diff --git a/CMakeLists.txt b/CMakeLists.txt --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -99,7 +99,20 @@ ) +find_package(PolkitQt5-1 REQUIRED 0.103.0) + include(ConfigureChecks.cmake) +check_include_file("sys/prctl.h" HAVE_SYS_PRCTL_H) +check_symbol_exists(PR_SET_DUMPABLE "sys/prctl.h" HAVE_PR_SET_DUMPABLE) +check_include_file("sys/procctl.h" HAVE_SYS_PROCCTL_H) +check_symbol_exists(PROC_TRACE_CTL "sys/procctl.h" HAVE_PROC_TRACE_CTL) +if (HAVE_PR_SET_DUMPABLE OR HAVE_PROC_TRACE_CTL) + set(CAN_DISABLE_PTRACE TRUE) +endif () +add_feature_info("prctl/procctl tracing control" + CAN_DISABLE_PTRACE + "Required for disallowing ptrace on polkit agent") + include_directories("${CMAKE_CURRENT_BINARY_DIR}") diff --git a/ksmserver/CMakeLists.txt b/ksmserver/CMakeLists.txt --- a/ksmserver/CMakeLists.txt +++ b/ksmserver/CMakeLists.txt @@ -9,6 +9,7 @@ add_subdirectory(logout-greeter) add_subdirectory(switchuser-greeter) add_subdirectory(tests) +add_subdirectory(policykit-agent) ########### next target ############### @@ -41,6 +42,8 @@ qt5_add_dbus_adaptor( ksmserver_KDEINIT_SRCS org.kde.KSMServerInterface.xml server.h KSMServer ) +configure_file (config.h.cmake ${CMAKE_CURRENT_BINARY_DIR}/config.h) + kf5_add_kdeinit_executable( ksmserver ${ksmserver_KDEINIT_SRCS}) set(CMAKECONFIG_INSTALL_DIR "${KDE_INSTALL_CMAKEPACKAGEDIR}/KSMServerDBusInterface") @@ -68,6 +71,7 @@ KF5::KDELibs4Support # Solid/PowerManagement ${PHONON_LIBRARIES} Qt5::Concurrent + polkit-kde-authentication-agent-1 ) install(TARGETS kdeinit_ksmserver ${KDE_INSTALL_TARGETS_DEFAULT_ARGS}) diff --git a/ksmserver/config.h.cmake b/ksmserver/config.h.cmake new file mode 100644 --- /dev/null +++ b/ksmserver/config.h.cmake @@ -0,0 +1,11 @@ +#ifndef KSMSERVER_CONFIG_H +#define KSMSERVER_CONFIG_H + +/* config.h. Generated by cmake from config.h.cmake */ + +#cmakedefine01 HAVE_SYS_PRCTL_H +#cmakedefine01 HAVE_PR_SET_DUMPABLE +#cmakedefine01 HAVE_SYS_PROCCTL_H +#cmakedefine01 HAVE_PROC_TRACE_CTL + +#endif diff --git a/ksmserver/main.cpp b/ksmserver/main.cpp --- a/ksmserver/main.cpp +++ b/ksmserver/main.cpp @@ -48,6 +48,17 @@ #include #include +#include +#include "policykit-agent/policykitkde.h" + +#if HAVE_SYS_PRCTL_H +#include +#endif +#if HAVE_SYS_PROCCTL_H +#include +#include +#endif + static const char version[] = "0.4"; static const char description[] = I18N_NOOP( "The reliable KDE session manager that talks the standard X11R6 \nsession management protocol (XSMP)." ); @@ -230,6 +241,16 @@ extern "C" Q_DECL_EXPORT int kdemain( int argc, char* argv[] ) { sanity_check(argc, argv); + // disable ptrace as we are the polkit agent + #if HAVE_PR_SET_DUMPABLE + prctl(PR_SET_DUMPABLE, 0); + #endif + #if HAVE_PROC_TRACE_CTL + int mode = PROC_TRACE_CTL_DISABLE; + procctl(P_PID, getpid(), PROC_TRACE_CTL, &mode); + #endif + + putenv((char*)"SESSION_MANAGER="); checkComposite(); @@ -347,6 +368,9 @@ server->startDefaultSession(); KDBusService service(KDBusService::Unique); + //we are also the polkit agent, KAuth contains a special call to the polkit agent for wID sharing, keep the same service name + QDBusConnection::sessionBus().registerService("org.kde.polkit-kde-authentication-agent-1"); + PolicyKitKDE::registerAgent(a); int ret = a->exec(); kde_running.release(); // needs to be done before QApplication destruction diff --git a/ksmserver/policykit-agent/AuthDialog.h b/ksmserver/policykit-agent/AuthDialog.h new file mode 100644 --- /dev/null +++ b/ksmserver/policykit-agent/AuthDialog.h @@ -0,0 +1,92 @@ +/* This file is part of the KDE project + Copyright (C) 2007-2008 Gökçen Eraslan + Copyright (C) 2008 Daniel Nicoletti + Copyright (C) 2010 Dario Freddi + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public + License as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public License + along with this library; see the file COPYING.LIB. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, + Boston, MA 02110-1301, USA. + +*/ + +#ifndef AUTHDIALOG_H +#define AUTHDIALOG_H + +#include +#include + +#include +#include + +#include "ui_AuthDialog.h" +#include "ui_authdetails.h" + +namespace PolkitQt1 +{ +class Details; +} + +class AuthDialog : public QDialog, private Ui::AuthDialog +{ + Q_OBJECT +public: + AuthDialog(const QString &actionId, + const QString &message, + const QString &iconName, + const PolkitQt1::Details &details, + const PolkitQt1::Identity::List &identities, + WId parent); + ~AuthDialog(); + + void setRequest(const QString &request, bool requiresAdmin); + void setOptions(); + QString password() const; + void authenticationFailure(); + + PolkitQt1::Identity adminUserSelected() const; + + PolkitQt1::ActionDescription m_actionDescription; + +signals: + void adminUserSelected(PolkitQt1::Identity); + void okClicked(); + +public slots: + virtual void accept() Q_DECL_OVERRIDE; + +private slots: + void on_userCB_currentIndexChanged(int index); + +private: + QString m_appname; + QString m_message; + + void createUserCB(const PolkitQt1::Identity::List &identities); +}; + +class AuthDetails : public QWidget, private Ui::AuthDetails +{ + Q_OBJECT +public: + AuthDetails(const PolkitQt1::Details &details, + const PolkitQt1::ActionDescription &actionDescription, + const QString &appname, + QWidget *parent); + +private slots: + void openUrl(const QString&); + void openAction(const QString&); +}; + +#endif // AUTHDIALOG_H diff --git a/ksmserver/policykit-agent/AuthDialog.cpp b/ksmserver/policykit-agent/AuthDialog.cpp new file mode 100644 --- /dev/null +++ b/ksmserver/policykit-agent/AuthDialog.cpp @@ -0,0 +1,375 @@ +/* This file is part of the KDE project + Copyright (C) 2007-2008 Gökçen Eraslan + Copyright (C) 2008 Dirk Mueller + Copyright (C) 2008 Daniel Nicoletti + Copyright (C) 2008-2010 Dario Freddi + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public + License as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public License + along with this library; see the file COPYING.LIB. