]>
Commit | Line | Data |
---|---|---|
db9ecf05 | 1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ |
269e4d2d LP |
2 | #pragma once |
3 | ||
4 | #include "sd-bus.h" | |
5 | ||
6 | #include "hashmap.h" | |
7b36fb9f | 7 | #include "user-util.h" |
d04c1a1c | 8 | #include "varlink.h" |
269e4d2d | 9 | |
29556b75 LP |
10 | typedef enum PolkitFLags { |
11 | POLKIT_ALLOW_INTERACTIVE = 1 << 0, /* Allow interactive auth (typically not required, because can be derived from bus message/link automatically) */ | |
f5a12cea | 12 | POLKIT_ALWAYS_QUERY = 1 << 1, /* Query polkit even if client is privileged */ |
29556b75 LP |
13 | } PolkitFlags; |
14 | ||
7b36fb9f LP |
15 | int bus_test_polkit(sd_bus_message *call, const char *action, const char **details, uid_t good_user, bool *_challenge, sd_bus_error *e); |
16 | ||
29556b75 | 17 | int bus_verify_polkit_async_full(sd_bus_message *call, const char *action, const char **details, uid_t good_user, PolkitFlags flags, Hashmap **registry, sd_bus_error *error); |
7b36fb9f | 18 | static inline int bus_verify_polkit_async(sd_bus_message *call, const char *action, const char **details, Hashmap **registry, sd_bus_error *ret_error) { |
29556b75 | 19 | return bus_verify_polkit_async_full(call, action, details, UID_INVALID, 0, registry, ret_error); |
7b36fb9f | 20 | } |
269e4d2d | 21 | |
29556b75 LP |
22 | int varlink_verify_polkit_async_full(Varlink *link, sd_bus *bus, const char *action, const char **details, uid_t good_user, PolkitFlags flags, Hashmap **registry); |
23 | static inline int varlink_verify_polkit_async(Varlink *link, sd_bus *bus, const char *action, const char **details, Hashmap **registry) { | |
24 | return varlink_verify_polkit_async_full(link, bus, action, details, UID_INVALID, 0, registry); | |
25 | } | |
d04c1a1c LP |
26 | |
27 | /* A JsonDispatch initializer that makes sure the allowInteractiveAuthentication boolean field we want for | |
28 | * polkit support in Varlink calls is ignored while regular dispatching (and does not result in errors | |
29 | * regarding unexpected fields) */ | |
30 | #define VARLINK_DISPATCH_POLKIT_FIELD { \ | |
31 | .name = "allowInteractiveAuthentication", \ | |
32 | .type = JSON_VARIANT_BOOLEAN, \ | |
33 | } | |
b9632ec4 LP |
34 | |
35 | bool varlink_has_polkit_action(Varlink *link, const char *action, const char **details, Hashmap **registry); |