[gnome-software/1722-flatpak-handle-more-well-known-filesystem-permissions] misc: Rename GsAppPermissions into GsAppPermissionsFlags
- From: Milan Crha <mcrha src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-software/1722-flatpak-handle-more-well-known-filesystem-permissions] misc: Rename GsAppPermissions into GsAppPermissionsFlags
- Date: Fri, 17 Jun 2022 09:37:22 +0000 (UTC)
commit a1268306cd840c881879a0acb499d45319a97a09
Author: Milan Crha <mcrha redhat com>
Date: Thu Jun 16 16:54:59 2022 +0200
misc: Rename GsAppPermissions into GsAppPermissionsFlags
Simple search & replace on the type name and the enum value.
It's needed to be able to declare a GsAppPermissions object, which
will hold the flags and additional information.
lib/gs-app.c | 22 +++++-----
lib/gs-app.h | 56 +++++++++++++------------
plugins/epiphany/gs-plugin-epiphany.c | 2 +-
plugins/flatpak/gs-flatpak.c | 74 ++++++++++++++++-----------------
src/gs-app-context-bar.c | 42 +++++++++----------
src/gs-app-details-page.c | 32 +++++++-------
src/gs-safety-context-dialog.c | 78 +++++++++++++++++------------------
7 files changed, 155 insertions(+), 151 deletions(-)
---
diff --git a/lib/gs-app.c b/lib/gs-app.c
index 122f915a0..f03a34df6 100644
--- a/lib/gs-app.c
+++ b/lib/gs-app.c
@@ -93,7 +93,7 @@ typedef struct
gchar *update_version_ui;
gchar *update_details_markup;
AsUrgencyKind update_urgency;
- GsAppPermissions update_permissions;
+ GsAppPermissionsFlags update_permissions;
GWeakRef management_plugin_weak; /* (element-type GsPlugin) */
guint match_value;
guint priority;
@@ -135,7 +135,7 @@ typedef struct
AsScreenshot *action_screenshot; /* (nullable) (owned) */
GCancellable *cancellable;
GsPluginAction pending_action;
- GsAppPermissions permissions;
+ GsAppPermissionsFlags permissions;
gboolean is_update_downloaded;
GPtrArray *version_history; /* (element-type AsRelease) (nullable) (owned) */
GPtrArray *relations; /* (nullable) (element-type AsRelation) (owned) */
@@ -5877,13 +5877,13 @@ gs_app_class_init (GsAppClass *klass)
*
* The permissions the app requires to run.
*
- * This is %GS_APP_PERMISSIONS_UNKNOWN if the permissions are unknown.
+ * This is %GS_APP_PERMISSIONS_FLAGS_UNKNOWN if the permissions are unknown.
*
* Since: 41
*/
obj_props[PROP_PERMISSIONS] =
g_param_spec_flags ("permissions", NULL, NULL,
- GS_TYPE_APP_PERMISSIONS, GS_APP_PERMISSIONS_UNKNOWN,
+ GS_TYPE_APP_PERMISSIONS_FLAGS, GS_APP_PERMISSIONS_FLAGS_UNKNOWN,
G_PARAM_READWRITE | G_PARAM_EXPLICIT_NOTIFY | G_PARAM_STATIC_STRINGS);
/**
@@ -6263,16 +6263,17 @@ gs_app_subsume_metadata (GsApp *app, GsApp *donor)
}
}
-GsAppPermissions
+GsAppPermissionsFlags
gs_app_get_permissions (GsApp *app)
{
GsAppPrivate *priv = gs_app_get_instance_private (app);
- g_return_val_if_fail (GS_IS_APP (app), GS_APP_PERMISSIONS_UNKNOWN);
+ g_return_val_if_fail (GS_IS_APP (app), GS_APP_PERMISSIONS_FLAGS_UNKNOWN);
return priv->permissions;
}
void
-gs_app_set_permissions (GsApp *app, GsAppPermissions permissions)
+gs_app_set_permissions (GsApp *app,
+ GsAppPermissionsFlags permissions)
{
GsAppPrivate *priv = gs_app_get_instance_private (app);
g_return_if_fail (GS_IS_APP (app));
@@ -6283,16 +6284,17 @@ gs_app_set_permissions (GsApp *app, GsAppPermissions permissions)
gs_app_queue_notify (app, obj_props[PROP_PERMISSIONS]);
}
-GsAppPermissions
+GsAppPermissionsFlags
gs_app_get_update_permissions (GsApp *app)
{
GsAppPrivate *priv = gs_app_get_instance_private (app);
- g_return_val_if_fail (GS_IS_APP (app), GS_APP_PERMISSIONS_UNKNOWN);
+ g_return_val_if_fail (GS_IS_APP (app), GS_APP_PERMISSIONS_FLAGS_UNKNOWN);
return priv->update_permissions;
}
void
-gs_app_set_update_permissions (GsApp *app, GsAppPermissions update_permissions)
+gs_app_set_update_permissions (GsApp *app,
+ GsAppPermissionsFlags update_permissions)
{
GsAppPrivate *priv = gs_app_get_instance_private (app);
g_return_if_fail (GS_IS_APP (app));
diff --git a/lib/gs-app.h b/lib/gs-app.h
index 663a65677..7eec0f227 100644
--- a/lib/gs-app.h
+++ b/lib/gs-app.h
@@ -209,31 +209,31 @@ typedef enum {
} GsAppQuality;
typedef enum {
- GS_APP_PERMISSIONS_UNKNOWN = 0,
- GS_APP_PERMISSIONS_NONE = 1 << 0,
- GS_APP_PERMISSIONS_NETWORK = 1 << 1,
