mirror of
https://gitlab.freedesktop.org/NetworkManager/NetworkManager
synced 2024-10-14 20:18:39 +00:00
settings: return error from GetConnectionByUuid() if caller not in ACL
While this function only returns the path of the requested connection (the actual settings are always protected), callers that aren't in the connection's ACL still probably shouldn't get that, if only to be pedantic.
This commit is contained in:
parent
29e00fde58
commit
8ab8990938
|
@ -23,6 +23,7 @@
|
|||
Retrieve the object path of a connection, given that connection's UUID.
|
||||
</tp:docstring>
|
||||
<annotation name="org.freedesktop.DBus.GLib.CSymbol" value="impl_settings_get_connection_by_uuid"/>
|
||||
<annotation name="org.freedesktop.DBus.GLib.Async" value=""/>
|
||||
<arg name="uuid" type="s" direction="in">
|
||||
<tp:docstring>
|
||||
The UUID to find the connection object path for.
|
||||
|
|
|
@ -91,10 +91,10 @@ static gboolean impl_settings_list_connections (NMSettings *self,
|
|||
GPtrArray **connections,
|
||||
GError **error);
|
||||
|
||||
static gboolean impl_settings_get_connection_by_uuid (NMSettings *self,
|
||||
const char *uuid,
|
||||
char **out_object_path,
|
||||
GError **error);
|
||||
static void impl_settings_get_connection_by_uuid (NMSettings *self,
|
||||
const char *uuid,
|
||||
char **out_object_path,
|
||||
DBusGMethodInvocation *context);
|
||||
|
||||
static void impl_settings_add_connection (NMSettings *self,
|
||||
GHashTable *settings,
|
||||
|
@ -268,25 +268,53 @@ nm_settings_get_connection_by_uuid (NMSettings *self, const char *uuid)
|
|||
return NULL;
|
||||
}
|
||||
|
||||
static gboolean
|
||||
static void
|
||||
impl_settings_get_connection_by_uuid (NMSettings *self,
|
||||
const char *uuid,
|
||||
char **out_object_path,
|
||||
GError **error)
|
||||
DBusGMethodInvocation *context)
|
||||
{
|
||||
NMSettingsConnection *connection = NULL;
|
||||
NMAuthSubject *subject;
|
||||
GError *error = NULL;
|
||||
char *error_desc = NULL;
|
||||
|
||||
connection = nm_settings_get_connection_by_uuid (self, uuid);
|
||||
if (connection)
|
||||
*out_object_path = g_strdup (nm_connection_get_path (NM_CONNECTION (connection)));
|
||||
else {
|
||||
g_set_error_literal (error,
|
||||
NM_SETTINGS_ERROR,
|
||||
NM_SETTINGS_ERROR_INVALID_CONNECTION,
|
||||
"No connection with the UUID was found.");
|
||||
if (!connection) {
|
||||
error = g_error_new_literal (NM_SETTINGS_ERROR,
|
||||
NM_SETTINGS_ERROR_INVALID_CONNECTION,
|
||||
"No connection with the UUID was found.");
|
||||
goto error;
|
||||
}
|
||||
|
||||
return !!connection;
|
||||
subject = nm_auth_subject_new_from_context (context);
|
||||
if (!subject) {
|
||||
error = g_error_new_literal (NM_SETTINGS_ERROR,
|
||||
NM_SETTINGS_ERROR_PERMISSION_DENIED,
|
||||
"Unable to determine UID of request.");
|
||||
goto error;
|
||||
}
|
||||
|
||||
if (!nm_auth_uid_in_acl (NM_CONNECTION (connection),
|
||||
nm_session_monitor_get (),
|
||||
nm_auth_subject_get_uid (subject),
|
||||
&error_desc)) {
|
||||
error = g_error_new_literal (NM_SETTINGS_ERROR,
|
||||
NM_SETTINGS_ERROR_PERMISSION_DENIED,
|
||||
error_desc);
|
||||
g_free (error_desc);
|
||||
goto error;
|
||||
}
|
||||
|
||||
g_clear_object (&subject);
|
||||
dbus_g_method_return (context, nm_connection_get_path (NM_CONNECTION (connection)));
|
||||
return;
|
||||
|
||||
error:
|
||||
g_assert (error);
|
||||
dbus_g_method_return_error (context, error);
|
||||
g_error_free (error);
|
||||
g_clear_object (&subject);
|
||||
}
|
||||
|
||||
static int
|
||||
|
|
Loading…
Reference in a new issue