new-dialogue #8
107
src/ui-socket.c
107
src/ui-socket.c
@ -14,8 +14,10 @@
|
||||
#include "cc.h"
|
||||
#include "perm_permissions_table.h"
|
||||
#include "real_filename.h"
|
||||
#include "sourcefs.h"
|
||||
#include "temp_permissions_table.h"
|
||||
#include "ui-socket.h"
|
||||
#include <assert.h>
|
||||
#include <pthread.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@ -28,6 +30,11 @@
|
||||
#define ZENITY_NO 1
|
||||
#define ZENITY_PERM 2
|
||||
|
||||
struct dialogue_response {
|
||||
access_t decision;
|
||||
char *filename;
|
||||
};
|
||||
|
||||
int init_ui_socket(const char *perm_permissions_db_filename) {
|
||||
FILE *fp = NULL;
|
||||
|
||||
@ -66,11 +73,16 @@ void destroy_ui_socket(void) {
|
||||
* @return: access status - ALLOW, DENY or ALLOW_TEMP
|
||||
* allowed for the runtime of the process
|
||||
*/
|
||||
access_t ask_access(const char *filename, struct process_info proc_info) {
|
||||
struct dialogue_response ask_access(const char *filename,
|
||||
struct process_info proc_info) {
|
||||
FILE *fp = NULL;
|
||||
char *command = NULL;
|
||||
int ret = asprintf(&command, "zenity \"%d\" \"%s\" \"%s\" \"%s\"",
|
||||
proc_info.PID, proc_info.name, filename, get_mountpoint());
|
||||
proc_info.PID, proc_info.name, get_mountpoint(), filename);
|
||||
|
||||
struct dialogue_response response;
|
||||
response.decision = DENY;
|
||||
response.filename = NULL;
|
||||
|
||||
if (ret < 0) {
|
||||
// If asprintf fails, the contents of command are undefined (see man
|
||||
@ -79,7 +91,11 @@ access_t ask_access(const char *filename, struct process_info proc_info) {
|
||||
// justify preparing for this.
|
||||
fprintf(stderr, "Could not create query on rule insertion");
|
||||
perror("");
|
||||
return 1;
|
||||
response.decision = DENY;
|
||||
response.filename = malloc(2);
|
||||
response.filename[0] = '.';
|
||||
response.filename[1] = 0;
|
||||
return response;
|
||||
}
|
||||
|
||||
// Zenity Question Message Popup
|
||||
@ -88,18 +104,20 @@ access_t ask_access(const char *filename, struct process_info proc_info) {
|
||||
|
||||
if (fp == NULL) {
|
||||
perror("Pipe returned a error");
|
||||
return DENY;
|
||||
response.decision = DENY;
|
||||
response.filename = malloc(2);
|
||||
response.filename[0] = '.';
|
||||
response.filename[1] = 0;
|
||||
return response;
|
||||
}
|
||||
|
||||
str(char) zenity_output;
|
||||
init(&zenity_output);
|
||||
|
||||
size_t total_read = 0;
|
||||
char line[1024]; // Buffer to read individual lines
|
||||
|
||||
// Read the command output line by line
|
||||
while (fgets(line, sizeof(line), fp)) {
|
||||
size_t line_len = strlen(line);
|
||||
push_fmt(&zenity_output, line);
|
||||
}
|
||||
|
||||
@ -107,16 +125,28 @@ access_t ask_access(const char *filename, struct process_info proc_info) {
|
||||
fprintf(stderr, "zenity wrote out %s\n", first(&zenity_output));
|
||||
fprintf(stderr, "zenity returned %d\n", zenity_exit_code);
|
||||
|
||||
// if (size(&zenity_output) == 0) {
|
||||
// push(&zenity_output, '.');
|
||||
// }
|
||||
|
||||
assert(strlen(first(&zenity_output)) == size(&zenity_output));
|
||||
|
||||
response.filename = malloc(size(&zenity_output) + 1);
|
||||
strcpy(response.filename, first(&zenity_output));
|
||||
// response.filename[size(&zenity_output)] = 0;
|
||||
|
||||
// assert(0 == strcmp(response.filename, first(&zenity_output)));
|
||||
cleanup(&zenity_output);
|
||||
|
||||
if (zenity_exit_code == (ZENITY_YES | ZENITY_PERM)) {
|
||||
return ALLOW;
|
||||
}
|
||||
if (zenity_exit_code == ZENITY_YES) {
|
||||
return ALLOW_TEMP;
|
||||
response.decision = ALLOW;
|
||||
} else if (zenity_exit_code == ZENITY_YES) {
|
||||
response.decision = ALLOW_TEMP;