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, + Boston, MA 02110-1301, USA. + +*/ + +#include "AuthDialog.h" + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include + +#include +#include + +AuthDialog::AuthDialog(const QString &actionId, + const QString &message, + const QString &iconName, + const PolkitQt1::Details &details, + const PolkitQt1::Identity::List &identities, + WId parent) + : QDialog(0) +{ + // KAuth is able to circumvent polkit's limitations, and manages to send the wId to the auth agent. + // If we received it, we use KWindowSystem to associate this dialog correctly. + if (parent > 0) { + qDebug() << "Associating the dialog with " << parent << " this dialog is " << winId(); + + // Set the parent + KWindowSystem::setMainWindow(this, parent); + + // Set modal + setWindowModality(Qt::ApplicationModal); + + // raise on top + activateWindow(); + raise(); + } + + setupUi(this); + + connect(buttonBox, &QDialogButtonBox::accepted, this, &AuthDialog::okClicked); + connect(buttonBox, &QDialogButtonBox::accepted, this, &QDialog::accept); + connect(buttonBox, &QDialogButtonBox::rejected, this, &QDialog::reject); + + QString detailsButtonText = i18n("Details"); + QPushButton* detailsButton = new QPushButton(detailsButtonText + " >>"); + detailsButton->setIcon(QIcon::fromTheme("help-about")); + detailsButton->setCheckable(true); + connect(detailsButton, &QAbstractButton::toggled, this, [=](bool toggled) { + detailsWidgetContainer->setVisible(toggled); + if (toggled) { + detailsButton->setText(detailsButtonText + " <<"); + } else { + detailsButton->setText(detailsButtonText + " >>"); + } + adjustSize(); + }); + buttonBox->addButton(detailsButton, QDialogButtonBox::HelpRole); + detailsWidgetContainer->hide(); + + setWindowTitle(i18n("Authentication Required")); + + if (message.isEmpty()) { + qWarning() << "Could not get action message for action."; + lblHeader->hide(); + } else { + qDebug() << "Message of action: " << message; + lblHeader->setText("

" + message + "

"); + m_message = message; + } + + // loads the standard key icon + QPixmap icon = KIconLoader::global()->loadIcon("dialog-password", + KIconLoader::NoGroup, + KIconLoader::SizeHuge, + KIconLoader::DefaultState); + // create a painter to paint the action icon over the key icon + QPainter painter(&icon); + const int iconSize = icon.size().width(); + // the emblem icon to size 32 + int overlaySize = 32; + // try to load the action icon + const QPixmap pixmap = KIconLoader::global()->loadIcon(iconName, + KIconLoader::NoGroup, + overlaySize, + KIconLoader::DefaultState, + QStringList(), + 0, + true); + // if we're able to load the action icon paint it over the + // key icon. + if (!pixmap.isNull()) { + QPoint startPoint; + // bottom right corner + startPoint = QPoint(iconSize - overlaySize - 2, + iconSize - overlaySize - 2); + painter.drawPixmap(startPoint, pixmap); + } + + setWindowIcon(icon); + lblPixmap->setPixmap(icon); + + // find action description for actionId + foreach(const PolkitQt1::ActionDescription &desc, PolkitQt1::Authority::instance()->enumerateActionsSync()) { + if (actionId == desc.actionId()) { + m_actionDescription = desc; + qDebug() << "Action description has been found" ; + break; + } + } + + AuthDetails *detailsDialog = new AuthDetails(details, m_actionDescription, m_appname, this); + detailsWidgetContainer->layout()->addWidget(detailsDialog); + + userCB->hide(); + lePassword->setFocus(); + + errorMessageWidget->setMessageType(KMessageWidget::Error); + errorMessageWidget->hide(); + + // If there is more than 1 identity we will show the combobox for user selection + if (identities.size() > 1) { + connect(userCB, SIGNAL(currentIndexChanged(int)), + this, SLOT(on_userCB_currentIndexChanged(int))); + + createUserCB(identities); + } else { + userCB->addItem("", identities[0].toString()); + userCB->setCurrentIndex(0); + } +} + +AuthDialog::~AuthDialog() +{ +} + +void AuthDialog::accept() +{ + // Do nothing, do not close the dialog. This is needed so that the dialog stays + lePassword->setEnabled(false); + return; +} + +void AuthDialog::setRequest(const QString &request, bool requiresAdmin) +{ + qDebug() << request; + PolkitQt1::Identity identity = adminUserSelected(); + if (request.startsWith(QLatin1String("password:"), Qt::CaseInsensitive)) { + if (requiresAdmin) { + if (!identity.isValid()) { + lblPassword->setText(i18n("Password for root:")); + } else { + lblPassword->setText(i18n("Password for %1:", + identity.toString().remove("unix-user:"))); + } + } else { + lblPassword->setText(i18n("Password:")); + } + } else if (request.startsWith(QLatin1String("password or swipe finger:"), + Qt::CaseInsensitive)) { + if (requiresAdmin) { + if (!identity.isValid()) { + lblPassword->setText(i18n("Password or swipe finger for root:")); + } else { + lblPassword->setText(i18n("Password or swipe finger for %1:", + identity.toString().remove("unix-user:"))); + } + } else { + lblPassword->setText(i18n("Password or swipe finger:")); + } + } else { + lblPassword->setText(request); + } + +} + +void AuthDialog::setOptions() +{ + lblContent->setText(i18n("An application is attempting to perform an action that requires privileges." + " Authentication is required to perform this action.")); +} + +void AuthDialog::createUserCB(const PolkitQt1::Identity::List &identities) +{ + /* if we've already built the list of admin users once, then avoid + * doing it again.. (this is mainly used when the user entered the + * wrong password and the dialog is recycled) + */ + if (identities.count() && (userCB->count() - 1) != identities.count()) { + // Clears the combobox in the case some user be added + userCB->clear(); + + // Adds a Dummy user + userCB->addItem(i18n("Select User"), QString()); + qobject_cast(userCB->model())->item(userCB->count()-1)->setEnabled(false); + + // For each user + int index = 1; // Start at 1 because of the "Select User" entry + int currentUserIndex = -1; + const KUser currentUser; + foreach(const PolkitQt1::Identity &identity, identities) { + // First check to see if the user is valid + qDebug() << "User: " << identity.toString(); + const KUser user(identity.toString().remove("unix-user:")); + if (!user.isValid()) { + qWarning() << "User invalid: " << user.loginName(); + continue; + } + + // Display user Full Name IF available + QString display; + if (!user.property(KUser::FullName).toString().isEmpty()) { + display = i18nc("%1 is the full user name, %2 is the user login name", "%1 (%2)", user.property(KUser::FullName).toString(), user.loginName()); + } else { + display = user.loginName(); + } + + QIcon icon; + // load user icon face + if (!user.faceIconPath().isEmpty()) { + icon = QIcon(user.faceIconPath()); + } else { + icon = QIcon::fromTheme("user-identity"); + } + // appends the user item + userCB->addItem(icon, display, identity.toString()); + + if (user == currentUser) { + currentUserIndex = index; + } + ++index; + } + + // Show the widget and set focus + if (currentUserIndex != -1) { + userCB->setCurrentIndex(currentUserIndex); + } + userCB->show(); + } +} + +PolkitQt1::Identity AuthDialog::adminUserSelected() const +{ + if (userCB->currentIndex() == -1) + return PolkitQt1::Identity(); + + const QString id = userCB->currentData().toString(); + if (id.isEmpty()) + return PolkitQt1::Identity(); + return PolkitQt1::Identity::fromString(id); +} + +void