WIP: add DNS parental controls (Rust version) #2
|
@ -0,0 +1,41 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<!DOCTYPE node PUBLIC "-//freedesktop//DTD D-BUS Object Introspection 1.0//EN"
|
||||||
|
"http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd">
|
||||||
|
<node>
|
||||||
|
<interface name="com.endlessm.ParentalControls.Dns">
|
||||||
|
<annotation name="org.freedesktop.Accounts.VendorExtension" value="true"/>
|
||||||
|
|
||||||
|
<annotation name="org.freedesktop.Accounts.Authentication.ChangeOwn"
|
||||||
|
value="com.endlessm.ParentalControls.SessionLimits.ChangeOwn"/>
|
||||||
|
<annotation name="org.freedesktop.Accounts.Authentication.ReadOwn"
|
||||||
|
value="com.endlessm.ParentalControls.SessionLimits.ReadOwn"/>
|
||||||
|
<annotation name="org.freedesktop.Accounts.Authentication.ChangeAny"
|
||||||
|
value="com.endlessm.ParentalControls.SessionLimits.ChangeAny"/>
|
||||||
|
<annotation name="org.freedesktop.Accounts.Authentication.ReadAny"
|
||||||
|
value="com.endlessm.ParentalControls.SessionLimits.ReadAny"/>
|
||||||
|
|
||||||
|
<!--
|
||||||
|
Dns:
|
||||||
|
|
||||||
|
A list of DNS server IP addresses to use for this user, in order of preference.
|
||||||
|
|
||||||
|
Each can be optionally qualified by a hashtag and the corresponding
|
||||||
|
hostname (if a TLS version is supported).
|
||||||
|
|
||||||
|
For instance: using "dns0.eu Kids" (https://www.dns0.eu/kids),
|
||||||
|
which offers a good number of blocked domains, would entail:
|
||||||
|
|
||||||
|
- `193.110.81.1#kids.dns0.eu`
|
||||||
|
- `2a0f:fc80::1#kids.dns0.eu`
|
||||||
|
- `185.253.5.1#kids.dns0.eu`
|
||||||
|
- `2a0f:fc81::1#kids.dns0.eu`
|
||||||
|
|
||||||
|
If the array is left empty, the globally-set system resolver
|
||||||
|
is used instead.
|
||||||
|
-->
|
||||||
|
<property name="Dns" type="as" access="readwrite">
|
||||||
|
<annotation name="org.freedesktop.Accounts.DefaultValue" value=""/>
|
||||||
|
</property>
|
||||||
|
|
||||||
|
</interface>
|
||||||
|
</node>
|
|
@ -40,6 +40,46 @@
|
||||||
</defaults>
|
</defaults>
|
||||||
</action>
|
</action>
|
||||||
|
|
||||||
|
<action id="com.endlessm.ParentalControls.Dns.ChangeOwn">
|
||||||
|
<description>Change your own DNS servers</description>
|
||||||
|
<message>Authentication is required to change your DNS servers.</message>
|
||||||
|
<defaults>
|
||||||
|
<allow_any>auth_admin_keep</allow_any>
|
||||||
|
<allow_inactive>auth_admin_keep</allow_inactive>
|
||||||
|
<allow_active>auth_admin_keep</allow_active>
|
||||||
|
</defaults>
|
||||||
|
</action>
|
||||||
|
|
||||||
|
<action id="com.endlessm.ParentalControls.Dns.ReadOwn">
|
||||||
|
<description>Read your own DNS servers</description>
|
||||||
|
<message>Authentication is required to read your DNS servers.</message>
|
||||||
|
<defaults>
|
||||||
|
<allow_any>yes</allow_any>
|
||||||
|
<allow_inactive>yes</allow_inactive>
|
||||||
|
<allow_active>yes</allow_active>
|
||||||
|
</defaults>
|
||||||
|
</action>
|
||||||
|
|
||||||
|
<action id="com.endlessm.ParentalControls.Dns.ChangeAny">
|
||||||
|
<description>Change another user’s DNS servers</description>
|
||||||
|
<message>Authentication is required to change another user’s DNS servers.</message>
|
||||||
|
<defaults>
|
||||||
|
<allow_any>auth_admin_keep</allow_any>
|
||||||
|
<allow_inactive>auth_admin_keep</allow_inactive>
|
||||||
|
<allow_active>auth_admin_keep</allow_active>
|
||||||
|
</defaults>
|
||||||
|
</action>
|
||||||
|
|
||||||
|
<action id="com.endlessm.ParentalControls.Dns.ReadAny">
|
||||||
|
<description>Read another user’s DNS servers</description>
|
||||||
|
<message>Authentication is required to read another user’s DNS servers.</message>
|
||||||
|
<defaults>
|
||||||
|
<allow_any>auth_admin_keep</allow_any>
|
||||||
|
<allow_inactive>auth_admin_keep</allow_inactive>
|
||||||
|
<allow_active>auth_admin_keep</allow_active>
|
||||||
|
</defaults>
|
||||||
|
</action>
|
||||||
|
|
||||||
<action id="com.endlessm.ParentalControls.SessionLimits.ChangeOwn">
|
<action id="com.endlessm.ParentalControls.SessionLimits.ChangeOwn">
|
||||||
<description>Change your own session limits</description>
|
<description>Change your own session limits</description>
|
||||||
<message>Authentication is required to change your session limits.</message>
|
<message>Authentication is required to change your session limits.</message>
|
||||||
|
|
|
@ -24,6 +24,8 @@ polkit.addRule(function(action, subject) {
|
||||||
* needing an additional polkit authorisation dialogue. */
|
* needing an additional polkit authorisation dialogue. */
|
||||||
if ((action.id == "com.endlessm.ParentalControls.AppFilter.ReadOwn" ||
|
if ((action.id == "com.endlessm.ParentalControls.AppFilter.ReadOwn" ||
|
||||||
action.id == "com.endlessm.ParentalControls.AppFilter.ReadAny" ||
|
action.id == "com.endlessm.ParentalControls.AppFilter.ReadAny" ||
|
||||||
|
action.id == "com.endlessm.ParentalControls.Dns.ReadOwn" ||
|
||||||
|
action.id == "com.endlessm.ParentalControls.Dns.ReadAny" ||
|
||||||
action.id == "com.endlessm.ParentalControls.SessionLimits.ReadOwn" ||
|
action.id == "com.endlessm.ParentalControls.SessionLimits.ReadOwn" ||
|
||||||
action.id == "com.endlessm.ParentalControls.SessionLimits.ReadAny") &&
|
action.id == "com.endlessm.ParentalControls.SessionLimits.ReadAny") &&
|
||||||
subject.active && subject.local &&
|
subject.active && subject.local &&
|
||||||
|
|
|
@ -9,6 +9,7 @@ i18n.merge_file(
|
||||||
dbus_interfaces = [
|
dbus_interfaces = [
|
||||||
'com.endlessm.ParentalControls.AccountInfo',
|
'com.endlessm.ParentalControls.AccountInfo',
|
||||||
'com.endlessm.ParentalControls.AppFilter',
|
'com.endlessm.ParentalControls.AppFilter',
|
||||||
|
'com.endlessm.ParentalControls.Dns',
|
||||||
'com.endlessm.ParentalControls.SessionLimits',
|
'com.endlessm.ParentalControls.SessionLimits',
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue