accountsservice: Add SetPasswordHint function

So far the only way of setting the password hint is by setting also the
password.

But there are several cases where setting the password isn't done through
AccountsService, but still we want to set the password hint. For instance GDM
setups the pasword for new used directly from PAM.

Thus, let's add a new function to set the hint without changing the password.

https://bugs.freedesktop.org/show_bug.cgi?id=89588

5 files changed, 125 insertions, 1 deletions

diff --git a/data/org.freedesktop.Accounts.User.xml b/data/org.freedesktop.Accounts.User.xml
index 88198d8..a6a8b5e 100644
--- a/data/org.freedesktop.Accounts.User.xml
+++ b/data/org.freedesktop.Accounts.User.xml
@@ -497,6 +497,41 @@
     </doc:doc>
   </method>
 
+  <method name="SetPasswordHint">
+    <annotation name="org.freedesktop.DBus.GLib.Async" value=""/>
+    <arg name="hint" direction="in" type="s">
+      <doc:doc>
+        <doc:summary>
+          The password hint.
+        </doc:summary>
+      </doc:doc>
+    </arg>
+    <doc:doc>
+      <doc:description>
+        <doc:para>
+          Sets the users password hint.
+        </doc:para>
+      </doc:description>
+      <doc:permission>
+        The caller needs one of the following PolicyKit authorizations:
+        <doc:list>
+          <doc:item>
+            <doc:term>org.freedesktop.accounts.change-own-user-data</doc:term>
+            <doc:definition>To change his own language</doc:definition>
+          </doc:item>
+          <doc:item>
+            <doc:term>org.freedesktop.accounts.user-administration</doc:term>
+            <doc:definition>To change the language of another user</doc:definition>
+          </doc:item>
+        </doc:list>
+      </doc:permission>
+      <doc:errors>
+        <doc:error name="org.freedesktop.Accounts.Error.PermissionDenied">if the caller lacks the appropriate PolicyKit authorization</doc:error>
+        <doc:error name="org.freedesktop.Accounts.Error.Failed">if the operation failed</doc:error>
+      </doc:errors>
+    </doc:doc>
+  </method>
+
   <method name="SetAutomaticLogin">
     <annotation name="org.freedesktop.DBus.GLib.Async" value=""/>
     <arg name="enabled" direction="in" type="b">
diff --git a/doc/libaccountsservice/libaccountsservice-sections.txt b/doc/libaccountsservice/libaccountsservice-sections.txt
index 88b0a78..c420316 100644
--- a/doc/libaccountsservice/libaccountsservice-sections.txt
+++ b/doc/libaccountsservice/libaccountsservice-sections.txt
@@ -37,6 +37,7 @@ act_user_set_language
 act_user_set_location
 act_user_set_locked
 act_user_set_password
+act_user_set_password_hint
 act_user_set_password_mode
 act_user_set_real_name
 act_user_set_user_name
@@ -108,4 +109,4 @@ act_user_manager_error_quark
 <SECTION>
 <FILE>ConsoleKitManager</FILE>
 
-</SECTION>
\ No newline at end of file
+</SECTION>
diff --git a/src/libaccountsservice/act-user.c b/src/libaccountsservice/act-user.c
index 8073d72..4a820ae 100644
--- a/src/libaccountsservice/act-user.c
+++ b/src/libaccountsservice/act-user.c
@@ -1880,6 +1880,34 @@ act_user_set_password (ActUser             *user,
 }
 
