Commit Graph

441 Commits

Author SHA1 Message Date
Philip Withnall f49e0ecfc0 malcontent-client: Add a ‘monitor’ mode to monitor app filter changes
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-04-24 13:45:59 +01:00
Philip Withnall 2048f0d483 libmalcontent: Add MctManager::app-filter-changed signal
This is emitted when the app filter for a given user changes.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://gitlab.freedesktop.org/pwithnall/malcontent/issues/1
2019-04-24 13:45:59 +01:00
Philip Withnall 68ebe8b568 libmalcontent: Factor getting/setting app filter into a manager
Create a new MctManager object which is used as the anchor for getting
or setting MctAppFilters.

This changes the API naming around quite a bit, but doesn’t really
change its behaviour or functionality — see the tests for examples of
how little things change.

This is one step on the way to emitting a signal (from MctManager) when
a user’s parental controls change.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://gitlab.freedesktop.org/pwithnall/malcontent/issues/1
2019-04-24 13:45:59 +01:00
Philip Withnall 388dedbff2 Merge branch 'all-disabled' into 'master'
libmalcontent: Add MCT_APP_FILTER_ERROR_DISABLED error

See merge request pwithnall/malcontent!9
2019-04-24 10:13:02 +00:00
Philip Withnall 9fb9b75b57 libmalcontent: Drop an unused variable
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-04-24 11:06:28 +01:00
Philip Withnall a378e28237 libmalcontent: Add MCT_APP_FILTER_ERROR_DISABLED error
This indicates that app filtering is disabled globally, perhaps because
it’s not installed in accountsservice properly.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-04-24 11:06:28 +01:00
Philip Withnall 9c31a3462a Merge branch 'docs' into 'master'
docs: Expand README to be more informative

See merge request pwithnall/malcontent!8
2019-04-02 16:51:30 +00:00
Philip Withnall a4f5cdd1d0 docs: Expand README to be more informative
Include various architectural-level details of the project.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-04-02 17:49:00 +01:00
Philip Withnall a1d1d307f1 Merge branch 'version-bump' into 'master'
build: Post-release version bump

See merge request pwithnall/malcontent!7
2019-03-19 18:25:59 +00:00
Philip Withnall 85f24df835 build: Post-release version bump
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-03-19 18:11:29 +00:00
Philip Withnall fb1d43428b Merge branch 'add-flags' into 'master'
lib: Change allow_interactive_authorization bool to flags

See merge request pwithnall/malcontent!6
2019-03-19 17:09:30 +00:00
Philip Withnall 3f3bb6ee54 lib: Change allow_interactive_authorization bool to flags
This is an API break for the mct_{get,set}_app_filter() APIs, but makes
them a bit clearer to use, and a little more future proof.

This includes updates to all the tests and documentation.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-03-19 16:56:58 +00:00
Philip Withnall c627fbc9b8 Merge branch 'news-fix' into 'master'
docs: Fix NEWS entry

See merge request pwithnall/malcontent!5
2019-03-14 17:15:06 +00:00
Philip Withnall f332e7e5f4 docs: Fix NEWS entry
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-03-14 15:19:53 +00:00
Philip Withnall 6a0bebf2d0 Merge branch 'release' into 'master'
Release version 0.2.0

See merge request pwithnall/malcontent!4
2019-03-14 15:16:39 +00:00
Philip Withnall 3e78851238 Release version 0.2.0
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-03-14 13:11:19 +00:00
Philip Withnall e000f2ab6c Merge branch 'rename' into 'master'
Rename project

See merge request pwithnall/malcontent!1
2019-02-27 10:22:19 +00:00
Philip Withnall 0447d5e1f7 ci: Add CI configuration
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-02-27 10:14:52 +00:00
Philip Withnall 6ff0d7225b build: Bump version number to 0.2.0
To differentiate it from the pre-rename version number, 0.1.0.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-02-26 17:48:19 +00:00
Philip Withnall e22986d75c docs: Port README to Markdown and update a few references
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-02-26 17:48:03 +00:00
Philip Withnall 03436eacf5 Rename project from eos-parental-controls to malcontent
Rename the library from libeos-parental-controls to libmalcontent, and
the client from eos-parental-controls-client to malcontent-client.