- GS_APP_PERMISSIONS_SYSTEM_BUS = 1 << 2,
- GS_APP_PERMISSIONS_SESSION_BUS = 1 << 3,
- GS_APP_PERMISSIONS_DEVICES = 1 << 4,
- GS_APP_PERMISSIONS_HOME_FULL = 1 << 5,
- GS_APP_PERMISSIONS_HOME_READ = 1 << 6,
- GS_APP_PERMISSIONS_FILESYSTEM_FULL = 1 << 7,
- GS_APP_PERMISSIONS_FILESYSTEM_READ = 1 << 8,
- GS_APP_PERMISSIONS_DOWNLOADS_FULL = 1 << 9,
- GS_APP_PERMISSIONS_DOWNLOADS_READ = 1 << 10,
- GS_APP_PERMISSIONS_SETTINGS = 1 << 11,
- GS_APP_PERMISSIONS_X11 = 1 << 12,
- GS_APP_PERMISSIONS_ESCAPE_SANDBOX = 1 << 13,
- GS_APP_PERMISSIONS_FILESYSTEM_OTHER = 1 << 14,
- GS_APP_PERMISSIONS_LAST /*< skip >*/
-} GsAppPermissions;
+ GS_APP_PERMISSIONS_FLAGS_UNKNOWN = 0,
+ GS_APP_PERMISSIONS_FLAGS_NONE = 1 << 0,
+ GS_APP_PERMISSIONS_FLAGS_NETWORK = 1 << 1,
+ GS_APP_PERMISSIONS_FLAGS_SYSTEM_BUS = 1 << 2,
+ GS_APP_PERMISSIONS_FLAGS_SESSION_BUS = 1 << 3,
+ GS_APP_PERMISSIONS_FLAGS_DEVICES = 1 << 4,
+ GS_APP_PERMISSIONS_FLAGS_HOME_FULL = 1 << 5,
+ GS_APP_PERMISSIONS_FLAGS_HOME_READ = 1 << 6,
+ GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_FULL = 1 << 7,
+ GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_READ = 1 << 8,
+ GS_APP_PERMISSIONS_FLAGS_DOWNLOADS_FULL = 1 << 9,
+ GS_APP_PERMISSIONS_FLAGS_DOWNLOADS_READ = 1 << 10,
+ GS_APP_PERMISSIONS_FLAGS_SETTINGS = 1 << 11,
+ GS_APP_PERMISSIONS_FLAGS_X11 = 1 << 12,
+ GS_APP_PERMISSIONS_FLAGS_ESCAPE_SANDBOX = 1 << 13,
+ GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_OTHER = 1 << 14,
+ GS_APP_PERMISSIONS_FLAGS_LAST /*< skip >*/
+} GsAppPermissionsFlags;
-#define LIMITED_PERMISSIONS (GS_APP_PERMISSIONS_SETTINGS | \
- GS_APP_PERMISSIONS_NETWORK | \
- GS_APP_PERMISSIONS_DOWNLOADS_READ | \
- GS_APP_PERMISSIONS_DOWNLOADS_FULL)
+#define LIMITED_PERMISSIONS (GS_APP_PERMISSIONS_FLAGS_SETTINGS | \
+ GS_APP_PERMISSIONS_FLAGS_NETWORK | \
+ GS_APP_PERMISSIONS_FLAGS_DOWNLOADS_READ | \
+ GS_APP_PERMISSIONS_FLAGS_DOWNLOADS_FULL)
#define MEDIUM_PERMISSIONS (LIMITED_PERMISSIONS | \
- GS_APP_PERMISSIONS_X11)
+ GS_APP_PERMISSIONS_FLAGS_X11)
/**
* GS_APP_PROGRESS_UNKNOWN:
@@ -516,12 +516,14 @@ gchar *gs_app_get_packaging_format (GsApp *app);
const gchar *gs_app_get_packaging_format_raw(GsApp *app);
void gs_app_subsume_metadata (GsApp *app,
GsApp *donor);
-GsAppPermissions gs_app_get_permissions (GsApp *app);
+GsAppPermissionsFlags
+ gs_app_get_permissions (GsApp *app);
void gs_app_set_permissions (GsApp *app,
- GsAppPermissions permissions);
-GsAppPermissions gs_app_get_update_permissions (GsApp *app);
+ GsAppPermissionsFlags permissions);
+GsAppPermissionsFlags
+ gs_app_get_update_permissions (GsApp *app);
void gs_app_set_update_permissions (GsApp *app,
- GsAppPermissions update_permissions);
+ GsAppPermissionsFlags update_permissions);
GPtrArray *gs_app_get_version_history (GsApp *app);
void gs_app_set_version_history (GsApp *app,
GPtrArray *version_history);
diff --git a/plugins/epiphany/gs-plugin-epiphany.c b/plugins/epiphany/gs-plugin-epiphany.c
index 78e5e2af5..1f7e20072 100644
--- a/plugins/epiphany/gs-plugin-epiphany.c
+++ b/plugins/epiphany/gs-plugin-epiphany.c
@@ -487,7 +487,7 @@ refine_app (GsPluginEpiphany *self,
gs_app_set_size_download (app, GS_SIZE_TYPE_VALID, 0);
- gs_app_set_permissions (app, GS_APP_PERMISSIONS_NETWORK);
+ gs_app_set_permissions (app, GS_APP_PERMISSIONS_FLAGS_NETWORK);
if (gs_app_get_url (app, AS_URL_KIND_HOMEPAGE) == NULL)
gs_app_set_url (app, AS_URL_KIND_HOMEPAGE, url);
diff --git a/plugins/flatpak/gs-flatpak.c b/plugins/flatpak/gs-flatpak.c
index 280b02b75..5c3d3c456 100644
--- a/plugins/flatpak/gs-flatpak.c
+++ b/plugins/flatpak/gs-flatpak.c
@@ -212,51 +212,51 @@ gs_flatpak_set_kind_from_flatpak (GsApp *app, FlatpakRef *xref)
}
}
-static GsAppPermissions
+static GsAppPermissionsFlags
perms_from_metadata (GKeyFile *keyfile)
{
char **strv;
char *str;
- GsAppPermissions permissions = GS_APP_PERMISSIONS_UNKNOWN;
+ GsAppPermissionsFlags permissions = GS_APP_PERMISSIONS_FLAGS_UNKNOWN;
strv = g_key_file_get_string_list (keyfile, "Context", "sockets", NULL, NULL);
if (strv != NULL && g_strv_contains ((const gchar * const*)strv, "system-bus"))
- permissions |= GS_APP_PERMISSIONS_SYSTEM_BUS;
+ permissions |= GS_APP_PERMISSIONS_FLAGS_SYSTEM_BUS;
