 |
 |
 |
PolicyKit Library Reference Manual |  |
|---|---|---|---|---|
| Top | Description | ||||
Synopsis
PolKitAuthorization;
PolKitAuthorization * polkit_authorization_ref (PolKitAuthorization *auth);
void polkit_authorization_unref (PolKitAuthorization *auth);
void polkit_authorization_debug (PolKitAuthorization *auth);
polkit_bool_t polkit_authorization_validate (PolKitAuthorization *auth);
enum PolKitAuthorizationScope;
enum PolKitAuthorizationType;
PolKitAuthorizationType polkit_authorization_type (PolKitAuthorization *auth);
const char * polkit_authorization_get_action_id (PolKitAuthorization *auth);
uid_t polkit_authorization_get_uid (PolKitAuthorization *auth);
time_t polkit_authorization_get_time_of_grant
(PolKitAuthorization *auth);
PolKitAuthorizationScope polkit_authorization_get_scope
(PolKitAuthorization *auth);
polkit_bool_t polkit_authorization_scope_process_get_pid
(PolKitAuthorization *auth,
pid_t *out_pid,
polkit_uint64_t *out_pid_start_time);
const char * polkit_authorization_scope_session_get_ck_objref
(PolKitAuthorization *auth);
polkit_bool_t polkit_authorization_was_granted_via_defaults
(PolKitAuthorization *auth,
uid_t *out_user_authenticated_as);
polkit_bool_t polkit_authorization_was_granted_explicitly
(PolKitAuthorization *auth,
uid_t *out_by_whom,
polkit_bool_t *out_is_negative);
polkit_bool_t (*PolKitAuthorizationConstraintsForeachFunc)
(PolKitAuthorization *auth,
PolKitAuthorizationConstraint *authc,
void *user_data);
polkit_bool_t polkit_authorization_constraints_foreach
(PolKitAuthorization *auth,
PolKitAuthorizationConstraintsForeachFunc cb,
void *user_data);
Details
PolKitAuthorization
typedef struct _PolKitAuthorization PolKitAuthorization;
Objects of this class are used to represent entries in the authorization database.
Since 0.7
polkit_authorization_ref ()
PolKitAuthorization * polkit_authorization_ref (PolKitAuthorization *auth);
Increase reference count.
|
the authorization object |
Returns : |
the object |
Since 0.7
polkit_authorization_unref ()
void polkit_authorization_unref (PolKitAuthorization *auth);
Decreases the reference count of the object. If it becomes zero, the object is freed. Before freeing, reference counts on embedded objects are decresed by one.
|
the authorization object |
Since 0.7
polkit_authorization_debug ()
void polkit_authorization_debug (PolKitAuthorization *auth);
Print debug details
|
the object |
Since 0.7
polkit_authorization_validate ()
polkit_bool_t polkit_authorization_validate (PolKitAuthorization *auth);
Validate the object
|
the object |
Returns : |
TRUE iff the object is valid. |
Since 0.7
enum PolKitAuthorizationScope
typedef enum {
POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT,
POLKIT_AUTHORIZATION_SCOPE_PROCESS,
POLKIT_AUTHORIZATION_SCOPE_SESSION,
POLKIT_AUTHORIZATION_SCOPE_ALWAYS,
} PolKitAuthorizationScope;
The scope of an authorization; e.g. whether it's limited to a process, a session or unlimited.
| The authorization is limited for a single shot for a single process on the system | |
| The authorization is limited for a single process on the system | |
| The authorization is limited for processes originating from a given session | |
| The authorization is retained indefinitely. |
Since 0.7
enum PolKitAuthorizationType
typedef enum {
POLKIT_AUTHORIZATION_TYPE_UID,
} PolKitAuthorizationType;
The type of authorization; e.g. whether it applies to a user, group, security context and so on (right now only users are supported).
