WIP: add DNS parental controls (Rust version) #2
|
@ -0,0 +1,41 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE node PUBLIC "-//freedesktop//DTD D-BUS Object Introspection 1.0//EN"
|
||||
"http://www.freedesktop.org/standards/dbus/1.0/introspect.dtd">
|
||||
<node>
|
||||
<interface name="com.endlessm.ParentalControls.Dns">
|
||||
<annotation name="org.freedesktop.Accounts.VendorExtension" value="true"/>
|
||||
|
||||
<annotation name="org.freedesktop.Accounts.Authentication.ChangeOwn"
|
||||
value="com.endlessm.ParentalControls.SessionLimits.ChangeOwn"/>
|
||||
<annotation name="org.freedesktop.Accounts.Authentication.ReadOwn"
|
||||
value="com.endlessm.ParentalControls.SessionLimits.ReadOwn"/>
|
||||
<annotation name="org.freedesktop.Accounts.Authentication.ChangeAny"
|
||||
value="com.endlessm.ParentalControls.SessionLimits.ChangeAny"/>
|
||||
<annotation name="org.freedesktop.Accounts.Authentication.ReadAny"
|
||||
value="com.endlessm.ParentalControls.SessionLimits.ReadAny"/>
|
||||
|
||||
<!--
|
||||
Dns:
|
||||
|
||||
A list of DNS server IP addresses to use for this user, in order of preference.
|
||||
|
||||
Each can be optionally qualified by a hashtag and the corresponding
|
||||
hostname (if a TLS version is supported).
|
||||
|
||||
For instance: using "dns0.eu Kids" (https://www.dns0.eu/kids),
|
||||
which offers a good number of blocked domains, would entail:
|
||||
|
||||
- `193.110.81.1#kids.dns0.eu`
|
||||
- `2a0f:fc80::1#kids.dns0.eu`
|
||||
- `185.253.5.1#kids.dns0.eu`
|
||||
- `2a0f:fc81::1#kids.dns0.eu`
|
||||
|
||||
If the array is left empty, the globally-set system resolver
|
||||
is used instead.
|
||||
-->
|
||||
<property name="Dns" type="as" access="readwrite">
|
||||
<annotation name="org.freedesktop.Accounts.DefaultValue" value=""/>
|
||||
</property>
|
||||
|
||||
</interface>
|
||||
</node>
|
|
@ -40,6 +40,46 @@
|
|||
</defaults>
|
||||
</action>
|
||||
|
||||
<action id="com.endlessm.ParentalControls.Dns.ChangeOwn">
|
||||
<description>Change your own DNS servers</description>
|
||||
<message>Authentication is required to change your DNS servers.</message>
|
||||
<defaults>
|
||||
<allow_any>auth_admin_keep</allow_any>
|
||||
<allow_inactive>auth_admin_keep</allow_inactive>
|
||||
<allow_active>auth_admin_keep</allow_active>
|
||||
</defaults>
|
||||
</action>
|
||||
|
||||
<action id="com.endlessm.ParentalControls.Dns.ReadOwn">
|
||||
<description>Read your own DNS servers</description>
|
||||
<message>Authentication is required to read your DNS servers.</message>
|
||||
<defaults>
|
||||
<allow_any>yes</allow_any>
|
||||
<allow_inactive>yes</allow_inactive>
|
||||
<allow_active>yes</allow_active>
|
||||
</defaults>
|
||||
</action>
|
||||
|
||||
<action id="com.endlessm.ParentalControls.Dns.ChangeAny">
|
||||
<description>Change another user’s DNS servers</description>
|
||||
<message>Authentication is required to change another user’s DNS servers.</message>
|
||||
<defaults>
|
||||
<allow_any>auth_admin_keep</allow_any>
|
||||
<allow_inactive>auth_admin_keep</allow_inactive>
|
||||
<allow_active>auth_admin_keep</allow_active>
|
||||
</defaults>
|
||||
</action>
|
||||
|
||||
<action id="com.endlessm.ParentalControls.Dns.ReadAny">
|
||||
<description>Read another user’s DNS servers</description>
|
||||
<message>Authentication is required to read another user’s DNS servers.</message>
|
||||
<defaults>
|
||||
<allow_any>auth_admin_keep</allow_any>
|
||||
<allow_inactive>auth_admin_keep</allow_inactive>
|
||||
<allow_active>auth_admin_keep</allow_active>
|
||||
</defaults>
|
||||
</action>
|
||||
|
||||
<action id="com.endlessm.ParentalControls.SessionLimits.ChangeOwn">
|
||||
<description>Change your own session limits</description>
|
||||
<message>Authentication is required to change your session limits.</message>
|
||||
|
|
|
@ -24,6 +24,8 @@ polkit.addRule(function(action, subject) {
|
|||
* needing an additional polkit authorisation dialogue. */
|
||||
if ((action.id == "com.endlessm.ParentalControls.AppFilter.ReadOwn" ||
|
||||
action.id == "com.endlessm.ParentalControls.AppFilter.ReadAny" ||
|
||||
action.id == "com.endlessm.ParentalControls.Dns.ReadOwn" ||
|
||||
action.id == "com.endlessm.ParentalControls.Dns.ReadAny" ||
|
||||
action.id == "com.endlessm.ParentalControls.SessionLimits.ReadOwn" ||
|
||||
action.id == "com.endlessm.ParentalControls.SessionLimits.ReadAny") &&
|
||||
subject.active && subject.local &&
|
||||
|
|
|
@ -9,6 +9,7 @@ i18n.merge_file(
|
|||
dbus_interfaces = [
|
||||
'com.endlessm.ParentalControls.AccountInfo',
|
||||
'com.endlessm.ParentalControls.AppFilter',
|
||||
'com.endlessm.ParentalControls.Dns',
|
||||
'com.endlessm.ParentalControls.SessionLimits',
|
||||
]
|
||||
|
||||
|
|
Loading…
Reference in New Issue