[gnome-software/wip/rancell/permissions] Make explicit permission types
- From: Robert Ancell <rancell src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-software/wip/rancell/permissions] Make explicit permission types
- Date: Fri, 26 May 2017 04:54:47 +0000 (UTC)
commit 836fed0d17e402ed8c688d4978c5e030d547a8db
Author: Robert Ancell <robert ancell canonical com>
Date: Fri May 26 16:54:17 2017 +1200
Make explicit permission types
lib/gs-permission.c | 126 ++++++++++++++++++++++++++++-------------
lib/gs-permission.h | 12 ++--
plugins/snap/gs-plugin-snap.c | 24 +++++++-
3 files changed, 114 insertions(+), 48 deletions(-)
---
diff --git a/lib/gs-permission.c b/lib/gs-permission.c
index f4c19ac..3479d54 100644
--- a/lib/gs-permission.c
+++ b/lib/gs-permission.c
@@ -37,36 +37,6 @@ struct _GsPermission
G_DEFINE_TYPE (GsPermission, gs_permission, G_TYPE_OBJECT)
/**
- * gs_permission_get_label:
- * @permission: a #GsPermission
- *
- * Get the label for this permission.
- *
- * Returns: a label string.
- */
-const gchar *
-gs_permission_get_label (GsPermission *permission)
-{
- g_return_val_if_fail (GS_IS_PERMISSION (permission), NULL);
- return permission->label;
-}
-
-/**
- * gs_permission_set_label:
- * @permission: a #GsPermission
- * @label: a label string.
- *
- * Set the label for this permission.
- */
-void
-gs_permission_set_label (GsPermission *permission, const gchar *label)
-{
- g_return_if_fail (GS_IS_PERMISSION (permission));
- g_free (permission->label);
- permission->label = g_strdup (label);
-}
-
-/**
* gs_permission_get_metadata_item:
* @auth: a #GsPermission
* @key: a string
@@ -103,6 +73,21 @@ gs_permission_add_metadata (GsPermission *auth, const gchar *key, const gchar *v
}
/**
+ * gs_permission_get_label:
+ * @permission: a #GsPermission
+ *
+ * Get the label for this permission.
+ *
+ * Returns: a label string.
+ */
+const gchar *
+gs_permission_get_label (GsPermission *permission)
+{
+ g_return_val_if_fail (GS_IS_PERMISSION (permission), NULL);
+ return permission->label;
+}
+
+/**
* gs_permission_get_enabled:
* @permission: a #GsPermission
*
@@ -156,16 +141,7 @@ gs_permission_init (GsPermission *permission)
g_free, g_free);
}
-/**
- * gs_permission_new:
- * @label: An ISO 4217 label code, e.g. "USD"
- * @enabled: %TRUE if this permission is enabled.
- *
- * Creates a new permission object.
- *
- * Return value: a new #GsPermission object.
- **/
-GsPermission *
+static GsPermission *
gs_permission_new (const gchar *label, gboolean enabled)
{
GsPermission *permission;
@@ -175,4 +151,74 @@ gs_permission_new (const gchar *label, gboolean enabled)
return GS_PERMISSION (permission);
}
+/**
+ * gs_permission_new_camera:
+ * @enabled: %TRUE if camera access is enabled.
+ *
+ * Creates a new permission object for camera access.
+ *
+ * Return value: a new #GsPermission object.
+ **/
+GsPermission *
+gs_permission_new_camera (gboolean enabled)
+{
+ return gs_permission_new (_("Can acquire photos / video from cameras"), enabled);
+}
+
+/**
+ * gs_permission_new_network:
+ * @enabled: %TRUE if network access is enabled.
+ *
+ * Creates a new permission object for network access.
+ *
+ * Return value: a new #GsPermission object.
+ **/
+GsPermission *
+gs_permission_new_network (gboolean enabled)
+{
+ return gs_permission_new (_("Can access the network"), enabled);
+}
+
+/**
+ * gs_permission_new_media:
+ * @enabled: %TRUE if removable media is enabled.
+ *
+ * Creates a new permission object for removable media.
+ *
+ * Return value: a new #GsPermission object.
+ **/
+GsPermission *
+gs_permission_new_media (gboolean enabled)
+{
+ return gs_permission_new (_("Can access removable media (USB drives etc)"), enabled);
+}
+
+/**
+ * gs_permission_new_optical_drive:
+ * @enabled: %TRUE if optical drive access is enabled.
