Commit Graph

465 Commits

Author SHA1 Message Date
Philip Withnall 5262658d48 lib: Cast integers of type uid_t to appropriate types for varargs
When querying for the details of a particular user by their UID, we call
accountsservice over D-Bus. Its API takes a gint64 variant, which we
build using g_variant_new(), which takes varargs. Passing an integer of
type uid_t in the varargs works fine on 64-bit architectures, where
uid_t is 64-bit, but not on other architectures, where it’s likely
32-bit. In that case, g_variant_new() will still read 64 bits from the
varargs input, even though the caller only put 32 on there. The rest
will be filled with rubbish.

Fix that by explicitly casting the uid_t to gint64 in the varargs. Fix a
few other areas where uid_t variables are passed to functions which
might interpret them as a different kind of integer too.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24016
2018-12-21 13:58:50 +00:00
Georges Basile Stavracas Neto 82ee8e88b0
Merge pull request #21 from endlessm/T24004-debian-fixes
build: Force libglib-testing to link statically
2018-12-21 10:44:24 -03:00
Philip Withnall 95913d2a3c build: Force libglib-testing to link statically
If the tests are linked to it dynamically, they won’t run without it
installed system wide, which is not what we want.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24004
2018-12-20 17:44:45 +00:00
Philip Withnall 58fc42f805
Merge pull request #18 from endlessm/T24004-unit-tests
T24004 Comprehensive unit tests
2018-12-20 13:02:24 +00:00
Philip Withnall 1dcb9c36d1 lib: Simplify creation of a GVariant
This introduces no functional changes.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24004
2018-12-20 13:01:01 +00:00
Philip Withnall 42ba0e13e8 build: Enable -Wdiscarded-qualifiers
The codebase is clean for it, so why not enforce it?

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24004
2018-12-20 13:01:01 +00:00
Philip Withnall a2c2965d25 tests: Add comprehensive tests for libeos-parental-controls
These test get/set behaviour of EpcAppFilter, GAppInfo support, and
various error handling paths and corner cases.

With these tests, coverage of app-filter.c is:
 • Lines: 97%
 • Functions: 100%
 • Branches: 57.5%

The branch coverage is not correctly reported, as it factors in the
failure branches for g_return_if_fail() precondition assertions, which
we deliberately do not test. With those branches manually excluded,
branch coverage is around 89% instead.

This adds libglib-testing as a subproject dependency, for its
GtDBusQueue. It adds gio-unix-2.0 as a dependency of the app-filter
tests, in order to be able to construct GDesktopAppInfos.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24004
2018-12-20 13:01:01 +00:00
Philip Withnall b932f443d5 accounts-service: Rename D-Bus properties to CamelCase
That’s what’s more conventional for D-Bus properties, and we really
should have used CamelCase from the beginning.

See the advice on
https://dbus.freedesktop.org/doc/dbus-specification.html#standard-interfaces-properties:
> Strictly speaking, D-Bus property names are not required to follow
> the same naming restrictions as member names, but D-Bus property
> names that would not be valid member names (in particular,
> GObject-style dash-separated property names) can cause
> interoperability problems and should be avoided.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-12-12 13:43:39 +00:00
Philip Withnall 233048a0df lib: Fix support for custom GDBusConnections when setting filters
Previously, a caller-provided custom GDBusConnection was dropped on the
ground.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24004
2018-12-12 13:39:51 +00:00
Philip Withnall 6d03097512 lib: Fix handling of X-Flatpak-RenamedFrom desktop file keys
A variable was being initialised self-referentially, which broke
handling of the X-Flatpak-RenamedFrom key.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24004
2018-12-12 13:39:51 +00:00
Philip Withnall 5d7e4d0b08 lib: Fix GVariant text format for default property value
It was a string in GVariant text format, not a GVariant format string,
so should have been passed to the parse function.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24004
2018-12-12 13:39:51 +00:00
Philip Withnall 7688308f86 lib: Fix handling of accountsservice queries for missing users
Since we ported to using FindUserById, it returns an explicit Failed
error if a user doesn’t exist. Previously, we would guess at the user’s
object path and call a method on it, and would receive a D-Bus ‘method
not found’ error in response if the user didn’t exist.