 /**
+ * act_uset_set_password_hint:
+ * @user: the user object to alter.
+ * @hint: a hint to help user recall password
+ *
+ * Sets the password hint of @user.
+ * @hint is displayed to the user if they forget the password.
+ *
+ * Note this function is synchronous and ignores errors.
+ **/
+void
+act_user_set_password_hint (ActUser     *user,
+                            const gchar *hint)
+{
+        GError *error = NULL;
+
+        g_return_if_fail (ACT_IS_USER (user));
+        g_return_if_fail (ACCOUNTS_IS_USER (user->accounts_proxy));
+
+        if (!accounts_user_call_set_password_hint_sync (user->accounts_proxy,
+                                                        hint,
+                                                        NULL,
+                                                        &error)) {
+                g_warning ("SetPasswordHint call failed: %s", error->message);
+                g_error_free (error);
+        }
+}
+
+/**
  * act_user_set_password_mode:
  * @user: the user object to alter.
  * @password_mode: a #ActUserPasswordMode
diff --git a/src/libaccountsservice/act-user.h b/src/libaccountsservice/act-user.h
index d188db4..e0b02c3 100644
--- a/src/libaccountsservice/act-user.h
+++ b/src/libaccountsservice/act-user.h
@@ -103,6 +103,8 @@ void           act_user_set_account_type          (ActUser    *user,
 void           act_user_set_password              (ActUser     *user,
                                                    const gchar *password,
                                                    const gchar *hint);
+void           act_user_set_password_hint         (ActUser             *user,
+                                                   const gchar *hint);
 void           act_user_set_password_mode         (ActUser             *user,
                                                    ActUserPasswordMode  password_mode);
 void           act_user_set_locked                (ActUser    *user,
diff --git a/src/user.c b/src/user.c
index 94ef58c..0fb1a17 100644
--- a/src/user.c
+++ b/src/user.c
@@ -1928,6 +1928,63 @@ user_set_password (AccountsUser          *auser,
 }
 
 static void
+user_change_password_hint_authorized_cb (Daemon                *daemon,
+                                         User                  *user,
+                                         GDBusMethodInvocation *context,
+                                         gpointer               data)
+{
+        gchar *hint = data;
+
+        sys_log (context,
+                 "set password hint of user '%s' (%d)'",
+                 user->user_name, user->uid);
+
+        if (g_strcmp0 (user->password_hint, hint) != 0) {
+                g_free (user->password_hint);
+                user->password_hint = g_strdup (hint);
+
+                save_extra_data (user);
+
+                accounts_user_emit_changed (ACCOUNTS_USER (user));
+
+                g_object_notify (G_OBJECT (user), "password-hint");
+        }
+
+        accounts_user_complete_set_password_hint (ACCOUNTS_USER (user), context);
+}
+
+static gboolean
+user_set_password_hint (AccountsUser          *auser,
+                        GDBusMethodInvocation *context,
+                        const gchar           *hint)
+{
+        User *user = (User*)auser;
+        int uid;
+        const gchar *action_id;
+
+        if (!get_caller_uid (context, &uid)) {
+                throw_error (context, ERROR_FAILED, "identifying caller failed");
+                return FALSE;
+        }
+
+        if (user->uid == (uid_t) uid)
+                action_id = "org.freedesktop.accounts.change-own-user-data";
+        else
+                action_id = "org.freedesktop.accounts.user-administration";
+
+        daemon_local_check_auth (user->daemon,
+                                 user,
+                                 action_id,
+                                 TRUE,
+                                 user_change_password_hint_authorized_cb,
+                                 context,
+                                 g_strdup (hint),
+                                 (GDestroyNotify)g_free);
+
+        return TRUE;
+}
+
+static void
 user_change_automatic_login_authorized_cb (Daemon                *daemon,
                                            User                  *user,
                                            GDBusMethodInvocation *context,
@@ -2271,6 +2328,7 @@ user_accounts_user_iface_init (AccountsUserIface *iface)
         iface->handle_set_locked = user_set_locked;
         iface->handle_set_password = user_set_password;
         iface->handle_set_password_mode = user_set_password_mode;
+        iface->handle_set_password_hint = user_set_password_hint;
         iface->handle_set_real_name = user_set_real_name;
         iface->handle_set_shell = user_set_shell;
         iface->handle_set_user_name = user_set_user_name;