fedir/ICFS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adapted the ui-socket to the new dialogue

Browse Source
This commit is contained in:
fedir
2025-05-03 10:31:42 +02:00
parent 82f66a1df3
commit d367d6ffe7
1 changed files with 92 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

107
src/ui-socket.c
View File

@@ -14,8 +14,10 @@
#include "cc.h"
#include "perm_permissions_table.h"
#include "real_filename.h"
#include "sourcefs.h"
#include "temp_permissions_table.h"
#include "ui-socket.h"
#include <assert.h>
#include <pthread.h>
#include <stdio.h>
#include <stdlib.h>
@@ -28,6 +30,11 @@
#define ZENITY_NO 1
#define ZENITY_PERM 2
struct dialogue_response {
access_t decision;
char *filename;
};
int init_ui_socket(const char *perm_permissions_db_filename) {
FILE *fp = NULL;
@@ -66,11 +73,16 @@ void destroy_ui_socket(void) {
* @return: access status - ALLOW, DENY or ALLOW_TEMP
* allowed for the runtime of the process
*/
access_t ask_access(const char *filename, struct process_info proc_info) {
struct dialogue_response ask_access(const char *filename,
struct process_info proc_info) {
FILE *fp = NULL;
char *command = NULL;
int ret = asprintf(&command, "zenity \"%d\" \"%s\" \"%s\" \"%s\"",
proc_info.PID, proc_info.name, filename, get_mountpoint());
proc_info.PID, proc_info.name, get_mountpoint(), filename);
struct dialogue_response response;
response.decision = DENY;
response.filename = NULL;
if (ret < 0) {
// If asprintf fails, the contents of command are undefined (see man
@@ -79,7 +91,11 @@ access_t ask_access(const char *filename, struct process_info proc_info) {
// justify preparing for this.
fprintf(stderr, "Could not create query on rule insertion");
perror("");
return 1;
response.decision = DENY;
response.filename = malloc(2);
response.filename[0] = '.';
response.filename[1] = 0;
return response;
}
// Zenity Question Message Popup
@@ -88,18 +104,20 @@ access_t ask_access(const char *filename, struct process_info proc_info) {
if (fp == NULL) {
perror("Pipe returned a error");
return DENY;
response.decision = DENY;
response.filename = malloc(2);
response.filename[0] = '.';
response.filename[1] = 0;
return response;
}
str(char) zenity_output;
init(&zenity_output);
size_t total_read = 0;
char line[1024]; // Buffer to read individual lines
// Read the command output line by line
while (fgets(line, sizeof(line), fp)) {
size_t line_len = strlen(line);
push_fmt(&zenity_output, line);
}
@@ -107,16 +125,28 @@ access_t ask_access(const char *filename, struct process_info proc_info) {
fprintf(stderr, "zenity wrote out %s\n", first(&zenity_output));
fprintf(stderr, "zenity returned %d\n", zenity_exit_code);
// if (size(&zenity_output) == 0) {
// push(&zenity_output, '.');
// }
assert(strlen(first(&zenity_output)) == size(&zenity_output));
response.filename = malloc(size(&zenity_output) + 1);
strcpy(response.filename, first(&zenity_output));
// response.filename[size(&zenity_output)] = 0;
// assert(0 == strcmp(response.filename, first(&zenity_output)));
cleanup(&zenity_output);
if (zenity_exit_code == (ZENITY_YES | ZENITY_PERM)) {
return ALLOW;
}
if (zenity_exit_code == ZENITY_YES) {
return ALLOW_TEMP;
response.decision = ALLOW;
} else if (zenity_exit_code == ZENITY_YES) {
response.decision = ALLOW_TEMP;
} else {
response.decision = DENY;
}
return DENY;
return response;
}
/**
@@ -136,20 +166,36 @@ int interactive_access(const char *filename, struct process_info proc_info,
access_t access = check_temp_access(real_path, proc_info);
if (access == ALLOW) {
fprintf(stderr,
"Permission allowed to %s based on a rule present in the temp "
"permission table.\n",
proc_info.name);
free(real_path);
return 1;
}
if (access == DENY) {
fprintf(stderr,
"Permission denied to %s based on a rule present in the temp "
"permission table.\n",
proc_info.name);
free(real_path);
return 0;
}
access = check_perm_access(real_path, proc_info);
if (access == ALLOW) {
fprintf(stderr,
"Permission allowed to %s based on a rule present in the perm "
"permission table.\n",
proc_info.name);
free(real_path);
return 1;
}
if (access == DENY) {
fprintf(stderr,
"Permission denied to %s based on a rule present in the perm "
"permission table.\n",
proc_info.name);
free(real_path);
return 0;
}
@@ -158,30 +204,61 @@ int interactive_access(const char *filename, struct process_info proc_info,
// permissions are granted
if (opts & GRANT_PERM) {
fprintf(stderr, "Permission granted permanently to %s.\n", proc_info.name);
give_perm_access(real_path, proc_info);
free(real_path);
return 1;
}
if (opts & GRANT_TEMP) {
fprintf(stderr, "Permission granted temporarily to %s.\n", proc_info.name);
set_temp_access(real_path, proc_info, SET_ALLOW);
free(real_path);
return 1;
}
access_t user_response = ask_access(real_path, proc_info);
if (user_response == ALLOW) {
struct dialogue_response response = ask_access(filename, proc_info);
// fprintf(stderr, "%s", response.filename);
// assert(0 != strlen(response.filename));
// the user might specify a different file in the dialogue, so we need to
// check if it is valid
/*
while (source_access(response.filename, F_OK)) {
// if it is invalid, just ask again.
fprintf(stderr, "Filename returned by zenty wasn't correct: %s\n",
response.filename);
free(response.filename);
response = ask_access(filename, proc_info);
}
*/
free(real_path);
real_path = real_filename(response.filename);
free(response.filename);
if (response.decision == ALLOW) {
fprintf(stderr,
"Permission granted permanently to %s based on zenty response.\n",
proc_info.name);
give_perm_access(real_path, proc_info);
free(real_path);
return 1;
}
if (user_response == ALLOW_TEMP) {
if (response.decision == ALLOW_TEMP) {
fprintf(stderr,
"Permission granted temporarily to %s based on zenty response.\n",
proc_info.name);
set_temp_access(real_path, proc_info, SET_ALLOW);
free(real_path);
return 1;
}
if (user_response == DENY) {
if (response.decision == DENY) {
fprintf(stderr,
"Permission denied temporarily to %s based on zenty response.\n",
proc_info.name);
set_temp_access(real_path, proc_info, SET_DENY);
free(real_path);
return 0;