diff --git a/kdecore/auth/AuthBackend.cpp b/kdecore/auth/AuthBackend.cpp index 13243a97..934105f1 100644 --- a/kdecore/auth/AuthBackend.cpp +++ b/kdecore/auth/AuthBackend.cpp @@ -23,47 +23,14 @@ namespace KAuth { -class AuthBackend::Private -{ -public: - Private() {} - virtual ~Private() {} - - Capabilities capabilities; -}; - AuthBackend::AuthBackend() : QObject(0) - , d(new Private) { } AuthBackend::~AuthBackend() { - delete d; -} - -AuthBackend::Capabilities AuthBackend::capabilities() const -{ - return d->capabilities; -} - -void AuthBackend::setCapabilities(AuthBackend::Capabilities capabilities) -{ - d->capabilities = capabilities; -} - -bool AuthBackend::actionExists(const QString& action) -{ - Q_UNUSED(action); - return false; -} - -void AuthBackend::preAuthAction(const QString& action, QWidget* parent) -{ - Q_UNUSED(action) - Q_UNUSED(parent) } } //namespace KAuth diff --git a/kdecore/auth/AuthBackend.h b/kdecore/auth/AuthBackend.h index a86732e3..8c5144d4 100644 --- a/kdecore/auth/AuthBackend.h +++ b/kdecore/auth/AuthBackend.h @@ -34,41 +34,19 @@ class AuthBackend : public QObject Q_DISABLE_COPY(AuthBackend) public: - enum Capability { - NoCapability = 0, - AuthorizeFromClientCapability = 1, - AuthorizeFromHelperCapability = 2, - CheckActionExistenceCapability = 4, - PreAuthActionCapability = 8 - }; - Q_DECLARE_FLAGS(Capabilities, Capability) - AuthBackend(); virtual ~AuthBackend(); - virtual void setupAction(const QString &action) = 0; - virtual void preAuthAction(const QString &action, QWidget *parent); + virtual Action::AuthStatus authorizeAction(const QString &action) = 0; virtual Action::AuthStatus actionStatus(const QString &action) = 0; - virtual QByteArray callerID() const = 0; - virtual bool isCallerAuthorized(const QString &action, QByteArray callerID) = 0; - virtual bool actionExists(const QString &action); - - Capabilities capabilities() const; - -protected: - void setCapabilities(Capabilities capabilities); + virtual bool isCallerAuthorized(const QString &action) = 0; Q_SIGNALS: void actionStatusChanged(const QString &action, Action::AuthStatus status); - -private: - class Private; - Private * const d; }; } // namespace Auth Q_DECLARE_INTERFACE(KAuth::AuthBackend, "org.kde.auth.AuthBackend/0.1") -Q_DECLARE_OPERATORS_FOR_FLAGS(KAuth::AuthBackend::Capabilities) #endif diff --git a/kdecore/auth/backends/dbus/DBusBackend.cpp b/kdecore/auth/backends/dbus/DBusBackend.cpp index fed1bcf8..c15ed098 100644 --- a/kdecore/auth/backends/dbus/DBusBackend.cpp +++ b/kdecore/auth/backends/dbus/DBusBackend.cpp @@ -33,7 +33,6 @@ namespace KAuth DBusBackend::DBusBackend() : AuthBackend() { - setCapabilities(AuthorizeFromClientCapability | AuthorizeFromHelperCapability); } Action::AuthStatus DBusBackend::authorizeAction(const QString &action) @@ -41,32 +40,17 @@ Action::AuthStatus DBusBackend::authorizeAction(const QString &action) return actionStatus(action); } -void DBusBackend::setupAction(const QString &action) -{ - Q_UNUSED(action) -} - Action::AuthStatus DBusBackend::actionStatus(const QString &action) { - if (isCallerAuthorized(action, callerID())) { + if (isCallerAuthorized(action)) { return Action::Authorized; } else { return Action::Denied; } } -QByteArray DBusBackend::callerID() const +bool DBusBackend::isCallerAuthorized(const QString &action) { - QByteArray a; - QDataStream s(&a, QIODevice::WriteOnly); - s << QCoreApplication::applicationPid(); - - return a; -} - -bool DBusBackend::isCallerAuthorized(const QString &action, QByteArray callerID) -{ - Q_UNUSED(callerID) QDBusMessage message; QRegExp rx(QLatin1String("(\\S+\\.\\S+\\.\\S+\\.\\S+)\\.")); diff --git a/kdecore/auth/backends/dbus/DBusBackend.h b/kdecore/auth/backends/dbus/DBusBackend.h index 0ec2c6c7..5cffd6e9 100644 --- a/kdecore/auth/backends/dbus/DBusBackend.h +++ b/kdecore/auth/backends/dbus/DBusBackend.h @@ -34,11 +34,10 @@ class DBusBackend : public AuthBackend public: DBusBackend(); - virtual void setupAction(const QString&); - virtual Action::AuthStatus authorizeAction(const QString&); - virtual Action::AuthStatus actionStatus(const QString&); - virtual QByteArray callerID() const; - virtual bool isCallerAuthorized(const QString &action, QByteArray callerID); + + Action::AuthStatus authorizeAction(const