if (strv != NULL && g_strv_contains ((const gchar * const*)strv, "session-bus"))
- permissions |= GS_APP_PERMISSIONS_SESSION_BUS;
+ permissions |= GS_APP_PERMISSIONS_FLAGS_SESSION_BUS;
if (strv != NULL &&
!g_strv_contains ((const gchar * const*)strv, "fallback-x11") &&
g_strv_contains ((const gchar * const*)strv, "x11"))
- permissions |= GS_APP_PERMISSIONS_X11;
+ permissions |= GS_APP_PERMISSIONS_FLAGS_X11;
g_strfreev (strv);
strv = g_key_file_get_string_list (keyfile, "Context", "devices", NULL, NULL);
if (strv != NULL && g_strv_contains ((const gchar * const*)strv, "all"))
- permissions |= GS_APP_PERMISSIONS_DEVICES;
+ permissions |= GS_APP_PERMISSIONS_FLAGS_DEVICES;
g_strfreev (strv);
strv = g_key_file_get_string_list (keyfile, "Context", "shared", NULL, NULL);
if (strv != NULL && g_strv_contains ((const gchar * const*)strv, "network"))
- permissions |= GS_APP_PERMISSIONS_NETWORK;
+ permissions |= GS_APP_PERMISSIONS_FLAGS_NETWORK;
g_strfreev (strv);
strv = g_key_file_get_string_list (keyfile, "Context", "filesystems", NULL, NULL);
if (strv != NULL) {
const struct {
const gchar *key;
- GsAppPermissions perm;
+ GsAppPermissionsFlags perm;
} filesystems_access[] = {
/* Reference:
https://docs.flatpak.org/en/latest/flatpak-command-reference.html#idm45858571325264 */
- { "home", GS_APP_PERMISSIONS_HOME_FULL },
- { "home:rw", GS_APP_PERMISSIONS_HOME_FULL },
- { "home:ro", GS_APP_PERMISSIONS_HOME_READ },
- { "host", GS_APP_PERMISSIONS_FILESYSTEM_FULL },
- { "host:rw", GS_APP_PERMISSIONS_FILESYSTEM_FULL },
- { "host:ro", GS_APP_PERMISSIONS_FILESYSTEM_READ },
- { "xdg-download", GS_APP_PERMISSIONS_DOWNLOADS_FULL },
- { "xdg-download:rw", GS_APP_PERMISSIONS_DOWNLOADS_FULL },
- { "xdg-download:ro", GS_APP_PERMISSIONS_DOWNLOADS_READ },
- { "xdg-data/flatpak/overrides:create", GS_APP_PERMISSIONS_ESCAPE_SANDBOX }
+ { "home", GS_APP_PERMISSIONS_FLAGS_HOME_FULL },
+ { "home:rw", GS_APP_PERMISSIONS_FLAGS_HOME_FULL },
+ { "home:ro", GS_APP_PERMISSIONS_FLAGS_HOME_READ },
+ { "host", GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_FULL },
+ { "host:rw", GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_FULL },
+ { "host:ro", GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_READ },
+ { "xdg-download", GS_APP_PERMISSIONS_FLAGS_DOWNLOADS_FULL },
+ { "xdg-download:rw", GS_APP_PERMISSIONS_FLAGS_DOWNLOADS_FULL },
+ { "xdg-download:ro", GS_APP_PERMISSIONS_FLAGS_DOWNLOADS_READ },
+ { "xdg-data/flatpak/overrides:create", GS_APP_PERMISSIONS_FLAGS_ESCAPE_SANDBOX }
};
guint filesystems_hits = 0;
@@ -267,40 +267,40 @@ perms_from_metadata (GKeyFile *keyfile)
}
}
- if ((permissions & GS_APP_PERMISSIONS_HOME_FULL) != 0)
- permissions = permissions & ~GS_APP_PERMISSIONS_HOME_READ;
- if ((permissions & GS_APP_PERMISSIONS_FILESYSTEM_FULL) != 0)
- permissions = permissions & ~GS_APP_PERMISSIONS_FILESYSTEM_READ;
- if ((permissions & GS_APP_PERMISSIONS_DOWNLOADS_FULL) != 0)
- permissions = permissions & ~GS_APP_PERMISSIONS_DOWNLOADS_READ;
+ if ((permissions & GS_APP_PERMISSIONS_FLAGS_HOME_FULL) != 0)
+ permissions = permissions & ~GS_APP_PERMISSIONS_FLAGS_HOME_READ;
+ if ((permissions & GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_FULL) != 0)
+ permissions = permissions & ~GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_READ;
+ if ((permissions & GS_APP_PERMISSIONS_FLAGS_DOWNLOADS_FULL) != 0)
+ permissions = permissions & ~GS_APP_PERMISSIONS_FLAGS_DOWNLOADS_READ;
if (g_strv_length (strv) > filesystems_hits)
- permissions |= GS_APP_PERMISSIONS_FILESYSTEM_OTHER;
+ permissions |= GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_OTHER;
}
g_strfreev (strv);
str = g_key_file_get_string (keyfile, "Session Bus Policy", "ca.desrt.dconf", NULL);
if (str != NULL && g_str_equal (str, "talk"))
- permissions |= GS_APP_PERMISSIONS_SETTINGS;
+ permissions |= GS_APP_PERMISSIONS_FLAGS_SETTINGS;
g_free (str);
- if (!(permissions & GS_APP_PERMISSIONS_ESCAPE_SANDBOX)) {
+ if (!(permissions & GS_APP_PERMISSIONS_FLAGS_ESCAPE_SANDBOX)) {
str = g_key_file_get_string (keyfile, "Session Bus Policy", "org.freedesktop.Flatpak", NULL);
if (str != NULL && g_str_equal (str, "talk"))