AuthDialog::on_userCB_currentIndexChanged(int /*index*/) +{ + PolkitQt1::Identity identity = adminUserSelected(); + // itemData is Null when "Select user" is selected + if (!identity.isValid()) { + lePassword->setEnabled(false); + lblPassword->setEnabled(false); + buttonBox->button(QDialogButtonBox::Ok)->setEnabled(false); + } else { + lePassword->setEnabled(true); + lblPassword->setEnabled(true); + buttonBox->button(QDialogButtonBox::Ok)->setEnabled(true); + // We need this to restart the auth with the new user + emit adminUserSelected(identity); + // git password label focus + lePassword->setFocus(); + } +} + +QString AuthDialog::password() const +{ + return lePassword->text(); +} + +void AuthDialog::authenticationFailure() +{ + errorMessageWidget->setText(i18n("Authentication failure, please try again.")); + errorMessageWidget->animatedShow(); + + QFont bold = font(); + bold.setBold(true); + lblPassword->setFont(bold); + lePassword->setEnabled(true); + lePassword->clear(); + lePassword->setFocus(); +} + +AuthDetails::AuthDetails(const PolkitQt1::Details &details, + const PolkitQt1::ActionDescription &actionDescription, + const QString &appname, + QWidget *parent) + : QWidget(parent) +{ + setupUi(this); + + app_label->setText(appname); + + foreach(const QString &key, details.keys()) { //krazy:exclude=foreach (Details is not a map/hash, but rather a method) + int row = gridLayout->rowCount() + 1; + + QLabel *keyLabel = new QLabel(this); + keyLabel->setText(i18nc("%1 is the name of a detail about the current action " + "provided by polkit", "%1:", key)); + gridLayout->addWidget(keyLabel, row, 0); + + QLabel *valueLabel = new QLabel(this); + valueLabel->setText(details.lookup(key)); + gridLayout->addWidget(valueLabel, row, 1); + } + + action_label->setText(actionDescription.description()); + + action_label->setTipText(i18n("Click to edit %1", actionDescription.actionId())); + action_label->setUrl(actionDescription.actionId()); + + QString vendor = actionDescription.vendorName(); + QString vendorUrl = actionDescription.vendorUrl(); + + if (!vendor.isEmpty()) { + vendorUL->setText(vendor); + vendorUL->setTipText(i18n("Click to open %1", vendorUrl)); + vendorUL->setUrl(vendorUrl); + } else if (!vendorUrl.isEmpty()) { + vendorUL->setText(vendorUrl); + vendorUL->setTipText(i18n("Click to open %1", vendorUrl)); + vendorUL->setUrl(vendorUrl); + } else { + vendorL->hide(); + vendorUL->hide(); + } + + connect(vendorUL, SIGNAL(leftClickedUrl(QString)), SLOT(openUrl(QString))); + connect(action_label, SIGNAL(leftClickedUrl(QString)), SLOT(openAction(QString))); +} + +void AuthDetails::openUrl(const QString& url) +{ + QDesktopServices::openUrl(QUrl(url)); +} + +void AuthDetails::openAction(const QString &url) +{ + // FIXME what's this? :) + QProcess::startDetached("polkit-kde-authorization", QStringList() << url); +} diff --git a/ksmserver/policykit-agent/AuthDialog.ui b/ksmserver/policykit-agent/AuthDialog.ui new file mode 100644 --- /dev/null +++ b/ksmserver/policykit-agent/AuthDialog.ui @@ -0,0 +1,152 @@ + + + AuthDialog + + + + 0 + 0 + 511 + 344 + + + + + 0 + 0 + + + + + + + + + + + + 0 + 0 + + + + &Lock Icon here + + + false + + + lePassword + + + + + + + Qt::Vertical + + + + 20 + 92 + + + + + + + + + + + + + 0 + 0 + + + + <b>Header is here!</b> + + + true + + + lePassword + + + + + + + + 0 + 0 + + + + <i>Content</i> + + + true + + + + + + + + + + + + + + + P&assword: + + + lePassword + + + + + + + QLineEdit::Password + + + false + + + + + + + + + + + + + + QDialogButtonBox::Cancel|QDialogButtonBox::Ok + + + + + + + + KMessageWidget + QWidget +
kmessagewidget.h
+ + + + userCB + lePassword + + + + diff --git a/ksmserver/policykit-agent/CMakeLists.txt b/ksmserver/policykit-agent/CMakeLists.txt new file mode 100644 --- /dev/null +++ b/ksmserver/policykit-agent/CMakeLists.txt @@ -0,0 +1,36 @@ +add_definitions(-DTRANSLATION_DOMAIN=\"polkit-kde-authentication-agent-1\") + + +# let our config.h be found first in any case +include_directories (BEFORE ${CMAKE_CURRENT_BINARY_DIR}) + +include_directories( + ${POLKITQT-1_INCLUDE_DIR} + ${CMAKE_CURRENT_SOURCE_DIR} + ${CMAKE_CURRENT_BINARY_DIR}) + +qt5_add_dbus_adaptor(policykit_SRCS org.kde.Polkit1AuthAgent.xml policykitlistener.h PolicyKitListener) + +ki18n_wrap_ui(policykit_SRCS AuthDialog.ui authdetails.ui) + +set(policykit_SRCS + ${policykit_SRCS} + policykitkde.cpp + policykitlistener.cpp + AuthDialog.cpp +) + +add_library(polkit-kde-authentication-agent-1 STATIC ${policykit_SRCS}) + +target_link_libraries(polkit-kde-authentication-agent-1 + KF5::DBusAddons + KF5::WindowSystem + KF5::WidgetsAddons + KF5::CoreAddons + KF5::I18n + KF5::Crash + KF5::IconThemes + ${POLKITQT-1_LIBRARIES} +) + +install(FILES policykit1-kde.notifyrc DESTINATION ${KNOTIFYRC_INSTALL_DIR}) diff --git a/ksmserver/policykit-agent/COPYING b/ksmserver/policykit-agent/COPYING new file mode 100644 --- /dev/null +++ b/ksmserver/policykit-agent/COPYING @@ -0,0 +1,346 @@ +NOTE! The GPL below is copyrighted by the Free Software Foundation, but +the instance of code that it refers to (the kde programs) are copyrighted +by the authors who actually wrote it. + +--------------------------------------------------------------------------- + + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 + + Copyright (C) 1989, 1991 Free Software Foundation, Inc. + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + Everyone is permitted to copy and distribute verbatim copies + of this license document, but changing it is not allowed. + + Preamble + + The licenses for most software are designed to take away your +freedom to share and change it. By contrast, the GNU General Public +License is intended to guarantee your freedom to share and change free +software--to make sure the software is free for all its users. This +General Public License applies to most of the Free Software +Foundation's software and to any other program whose authors commit to +using it. (Some other Free Software Foundation software is covered by +the GNU Library General Public License instead.) You can apply it to +your programs, too. + + When we speak of free software, we are referring to freedom, not +price. Our General Public Licenses are designed to make sure that you +have the freedom to distribute copies of free software (and charge for +this service if you wish), that you receive source code or can get it +if you want it, that you can change the software or use pieces of it +in new free programs; and that you know you can do these things. + + To protect your rights, we need to make restrictions that forbid +anyone to deny you these rights or to ask you to surrender