QString&) final; + Action::AuthStatus actionStatus(const QString&) final; + bool isCallerAuthorized(const QString &action) final; }; } // namespace Auth diff --git a/kdecore/auth/backends/dbus/DBusHelperProxy.cpp b/kdecore/auth/backends/dbus/DBusHelperProxy.cpp index 402ee436..1f8fc317 100644 --- a/kdecore/auth/backends/dbus/DBusHelperProxy.cpp +++ b/kdecore/auth/backends/dbus/DBusHelperProxy.cpp @@ -72,7 +72,7 @@ bool DBusHelperProxy::executeActions(const QList > & message = QDBusMessage::createMethodCall(helperID, QLatin1String("/"), QLatin1String("org.kde.auth"), QLatin1String("performActions")); QList args; - args << blob << BackendsManager::authBackend()->callerID(); + args << blob; message.setArguments(args); QDBusPendingCall reply = QDBusConnection::systemBus().asyncCall(message); // This is a NO_REPLY method @@ -107,7 +107,7 @@ ActionReply DBusHelperProxy::executeAction(const QString &action, const QString message = QDBusMessage::createMethodCall(helperID, QLatin1String("/"), QLatin1String("org.kde.auth"), QLatin1String("performAction")); QList args; - args << action << BackendsManager::authBackend()->callerID() << blob; + args << action << blob; message.setArguments(args); m_actionsInProgress.push_back(action); @@ -159,7 +159,7 @@ Action::AuthStatus DBusHelperProxy::authorizeAction(const QString& action, const message = QDBusMessage::createMethodCall(helperID, QLatin1String("/"), QLatin1String("org.kde.auth"), QLatin1String("authorizeAction")); QList args; - args << action << BackendsManager::authBackend()->callerID(); + args << action; message.setArguments(args); m_actionsInProgress.push_back(action); @@ -250,7 +250,7 @@ bool DBusHelperProxy::hasToStopAction() return m_stopRequest; } -void DBusHelperProxy::performActions(QByteArray blob, const QByteArray &callerID) +void DBusHelperProxy::performActions(QByteArray blob) { QDataStream stream(&blob, QIODevice::ReadOnly); QList< QPair< QString, QVariantMap > > actions; @@ -264,13 +264,13 @@ void DBusHelperProxy::performActions(QByteArray blob, const QByteArray &callerID stream << i->second; - performAction(i->first, callerID, blob); + performAction(i->first, blob); ++i; } } -QByteArray DBusHelperProxy::performAction(const QString &action, const QByteArray &callerID, QByteArray arguments) +QByteArray DBusHelperProxy::performAction(const QString &action, QByteArray arguments) { if (!responder) { return ActionReply::NoResponderReply.serialized(); @@ -294,7 +294,7 @@ QByteArray DBusHelperProxy::performAction(const QString &action, const QByteArra QTimer *timer = responder->property("__KAuth_Helper_Shutdown_Timer").value(); timer->stop(); - if (BackendsManager::authBackend()->isCallerAuthorized(action, callerID)) { + if (BackendsManager::authBackend()->isCallerAuthorized(action)) { QString slotname = action; if (slotname.startsWith(m_name + QLatin1Char('.'))) { slotname = slotname.right(slotname.length() - m_name.length() - 1); @@ -324,7 +324,7 @@ QByteArray DBusHelperProxy::performAction(const QString &action, const QByteArra } -uint DBusHelperProxy::authorizeAction(const QString& action, const QByteArray& callerID) +uint DBusHelperProxy::authorizeAction(const QString& action) { if (!m_currentAction.isEmpty()) { return static_cast(Action::Error); @@ -337,7 +337,7 @@ uint DBusHelperProxy::authorizeAction(const QString& action, const QByteArray& c QTimer *timer = responder->property("__KAuth_Helper_Shutdown_Timer").value(); timer->stop(); - if (BackendsManager::authBackend()->isCallerAuthorized(action, callerID)) { + if (BackendsManager::authBackend()->isCallerAuthorized(action)) { retVal = static_cast(Action::Authorized); } else { retVal = static_cast(Action::Denied); diff --git a/kdecore/auth/backends/dbus/DBusHelperProxy.h b/kdecore/auth/backends/dbus/DBusHelperProxy.h index a416ea5d..ce3e8eeb 100644 --- a/kdecore/auth/backends/dbus/DBusHelperProxy.h +++ b/kdecore/auth/backends/dbus/DBusHelperProxy.h @@ -49,23 +49,23 @@ class DBusHelperProxy : public HelperProxy public: DBusHelperProxy() : responder(0), m_stopRequest(false) {} - virtual bool executeActions(const QList > &list, const QString &helperID); - virtual ActionReply executeAction(const QString &action, const QString &helperID, const QVariantMap &arguments); - virtual