Add polkit support to KIO using KAuth library. This would allow file management inside read-only directories.
The following steps are taken for gaining root access,
- Application starts a job with PrivilegeExecution flag.
- The job, after testing for this flag, sets two variables m_privilegeExecutionEnabled and m_operationType. The former variable is responsible for notifying the slave that job wants privileges to be elevated and the latter sets the type of operation which will be used with confirmation dialog.
- The job then sets the PrivilegeExecution flag in other sub-jobs which take KIO::JobFlags as argument. It also sets itself as the parent job for other sub-jobs it makes use of. This is also necessary for the confirmation dialog.
- Then control transfers to slave. It continues as usual and when certain operation fails it will call execWithElevatedPrivilege() method. This method will first check if the error was caused due to insufficient privileges and if it is indeed the case it will emit privilegeExecData() signal twice.
- First time it is for checking if the job actually wanted the privileges to be elevated. In this case once the signal is received by the job, value of m_privilegeExecutionEnabled (in case of SimpleJob it's parent job will be considered) is queried and if true ElevatePrivilege is sent back as reply.
- The next signal by the slave asks the job to show the confirmation dialog. For this purpose job calls tryAskPrivilegeOpConfirmation(). This method first checks for the parent job. It will continue checking till there is no parent job.
- Once the top-level job is obtained its tryAskPrivilegeOpConfirmation() method will be called and confirmation dialog is shown and if the user confirms then ActionConfirmed is sent back to the slave.
- If every step mentioned above succeeds then the slave will call the kauth helper and perform the action with elevated privilege.
Current Status
- ChmodJob, DeleteJob, CopyJob, MkPathJob support performing file operations in read-only location.
- KNewFileMenu is partially usable. "Create New -> Link to Application" and "Create New -> Link to Location" are not working
- Dolphin's context menu will also work is all the writability checks are disabled
ToDo
- Finalise approach
- Add support for PrivilegeExecution flag in SimpleJob
- Add unit tests for the changes till now
- Make changes to` KpropertiesDialog` for "Create New -> Link to Application" and "Create New -> Link to Location" work properly
- Make changes to FileUndoManager
- Add the support for new slave to DropJob
- Currently if jobs like copyjob are executed in a loop then multiple warnings are shown. Add a new job for the sole purpose of acting as a parent to those complex jobs created in loop.