system-helper: Handle installing bundles

2016-06-03 16:01:10 +02:00 · 2016-06-03 16:01:10 +02:00 · e769af8661
parent 1eeaecf0a3
commit e769af8661
4 changed files with 127 additions and 11 deletions
--- a/common/flatpak-dir.c
+++ b/common/flatpak-dir.c
@ -104,6 +104,17 @@ enum {
 #define OSTREE_GIO_FAST_QUERYINFO ("standard::name,standard::type,standard::size,standard::is-symlink,standard::symlink-target," \
                                   "unix::device,unix::inode,unix::mode,unix::uid,unix::gid,unix::rdev")

+static GVariant *
+variant_new_ay_bytes (GBytes *bytes)
+{
+  gsize size;
+  gconstpointer data;
+  data = g_bytes_get_data (bytes, &size);
+  g_bytes_ref (bytes);
+  return g_variant_ref_sink (g_variant_new_from_data (G_VARIANT_TYPE ("ay"), data, size,
+                                                      TRUE, (GDestroyNotify)g_bytes_unref, bytes));
+}
+
 static void
 flatpak_deploy_finalize (GObject *object)
 {
@ -3112,6 +3123,33 @@ flatpak_dir_install_bundle (FlatpakDir          *self,
  g_autofree char *remote = NULL;
  gboolean ret = FALSE;

+  if (flatpak_dir_use_system_helper (self))
+    {
+      FlatpakSystemHelper *system_helper;
+      g_autoptr(GVariant) gpg_data_v = NULL;
+
+      system_helper = flatpak_dir_get_system_helper (self);
+      g_assert (system_helper != NULL);
+
+      if (gpg_data != NULL)
+        gpg_data_v = variant_new_ay_bytes (gpg_data);
+      else
+        gpg_data_v = g_variant_ref_sink (g_variant_new_from_data (G_VARIANT_TYPE ("ay"), "", 0, TRUE, NULL, NULL));
+
+      if (!flatpak_system_helper_call_install_bundle_sync (system_helper,
+                                                           gs_file_get_path_cached (file),
+                                                           0, gpg_data_v,
+                                                           &ref,
+                                                           cancellable,
+                                                           error))
+        return FALSE;
+
+      if (out_ref)
+        *out_ref = g_steal_pointer (&ref);
+
+      return TRUE;
+    }
+
  metadata = flatpak_bundle_load (file, &to_checksum,
                                  &ref,
                                  &origin,
@ -4625,17 +4663,6 @@ flatpak_dir_remove_remote (FlatpakDir   *self,
  return TRUE;
 }

-static GVariant *
-variant_new_ay_bytes (GBytes *bytes)
-{
-  gsize size;
-  gconstpointer data;
-  data = g_bytes_get_data (bytes, &size);
-  g_bytes_ref (bytes);
-  return g_variant_ref_sink (g_variant_new_from_data (G_VARIANT_TYPE ("ay"), data, size,
-                                                      TRUE, (GDestroyNotify)g_bytes_unref, bytes));
-}
-
 gboolean
 flatpak_dir_modify_remote (FlatpakDir   *self,
                           const char   *remote_name,
--- a/data/org.freedesktop.Flatpak.xml
+++ b/data/org.freedesktop.Flatpak.xml
@ -51,6 +51,15 @@
      <arg type='s' name='ref' direction='in'/>
    </method>

+    <method name="InstallBundle">
+      <arg type='ay' name='bundle_path' direction='in'/>
+      <arg type='u' name='flags' direction='in'/>
+      <arg type='ay' name='gpg_key' direction='in'>
+        <annotation name="org.gtk.GDBus.C.ForceGVariant" value="true"/>
+      </arg>
+      <arg type='s' name='ref' direction='out'/>
+    </method>
+
    <method name="ConfigureRemote">
      <arg type='u' name='flags' direction='in'/>
      <arg type='s' name='remote' direction='in'/>
--- a/system-helper/flatpak-system-helper.c
+++ b/system-helper/flatpak-system-helper.c
@ -386,6 +386,50 @@ handle_uninstall (FlatpakSystemHelper *object,
  return TRUE;
 }

