore", + NULL, error); + if (store == NULL) + return FALSE; + + printer = flatpak_table_printer_new (); + int i; + + i = 0; + flatpak_table_printer_set_column_title (printer, i++, _("Table")); + flatpak_table_printer_set_column_title (printer, i++, _("Object")); + flatpak_table_printer_set_column_title (printer, i++, _("App")); + flatpak_table_printer_set_column_title (printer, i++, _("Permissions")); + flatpak_table_printer_set_column_title (printer, i++, _("Data")); + + if (table) + { + if (!list_table (store, table, id, printer, error)) + return FALSE; + } + else + { + int i; + g_auto(GStrv) tables = get_permission_tables (store); + + for (i = 0; tables[i]; i++) + { + if (!list_table (store, tables[i], NULL, printer, error)) + return FALSE; + } + } + + flatpak_table_printer_print (printer); + flatpak_table_printer_free (printer); + + return TRUE; +} + +gboolean +flatpak_complete_permission_list (FlatpakCompletion *completion) +{ + g_autoptr(GOptionContext) context = NULL; + g_autoptr(GDBusConnection) session_bus = NULL; + XdpDbusPermissionStore *store = NULL; + int i; + + context = g_option_context_new (""); + + if (!flatpak_option_context_parse (context, options, &completion->argc, &completion->argv, + FLATPAK_BUILTIN_FLAG_NO_DIR, NULL, NULL, NULL)) + return FALSE; + + session_bus = g_bus_get_sync (G_BUS_TYPE_SESSION, NULL, NULL); + if (session_bus == NULL) + return FALSE; + + store = xdp_dbus_permission_store_proxy_new_sync (session_bus, 0, + "org.freedesktop.impl.portal.PermissionStore", + "/org/freedesktop/impl/portal/PermissionStore", + NULL, NULL); + + if (store == NULL) + return FALSE; + + switch (completion->argc) + { + case 0: + case 1: /* TABLE */ + flatpak_complete_options (completion, global_entries); + flatpak_complete_options (completion, options); + + { + g_auto(GStrv) tables = get_permission_tables (store); + for (i = 0; tables != NULL && tables[i] != NULL; i++) + { + flatpak_complete_word (completion, "%s ", tables[i]); + } + } + + break; + + case 2: + { + g_auto(GStrv) ids = get_ids_for_table (store, completion->argv[1]); + for (i = 0; ids != NULL && ids[i] != NULL; i++) + { + flatpak_complete_word (completion, "%s ", ids[i]); + } + } + + break; + } + + return TRUE; +} diff --git a/app/flatpak-builtins.h b/app/flatpak-builtins.h index a2a5f232..7e32f4cb 100644 --- a/app/flatpak-builtins.h +++ b/app/flatpak-builtins.h @@ -87,6 +87,7 @@ BUILTINPROTO (document_export) BUILTINPROTO (document_unexport) BUILTINPROTO (document_info) BUILTINPROTO (document_list) +BUILTINPROTO (permission_list) BUILTINPROTO (override) BUILTINPROTO (repo) BUILTINPROTO (config) diff --git a/app/flatpak-main.c b/app/flatpak-main.c index 735ce917..a02d8be1 100644 --- a/app/flatpak-main.c +++ b/app/flatpak-main.c @@ -89,6 +89,10 @@ static FlatpakCommand commands[] = { { "document-list", N_("List exported files"), flatpak_builtin_document_list, flatpak_complete_document_list }, /* translators: please keep the leading newline and space */ + { N_("\n Manage dynamic permissions") }, + { "permission-list", N_("List permissions"), flatpak_builtin_permission_list, flatpak_complete_permission_list }, + + /* translators: please keep the leading newline and space */ { N_("\n Manage remote repositories") }, { "remotes", N_("List all configured remotes"), flatpak_builtin_list_remotes, flatpak_complete_list_remotes }, { "remote-add", N_("Add a new remote repository (by URL)"), flatpak_builtin_add_remote, flatpak_complete_add_remote }, diff --git a/doc/Makefile.am b/doc/Makefile.am index 9e6d1f45..f831a62a 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -39,6 +39,7 @@ man1 = \ flatpak-document-unexport.1 \ flatpak-document-info.1 \ flatpak-document-list.1 \ + flatpak-permission-list.1 \ flatpak-build-init.1 \ flatpak-build.1 \ flatpak-build-bundle.1 \ diff --git a/doc/flatpak-docs.xml.in b/doc/flatpak-docs.xml.in index d3a20c24..1405550e 100644 --- a/doc/flatpak-docs.xml.in +++ b/doc/flatpak-docs.xml.in @@ -33,6 +33,7 @@ <xi:include href="@srcdir@/flatpak-document-info.xml"/> <xi:include href="@srcdir@/flatpak-document-list.xml"/> <xi:include href="@srcdir@/flatpak-document-unexport.xml"/> + <xi:include href="@srcdir@/flatpak-permission-list.xml"/> <xi:include href="@srcdir@/flatpak-enter.xml"/> <xi:include href="@srcdir@/flatpak-info.xml"/> <xi:include href="@srcdir@/flatpak-install.xml"/> diff --git a/doc/flatpak-permission-list.xml b/doc/flatpak-permission-list.xml new file mode 100644 index 00000000..46823d7c --- /dev/null +++ b/doc/flatpak-permission-list.xml @@ -0,0 +1,111 @@ +<?xml version='1.0'?> <!--*-nxml-*--> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> + +<refentry id="flatpak-permission-list"> + + <refentryinfo> + <title>flatpak permission-list</title> + <productname>flatpak</productname> + + <authorgroup> + <author> + <contrib>Developer</contrib> + <firstname>Matthias</firstname> + <surname>Clasen</surname> + <email>mclasen@redhat.com</email> + </author> + </authorgroup> + </refentryinfo> + + <refmeta> + <refentrytitle>flatpak permission-list</refentrytitle> + <manvolnum>1</manvolnum> + </refmeta> + + <refnamediv> + <refname>flatpak-permission-list</refname> + <refpurpose>List permissions</refpurpose> + </refnamediv> + + <refsynopsisdiv> + <cmdsynopsis> + <command>flatpak permission-list</command> + <arg choice="opt" rep="repeat">OPTION</arg> + <arg choice="opt">TABLE</arg> + <arg choice="opt">ID</arg> + </cmdsynopsis> + </refsynopsisdiv> + + <refsect1> + <title>Description</title> + + <para> + Lists dynamic permissions which are stored in the Flatpak + permission store. + </para> + + <para> + When called without arguments, lists all + the entries in all permission store tables. When called + with one argument, lists all the entries in the named + table. When called with two arguments, lists the entry + in the named table for the given object ID. + </para> + + <para> + The permission store is used by portals. + Each portal generally has its own table in the permission + store, and the format of the table entries is specific to + each portal. + </para> + + </refsect1> + + <refsect1> + <title>Options</title> + + <para>The following options are understood:</para> + + <variablelist> + <varlistentry> + <term><option>-h</option></term> + <term><option>--help</option></term> + + <listitem><para> + Show help options and exit. + </para></listitem> + </varlistentry> + + <varlistentry> + <term><option>-v</option></term> + <term><option>--verbose</option></term> + + <listitem><para> + Print debug information during command processing. + </para></listitem> + </varlistentry> + + <varlistentry> + <term><option>--ostree-verbose</option></term> + + <listitem><para> + Print OSTree debug information during command processing. + </para></listitem> + </varlistentry> + </variablelist> + </refsect1> + + <refsect1> + <title>See also</title> + + <para> + <citerefentry><refentrytitle>flatpak</refentrytitle><manvolnum>1</manvolnum></citerefentry>, + <citerefentry><refentrytitle>flatpak-permission-show</refentrytitle><manvolnum>1</manvolnum></citerefentry>, + <citerefentry><refentrytitle>flatpak-permission-remove</refentrytitle><manvolnum>1</manvolnum></citerefentry>, + <citerefentry><refentrytitle>flatpak-permission-reset</refentrytitle><manvolnum>1</manvolnum></citerefentry>, + </para> + + </refsect1> + +</refentry> |