- permissions |= GS_APP_PERMISSIONS_ESCAPE_SANDBOX;
+ permissions |= GS_APP_PERMISSIONS_FLAGS_ESCAPE_SANDBOX;
g_free (str);
}
- if (!(permissions & GS_APP_PERMISSIONS_ESCAPE_SANDBOX)) {
+ if (!(permissions & GS_APP_PERMISSIONS_FLAGS_ESCAPE_SANDBOX)) {
str = g_key_file_get_string (keyfile, "Session Bus Policy",
"org.freedesktop.impl.portal.PermissionStore", NULL);
if (str != NULL && g_str_equal (str, "talk"))
- permissions |= GS_APP_PERMISSIONS_ESCAPE_SANDBOX;
+ permissions |= GS_APP_PERMISSIONS_FLAGS_ESCAPE_SANDBOX;
g_free (str);
}
/* no permissions set */
- if (permissions == GS_APP_PERMISSIONS_UNKNOWN)
- return GS_APP_PERMISSIONS_NONE;
+ if (permissions == GS_APP_PERMISSIONS_FLAGS_UNKNOWN)
+ return GS_APP_PERMISSIONS_FLAGS_NONE;
return permissions;
}
@@ -316,7 +316,7 @@ gs_flatpak_set_update_permissions (GsFlatpak *self,
g_autoptr(GKeyFile) old_keyfile = NULL;
g_autoptr(GBytes) bytes = NULL;
g_autoptr(GKeyFile) keyfile = NULL;
- GsAppPermissions permissions;
+ GsAppPermissionsFlags permissions;
g_autoptr(GError) error_local = NULL;
old_bytes = flatpak_installed_ref_load_metadata (FLATPAK_INSTALLED_REF (xref), NULL, NULL);
@@ -335,7 +335,7 @@ gs_flatpak_set_update_permissions (GsFlatpak *self,
g_debug ("Failed to get metadata for remote ‘%s’: %s",
gs_app_get_origin (app), error_local->message);
g_clear_error (&error_local);
- permissions = GS_APP_PERMISSIONS_UNKNOWN;
+ permissions = GS_APP_PERMISSIONS_FLAGS_UNKNOWN;
} else {
keyfile = g_key_file_new ();
g_key_file_load_from_data (keyfile,
@@ -346,12 +346,12 @@ gs_flatpak_set_update_permissions (GsFlatpak *self,
}
/* no new permissions set */
- if (permissions == GS_APP_PERMISSIONS_UNKNOWN)
- permissions = GS_APP_PERMISSIONS_NONE;
+ if (permissions == GS_APP_PERMISSIONS_FLAGS_UNKNOWN)
+ permissions = GS_APP_PERMISSIONS_FLAGS_NONE;
gs_app_set_update_permissions (app, permissions);
- if (permissions != GS_APP_PERMISSIONS_NONE)
+ if (permissions != GS_APP_PERMISSIONS_FLAGS_NONE)
gs_app_add_quirk (app, GS_APP_QUIRK_NEW_PERMISSIONS);
}
diff --git a/src/gs-app-context-bar.c b/src/gs-app-context-bar.c
index d2ff4b95b..31202f83c 100644
--- a/src/gs-app-context-bar.c
+++ b/src/gs-app-context-bar.c
@@ -256,7 +256,7 @@ update_safety_tile (GsAppContextBar *self)
const gchar *icon_name, *title, *css_class;
g_autoptr(GPtrArray) descriptions = g_ptr_array_new_with_free_func (NULL);
g_autofree gchar *description = NULL;
- GsAppPermissions permissions;
+ GsAppPermissionsFlags permissions;
GtkStyleContext *context;
/* Treat everything as safe to begin with, and downgrade its safety
@@ -266,19 +266,19 @@ update_safety_tile (GsAppContextBar *self)
g_assert (self->app != NULL);
permissions = gs_app_get_permissions (self->app);
- for (GsAppPermissions i = GS_APP_PERMISSIONS_NONE; i < GS_APP_PERMISSIONS_LAST; i <<= 1) {
+ for (GsAppPermissionsFlags i = GS_APP_PERMISSIONS_FLAGS_NONE; i < GS_APP_PERMISSIONS_FLAGS_LAST; i
<<= 1) {
if (!(permissions & i))
continue;
switch (i) {
- case GS_APP_PERMISSIONS_NONE:
+ case GS_APP_PERMISSIONS_FLAGS_NONE:
add_to_safety_rating (&chosen_rating, descriptions,
SAFETY_SAFE,
/* Translators: This indicates an app requires no permissions
to run.
* It’s used in a context tile, so should be short. */
_("No permissions"));
break;
- case GS_APP_PERMISSIONS_NETWORK:
+ case GS_APP_PERMISSIONS_FLAGS_NETWORK:
add_to_safety_rating (&chosen_rating, descriptions,
/* This isn’t actually safe (network access can expand a local
* vulnerability into a remotely exploitable one), but it’s
@@ -289,31 +289,31 @@ update_safety_tile (GsAppContextBar *self)
* It’s used in a context tile, so should be short. */
_("Has network access"));
break;
- case GS_APP_PERMISSIONS_SYSTEM_BUS:
+ case GS_APP_PERMISSIONS_FLAGS_SYSTEM_BUS:
add_to_safety_rating (&chosen_rating, descriptions,
SAFETY_POTENTIALLY_UNSAFE,
/* Translators: This indicates an app uses D-Bus system
services.
* It’s used in a context tile, so should be short. */
_("Uses system services"));
break;
- case GS_APP_PERMISSIONS_SESSION_BUS:
+ case GS_APP_PERMISSIONS_FLAGS_SESSION_BUS:
add_to_safety_rating (&chosen_rating, descriptions,
SAFETY_UNSAFE,
/* Translators: This indicates an app uses D-Bus session
services.
