colin/NetworkManager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

auth-utils: don't fail the auth chain if we can't get a single permissions

Browse Source 
It could be that the client is just newer and it's just too harsh to
fail the whole request. Leave the unknown permission in unknown and
possibly proceed filling in the rest.
This commit is contained in:
Lubomir Rintel
2016-11-11 17:39:03 +01:00
parent f5c5565d3f
commit 00dbf6e90a
1 changed files with 5 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/nm-auth-utils.c
View File

@@ -320,6 +320,7 @@ pk_call_cb (GObject *object, GAsyncResult *result, gpointer user_data)
AuthCall *call = user_data;
GError *error = NULL;
gboolean is_authorized, is_challenge;
guint call_result = NM_AUTH_CALL_RESULT_UNKNOWN;
nm_auth_manager_polkit_authority_check_authorization_finish (NM_AUTH_MANAGER (object),
result,
@@ -336,17 +337,11 @@ pk_call_cb (GObject *object, GAsyncResult *result, gpointer user_data)
}
if (error) {
/* Don't ruin the chain. Just leave the result unknown. */
nm_log_warn (LOGD_CORE, "error requesting auth for %s: %s",
call->permission, error->message);
if (!call->chain->error) {
call->chain->error = error;
error = NULL;
} else
g_clear_error (&error);
g_clear_error (&error);
} else {
guint call_result = NM_AUTH_CALL_RESULT_UNKNOWN;
if (is_authorized) {
/* Caller has the permission */
call_result = NM_AUTH_CALL_RESULT_YES;
@@ -355,10 +350,10 @@ pk_call_cb (GObject *object, GAsyncResult *result, gpointer user_data)
call_result = NM_AUTH_CALL_RESULT_AUTH;
} else
call_result = NM_AUTH_CALL_RESULT_NO;
nm_auth_chain_set_data (call->chain, call->permission, GUINT_TO_POINTER (call_result), NULL);
}
nm_auth_chain_set_data (call->chain, call->permission, GUINT_TO_POINTER (call_result), NULL);
auth_call_complete (call);
}
#endif