homed: Pass in username and uid as Polkit details

This lets the Javascript polkit policies to decide whether to
allow/deny/authenticate based on the user that's being operated on.

diff --git a/src/home/homed-home-bus.c b/src/home/homed-home-bus.c
index b459cadcbfc2b795bd8ac1cc88ffef15e04b4912..81f0df4c956c2bfde77ce01c40f5a39d63327b6b 100644 (file)
--- a/src/home/homed-home-bus.c
+++ b/src/home/homed-home-bus.c
@@ -5,6 +5,7 @@
 #include "bus-common-errors.h"
 #include "bus-polkit.h"
 #include "fd-util.h"
+#include "format-util.h"
 #include "homed-bus.h"
 #include "homed-home-bus.h"
 #include "homed-home.h"
@@ -74,6 +75,35 @@ int bus_home_client_is_trusted(Home *h, sd_bus_message *message) {
         return euid == 0 || h->uid == euid;
 }
 
+static int home_verify_polkit_async(
+                Home *h,
+                sd_bus_message *message,
+                const char *action,
+                uid_t good_uid,
+                sd_bus_error *error) {
+
+        assert(h);
+        assert(message);
+        assert(action);
+        assert(error);
+
+        const char *details[] = {
+                "uid", FORMAT_UID(h->uid),
+                "username", h->user_name,
+                NULL
+        };
+
+        return bus_verify_polkit_async_full(
+                        message,
+                        action,
+                        details,
+                        /* interactive= */ false,
+                        good_uid,
+                        &h->manager->polkit_registry,
+                        error);
+}
+
+
 int bus_home_get_record_json(
                 Home *h,
                 sd_bus_message *message,
@@ -217,11 +247,11 @@ int bus_home_method_unregister(
 
         assert(message);
 
-        r = bus_verify_polkit_async(
+        r = home_verify_polkit_async(
+                        h,
                         message,
                         "org.freedesktop.home1.remove-home",
-                        /* details= */ NULL,
-                        &h->manager->polkit_registry,
+                        UID_INVALID,
                         error);
         if (r < 0)
                 return r;
@@ -254,11 +284,11 @@ int bus_home_method_realize(
         if (r < 0)
                 return r;
 
-        r = bus_verify_polkit_async(
+        r = home_verify_polkit_async(
+                        h,
                         message,
                         "org.freedesktop.home1.create-home",
-                        /* details= */ NULL,
-                        &h->manager->polkit_registry,
+                        UID_INVALID,
                         error);
         if (r < 0)
                 return r;
@@ -291,11 +321,11 @@ int bus_home_method_remove(
 
         assert(message);
 
-        r = bus_verify_polkit_async(
+        r = home_verify_polkit_async(
+                        h,
                         message,
                         "org.freedesktop.home1.remove-home",
-                        /* details= */ NULL,
-                        &h->manager->polkit_registry,
+                        UID_INVALID,
                         error);
         if (r < 0)
                 return r;
@@ -361,13 +391,11 @@ int bus_home_method_authenticate(
         if (r < 0)
                 return r;
 
-        r = bus_verify_polkit_async_full(
+        r = home_verify_polkit_async(
+                        h,
                         message,
                         "org.freedesktop.home1.authenticate-home",
-                        /* details= */ NULL,
-                        /* interactive= */ false,
                         h->uid,
-                        &h->manager->polkit_registry,
                         error);
         if (r < 0)
                 return r;
@@ -399,11 +427,11 @@ int bus_home_method_update_record(Home *h, sd_bus_message *message, UserRecord *
         if (r < 0)
                 return r;
 
-        r = bus_verify_polkit_async(
+        r = home_verify_polkit_async(
+                        h,
                         message,
                         "org.freedesktop.home1.update-home",
-                        /* details= */ NULL,
-                        &h->manager->polkit_registry,
+                        UID_INVALID,
                         error);
         if (r < 0)
                 return r;
@@ -462,11 +490,11 @@ int bus_home_method_resize(
         if (r < 0)
                 return r;
 
-        r = bus_verify_polkit_async(
+        r = home_verify_polkit_async(
+                        h,
                         message,
                         "org.freedesktop.home1.resize-home",
-                        /* details= */ NULL,
-                        &h->manager->polkit_registry,
+                        UID_INVALID,
                         error);
         if (r < 0)
                 return r;
@@ -506,13 +534,11 @@ int bus_home_method_change_password(
         if (r < 0)
                 return r;
 
-        r = bus_verify_polkit_async_full(
+        r = home_verify_polkit_async(
+                        h,
                         message,
                         "org.freedesktop.home1.passwd-home",
-                        /* details= */ NULL,
-                        /* interactive= */ false,
                         h->uid,
-                        &h->manager->polkit_registry,
                         error);
         if (r < 0)
                 return r;
@@ -709,13 +735,11 @@ int bus_home_method_inhibit_suspend(
         HomeState state;
         int r;
 
-        r = bus_verify_polkit_async_full(
+        r = home_verify_polkit_async(
+                        h,
                         message,
                         "org.freedesktop.home1.inhibit-suspend",
-                        /* details= */ NULL,
-                        /* interactive= */ false,
                         h->uid,
-                        &h->manager->polkit_registry,
                         error);
         if (r < 0)
                 return r;