* It’s used in a context tile, so should be short. */
_("Uses session services"));
break;
- case GS_APP_PERMISSIONS_DEVICES:
+ case GS_APP_PERMISSIONS_FLAGS_DEVICES:
add_to_safety_rating (&chosen_rating, descriptions,
SAFETY_POTENTIALLY_UNSAFE,
/* Translators: This indicates an app can access arbitrary
hardware devices.
* It’s used in a context tile, so should be short. */
_("Can access hardware devices"));
break;
- case GS_APP_PERMISSIONS_HOME_FULL:
- case GS_APP_PERMISSIONS_FILESYSTEM_FULL:
+ case GS_APP_PERMISSIONS_FLAGS_HOME_FULL:
+ case GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_FULL:
/* Don’t add twice. */
- if (i == GS_APP_PERMISSIONS_HOME_FULL && (permissions &
GS_APP_PERMISSIONS_FILESYSTEM_FULL))
+ if (i == GS_APP_PERMISSIONS_FLAGS_HOME_FULL && (permissions &
GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_FULL))
break;
add_to_safety_rating (&chosen_rating, descriptions,
@@ -322,10 +322,10 @@ update_safety_tile (GsAppContextBar *self)
* It’s used in a context tile, so should be short. */
_("Can read/write all your data"));
break;
- case GS_APP_PERMISSIONS_HOME_READ:
- case GS_APP_PERMISSIONS_FILESYSTEM_READ:
+ case GS_APP_PERMISSIONS_FLAGS_HOME_READ:
+ case GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_READ:
/* Don’t add twice. */
- if (i == GS_APP_PERMISSIONS_HOME_READ && (permissions &
GS_APP_PERMISSIONS_FILESYSTEM_READ))
+ if (i == GS_APP_PERMISSIONS_FLAGS_HOME_READ && (permissions &
GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_READ))
break;
add_to_safety_rating (&chosen_rating, descriptions,
@@ -334,42 +334,42 @@ update_safety_tile (GsAppContextBar *self)
* It’s used in a context tile, so should be short. */
_("Can read all your data"));
break;
- case GS_APP_PERMISSIONS_DOWNLOADS_FULL:
+ case GS_APP_PERMISSIONS_FLAGS_DOWNLOADS_FULL:
add_to_safety_rating (&chosen_rating, descriptions,
SAFETY_POTENTIALLY_UNSAFE,
/* Translators: This indicates an app can read/write to the
user’s Downloads directory.
* It’s used in a context tile, so should be short. */
_("Can read/write your downloads"));
break;
- case GS_APP_PERMISSIONS_DOWNLOADS_READ:
+ case GS_APP_PERMISSIONS_FLAGS_DOWNLOADS_READ:
add_to_safety_rating (&chosen_rating, descriptions,
SAFETY_POTENTIALLY_UNSAFE,
/* Translators: This indicates an app can read (but not write)
from the user’s Downloads directory.
* It’s used in a context tile, so should be short. */
_("Can read your downloads"));
break;
- case GS_APP_PERMISSIONS_FILESYSTEM_OTHER:
+ case GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_OTHER:
add_to_safety_rating (&chosen_rating, descriptions,
SAFETY_POTENTIALLY_UNSAFE,
/* Translators: This indicates an app can access data in the
system unknown to the Software.
* It’s used in a context tile, so should be short. */
_("Can access arbitrary files"));
break;
- case GS_APP_PERMISSIONS_SETTINGS:
+ case GS_APP_PERMISSIONS_FLAGS_SETTINGS:
add_to_safety_rating (&chosen_rating, descriptions,
SAFETY_POTENTIALLY_UNSAFE,
/* Translators: This indicates an app can access or change user
settings.
* It’s used in a context tile, so should be short. */
_("Can access and change user settings"));
break;
- case GS_APP_PERMISSIONS_X11:
+ case GS_APP_PERMISSIONS_FLAGS_X11:
add_to_safety_rating (&chosen_rating, descriptions,
SAFETY_UNSAFE,
/* Translators: This indicates an app uses the X11 windowing
system.
* It’s used in a context tile, so should be short. */
_("Uses a legacy windowing system"));
break;
- case GS_APP_PERMISSIONS_ESCAPE_SANDBOX:
+ case GS_APP_PERMISSIONS_FLAGS_ESCAPE_SANDBOX:
add_to_safety_rating (&chosen_rating, descriptions,
SAFETY_UNSAFE,
/* Translators: This indicates an app can escape its sandbox.
@@ -393,7 +393,7 @@ update_safety_tile (GsAppContextBar *self)
* FIXME: We could do better by potentially adding a ‘trusted’ state
* to indicate that something is probably safe, but isn’t sandboxed.
* See https://gitlab.gnome.org/GNOME/gnome-software/-/issues/1451 */
- if (permissions == GS_APP_PERMISSIONS_UNKNOWN &&
+ if (permissions == GS_APP_PERMISSIONS_FLAGS_UNKNOWN &&
gs_app_has_quirk (self->app, GS_APP_QUIRK_PROVENANCE))
add_to_safety_rating (&chosen_rating, descriptions,
SAFETY_SAFE,
@@ -401,7 +401,7 @@ update_safety_tile (GsAppContextBar *self)
* by the user’s distribution and is safe.
