From b51b3bae25cd94d78e5ed285b6125e92de686a5a Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Sat, 6 Jun 2015 17:17:11 -0400 Subject: [PATCH 1/2] authority: Add a helper method for checking whether an identity is root We had lots of copies of this. --- src/polkitbackend/polkitbackendinteractiveauthority.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c index c9e10d8..85ccb4c 100644 --- a/src/polkitbackend/polkitbackendinteractiveauthority.c +++ b/src/polkitbackend/polkitbackendinteractiveauthority.c @@ -224,6 +224,14 @@ G_DEFINE_TYPE (PolkitBackendInteractiveAuthority, #define POLKIT_BACKEND_INTERACTIVE_AUTHORITY_GET_PRIVATE(o) (G_TYPE_INSTANCE_GET_PRIVATE ((o), POLKIT_BACKEND_TYPE_INTERACTIVE_AUTHORITY, PolkitBackendInteractiveAuthorityPrivate)) +gboolean +identity_is_root_user (PolkitIdentity *user) +{ + if (!POLKIT_IS_UNIX_USER (user)) + return FALSE; + return polkit_unix_user_get_uid (POLKIT_UNIX_USER (user)) == 0; +} + /* ---------------------------------------------------------------------------------------------------- */ static void @@ -764,7 +772,7 @@ may_identity_check_authorization (PolkitBackendInteractiveAuthority *interacti guint n; /* uid 0 may check anything */ - if (POLKIT_IS_UNIX_USER (identity) && polkit_unix_user_get_uid (POLKIT_UNIX_USER (identity)) == 0) + if (identity_is_root_user (identity)) { ret = TRUE; goto out; @@ -1092,7 +1100,7 @@ check_authorization_sync (PolkitBackendAuthority *authority, goto out; /* special case: uid 0, root, is _always_ authorized for anything */ - if (POLKIT_IS_UNIX_USER (user_of_subject) && polkit_unix_user_get_uid (POLKIT_UNIX_USER (user_of_subject)) == 0) + if (identity_is_root_user (user_of_subject)) { result = polkit_authorization_result_new (TRUE, FALSE, NULL); goto out; @@ -2447,7 +2455,7 @@ polkit_backend_interactive_authority_register_authentication_agent (PolkitBacken } if (!polkit_identity_equal (user_of_caller, user_of_subject)) { - if (POLKIT_IS_UNIX_USER (user_of_caller) && polkit_unix_user_get_uid (POLKIT_UNIX_USER (user_of_caller)) == 0) + if (identity_is_root_user (user_of_caller)) { /* explicitly allow uid 0 to register for other users */ } @@ -2603,7 +2611,7 @@ polkit_backend_interactive_authority_unregister_authentication_agent (PolkitBack } if (!polkit_identity_equal (user_of_caller, user_of_subject)) { - if (POLKIT_IS_UNIX_USER (user_of_caller) && polkit_unix_user_get_uid (POLKIT_UNIX_USER (user_of_caller)) == 0) + if (identity_is_root_user (user_of_caller)) { /* explicitly allow uid 0 to register for other users */ } -- 1.8.3.1