You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
polkit-tqt/core/polkit-tqt-authority.h

527 lines
19 KiB

/*
* This file is part of the Polkit-tqt project
* Copyright (C) 2009 Daniel Nicoletti <dantti85-pk@yahoo.com.br>
* Copyright (C) 2009 Dario Freddi <drf@kde.org>
* Copyright (C) 2009 Jaroslav Reznik <jreznik@redhat.com>
* Copyright (C) 2009 Radek Novacek <rnovacek@redhat.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Library General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Library General Public License for more details.
*
* You should have received a copy of the GNU Library General Public License
* along with this library; see the file COPYING.LIB. If not, write to
* the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
* Boston, MA 02110-1301, USA.
*/
#ifndef POLKIT_TQT_AUTHORITY_H
#define POLKIT_TQT_AUTHORITY_H
#include "polkit-tqt-export.h"
#include "polkit-tqt-identity.h"
#include "polkit-tqt-subject.h"
#include "polkit-tqt-temporaryauthorization.h"
#include "polkit-tqt-actiondescription.h"
#include "tqobject.h"
typedef struct _PolkitAuthority PolkitAuthority;
class TQString;
/**
* \namespace PolkitTQt PolkitTQt
*
* \brief Namespace wrapping Polkit-TQt classes
*
* This namespace wraps all Polkit-TQt classes.
*/
namespace PolkitTQt
{
/**
* \class Authority polkit-tqt-authority.h Authority
* \author Daniel Nicoletti <dantti85-pk@yahoo.com.br>
* \author Dario Freddi <drf@kde.org>
* \author Jaroslav Reznik <jreznik@redhat.com>
*
* \brief Convenience class for TQt/TDE applications
*
* This class is a singleton that makes easy the usage
* of PolKitAuthority. It emits configChanged()
* whenever PolicyKit files change (e.g. the PolicyKit.conf
* or .policy files) or when ConsoleKit reports activities changes.
*
* \note This class is a singleton, its constructor is private.
* Call Authority::instance() to get an instance of the Authority object.
* Do not delete Authority::instance(), cleanup will be done automatically.
*/
class POLKIT_TQT_EXPORT Authority : public TQObject
{
TQ_OBJECT
public:
enum Result
{
/** Result unknown */
Unknown = 0x00,
/** The subject is authorized for the specified action */
Yes = 0x01,
/** The subject is not authorized for the specified action */
No = 0x02,
/** The subject is authorized if more information is provided */
Challenge = 0x03
};
enum AuthorizationFlags
{
/** No flags set **/
None = 0x00,
/** If the subject can obtain the authorization through authentication,
* and an authentication agent is available, then attempt to do so.
*
* Note, this means that the method used for checking authorization is likely
* to block for a long time. **/
AllowUserInteraction = 0x01
};
/** Error codes for the authority class */
enum ErrorCode
{
/** No error occurred **/
E_None = 0x00,
/** Authority cannot be obtained **/
E_GetAuthority = 0x01,
/** Authority check failed **/
E_CheckFailed = 0x02,
/** Wrong or empty subject was given **/
E_WrongSubject = 0x03,
/** Action returned unknown result **/
E_UnknownResult = 0x04,
/** Enumerating actions failed **/
E_EnumFailed = 0x05,
/** Registration of authentication agent failed **/
E_RegisterFailed = 0x06,
/** Unregistration of authentication agent failed **/
E_UnregisterFailed = 0x07,
/** Cookie or polkit-tqt-identity.handled to the action is empty **/
E_CookieOrIdentityEmpty = 0x08,
/** Response of auth agent failed **/
E_AgentResponseFailed = 0x09,
/** Revoke temporary authorizations failed **/
E_RevokeFailed = 0x0A
};
/**
* \brief Returns the instance of Authority
*
* Returns the current instance of Authority. Call this function whenever
* you need to access the Authority class.
*
* \note Authority is a singleton. Memory is handled by polkit-tqt, so you just
* need to call this function to get a working instance of Authority.
* Don't delete the object after having used it.
