[gnome-software/gnome-42: 3/7] flatpak: Set GS_APP_PERMISSIONS_FILESYSTEM_OTHER

[Philip Withnall <pwithnall src gnome org>]

commit 6f03b24d1b5222188712c45aab9c7f11dea43601
Author: Milan Crha <mcrha redhat com>
Date:   Wed Apr 13 16:59:35 2022 +0200

    flatpak: Set GS_APP_PERMISSIONS_FILESYSTEM_OTHER
    
    When there are uncovered filesystem permissions, set
    the new GS_APP_PERMISSIONS_FILESYSTEM_OTHER.

 plugins/flatpak/gs-flatpak.c | 5 +++++
 1 file changed, 5 insertions(+)
---
diff --git a/plugins/flatpak/gs-flatpak.c b/plugins/flatpak/gs-flatpak.c
index 1644ee456..c66aa681d 100644
--- a/plugins/flatpak/gs-flatpak.c
+++ b/plugins/flatpak/gs-flatpak.c
@@ -258,10 +258,12 @@ perms_from_metadata (GKeyFile *keyfile)
                        { "xdg-download:ro", GS_APP_PERMISSIONS_DOWNLOADS_READ },
                        { "xdg-data/flatpak/overrides:create", GS_APP_PERMISSIONS_ESCAPE_SANDBOX }
                };
+               guint filesystems_hits = 0;
 
                for (guint i = 0; i < G_N_ELEMENTS (filesystems_access); i++) {
                        if (g_strv_contains ((const gchar * const *) strv, filesystems_access[i].key)) {
                                permissions |= filesystems_access[i].perm;
+                               filesystems_hits++;
                        }
                }
 
@@ -271,6 +273,9 @@ perms_from_metadata (GKeyFile *keyfile)
                        permissions = permissions & ~GS_APP_PERMISSIONS_FILESYSTEM_READ;
                if ((permissions & GS_APP_PERMISSIONS_DOWNLOADS_FULL) != 0)
                        permissions = permissions & ~GS_APP_PERMISSIONS_DOWNLOADS_READ;
+
+               if (g_strv_length (strv) > filesystems_hits)
+                       permissions |= GS_APP_PERMISSIONS_FILESYSTEM_OTHER;
        }
        g_strfreev (strv);