Adapted mock zenity to the new dialogue

src/gui/zenity-clone.c

@@ -16,7 +16,7 @@ gboolean is_permanent = false;
 GtkEntryBuffer *entry_buffer = NULL;
 GtkWidget *checkbox = NULL;
 
-static void negative_response(GtkWindow *window) {
+static void positive_response(GtkWindow *window) {
   fprintf(stdout, "%s", gtk_entry_buffer_get_text(entry_buffer));
   exit_code = (gtk_check_button_get_active(GTK_CHECK_BUTTON(checkbox)))
                   ? YES | PERM
@@ -24,7 +24,7 @@ static void negative_response(GtkWindow *window) {
   gtk_window_close(window);
 }
 
-static void positive_response(GtkWindow *window) {
+static void negative_response(GtkWindow *window) {
   fprintf(stdout, "%s", gtk_entry_buffer_get_text(entry_buffer));
   exit_code = (gtk_check_button_get_active(GTK_CHECK_BUTTON(checkbox)))
                   ? NO | PERM

src/ui-socket.c

@@ -14,8 +14,10 @@
 #include "cc.h"
 #include "perm_permissions_table.h"
 #include "real_filename.h"
+#include "sourcefs.h"
 #include "temp_permissions_table.h"
 #include "ui-socket.h"
+#include <assert.h>
 #include <pthread.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -28,6 +30,11 @@
 #define ZENITY_NO 1
 #define ZENITY_PERM 2
 
+struct dialogue_response {
+  access_t decision;
+  char *filename;
+};
+
 int init_ui_socket(const char *perm_permissions_db_filename) {
   FILE *fp = NULL;
 
@@ -66,11 +73,16 @@ void destroy_ui_socket(void) {
  * @return: access status - ALLOW, DENY or ALLOW_TEMP
  * allowed for the runtime of the process
  */
-access_t ask_access(const char *filename, struct process_info proc_info) {
+struct dialogue_response ask_access(const char *filename,
+                                    struct process_info proc_info) {
   FILE *fp = NULL;
   char *command = NULL;
   int ret = asprintf(&command, "zenity \"%d\" \"%s\" \"%s\" \"%s\"",
-                     proc_info.PID, proc_info.name, filename, get_mountpoint());
+                     proc_info.PID, proc_info.name, get_mountpoint(), filename);
+
+  struct dialogue_response response;
+  response.decision = DENY;
+  response.filename = NULL;
 
   if (ret < 0) {
     // If asprintf fails, the contents of command are undefined (see man
@@ -79,7 +91,11 @@ access_t ask_access(const char *filename, struct process_info proc_info) {
     // justify preparing for this.
     fprintf(stderr, "Could not create query on rule insertion");
     perror("");
-    return 1;
+    response.decision = DENY;
+    response.filename = malloc(2);
+    response.filename[0] = '.';
+    response.filename[1] = 0;
+    return response;
   }
 
   // Zenity Question Message Popup
@@ -88,18 +104,20 @@ access_t ask_access(const char *filename, struct process_info proc_info) {
 
   if (fp == NULL) {
     perror("Pipe returned a error");
-    return DENY;
+    response.decision = DENY;
+    response.filename = malloc(2);
+    response.filename[0] = '.';
+    response.filename[1] = 0;
+    return response;
   }
 
   str(char) zenity_output;
   init(&zenity_output);
 
-  size_t total_read = 0;
   char line[1024]; // Buffer to read individual lines
 
   // Read the command output line by line
   while (fgets(line, sizeof(line), fp)) {
-    size_t line_len = strlen(line);
     push_fmt(&zenity_output, line);
   }
 
@@ -107,16 +125,28 @@ access_t ask_access(const char *filename, struct process_info proc_info) {
   fprintf(stderr, "zenity wrote out %s\n", first(&zenity_output));
   fprintf(stderr, "zenity returned %d\n", zenity_exit_code);
 
+  // if (size(&zenity_output) == 0) {
+  //   push(&zenity_output, '.');
+  // }
+
+  assert(strlen(first(&zenity_output)) == size(&zenity_output));
+
+  response.filename = malloc(size(&zenity_output) + 1);
+  strcpy(response.filename, first(&zenity_output));
+  // response.filename[size(&zenity_output)] = 0;
+
+  // assert(0 == strcmp(response.filename, first(&zenity_output)));
   cleanup(&zenity_output);
 
   if (zenity_exit_code == (ZENITY_YES | ZENITY_PERM)) {
-    return ALLOW;
+    response.decision = ALLOW;
-  }
+  } else if (zenity_exit_code == ZENITY_YES) {
-  if (zenity_exit_code == ZENITY_YES) {
+    response.decision = ALLOW_TEMP;
-    return ALLOW_TEMP;
+  } else {
+    response.decision = DENY;
   }
 