Action::AuthStatus authorizeAction(const QString& action, const QString& helperID); - virtual void stopAction(const QString &action, const QString &helperID); + bool executeActions(const QList > &list, const QString &helperID) final; + ActionReply executeAction(const QString &action, const QString &helperID, const QVariantMap &arguments) final; + Action::AuthStatus authorizeAction(const QString& action, const QString& helperID) final; + void stopAction(const QString &action, const QString &helperID) final; - virtual bool initHelper(const QString &name); - virtual void setHelperResponder(QObject *o); - virtual bool hasToStopAction(); - virtual void sendDebugMessage(int level, const char *msg); - virtual void sendProgressStep(int step); - virtual void sendProgressStep(const QVariantMap &data); + bool initHelper(const QString &name) final; + void setHelperResponder(QObject *o) final; + bool hasToStopAction() final; + void sendDebugMessage(int level, const char *msg) final; + void sendProgressStep(int step) final; + void sendProgressStep(const QVariantMap &data) final; public slots: void stopAction(const QString &action); - void performActions(QByteArray blob, const QByteArray &callerID); - QByteArray performAction(const QString &action, const QByteArray &callerID, QByteArray arguments); - uint authorizeAction(const QString &action, const QByteArray &callerID); + void performActions(QByteArray blob); + QByteArray performAction(const QString &action, QByteArray arguments); + uint authorizeAction(const QString &action); signals: void remoteSignal(int type, const QString &action, const QByteArray &blob); // This signal is sent from the helper to the app diff --git a/kdecore/auth/backends/dbus/org.kde.auth.xml b/kdecore/auth/backends/dbus/org.kde.auth.xml index ad53386c..dca6835b 100644 --- a/kdecore/auth/backends/dbus/org.kde.auth.xml +++ b/kdecore/auth/backends/dbus/org.kde.auth.xml @@ -3,18 +3,15 @@ - - - diff --git a/kdecore/auth/kauthaction.cpp b/kdecore/auth/kauthaction.cpp index 8fbd61c5..b2c5d20b 100644 --- a/kdecore/auth/kauthaction.cpp +++ b/kdecore/auth/kauthaction.cpp @@ -59,7 +59,6 @@ Action::Action(const QString &name) : d(new Private()) { setName(name); - BackendsManager::authBackend()->setupAction(d->name); } Action::Action(const QString &name, const QString &details) @@ -67,7 +66,6 @@ Action::Action(const QString &name, const QString &details) { setName(name); setDetails(details); - BackendsManager::authBackend()->setupAction(d->name); } Action::~Action() @@ -104,15 +102,9 @@ void Action::setName(const QString &name) { d->name = name; - // Does the backend support checking for known actions? - if (BackendsManager::authBackend()->capabilities() & KAuth::AuthBackend::CheckActionExistenceCapability) { - // In this case, just ask the backend - d->valid = BackendsManager::authBackend()->actionExists(name); - } else { - // Otherwise, check through a regexp - QRegExp exp(QLatin1String("[0-z]+(\\.[0-z]+)*")); - d->valid = exp.exactMatch(name); - } + // Check through a regexp + QRegExp exp(QLatin1String("[0-z]+(\\.[0-z]+)*")); + d->valid = exp.exactMatch(name); } QString Action::details() const @@ -179,32 +171,7 @@ Action::AuthStatus Action::authorize() const return Action::Invalid; } - // If there is any pre auth action, let's perform it - if (BackendsManager::authBackend()->capabilities() & KAuth::AuthBackend::PreAuthActionCapability) { - BackendsManager::authBackend()->preAuthAction(d->name, d->parent); - } - - // Let's check capabilities - if (BackendsManager::authBackend()->capabilities() & KAuth::AuthBackend::AuthorizeFromClientCapability) { - // That's easy then - return BackendsManager::authBackend()->authorizeAction(d->name); - } else if (BackendsManager::authBackend()->capabilities() & KAuth::AuthBackend::AuthorizeFromHelperCapability) { - // We need to check if we have an helper in this case - if (hasHelper()) { - // Ok, we need to use "helper authorization". - return BackendsManager::helperProxy()->authorizeAction(d->name, d->helperId); - } else { - // Ok, in this case we have to fake and just pretend we are an helper - if (BackendsManager::authBackend()->isCallerAuthorized(d->name, BackendsManager::authBackend()->callerID())) { - return Authorized; - } else { - return