[epiphany/mcatanzaro/file-launching: 9/11] Make it harder to call functions that don't work under flatpak



commit 14d0aca55914ca99010d29cdd236f9cd47ed665a
Author: Michael Catanzaro <mcatanzaro igalia com>
Date:   Mon Jan 7 21:09:44 2019 -0600

    Make it harder to call functions that don't work under flatpak
    
    Since calling these functions now results in a crash, let's make it
    harder to use them by adding EphyFileHelpersNotFlatpakTag, which just
    forces the caller to pass an ugly enum value
    EPHY_FILE_HELPERS_I_UNDERSTAND_I_MUST_NOT_USE_THIS_FUNCTION_UNDER_FLATPAK
    in order to use any of the functions. Ugliness is a feature here, not a
    bug, to draw scrutiny to any code that might be using these functions.

 embed/ephy-download.c   | 10 +++++++---
 lib/ephy-file-helpers.c | 26 +++++++++++++++++---------
 lib/ephy-file-helpers.h | 31 ++++++++++++++++++++++---------
 src/ephy-window.c       | 12 ++++++++++--
 src/window-commands.c   |  6 +++++-
 5 files changed, 61 insertions(+), 24 deletions(-)
---
diff --git a/embed/ephy-download.c b/embed/ephy-download.c
index e348ec0b9..10b010f6f 100644
--- a/embed/ephy-download.c
+++ b/embed/ephy-download.c
@@ -27,6 +27,7 @@
 #include "ephy-embed-type-builtins.h"
 #include "ephy-evince-document-view.h"
 #include "ephy-file-helpers.h"
+#include "ephy-flatpak-utils.h"
 #include "ephy-prefs.h"
 #include "ephy-settings.h"
 
@@ -440,13 +441,16 @@ ephy_download_do_download_action (EphyDownload          *download,
   switch ((action ? action : download->action)) {
     case EPHY_DOWNLOAD_ACTION_BROWSE_TO:
       LOG ("ephy_download_do_download_action: browse_to");
-      ret = ephy_file_browse_to (destination, user_time);
+      /* Must not use this action type under flatpak! */
+      ret = ephy_file_browse_to (destination, user_time,
+                                 EPHY_FILE_HELPERS_I_UNDERSTAND_I_MUST_NOT_USE_THIS_FUNCTION_UNDER_FLATPAK);
       break;
     case EPHY_DOWNLOAD_ACTION_OPEN:
       LOG ("ephy_download_do_download_action: open");
       ret = ephy_file_launch_handler (destination, user_time);
-      if (!ret)
-        ret = ephy_file_browse_to (destination, user_time);
+      if (!ret && !ephy_is_running_inside_flatpak ())
+        ret = ephy_file_browse_to (destination, user_time,
+                                   
EPHY_FILE_HELPERS_I_UNDERSTAND_I_MUST_NOT_USE_THIS_FUNCTION_UNDER_FLATPAK);
       break;
     case EPHY_DOWNLOAD_ACTION_NONE:
       LOG ("ephy_download_do_download_action: none");
diff --git a/lib/ephy-file-helpers.c b/lib/ephy-file-helpers.c
index 5869a1ae8..c33b758b3 100644
--- a/lib/ephy-file-helpers.c
+++ b/lib/ephy-file-helpers.c
@@ -510,6 +510,7 @@ ephy_file_launch_application (GAppInfo  *app,
  * @parameter: path to an optional parameter file to pass to the application
  * @user_time: user time to prevent focus stealing
  * @widget: an optional widget for ephy_file_launch_application()
+ * @tag: used to guard against improper usage
  *
  * Calls ephy_file_launch_application() for the application described by the
  * .desktop file @filename. Can pass @parameter as optional file arguments.
@@ -517,10 +518,11 @@ ephy_file_launch_application (GAppInfo  *app,
  * Returns: %TRUE if the application launch was successful
  **/
 gboolean
-ephy_file_launch_desktop_file (const char *filename,
-                               const char *parameter,
-                               guint32     user_time,
-                               GtkWidget  *widget)
+ephy_file_launch_desktop_file (const char                   *filename,
+                               const char                   *parameter,
+                               guint32                       user_time,
+                               GtkWidget                    *widget,
+                               EphyFileHelpersNotFlatpakTag  tag)
 {
   GDesktopAppInfo *app;
   GFile *file = NULL;
@@ -530,6 +532,7 @@ ephy_file_launch_desktop_file (const char *filename,
   /* This is impossible to implement inside flatpak. Higher layers must
    * ensure we don't get here.
    */
+  g_assert (tag == EPHY_FILE_HELPERS_I_UNDERSTAND_I_MUST_NOT_USE_THIS_FUNCTION_UNDER_FLATPAK);
   g_assert (!ephy_is_running_inside_flatpak ());
 
