diff --git a/CMakeLists.txt b/CMakeLists.txt --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -43,6 +43,7 @@ find_package(ECM ${KF5_MIN_VERSION} REQUIRED NO_MODULE) set(CMAKE_MODULE_PATH ${ECM_MODULE_PATH} ${CMAKE_MODULE_PATH} "${CMAKE_CURRENT_SOURCE_DIR}/cmake/modules/") +find_package(PolkitQt5-1 REQUIRED) include(KDEInstallDirs) include(KDECMakeSettings) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -43,6 +43,7 @@ Qt5::Core PRIVATE ${BLKID_LIBRARIES} + ${POLKITQT-1_LIBRARIES} Qt5::DBus Qt5::Gui qca-qt5 diff --git a/src/util/CMakeLists.txt b/src/util/CMakeLists.txt --- a/src/util/CMakeLists.txt +++ b/src/util/CMakeLists.txt @@ -20,6 +20,7 @@ ${HelperInterface_SRCS} util/capacity.cpp util/externalcommand.cpp + util/externalcommand_polkitbackend.cpp util/globallog.cpp util/helpers.cpp util/htmlreport.cpp @@ -30,6 +31,7 @@ util/libpartitionmanagerexport.h util/capacity.h util/externalcommand.h + util/externalcommand_polkitbackend.h util/globallog.h util/helpers.h util/htmlreport.h @@ -43,6 +45,7 @@ target_link_libraries(kpmcore_externalcommand qca-qt5 + ${POLKITQT-1_LIBRARIES} Qt5::Core Qt5::DBus KF5::AuthCore diff --git a/src/util/externalcommand.h b/src/util/externalcommand.h --- a/src/util/externalcommand.h +++ b/src/util/externalcommand.h @@ -25,28 +25,28 @@ #include #include #include -#include #include #include #include -namespace KAuth { class ExecuteJob; } +namespace Auth { class PolkitQt1Backend; } -class KJob; -class Report; class CopySource; class CopyTarget; +class Report; + +class KJob; class QDBusInterface; struct ExternalCommandPrivate; class DBusThread : public QThread { Q_OBJECT - // We register on DBus so the helper can monitor us and terminate if we - // terminate. + // We register on DBus so the helper can monitor us and terminate if we terminate. Q_CLASSINFO("D-Bus Interface", "org.kde.kpmcore.applicationinterface") + void run() override; }; @@ -102,12 +102,9 @@ /**< @return pointer to the Report or nullptr */ Report* report(); - void emitReport(const QVariantMap& report) { emit reportSignal(report); } - /**< Dummy function for QTimer when needed. */ void quit(); - - // KAuth + /**< start ExternalCommand Helper */ bool startHelper(); @@ -127,18 +124,20 @@ public Q_SLOTS: void emitProgress(KJob*, unsigned long percent) { emit progress(percent); } + void emitReport(const QVariantMap& report) { emit reportSignal(report); } private: void setExitCode(int i); - void onReadOutput(); +// void onReadOutput(); private: std::unique_ptr d; - // KAuth - static KAuth::ExecuteJob *m_job; + // Use Polkit Authorization backend for authorizing actions + static Auth::PolkitQt1Backend *m_authJob; static bool helperStarted; static QWidget *parent; + }; #endif diff --git a/src/util/externalcommand.cpp b/src/util/externalcommand.cpp --- a/src/util/externalcommand.cpp +++ b/src/util/externalcommand.cpp @@ -25,27 +25,25 @@ #include "core/copytargetdevice.h" #include "util/globallog.h" #include "util/externalcommand.h" +#include "util/externalcommand_polkitbackend.h" +#include "util/externalcommandhelper.h" #include "util/report.h" - #include "externalcommandhelper_interface.h" -#include -#include -#include -#include +#include #include -#include #include #include #include -#include #include +#include #include -#include #include #include +#include + struct ExternalCommandPrivate { Report *m_Report; @@ -58,10 +56,9 @@ QProcess::ProcessChannelMode processChannelMode; }; -KAuth::ExecuteJob* ExternalCommand::m_job; bool ExternalCommand::helperStarted = false; QWidget* ExternalCommand::parent; - +Auth::PolkitQt1Backend* ExternalCommand::m_authJob; /** Creates