PolicyKit Library Reference Manual | ||||
---|---|---|---|---|
Top | Description |
Synopsis
PolKitAuthorization; PolKitAuthorization * polkit_authorization_ref (PolKitAuthorization *auth); void polkit_authorization_unref (PolKitAuthorization *auth); void polkit_authorization_debug (PolKitAuthorization *auth); polkit_bool_t polkit_authorization_validate (PolKitAuthorization *auth); enum PolKitAuthorizationScope; enum PolKitAuthorizationType; PolKitAuthorizationType polkit_authorization_type (PolKitAuthorization *auth); const char * polkit_authorization_get_action_id (PolKitAuthorization *auth); uid_t polkit_authorization_get_uid (PolKitAuthorization *auth); time_t polkit_authorization_get_time_of_grant (PolKitAuthorization *auth); PolKitAuthorizationScope polkit_authorization_get_scope (PolKitAuthorization *auth); polkit_bool_t polkit_authorization_scope_process_get_pid (PolKitAuthorization *auth, pid_t *out_pid, polkit_uint64_t *out_pid_start_time); const char * polkit_authorization_scope_session_get_ck_objref (PolKitAuthorization *auth); polkit_bool_t polkit_authorization_was_granted_via_defaults (PolKitAuthorization *auth, uid_t *out_user_authenticated_as); polkit_bool_t polkit_authorization_was_granted_explicitly (PolKitAuthorization *auth, uid_t *out_by_whom, polkit_bool_t *out_is_negative); polkit_bool_t (*PolKitAuthorizationConstraintsForeachFunc) (PolKitAuthorization *auth, PolKitAuthorizationConstraint *authc, void *user_data); polkit_bool_t polkit_authorization_constraints_foreach (PolKitAuthorization *auth, PolKitAuthorizationConstraintsForeachFunc cb, void *user_data);
Details
PolKitAuthorization
typedef struct _PolKitAuthorization PolKitAuthorization;
Objects of this class are used to represent entries in the authorization database.
Since 0.7
polkit_authorization_ref ()
PolKitAuthorization * polkit_authorization_ref (PolKitAuthorization *auth);
Increase reference count.
|
the authorization object |
Returns : |
the object |
Since 0.7
polkit_authorization_unref ()
void polkit_authorization_unref (PolKitAuthorization *auth);
Decreases the reference count of the object. If it becomes zero, the object is freed. Before freeing, reference counts on embedded objects are decresed by one.
|
the authorization object |
Since 0.7
polkit_authorization_debug ()
void polkit_authorization_debug (PolKitAuthorization *auth);
Print debug details
|
the object |
Since 0.7
polkit_authorization_validate ()
polkit_bool_t polkit_authorization_validate (PolKitAuthorization *auth);
Validate the object
|
the object |
Returns : |
TRUE iff the object is valid. |
Since 0.7
enum PolKitAuthorizationScope
typedef enum { POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT, POLKIT_AUTHORIZATION_SCOPE_PROCESS, POLKIT_AUTHORIZATION_SCOPE_SESSION, POLKIT_AUTHORIZATION_SCOPE_ALWAYS, } PolKitAuthorizationScope;
The scope of an authorization; e.g. whether it's limited to a process, a session or unlimited.
The authorization is limited for a single shot for a single process on the system | |
The authorization is limited for a single process on the system | |
The authorization is limited for processes originating from a given session | |
The authorization is retained indefinitely. |
Since 0.7
enum PolKitAuthorizationType
typedef enum { POLKIT_AUTHORIZATION_TYPE_UID, } PolKitAuthorizationType;
The type of authorization; e.g. whether it applies to a user, group, security context and so on (right now only users are supported).
