[rygel/wip/acl: 303/306] core,main: Add DBus ACL class



commit 407f7ab58cf0b08e3ca2293aa3e11f5a863fc0c5
Author: Jens Georg <mail jensge org>
Date:   Sat Nov 8 15:33:05 2014 +0100

    core,main: Add DBus ACL class
    
    Signed-off-by: Jens Georg <mail jensge org>

 configure.ac                                |    2 +-
 src/librygel-core/rygel-dbus-interface.vala |   13 +++
 src/librygel-server/rygel-http-server.vala  |    2 +-
 src/rygel/Makefile.am                       |    2 +
 src/rygel/rygel-acl.vala                    |  116 +++++++++++++++++++++++++++
 src/rygel/rygel-main.vala                   |    6 ++
 6 files changed, 139 insertions(+), 2 deletions(-)
---
diff --git a/configure.ac b/configure.ac
index c085ed5..ecb2298 100644
--- a/configure.ac
+++ b/configure.ac
@@ -38,7 +38,7 @@ LIBXML_REQUIRED=2.7
 VALA_REQUIRED=0.22.0
 VALADOC_REQUIRED=0.2
 GSSDP_REQUIRED=0.13.0
-GUPNP_REQUIRED=0.19.0
+GUPNP_REQUIRED=0.20.11
 GUPNP_AV_REQUIRED=0.12.4
 GUPNP_DLNA_REQUIRED=0.9.4
 GSTREAMER_REQUIRED=1.0
diff --git a/src/librygel-core/rygel-dbus-interface.vala b/src/librygel-core/rygel-dbus-interface.vala
index 1fb9d7c..16ca40b 100644
--- a/src/librygel-core/rygel-dbus-interface.vala
+++ b/src/librygel-core/rygel-dbus-interface.vala
@@ -28,3 +28,16 @@ public interface Rygel.DBusInterface : Object {
 
     public abstract void shutdown () throws IOError;
 }
+
+[DBus (name = "org.gnome.Rygel1.AclProvider1")]
+public interface Rygel.DBusAclProvider : Object {
+    public const string SERVICE_NAME = "org.gnome.Rygel1.AclProvider1";
+    public const string OBJECT_PATH = "/org/gnome/Rygel1/AclProvider1";
+
+    public abstract async bool is_allowed (GLib.HashTable<string, string> device,
+                                           GLib.HashTable<string, string> service,
+                                           string                         path,
+                                           string                         address,
+                                           string?                        agent)
+                                           throws DBusError, IOError;
+}
diff --git a/src/librygel-server/rygel-http-server.vala b/src/librygel-server/rygel-http-server.vala
index 87aaab2..aa6c33b 100644
--- a/src/librygel-server/rygel-http-server.vala
+++ b/src/librygel-server/rygel-http-server.vala
@@ -66,7 +66,7 @@ public class Rygel.HTTPServer : GLib.Object, Rygel.StateMachine {
     }
 
     public async void run () {
-        context.server.add_handler (this.path_root, this.server_handler);
+        context.add_server_handler (true, this.path_root, this.server_handler);
         context.server.request_aborted.connect (this.on_request_aborted);
         context.server.request_started.connect (this.on_request_started);
 
diff --git a/src/rygel/Makefile.am b/src/rygel/Makefile.am
index 843dba0..a912eec 100644
--- a/src/rygel/Makefile.am
+++ b/src/rygel/Makefile.am
@@ -3,6 +3,7 @@ include $(top_srcdir)/common.am
 bin_PROGRAMS = rygel
 