a new ExternalCommand instance without Report. @param cmd the command to run @@ -138,7 +135,7 @@ if (cmd.isEmpty()) cmd = QStandardPaths::findExecutable(command(), { QStringLiteral("/sbin/"), QStringLiteral("/usr/sbin/"), QStringLiteral("/usr/local/sbin/") }); - auto *interface = new org::kde::kpmcore::externalcommand(QStringLiteral("org.kde.kpmcore.externalcommand"), + auto interface = new org::kde::kpmcore::externalcommand(QStringLiteral("org.kde.kpmcore.externalcommand"), QStringLiteral("/Helper"), QDBusConnection::systemBus(), this); interface->setTimeout(10 * 24 * 3600 * 1000); // 10 days @@ -182,11 +179,11 @@ return false; } - // TODO KF6:Use new signal-slot syntax - connect(m_job, SIGNAL(percent(KJob*, unsigned long)), this, SLOT(emitProgress(KJob*, unsigned long))); - connect(m_job, &KAuth::ExecuteJob::newData, this, &ExternalCommand::emitReport); - - auto *interface = new org::kde::kpmcore::externalcommand(QStringLiteral("org.kde.kpmcore.externalcommand"), + /*Use signals from externalcommandhelper*/ + //connect(m_authJob, &ExternalCommandHelper::reportProgress, this, &ExternalCommand::emitReport); + //connect(m_authJob, &ExternalCommandHelper::progress, this, &ExternalCommand::emitProgress); + + auto interface = new org::kde::kpmcore::externalcommand(QStringLiteral("org.kde.kpmcore.externalcommand"), QStringLiteral("/Helper"), QDBusConnection::systemBus(), this); interface->setTimeout(10 * 24 * 3600 * 1000); // 10 days @@ -274,8 +271,8 @@ return start(timeout) /* && exitStatus() == 0*/; } -void ExternalCommand::onReadOutput() -{ +//void ExternalCommand::onReadOutput() +//{ // const QByteArray s = readAllStandardOutput(); // // if(m_Output.length() > 10*1024*1024) { // prevent memory overflow for badly corrupted file systems @@ -288,7 +285,7 @@ // // if (report()) // *report() << QString::fromLocal8Bit(s); -} +//} void ExternalCommand::setCommand(const QString& cmd) { @@ -340,7 +337,7 @@ d->m_ExitCode = i; } -/**< Dummy function for QTimer when needed. */ +// Dummy function for QTimer void ExternalCommand::quit() { @@ -354,40 +351,52 @@ } QDBusInterface iface(QStringLiteral("org.kde.kpmcore.helperinterface"), QStringLiteral("/Helper"), QStringLiteral("org.kde.kpmcore.externalcommand"), QDBusConnection::systemBus()); + if (iface.isValid()) { exit(0); } d->m_thread = new DBusThread; d->m_thread->start(); - KAuth::Action action = KAuth::Action(QStringLiteral("org.kde.kpmcore.externalcommand.init")); - action.setHelperId(QStringLiteral("org.kde.kpmcore.externalcommand")); - action.setTimeout(10 * 24 * 3600 * 1000); // 10 days - action.setParentWidget(parent); - QVariantMap arguments; - action.setArguments(arguments); - m_job = action.execute(); - m_job->start(); + ////////////////////////////////////// + // Authorize using Polkit backend /// + //////////////////////////////////// + + // initialize KDE Polkit daemon + m_authJob->initPolkitAgent(QStringLiteral("org.kde.kpmcore.externalcommand.init"), parent); + + bool isActionAuthorized = m_authJob->authorizeAction(QStringLiteral("org.kde.kpmcore.externalcommand.init"), m_authJob->callerID()); + + auto authResult = m_authJob->actionStatus(QStringLiteral("org.kde.kpmcore.externalcommand.init"), m_authJob->callerID()); - // Wait until ExternalCommand Helper is ready (helper sends newData signal just before it enters event loop) + + // Wait until ExternalCommand Helper is ready (helper sends progress(int) and reportProgress(QVariantMap &) signal just before it enters event loop) QEventLoop loop; auto exitLoop = [&] () { loop.exit(); }; - auto conn = QObject::connect(m_job, &KAuth::ExecuteJob::newData, exitLoop); - QObject::connect(m_job, &KJob::finished, [=] () { if(m_job->error()) exitLoop(); } ); + //auto conn1 = QObject::connect(m_authJob, &ExternalCommandHelper::progress, exitLoop); + //auto conn2 = QObject::connect(m_authJob, &ExternalCommandHelper::reportProgress, exitLoop); + + //QObject::connect(m_job, &KJob::finished, [=] () { if(m_job->error()) exitLoop(); } ); + loop.exec(); - QObject::disconnect(conn); - + + //QObject::disconnect(conn1); + //QObject::disconnect(conn2); + + if (!isActionAuthorized || authResult == PolkitQt1::Authority::No) { + qDebug() << "Unable to obtain Administrative privileges, the action can not be executed!!"; + } + helperStarted = true; return true; } void ExternalCommand::stopHelper() { - auto *interface = new org::kde::kpmcore::externalcommand(QStringLiteral("org.kde.kpmcore.externalcommand"), - QStringLiteral("/Helper"), QDBusConnection::systemBus()); + auto interface = new org::kde::kpmcore::externalcommand(QStringLiteral("org.kde.kpmcore.externalcommand"), + QStringLiteral("/Helper"), QDBusConnection::systemBus()); interface->exit(); - } void DBusThread::run() @@ -401,3 +410,5 @@ QEventLoop loop; loop.exec(); } + +#include "moc_externalcommand.cpp" diff --git a/src/util/externalcommand_polkitbackend.h b/src/util/externalcommand_polkitbackend.h new file mode 100644 --- /dev/null +++ b/src/util/externalcommand_polkitbackend.h @@ -0,0 +1,152 @@ +/************************************************************************* + * Copyright (C) 2019 by Shubham * + * * + * This program is free software; you can redistribute it and/or * + * modify it under the terms of the GNU General Public License as * + * published by the Free Software Foundation; either version 3 of * + * the License, or (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see .* + *************************************************************************/ + +#ifndef KPMCORE_EXTERNALCOMMAND_POLKITBACKEND_H +#define KPMCORE_EXTERNALCOMMAND_POLKITBACKEND_H + +#include +#include +#include +#include +#include + +#include + +using namespace PolkitQt1; + +namespace Auth +{ + +/** A Polkit Qt backend class for authorizing actions. + + This class is used to authorize various actions if they + ask for privileged execution. It starts by verifying the + action under consideration if it is the one it is + saying and authorizes it based on the credentials + provided. + + @author Shubham +**/ +class PolkitQt1Backend : public QObject +{ + Q_OBJECT + Q_DISABLE_COPY(PolkitQt1Backend) + +public: + /** + * \brief Constructor of PolkitQt1Backend class + */ + PolkitQt1Backend(); + + /** + * \brief Destructor of PolkitQt1Backend class + */ + ~PolkitQt1Backend(); + + /** + * \brief Initializes the KDE Polkit Authentication Agent. + * + * \param action Action in question + * \param parent Parent widget + * + */ + void initPolkitAgent(const QString &action, QWidget *parent = nullptr) const; + + /** + * \brief A function to check for the action's current status. + * + * \param action Action in question + * \param calledID The Application process ID of the action + * + * \return the result of action status ie. If action is Authorized or not. + */ + Authority::Result actionStatus(const QString &action, const QByteArray &callerID) const; + + /** + * \brief Function to get the current Application process ID + * + * \return Application process ID of the action + */ + QByteArray callerID() const; + + /** + * \brief Tries to authorize to the \p action in question. + * + * \param action Action in question. + * \param callerID The Application process ID