|
||||
} else {
|
||||
response.decision = DENY;
|
||||
}
|
||||
|
||||
return DENY;
|
||||
return response;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -136,20 +166,36 @@ int interactive_access(const char *filename, struct process_info proc_info,
|
||||
|
||||
access_t access = check_temp_access(real_path, proc_info);
|
||||
if (access == ALLOW) {
|
||||
fprintf(stderr,
|
||||
"Permission allowed to %s based on a rule present in the temp "
|
||||
"permission table.\n",
|
||||
proc_info.name);
|
||||
free(real_path);
|
||||
return 1;
|
||||
}
|
||||
if (access == DENY) {
|
||||
fprintf(stderr,
|
||||
"Permission denied to %s based on a rule present in the temp "
|
||||
"permission table.\n",
|
||||
proc_info.name);
|
||||
free(real_path);
|
||||
return 0;
|
||||
}
|
||||
|
||||
access = check_perm_access(real_path, proc_info);
|
||||
if (access == ALLOW) {
|
||||
fprintf(stderr,
|
||||
"Permission allowed to %s based on a rule present in the perm "
|
||||
"permission table.\n",
|
||||
proc_info.name);
|
||||
free(real_path);
|
||||
return 1;
|
||||
}
|
||||
if (access == DENY) {
|
||||
fprintf(stderr,
|
||||
"Permission denied to %s based on a rule present in the perm "
|
||||
"permission table.\n",
|
||||
proc_info.name);
|
||||
free(real_path);
|
||||
return 0;
|
||||
}
|
||||
@ -158,30 +204,61 @@ int interactive_access(const char *filename, struct process_info proc_info,
|
||||
// permissions are granted
|
||||
|
||||
if (opts & GRANT_PERM) {
|
||||
fprintf(stderr, "Permission granted permanently to %s.\n", proc_info.name);
|
||||
give_perm_access(real_path, proc_info);
|
||||
free(real_path);
|
||||
return 1;
|
||||
}
|
||||
if (opts & GRANT_TEMP) {
|
||||
fprintf(stderr, "Permission granted temporarily to %s.\n", proc_info.name);
|
||||
set_temp_access(real_path, proc_info, SET_ALLOW);
|
||||
free(real_path);
|
||||
return 1;
|
||||
}
|
||||
|
||||
access_t user_response = ask_access(real_path, proc_info);
|
||||
if (user_response == ALLOW) {
|
||||
struct dialogue_response response = ask_access(filename, proc_info);
|
||||
// fprintf(stderr, "%s", response.filename);
|
||||
// assert(0 != strlen(response.filename));
|
||||
|
||||
// the user might specify a different file in the dialogue, so we need to
|
||||
// check if it is valid
|
||||
|
||||
/*
|
||||
while (source_access(response.filename, F_OK)) {
|
||||
// if it is invalid, just ask again.
|
||||
fprintf(stderr, "Filename returned by zenty wasn't correct: %s\n",
|
||||
response.filename);
|
||||
free(response.filename);
|
||||
response = ask_access(filename, proc_info);
|
||||
}
|
||||
*/
|
||||
free(real_path);
|
||||
|
||||
real_path = real_filename(response.filename);
|
||||
free(response.filename);
|
||||
|
||||
if (response.decision == ALLOW) {
|
||||
fprintf(stderr,
|
||||
"Permission granted permanently to %s based on zenty response.\n",
|
||||
proc_info.name);
|
||||
give_perm_access(real_path, proc_info);
|
||||
free(real_path);
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (user_response == ALLOW_TEMP) {
|
||||
if (response.decision == ALLOW_TEMP) {
|
||||
fprintf(stderr,
|
||||
"Permission granted temporarily to %s based on zenty response.\n",
|
||||
proc_info.name);
|
||||
set_temp_access(real_path, proc_info, SET_ALLOW);
|
||||
free(real_path);
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (user_response == DENY) {
|
||||
if (response.decision == DENY) {
|
||||
fprintf(stderr,
|
||||
"Permission denied temporarily to %s based on zenty response.\n",
|
||||
proc_info.name);
|
||||
set_temp_access(real_path, proc_info, SET_DENY);
|
||||
free(real_path);
|
||||
return 0;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user