* It’s used in a context tile, so should be short. */
_("Reviewed by your distribution"));
- else if (permissions == GS_APP_PERMISSIONS_UNKNOWN)
+ else if (permissions == GS_APP_PERMISSIONS_FLAGS_UNKNOWN)
add_to_safety_rating (&chosen_rating, descriptions,
SAFETY_POTENTIALLY_UNSAFE,
/* Translators: This indicates that an application has been packaged
diff --git a/src/gs-app-details-page.c b/src/gs-app-details-page.c
index 6eb39317d..ee902793f 100644
--- a/src/gs-app-details-page.c
+++ b/src/gs-app-details-page.c
@@ -61,28 +61,28 @@ struct _GsAppDetailsPage
G_DEFINE_TYPE (GsAppDetailsPage, gs_app_details_page, GTK_TYPE_BOX)
static const struct {
- GsAppPermissions permission;
+ GsAppPermissionsFlags permission;
const char *title;
const char *subtitle;
} permission_display_data[] = {
- { GS_APP_PERMISSIONS_NETWORK, N_("Network"), N_("Can communicate over the network") },
- { GS_APP_PERMISSIONS_SYSTEM_BUS, N_("System Services"), N_("Can access D-Bus services on the system bus")
},
- { GS_APP_PERMISSIONS_SESSION_BUS, N_("Session Services"), N_("Can access D-Bus services on the session
bus") },
- { GS_APP_PERMISSIONS_DEVICES, N_("Devices"), N_("Can access system device files") },
- { GS_APP_PERMISSIONS_HOME_FULL, N_("Home folder"), N_("Can view, edit and create files") },
- { GS_APP_PERMISSIONS_HOME_READ, N_("Home folder"), N_("Can view files") },
- { GS_APP_PERMISSIONS_FILESYSTEM_FULL, N_("File system"), N_("Can view, edit and create files") },
- { GS_APP_PERMISSIONS_FILESYSTEM_READ, N_("File system"), N_("Can view files") },
- { GS_APP_PERMISSIONS_FILESYSTEM_OTHER, N_("File system"), N_("Can access arbitrary files") },
- { GS_APP_PERMISSIONS_DOWNLOADS_FULL, N_("Downloads folder"), N_("Can view, edit and create files") },
- { GS_APP_PERMISSIONS_DOWNLOADS_READ, N_("Downloads folder"), N_("Can view files") },
- { GS_APP_PERMISSIONS_SETTINGS, N_("Settings"), N_("Can view and change any settings") },
- { GS_APP_PERMISSIONS_X11, N_("Legacy display system"), N_("Uses an old, insecure display system") },
- { GS_APP_PERMISSIONS_ESCAPE_SANDBOX, N_("Sandbox escape"), N_("Can escape the sandbox and circumvent any
other restrictions") },
+ { GS_APP_PERMISSIONS_FLAGS_NETWORK, N_("Network"), N_("Can communicate over the network") },
+ { GS_APP_PERMISSIONS_FLAGS_SYSTEM_BUS, N_("System Services"), N_("Can access D-Bus services on the system
bus") },
+ { GS_APP_PERMISSIONS_FLAGS_SESSION_BUS, N_("Session Services"), N_("Can access D-Bus services on the
session bus") },
+ { GS_APP_PERMISSIONS_FLAGS_DEVICES, N_("Devices"), N_("Can access system device files") },
+ { GS_APP_PERMISSIONS_FLAGS_HOME_FULL, N_("Home folder"), N_("Can view, edit and create files") },
+ { GS_APP_PERMISSIONS_FLAGS_HOME_READ, N_("Home folder"), N_("Can view files") },
+ { GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_FULL, N_("File system"), N_("Can view, edit and create files") },
+ { GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_READ, N_("File system"), N_("Can view files") },
+ { GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_OTHER, N_("File system"), N_("Can access arbitrary files") },
+ { GS_APP_PERMISSIONS_FLAGS_DOWNLOADS_FULL, N_("Downloads folder"), N_("Can view, edit and create files") },
+ { GS_APP_PERMISSIONS_FLAGS_DOWNLOADS_READ, N_("Downloads folder"), N_("Can view files") },
+ { GS_APP_PERMISSIONS_FLAGS_SETTINGS, N_("Settings"), N_("Can view and change any settings") },
+ { GS_APP_PERMISSIONS_FLAGS_X11, N_("Legacy display system"), N_("Uses an old, insecure display system") },
+ { GS_APP_PERMISSIONS_FLAGS_ESCAPE_SANDBOX, N_("Sandbox escape"), N_("Can escape the sandbox and circumvent
any other restrictions") },
};
static void
-populate_permissions_section (GsAppDetailsPage *page, GsAppPermissions permissions)
+populate_permissions_section (GsAppDetailsPage *page, GsAppPermissionsFlags permissions)
{
gs_widget_remove_all (page->permissions_section_list, (GsRemoveFunc) gtk_list_box_remove);
diff --git a/src/gs-safety-context-dialog.c b/src/gs-safety-context-dialog.c
index a05a3543b..dbf42d06d 100644
--- a/src/gs-safety-context-dialog.c
+++ b/src/gs-safety-context-dialog.c
@@ -110,7 +110,7 @@ update_permissions_list (GsSafetyContextDialog *self)
g_autofree gchar *title = NULL;
g_autoptr(GPtrArray) descriptions = g_ptr_array_new_with_free_func (NULL);
g_autofree gchar *description = NULL;
- GsAppPermissions permissions;
+ GsAppPermissionsFlags permissions;
GtkStyleContext *context;
GsContextDialogRowImportance chosen_rating;
@@ -130,9 +130,9 @@ update_permissions_list (GsSafetyContextDialog *self)
* sandboxed, so we can only really base decisions on whether it was
* packaged by an organisation we trust or not.