of the action + * + * \return \c true if authority authorizes the action successfully, \c false Action is not authorized. + * + */ + bool authorizeAction(const QString &action, const QByteArray &callerID); + + + /** + * \brief Stops the running \p action from executing. + * + * \param action Action in question. + * \param callerID The Application process ID of the action + * + * \return \c true if action is successfully stopped, \c false Action is not stopped. + * + */ + bool stopAction(const QString &action, const QByteArray &callerID); + + // Dummy function for calling QTimer + static void quit(); + +public Q_SLOTS: + void authStatusChanged(); + +Q_SIGNALS: + void actionAuthorized(bool isAuthorized = false); + +private: + QHash m_cachedResults; + bool m_flyingActions; // Already running actions +}; + +/** A Polkit event loop class. + + This class is used to implement a polkit event + loop and has the capability of returning the + current authorization result of the action in + que. + + @author Shubham +**/ +class PolkitEventLoop : public QEventLoop +{ + Q_OBJECT + +public: + PolkitEventLoop(QObject *parent = nullptr); + ~PolkitEventLoop(); + + Authority::Result result() const; + +public Q_SLOTS: + // Quits from the current Polkit Event loop + void requestQuit(const Authority::Result &result); + +private: + Authority::Result m_result; +}; + +} // namespace Auth + +#endif // KPMCORE_EXTERNALCOMMAND_POLKITBACKEND_H diff --git a/src/util/externalcommand_polkitbackend.cpp b/src/util/externalcommand_polkitbackend.cpp new file mode 100644 --- /dev/null +++ b/src/util/externalcommand_polkitbackend.cpp @@ -0,0 +1,207 @@ + /************************************************************************* + * Copyright (C) 2019 by Shubham * + * * + * This program is free software; you can redistribute it and/or * + * modify it under the terms of the GNU General Public License as * + * published by the Free Software Foundation; either version 3 of * + * the License, or (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License * + * along with this program. If not, see .* + *************************************************************************/ + +#include "util/externalcommand_polkitbackend.h" + +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +using namespace PolkitQt1; + +namespace Auth +{ + +PolkitEventLoop::PolkitEventLoop(QObject *parent) + : QEventLoop(parent), + m_result(Authority::No) +{ + +} + +PolkitEventLoop::~PolkitEventLoop() +{ + +} + +void PolkitEventLoop::requestQuit(const Authority::Result &result) +{ + m_result = result; + QTimer::singleShot(1000, this, PolkitQt1Backend::quit); +} + +Authority::Result PolkitEventLoop::result() const +{ + return m_result; +} + +PolkitQt1Backend::PolkitQt1Backend() + : m_flyingActions(false) +{ + // Connect various useful Polkit signals + connect(Authority::instance(), &Authority::configChanged, this, &Auth::PolkitQt1Backend::authStatusChanged); + connect(Authority::instance(), &Authority::consoleKitDBChanged, this, &Auth::PolkitQt1Backend::authStatusChanged); + + m_flyingActions = true; +} + +PolkitQt1Backend::~PolkitQt1Backend() +{ + +} + +void PolkitQt1Backend::initPolkitAgent(const QString &action, QWidget *parent /*= nullptr*/) const +{ + if (!parent) { + qWarning() << "Parent widget does not exists, can not proceed further"; + return; + } + + // Check if we are running terminal session or GUI session + if (!qApp) { + qWarning() << "We are running a TTY (Terminal) session"; + qDebug() << "Can not proceed further since we do not support Text based Polkit Authentication Agent"; + return; + } + + // Get