diff options
author | David Zeuthen <davidz@redhat.com> | 2012-05-23 14:12:38 -0400 |
---|---|---|
committer | David Zeuthen <davidz@redhat.com> | 2012-05-23 14:12:38 -0400 |
commit | 1724ece5c7b5a9f70969fd88e1a2dede8936e768 (patch) | |
tree | 1d26d68a89db0891e5422b798edebe0dc2a634d3 /docs | |
parent | 224f7b892478302dccbe7e567b013d3c73d376fd (diff) | |
download | polkit-1724ece5c7b5a9f70969fd88e1a2dede8936e768.tar.gz |
Add real-world example featuring udisks2 and the drive.* variables it passes
Signed-off-by: David Zeuthen <davidz@redhat.com>
Diffstat (limited to 'docs')
-rw-r--r-- | docs/man/polkit.xml | 26 |
1 files changed, 25 insertions, 1 deletions
diff --git a/docs/man/polkit.xml b/docs/man/polkit.xml index 0632c95..e822d79 100644 --- a/docs/man/polkit.xml +++ b/docs/man/polkit.xml @@ -809,7 +809,7 @@ polkit.addRule(function(action, subject, details) { The following example showcases two things </para> <itemizedlist mark='opencircle' spacing='compact'> - <listitem><para>how the authorization decision can depend on data passed by the mechanism</para></listitem> + <listitem><para>how the authorization decision can depend on variables passed by the mechanism</para></listitem> <listitem><para>how to override the message shown in the authentication dialog</para></listitem> </itemizedlist> <programlisting><![CDATA[ @@ -822,6 +822,30 @@ polkit.addRule(function(action, subject, details) { }); ]]></programlisting> + <para> + The following example shows another use of variables passed from the + mechanism. In this case, the mechanism is + <ulink url="http://udisks.freedesktop.org/docs/latest/udisks.8.html">UDisks</ulink> + which defines a set of + <ulink url="http://udisks.freedesktop.org/docs/latest/udisks-polkit-actions.html">actions</ulink> + and also documents the set of possible + <ulink url="http://udisks.freedesktop.org/docs/latest/udisks2-Utilities.html#udisks-polkit-details">variables</ulink> + passed along with each request. + </para> + <programlisting><![CDATA[ +// Allow users in group 'engineers' to perform any operation on +// some drives without having to authenticate +// +polkit.addRule(function(action, subject, details) { + if (action.indexOf("org.freedesktop.udisks2.") == 0 && + details["drive.vendor"] == "SEAGATE" && + details["drive.model"] == "ST3300657SS" && + subject.isInGroup("engineers")) { + return "yes"; + } + } +}); +]]></programlisting> </refsect2> </refsect1> |