diff options
| author | Alexander Larsson <alexl@redhat.com> | 2016-05-13 16:23:43 +0200 |
|---|---|---|
| committer | Alexander Larsson <alexl@redhat.com> | 2016-05-13 16:23:43 +0200 |
| commit | 1504f7bd7f276a8bc2f0e2762f44c1141ba5054a (patch) | |
| tree | fb7a90088581a5994779b24763369872dc52dc56 | |
| parent | 4a8a225447139b5df3cf7759f56d5ca7462fc8aa (diff) | |
| download | xdg-app-1504f7bd7f276a8bc2f0e2762f44c1141ba5054a.tar.gz | |
system-helper: Support add/modify/delete of remotes
| -rw-r--r-- | common/flatpak-dir.c | 60 | ||||
| -rw-r--r-- | common/flatpak-dir.h | 7 | ||||
| -rw-r--r-- | data/org.freedesktop.Flatpak.xml | 9 | ||||
| -rw-r--r-- | system-helper/flatpak-system-helper.c | 105 | ||||
| -rw-r--r-- | system-helper/org.freedesktop.Flatpak.policy.in | 11 |
5 files changed, 191 insertions, 1 deletions
diff --git a/common/flatpak-dir.c b/common/flatpak-dir.c index 023dd23..545a3cc 100644 --- a/common/flatpak-dir.c +++ b/common/flatpak-dir.c @@ -4163,6 +4163,30 @@ flatpak_dir_remove_remote (FlatpakDir *self, GHashTableIter hash_iter; gpointer key; + if (flatpak_dir_use_system_helper (self)) + { + FlatpakSystemHelper *system_helper; + g_autoptr(GVariant) gpg_data_v = NULL; + FlatpakHelperConfigureRemoteFlags flags = 0; + + gpg_data_v = g_variant_ref_sink (g_variant_new_from_data (G_VARIANT_TYPE ("ay"), "", 0, TRUE, NULL, NULL)); + + system_helper = flatpak_dir_get_system_helper (self); + g_assert (system_helper != NULL); + + if (force_remove) + flags |= FLATPAK_HELPER_CONFIGURE_REMOTE_FLAGS_FORCE_REMOVE; + + if (!flatpak_system_helper_call_configure_remote_sync (system_helper, + flags, remote_name, + "", + gpg_data_v, + cancellable, error)) + return FALSE; + + return TRUE; + } + if (!flatpak_dir_ensure_repo (self, cancellable, error)) return FALSE; @@ -4222,6 +4246,17 @@ flatpak_dir_remove_remote (FlatpakDir *self, return TRUE; } +static GVariant * +variant_new_ay_bytes (GBytes *bytes) +{ + gsize size; + gconstpointer data; + data = g_bytes_get_data (bytes, &size); + g_bytes_ref (bytes); + return g_variant_ref_sink (g_variant_new_from_data (G_VARIANT_TYPE ("ay"), data, size, + TRUE, (GDestroyNotify)g_bytes_unref, bytes)); +} + gboolean flatpak_dir_modify_remote (FlatpakDir *self, const char *remote_name, @@ -4246,6 +4281,31 @@ flatpak_dir_modify_remote (FlatpakDir *self, return flatpak_fail (error, "No configuration for remote %s specified", remote_name); + + if (flatpak_dir_use_system_helper (self)) + { + FlatpakSystemHelper *system_helper; + g_autofree char *config_data = g_key_file_to_data (config, NULL, NULL); + g_autoptr(GVariant) gpg_data_v = NULL; + + if (gpg_data != NULL) + gpg_data_v = variant_new_ay_bytes (gpg_data); + else + gpg_data_v = g_variant_ref_sink (g_variant_new_from_data (G_VARIANT_TYPE ("ay"), "", 0, TRUE, NULL, NULL)); + + system_helper = flatpak_dir_get_system_helper (self); + g_assert (system_helper != NULL); + + if (!flatpak_system_helper_call_configure_remote_sync (system_helper, + 0, remote_name, + config_data, + gpg_data_v, + cancellable, error)) + return FALSE; + + return TRUE; + } + metalink = g_key_file_get_string (config, group, "metalink", NULL); if (metalink != NULL && *metalink != 0) url = g_strconcat ("metalink=", metalink, NULL); diff --git a/common/flatpak-dir.h b/common/flatpak-dir.h index eaceee8..385139a 100644 --- a/common/flatpak-dir.h +++ b/common/flatpak-dir.h @@ -55,6 +55,13 @@ typedef enum { #define FLATPAK_HELPER_UNINSTALL_FLAGS_ALL (FLATPAK_HELPER_UNINSTALL_FLAGS_KEEP_REF | FLATPAK_HELPER_UNINSTALL_FLAGS_FORCE_REMOVE) +typedef enum { + FLATPAK_HELPER_CONFIGURE_REMOTE_FLAGS_NONE = 0, + FLATPAK_HELPER_CONFIGURE_REMOTE_FLAGS_FORCE_REMOVE = 1 << 0, +} FlatpakHelperConfigureRemoteFlags; + +#define FLATPAK_HELPER_CONFIGURE_REMOTE_FLAGS_ALL (FLATPAK_HELPER_CONFIGURE_REMOTE_FLAGS_FORCE_REMOVE) + GQuark flatpak_dir_error_quark (void); /** diff --git a/data/org.freedesktop.Flatpak.xml b/data/org.freedesktop.Flatpak.xml index cf4b027..dd32aa6 100644 --- a/data/org.freedesktop.Flatpak.xml +++ b/data/org.freedesktop.Flatpak.xml @@ -51,6 +51,15 @@ <arg type='s' name='ref' direction='in'/> </method> + <method name="ConfigureRemote"> + <arg type='u' name='flags' direction='in'/> + <arg type='s' name='remote' direction='in'/> + <arg type='s' name='config' direction='in'/> + <arg type='ay' name='gpg_key' direction='in'> + <annotation name="org.gtk.GDBus.C.ForceGVariant" value="true"/> + </arg> + </method> + </interface> </node> diff --git a/system-helper/flatpak-system-helper.c b/system-helper/flatpak-system-helper.c index 905909b..3d214d1 100644 --- a/system-helper/flatpak-system-helper.c +++ b/system-helper/flatpak-system-helper.c @@ -303,7 +303,6 @@ handle_uninstall (FlatpakSystemHelper *object, { g_autoptr(FlatpakDir) system = flatpak_dir_get_system (); g_autoptr(GError) error = NULL; - g_autoptr(GMainContext) main_context = NULL; g_debug ("Uninstall %u %s", arg_flags, arg_ref); @@ -327,6 +326,85 @@ handle_uninstall (FlatpakSystemHelper *object, } flatpak_system_helper_complete_uninstall (object, invocation); + + return TRUE; +} + +static gboolean +handle_configure_remote (FlatpakSystemHelper *object, + GDBusMethodInvocation *invocation, + guint arg_flags, + const gchar *arg_remote, + const gchar *arg_config, + GVariant *arg_gpg_key) +{ + g_autoptr(FlatpakDir) system = flatpak_dir_get_system (); + g_autoptr(GError) error = NULL; + g_autoptr(GKeyFile) config = g_key_file_new (); + g_autofree char *group = g_strdup_printf ("remote \"%s\"", arg_remote); + g_autoptr(GBytes) gpg_data = NULL; + gboolean force_remove; + + g_debug ("ConfigureRemote %u %s", arg_flags, arg_remote); + + if (*arg_remote == 0 || strchr (arg_remote, '/') != NULL) + { + g_dbus_method_invocation_return_error (invocation, G_DBUS_ERROR, G_DBUS_ERROR_INVALID_ARGS, + "Invalid remote name: %s", arg_remote); + return TRUE; + } + + if ((arg_flags & ~FLATPAK_HELPER_CONFIGURE_REMOTE_FLAGS_ALL) != 0) + { + g_dbus_method_invocation_return_error (invocation, G_DBUS_ERROR, G_DBUS_ERROR_INVALID_ARGS, + "Unsupported flags enabled: 0x%x", (arg_flags & ~FLATPAK_HELPER_CONFIGURE_REMOTE_FLAGS_ALL)); + return TRUE; + } + + if (!g_key_file_load_from_data (config, arg_config, strlen (arg_config), + G_KEY_FILE_NONE, &error)) + { + g_dbus_method_invocation_return_error (invocation, G_DBUS_ERROR, G_DBUS_ERROR_INVALID_ARGS, + "Invalid