Add support for different security privileges

author: Marcel Holtmann <marcel@holtmann.org> 2009-01-06 21:20:50 +0100
committer: Marcel Holtmann <marcel@holtmann.org> 2009-01-06 21:20:50 +0100
commit: 77b134b5f3f2856cd6a915904b9ff3b207654c71 (patch)
tree: 1873ac1fafd916d792ae0d5c89e775fafd924334 /plugins
parent: 0dd6156eaf461a25781a9f0b7dd727e03c6172b0 (diff)
download: connman-77b134b5f3f2856cd6a915904b9ff3b207654c71.tar.gz
connman-77b134b5f3f2856cd6a915904b9ff3b207654c71.tar.bz2
connman-77b134b5f3f2856cd6a915904b9ff3b207654c71.zip
2 files changed, 22 insertions, 8 deletions
diff --git a/plugins/connman.policy b/plugins/connman.policy
index 1b34381b..bc36a6dd 100644
--- a/plugins/connman.policy
+++ b/plugins/connman.policy
@@ -6,10 +6,10 @@
 <policyconfig>
 
   <vendor>Connection Manager</vendor>
-  <icon_name>stock_internet</icon_name>
+  <icon_name>network-wireless</icon_name>
 
   <action id="org.moblin.connman.modify">
-    <description>Modify configuration</description>
+    <description>Settings configuration</description>
     <message>Policy prevents modification of settings</message>
     <defaults>
       <allow_inactive>no</allow_inactive>
@@ -17,9 +17,9 @@
     </defaults>
   </action>
 
-  <action id="org.moblin.connman.passphrase">
-    <description>Passphrase configuration</description>
-    <message>Policy prevents modification of passphrases</message>
+  <action id="org.moblin.connman.secret">
+    <description>Secrets configuration</description>
+    <message>Policy prevents modification of secrets</message>
     <defaults>
       <allow_inactive>no</allow_inactive>
       <allow_active>auth_admin_keep_always</allow_active>
diff --git a/plugins/polkit.c b/plugins/polkit.c
index d3ca6924..de183a27 100644
--- a/plugins/polkit.c
+++ b/plugins/polkit.c
@@ -34,20 +34,34 @@
 #include <connman/dbus.h>
 #include <connman/log.h>
 
-#define ACTION "org.moblin.connman.modify"
+#define ACTION_MODIFY "org.moblin.connman.modify"
+#define ACTION_SECRET "org.moblin.connman.secret"
 
 static DBusConnection *connection;
 static PolKitContext *polkit_context;
 
-static int polkit_authorize(const char *sender)
+static int polkit_authorize(const char *sender,
+				enum connman_security_privilege privilege)
 {
 	DBusError error;
 	PolKitCaller *caller;
 	PolKitAction *action;
 	PolKitResult result;
+	const char *id;
 
 	DBG("sender %s", sender);
 
+	switch (privilege) {
+	case CONNMAN_SECURITY_PRIVILEGE_PUBLIC:
+		return 0;
+	case CONNMAN_SECURITY_PRIVILEGE_MODIFY:
+		id = ACTION_MODIFY;
+		break;
+	case CONNMAN_SECURITY_PRIVILEGE_SECRET:
+		id = ACTION_SECRET;
+		break;
+	}
+
 	dbus_error_init(&error);
 
 	caller = polkit_caller_new_from_dbus_name(connection, sender, &error);
@@ -61,7 +75,7 @@ static int polkit_authorize(const char *sender)
 	}
 
 	action = polkit_action_new();
-	polkit_action_set_action_id(action, ACTION);
+	polkit_action_set_action_id(action, id);
 
 	result = polkit_context_is_caller_authorized(polkit_context,
 						action, caller, TRUE, NULL);
author	Marcel Holtmann <marcel@holtmann.org>	2009-01-06 21:20:50 +0100
committer	Marcel Holtmann <marcel@holtmann.org>	2009-01-06 21:20:50 +0100
commit	77b134b5f3f2856cd6a915904b9ff3b207654c71 (patch)
tree	1873ac1fafd916d792ae0d5c89e775fafd924334 /plugins
parent	0dd6156eaf461a25781a9f0b7dd727e03c6172b0 (diff)
download	connman-77b134b5f3f2856cd6a915904b9ff3b207654c71.tar.gz connman-77b134b5f3f2856cd6a915904b9ff3b207654c71.tar.bz2 connman-77b134b5f3f2856cd6a915904b9ff3b207654c71.zip