*
* \param authority use this if you want to set an explicit PolkitAuthority. If you
* don't know what this implies, simply ignore the parameter. In case
* you want to use it, be sure of streaming it the first time you call
* this function, otherwise it will have no effect.
*
* \return The current authority instance
*/
static Authority* instance(PolkitAuthority *authority = nullptr);
~Authority();
/**
* You should always call this method after every action. No action will be allowed
* if the object is in error state. Use clearError() to clear the error message.
*
* \see lastError
* \see clearError
*
* \return \c true if an error occurred, \c false if the library is ready
*/
bool hasError() const;
/**
* \return the code of last error
*/
ErrorCode lastError() const;
/**
* Get detail information about error that occurred.
*
* \return detail message
*/
const TQString errorDetails() const;
/**
* Use this method to clear the error message.
*/
void clearError();
/**
* Returns the current instance of PolkitAuthority. If you are handling
* it through Polkit-tqt (which is quite likely, since you are calling
* this function), DO NOT use any PolicyKit API's specific method that
* modifies the instance on it, unless you're completely aware of what you're doing and
* of the possible consequencies. Use this instance only to gather information.
*
* \return the current PolkitAuthority instance
*/
PolkitAuthority* polkitAuthority() const;
/**
* This function should be used by mechanisms (e.g.: helper applications).
* It returns the action should be carried out, so if the caller was
* actually authorized to perform it. The result is in form of a Result, so that
* you can have more control over the whole process, and detect an eventual error.
* Most of the times you simply want to check if the result is == to \c Result::Yes,
* if you don't have specific needs.
*
* It is CRITICAL that you call this function
* and check what it returns before doing anything in your helper, since otherwise
* you could be actually performing an action from an unknown or unauthorized caller.
*
* When operation is finished, signal checkAuthorizationFinish is emitted
* with result of authorization check in its parameter.
*
* \see checkAuthorizationSync Synchronous version of this method.
* \see checkAuthorizationFinished Signal that is emitted when this method finishes.
* \see checkAuthorizationCancel Use it to cancel execution of this method.
*
* \param actionId the Id of the action in question
* \param subject subject that the action is authorized for (e.g. unix process)
* \param flags flags that influences the authorization checking
*
* \return \c Result::Yes if the caller is authorized and the action should be performed
* \c otherwise if the caller was not authorized and the action should not be performed,
* or an error has occurred
*
*/
void checkAuthorization(const TQString &actionId, const Subject &subject,
AuthorizationFlags flags);
/**
* Synchronous version of the checkAuthorization method.
*
* \param actionId the Id of the action in question
* \param subject subject that the action is authorized for (e.g. unix process)
* \param flags flags that influences the authorization checking
*
* \see checkAuthorization Asynchronous version of this method.
*/
Result checkAuthorizationSync(const TQString &actionId, const Subject &subject,
AuthorizationFlags flags);
/**
* This method can be used to cancel last authorization check.
*/
void checkAuthorizationCancel();
/**
* Asynchronously retrieves all registered actions.
*
* When operation is finished, signal checkAuthorizationFinish is emitted
* with result of authorization check in its parameter.
*
* \see enumerateActionsSync Synchronous version of this method.
* \see enumerateActionsFinished Signal that is emitted when this method finishes.
* \see enumerateActionsCancel Use it to cancel execution of this method.
*/
void enumerateActions();
/**
* Synchronously retrieves all registered actions.
*
* \see enumerateActions Asynchronous version of this method.
*
* \return a list of Action IDs
*/
ActionDescription::List enumerateActionsSync();
/**
* This method can be used to cancel enumeration of actions
*/
void enumerateActionsCancel();
/**
* Registers an authentication agent.
*
* \see registerAuthenticationAgentSync Synchronous version of this method.
* \see registerAuthenticationAgentFinished Signal that is emitted when this method finishes.
* \see registerAuthenticationAgentCancel Use it to cancel execution of this method.