config: %s\n", error->message); + return TRUE; + } + + if (!flatpak_dir_ensure_repo (system, NULL, &error)) + { + g_dbus_method_invocation_return_gerror (invocation, error); + return TRUE; + } + + if (g_variant_get_size (arg_gpg_key) > 0) + gpg_data = g_variant_get_data_as_bytes (arg_gpg_key); + + force_remove = (arg_flags & FLATPAK_HELPER_CONFIGURE_REMOTE_FLAGS_FORCE_REMOVE) != 0; + + if (g_key_file_has_group (config, group)) + { + /* Add/Modify */ + if (!flatpak_dir_modify_remote (system, arg_remote, config, + gpg_data, NULL, &error)) + { + g_dbus_method_invocation_return_gerror (invocation, error); + return TRUE; + } + } + else + { + /* Remove */ + if (!flatpak_dir_remove_remote (system, + force_remove, + arg_remote, + NULL, &error)) + { + g_dbus_method_invocation_return_gerror (invocation, error); + return TRUE; + } + } + + flatpak_system_helper_complete_configure_remote (object, invocation); + return TRUE; } @@ -458,6 +536,30 @@ flatpak_authorize_method_handler (GDBusInterfaceSkeleton *interface, authorized = polkit_authorization_result_get_is_authorized (result); } + else if (g_strcmp0 (method_name, "ConfigureRemote") == 0) + { + const char *remote; + + g_variant_get_child (parameters, 1, "&s", &remote); + + action = "org.freedesktop.Flatpak.configure-remote"; + + details = polkit_details_new (); + polkit_details_insert (details, "remote", remote); + + result = polkit_authority_check_authorization_sync (authority, subject, + action, details, + POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION, + NULL, &error); + if (result == NULL) + { + g_dbus_method_invocation_return_error (invocation, G_DBUS_ERROR, G_DBUS_ERROR_FAILED, + "Authorization error: %s", error->message); + return FALSE; + } + + authorized = polkit_authorization_result_get_is_authorized (result); + } if (!authorized) { @@ -489,6 +591,7 @@ on_bus_acquired (GDBusConnection *connection, g_signal_connect (helper, "handle-deploy", G_CALLBACK (handle_deploy), NULL); g_signal_connect (helper, "handle-deploy-appstream", G_CALLBACK (handle_deploy_appstream), NULL); g_signal_connect (helper, "handle-uninstall", G_CALLBACK (handle_uninstall), NULL); + g_signal_connect (helper, "handle-configure-remote", G_CALLBACK (handle_configure_remote), NULL); g_signal_connect (helper, "g-authorize-method", G_CALLBACK (flatpak_authorize_method_handler), diff --git a/system-helper/org.freedesktop.Flatpak.policy.in b/system-helper/org.freedesktop.Flatpak.policy.in index 15f8220..95a51c7 100644 --- a/system-helper/org.freedesktop.Flatpak.policy.in +++ b/system-helper/org.freedesktop.Flatpak.policy.in @@ -105,6 +105,17 @@ </defaults> </action> + <action id="org.freedesktop.Flatpak.configure-remote"> + <_description>Configure Remote</_description> + <_message>Authentication is required to configure software repositories</_message> + <icon_name>package-x-generic</icon_name> + <defaults> + <allow_any>auth_admin</allow_any> + <allow_inactive>auth_admin</allow_inactive> + <allow_active>auth_admin</allow_active> + </defaults> + </action> + <action id="org.freedesktop.Flatpak.appstream-update"> <!-- SECURITY: - Normal users do not require admin authentication to update |