• Skip to content
  • Skip to link menu
KDE API Reference
  • KDE API Reference
  • kdelibs API Reference
  • KDE Home
  • Contact Us
 

KDECore

  • sources
  • kde-4.12
  • kdelibs
  • kdecore
  • auth
  • backends
  • mac
AuthServicesBackend.cpp
Go to the documentation of this file.
1 /*
2 * Copyright (C) 2008 Nicola Gigante <nicola.gigante@gmail.com>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU Lesser General Public License as published by
6 * the Free Software Foundation; either version 2.1 of the License, or
7 * (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU Lesser General Public License
15 * along with this program; if not, write to the
16 * Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA .
18 */
19 
20 #include "AuthServicesBackend.h"
21 #include <Security/Security.h>
22 
23 #include <QtCore/qplugin.h>
24 
25 namespace KAuth
26 {
27 
28 static AuthorizationRef s_authRef = NULL;
29 
30 AuthorizationRef authRef();
31 
32 AuthorizationRef authRef()
33 {
34  if (!s_authRef) {
35  AuthorizationCreate(NULL, kAuthorizationEmptyEnvironment, kAuthorizationFlagDefaults, &s_authRef);
36  }
37 
38  return s_authRef;
39 }
40 
41 AuthServicesBackend::AuthServicesBackend()
42  : AuthBackend()
43 {
44  setCapabilities(AuthorizeFromHelperCapability | CheckActionExistenceCapability);
45 }
46 
47 void AuthServicesBackend::setupAction(const QString&)
48 {
49  // Nothing to do here...
50 }
51 
52 // On OS X, the suggestion is to make the helper grant the actual privilege. The app does instead a
53 // "pre-authorization", that's equivalent to look at isCallerAuthorized() in policykit.
54 Action::AuthStatus AuthServicesBackend::authorizeAction(const QString &action)
55 {
56  return actionStatus(action);
57 }
58 
59 Action::AuthStatus AuthServicesBackend::actionStatus(const QString &action)
60 {
61  AuthorizationItem item;
62  item.name = action.toUtf8();
63  item.valueLength = 0;
64  item.value = NULL;
65  item.flags = 0;
66 
67  AuthorizationRights rights;
68  rights.count = 1;
69  rights.items = &item;
70 
71  OSStatus result = AuthorizationCopyRights(authRef(),
72  &rights,
73  kAuthorizationEmptyEnvironment,
74  kAuthorizationFlagExtendRights | kAuthorizationFlagPreAuthorize,
75  NULL);
76 
77  switch (result) {
78  case errAuthorizationSuccess:
79  return Action::Authorized;
80  case errAuthorizationInteractionNotAllowed:
81  return Action::AuthRequired;
82  default:
83  return Action::Denied;
84  }
85 }
86 
87 QByteArray AuthServicesBackend::callerID() const
88 {
89  AuthorizationExternalForm ext;
90  AuthorizationMakeExternalForm(authRef(), &ext);
91 
92  QByteArray id((const char *)&ext, sizeof(ext));
93 
94  return id;
95 }
96 
97 bool AuthServicesBackend::isCallerAuthorized(const QString &action, QByteArray callerID)
98 {
99  AuthorizationExternalForm ext;
100  memcpy(&ext, callerID.data(), sizeof(ext));
101 
102  AuthorizationRef auth;
103 
104  if (AuthorizationCreateFromExternalForm(&ext, &auth) != noErr)
105  return false;
106 
107  AuthorizationItem item;
108  item.name = action.toUtf8();
109  item.valueLength = 0;
110  item.value = NULL;
111  item.flags = 0;
112 
113  AuthorizationRights rights;
114  rights.count = 1;
115  rights.items = &item;
116 
117  OSStatus result = AuthorizationCopyRights(auth,
118  &rights,
119  kAuthorizationEmptyEnvironment,
120  kAuthorizationFlagExtendRights | kAuthorizationFlagInteractionAllowed,
121  NULL);
122 
123  AuthorizationFree(auth, kAuthorizationFlagDefaults);
124 
125  return result == errAuthorizationSuccess;
126 }
127 
128 bool AuthServicesBackend::actionExists(const QString& action)
129 {
130  OSStatus exists = AuthorizationRightGet(action.toUtf8(), NULL);
131 
132  return exists == errAuthorizationSuccess;
133 }
134 
135 }; // namespace KAuth
136 
137 Q_EXPORT_PLUGIN2(kauth_backend, KAuth::AuthServicesBackend)
KAuth::AuthBackend::CheckActionExistenceCapability
Definition: AuthBackend.h:41
KAuth::AuthServicesBackend::setupAction
virtual void setupAction(const QString &)
Definition: AuthServicesBackend.cpp:47
KAuth::Action::AuthRequired
The user could obtain the authorization after authentication.
Definition: kauthaction.h:83
KAuth::AuthServicesBackend
Definition: AuthServicesBackend.h:28
AuthServicesBackend.h
KAuth::AuthServicesBackend::actionStatus
virtual Action::AuthStatus actionStatus(const QString &)
Definition: AuthServicesBackend.cpp:59
KAuth::AuthServicesBackend::isCallerAuthorized
virtual bool isCallerAuthorized(const QString &action, QByteArray callerID)
Definition: AuthServicesBackend.cpp:97
KAuth::authRef
AuthorizationRef authRef()
Definition: AuthServicesBackend.cpp:32
QString
KAuth::AuthBackend::AuthorizeFromHelperCapability
Definition: AuthBackend.h:40
KAuth::s_authRef
static AuthorizationRef s_authRef
Definition: AuthServicesBackend.cpp:28
KAuth::Action::Denied
The authorization has been denied by the authorization backend.
Definition: kauthaction.h:79
KAuth::Action::Authorized
The authorization has been granted by the authorization backend.
Definition: kauthaction.h:82
KAuth::AuthServicesBackend::authorizeAction
virtual Action::AuthStatus authorizeAction(const QString &)
Definition: AuthServicesBackend.cpp:54
KAuth::Action::AuthStatus
AuthStatus
The three values returned by authorization methods.
Definition: kauthaction.h:78
KAuth::AuthBackend::setCapabilities
void setCapabilities(Capabilities capabilities)
Definition: AuthBackend.cpp:52
KAuth::AuthBackend
Definition: AuthBackend.h:31
KAuth::AuthServicesBackend::callerID
virtual QByteArray callerID() const
Definition: AuthServicesBackend.cpp:87
KAuth::AuthServicesBackend::AuthServicesBackend
AuthServicesBackend()
Definition: AuthServicesBackend.cpp:41
KAuth::AuthServicesBackend::actionExists
virtual bool actionExists(const QString &action)
Definition: AuthServicesBackend.cpp:128
This file is part of the KDE documentation.
Documentation copyright © 1996-2014 The KDE developers.
Generated on Tue Oct 14 2014 22:47:07 by doxygen 1.8.7 written by Dimitri van Heesch, © 1997-2006