*
* \param subject caller subject
* \param locale the locale of the authentication agent
* \param objectPath the object path for the authentication agent
*/
void registerAuthenticationAgent(const Subject &subject, const TQString &locale,
const TQString &objectPath);
/**
* Registers an authentication agent.
*
* \see registerAuthenticationAgent Asynchronous version of this method.
*
* \param subject caller subject
* \param locale the locale of the authentication agent
* \param objectPath the object path for the authentication agent
*
* \return \c true if the Authentication agent has been successfully registered
* \c false if the Authentication agent registration failed
*/
bool registerAuthenticationAgentSync(const Subject &subject, const TQString &locale,
const TQString &objectPath);
/**
* This method can be used to cancel the registration of the authentication agent.
*/
void registerAuthenticationAgentCancel();
/**
* Unregisters an Authentication agent.
*
* \see unregisterAuthenticationAgentSync Synchronous version of this method.
* \see unregisterAuthenticationAgentFinished Signal that is emitted when this method finishes.
* \see unregisterAuthenticationAgentCancel Use it to cancel execution of this method.
*
* \param subject caller subject
* \param objectPath the object path for the Authentication agent
*
* \return \c true if the Authentication agent has been successfully unregistered
* \c false if the Authentication agent unregistration failed
*/
void unregisterAuthenticationAgent(const Subject &subject, const TQString &objectPath);
/**
* Unregisters an Authentication agent.
*
* \see unregisterAuthenticationAgent Asynchronous version of this method.
*
* \param subject caller subject
* \param objectPath the object path for the Authentication agent
*
* \return \c true if the Authentication agent has been successfully unregistered
* \c false if the Authentication agent unregistration failed
*/
bool unregisterAuthenticationAgentSync(const Subject &subject, const TQString &objectPath);
/**
* This method can be used to cancel the unregistration of the authentication agent.
*/
void unregisterAuthenticationAgentCancel();
/**
* Provide response that \p identity successfully authenticated for the authentication
* request identified by \p cookie.
*
* \see authenticationAgentResponseSync Synchronous version of this method.
* \see authenticationAgentResponseFinished Signal that is emitted when this method finishes.
* \see authenticationAgentResponseCancel Use it to cancel execution of this method.
*
* \param cookie The cookie passed to the authentication agent from the authority.
* \param identity The identity that was authenticated.
*/
void authenticationAgentResponse(const TQString &cookie, const Identity &identity);
/**
* Provide response that \p identity successfully authenticated for the authentication
* request identified by \p cookie.
*
* \see authenticationAgentResponse Asynchronous version of this method.
*
* \param cookie The cookie passed to the authentication agent from the authority.
* \param identity The identity that was authenticated.
*
* \return \c true if authority acknowledged the call, \c false if error is set.
*
*/
bool authenticationAgentResponseSync(const TQString &cookie, const Identity &identity);
/**
* This method can be used to cancel the authenticationAgentResponseAsync method.
*/
void authenticationAgentResponseCancel();
/**
* Retrieves all temporary action that applies to \p subject.
*
* \see enumerateTemporaryAuthorizationsSync Synchronous version of this method.
* \see enumerateTemporaryAuthorizationsFinished Signal that is emitted when this method finishes.
* \see enumerateTemporaryAuthorizationsCancel Use it to cancel execution of this method.
*
* \param subject the subject to get temporary authorizations for
*
*/
void enumerateTemporaryAuthorizations(const Subject &subject);
/**
* Retrieves all temporary action that applies to \p subject
*
* \see enumerateTemporaryAuthorizations Asynchronous version of this method.
*
* \param subject the subject to get temporary authorizations for
*
* \note Free all TemporaryAuthorization objects using \p delete operator.
*
* \return List of all temporary authorizations
*/
TemporaryAuthorization::List enumerateTemporaryAuthorizationsSync(const Subject &subject);
/**
* This method can be used to cancel the enumerateTemporaryAuthorizationsAsync method.
*/
void enumerateTemporaryAuthorizationsCancel();
/**
* Revokes all temporary authorizations that applies to \p subject
*
* \see revokeTemporaryAuthorizationsSync Synchronous version of this method.