Since 0.7
polkit_authorization_type ()
PolKitAuthorizationType polkit_authorization_type (PolKitAuthorization *auth);
Determine the type of authorization.
|
the authorization object |
Returns : |
the authorization type |
Since 0.7
polkit_authorization_get_action_id ()
const char * polkit_authorization_get_action_id (PolKitAuthorization *auth);
Get the action this authorization is for
|
the object |
Returns : |
the action id. Caller should not free this string. |
Since 0.7
polkit_authorization_get_uid ()
uid_t polkit_authorization_get_uid (PolKitAuthorization *auth);
Gets the UNIX user id for the user the authorization is confined to.
|
the object |
Returns : |
The UNIX user id for whom the authorization is confied to |
Since 0.7
polkit_authorization_get_time_of_grant ()
time_t polkit_authorization_get_time_of_grant (PolKitAuthorization *auth);
Returns the point in time the authorization was granted. The value is UNIX time, e.g. number of seconds since the Epoch Jan 1, 1970 0:00 UTC.
|
the object |
Returns : |
When authorization was granted |
Since 0.7
polkit_authorization_get_scope ()
PolKitAuthorizationScope polkit_authorization_get_scope (PolKitAuthorization *auth);
Get the scope of the authorization; e.g. whether it's confined to a
single process, a single session or can be retained
indefinitely. Also keep in mind that an authorization is subject to
constraints, see polkit_authorization_constraints_foreach()
for
details.
|
the object |
Returns : |
the scope |
Since 0.7
polkit_authorization_scope_process_get_pid ()
polkit_bool_t polkit_authorization_scope_process_get_pid (PolKitAuthorization *auth, pid_t *out_pid, polkit_uint64_t *out_pid_start_time);
If scope is POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT or POLKIT_AUTHORIZATION_SCOPE_PROCESS, get information about what process the authorization is confined to.
As process identifiers can be recycled, the start time of the process (the unit is not well-defined; on Linux it's the number of milliseconds since the system was started) is also returned.
|
the object |
|
return location |
|
return location |
Returns : |
TRUE if information was returned |
Since 0.7
polkit_authorization_scope_session_get_ck_objref ()
const char * polkit_authorization_scope_session_get_ck_objref (PolKitAuthorization *auth);
Gets the ConsoleKit object path for the session the authorization is confined to.
|
the object |
Returns : |
NULL if scope wasn't session |
Since 0.7
polkit_authorization_was_granted_via_defaults ()
polkit_bool_t polkit_authorization_was_granted_via_defaults (PolKitAuthorization *auth, uid_t *out_user_authenticated_as);
Determine if the authorization was obtained by the user by
authenticating as himself or an administrator via the the
"defaults" section in the .policy
file for the
action (e.g. "allow_any", "allow_inactive", "allow_active").
Compare with polkit_authorization_was_granted_explicitly()
- only
one of these functions can return TRUE.
|
the object |
|
return location |
Returns : |
TRUE if the authorization was obtained by the user himself authenticating. |
Since 0.7
polkit_authorization_was_granted_explicitly ()
polkit_bool_t polkit_authorization_was_granted_explicitly (PolKitAuthorization *auth, uid_t *out_by_whom, polkit_bool_t *out_is_negative);
Determine if the authorization was explicitly granted by a sufficiently privileged user.
Compare with polkit_authorization_was_granted_via_defaults()
- only
one of these functions can return TRUE.
|
the object |
|
return location |
|
return location |
Returns : |
TRUE if the authorization was explicitly granted by a
sufficiently privileger user. If TRUE , the user who granted the
authorization is returned in out_by_whom . If the authorization is
negative, TRUE is returned in out_is_negative .
|
Since 0.7
PolKitAuthorizationConstraintsForeachFunc ()
polkit_bool_t (*PolKitAuthorizationConstraintsForeachFunc) (PolKitAuthorization *auth, PolKitAuthorizationConstraint *authc, void *user_data);
Callback function for polkit_authorization_constraints_foreach()
.
|
authorization |
|
authorization constraint |
|
user data |
Returns : |
Pass TRUE to short-circuit, e.g. stop the iteration |
polkit_authorization_constraints_foreach ()
polkit_bool_t polkit_authorization_constraints_foreach (PolKitAuthorization *auth, PolKitAuthorizationConstraintsForeachFunc cb, void *user_data);
Iterate over all constraints associated with an authorization.
|
the object |
|
callback function |
|
user data |
Returns : |
TRUE if the caller short-circuited the iteration.
|
Since 0.7