diff options
author | Alexander Larsson <alexl@redhat.com> | 2016-05-09 14:07:22 +0200 |
---|---|---|
committer | Alexander Larsson <alexl@redhat.com> | 2016-05-09 14:07:22 +0200 |
commit | 28b549156ac26b183c07822a657e41d284075a0b (patch) | |
tree | 1957d3621daa6770acee6706661aa0cc1e550b25 /permission-store | |
parent | 605b3f4e09f87e3bccb432e1e225d856e47bffaa (diff) | |
download | xdg-app-28b549156ac26b183c07822a657e41d284075a0b.tar.gz |
Split out permission store from session helper
This is now available as org.freedesktop.impl.portal.PermissionStore
Diffstat (limited to 'permission-store')
-rw-r--r-- | permission-store/Makefile.am.inc | 30 | ||||
-rw-r--r-- | permission-store/org.freedesktop.impl.portal.PermissionStore.service.in | 4 | ||||
-rw-r--r-- | permission-store/permission-store.c | 84 | ||||
-rw-r--r-- | permission-store/xdg-permission-store.c | 466 | ||||
-rw-r--r-- | permission-store/xdg-permission-store.h | 28 | ||||
-rw-r--r-- | permission-store/xdg-permission-store.service.in | 7 |
6 files changed, 619 insertions, 0 deletions
diff --git a/permission-store/Makefile.am.inc b/permission-store/Makefile.am.inc new file mode 100644 index 0000000..72d2e73 --- /dev/null +++ b/permission-store/Makefile.am.inc @@ -0,0 +1,30 @@ +libexec_PROGRAMS += \ + xdg-permission-store \ + $(NULL) + +service_in_files += permission-store/xdg-permission-store.service.in +systemduserunit_DATA += permission-store/xdg-permission-store.service + +service_in_files += permission-store/org.freedesktop.impl.portal.PermissionStore.service.in +dbus_service_DATA += permission-store/org.freedesktop.impl.portal.PermissionStore.service + +ps_dbus_built_sources = permission-store/permission-store-dbus.c permission-store/permission-store-dbus.h +BUILT_SOURCES += $(ps_dbus_built_sources) + +$(ps_dbus_built_sources) : data/org.freedesktop.impl.portal.PermissionStore.xml + $(AM_V_GEN) $(GDBUS_CODEGEN) \ + --interface-prefix org.freedesktop.impl.portal. \ + --c-namespace Xdg \ + --generate-c-code $(builddir)/permission-store/permission-store-dbus \ + $(srcdir)/data/org.freedesktop.impl.portal.PermissionStore.xml \ + $(NULL) + +xdg_permission_store_SOURCES = \ + $(ps_dbus_built_sources) \ + permission-store/permission-store.c \ + permission-store/xdg-permission-store.c \ + permission-store/xdg-permission-store.h \ + $(NULL) + +xdg_permission_store_LDADD = $(BASE_LIBS) libflatpak-common.la +xdg_permission_store_CFLAGS = $(BASE_CFLAGS) $(SOUP_CFLAGS) $(OSTREE_CFLAGS) $(GSYSTEM_CFLAGS) diff --git a/permission-store/org.freedesktop.impl.portal.PermissionStore.service.in b/permission-store/org.freedesktop.impl.portal.PermissionStore.service.in new file mode 100644 index 0000000..cb444f1 --- /dev/null +++ b/permission-store/org.freedesktop.impl.portal.PermissionStore.service.in @@ -0,0 +1,4 @@ +[D-BUS Service] +Name=org.freedesktop.impl.portal.PermissionStore +Exec=@libexecdir@/xdg-permission-store +SystemdService=xdg-permission-store.service diff --git a/permission-store/permission-store.c b/permission-store/permission-store.c new file mode 100644 index 0000000..f9c5d16 --- /dev/null +++ b/permission-store/permission-store.c @@ -0,0 +1,84 @@ +/* + * Copyright © 2014 Red Hat, Inc + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see <http://www.gnu.org/licenses/>. + * + * Authors: + * Alexander Larsson <alexl@redhat.com> + */ + +#include "config.h" + +#include <locale.h> +#include <stdlib.h> +#include <string.h> +#include <gio/gio.h> +#include "permission-store-dbus.h" +#include "xdg-permission-store.h" +#include "flatpak-utils.h" + +static void +on_bus_acquired (GDBusConnection *connection, + const gchar *name, + gpointer user_data) +{ + xdg_permission_store_start (connection); +} + +static void +on_name_acquired (GDBusConnection *connection, + const gchar *name, + gpointer user_data) +{ +} + +static void +on_name_lost (GDBusConnection *connection, + const gchar *name, + gpointer user_data) +{ + exit (1); +} + +int +main (int argc, + char **argv) +{ + guint owner_id; + GMainLoop *loop; + + setlocale (LC_ALL, ""); + + g_setenv ("GIO_USE_VFS", "local", TRUE); + + g_set_prgname (argv[0]); + + flatpak_migrate_from_xdg_app (); + + owner_id = g_bus_own_name (G_BUS_TYPE_SESSION, + "org.freedesktop.impl.portal.PermissionStore", + G_BUS_NAME_OWNER_FLAGS_NONE, + on_bus_acquired, + on_name_acquired, + on_name_lost, + NULL, + NULL); + + loop = g_main_loop_new (NULL, FALSE); + g_main_loop_run (loop); + + g_bus_unown_name (owner_id); + + return 0; +} diff --git a/permission-store/xdg-permission-store.c b/permission-store/xdg-permission-store.c new file mode 100644 index 0000000..2bff745 --- /dev/null +++ b/permission-store/xdg-permission-store.c @@ -0,0 +1,466 @@ +/* + * Copyright © 2015 Red Hat, Inc + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see <http://www.gnu.org/licenses/>. + * + * Authors: + * Alexander Larsson <alexl@redhat.com> + */ + +#include "config.h" + +#include <locale.h> +#include <stdlib.h> +#include <string.h> +#include <gio/gio.h> +#include "permission-store-dbus.h" +#include "xdg-permission-store.h" +#include "flatpak-db.h" +#include "flatpak-portal-error.h" + +GHashTable *tables = NULL; + +typedef struct +{ + char *name; + FlatpakDb *db; + GList *outstanding_writes; + GList *current_writes; + gboolean writing; +} Table; + +static void start_writeout (Table *table); + +static void +table_free (Table *table) +{ + g_free (table->name); + g_object_unref (table->db); + g_free (table); +} + +static Table * +lookup_table (const char *name, + GDBusMethodInvocation *invocation) +{ + Table *table; + FlatpakDb *db; + g_autofree char *dir = NULL; + g_autofree char *path = NULL; + + g_autoptr(GError) error = NULL; + + table = g_hash_table_lookup (tables, name); + if (table != NULL) + return table; + + dir = g_build_filename (g_get_user_data_dir (), "flatpak/db", NULL); + g_mkdir_with_parents (dir, 0755); + + path = g_build_filename (dir, name, NULL); + db = flatpak_db_new (path, FALSE, &error); + if (db == NULL) + { + g_dbus_method_invocation_return_error (invocation, + FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_FAILED, + "Unable to load db file: %s", error->message); + return NULL; + } + + table = g_new0 (Table, 1); + table->name = g_strdup (name); + table->db = db; + + g_hash_table_insert (tables, table->name, table); + + return table; +} + +static void +writeout_done (GObject *source_object, + GAsyncResult *res, + gpointer user_data) +{ + Table *table = user_data; + GList *l; + + g_autoptr(GError) error = NULL; + gboolean ok; + + ok = flatpak_db_save_content_finish (table->db, res, &error); + + for (l = table->current_writes; l != NULL; l = l->next) + { + GDBusMethodInvocation *invocation = l->data; + + if (ok) + g_dbus_method_invocation_return_value (invocation, + g_variant_new ("()")); + else + g_dbus_method_invocation_return_error (invocation, + FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_FAILED, + "Unable to write db: %s", error->message); + } + + g_list_free (table->current_writes); + table->current_writes = NULL; + table->writing = FALSE; + + if (table->outstanding_writes != NULL) + start_writeout (table); +} + +static void +start_writeout (Table *table) +{ + g_assert (table->current_writes == NULL); + table->current_writes = table->outstanding_writes; + table->outstanding_writes = NULL; + table->writing = TRUE; + + flatpak_db_update (table->db); + + flatpak_db_save_content_async (table->db, NULL, writeout_done, table); +} + +static void +ensure_writeout (Table *table, + GDBusMethodInvocation *invocation) +{ + table->outstanding_writes = g_list_prepend (table->outstanding_writes, invocation); + + if (!table->writing) + start_writeout (table); +} + +static gboolean +handle_list (XdgPermissionStore *object, + GDBusMethodInvocation *invocation, + const gchar *table_name) +{ + Table *table; + + g_auto(GStrv) ids = NULL; + + table = lookup_table (table_name, invocation); + if (table == NULL) + return TRUE; + + ids = flatpak_db_list_ids (table->db); + + xdg_permission_store_complete_list (object, invocation, (const char * const *) ids); + + return TRUE; +} + +static GVariant * +get_app_permissions (FlatpakDbEntry *entry) +{ + g_autofree const char **apps = NULL; + GVariantBuilder builder; + int i; + + apps = flatpak_db_entry_list_apps (entry); + g_variant_builder_init (&builder, G_VARIANT_TYPE ("a{sas}")); + + for (i = 0; apps[i] != NULL; i++) + { + g_autofree const char **permissions = flatpak_db_entry_list_permissions (entry, apps[i]); + g_variant_builder_add_value (&builder, + g_variant_new ("{s@as}", + apps[i], + g_variant_new_strv (permissions, -1))); + } + + return g_variant_ref_sink (g_variant_builder_end (&builder)); +} + +static gboolean +handle_lookup (XdgPermissionStore *object, + GDBusMethodInvocation *invocation, + const gchar *table_name, + const gchar *id) +{ + Table *table; + + g_autoptr(GVariant) data = NULL; + g_autoptr(GVariant) permissions = NULL; + g_autoptr(FlatpakDbEntry) entry = NULL; + + table = lookup_table (table_name, invocation); + if (table == NULL) + return TRUE; + + entry = flatpak_db_lookup (table->db, id); + if (entry == NULL) + { + g_dbus_method_invocation_return_error (invocation, + FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_NOT_FOUND, + "No entry for %s", id); + return TRUE; + } + + data = flatpak_db_entry_get_data (entry); + permissions = get_app_permissions (entry); + + xdg_permission_store_complete_lookup (object, invocation, + permissions, + g_variant_new_variant (data)); + + return TRUE; +} + +static void +emit_deleted (XdgPermissionStore *object, + const gchar *table_name, + const gchar *id, + FlatpakDbEntry *entry) +{ + g_autoptr(GVariant) data = NULL; + g_autoptr(GVariant) permissions = NULL; + + data = flatpak_db_entry_get_data (entry); + permissions = g_variant_ref_sink (g_variant_new_array (G_VARIANT_TYPE ("{sas}"), NULL, 0)); + + xdg_permission_store_emit_changed (object, + table_name, id, + TRUE, + g_variant_new_variant (data), + permissions); +} + + +static void +emit_changed (XdgPermissionStore *object, + const gchar *table_name, + const gchar *id, + FlatpakDbEntry *entry) +{ + g_autoptr(GVariant) data = NULL; + g_autoptr(GVariant) permissions = NULL; + + data = flatpak_db_entry_get_data (entry); + permissions = get_app_permissions (entry); + + xdg_permission_store_emit_changed (object, + table_name, id, + FALSE, + g_variant_new_variant (data), + permissions); +} + +static gboolean +handle_delete (XdgPermissionStore *object, + GDBusMethodInvocation *invocation, + const gchar *table_name, + const gchar *id) +{ + Table *table; + + g_autoptr(FlatpakDbEntry) entry = NULL; + + table = lookup_table (table_name, invocation); + if (table == NULL) + return TRUE; + + entry = flatpak_db_lookup (table->db, id); + if (entry == NULL) + { + g_dbus_method_invocation_return_error (invocation, + FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_NOT_FOUND, + "No entry for %s", id); + return TRUE; + } + + flatpak_db_set_entry (table->db, id, NULL); + emit_deleted (object, table_name, id, entry); + + ensure_writeout (table, invocation); + + return TRUE; +} + +static gboolean +handle_set (XdgPermissionStore *object, + GDBusMethodInvocation *invocation, + const gchar *table_name, + gboolean create, + const gchar *id, + GVariant *app_permissions, + GVariant *data) +{ + Table *table; + GVariantIter iter; + GVariant *child; + + g_autoptr(GVariant) data_child = NULL; + g_autoptr(FlatpakDbEntry) old_entry = NULL; + g_autoptr(FlatpakDbEntry) new_entry = NULL; + + table = lookup_table (table_name, invocation); + if (table == NULL) + return TRUE; + + old_entry = flatpak_db_lookup (table->db, id); + if (old_entry == NULL && !create) + { + g_dbus_method_invocation_return_error (invocation, + FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_NOT_FOUND, + "Id %s not found", id); + return TRUE; + } + + data_child = g_variant_get_child_value (data, 0); + new_entry = flatpak_db_entry_new (data_child); + + /* Add all the given app permissions */ + + g_variant_iter_init (&iter, app_permissions); + while ((child = g_variant_iter_next_value (&iter))) + { + g_autoptr(FlatpakDbEntry) old_entry; + const char *child_app_id; + g_autofree const char **permissions; + + g_variant_get (child, "{&s^a&s}", &child_app_id, &permissions); + + old_entry = new_entry; + new_entry = flatpak_db_entry_set_app_permissions (new_entry, child_app_id, (const char **) permissions); + + g_variant_unref (child); + } + + flatpak_db_set_entry (table->db, id, new_entry); + emit_changed (object, table_name, id, new_entry); + + ensure_writeout (table, invocation); + + return TRUE; +} + +static gboolean +handle_set_permission (XdgPermissionStore *object, + GDBusMethodInvocation *invocation, + const gchar *table_name, + gboolean create, + const gchar *id, + const gchar *app, + const gchar *const *permissions) +{ + Table *table; + + g_autoptr(FlatpakDbEntry) entry = NULL; + g_autoptr(FlatpakDbEntry) new_entry = NULL; + + table = lookup_table (table_name, invocation); + if (table == NULL) + return TRUE; + + entry = flatpak_db_lookup (table->db, id); + if (entry == NULL) + { + if (create) + { + entry = flatpak_db_entry_new (NULL); + } + else + { + g_dbus_method_invocation_return_error (invocation, + FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_NOT_FOUND, + "Id %s not found", id); + return TRUE; + } + } + + new_entry = flatpak_db_entry_set_app_permissions (entry, app, (const char **) permissions); + flatpak_db_set_entry (table->db, id, new_entry); + emit_changed (object, table_name, id, new_entry); + + ensure_writeout (table, invocation); + + return TRUE; +} + +static gboolean +handle_set_value (XdgPermissionStore *object, + GDBusMethodInvocation *invocation, + const gchar *table_name, + gboolean create, + const gchar *id, + GVariant *data) +{ + Table *table; + + g_autoptr(FlatpakDbEntry) entry = NULL; + g_autoptr(FlatpakDbEntry) new_entry = NULL; + + table = lookup_table (table_name, invocation); + if (table == NULL) + return TRUE; + + entry = flatpak_db_lookup (table->db, id); + if (entry == NULL) + { + if (create) + { + new_entry = flatpak_db_entry_new (data); + } + else + { + g_dbus_method_invocation_return_error (invocation, + FLATPAK_PORTAL_ERROR, FLATPAK_PORTAL_ERROR_NOT_FOUND, + "Id %s not found", id); + return TRUE; + } + } + else + { + new_entry = flatpak_db_entry_modify_data (entry, data); + } + + flatpak_db_set_entry (table->db, id, new_entry); + emit_changed (object, table_name, id, new_entry); + + ensure_writeout (table, invocation); + + return TRUE; +} + +void +xdg_permission_store_start (GDBusConnection *connection) +{ + XdgPermissionStore *store; + GError *error = NULL; + + tables = g_hash_table_new_full (g_str_hash, g_str_equal, + g_free, (GDestroyNotify) table_free); + + store = xdg_permission_store_skeleton_new (); + + g_signal_connect (store, "handle-list", G_CALLBACK (handle_list), NULL); + g_signal_connect (store, "handle-lookup", G_CALLBACK (handle_lookup), NULL); + g_signal_connect (store, "handle-set", G_CALLBACK (handle_set), NULL); + g_signal_connect (store, "handle-set-permission", G_CALLBACK (handle_set_permission), NULL); + g_signal_connect (store, "handle-set-value", G_CALLBACK (handle_set_value), NULL); + g_signal_connect (store, "handle-delete", G_CALLBACK (handle_delete), NULL); + + if (!g_dbus_interface_skeleton_export (G_DBUS_INTERFACE_SKELETON (store), + connection, + "/org/freedesktop/impl/portal/PermissionStore", + &error)) + { + g_warning ("error: %s\n", error->message); + g_error_free (error); + } +} diff --git a/permission-store/xdg-permission-store.h b/permission-store/xdg-permission-store.h new file mode 100644 index 0000000..9c941af --- /dev/null +++ b/permission-store/xdg-permission-store.h @@ -0,0 +1,28 @@ +/* + * Copyright © 2015 Red Hat, Inc + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see <http://www.gnu.org/licenses/>. + * + * Authors: + * Alexander Larsson <alexl@redhat.com> + */ + +#ifndef __FLATPAK_PERMISSION_STORE_H__ +#define __FLATPAK_PERMISSION_STORE_H__ + +#include "flatpak-dbus.h" + +void xdg_permission_store_start (GDBusConnection *connection); + +#endif /* __FLATPAK_PERMISSION_STORE_H__ */ diff --git a/permission-store/xdg-permission-store.service.in b/permission-store/xdg-permission-store.service.in new file mode 100644 index 0000000..6685430 --- /dev/null +++ b/permission-store/xdg-permission-store.service.in @@ -0,0 +1,7 @@ +[Unit] +Description=sandboxed app permission store + +[Service] +BusName=org.freedesktop.impl.portal.PermissionStore +ExecStart=@libexecdir@/xdg-permission-store +Type=dbus |