[thirdparty/systemd.git] / src / shared / bus-polkit.h

/* SPDX-License-Identifier: LGPL-2.1-or-later */
#pragma once

#include "sd-bus.h"

#include "hashmap.h"
#include "user-util.h"
#include "varlink.h"

typedef enum PolkitFLags {
        POLKIT_ALLOW_INTERACTIVE = 1 << 0, /* Allow interactive auth (typically not required, because can be derived from bus message/link automatically) */
        POLKIT_ALWAYS_QUERY      = 1 << 1, /* Query polkit even if client is privileged */
} PolkitFlags;

int bus_test_polkit(sd_bus_message *call, const char *action, const char **details, uid_t good_user, bool *_challenge, sd_bus_error *e);

int bus_verify_polkit_async_full(sd_bus_message *call, const char *action, const char **details, uid_t good_user, PolkitFlags flags, Hashmap **registry, sd_bus_error *error);
static inline int bus_verify_polkit_async(sd_bus_message *call, const char *action, const char **details, Hashmap **registry, sd_bus_error *ret_error) {
        return bus_verify_polkit_async_full(call, action, details, UID_INVALID, 0, registry, ret_error);
}

int varlink_verify_polkit_async_full(Varlink *link, sd_bus *bus, const char *action, const char **details, uid_t good_user, PolkitFlags flags, Hashmap **registry);
static inline int varlink_verify_polkit_async(Varlink *link, sd_bus *bus, const char *action, const char **details, Hashmap **registry) {
        return varlink_verify_polkit_async_full(link, bus, action, details, UID_INVALID, 0, registry);
}

/* A JsonDispatch initializer that makes sure the allowInteractiveAuthentication boolean field we want for
 * polkit support in Varlink calls is ignored while regular dispatching (and does not result in errors
 * regarding unexpected fields) */
#define VARLINK_DISPATCH_POLKIT_FIELD {                          \
                .name = "allowInteractiveAuthentication",        \
                .type = JSON_VARIANT_BOOLEAN,                    \
        }

bool varlink_has_polkit_action(Varlink *link, const char *action, const char **details, Hashmap **registry);
Commit	Line	Data
db9ecf05	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
269e4d2d LP	2	#pragma once
	3
	4	#include "sd-bus.h"
	5
	6	#include "hashmap.h"
7b36fb9f	7	#include "user-util.h"
d04c1a1c	8	#include "varlink.h"
269e4d2d	9
29556b75 LP	10	typedef enum PolkitFLags {
29556b75 LP	11	POLKIT_ALLOW_INTERACTIVE = 1 << 0, /* Allow interactive auth (typically not required, because can be derived from bus message/link automatically) */
f5a12cea	12	POLKIT_ALWAYS_QUERY = 1 << 1, /* Query polkit even if client is privileged */
29556b75 LP	13	} PolkitFlags;
29556b75 LP	14
7b36fb9f LP	15	int bus_test_polkit(sd_bus_message call, const char action, const char *details, uid_t good_user, bool _challenge, sd_bus_error *e);
7b36fb9f LP	16
29556b75	17	int bus_verify_polkit_async_full(sd_bus_message call, const char action, const char details, uid_t good_user, PolkitFlags flags, Hashmap registry, sd_bus_error *error);
7b36fb9f	18	static inline int bus_verify_polkit_async(sd_bus_message call, const char action, const char details, Hashmap registry, sd_bus_error *ret_error) {
29556b75	19	return bus_verify_polkit_async_full(call, action, details, UID_INVALID, 0, registry, ret_error);
7b36fb9f	20	}
269e4d2d	21
29556b75 LP	22	int varlink_verify_polkit_async_full(Varlink link, sd_bus bus, const char action, const char details, uid_t good_user, PolkitFlags flags, Hashmap *registry);
	23	static inline int varlink_verify_polkit_async(Varlink link, sd_bus bus, const char action, const char details, Hashmap *registry) {
	24	return varlink_verify_polkit_async_full(link, bus, action, details, UID_INVALID, 0, registry);
	25	}
d04c1a1c LP	26
	27	/* A JsonDispatch initializer that makes sure the allowInteractiveAuthentication boolean field we want for
	28	* polkit support in Varlink calls is ignored while regular dispatching (and does not result in errors
	29	* regarding unexpected fields) */
	30	#define VARLINK_DISPATCH_POLKIT_FIELD { \
	31	.name = "allowInteractiveAuthentication", \
	32	.type = JSON_VARIANT_BOOLEAN, \
	33	}
b9632ec4 LP	34
b9632ec4 LP	35	bool varlink_has_polkit_action(Varlink link, const char action, const char details, Hashmap registry);