the rights. +These restrictions translate to certain responsibilities for you if you +distribute copies of the software, or if you modify it. + + For example, if you distribute copies of such a program, whether +gratis or for a fee, you must give the recipients all the rights that +you have. You must make sure that they, too, receive or can get the +source code. And you must show them these terms so they know their +rights. + + We protect your rights with two steps: (1) copyright the software, and +(2) offer you this license which gives you legal permission to copy, +distribute and/or modify the software. + + Also, for each author's protection and ours, we want to make certain +that everyone understands that there is no warranty for this free +software. If the software is modified by someone else and passed on, we +want its recipients to know that what they have is not the original, so +that any problems introduced by others will not reflect on the original +authors' reputations. + + Finally, any free program is threatened constantly by software +patents. We wish to avoid the danger that redistributors of a free +program will individually obtain patent licenses, in effect making the +program proprietary. To prevent this, we have made it clear that any +patent must be licensed for everyone's free use or not licensed at all. + + The precise terms and conditions for copying, distribution and +modification follow. + + GNU GENERAL PUBLIC LICENSE + TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License applies to any program or other work which contains +a notice placed by the copyright holder saying it may be distributed +under the terms of this General Public License. The "Program", below, +refers to any such program or work, and a "work based on the Program" +means either the Program or any derivative work under copyright law: +that is to say, a work containing the Program or a portion of it, +either verbatim or with modifications and/or translated into another +language. (Hereinafter, translation is included without limitation in +the term "modification".) Each licensee is addressed as "you". + +Activities other than copying, distribution and modification are not +covered by this License; they are outside its scope. The act of +running the Program is not restricted, and the output from the Program +is covered only if its contents constitute a work based on the +Program (independent of having been made by running the Program). +Whether that is true depends on what the Program does. + + 1. You may copy and distribute verbatim copies of the Program's +source code as you receive it, in any medium, provided that you +conspicuously and appropriately publish on each copy an appropriate +copyright notice and disclaimer of warranty; keep intact all the +notices that refer to this License and to the absence of any warranty; +and give any other recipients of the Program a copy of this License +along with the Program. + +You may charge a fee for the physical act of transferring a copy, and +you may at your option offer warranty protection in exchange for a fee. + + 2. You may modify your copy or copies of the Program or any portion +of it, thus forming a work based on the Program, and copy and +distribute such modifications or work under the terms of Section 1 +above, provided that you also meet all of these conditions: + + a) You must cause the modified files to carry prominent notices + stating that you changed the files and the date of any change. + + b) You must cause any work that you distribute or publish, that in + whole or in part contains or is derived from the Program or any + part thereof, to be licensed as a whole at no charge to all third + parties under the terms of this License. + + c) If the modified program normally reads commands interactively + when run, you must cause it, when started running for such + interactive use in the most ordinary way, to print or display an + announcement including an appropriate copyright notice and a + notice that there is no warranty (or else, saying that you provide + a warranty) and that users may redistribute the program under + these conditions, and telling the user how to view a copy of this + License. (Exception: if the Program itself is interactive but + does not normally print such an announcement, your work based on + the Program is not required to print an announcement.) + +These requirements apply to the modified work as a whole. If +identifiable sections of that work are not derived from the Program, +and can be reasonably considered independent and separate works in +themselves, then this License, and its terms, do not apply to those +sections when you distribute them as separate works. But when you +distribute the same sections as part of a whole which is a work based +on the Program, the distribution of the whole must be on the terms of +this License, whose permissions for other licensees extend to the +entire whole, and thus to each and every part regardless of who wrote it. + +Thus, it is not the intent of this section to claim rights or contest +your rights to work written entirely by you; rather, the intent is to +exercise the right to control the distribution of derivative or +collective works based on the Program. + +In addition, mere aggregation of another work not based on the Program +with the Program (or with a work based on the Program) on a volume of +a storage or distribution medium does not bring the other work under +the scope of this License. + + 3. You may copy and distribute the Program (or a work based on it, +under Section 2) in object code or executable form under the terms of +Sections 1 and 2 above provided that you also do one of the following: + + a) Accompany it with the complete corresponding machine-readable + source code, which must be distributed under the terms of Sections + 1 and 2 above on a medium customarily used for software interchange; or, + + b) Accompany it with a written offer, valid for at least three + years, to give any third party, for a charge no more than your + cost of physically performing source distribution, a complete + machine-readable copy of the corresponding source code, to be + distributed under the terms of Sections 1 and 2 above on a medium + customarily used for software interchange; or, + + c) Accompany it with the information you received as to the offer + to distribute corresponding source code. (This alternative is + allowed only for noncommercial distribution and only if you + received the program in object code or executable form with such + an offer, in accord with Subsection b above.) + +The source code for