-  return DENY;
+  return response;
 }
 
 /**
@@ -136,20 +166,36 @@ int interactive_access(const char *filename, struct process_info proc_info,
 
   access_t access = check_temp_access(real_path, proc_info);
   if (access == ALLOW) {
+    fprintf(stderr,
+            "Permission allowed to %s based on a rule present in the temp "
+            "permission table.\n",
+            proc_info.name);
     free(real_path);
     return 1;
   }
   if (access == DENY) {
+    fprintf(stderr,
+            "Permission denied to %s based on a rule present in the temp "
+            "permission table.\n",
+            proc_info.name);
     free(real_path);
     return 0;
   }
 
   access = check_perm_access(real_path, proc_info);
   if (access == ALLOW) {
+    fprintf(stderr,
+            "Permission allowed to %s based on a rule present in the perm "
+            "permission table.\n",
+            proc_info.name);
     free(real_path);
     return 1;
   }
   if (access == DENY) {
+    fprintf(stderr,
+            "Permission denied to %s based on a rule present in the perm "
+            "permission table.\n",
+            proc_info.name);
     free(real_path);
     return 0;
   }
@@ -158,30 +204,61 @@ int interactive_access(const char *filename, struct process_info proc_info,
   // permissions are granted
 
   if (opts & GRANT_PERM) {
+    fprintf(stderr, "Permission granted permanently to %s.\n", proc_info.name);
     give_perm_access(real_path, proc_info);
     free(real_path);
     return 1;
   }
   if (opts & GRANT_TEMP) {
+    fprintf(stderr, "Permission granted temporarily to %s.\n", proc_info.name);
     set_temp_access(real_path, proc_info, SET_ALLOW);
     free(real_path);
     return 1;
   }
 
-  access_t user_response = ask_access(real_path, proc_info);
+  struct dialogue_response response = ask_access(filename, proc_info);
-  if (user_response == ALLOW) {
+  // fprintf(stderr, "%s", response.filename);
+  // assert(0 != strlen(response.filename));
+
+  // the user might specify a different file in the dialogue, so we need to
+  // check if it is valid
+
+  /*
+  while (source_access(response.filename, F_OK)) {
+    // if it is invalid, just ask again.
+    fprintf(stderr, "Filename returned by zenty wasn't correct: %s\n",
+            response.filename);
+    free(response.filename);
+    response = ask_access(filename, proc_info);
+  }
+  */
+  free(real_path);
+
+  real_path = real_filename(response.filename);
+  free(response.filename);
+
+  if (response.decision == ALLOW) {
+    fprintf(stderr,
+            "Permission granted permanently to %s based on zenty response.\n",
+            proc_info.name);
     give_perm_access(real_path, proc_info);
     free(real_path);
     return 1;
   }
 
-  if (user_response == ALLOW_TEMP) {
+  if (response.decision == ALLOW_TEMP) {
+    fprintf(stderr,
+            "Permission granted temporarily to %s based on zenty response.\n",
+            proc_info.name);
     set_temp_access(real_path, proc_info, SET_ALLOW);
     free(real_path);
     return 1;
   }
 
-  if (user_response == DENY) {
+  if (response.decision == DENY) {
+    fprintf(stderr,
+            "Permission denied temporarily to %s based on zenty response.\n",
+            proc_info.name);
     set_temp_access(real_path, proc_info, SET_DENY);
     free(real_path);
     return 0;

test/mock/zenity

@@ -2,20 +2,24 @@
 
 # fake-zenity: script that mocks the behavior of zenity based on the ./.fake-zenity-response file
 
+ZENITY_YES=0
+ZENITY_NO=1
+ZENITY_PERM=2
+
 if [[ $1 == "--set-fake-response" ]]; then
   #someone knows we are fake :)
-  echo $2 >~/.fake_zenity_response
+  echo "$2" >~/.fake_zenity_response
 else
   if [ -f ~/.fake_zenity_response ]; then
     FAKE_ZENITY_RESPONSE=$(cat ~/.fake_zenity_response)
 
+    printf "%s" "$4"
     if [[ $FAKE_ZENITY_RESPONSE == "yes_tmp" ]]; then
-      printf "Allow this time\n"
+      exit "$ZENITY_YES"
-      exit 1
     elif [[ $FAKE_ZENITY_RESPONSE == "no" ]]; then
-      exit 1
+      exit "$ZENITY_NO"
     elif [[ $FAKE_ZENITY_RESPONSE == "yes" ]]; then
-      exit 0
+      exit "$((ZENITY_YES | ZENITY_PERM))"
     fi
   fi
 fi