diff options
Diffstat (limited to 'sway/commands/permit.c')
| -rw-r--r-- | sway/commands/permit.c | 94 |
1 files changed, 94 insertions, 0 deletions
diff --git a/sway/commands/permit.c b/sway/commands/permit.c new file mode 100644 index 00000000..7a25e4ce --- /dev/null +++ b/sway/commands/permit.c | |||
| @@ -0,0 +1,94 @@ | |||
| 1 | #include <string.h> | ||
| 2 | #include "sway/commands.h" | ||
| 3 | #include "sway/config.h" | ||
| 4 | #include "sway/security.h" | ||
| 5 | #include "log.h" | ||
| 6 | |||
| 7 | static enum secure_feature get_features(int argc, char **argv, | ||
| 8 | struct cmd_results **error) { | ||
| 9 | enum secure_feature features = 0; | ||
| 10 | |||
| 11 | struct { | ||
| 12 | char *name; | ||
| 13 | enum secure_feature feature; | ||
| 14 | } feature_names[] = { | ||
| 15 | { "lock", FEATURE_LOCK }, | ||
| 16 | { "panel", FEATURE_PANEL }, | ||
| 17 | { "background", FEATURE_BACKGROUND }, | ||
| 18 | { "screenshot", FEATURE_SCREENSHOT }, | ||
| 19 | { "fullscreen", FEATURE_FULLSCREEN }, | ||
| 20 | { "keyboard", FEATURE_KEYBOARD }, | ||
| 21 | { "mouse", FEATURE_MOUSE }, | ||
| 22 | { "ipc", FEATURE_IPC }, | ||
| 23 | }; | ||
| 24 | |||
| 25 | for (int i = 1; i < argc; ++i) { | ||
| 26 | size_t j; | ||
| 27 | for (j = 0; j < sizeof(feature_names) / sizeof(feature_names[0]); ++j) { | ||
| 28 | if (strcmp(feature_names[j].name, argv[i]) == 0) { | ||
| 29 | break; | ||
| 30 | } | ||
| 31 | } | ||
| 32 | if (j == sizeof(feature_names) / sizeof(feature_names[0])) { | ||
| 33 | *error = cmd_results_new(CMD_INVALID, | ||
| 34 | "permit", "Invalid feature grant %s", argv[i]); | ||
| 35 | return 0; | ||
| 36 | } | ||
| 37 | features |= feature_names[j].feature; | ||
| 38 | } | ||
| 39 | return features; | ||
| 40 | } | ||
| 41 | |||
| 42 | static struct feature_policy *get_policy(const char *name) { | ||
| 43 | struct feature_policy *policy = NULL; | ||
| 44 | for (int i = 0; i < config->feature_policies->length; ++i) { | ||
| 45 | struct feature_policy *p = config->feature_policies->items[i]; | ||
| 46 | if (strcmp(p->program, name) == 0) { | ||
| 47 | policy = p; | ||
| 48 | break; | ||
| 49 | } | ||
| 50 | } | ||
| 51 | if (!policy) { | ||
| 52 | policy = alloc_feature_policy(name); | ||
| 53 | list_add(config->feature_policies, policy); | ||
| 54 | } | ||
| 55 | return policy; | ||
| 56 | } | ||
| 57 | |||
| 58 | struct cmd_results *cmd_permit(int argc, char **argv) { | ||
| 59 | struct cmd_results *error = NULL; | ||
| 60 | if ((error = checkarg(argc, "permit", EXPECTED_MORE_THAN, 1))) { | ||
| 61 | return error; | ||
| 62 | } | ||
| 63 | |||
| 64 | struct feature_policy *policy = get_policy(argv[0]); | ||
| 65 | policy->features |= get_features(argc, argv, &error); | ||
| 66 | |||
| 67 | if (error) { | ||
| 68 | return error; | ||
| 69 | } | ||
| 70 | |||
| 71 | sway_log(L_DEBUG, "Permissions granted to %s for features %d", | ||
| 72 | policy->program, policy->features); | ||
| 73 | |||
| 74 | return cmd_results_new(CMD_SUCCESS, NULL, NULL); | ||
| 75 | } | ||
| 76 | |||
| 77 | struct cmd_results *cmd_reject(int argc, char **argv) { | ||
| 78 | struct cmd_results *error = NULL; | ||
| 79 | if ((error = checkarg(argc, "reject", EXPECTED_MORE_THAN, 1))) { | ||
| 80 | return error; | ||
| 81 | } | ||
| 82 | |||
| 83 | struct feature_policy *policy = get_policy(argv[0]); | ||
| 84 | policy->features &= ~get_features(argc, argv, &error); | ||
| 85 | |||
| 86 | if (error) { | ||
| 87 | return error; | ||
| 88 | } | ||
| 89 | |||
| 90 | sway_log(L_DEBUG, "Permissions granted to %s for features %d", | ||
| 91 | policy->program, policy->features); | ||
| 92 | |||
| 93 | return cmd_results_new(CMD_SUCCESS, NULL, NULL); | ||
| 94 | } | ||