   app = g_desktop_app_info_new (filename);
@@ -609,9 +612,10 @@ ephy_file_launch_handler (GFile   *file,
 }
 
 gboolean
-ephy_file_open_uri_in_default_browser (const char *uri,
-                                       guint32     timestamp,
-                                       GdkScreen  *screen)
+ephy_file_open_uri_in_default_browser (const char                   *uri,
+                                       guint32                       timestamp,
+                                       GdkScreen                    *screen,
+                                       EphyFileHelpersNotFlatpakTag  tag)
 {
   GdkAppLaunchContext *context;
   GAppInfo *appinfo;
@@ -622,6 +626,7 @@ ephy_file_open_uri_in_default_browser (const char *uri,
   /* This is impossible to implement inside flatpak. Higher layers must
    * ensure we don't get here.
    */
+  g_assert (tag == EPHY_FILE_HELPERS_I_UNDERSTAND_I_MUST_NOT_USE_THIS_FUNCTION_UNDER_FLATPAK);
   g_assert (!ephy_is_running_inside_flatpak ());
 
   context = gdk_display_get_app_launch_context (screen ? gdk_screen_get_display (screen) : 
gdk_display_get_default ());
@@ -648,6 +653,7 @@ ephy_file_open_uri_in_default_browser (const char *uri,
  * ephy_file_browse_to:
  * @file: a #GFile
  * @user_time: user_time to prevent focus stealing
+ * @tag: used to guard against improper usage
  *
  * Launches the default application for browsing directories, with @file's
  * parent directory as its target. Passes @user_time to
@@ -656,14 +662,16 @@ ephy_file_open_uri_in_default_browser (const char *uri,
  * Returns: %TRUE if the launch succeeded
  **/
 gboolean
-ephy_file_browse_to (GFile  *file,
-                     guint32 user_time)
+ephy_file_browse_to (GFile                        *file,
+                     guint32                       user_time,
+                     EphyFileHelpersNotFlatpakTag  tag)
 {
   g_autoptr(GFile) parent = NULL;
 
   /* This is impossible to implement inside flatpak. Higher layers must
    * ensure we don't get here.
    */
+  g_assert (tag == EPHY_FILE_HELPERS_I_UNDERSTAND_I_MUST_NOT_USE_THIS_FUNCTION_UNDER_FLATPAK);
   g_assert (!ephy_is_running_inside_flatpak ());
 
   parent = g_file_get_parent (file);
diff --git a/lib/ephy-file-helpers.h b/lib/ephy-file-helpers.h
index 17c0c6a1a..d2c79a4ab 100644
--- a/lib/ephy-file-helpers.h
+++ b/lib/ephy-file-helpers.h
@@ -48,6 +48,11 @@ typedef enum
   EPHY_FILE_HELPERS_TESTING_MODE     = 1 << 5
 } EphyFileHelpersFlags;
 