KDE's Doxygen guidelines are available online.

KDECore

Skip menu "KDECore"
  • Main Page
  • Namespace List
  • Namespace Members
  • Alphabetical List
  • Class List
  • Class Hierarchy
  • Class Members
  • File List
  • File Members
  • Modules
  • Related Pages

kdelibs API Reference

Skip menu "kdelibs API Reference"
  • DNSSD
  • Interfaces
  •   KHexEdit
  •   KMediaPlayer
  •   KSpeech
  •   KTextEditor
  • kconf_update
  • KDE3Support
  •   KUnitTest
  • KDECore
  • KDED
  • KDEsu
  • KDEUI
  • KDEWebKit
  • KDocTools
  • KFile
  • KHTML
  • KImgIO
  • KInit
  • kio
  • KIOSlave
  • KJS
  •   KJS-API
  • kjsembed
  •   WTF
  • KNewStuff
  • KParts
  • KPty
  • Kross
  • KUnitConversion
  • KUtils
  • Nepomuk
  • Nepomuk-Core
  • Nepomuk
  • Plasma
  • Solid
  • Sonnet
  • ThreadWeaver

Search



Report problems with this website to our bug tracking system.
Contact the specific authors with questions and comments about the page contents.

KDE® and the K Desktop Environment® logo are registered trademarks of KDE e.V. | Legal