a work means the preferred form of the work for +making modifications to it. For an executable work, complete source +code means all the source code for all modules it contains, plus any +associated interface definition files, plus the scripts used to +control compilation and installation of the executable. However, as a +special exception, the source code distributed need not include +anything that is normally distributed (in either source or binary +form) with the major components (compiler, kernel, and so on) of the +operating system on which the executable runs, unless that component +itself accompanies the executable. + +If distribution of executable or object code is made by offering +access to copy from a designated place, then offering equivalent +access to copy the source code from the same place counts as +distribution of the source code, even though third parties are not +compelled to copy the source along with the object code. + + 4. You may not copy, modify, sublicense, or distribute the Program +except as expressly provided under this License. Any attempt +otherwise to copy, modify, sublicense or distribute the Program is +void, and will automatically terminate your rights under this License. +However, parties who have received copies, or rights, from you under +this License will not have their licenses terminated so long as such +parties remain in full compliance. + + 5. You are not required to accept this License, since you have not +signed it. However, nothing else grants you permission to modify or +distribute the Program or its derivative works. These actions are +prohibited by law if you do not accept this License. Therefore, by +modifying or distributing the Program (or any work based on the +Program), you indicate your acceptance of this License to do so, and +all its terms and conditions for copying, distributing or modifying +the Program or works based on it. + + 6. Each time you redistribute the Program (or any work based on the +Program), the recipient automatically receives a license from the +original licensor to copy, distribute or modify the Program subject to +these terms and conditions. You may not impose any further +restrictions on the recipients' exercise of the rights granted herein. +You are not responsible for enforcing compliance by third parties to +this License. + + 7. If, as a consequence of a court judgment or allegation of patent +infringement or for any other reason (not limited to patent issues), +conditions are imposed on you (whether by court order, agreement or +otherwise) that contradict the conditions of this License, they do not +excuse you from the conditions of this License. If you cannot +distribute so as to satisfy simultaneously your obligations under this +License and any other pertinent obligations, then as a consequence you +may not distribute the Program at all. For example, if a patent +license would not permit royalty-free redistribution of the Program by +all those who receive copies directly or indirectly through you, then +the only way you could satisfy both it and this License would be to +refrain entirely from distribution of the Program. + +If any portion of this section is held invalid or unenforceable under +any particular circumstance, the balance of the section is intended to +apply and the section as a whole is intended to apply in other +circumstances. + +It is not the purpose of this section to induce you to infringe any +patents or other property right claims or to contest validity of any +such claims; this section has the sole purpose of protecting the +integrity of the free software distribution system, which is +implemented by public license practices. Many people have made +generous contributions to the wide range of software distributed +through that system in reliance on consistent application of that +system; it is up to the author/donor to decide if he or she is willing +to distribute software through any other system and a licensee cannot +impose that choice. + +This section is intended to make thoroughly clear what is believed to +be a consequence of the rest of this License. + + 8. If the distribution and/or use of the Program is restricted in +certain countries either by patents or by copyrighted interfaces, the +original copyright holder who places the Program under this License +may add an explicit geographical distribution limitation excluding +those countries, so that distribution is permitted only in or among +countries not thus excluded. In such case, this License incorporates +the limitation as if written in the body of this License. + + 9. The Free Software Foundation may publish revised and/or new versions +of the General Public License from time to time. Such new versions will +be similar in spirit to the present version, but may differ in detail to +address new problems or concerns. + +Each version is given a distinguishing version number. If the Program +specifies a version number of this License which applies to it and "any +later version", you have the option of following the terms and conditions +either of that version or of any later version published by the Free +Software Foundation. If the Program does not specify a version number of +this License, you may choose any version ever published by the Free Software +Foundation. + + 10. If you wish to incorporate parts of the Program into other free +programs whose distribution conditions are different, write to the author +to ask for permission. For software which is copyrighted by the Free +Software Foundation, write to the Free Software Foundation; we sometimes +make exceptions for this. Our decision will be guided by the two goals +of preserving the free status of all derivatives of our free software and +of promoting the sharing and reuse of software generally. + + NO WARRANTY + + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY +FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN +OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES +PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED +OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS +TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE +PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, +REPAIR OR CORRECTION. + + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING +WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR +REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, +INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING +OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED +TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY +YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER +PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE +POSSIBILITY OF SUCH DAMAGES. + + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs + + If you develop a new program, and you want it to be of the greatest +possible use to the public, the best way to achieve this is to make it +free software which everyone can redistribute and change under these terms. + + To do so, attach the following notices to the program. It is safest +to attach them to the start of each source file to most effectively +convey the exclusion of warranty; and each file should have at least +the "copyright" line and a pointer to where the full notice is found. + + + Copyright (C) 19yy + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA + + +Also add information on how to contact you by electronic and paper mail. + +If the program is interactive, make it output a short notice like this +when it starts in an interactive mode: + + Gnomovision version 69, Copyright (C) 19yy name of author + Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. + This is free software, and you are welcome to redistribute it + under certain conditions; type `show c' for details. + +The hypothetical commands `show w' and `show c' should show the appropriate +parts of the General Public License. Of course, the commands you use may +be called something other than `show w' and `show c'; they could even be +mouse-clicks or menu items--whatever suits your program. + +You should also get your employer (if you work as a programmer) or your +school, if any, to sign a "copyright disclaimer" for the program, if +necessary. Here is a sample; alter the names: + + Yoyodyne, Inc., hereby disclaims all copyright interest in the program + `Gnomovision' (which makes passes at compilers) written by James Hacker. + + , 1 April 1989 + Ty Coon, President of Vice + +This General Public License does not permit incorporating your program into +proprietary programs. If your program is a subroutine library, you may +consider it more useful to permit linking proprietary applications with the +library. If this is what you want to do, use the GNU Library General +Public License instead of this License. diff --git a/ksmserver/policykit-agent/Messages.sh b/ksmserver/policykit-agent/Messages.sh new file mode 100644 --- /dev/null +++ b/ksmserver/policykit-agent/Messages.sh @@ -0,0 +1,4 @@ +#! /bin/sh +$EXTRACTRC `find -name \*.ui -o -name \*.rc -o -name \*.kcfg` >> rc.cpp || exit 11 +$XGETTEXT `find -name \*.cpp -o -name \*.h` -o $podir/polkit-kde-authentication-agent-1.pot +rm -f rc.cpp diff --git a/ksmserver/policykit-agent/authdetails.ui b/ksmserver/policykit-agent/authdetails.ui new file mode 100644 --- /dev/null +++ b/ksmserver/policykit-agent/authdetails.ui @@ -0,0 +1,91 @@ + + AuthDetails + + + + 0 + 0 + 273 + 80 + + + + + 0 + 0 + + + + + + + Application: + + + + + + + Action: + + + + + + + Vendor: + + + + + + + Vendor: + + + + + + true + + + + + + + Action: + + + + + + true + + + + + + + Qt::Horizontal + + + + + + + Application: + + + + + + + + KUrlLabel + QLabel +
kurllabel.h
+ + + + + diff --git a/ksmserver/policykit-agent/org.freedesktop.PolicyKit.AuthenticationAgent.xml b/ksmserver/policykit-agent/org.freedesktop.PolicyKit.AuthenticationAgent.xml new file mode 100644 --- /dev/null +++ b/ksmserver/policykit-agent/org.freedesktop.PolicyKit.AuthenticationAgent.xml @@ -0,0 +1,15 @@ + + + + + + + + + + + + + + + diff --git a/ksmserver/policykit-agent/org.kde.Polkit1AuthAgent.xml b/ksmserver/policykit-agent/org.kde.Polkit1AuthAgent.xml new file mode 100644 --- /dev/null +++ b/ksmserver/policykit-agent/org.kde.Polkit1AuthAgent.xml @@ -0,0 +1,10 @@ + + + + + + + + + diff --git a/ksmserver/policykit-agent/policykit1-kde.notifyrc b/ksmserver/policykit-agent/policykit1-kde.notifyrc new file mode 100644 --- /dev/null +++ b/ksmserver/policykit-agent/policykit1-kde.notifyrc @@ -0,0 +1,174 @@ +[Global] +IconName=dialog-password +Comment=PolicyKit authentication dialog +Comment[ar]=حواريّ استيثاق Policykit +Comment[bs]=PolicyKit dijalog provjere identiteta +Comment[ca]=Diàleg d'autenticació del PolicyKit +Comment[ca@valencia]=Diàleg d'autenticació del PolicyKit +Comment[cs]=Ověřovací dialog PolicyKitu +Comment[da]=PolicyKit autentificeringsdialog +Comment[de]=PolicyKit-Authentifizierungs-Dialog +Comment[el]=Διάλογος ταυτοποίησης PolicyKit +Comment[en_GB]=PolicyKit authentication dialog +Comment[es]=Diálogo de autenticación de PolicyKit +Comment[et]=PolicyKiti autentimisdialoog +Comment[eu]=PolicyKit autentifikazio elkarrizketa +Comment[fi]=PolicyKit-tunnistautumisikkuna +Comment[fr]=Boîte de dialogue d'authentification de « PolicyKit » +Comment[gl]=Diálogo de autenticación de PolicyKit +Comment[hu]=PolicyKit hitelesítési párbeszédablak +Comment[id]=Dialog kewenangan PolicyKit +Comment[it]=Finestra di autenticazione di PolicyKit +Comment[ko]=PolicyKit 인증 대화상자 +Comment[lt]=PolicyKit tapatybės nustatymo dialogas +Comment[nb]=PolicyKit autentiseringsdialog +Comment[nl]=Authenticatiedialoog van PolicyKit +Comment[nn]=PolicyKit-autentiseringsvindauge +Comment[pa]=ਪਾਲਸੀਕਿਟ ਪਰਮਾਣਕਿਤਾ ਡਾਈਲਾਗ +Comment[pl]=Okno dialogowe uwierzytelnienia PolicyKit +Comment[pt]=Janela de autenticação do PolicyKit +Comment[pt_BR]=Janela de autenticação do PolicyKit +Comment[ro]=Dialog de autentificare PolicyKit +Comment[ru]=Диалог аутентификации PolicyKit +Comment[sk]=overovací dialóg PolicyKit +Comment[sl]=Pogovorno okno overitve PolicyKit +Comment[sr]=Полисикитов дијалог за аутентификовање +Comment[sr@ijekavian]=Полисикитов дијалог за аутентификовање +Comment[sr@ijekavianlatin]=PolicyKitov dijalog za autentifikovanje +Comment[sr@latin]=PolicyKitov dijalog za autentifikovanje +Comment[sv]=Policykit behörighetsdialogruta +Comment[tr]=PolicyKit kimlik doğrulama penceresi +Comment[uk]=Діалогове вікно розпізнавання PolicyKit +Comment[x-test]=xxPolicyKit authentication dialogxx +Comment[zh_CN]=PolicyKit 认证对话框 +Comment[zh_TW]=PolicyKit 認證對話框 +Name=policykit1-kde +Name[ast]=policykit1-kde +Name[bs]=policykit1-kde +Name[ca]=policykit1-kde +Name[ca@valencia]=policykit1-kde +Name[cs]=policykit1-kde +Name[da]=policykit1-kde +Name[de]=policykit1-kde +Name[el]=policykit1-kde +Name[en_GB]=policykit1-kde +Name[es]=policykit1-kde +Name[et]=policykit1-kde +Name[eu]=policykit1-kde +Name[fi]=policykit1-kde +Name[fr]=policykit1-kde +Name[gl]=policykit1-kde +Name[hu]=policykit1-kde +Name[id]=policykit1-kde +Name[it]=policykit1-kde +Name[ko]=policykit1-kde +Name[lt]=policykit1-kde +Name[nb]=policykit1-kde +Name[nl]=policykit1-kde +Name[nn]=policykit1-kde +Name[pa]=policykit1-kde +Name[pl]=policykit1-kde +Name[pt]=policykit1-kde +Name[pt_BR]=policykit1-kde +Name[ro]=policykit1-kde +Name[ru]=policykit1-kde +Name[sk]=policykit1-kde +Name[sl]=policykit1-kde +Name[sr]=Полисикит1‑КДЕ +Name[sr@ijekavian]=Полисикит1‑КДЕ +Name[sr@ijekavianlatin]=PolicyKit1‑KDE +Name[sr@latin]=PolicyKit1‑KDE +Name[sv]=PolicyKit1-KDE +Name[tr]=policykit1-kde +Name[uk]=policykit1-kde +Name[x-test]=xxpolicykit1-kdexx +Name[zh_CN]=policykit1-kde +Name[zh_TW]=policykit1-kde + +[Event/authenticate] +Name=authenticate +Name[ar]=استيثاق +Name[bs]=autentifikacija +Name[ca]=autentica +Name[ca@valencia]=autentica +Name[cs]=ověřit +Name[da]=autentificér +Name[de]=Authentifizieren +Name[el]=ταυτοποίηση +Name[en_GB]=authenticate +Name[es]=autenticar +Name[et]=Autentimine +Name[eu]=autentifikatu +Name[fi]=tunnistaudu +Name[fr]=S'authentifier +Name[gl]=autenticar +Name[hu]=hitelesítés +Name[ia]=authentica +Name[id]=wewenang +Name[it]=autenticazione +Name[ko]=인증 +Name[lt]=nustatyti tapatybę +Name[nb]=autentiser +Name[nl]=authenticatie +Name[nn]=autentiser +Name[pa]=ਪਰਮਾਣਿਤ +Name[pl]=uwierzytelnij +Name[pt]=autenticar +Name[pt_BR]=autenticar +Name[ro]=autentifică +Name[ru]=Аутентификация +Name[sk]=overiť +Name[sl]=overi +Name[sr]=Аутентификовање +Name[sr@ijekavian]=Аутентификовање +Name[sr@ijekavianlatin]=Autentifikovanje +Name[sr@latin]=Autentifikovanje +Name[sv]=kontrollera behörighet +Name[tr]=yetkilendir +Name[uk]=розпізнавання +Name[x-test]=xxauthenticatexx +Name[zh_CN]=认证 +Name[zh_TW]=認證 +Comment=You are required to authenticate +Comment[ar]=الاستيثاق مطلوب +Comment[bs]=Trebate se autentificirati +Comment[ca]=Se us demana que us autentiqueu +Comment[ca@valencia]=Se vos demana que vos autentiqueu +Comment[cs]=Je vyžadováno ověření totožnosti +Comment[da]=Du skal autentificere +Comment[de]=Sie benötigen eine Authentifizierung +Comment[el]=Απαιτείται η ταυτοποίησή σας +Comment[en_GB]=You are required to authenticate +Comment[es]=Se le ha pedido que se autentique +Comment[et]=Vajalik on autentimine +Comment[eu]=Autentifikatu behar duzu +Comment[fi]=Tunnistautuminen vaaditaan +Comment[fr]=Vous devez vous authentifier +Comment[gl]=Debe identificarse. +Comment[hu]=Hitelesítés szükséges +Comment[id]=Kamu diperlukan untuk mewenangi +Comment[it]=Devi effettuare l'autenticazione +Comment[ko]=인증 필요함 +Comment[lt]=Reikia nustatyti Jūsų nustatyti tapatybę +Comment[nb]=Du må autentisere +Comment[nl]=Authenticeren is verplicht +Comment[nn]=Du må autentisera +Comment[pa]=ਤੁਹਾਨੂੰ ਪਰਮਾਣਿਤ ਹੋਣ ਦੀ ਲੋੜ ਹੈ +Comment[pl]=Musisz się uwierzytelnić +Comment[pt]=É necessário que se autentique +Comment[pt_BR]=É necessária a sua autenticação +Comment[ro]=Vi se solicită autentificarea +Comment[ru]=Необходимо пройти аутентификацию +Comment[sk]=Musíte sa overiť +Comment[sl]=Zahtevana je overitev +Comment[sr]=Треба да се аутентификујете +Comment[sr@ijekavian]=Треба да се аутентификујете +Comment[sr@ijekavianlatin]=Treba da se autentifikujete +Comment[sr@latin]=Treba da se autentifikujete +Comment[sv]=Det krävs att din behörighet kontrolleras +Comment[tr]=Kimlik doğrulaması yapmanız gerekiyor +Comment[uk]=Вам слід пройти розпізнавання +Comment[x-test]=xxYou are required to authenticatexx +Comment[zh_CN]=您需要认证 +Comment[zh_TW]=您需要認證 +Action=Popup diff --git a/ksmserver/policykit-agent/policykitkde.h b/ksmserver/policykit-agent/policykitkde.h new file mode 100644 --- /dev/null +++ b/ksmserver/policykit-agent/policykitkde.h @@ -0,0 +1,34 @@ +/* This file is part of the KDE project + Copyright (C) 2017 David Edmundson + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public + License as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public License + along with this library; see the file COPYING.LIB. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, + Boston, MA 02110-1301, USA. + +*/ + +#ifndef POLICYKITKDE_H +#define POLICYKITKDE_H + +#include +#include "policykitlistener.h" + +namespace PolicyKitKDE { + /** + * Starts the policy kit agent. + * @note on failure this will cause the application to exit + */ + void registerAgent(QObject *parent); +} +#endif diff --git a/ksmserver/policykit-agent/policykitkde.cpp b/ksmserver/policykit-agent/policykitkde.cpp new file mode 100644 --- /dev/null +++ b/ksmserver/policykit-agent/policykitkde.cpp @@ -0,0 +1,49 @@ +/* This file is part of the KDE project + Copyright (C) 2009 Jaroslav Reznik + Copyright (C) 2017 David Edmundson + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public + License as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public License + along with this library; see the file COPYING.LIB. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, + Boston, MA 02110-1301, USA. + +*/ + +#include +#include + +#include + +#include "policykitkde.h" + +namespace PolicyKitKDE +{ + +void registerAgent(QObject *parent) +{ + if (! QDBusConnection::sessionBus().registerService("org.kde.polkit-kde-authentication-agent-1")) { + qWarning() << "Couldn't register service name!"; + exit(1); + } + auto listener = new PolicyKitListener(parent); + + PolkitQt1::UnixSessionSubject session(getpid()); + bool result = listener->registerListener(session, "/org/kde/PolicyKit1/AuthenticationAgent"); + + if (!result) { + qWarning() << "Couldn't register listener!"; + exit(1); + } +} + +} diff --git a/ksmserver/policykit-agent/policykitlistener.h b/ksmserver/policykit-agent/policykitlistener.h new file mode 100644 --- /dev/null +++ b/ksmserver/policykit-agent/policykitlistener.h @@ -0,0 +1,80 @@ +#ifndef POLICYKITLISTENER_H +#define POLICYKITLISTENER_H + +/* This file is part of the KDE project + Copyright (C) 2009 Jaroslav Reznik + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public + License as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public License + along with this library; see the file COPYING.LIB. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, + Boston, MA 02110-1301, USA. + +*/ + +#include +#include + +#include + +class AuthDialog; + +using namespace PolkitQt1::Agent; + +class PolicyKitListener : public Listener +{ + Q_OBJECT + Q_CLASSINFO("D-Bus Interface", "org.kde.Polkit1AuthAgent") +public: + PolicyKitListener(QObject *parent = 0); + virtual ~PolicyKitListener(); + +public slots: + void initiateAuthentication(const QString &actionId, + const QString &message, + const QString &iconName, + const PolkitQt1::Details &details, + const QString &cookie, + const PolkitQt1::Identity::List &identities, + PolkitQt1::Agent::AsyncResult* result) Q_DECL_OVERRIDE; + bool initiateAuthenticationFinish() Q_DECL_OVERRIDE; + void cancelAuthentication() Q_DECL_OVERRIDE; + + void tryAgain(); + void finishObtainPrivilege(); + + void request(const QString &request, bool echo); + void completed(bool gainedAuthorization); + void showError(const QString &text); + + void setWIdForAction(const QString &action, qulonglong wID); + +private: + QPointer m_dialog; + QPointer m_session; + bool m_inProgress; + bool m_gainedAuthorization; + bool m_wasCancelled; + int m_numTries; + PolkitQt1::Identity::List m_identities; + PolkitQt1::Agent::AsyncResult* m_result; + QString m_cookie; + PolkitQt1::Identity m_selectedUser; + QHash< QString, qulonglong > m_actionsToWID; + +private slots: + void dialogAccepted(); + void dialogCanceled(); + void userSelected(const PolkitQt1::Identity &identity); +}; + +#endif diff --git a/ksmserver/policykit-agent/policykitlistener.cpp b/ksmserver/policykit-agent/policykitlistener.cpp new file mode 100644 --- /dev/null +++ b/ksmserver/policykit-agent/policykitlistener.cpp @@ -0,0 +1,236 @@ +/* This file is part of the KDE project + Copyright (C) 2009 Jaroslav Reznik + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public + License as published by the Free Software Foundation; either + version 2 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public License + along with this library; see the file COPYING.LIB. If not, write to + the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, + Boston, MA 02110-1301, USA. + +*/ + +#include +#include + +#include + +#include +#include +#include +#include +#include + +#include "policykitlistener.h" +#include "AuthDialog.h" +#include "polkit1authagentadaptor.h" + +PolicyKitListener::PolicyKitListener(QObject *parent) + : Listener(parent) + , m_inProgress(false) + , m_selectedUser(0) +{ + (void) new Polkit1AuthAgentAdaptor(this); + + if (!QDBusConnection::sessionBus().registerObject("/org/kde/Polkit1AuthAgent", this, + QDBusConnection::ExportScriptableSlots | + QDBusConnection::ExportScriptableProperties | + QDBusConnection::ExportAdaptors)) { + qWarning() << "Could not initiate DBus helper!"; + } + + qDebug() << "Listener online"; +} + +PolicyKitListener::~PolicyKitListener() +{ +} + +void PolicyKitListener::setWIdForAction(const QString& action, qulonglong wID) +{ + qDebug() << "On to the handshake"; + m_actionsToWID[action] = wID; +} + +void PolicyKitListener::initiateAuthentication(const QString &actionId, + const QString &message, + const QString &iconName, + const PolkitQt1::Details &details, + const QString &cookie, + const PolkitQt1::Identity::List &identities, + PolkitQt1::Agent::AsyncResult* result) +{ + qDebug() << "Initiating authentication"; + + if (m_inProgress) { + result->setError(i18n("Another client is already authenticating, please try again later.")); + result->setCompleted(); + qDebug() << "Another client is already authenticating, please try again later."; + return; + } + + m_identities = identities; + m_cookie = cookie; + m_result = result; + m_session.clear(); + + m_inProgress = true; + + WId parentId = 0; + + if (m_actionsToWID.contains(actionId)) { + parentId = m_actionsToWID[actionId]; + } + + m_dialog = new AuthDialog(actionId, message, iconName, details, identities, parentId); + connect(m_dialog.data(), SIGNAL(okClicked()), SLOT(dialogAccepted())); + connect(m_dialog.data(), SIGNAL(rejected()), SLOT(dialogCanceled())); + connect(m_dialog.data(), SIGNAL(adminUserSelected(PolkitQt1::Identity)), SLOT(userSelected(PolkitQt1::Identity))); + + qDebug() << "WinId of the dialog is " << m_dialog.data()->winId() << m_dialog.data()->effectiveWinId(); + m_dialog.data()->setOptions(); + m_dialog.data()->show(); + KWindowSystem::forceActiveWindow(m_dialog.data()->winId()); + qDebug() << "WinId of the shown dialog is " << m_dialog.data()->winId() << m_dialog.data()->effectiveWinId(); + + if (identities.length() == 1) { + m_selectedUser = identities[0]; + } else { + m_selectedUser = m_dialog.data()->adminUserSelected(); + } + + m_numTries = 0; + tryAgain(); +} + +void PolicyKitListener::tryAgain() +{ + qDebug() << "Trying again"; + m_wasCancelled = false; + + // We will create new session only when some user is selected + if (m_selectedUser.isValid()) { + m_session = new Session(m_selectedUser, m_cookie, m_result); + connect(m_session.data(), SIGNAL(request(QString,bool)), this, SLOT(request(QString,bool))); + connect(m_session.data(), SIGNAL(completed(bool)), this, SLOT(completed(bool))); + connect(m_session.data(), SIGNAL(showError(QString)), this, SLOT(showError(QString))); + + m_session.data()->initiate(); + } + +} + +void PolicyKitListener::finishObtainPrivilege() +{ + qDebug() << "Finishing obtaining privileges"; + + // Number of tries increase only when some user is selected + if (m_selectedUser.isValid()) { + m_numTries++; + } + + if (!m_gainedAuthorization && !m_wasCancelled && !m_dialog.isNull()) { + m_dialog.data()->authenticationFailure(); + + if (m_numTries < 3) { + m_session.data()->deleteLater(); + + tryAgain(); + return; + } + } + + if (!m_session.isNull()) { + m_session.data()->result()->setCompleted(); + } else { + m_result->setCompleted(); + } + m_session.data()->deleteLater(); + + if (!m_dialog.isNull()) { + m_dialog.data()->hide(); + m_dialog.data()->deleteLater(); + } + + m_inProgress = false; + + qDebug() << "Finish obtain authorization:" << m_gainedAuthorization; +} + +bool PolicyKitListener::initiateAuthenticationFinish() +{ + qDebug() << "Finishing authentication"; + return true; +} + +void PolicyKitListener::cancelAuthentication() +{ + qDebug() << "Cancelling authentication"; + + m_wasCancelled = true; + finishObtainPrivilege(); +} + +void PolicyKitListener::request(const QString &request, bool echo) +{ + Q_UNUSED(echo); + qDebug() << "Request: " << request; + + if (!m_dialog.isNull()) { + m_dialog.data()->setRequest(request, m_selectedUser.isValid() && + m_selectedUser.toString() == "unix-user:root"); + } +} + +void PolicyKitListener::completed(bool gainedAuthorization) +{ + qDebug() << "Completed: " << gainedAuthorization; + + m_gainedAuthorization = gainedAuthorization; + + finishObtainPrivilege(); +} + +void PolicyKitListener::showError(const QString &text) +{ + qDebug() << "Error: " << text; +} + +void PolicyKitListener::dialogAccepted() +{ + qDebug() << "Dialog accepted"; + + if (!m_dialog.isNull()) { + m_session.data()->setResponse(m_dialog.data()->password()); + } +} + +void PolicyKitListener::dialogCanceled() +{ + qDebug() << "Dialog cancelled"; + + m_wasCancelled = true; + if (!m_session.isNull()) { + m_session.data()->cancel(); + } + + finishObtainPrivilege(); +} + +void PolicyKitListener::userSelected(const PolkitQt1::Identity &identity) +{ + m_selectedUser = identity; + // If some user is selected we must destroy existing session + if (!m_session.isNull()) { + m_session.data()->deleteLater(); + } + tryAgain(); +}