*
- * FIXME: See the comment for GS_APP_PERMISSIONS_UNKNOWN in
+ * FIXME: See the comment for GS_APP_PERMISSIONS_FLAGS_UNKNOWN in
* gs-app-context-bar.c. */
- if (permissions == GS_APP_PERMISSIONS_UNKNOWN) {
+ if (permissions == GS_APP_PERMISSIONS_FLAGS_UNKNOWN) {
add_permission_row (self->permissions_list, &chosen_rating,
!gs_app_has_quirk (self->app, GS_APP_QUIRK_PROVENANCE),
GS_CONTEXT_DIALOG_ROW_IMPORTANCE_WARNING,
@@ -144,7 +144,7 @@ update_permissions_list (GsSafetyContextDialog *self)
_("Application isn’t sandboxed but the distribution has checked that it
is not malicious"));
} else {
add_permission_row (self->permissions_list, &chosen_rating,
- (permissions & GS_APP_PERMISSIONS_NONE) != 0,
+ (permissions & GS_APP_PERMISSIONS_FLAGS_NONE) != 0,
GS_CONTEXT_DIALOG_ROW_IMPORTANCE_UNIMPORTANT,
"folder-documents-symbolic",
/* Translators: This refers to permissions (for example, from flatpak)
which an app requests from the user. */
@@ -152,7 +152,7 @@ update_permissions_list (GsSafetyContextDialog *self)
_("App is fully sandboxed"),
NULL, NULL, NULL);
add_permission_row (self->permissions_list, &chosen_rating,
- (permissions & GS_APP_PERMISSIONS_NETWORK) != 0,
+ (permissions & GS_APP_PERMISSIONS_FLAGS_NETWORK) != 0,
/* This isn’t actually unimportant (network access can expand a local
* vulnerability into a remotely exploitable one), but it’s
* needed commonly enough that marking it as
@@ -167,7 +167,7 @@ update_permissions_list (GsSafetyContextDialog *self)
_("No Network Access"),
_("Cannot access the internet"));
add_permission_row (self->permissions_list, &chosen_rating,
- (permissions & GS_APP_PERMISSIONS_SYSTEM_BUS) != 0,
+ (permissions & GS_APP_PERMISSIONS_FLAGS_SYSTEM_BUS) != 0,
GS_CONTEXT_DIALOG_ROW_IMPORTANCE_WARNING,
"emblem-system-symbolic",
/* Translators: This refers to permissions (for example, from flatpak)
which an app requests from the user. */
@@ -175,7 +175,7 @@ update_permissions_list (GsSafetyContextDialog *self)
_("Can request data from system services"),
NULL, NULL, NULL);
add_permission_row (self->permissions_list, &chosen_rating,
- (permissions & GS_APP_PERMISSIONS_SESSION_BUS) != 0,
+ (permissions & GS_APP_PERMISSIONS_FLAGS_SESSION_BUS) != 0,
GS_CONTEXT_DIALOG_ROW_IMPORTANCE_IMPORTANT,
"emblem-system-symbolic",
/* Translators: This refers to permissions (for example, from flatpak)
which an app requests from the user. */
@@ -183,7 +183,7 @@ update_permissions_list (GsSafetyContextDialog *self)
_("Can request data from session services"),
NULL, NULL, NULL);
add_permission_row (self->permissions_list, &chosen_rating,
- (permissions & GS_APP_PERMISSIONS_DEVICES) != 0,
+ (permissions & GS_APP_PERMISSIONS_FLAGS_DEVICES) != 0,
GS_CONTEXT_DIALOG_ROW_IMPORTANCE_WARNING,
"camera-photo-symbolic",
/* Translators: This refers to permissions (for example, from flatpak)
which an app requests from the user. */
@@ -194,7 +194,7 @@ update_permissions_list (GsSafetyContextDialog *self)
_("No Device Access"),
_("Cannot access devices such as webcams or gaming controllers"));
add_permission_row (self->permissions_list, &chosen_rating,
- (permissions & GS_APP_PERMISSIONS_X11) != 0,
+ (permissions & GS_APP_PERMISSIONS_FLAGS_X11) != 0,
GS_CONTEXT_DIALOG_ROW_IMPORTANCE_IMPORTANT,
"desktop-symbolic",
/* Translators: This refers to permissions (for example, from flatpak)
which an app requests from the user. */
@@ -202,7 +202,7 @@ update_permissions_list (GsSafetyContextDialog *self)
_("Uses a legacy windowing system"),
NULL, NULL, NULL);
add_permission_row (self->permissions_list, &chosen_rating,
- (permissions & GS_APP_PERMISSIONS_ESCAPE_SANDBOX) != 0,
+ (permissions & GS_APP_PERMISSIONS_FLAGS_ESCAPE_SANDBOX) != 0,
GS_CONTEXT_DIALOG_ROW_IMPORTANCE_IMPORTANT,
"dialog-warning-symbolic",
/* Translators: This refers to permissions (for example, from flatpak)
which an app requests from the user. */
@@ -210,7 +210,7 @@ update_permissions_list (GsSafetyContextDialog *self)
_("Can acquire arbitrary permissions"),
NULL, NULL, NULL);
add_permission_row (self->permissions_list, &chosen_rating,
- (permissions & GS_APP_PERMISSIONS_SETTINGS) != 0,
+ (permissions & GS_APP_PERMISSIONS_FLAGS_SETTINGS) != 0,
GS_CONTEXT_DIALOG_ROW_IMPORTANCE_WARNING,
"preferences-system-symbolic",
/* Translators: This refers to permissions (for example, from flatpak)
which an app requests from the user. */
@@ -222,7 +222,7 @@ update_permissions_list (GsSafetyContextDialog *self)
* varying scopes of what’s readable/writable, and a difference between
* read-only and writable access. */
add_permission_row (self->permissions_list, &chosen_rating,
- (permissions & GS_APP_PERMISSIONS_FILESYSTEM_FULL) != 0,
+ (permissions & GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_FULL) != 0,
GS_CONTEXT_DIALOG_ROW_IMPORTANCE_IMPORTANT,
"folder-documents-symbolic",
/* Translators: This refers to permissions (for example, from flatpak)
which an app requests from the user. */
@@ -230,8 +230,8 @@ update_permissions_list (GsSafetyContextDialog *self)
_("Can read and write all data on the file system"),
NULL, NULL, NULL);
add_permission_row (self->permissions_list, &chosen_rating,
- ((permissions & GS_APP_PERMISSIONS_HOME_FULL) != 0 &&
- !(permissions & GS_APP_PERMISSIONS_FILESYSTEM_FULL)),
+ ((permissions & GS_APP_PERMISSIONS_FLAGS_HOME_FULL) != 0 &&
