Pass expanded identity list to the AuthenticationSession

... otherwise it things like admin-identities being set to ["unix-group:session"] won't work. Signed-off-by: David Zeuthen <davidz@redhat.com>
author: David Zeuthen <davidz@redhat.com> 2012-05-23 17:44:43 -0400
committer: David Zeuthen <davidz@redhat.com> 2012-05-23 17:44:43 -0400
commit: 956d4e81d0dbb5182a7070f6367c391d69924270 (patch)
tree: 3425840b546d3384b3aad5eccf811314b593e748
parent: 9b06da6b9b630b589affc9d555ba56af96888e9c (diff)
download: polkit-956d4e81d0dbb5182a7070f6367c391d69924270.tar.gz
1 files changed, 24 insertions, 24 deletions
diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c
index 171e686..86e7134 100644
--- a/src/polkitbackend/polkitbackendinteractiveauthority.c
+++ b/src/polkitbackend/polkitbackendinteractiveauthority.c
@@ -2211,13 +2211,36 @@ authentication_agent_initiate_challenge (AuthenticationAgent         *agent,
       identities = g_list_prepend (identities, g_object_ref (user_of_subject));
     }
 
+  /* expand groups/netgroups to users */
+  user_identities = NULL;
+  for (l = identities; l != NULL; l = l->next)
+    {
+      PolkitIdentity *identity = POLKIT_IDENTITY (l->data);
+      if (POLKIT_IS_UNIX_USER (identity))
+        {
+          user_identities = g_list_append (user_identities, g_object_ref (identity));
+        }
+      else if (POLKIT_IS_UNIX_GROUP (identity))
+        {
+          user_identities = g_list_concat (user_identities, get_users_in_group (identity, FALSE));
+        }
+      else if (POLKIT_IS_UNIX_NETGROUP (identity))
+        {
+          user_identities =  g_list_concat (user_identities, get_users_in_net_group (identity, FALSE));
+        }
+      else
+        {
+          g_warning ("Unsupported identity");
+        }
+    }
+
   session = authentication_session_new (agent,
                                         cookie,
                                         subject,
                                         user_of_subject,
                                         caller,
                                         authority,
-                                        identities,
+                                        user_identities,
                                         action_id,
                                         details,
                                         polkit_system_bus_name_get_name (POLKIT_SYSTEM_BUS_NAME (caller)),
@@ -2236,29 +2259,6 @@ authentication_agent_initiate_challenge (AuthenticationAgent         *agent,
   details_gvariant = polkit_details_to_gvariant (localized_details);
   g_variant_ref_sink (details_gvariant);
 
-  /* expand groups/netgroups to users */
-  user_identities = NULL;
-  for (l = identities; l != NULL; l = l->next)
-    {
-      PolkitIdentity *identity = POLKIT_IDENTITY (l->data);
-      if (POLKIT_IS_UNIX_USER (identity))
-        {
-          user_identities = g_list_append (user_identities, g_object_ref (identity));
-        }
-      else if (POLKIT_IS_UNIX_GROUP (identity))
-        {
-          user_identities = g_list_concat (user_identities, get_users_in_group (identity, FALSE));
-        }
-      else if (POLKIT_IS_UNIX_NETGROUP (identity))
-        {
-          user_identities =  g_list_concat (user_identities, get_users_in_net_group (identity, FALSE));
-        }
-      else
-        {
-          g_warning ("Unsupported identity");
-        }
-    }
-
   g_variant_builder_init (&identities_builder, G_VARIANT_TYPE ("a(sa{sv})"));
   for (l = user_identities; l != NULL; l = l->next)
     {
author	David Zeuthen <davidz@redhat.com>	2012-05-23 17:44:43 -0400
committer	David Zeuthen <davidz@redhat.com>	2012-05-23 17:44:43 -0400
commit	956d4e81d0dbb5182a7070f6367c391d69924270 (patch)
tree	3425840b546d3384b3aad5eccf811314b593e748
parent	9b06da6b9b630b589affc9d555ba56af96888e9c (diff)
download	polkit-956d4e81d0dbb5182a7070f6367c391d69924270.tar.gz