+typedef enum
+{
+  EPHY_FILE_HELPERS_I_UNDERSTAND_I_MUST_NOT_USE_THIS_FUNCTION_UNDER_FLATPAK
+} EphyFileHelpersNotFlatpakTag;
+
 gboolean           ephy_file_helpers_init                   (const char            *profile_dir,
                                                              EphyFileHelpersFlags   flags,
                                                              GError               **error);
@@ -63,21 +68,29 @@ char       *       ephy_file_tmp_filename                   (const char
                                                              const char            *extension);
 gboolean           ephy_ensure_dir_exists                   (const char            *dir,
                                                              GError               **error);
-gboolean           ephy_file_launch_desktop_file            (const char            *filename,
-                                                             const char            *parameter,
-                                                             guint32                user_time,
-                                                             GtkWidget             *widget);
 gboolean           ephy_file_launch_handler                 (GFile                 *file,
                                                              guint32                user_time);
-gboolean           ephy_file_open_uri_in_default_browser    (const char            *uri,
-                                                             guint32                timestamp,
-                                                             GdkScreen             *screen);
-gboolean           ephy_file_browse_to                      (GFile                 *file,
-                                                             guint32                user_time);
 gboolean           ephy_file_delete_dir_recursively         (const char            *directory,
                                                              GError               **error);
 char       *       ephy_sanitize_filename                   (char                  *filename);
 void               ephy_open_default_instance_window        (void);
 void               ephy_open_incognito_window               (const char            *uri);
 
+/* These functions attempt to launch a particular application chosen by
+ * Epiphany, which is not possible to do when running inside flatpak. Be
+ * careful!
+ */
+gboolean           ephy_file_launch_desktop_file            (const char                   *filename,
+                                                             const char                   *parameter,
+                                                             guint32                       user_time,
+                                                             GtkWidget                    *widget,
+                                                             EphyFileHelpersNotFlatpakTag  tag);
+gboolean           ephy_file_open_uri_in_default_browser    (const char                   *uri,
+                                                             guint32                       timestamp,
+                                                             GdkScreen                    *screen,
+                                                             EphyFileHelpersNotFlatpakTag  tag);
+gboolean           ephy_file_browse_to                      (GFile                        *file,
+                                                             guint32                       user_time,
+                                                             EphyFileHelpersNotFlatpakTag  tag);
+
 G_END_DECLS
diff --git a/src/ephy-window.c b/src/ephy-window.c
index 234d3f734..d1cf8f7cf 100644
--- a/src/ephy-window.c
+++ b/src/ephy-window.c
@@ -2031,8 +2031,12 @@ decide_navigation_policy (WebKitWebView            *web_view,
           ephy_web_application_is_uri_allowed (uri)) {
         gtk_widget_show (GTK_WIDGET (window));
       } else {
+        /* We can't get here under flatpak because this code only
+         * executes in web app mode.
+         */
         ephy_file_open_uri_in_default_browser (uri, GDK_CURRENT_TIME,
-                                               gtk_window_get_screen (GTK_WINDOW (window)));
+                                               gtk_window_get_screen (GTK_WINDOW (window)),
+                                               
EPHY_FILE_HELPERS_I_UNDERSTAND_I_MUST_NOT_USE_THIS_FUNCTION_UNDER_FLATPAK);
         webkit_policy_decision_ignore (decision);
 
         gtk_widget_destroy (GTK_WIDGET (window));
@@ -2048,8 +2052,12 @@ decide_navigation_policy (WebKitWebView            *web_view,
         return FALSE;
       }
 
+      /* We can't get here under flatpak because this code only
+       * executes in web app mode.
+       */
       ephy_file_open_uri_in_default_browser (uri, GDK_CURRENT_TIME,
-                                             gtk_window_get_screen (GTK_WINDOW (window)));
+                                             gtk_window_get_screen (GTK_WINDOW (window)),
+                                             
EPHY_FILE_HELPERS_I_UNDERSTAND_I_MUST_NOT_USE_THIS_FUNCTION_UNDER_FLATPAK);
       webkit_policy_decision_ignore (decision);
 
       return TRUE;
diff --git a/src/window-commands.c b/src/window-commands.c
index dd832346b..e93d03ac8 100644
--- a/src/window-commands.c
+++ b/src/window-commands.c
@@ -1223,7 +1223,11 @@ notify_launch_cb (NotifyNotification *notification,
 {
   char *desktop_file = user_data;
 
-  ephy_file_launch_desktop_file (desktop_file, NULL, 0, NULL);
+  /* We can't get here under flatpak because all web app functionality
+   * is disabled when running under flatpak.
+   */
+  ephy_file_launch_desktop_file (desktop_file, NULL, 0, NULL,
+                                 EPHY_FILE_HELPERS_I_UNDERSTAND_I_MUST_NOT_USE_THIS_FUNCTION_UNDER_FLATPAK);
   g_free (desktop_file);
 }
 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]