the dialog parent window Id + quint64 parentWindowID = parent->effectiveWinId(); + + // Make a call to the KDE polkit Authentication Agent asking for it's services + QDBusMessage callAgent = QDBusMessage::createMethodCall(QLatin1String("org.kde.polkit-kde-authentication-agent-1"), QLatin1String("/org/kde/Polkit1AuthAgent"), QLatin1String("org.kde.Polkit1AuthAgent"), + QLatin1String("setWindowIdForAction")); + + callAgent << action; + callAgent << parentWindowID; + + QDBusPendingCall call = QDBusConnection::sessionBus().asyncCall(callAgent); + call.waitForFinished(); + + auto watcher = new QDBusPendingCallWatcher(call); + + connect(watcher, &QDBusPendingCallWatcher::finished, this, [this, action, watcher](){ + + const QDBusMessage reply = watcher->reply(); + + if (reply.type() == QDBusMessage::ErrorMessage) { + qWarning() << "Could not call the Authentication Agent, Error:" << reply.errorMessage(); + } + + watcher->deleteLater(); + }); +} + +Authority::Result PolkitQt1Backend::actionStatus(const QString &action, const QByteArray &callerID) const +{ + SystemBusNameSubject subject(QString::fromUtf8(callerID)); + + auto authority = Authority::instance(); + + auto result = authority->checkAuthorizationSync(action, subject, Authority::None); + + if (authority->hasError()) { + qDebug() << "Encountered error while checking action status, Error code:" << authority->lastError() << "\n"; + qDebug() << "Error Details:" << authority->errorDetails(); + authority->clearError(); + } + + return result; +} + +QByteArray PolkitQt1Backend::callerID() const +{ + return QDBusConnection::systemBus().baseService().toUtf8(); +} + +bool PolkitQt1Backend::authorizeAction(const QString &action, const QByteArray &callerID) +{ + SystemBusNameSubject subject(QString::fromUtf8(callerID)); + + auto authority = Authority::instance(); + + PolkitEventLoop event(qobject_cast(qApp)); + + connect(authority, &Authority::checkAuthorizationFinished, &event, &PolkitEventLoop::requestQuit); + + authority->checkAuthorizationSync(action, subject, Authority::AllowUserInteraction); + + event.exec(); + + if (authority->hasError()) { + qWarning() << "Encountered error while checking authorization, Error code:" << authority->lastError() << "\n"; + qDebug() << "Error details:" << authority->errorDetails(); + + // Clear all the errors from the buffer so that hasError() does not give previous error as a result when called later + authority->clearError(); + } + + if (event.result() == Authority::Yes) { + // Emit signal signalling that current action is authorized by the authority instance + emit actionAuthorized(true); + return true; + } else { + emit actionAuthorized(false); + return false; + } +} + +bool stopAction(const QString &action, const QByteArray &callerID) +{ + Q_UNUSED(action) + + SystemBusNameSubject subject(QString::fromUtf8(callerID)); + + auto authority = Authority::instance(); + + PolkitEventLoop event(qobject_cast(qApp)); + event.exec(); + + return authority->revokeTemporaryAuthorizationsSync(subject); +} + +// Dummy function for QTimer +void PolkitQt1Backend::quit() +{ + +} + +void PolkitQt1Backend::authStatusChanged() +{ + for (auto it = m_cachedResults.begin(); it != m_cachedResults.end(); ++it) { + const QString action = it.key(); + QByteArray pid = QDBusConnection::systemBus().baseService().toUtf8(); + if (it.value() != actionStatus(action, pid)) { + *it = actionStatus(action, pid); + } + } + + // Force updating known actions + Authority::instance()->enumerateActions(); + m_flyingActions = true; +} + +} // namespace Auth + +#include "moc_externalcommand_polkitbackend.cpp"