1 files changed, 108 insertions, 0 deletions
diff --git a/sway/old/commands/permit.c b/sway/old/commands/permit.c
new file mode 100644
index 00000000..7a5e06f7
--- /dev/null
+++ b/sway/old/commands/permit.c
@@ -0,0 +1,108 @@
+#define _XOPEN_SOURCE 500
+#include <string.h>
+#include "sway/commands.h"
+#include "sway/config.h"
+#include "sway/security.h"
+#include "util.h"
+#include "log.h"
+static enum secure_feature get_features(int argc, char **argv,
+                struct cmd_results **error) {
+        enum secure_feature features = 0;
+        struct {
+                char *name;
+                enum secure_feature feature;
+        } feature_names[] = {
+                { "lock", FEATURE_LOCK },
+                { "panel", FEATURE_PANEL },
+                { "background", FEATURE_BACKGROUND },
+                { "screenshot", FEATURE_SCREENSHOT },
+                { "fullscreen", FEATURE_FULLSCREEN },
+                { "keyboard", FEATURE_KEYBOARD },
+                { "mouse", FEATURE_MOUSE },
+        };
+        for (int i = 1; i < argc; ++i) {
+                size_t j;
+                for (j = 0; j < sizeof(feature_names) / sizeof(feature_names[0]); ++j) {
+                        if (strcmp(feature_names[j].name, argv[i]) == 0) {
+                                break;
+                        }
+                }
+                if (j == sizeof(feature_names) / sizeof(feature_names[0])) {
+                        *error = cmd_results_new(CMD_INVALID,
+                                        "permit", "Invalid feature grant %s", argv[i]);
+                        return 0;
+                }
+                features |= feature_names[j].feature;
+        }
+        return features;
+}
+struct cmd_results *cmd_permit(int argc, char **argv) {
+        struct cmd_results *error = NULL;
+        if ((error = checkarg(argc, "permit", EXPECTED_MORE_THAN, 1))) {
+                return error;
+        }
+        if ((error = check_security_config())) {
+                return error;
+        }
+        bool assign_perms = true;
+        char *program = NULL;
+        if (!strcmp(argv[0], "*")) {
+                program = strdup(argv[0]);
+        } else {
+                program = resolve_path(argv[0]);
+        }
+        if (!program) {
+                sway_assert(program, "Unable to resolve IPC permit target '%s'."
+                        " will issue empty policy", argv[0]);
+                assign_perms = false;
+                program = strdup(argv[0]);
+        }
+        struct feature_policy *policy = get_feature_policy(program);
+        if (policy && assign_perms) {
+                policy->features |= get_features(argc, argv, &error);
+                sway_log(L_DEBUG, "Permissions granted to %s for features %d",
+                                policy->program, policy->features);
+        }
+        free(program);
+        return cmd_results_new(CMD_SUCCESS, NULL, NULL);
+}
+struct cmd_results *cmd_reject(int argc, char **argv) {
+        struct cmd_results *error = NULL;
+        if ((error = checkarg(argc, "reject", EXPECTED_MORE_THAN, 1))) {
+                return error;
+        }
+        if ((error = check_security_config())) {
+                return error;
+        }
+        char *program = NULL;
+        if (!strcmp(argv[0], "*")) {
+                program = strdup(argv[0]);
+        } else {
+                program = resolve_path(argv[0]);
+        }
+        if (!program) {
+                // Punt
+                sway_log(L_INFO, "Unable to resolve IPC reject target '%s'."