+ !(permissions & GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_FULL)),
GS_CONTEXT_DIALOG_ROW_IMPORTANCE_IMPORTANT,
"user-home-symbolic",
/* Translators: This refers to permissions (for example, from flatpak)
which an app requests from the user. */
@@ -239,8 +239,8 @@ update_permissions_list (GsSafetyContextDialog *self)
_("Can read and write all data in your home directory"),
NULL, NULL, NULL);
add_permission_row (self->permissions_list, &chosen_rating,
- ((permissions & GS_APP_PERMISSIONS_FILESYSTEM_READ) != 0 &&
- !(permissions & GS_APP_PERMISSIONS_FILESYSTEM_FULL)),
+ ((permissions & GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_READ) != 0 &&
+ !(permissions & GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_FULL)),
GS_CONTEXT_DIALOG_ROW_IMPORTANCE_IMPORTANT,
"folder-documents-symbolic",
/* Translators: This refers to permissions (for example, from flatpak)
which an app requests from the user. */
@@ -248,9 +248,9 @@ update_permissions_list (GsSafetyContextDialog *self)
_("Can read all data on the file system"),
NULL, NULL, NULL);
add_permission_row (self->permissions_list, &chosen_rating,
- ((permissions & GS_APP_PERMISSIONS_HOME_READ) != 0 &&
- !(permissions & (GS_APP_PERMISSIONS_FILESYSTEM_FULL |
- GS_APP_PERMISSIONS_FILESYSTEM_READ))),
+ ((permissions & GS_APP_PERMISSIONS_FLAGS_HOME_READ) != 0 &&
+ !(permissions & (GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_FULL |
+ GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_READ))),
GS_CONTEXT_DIALOG_ROW_IMPORTANCE_IMPORTANT,
"user-home-symbolic",
/* Translators: This refers to permissions (for example, from flatpak)
which an app requests from the user. */
@@ -258,9 +258,9 @@ update_permissions_list (GsSafetyContextDialog *self)
_("Can read all data in your home directory"),
NULL, NULL, NULL);
add_permission_row (self->permissions_list, &chosen_rating,
- ((permissions & GS_APP_PERMISSIONS_DOWNLOADS_FULL) != 0 &&
- !(permissions & (GS_APP_PERMISSIONS_FILESYSTEM_FULL |
- GS_APP_PERMISSIONS_HOME_FULL))),
+ ((permissions & GS_APP_PERMISSIONS_FLAGS_DOWNLOADS_FULL) != 0 &&
+ !(permissions & (GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_FULL |
+ GS_APP_PERMISSIONS_FLAGS_HOME_FULL))),
GS_CONTEXT_DIALOG_ROW_IMPORTANCE_WARNING,
"folder-download-symbolic",
/* Translators: This refers to permissions (for example, from flatpak)
which an app requests from the user. */
@@ -268,11 +268,11 @@ update_permissions_list (GsSafetyContextDialog *self)
_("Can read and write all data in your downloads directory"),
NULL, NULL, NULL);
add_permission_row (self->permissions_list, &chosen_rating,
- ((permissions & GS_APP_PERMISSIONS_DOWNLOADS_READ) != 0 &&
- !(permissions & (GS_APP_PERMISSIONS_FILESYSTEM_FULL |
- GS_APP_PERMISSIONS_FILESYSTEM_READ |
- GS_APP_PERMISSIONS_HOME_FULL |
- GS_APP_PERMISSIONS_HOME_READ))),
+ ((permissions & GS_APP_PERMISSIONS_FLAGS_DOWNLOADS_READ) != 0 &&
+ !(permissions & (GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_FULL |
+ GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_READ |
+ GS_APP_PERMISSIONS_FLAGS_HOME_FULL |
+ GS_APP_PERMISSIONS_FLAGS_HOME_READ))),
GS_CONTEXT_DIALOG_ROW_IMPORTANCE_WARNING,
"folder-download-symbolic",
/* Translators: This refers to permissions (for example, from flatpak)
which an app requests from the user. */
@@ -280,11 +280,11 @@ update_permissions_list (GsSafetyContextDialog *self)
_("Can read all data in your downloads directory"),
NULL, NULL, NULL);
add_permission_row (self->permissions_list, &chosen_rating,
- ((permissions & GS_APP_PERMISSIONS_FILESYSTEM_OTHER) != 0 &&
- !(permissions & (GS_APP_PERMISSIONS_FILESYSTEM_FULL |
- GS_APP_PERMISSIONS_FILESYSTEM_READ |
- GS_APP_PERMISSIONS_HOME_FULL |
- GS_APP_PERMISSIONS_HOME_READ))),
+ ((permissions & GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_OTHER) != 0 &&
+ !(permissions & (GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_FULL |
+ GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_READ |
+ GS_APP_PERMISSIONS_FLAGS_HOME_FULL |
+ GS_APP_PERMISSIONS_FLAGS_HOME_READ))),
GS_CONTEXT_DIALOG_ROW_IMPORTANCE_WARNING,
"folder-documents-symbolic",
/* Translators: This refers to permissions (for example, from flatpak)
which an app requests from the user. */
@@ -293,13 +293,13 @@ update_permissions_list (GsSafetyContextDialog *self)
NULL, NULL, NULL);
add_permission_row (self->permissions_list, &chosen_rating,
- !(permissions & (GS_APP_PERMISSIONS_FILESYSTEM_FULL |
- GS_APP_PERMISSIONS_FILESYSTEM_READ |
- GS_APP_PERMISSIONS_FILESYSTEM_OTHER |
- GS_APP_PERMISSIONS_HOME_FULL |
- GS_APP_PERMISSIONS_HOME_READ |
- GS_APP_PERMISSIONS_DOWNLOADS_FULL |
- GS_APP_PERMISSIONS_DOWNLOADS_READ)),
+ !(permissions & (GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_FULL |
+ GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_READ |
+ GS_APP_PERMISSIONS_FLAGS_FILESYSTEM_OTHER |
+ GS_APP_PERMISSIONS_FLAGS_HOME_FULL |
+ GS_APP_PERMISSIONS_FLAGS_HOME_READ |
+ GS_APP_PERMISSIONS_FLAGS_DOWNLOADS_FULL |
+ GS_APP_PERMISSIONS_FLAGS_DOWNLOADS_READ)),
GS_CONTEXT_DIALOG_ROW_IMPORTANCE_UNIMPORTANT,
"folder-documents-symbolic",
/* Translators: This refers to permissions (for example, from flatpak)
which an app requests from the user. */
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