 rygel_SOURCES = \
+       rygel-acl.vala \
        rygel-dbus-service.vala \
        rygel-main.vala \
        rygel-cmdline-config.vala \
@@ -21,6 +22,7 @@ rygel_CFLAGS = \
        -DLOCALEDIR=\""$(datadir)/locale"\" \
        -DG_LOG_DOMAIN='"Rygel"' \
        -DSYS_CONFIG_DIR='"$(sysconfigdir)"'
+
 rygel_LDADD = \
        $(RYGEL_DEPS_LIBS) \
        $(RYGEL_COMMON_LIBRYGEL_SERVER_LIBS)
diff --git a/src/rygel/rygel-acl.vala b/src/rygel/rygel-acl.vala
new file mode 100644
index 0000000..52788f9
--- /dev/null
+++ b/src/rygel/rygel-acl.vala
@@ -0,0 +1,116 @@
+/*
+ * Copyright (C) 2014 Jens Georg <mail jensge org>
+ *
+ * Author: Jens Georg <mail jensge org>
+ *
+ * This file is part of Rygel.
+ *
+ * Rygel is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * Rygel is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+internal class Rygel.Acl : GLib.Object, GUPnP.Acl
+{
+    private DBusAclProvider provider;
+
+    public Acl () {
+        Bus.watch_name (BusType.SESSION,
+                        DBusAclProvider.SERVICE_NAME,
+                        BusNameWatcherFlags.AUTO_START,
+                        this.on_name_appeared,
+                        this.on_name_vanished);
+    }
+
+    public bool can_sync () { return false; }
+
+    public bool is_allowed (GUPnP.Device? device,
+                            GUPnP.Service? service,
+                            string         path,
+                            string         address,
+                            string?        agent) {
+        assert_not_reached ();
+    }
+
+    public async bool is_allowed_async (GUPnP.Device? device,
+                                        GUPnP.Service? service,
+                                        string path,
+                                        string address,
+                                        string? agent,
+                                        GLib.Cancellable? cancellable)
+                                        throws GLib.Error {
+        if (this.provider == null) {
+            debug ("No external provider found, allowing access…");
+
+            return true;
+        }
+
+        debug ("Querying ACL for %s on %s by %s %s",
+               path,
+               device != null ? device.udn : "none",
+               agent ?? "Unknown",
+               address);
+
+        if (device == null || service == null) {
+            debug ("Allowing access to %s", path);
+
+            return true;
+        }
+
+        try {
+            var device_hash = new HashTable<string, string> (str_hash, str_equal);
+
+            if (device != null) {
+                device_hash["FriendlyName"] = device.get_friendly_name ();
+                device_hash["UDN"] = device.udn;
+                device_hash["Type"] = device.device_type;
+            }
+
+            var service_hash = new HashTable<string, string> (str_hash, str_equal);
+            if (service != null) {
+                service_hash["Type"] = service.service_type;
+            }
+
+            var allowed = yield provider.is_allowed (device_hash,
+                                                     service_hash,
+                                                     path,
+                                                     address,
+                                                     agent);
+            return allowed;
+        } catch (Error error) {
+            warning (_("Failed to query ACL: %s"), error.message);
+        }
+
+        return false;
+    }
+
+    private void on_name_appeared (DBusConnection connection,
+                                   string         name,
+                                   string         name_owner) {
+        debug ("Found ACL provider %s (%s), creating object",
+               name,
+               name_owner);
+        try {
+            this.provider = Bus.get_proxy_sync (BusType.SESSION,
+                                                name,
+                                                DBusAclProvider.OBJECT_PATH);
+        } catch (Error error) {
+            warning (_("Error creating DBus proxy for ACL: %s"),
+                     error.message);
+        }
+    }
+
+    private void on_name_vanished (DBusConnection connection, string name) {
+        this.provider = null;
+    }
+}
diff --git a/src/rygel/rygel-main.vala b/src/rygel/rygel-main.vala
index 0ce8b0b..2f27fc5 100644
--- a/src/rygel/rygel-main.vala
+++ b/src/rygel/rygel-main.vala
@@ -3,9 +3,11 @@
  * Copyright (C) 2008 Zeeshan Ali (Khattak) <zeeshanak gnome org>.
  * Copyright (C) 2012 Openismus GmbH.
  * Copyright (C) 2012 Intel Corporation.
+ * Copyright (C) 2014 Jens Georg <mail jensge org>
  *
  * Author: Zeeshan Ali (Khattak) <zeeshanak gnome org>
  *         Jens Georg <jensg openismus com>
+ *         Jens Georg <mail jensge org>
  *
  * This file is part of Rygel.
  *
@@ -38,6 +40,7 @@ internal class Rygel.Main : Object {
 
     private Configuration config;
     private LogHandler log_handler;
+    private Acl acl;
 
     private MainLoop main_loop;
 
@@ -54,6 +57,7 @@ internal class Rygel.Main : Object {
         this.root_devices = new ArrayList <RootDevice> ();
         this.factories = new ArrayList <RootDeviceFactory> ();
         this.main_loop = new GLib.MainLoop (null, false);
+        this.acl = new Acl ();
 
         this.exit_code = 0;
 
@@ -157,6 +161,8 @@ internal class Rygel.Main : Object {
                context.interface,
                context.host_ip);
 
+        context.acl = this.acl;
+
         try {
             ifaces = this.config.get_interfaces ();
         } catch (GLib.Error err) {}


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]