Correctly handle the explicit error from FindUserById.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24004
2018-12-12 13:39:51 +00:00
Philip Withnall de16300aa9
Merge pull request #17 from endlessm/T24457-flip-default
accounts-service: Rename allow-app-installation to be system-specific
2018-12-05 12:13:52 +00:00
Philip Withnall 222b436a61 accounts-service: Add allow-user-installation setting
This controls whether the user can install to their user repository at
all; if it’s true (the default), then installation of apps is still
subject to the OARS filter.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24457
2018-11-29 21:16:36 +00:00
Philip Withnall 3ec77740c7 accounts-service: Rename allow-app-installation to be system-specific
This is in preparation for adding a second boolean for the flatpak user
repository. Make the existing allow-app-installation boolean control
permissions for the flatpak system repository.

Having one boolean for each repository means we can allow users to
install to their user repository by default (subject to OARS ratings),
but not be allowed to install to the system repository.

While changing the name and semantics of the boolean, flip its default
value from True to False. Rather than letting any non-admin user install
new apps by default (subject to OARS restrictions), re-limit it to admin
users and users whose allow-system-installation key has been explicitly
set to True by the admin.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24457
2018-11-29 21:13:28 +00:00
Will Thompson f2e7cbfd03
Merge pull request #16 from endlessm/T24017-appinfo
libeos-parental-controls: Add epc_app_filter_is_appinfo_allowed() API
2018-11-27 15:07:53 +00:00
Philip Withnall affecd74b8 libeos-parental-controls: Add epc_app_filter_is_appinfo_allowed() API
This is a wrapper around the existing blacklist checking APIs which
binds them to specific keys in a #GAppInfo.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24017
2018-11-27 13:58:00 +00:00
Georges Basile Stavracas Neto 08e8f994c3
Merge pull request #15 from endlessm/T24016-flatpak-apps
libeos-parental-controls: Support matching against flatpak app IDs
2018-11-26 12:21:56 -02:00
Philip Withnall 244985f45f libeos-parental-controls: Support matching against flatpak app IDs
These are the app-specific part of a flatpak ref, and are what’s
available when you have a .desktop file, via the X-Flatpak key in the
.desktop file. For example, for a flatpak ref
‘app/org.gnome.Builder/x86_64/master’, the app ID is
‘org.gnome.Builder’. It makes sense that we’d want to match against app
IDs in some situations, since the user probably doesn’t care about the
architecture or branch of the app they want to proscribe.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24016
2018-11-14 15:17:18 +00:00
Philip Withnall 49228974eb
Merge pull request #14 from endlessm/T24457-disable-installation
T24457 Add `allow-app-installation` key
2018-11-13 12:17:20 +00:00
Philip Withnall 9a890750c4 eos-parental-controls-client: Print app filter on ‘get’
Previously we just printed whether the filter was successfully
retrieved, since there weren’t any non-parameterised getter functions on
EpcAppFilter. Now we have some of them, we can print details of the app
filter.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24457
2018-11-13 11:46:24 +00:00
Philip Withnall 94beacb4e3 eos-parental-controls-client: Support setting allow-app-installation key
Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24457
2018-11-13 11:45:41 +00:00
Philip Withnall 60a938de0e libeos-parental-controls: Support disallowing app installation entirely
This is a boolean preference which overrides the OARS values entirely if
FALSE.

This change breaks ABI for EpcAppFilterBuilder, but since that hasn’t
been used in any code we’ve shipped yet, that should be OK.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24457
2018-11-13 11:30:19 +00:00
Philip Withnall 87867f072d
Merge pull request #13 from endlessm/T24024-get-oars-sections
T24024 Add epc_app_filter_get_oars_sections() API
2018-11-09 10:43:55 +00:00
Philip Withnall 8f80a49d0d libeos-parental-controls: Fix argument name in header
It didn’t match the C file, so was causing a gtk-doc warning. Fix that.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24024
2018-11-08 17:54:22 +00:00
Philip Withnall 3ccc508fb5 libeos-parental-controls: Add a getter for OARS sections from a filter
Allow the set of OARS sections set in a filter to be queried.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24024
2018-11-08 17:54:15 +00:00
Georges Basile Stavracas Neto d2d218e15e
Merge pull request #11 from endlessm/T24302-find-user-by-id
libeos-parental-controls: Use FindUserById for accountsservice objects
2018-11-02 10:34:17 -03:00
Philip Withnall fa11d103d2 libeos-parental-controls: Use FindUserById for accountsservice objects
Instead of manually constructing the D-Bus object path representing a
user, call FindUserById to have accountsservice do it for us. For normal
users, this makes no difference. For system users (UID < 1000) or other
users which accountsservice considers uninteresting (see
user_classify_is_human() in user-classify.c in accountsservice), no
D-Bus objects are created for them automatically. Calling FindUserById
ensures that the object is created before its path is returned to us.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24302
2018-11-02 09:17:56 +00:00
Philip Withnall 60c58fcba3
Merge pull request #10 from endlessm/T24024-sync-methods
T24024 libeos-parental-controls: Add synchronous versions of methods
2018-11-01 12:53:28 +00:00
Philip Withnall 72812d2709 eos-parental-controls-client: Use synchronous methods
This should not introduce any functional changes, but does simplify the
code.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24024
2018-10-31 11:04:40 +00:00
Philip Withnall 3b4dbf7019 libeos-parental-controls: Add synchronous versions of methods
Refactor the asynchronous implementation to run the synchronous
implementation in a thread. The synchronous version seems to be what’s
needed for most callers.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24024
2018-10-31 11:01:44 +00:00
Philip Withnall f9feb4b8ff libeos-parental-controls: Fix the order of arguments in a docstring
Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24024
2018-10-31 11:01:16 +00:00
Philip Withnall 6e703b3bc2
Merge pull request #7 from endlessm/T24020-flatpak-support
T24020 flatpak support
2018-10-25 15:26:18 +13:00
Philip Withnall c19b6a777f libeos-parental-controls: Add support for flatpak refs
As well as handling paths on the file system, we should allow flatpak
refs to be explicitly handled in the app filter.

