static void infinoted_plugin_dbus_query_acl(InfinotedPluginDbus* plugin, InfinotedPluginDbusInvocation* invocation, InfBrowser* browser, const InfBrowserIter* iter) { const InfAclSheetSet* sheet_set; const InfAclSheet* sheet; const gchar* account; InfAclAccountId id; GVariantBuilder builder; /* TODO: Actually query the ACL if not available */ sheet_set = inf_browser_get_acl(browser, iter); g_variant_get_child(invocation->parameters, 1, "&s", &account); if(*account == '\0') { g_dbus_method_invocation_return_value( invocation->invocation, g_variant_new( "(@a{sa{sb}})", infinoted_builder_dbus_sheet_set_to_variant(sheet_set) ) ); } else { id = inf_acl_account_id_from_string(account); if(sheet_set != NULL) sheet = inf_acl_sheet_set_find_const_sheet(sheet_set, id); else sheet = NULL; g_variant_builder_init(&builder, G_VARIANT_TYPE("a{sa{sb}}")); if(sheet != NULL) { g_variant_builder_add( &builder, "{s@a{sb}}", account, infinoted_plugin_dbus_perms_to_variant(&sheet->mask, &sheet->perms) ); } g_dbus_method_invocation_return_value( invocation->invocation, g_variant_new("(@a{sa{sb}})", g_variant_builder_end(&builder)) ); } infinoted_plugin_dbus_invocation_free(plugin, invocation); }
static void infinoted_plugin_dbus_check_acl(InfinotedPluginDbus* plugin, InfinotedPluginDbusInvocation* invocation, InfBrowser* browser, const InfBrowserIter* iter) { const gchar* account; GVariant* mask_variant; InfAclMask mask; InfAclMask out; GError* error; g_variant_get_child(invocation->parameters, 1, "&s", &account); g_variant_get_child(invocation->parameters, 2, "@as", &mask_variant); error = NULL; infinoted_plugin_dbus_mask_from_variant(&mask, mask_variant, &error); g_variant_unref(mask_variant); if(error != NULL) { g_dbus_method_invocation_return_gerror(invocation->invocation, error); g_error_free(error); } else { inf_browser_check_acl( browser, iter, inf_acl_account_id_from_string(account), &mask, &out ); g_dbus_method_invocation_return_value( invocation->invocation, g_variant_new( "(@a{sb})", infinoted_plugin_dbus_perms_to_variant(&mask, &out) ) ); } infinoted_plugin_dbus_invocation_free(plugin, invocation); }
static InfAclSheetSet* infinoted_plugin_dbus_sheet_set_from_variant(GVariant* variant, GError** error) { InfAclSheetSet* sheet_set; GVariantIter iter; const gchar* account; GVariant* sub_variant; InfAclSheet* sheet; gboolean success; sheet_set = inf_acl_sheet_set_new(); g_variant_iter_init(&iter, variant); while(g_variant_iter_loop(&iter, "{&s@a{sb}}", &account, &sub_variant)) { sheet = inf_acl_sheet_set_add_sheet( sheet_set, inf_acl_account_id_from_string(account) ); success = infinoted_plugin_dbus_perms_from_variant( &sheet->mask, &sheet->perms, sub_variant, error ); if(success != TRUE) { inf_acl_sheet_set_free(sheet_set); g_variant_unref(sub_variant); return NULL; } } return sheet_set; }
void Gobby::BrowserContextCommands::on_account_created( gnutls_x509_privkey_t key, InfCertificateChain* certificate, const InfAclAccount* account) { InfBrowser* browser; g_object_get(G_OBJECT(m_dialog->gobj()), "browser", &browser, NULL); const InfAclAccount* own_account = inf_browser_get_acl_local_account(browser); const InfAclAccountId default_id = inf_acl_account_id_from_string("default"); const bool is_default_account = (own_account->id == default_id); g_object_unref(browser); gnutls_x509_crt_t cert = inf_certificate_chain_get_own_certificate(certificate); gchar* name = inf_cert_util_get_dn_by_oid( cert, GNUTLS_OID_X520_COMMON_NAME, 0); const std::string cn = name; g_free(name); std::string host; if(INFC_IS_BROWSER(browser)) { InfXmlConnection* xml = infc_browser_get_connection(INFC_BROWSER(browser)); if(INF_IS_XMPP_CONNECTION(xml)) { gchar* hostname; g_object_get(G_OBJECT(xml), "remote-hostname", &hostname, NULL); host = hostname; g_free(hostname); } } if(host.empty()) host = "local"; gnutls_x509_crt_t* certs = inf_certificate_chain_get_raw(certificate); const unsigned int n_certs = inf_certificate_chain_get_n_certificates(certificate); std::auto_ptr<Gtk::MessageDialog> dlg; try { const std::string filename = make_certificate_filename(cn, host); GError* error = NULL; inf_cert_util_write_certificate_with_key( key, certs, n_certs, filename.c_str(), &error); if(error != NULL) { const std::string message = error->message; g_error_free(error); throw std::runtime_error(message); } if(is_default_account && (m_cert_manager.get_private_key() == NULL || m_cert_manager.get_certificates() == NULL)) { m_preferences.security.key_file = filename; m_preferences.security.certificate_file = filename; dlg.reset(new Gtk::MessageDialog( m_parent, _("Account successfully created"), false, Gtk::MESSAGE_INFO, Gtk::BUTTONS_CLOSE)); dlg->set_secondary_text( _("When re-connecting to the server, the " "new account will be used.")); } else { // TODO: Gobby should support multiple certificates dlg.reset(new Gtk::MessageDialog( m_parent, _("Account successfully created"), false, Gtk::MESSAGE_INFO, Gtk::BUTTONS_CLOSE)); dlg->set_secondary_text(Glib::ustring::compose( _("The certificate has been stored at %1.\n\n" "To login to this account, set the " "certificate in Gobby's preferences " "and re-connect to the server."), filename)); } } catch(const std::exception& ex) { // This is actually a bit unfortunate, because the // account was actually created and we have a valid // certificate for it, but we cannot keep it... dlg.reset(new Gtk::MessageDialog( m_parent, _("Failed to create account"), false, Gtk::MESSAGE_ERROR, Gtk::BUTTONS_CLOSE)); dlg->set_secondary_text(Glib::ustring::compose( _("Could not save the certificate for the " "account: %1"), ex.what())); } m_dialog = dlg; m_dialog->signal_response().connect( sigc::mem_fun( *this, &BrowserContextCommands:: on_account_created_response)); m_dialog->present(); }