diff options
author | David Zeuthen <davidz@redhat.com> | 2009-07-20 18:49:25 -0400 |
---|---|---|
committer | David Zeuthen <davidz@redhat.com> | 2009-07-20 18:49:25 -0400 |
commit | 36fc7a6d358c1d373c181191da6265a538a71dae (patch) | |
tree | 166630eadb8a659fb9ea988f93d3ff7120d8dd64 /data | |
parent | ae8ea087928b7a1bc34b2380872da8867563bec1 (diff) | |
download | polkit-36fc7a6d358c1d373c181191da6265a538a71dae.tar.gz |
Add support for querying and revoking temporary authorizations
Also change how authentication agents are registered (take a Subject
instead of the session-id) and add convenience functions to
asynchronously construct a PolkitUnixSession object given a process id
(by querying ConsoleKit).
Diffstat (limited to 'data')
-rw-r--r-- | data/org.freedesktop.PolicyKit1.Authority.xml | 70 |
1 files changed, 64 insertions, 6 deletions
diff --git a/data/org.freedesktop.PolicyKit1.Authority.xml b/data/org.freedesktop.PolicyKit1.Authority.xml index ed4e57a..6b29e8e 100644 --- a/data/org.freedesktop.PolicyKit1.Authority.xml +++ b/data/org.freedesktop.PolicyKit1.Authority.xml @@ -30,7 +30,7 @@ <!-- Identity struct --> <annotation name="org.gtk.EggDBus.DeclareStruct" value="Identity"> - <annotation name="org.gtk.EggDBus.DocString.Summary" value="Subjects"/> + <annotation name="org.gtk.EggDBus.DocString.Summary" value="Identities"/> <annotation name="org.gtk.EggDBus.DocString" value="<para>This struct describes identities such as UNIX users and UNIX groups. It is typically used to check if a given process is authorized for an action.</para><para>The following kinds of identities are known:</para> <formalpara><title>Unix User</title><para><literal>identity_kind</literal> should be set to <literal>unix-user</literal> with key <literal>uid</literal> (of type <literal>uint32</literal>).</para></formalpara> <formalpara><title>Unix Group</title><para><literal>identity_kind</literal> should be set to <literal>unix-group</literal> with key <literal>gid</literal> (of type <literal>uint32</literal>).</para></formalpara> @@ -254,8 +254,9 @@ <method name="RegisterAuthenticationAgent"> <annotation name="org.gtk.EggDBus.DocString" value="<para>Register an authentication agent.</para><para>Note that current versions of PolicyKit will only work if @session_id is set to the empty string. In the future it might work for non-empty strings if the caller is sufficiently privileged.</para>"/> - <arg name="session_id" direction="in" type="s"> - <annotation name="org.gtk.EggDBus.DocString" value="The session to register the authentication for or blank for the session the caller of the method is in."/> + <arg name="subject" direction="in" type="(sa{sv})"> + <annotation name="org.gtk.EggDBus.Type" value="Subject"/> + <annotation name="org.gtk.EggDBus.DocString" value="The subject to register the authentication agent for, typically a session subject."/> </arg> <arg name="locale" direction="in" type="s"> @@ -270,12 +271,13 @@ <method name="UnregisterAuthenticationAgent"> <annotation name="org.gtk.EggDBus.DocString" value="Unregister an authentication agent."/> - <arg name="session_id" direction="in" type="s"> - <annotation name="org.gtk.EggDBus.DocString" value="The session identifier passed to org.freedesktop.PolicyKit1.Authority.RegisterAuthenticationAgent()."/> + <arg name="subject" direction="in" type="(sa{sv})"> + <annotation name="org.gtk.EggDBus.Type" value="Subject"/> + <annotation name="org.gtk.EggDBus.DocString" value="The @subject passed to org.freedesktop.PolicyKit1.Authority.RegisterAuthenticationAgent()."/> </arg> <arg name="object_path" direction="in" type="s"> - <annotation name="org.gtk.EggDBus.DocString" value="The object path of authentication agent object on the unique name of the caller."/> + <annotation name="org.gtk.EggDBus.DocString" value="The @object_path passed to org.freedesktop.PolicyKit1.Authority.RegisterAuthenticationAgent()."/> </arg> </method> @@ -292,6 +294,62 @@ </arg> </method> + <!-- ---------------------------------------------------------------------------------------------------- --> + + <!-- TemporaryAuthorization struct --> + <annotation name="org.gtk.EggDBus.DeclareStruct" value="TemporaryAuthorization"> + <annotation name="org.gtk.EggDBus.DocString.Summary" value="Temporary Authorizations"/> + <annotation name="org.gtk.EggDBus.DocString" value="This struct describes a temporary authorization."/> + + <annotation name="org.gtk.EggDBus.Struct.Member" value="String:id"> + <annotation name="org.gtk.EggDBus.DocString" value="An opaque identifier for the temporary authorization."/> + </annotation> + + <annotation name="org.gtk.EggDBus.Struct.Member" value="String:action_id"> + <annotation name="org.gtk.EggDBus.DocString" value="The action the temporary authorization is for."/> + </annotation> + + <annotation name="org.gtk.EggDBus.Struct.Member" value="Subject:subject"> + <annotation name="org.gtk.EggDBus.Type" value="Subject"/> + <annotation name="org.gtk.EggDBus.DocString" value="The subject the temporary authorization is for."/> + </annotation> + + <annotation name="org.gtk.EggDBus.Struct.Member" value="UInt64:time_obtained"> + <annotation name="org.gtk.EggDBus.DocString" value="When the temporary authorization was obtained, in seconds since the Epoch Jan 1, 1970 0:00 UTC."/> + </annotation> + + <annotation name="org.gtk.EggDBus.Struct.Member" value="UInt64:time_expires"> + <annotation name="org.gtk.EggDBus.DocString" value="When the temporary authorization is set to expire, in seconds since the Epoch Jan 1, 1970 0:00 UTC."/> + </annotation> + </annotation> + + <!-- ---------------------------------------------------------------------------------------------------- --> + + <method name="EnumerateTemporaryAuthorizations"> + <annotation name="org.gtk.EggDBus.DocString" value="Retrieves all temporary authorizations that applies to @subject."/> + + <arg name="subject" direction="in" type="(sa{sv})"> + <annotation name="org.gtk.EggDBus.Type" value="Subject"/> + <annotation name="org.gtk.EggDBus.DocString" value="The subject to get temporary authorizations for."/> + </arg> + + <arg name="temporary_authorizations" direction="out" type="a(ss(sa{sv})tt)"> + <annotation name="org.gtk.EggDBus.Type" value="Array<TemporaryAuthorization>"/> + <annotation name="org.gtk.EggDBus.DocString" value="An array of #TemporaryAuthorization structs."/> + </arg> + </method> + + <method name="RevokeTemporaryAuthorizations"> + <annotation name="org.gtk.EggDBus.DocString" value="Revokes all temporary authorizations that applies to @subject."/> + + <arg name="subject" direction="in" type="(sa{sv})"> + <annotation name="org.gtk.EggDBus.Type" value="Subject"/> + <annotation name="org.gtk.EggDBus.DocString" value="The subject to revoke temporary authorizations from."/> + </arg> + </method> + + <!-- ---------------------------------------------------------------------------------------------------- --> + <signal name="Changed"> <annotation name="org.gtk.EggDBus.DocString" value="This signal is emitted when actions and/or authorizations change"/> </signal> |