* \see revokeTemporaryAuthorizationsFinished Signal that is emitted when this method finishes.
* \see revokeTemporaryAuthorizationsCancel Use it to cancel execution of this method.
* \param subject the subject to revoke temporary authorizations from
*/
void revokeTemporaryAuthorizations(const Subject &subject);
/**
* Revokes all temporary authorizations that applies to \p subject
*
* \see revokeTemporaryAuthorizations Asynchronous version of this method.
*
* \param subject the subject to revoke temporary authorizations from
*
* \return \c true if all temporary authorization were revoked
* \c false if the revoking failed
*/
bool revokeTemporaryAuthorizationsSync(const Subject &subject);
/**
* This method can be used to cancel the method revokeTemporaryAuthorizationsAsync.
*/
void revokeTemporaryAuthorizationsCancel();
/**
* Revokes temporary authorization by \p id
*
* \see revokeTemporaryAuthorizationSync Synchronous version of this method.
* \see revokeTemporaryAuthorizationFinished Signal that is emitted when this method finishes.
* \see revokeTemporaryAuthorizationCancel Use it to cancel execution of this method.
*
* \param id the identifier of the temporary authorization
*/
void revokeTemporaryAuthorization(const TQString &id);
/**
* Revokes temporary authorization by \p id
*
* \see revokeTemporaryAuthorization Asynchronous version of this method.
*
* \param id the identifier of the temporary authorization
*
* \return \c true if the temporary authorization was revoked
* \c false if the revoking failed
*/
bool revokeTemporaryAuthorizationSync(const TQString &id);
/**
* This method can be used to cancel the method revokeTemporaryAuthorizationAsync.
*/
void revokeTemporaryAuthorizationCancel();
signals:
/**
* This signal will be emitted when a configuration
* file gets changed (e.g. /etc/PolicyKit/PolicyKit.conf or .policy files).
* Connect to this signal if you want to track down actions.
*/
void configChanged();
/**
* This signal is emitted when asynchronous method checkAuthorization finishes.
*
* The argument is the result of authorization.
*/
void checkAuthorizationFinished(Result);
/**
* This signal is emitted when asynchronous method enumerateActions finishes.
*
* The argument is the list of all Action IDs.
*/
void enumerateActionsFinished(ActionDescription::List);
/**
* This signal is emitted when asynchronous method registerAuthenticationAgent finishes.
*
* The argument is \c true if the Authentication agent has been successfully registered
* \c false if the Authentication agent registration failed
*/
void registerAuthenticationAgentFinished(bool);
/**
* This signal is emitted when asynchronous method unregisterAuthenticationAgent finishes.
*
* The argument is \c true if the Authentication agent has been successfully unregistered
* \c false if the Authentication agent unregistration failed
*/
void unregisterAuthenticationAgentFinished(bool);
/**
* This signal is emitted when asynchronous method authenticationAgentResponse finishes.
*
* The argument is \c true if authority acknowledged the call, \c false if error is set.
*/
void authenticationAgentResponseFinished(bool);
/**
* This signal is emitted when asynchronous method enumerateTemporaryAuthorizations finishes.
*
* The argument is list of all temporary authorizations.
*
* \note Free all TemporaryAuthorization objects using \p delete operator.
*/
void enumerateTemporaryAuthorizationsFinished(TemporaryAuthorization::List);
/**
* This signal is emitted when asynchronous method revokeTemporaryAuthorizations finishes.
*
* The argument is \c true if all temporary authorizations were revoked
* \c false if the revoking failed
*/
void revokeTemporaryAuthorizationsFinished(bool);
/**
* This signal is emitted when asynchronous method revokeTemporaryAuthorization finishes.
* \return \c true if the temporary authorization was revoked
* \c false if the revoking failed
*/
void revokeTemporaryAuthorizationFinished(bool);
private:
// Disable copy
Authority(const Authority&);
Authority& operator=(const Authority&);
Authority(TQObject *parent = nullptr);
static Authority *m_theAuthority;
class Private;
Private *const d;
};
}
#endif