+static gboolean
+handle_install_bundle (FlatpakSystemHelper   *object,
+                       GDBusMethodInvocation *invocation,
+                       const gchar           *arg_bundle_path,
+                       guint32                arg_flags,
+                       GVariant              *arg_gpg_key)
+{
+  g_autoptr(FlatpakDir) system = dir_get_system ();
+  g_autoptr(GFile) path = g_file_new_for_path (arg_bundle_path);
+  g_autoptr(GError) error = NULL;
+  g_autoptr(GBytes) gpg_data = NULL;
+  g_autofree char *ref = NULL;
+
+  g_debug ("InstallBundle %s %u %p", arg_bundle_path, arg_flags, arg_gpg_key);
+
+  if (arg_flags != 0)
+    {
+      g_dbus_method_invocation_return_error (invocation, G_DBUS_ERROR, G_DBUS_ERROR_INVALID_ARGS,
+                                             "Unsupported flags enabled: 0x%x", arg_flags);
+      return TRUE;
+    }
+
+  if (!g_file_query_exists (path, NULL))
+    {
+      g_dbus_method_invocation_return_error (invocation, G_IO_ERROR, G_IO_ERROR_NOT_FOUND,
+                                             "Bundle %s does not exist", arg_bundle_path);
+      return TRUE;
+    }
+
+  if (g_variant_get_size (arg_gpg_key) > 0)
+    gpg_data = g_variant_get_data_as_bytes (arg_gpg_key);
+
+  if (!flatpak_dir_install_bundle (system, path, gpg_data, &ref, NULL, &error))
+    {
+      g_dbus_method_invocation_return_gerror  (invocation, error);
+      return TRUE;
+    }
+
+  flatpak_system_helper_complete_install_bundle (object, invocation, ref);
+
+  return TRUE;
+}
+
+
 static gboolean
 handle_configure_remote (FlatpakSystemHelper *object,
                         GDBusMethodInvocation *invocation,
@ -559,6 +603,30 @@ flatpak_authorize_method_handler (GDBusInterfaceSkeleton *interface,
      polkit_details_insert (details, "origin", origin);
      polkit_details_insert (details, "arch", arch);

+      result = polkit_authority_check_authorization_sync (authority, subject,
+                                                          action, details,
+                                                          POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION,
+                                                          NULL, &error);
+      if (result == NULL)
+        {
+          g_dbus_method_invocation_return_error (invocation, G_DBUS_ERROR, G_DBUS_ERROR_FAILED,
+                                                 "Authorization error: %s", error->message);
+          return FALSE;
+        }
+
+      authorized = polkit_authorization_result_get_is_authorized (result);
+    }
+  else if (g_strcmp0 (method_name, "InstallBundle") == 0)
+    {
+      const char *path;
+
+      g_variant_get_child (parameters, 0, "^ay", &path);
+
+      action = "org.freedesktop.Flatpak.install-bundle";
+
+      details = polkit_details_new ();
+      polkit_details_insert (details, "path", path);
+
      result = polkit_authority_check_authorization_sync (authority, subject,
                                                          action, details,
                                                          POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION,
@ -656,6 +724,7 @@ on_bus_acquired (GDBusConnection *connection,
  g_signal_connect (helper, "handle-deploy", G_CALLBACK (handle_deploy), NULL);
  g_signal_connect (helper, "handle-deploy-appstream", G_CALLBACK (handle_deploy_appstream), NULL);
  g_signal_connect (helper, "handle-uninstall", G_CALLBACK (handle_uninstall), NULL);
+  g_signal_connect (helper, "handle-install-bundle", G_CALLBACK (handle_install_bundle), NULL);
  g_signal_connect (helper, "handle-configure-remote", G_CALLBACK (handle_configure_remote), NULL);

  g_signal_connect (helper, "g-authorize-method",
--- a/system-helper/org.freedesktop.Flatpak.policy.in
+++ b/system-helper/org.freedesktop.Flatpak.policy.in
@ -83,6 +83,17 @@
    </defaults>
  </action>

+  <action id="org.freedesktop.Flatpak.install-bundle">
+    <_description>Install bundle</_description>
+    <_message>Authentication is install software</_message>
+    <icon_name>package-x-generic</icon_name>
+    <defaults>
+      <allow_any>auth_admin</allow_any>
+      <allow_inactive>auth_admin</allow_inactive>
+      <allow_active>auth_admin_keep</allow_active>
+    </defaults>
+  </action>
+
  <action id="org.freedesktop.Flatpak.runtime-uninstall">
    <_description>Uninstall runtime</_description>
    <_message>Authentication is required to uninstall software</_message>