This was done using the following mechanical edits, and no other
changes:
```
git search-replace -f EPC///MCT
git search-replace -f Epc///Mct
git search-replace -f epc///mct
git search-replace -f eos_parental_controls///malcontent
git search-replace -f eos-parental-controls///malcontent
git search-replace -f EosParentalControls///Malcontent
git search-replace -f 'eos\\-parental\\-controls///malcontent'
git search-replace -f 'Since: 0.1.0///Since: 0.2.0'
```

Note that the accounts-service extension interface has *not* been
renamed, as that would revert people’s parental controls settings in
existing deployments.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-02-26 17:45:14 +00:00
Philip Withnall c9889a3ce7 docs: Fix homepage link
We’re now hosted at
https://gitlab.freedesktop.org/pwithnall/malcontent.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-02-26 17:34:45 +00:00
Philip Withnall f872504b41 debian: Drop Debian support
This a relic from being hosted in Endless’ GitHub, and being built
directly for Debian. There’s no need to carry this upstream —
distributions can add their own packaging as needed.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2019-02-26 17:33:44 +00:00
Philip Withnall ba9f7f593b
Merge pull request #22 from endlessm/T23897-polkit-rules
accounts-service: Add polkit .rules file to stop prompting admins
2019-01-08 11:25:13 +00:00
Philip Withnall f0bb0c9cb9 accounts-service: Add polkit .rules file to stop prompting admins
When logged in as an administrator, and editing other user accounts in
gnome-control-center, polkit keeps popping up authentication dialogues
to read or change other users’ parental controls data. That shouldn’t be
necessary since we’re an admin user, and it’s not a critical enough
action to need to prompt the admin to re-authenticate to make sure they
really want to make such changes.

Add a .rules file to squash the polkit prompts for reading other users’
parental controls. Keep the default policy of auth_admin_keep for
changing our/others’ parental controls, since that should be handled by
the ‘Unlock’ button in g-c-c.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T23897
2019-01-07 15:33:18 +00:00
Philip Withnall b7ec7127c7
Merge pull request #20 from endlessm/T24016-arm-fixes
lib: Cast integers of type uid_t to appropriate types for varargs
2018-12-21 14:00:38 +00:00
Philip Withnall 5262658d48 lib: Cast integers of type uid_t to appropriate types for varargs
When querying for the details of a particular user by their UID, we call
accountsservice over D-Bus. Its API takes a gint64 variant, which we
build using g_variant_new(), which takes varargs. Passing an integer of
type uid_t in the varargs works fine on 64-bit architectures, where
uid_t is 64-bit, but not on other architectures, where it’s likely
32-bit. In that case, g_variant_new() will still read 64 bits from the
varargs input, even though the caller only put 32 on there. The rest
will be filled with rubbish.

Fix that by explicitly casting the uid_t to gint64 in the varargs. Fix a
few other areas where uid_t variables are passed to functions which
might interpret them as a different kind of integer too.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24016
2018-12-21 13:58:50 +00:00
Georges Basile Stavracas Neto 82ee8e88b0
Merge pull request #21 from endlessm/T24004-debian-fixes
build: Force libglib-testing to link statically
2018-12-21 10:44:24 -03:00
Philip Withnall 95913d2a3c build: Force libglib-testing to link statically
If the tests are linked to it dynamically, they won’t run without it
installed system wide, which is not what we want.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24004
2018-12-20 17:44:45 +00:00
Philip Withnall 58fc42f805
Merge pull request #18 from endlessm/T24004-unit-tests
T24004 Comprehensive unit tests
2018-12-20 13:02:24 +00:00
Philip Withnall 1dcb9c36d1 lib: Simplify creation of a GVariant
This introduces no functional changes.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24004
2018-12-20 13:01:01 +00:00
Philip Withnall 42ba0e13e8 build: Enable -Wdiscarded-qualifiers
The codebase is clean for it, so why not enforce it?

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24004
2018-12-20 13:01:01 +00:00
Philip Withnall a2c2965d25 tests: Add comprehensive tests for libeos-parental-controls
These test get/set behaviour of EpcAppFilter, GAppInfo support, and
various error handling paths and corner cases.

With these tests, coverage of app-filter.c is:
 • Lines: 97%
 • Functions: 100%
 • Branches: 57.5%

The branch coverage is not correctly reported, as it factors in the
failure branches for g_return_if_fail() precondition assertions, which
we deliberately do not test. With those branches manually excluded,
branch coverage is around 89% instead.

This adds libglib-testing as a subproject dependency, for its
GtDBusQueue. It adds gio-unix-2.0 as a dependency of the app-filter
tests, in order to be able to construct GDesktopAppInfos.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24004
2018-12-20 13:01:01 +00:00
Philip Withnall b932f443d5 accounts-service: Rename D-Bus properties to CamelCase
That’s what’s more conventional for D-Bus properties, and we really
should have used CamelCase from the beginning.