+ *
+ * Creates a new permission object for optical drive access.
+ *
+ * Return value: a new #GsPermission object.
+ **/
+GsPermission *
+gs_permission_new_optical_drive (gboolean enabled)
+{
+ return gs_permission_new (_("Can access optical drives (CD, DVD etc)"), enabled);
+}
+
+/**
+ * gs_permission_new_shutdown:
+ * @enabled: %TRUE if shutdown / restart is allowed.
+ *
+ * Creates a new permission object for shutdown / restart of this machine.
+ *
+ * Return value: a new #GsPermission object.
+ **/
+GsPermission *
+gs_permission_new_shutdown (gboolean enabled)
+{
+ return gs_permission_new (_("Can shutdown / restart this computer"), enabled);
+}
+
/* vim: set noexpandtab: */
diff --git a/lib/gs-permission.h b/lib/gs-permission.h
index a54c022..8750b87 100644
--- a/lib/gs-permission.h
+++ b/lib/gs-permission.h
@@ -31,17 +31,19 @@ G_BEGIN_DECLS
G_DECLARE_FINAL_TYPE (GsPermission, gs_permission, GS, PERMISSION, GObject)
-GsPermission *gs_permission_new (const gchar *label,
- gboolean enabled);
+GsPermission *gs_permission_new_camera (gboolean enabled);
+GsPermission *gs_permission_new_network (gboolean enabled);
+GsPermission *gs_permission_new_media (gboolean enabled);
+GsPermission *gs_permission_new_optical_drive (gboolean enabled);
+GsPermission *gs_permission_new_shutdown (gboolean enabled);
-const gchar *gs_permission_get_label (GsPermission *permission);
-void gs_permission_set_label (GsPermission *permission,
- const gchar *label);
const gchar *gs_permission_get_metadata_item (GsPermission *permission,
const gchar *key);
void gs_permission_add_metadata (GsPermission *permission,
const gchar *key,
const gchar *value);
+
+const gchar *gs_permission_get_label (GsPermission *permission);
gboolean gs_permission_get_enabled (GsPermission *permission);
void gs_permission_set_enabled (GsPermission *permission,
gboolean enabled);
diff --git a/plugins/snap/gs-plugin-snap.c b/plugins/snap/gs-plugin-snap.c
index 00d609c..eaca16d 100644
--- a/plugins/snap/gs-plugin-snap.c
+++ b/plugins/snap/gs-plugin-snap.c
@@ -446,6 +446,7 @@ gs_plugin_refine_app (GsPlugin *plugin,
for (i = 0; i < plugs->len; i++) {
SnapdPlug *plug = plugs->pdata[i];
const gchar *name;
+ gboolean is_connected;
g_autoptr(GsPermission) permission = NULL;
/* skip if not relating to this snap */
@@ -454,12 +455,29 @@ gs_plugin_refine_app (GsPlugin *plugin,
/* map interfaces to known permissions */
name = snapd_plug_get_name (plug);
+ is_connected = snapd_plug_get_connections (plug)->len > 0;
if (g_strcmp0 (name, "camera") == 0)
- ;
- else
+ permission = gs_permission_new_camera (is_connected);
+ else if (g_strcmp0 (name, "removable-media") == 0)
+ permission = gs_permission_new_media (is_connected);
+ else if (g_strcmp0 (name, "optical-drive") == 0)
+ permission = gs_permission_new_optical_drive (is_connected);
+ else if (g_strcmp0 (name, "network") == 0)
+ permission = gs_permission_new_network (is_connected);
+ else if (g_strcmp0 (name, "shutdown") == 0)
+ permission = gs_permission_new_shutdown (is_connected);
+ else if (g_strcmp0 (name, "home") == 0 ||
+ g_strcmp0 (name, "opengl") == 0 ||
+ g_strcmp0 (name, "pulseaudio") == 0 ||
+ g_strcmp0 (name, "unity7") == 0 ||
+ g_strcmp0 (name, "x11") == 0) {
+ g_debug ("Ignoring common plug %s:%s", snapd_plug_get_snap (plug), name);
continue;
+ } else {
+ g_warning ("Ignoring unknown plug %s:%s", snapd_plug_get_snap (plug), name);
+ continue;
+ }
- permission = gs_permission_new (name, snapd_plug_get_connections (plug)->len > 0);
gs_app_add_permission (app, permission);
}
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]