Denied; - } - } - } else { - // This should never, never happen - return Invalid; - } + return BackendsManager::authBackend()->authorizeAction(d->name); } @@ -213,21 +180,7 @@ Action::AuthStatus Action::earlyAuthorize() const // Check the status first AuthStatus s = status(); if (s == AuthRequired) { - // Let's check what to do - if (BackendsManager::authBackend()->capabilities() & KAuth::AuthBackend::AuthorizeFromClientCapability) { - // In this case we can actually try an authorization - if (BackendsManager::authBackend()->capabilities() & KAuth::AuthBackend::PreAuthActionCapability) { - BackendsManager::authBackend()->preAuthAction(d->name, d->parent); - } - - return BackendsManager::authBackend()->authorizeAction(d->name); - } else if (BackendsManager::authBackend()->capabilities() & KAuth::AuthBackend::AuthorizeFromHelperCapability) { - // In this case, just throw out Authorized, as the auth will take place later - return Authorized; - } else { - // This should never, never happen - return Invalid; - } + return BackendsManager::authBackend()->authorizeAction(d->name); } else { // It's fine, return the status return s; @@ -256,23 +209,12 @@ bool Action::executeActions(const QList< Action >& actions, QList< Action >* den foreach(const Action &a, actions) { // Save us an additional step - if (BackendsManager::authBackend()->capabilities() & KAuth::AuthBackend::AuthorizeFromClientCapability) { - if (BackendsManager::authBackend()->capabilities() & KAuth::AuthBackend::PreAuthActionCapability) { - BackendsManager::authBackend()->preAuthAction(a.name(), parent); - } + AuthStatus s = BackendsManager::authBackend()->authorizeAction(a.name()); - AuthStatus s = BackendsManager::authBackend()->authorizeAction(a.name()); - - if (s == Authorized) { - list.push_back(QPair(a.name(), a.arguments())); - } else if ((s == Denied || s == Invalid) && deniedActions) { - *deniedActions << a; - } - } else if (BackendsManager::authBackend()->capabilities() & KAuth::AuthBackend::AuthorizeFromHelperCapability) { + if (s == Authorized) { list.push_back(QPair(a.name(), a.arguments())); - } else { - // There's something totally wrong here - return false; + } else if ((s == Denied || s == Invalid) && deniedActions) { + *deniedActions << a; } } @@ -308,16 +250,11 @@ ActionReply Action::execute(const QString &helperID) const return ActionReply::InvalidActionReply; } - // What to do? - if (BackendsManager::authBackend()->capabilities() & KAuth::AuthBackend::AuthorizeFromClientCapability) { - if (BackendsManager::authBackend()->capabilities() & KAuth::AuthBackend::PreAuthActionCapability) { - BackendsManager::authBackend()->preAuthAction(d->name, d->parent); - } - // Authorize from here - AuthStatus s = BackendsManager::authBackend()->authorizeAction(d->name); + // Authorize from here + AuthStatus s = BackendsManager::authBackend()->authorizeAction(d->name); - // Abort if authorization fails - switch (s) { + // Abort if authorization fails + switch (s) { case Denied: return ActionReply::AuthorizationDeniedReply; case Invalid: @@ -326,25 +263,6 @@ ActionReply Action::execute(const QString &helperID) const return ActionReply::UserCancelledReply; default: break; - } - } else if (BackendsManager::authBackend()->capabilities() & KAuth::AuthBackend::AuthorizeFromHelperCapability) { - // In this case we care only if the action is not async and does not have an helper - if (!d->async && !hasHelper()) { - // Authorize! - switch (authorize()) { - case Denied: - return ActionReply::AuthorizationDeniedReply; - case Invalid: - return ActionReply::InvalidActionReply; - case UserCancelled: - return ActionReply::UserCancelledReply; - default: - break; - } - } - } else { - // What? - return ActionReply::InvalidActionReply; } if (d->async) { @@ -357,11 +275,6 @@ ActionReply Action::execute(const QString &helperID) const ActionReply::SuccessReply : ActionReply::AuthorizationDeniedReply; } else { if (hasHelper()) { - // Perform the pre auth here - if (BackendsManager::authBackend()->capabilities() & KAuth::AuthBackend::PreAuthActionCapability) { - BackendsManager::authBackend()->preAuthAction(d->name, d->parent); - } - return BackendsManager::helperProxy()->executeAction(d->name, helperID, d->args); } else { return ActionReply::SuccessReply;