Ejemplo n.º 1
0
gboolean
xdp_entry_has_permissions (XdgAppDbEntry *entry,
                           const char *app_id,
                           XdpPermissionFlags perms)
{
  XdpPermissionFlags current_perms;

  current_perms = xdp_entry_get_permissions (entry, app_id);

  return (current_perms & perms) == perms;
}
Ejemplo n.º 2
0
static void
portal_revoke_permissions (GDBusMethodInvocation *invocation,
                           GVariant *parameters,
                           const char *app_id)
{
  const char *target_app_id;
  const char *id;
  g_autofree const char **permissions = NULL;
  g_autoptr(XdgAppDbEntry) entry = NULL;
  XdpPermissionFlags perms;

  g_variant_get (parameters, "(&s&s^a&s)", &id, &target_app_id, &permissions);

  {
    AUTOLOCK(db);

    entry = xdg_app_db_lookup (db, id);
    if (entry == NULL)
      {
        g_dbus_method_invocation_return_error (invocation, XDG_APP_PORTAL_ERROR, XDG_APP_PORTAL_ERROR_NOT_FOUND,
                                               "No such document: %s", id);
        return;
      }

    if (!xdg_app_is_valid_name (target_app_id))
      {
        g_dbus_method_invocation_return_error (invocation, XDG_APP_PORTAL_ERROR, XDG_APP_PORTAL_ERROR_INVALID_ARGUMENT,
                                               "Invalid app name: %s", target_app_id);
        return;
      }

    perms = xdp_parse_permissions (permissions);

    /* Must have grant-permissions, or be itself */
    if (!xdp_entry_has_permissions (entry, app_id,
                                    XDP_PERMISSION_FLAGS_GRANT_PERMISSIONS) ||
        strcmp (app_id, target_app_id) == 0)
      {
        g_dbus_method_invocation_return_error (invocation, XDG_APP_PORTAL_ERROR, XDG_APP_PORTAL_ERROR_NOT_ALLOWED,
                                               "Not enough permissions");
        return;
      }

    do_set_permissions (entry, id, target_app_id,
                        ~perms & xdp_entry_get_permissions (entry, target_app_id));
  }

  /* Invalidate with lock dropped to avoid deadlock */
  xdp_fuse_invalidate_doc_app (id, target_app_id);

  g_dbus_method_invocation_return_value (invocation, g_variant_new ("()"));
}