[network-manager-applet/nma-1-0] applet: make new auto connections only available for current user (rh #1176042)

[Jiří Klimeš <jklimes src gnome org>]

commit eaec80e0e958abd2b6beb0e93dafa5a820516341
Author: Jiří Klimeš <jklimes redhat com>
Date:   Mon Apr 27 16:53:43 2015 +0200

    applet: make new auto connections only available for current user (rh #1176042)
    
    When a user clicks a new Wi-Fi network in nm-applet, AddAndActivateConnection()
    D-Bus method is called to create a new connection and activate it. The
    connection is available to all users by default (no connection.permissions).
    However, this causes troubles when polkit action for modifying system
    connections [1] is set to require admin access. Then a normal user cannot
    connect to a new network, because it would require admin password to save
    the new connection and finish AddAndActivateConnection(). We solve that by
    creating new connections as private to current user only.
    
    [1] org.freedesktop.NetworkManager.settings.modify.system set to auth
    (i.e. auth_admin, auth_admin_keep)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1176042
    
    (cherry picked from commit 0c92debe95f62a7f677e28eb8dee92728d702a0a)

 src/applet-device-wifi.c |    7 +++++--
 src/mobile-helpers.c     |    3 +++
 2 files changed, 8 insertions(+), 2 deletions(-)
---
diff --git a/src/applet-device-wifi.c b/src/applet-device-wifi.c
index c67f8b6..0ae44ad 100644
--- a/src/applet-device-wifi.c
+++ b/src/applet-device-wifi.c
@@ -397,6 +397,11 @@ _do_new_auto_connection (NMApplet *applet,
 
        connection = nm_connection_new ();
 
+       /* Make the new connection available only for the current user */
+       s_con = (NMSettingConnection *) nm_setting_connection_new ();
+       nm_setting_connection_add_permission (s_con, "user", g_get_user_name (), NULL);
+       nm_connection_add_setting (connection, NM_SETTING (s_con));
+
        ssid = nm_access_point_get_ssid (ap);
        if (   (nm_access_point_get_mode (ap) == NM_802_11_MODE_INFRA)
            && (is_manufacturer_default_ssid (ssid) == TRUE)) {
@@ -418,11 +423,9 @@ _do_new_auto_connection (NMApplet *applet,
            || (wpa_flags & NM_802_11_AP_SEC_KEY_MGMT_802_1X)) {
 
                /* Need a UUID for the "always ask" stuff in the Dialog of Doom */
-               s_con = (NMSettingConnection *) nm_setting_connection_new ();
                uuid = nm_utils_uuid_generate ();
                g_object_set (s_con, NM_SETTING_CONNECTION_UUID, uuid, NULL);
                g_free (uuid);
-               nm_connection_add_setting (connection, NM_SETTING (s_con));
 
                if (!s_wifi) {
                        s_wifi = (NMSettingWireless *) nm_setting_wireless_new ();
diff --git a/src/mobile-helpers.c b/src/mobile-helpers.c
index 4da1d97..f07523d 100644
--- a/src/mobile-helpers.c
+++ b/src/mobile-helpers.c
@@ -215,6 +215,9 @@ mobile_wizard_done (NMAMobileWizard *wizard,
                              NM_SETTING_CONNECTION_AUTOCONNECT, FALSE,
                              NM_SETTING_CONNECTION_UUID, uuid,
                              NULL);
+               /* Make the new connection available only for the current user */
+               nm_setting_connection_add_permission ((NMSettingConnection *) setting,
+                                                     "user", g_get_user_name (), NULL);
                g_free (uuid);
                g_free (id);
                nm_connection_add_setting (connection, setting);