See the advice on
https://dbus.freedesktop.org/doc/dbus-specification.html#standard-interfaces-properties:
> Strictly speaking, D-Bus property names are not required to follow
> the same naming restrictions as member names, but D-Bus property
> names that would not be valid member names (in particular,
> GObject-style dash-separated property names) can cause
> interoperability problems and should be avoided.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-12-12 13:43:39 +00:00
Philip Withnall 233048a0df lib: Fix support for custom GDBusConnections when setting filters
Previously, a caller-provided custom GDBusConnection was dropped on the
ground.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24004
2018-12-12 13:39:51 +00:00
Philip Withnall 6d03097512 lib: Fix handling of X-Flatpak-RenamedFrom desktop file keys
A variable was being initialised self-referentially, which broke
handling of the X-Flatpak-RenamedFrom key.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24004
2018-12-12 13:39:51 +00:00
Philip Withnall 5d7e4d0b08 lib: Fix GVariant text format for default property value
It was a string in GVariant text format, not a GVariant format string,
so should have been passed to the parse function.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24004
2018-12-12 13:39:51 +00:00
Philip Withnall 7688308f86 lib: Fix handling of accountsservice queries for missing users
Since we ported to using FindUserById, it returns an explicit Failed
error if a user doesn’t exist. Previously, we would guess at the user’s
object path and call a method on it, and would receive a D-Bus ‘method
not found’ error in response if the user didn’t exist.

Correctly handle the explicit error from FindUserById.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24004
2018-12-12 13:39:51 +00:00
Philip Withnall de16300aa9
Merge pull request #17 from endlessm/T24457-flip-default
accounts-service: Rename allow-app-installation to be system-specific
2018-12-05 12:13:52 +00:00
Philip Withnall 222b436a61 accounts-service: Add allow-user-installation setting
This controls whether the user can install to their user repository at
all; if it’s true (the default), then installation of apps is still
subject to the OARS filter.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24457
2018-11-29 21:16:36 +00:00
Philip Withnall 3ec77740c7 accounts-service: Rename allow-app-installation to be system-specific
This is in preparation for adding a second boolean for the flatpak user
repository. Make the existing allow-app-installation boolean control
permissions for the flatpak system repository.

Having one boolean for each repository means we can allow users to
install to their user repository by default (subject to OARS ratings),
but not be allowed to install to the system repository.

While changing the name and semantics of the boolean, flip its default
value from True to False. Rather than letting any non-admin user install
new apps by default (subject to OARS restrictions), re-limit it to admin
users and users whose allow-system-installation key has been explicitly
set to True by the admin.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24457
2018-11-29 21:13:28 +00:00
Will Thompson f2e7cbfd03
Merge pull request #16 from endlessm/T24017-appinfo
libeos-parental-controls: Add epc_app_filter_is_appinfo_allowed() API
2018-11-27 15:07:53 +00:00
Philip Withnall affecd74b8 libeos-parental-controls: Add epc_app_filter_is_appinfo_allowed() API
This is a wrapper around the existing blacklist checking APIs which
binds them to specific keys in a #GAppInfo.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24017
2018-11-27 13:58:00 +00:00
Georges Basile Stavracas Neto 08e8f994c3
Merge pull request #15 from endlessm/T24016-flatpak-apps
libeos-parental-controls: Support matching against flatpak app IDs
2018-11-26 12:21:56 -02:00
Philip Withnall 244985f45f libeos-parental-controls: Support matching against flatpak app IDs
These are the app-specific part of a flatpak ref, and are what’s
available when you have a .desktop file, via the X-Flatpak key in the
.desktop file. For example, for a flatpak ref
‘app/org.gnome.Builder/x86_64/master’, the app ID is
‘org.gnome.Builder’. It makes sense that we’d want to match against app
IDs in some situations, since the user probably doesn’t care about the
architecture or branch of the app they want to proscribe.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24016
2018-11-14 15:17:18 +00:00
Philip Withnall 49228974eb
Merge pull request #14 from endlessm/T24457-disable-installation
T24457 Add `allow-app-installation` key
2018-11-13 12:17:20 +00:00
Philip Withnall 9a890750c4 eos-parental-controls-client: Print app filter on ‘get’
Previously we just printed whether the filter was successfully
retrieved, since there weren’t any non-parameterised getter functions on
EpcAppFilter. Now we have some of them, we can print details of the app
filter.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24457
2018-11-13 11:46:24 +00:00
Philip Withnall 94beacb4e3 eos-parental-controls-client: Support setting allow-app-installation key
Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24457
2018-11-13 11:45:41 +00:00
Philip Withnall 60a938de0e libeos-parental-controls: Support disallowing app installation entirely
This is a boolean preference which overrides the OARS values entirely if
FALSE.

This change breaks ABI for EpcAppFilterBuilder, but since that hasn’t
been used in any code we’ve shipped yet, that should be OK.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24457
2018-11-13 11:30:19 +00:00
Philip Withnall 87867f072d
Merge pull request #13 from endlessm/T24024-get-oars-sections
T24024 Add epc_app_filter_get_oars_sections() API
2018-11-09 10:43:55 +00:00