Both refs and paths can be stored safely in the same app filter GStrv
because paths are always absolute and refs always start with ‘app/’ or
‘runtime/’.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24020
2018-10-25 15:16:31 +13:00
Philip Withnall da8884e7db
Merge pull request #9 from endlessm/T24025-setters
T24025 Add setter support to the library
2018-10-25 15:14:08 +13:00
Philip Withnall f68e3fa527 eos-parental-controls-client: Add a ‘set’ command
This allows the app filter to be set, using the new library API for it.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24025
2018-10-25 15:12:32 +13:00
Philip Withnall 2a7d99c630 libeos-parental-controls: Add setter support for app filters
This includes some basic tests. Full test coverage has not yet been
achieved.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24025
2018-10-25 15:12:32 +13:00
Philip Withnall bf76bc3e4d libeos-parental-controls: Rename a callback function
Make it a bit clearer that it gets the bus purely for the getter method
for parental controls, which it is hard-coded to chain to.

This will clarify some later changes.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24025
2018-10-25 15:12:32 +13:00
Philip Withnall 42a3222651
libeos-parental-controls: Add a missing (type) annotation
Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24025
2018-10-17 10:47:09 -03:00
Philip Withnall d97630f9df
libeos-parental-controls: Clarify ownership of a struct member
Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24025
2018-10-17 10:47:03 -03:00
Georges Basile Stavracas Neto 9730b5b6e4
Merge pull request #8 from endlessm/revert-6-T24025-setters
Revert "T24025 Add setter support to the library"
2018-10-17 10:39:00 -03:00
Georges Basile Stavracas Neto 55d213cfbc
Revert "T24025 Add setter support to the library" 2018-10-17 10:38:37 -03:00
Georges Basile Stavracas Neto 8cd44c845b
Merge pull request #6 from endlessm/T24025-setters
T24025 Add setter support to the library
2018-10-17 10:36:43 -03:00
Will Thompson 6637edaebd
Merge pull request #5 from endlessm/T23999-oars-1.1
accounts-service: Add support for oars-1.1
2018-10-12 13:19:26 +01:00
Philip Withnall 02dfdac221 eos-parental-controls-client: Add a ‘set’ command
This allows the app filter to be set, using the new library API for it.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24025
2018-10-12 16:48:29 +13:00
Philip Withnall fbaf3c0460 libeos-parental-controls: Add setter support for app filters
This includes some basic tests. Full test coverage has not yet been
achieved.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24025
2018-10-12 16:47:59 +13:00
Philip Withnall 9fb1249432 libeos-parental-controls: Add a missing (type) annotation
Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24025
2018-10-12 16:47:33 +13:00
Philip Withnall 39627b777e libeos-parental-controls: Clarify ownership of a struct member
Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T24025
2018-10-12 16:47:16 +13:00
Philip Withnall 1e3defccf2 accounts-service: Add support for oars-1.1
Even though I can’t find a single copy of the specification or how it
differs from oars-1.0; it allegedly exists.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

https://phabricator.endlessm.com/T23999
2018-10-11 15:15:46 +13:00
Georges Basile Stavracas Neto ebb892092f
Merge pull request #4 from endlessm/T23999-oars-storage
T23999 Store OARS filter
2018-10-10 21:42:59 +00:00