+                        " Will use provided path", argv[0]);
+                program = strdup(argv[0]);
+        }
+        struct feature_policy *policy = get_feature_policy(program);
+        policy->features &= ~get_features(argc, argv, &error);
+        sway_log(L_DEBUG, "Permissions granted to %s for features %d",
+                        policy->program, policy->features);
+        free(program);
+        return cmd_results_new(CMD_SUCCESS, NULL, NULL);
+}

diff --git a/sway/old/commands/permit.c b/sway/old/commands/permit.c new file mode 100644 index 00000000..7a5e06f7 --- /dev/null +++ b/sway/old/commands/permit.c
@@ -0,0 +1,108 @@
	1	#define _XOPEN_SOURCE 500
	2	#include <string.h>
	3	#include "sway/commands.h"
	4	#include "sway/config.h"
	5	#include "sway/security.h"
	6	#include "util.h"
	7	#include "log.h"
	8
	9	static enum secure_feature get_features(int argc, char **argv,
	10	struct cmd_results **error) {
	11	enum secure_feature features = 0;
	12
	13	struct {
	14	char *name;
	15	enum secure_feature feature;
	16	} feature_names[] = {
	17	{ "lock", FEATURE_LOCK },
	18	{ "panel", FEATURE_PANEL },
	19	{ "background", FEATURE_BACKGROUND },
	20	{ "screenshot", FEATURE_SCREENSHOT },
	21	{ "fullscreen", FEATURE_FULLSCREEN },
	22	{ "keyboard", FEATURE_KEYBOARD },
	23	{ "mouse", FEATURE_MOUSE },
	24	};
	25
	26	for (int i = 1; i < argc; ++i) {
	27	size_t j;
	28	for (j = 0; j < sizeof(feature_names) / sizeof(feature_names[0]); ++j) {
	29	if (strcmp(feature_names[j].name, argv[i]) == 0) {
	30	break;
	31	}
	32	}
	33	if (j == sizeof(feature_names) / sizeof(feature_names[0])) {
	34	*error = cmd_results_new(CMD_INVALID,
	35	"permit", "Invalid feature grant %s", argv[i]);
	36	return 0;
	37	}
	38	features \|= feature_names[j].feature;
	39	}
	40	return features;
	41	}
	42
	43	struct cmd_results cmd_permit(int argc, char *argv) {
	44	struct cmd_results *error = NULL;
	45	if ((error = checkarg(argc, "permit", EXPECTED_MORE_THAN, 1))) {
	46	return error;
	47	}
	48	if ((error = check_security_config())) {
	49	return error;
	50	}
	51
	52	bool assign_perms = true;
	53	char *program = NULL;
	54
	55	if (!strcmp(argv[0], "*")) {
	56	program = strdup(argv[0]);
	57	} else {
	58	program = resolve_path(argv[0]);
	59	}
	60	if (!program) {
	61	sway_assert(program, "Unable to resolve IPC permit target '%s'."
	62	" will issue empty policy", argv[0]);
	63	assign_perms = false;
	64	program = strdup(argv[0]);
	65	}
	66
	67	struct feature_policy *policy = get_feature_policy(program);
	68	if (policy && assign_perms) {
	69	policy->features \|= get_features(argc, argv, &error);
	70	sway_log(L_DEBUG, "Permissions granted to %s for features %d",
	71	policy->program, policy->features);
	72	}
	73
	74	free(program);
	75	return cmd_results_new(CMD_SUCCESS, NULL, NULL);
	76	}
	77
	78	struct cmd_results cmd_reject(int argc, char *argv) {
	79	struct cmd_results *error = NULL;
	80	if ((error = checkarg(argc, "reject", EXPECTED_MORE_THAN, 1))) {
	81	return error;
	82	}
	83	if ((error = check_security_config())) {
	84	return error;
	85	}
	86
	87	char *program = NULL;
	88	if (!strcmp(argv[0], "*")) {
	89	program = strdup(argv[0]);
	90	} else {
	91	program = resolve_path(argv[0]);
	92	}
	93	if (!program) {
	94	// Punt
	95	sway_log(L_INFO, "Unable to resolve IPC reject target '%s'."
	96	" Will use provided path", argv[0]);
	97	program = strdup(argv[0]);
	98	}
	99
	100	struct feature_policy *policy = get_feature_policy(program);
	101	policy->features &= ~get_features(argc, argv, &error);
	102
	103	sway_log(L_DEBUG, "Permissions granted to %s for features %d",
	104	policy->program, policy->features);
	105
	106	free(program);
	107	return cmd_results_new(CMD_SUCCESS, NULL, NULL);
	108	}