Since 0.7
polkit_authorization_type ()
PolKitAuthorizationType polkit_authorization_type (PolKitAuthorization *auth);
Determine the type of authorization.
|
the authorization object |
Returns : |
the authorization type |
Since 0.7
polkit_authorization_get_action_id ()
const char * polkit_authorization_get_action_id (PolKitAuthorization *auth);
Get the action this authorization is for
|
the object |
Returns : |
the action id. Caller should not free this string. |
Since 0.7
polkit_authorization_get_uid ()
uid_t polkit_authorization_get_uid (PolKitAuthorization *auth);
Gets the UNIX user id for the user the authorization is confined to.
|
the object |
Returns : |
The UNIX user id for whom the authorization is confied to |
Since 0.7
polkit_authorization_get_time_of_grant ()
time_t polkit_authorization_get_time_of_grant
(PolKitAuthorization *auth);
Returns the point in time the authorization was granted. The value is UNIX time, e.g. number of seconds since the Epoch Jan 1, 1970 0:00 UTC.
|
the object |
Returns : |
When authorization was granted |
Since 0.7
polkit_authorization_get_scope ()
PolKitAuthorizationScope polkit_authorization_get_scope (PolKitAuthorization *auth);
Get the scope of the authorization; e.g. whether it's confined to a
single process, a single session or can be retained
indefinitely. Also keep in mind that an authorization is subject to
constraints, see polkit_authorization_constraints_foreach() for
details.
|
the object |
Returns : |
the scope |
Since 0.7
polkit_authorization_scope_process_get_pid ()
polkit_bool_t polkit_authorization_scope_process_get_pid (PolKitAuthorization *auth, pid_t *out_pid, polkit_uint64_t *out_pid_start_time);
If scope is POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT or POLKIT_AUTHORIZATION_SCOPE_PROCESS, get information about what process the authorization is confined to.
As process identifiers can be recycled, the start time of the process (the unit is not well-defined; on Linux it's the number of milliseconds since the system was started) is also returned.
|
the object |
|
return location |
|
return location |
Returns : |
TRUE if information was returned |
Since 0.7
polkit_authorization_scope_session_get_ck_objref ()
const char * polkit_authorization_scope_session_get_ck_objref
(PolKitAuthorization *auth);
Gets the ConsoleKit object path for the session the authorization is confined to.
|
the object |
Returns : |
NULL if scope wasn't session |
Since 0.7
polkit_authorization_was_granted_via_defaults ()
polkit_bool_t polkit_authorization_was_granted_via_defaults (PolKitAuthorization *auth, uid_t *out_user_authenticated_as);
Determine if the authorization was obtained by the user by
authenticating as himself or an administrator via the the
"defaults" section in the .policy file for the
action (e.g. "allow_any", "allow_inactive", "allow_active").
Compare with polkit_authorization_was_granted_explicitly() - only
one of these functions can return TRUE.
|
the object |
|
return location |
Returns : |
TRUE if the authorization was obtained by the user himself authenticating. |
Since 0.7
polkit_authorization_was_granted_explicitly ()
polkit_bool_t polkit_authorization_was_granted_explicitly (PolKitAuthorization *auth, uid_t *out_by_whom, polkit_bool_t *out_is_negative);
Determine if the authorization was explicitly granted by a sufficiently privileged user.
Compare with polkit_authorization_was_granted_via_defaults() - only
one of these functions can return TRUE.
|
the object |
|
return location |
|
return location |
Returns : |
TRUE if the authorization was explicitly granted by a
sufficiently privileger user. If TRUE, the user who granted the
authorization is returned in out_by_whom. If the authorization is
negative, TRUE is returned in out_is_negative.
|
Since 0.7
PolKitAuthorizationConstraintsForeachFunc ()
polkit_bool_t (*PolKitAuthorizationConstraintsForeachFunc) (PolKitAuthorization *auth, PolKitAuthorizationConstraint *authc, void *user_data);
Callback function for polkit_authorization_constraints_foreach().
|
authorization |
|
authorization constraint |
|
user data |
Returns : |
Pass TRUE to short-circuit, e.g. stop the iteration |
polkit_authorization_constraints_foreach ()
polkit_bool_t polkit_authorization_constraints_foreach (PolKitAuthorization *auth, PolKitAuthorizationConstraintsForeachFunc cb, void *user_data);
Iterate over all constraints associated with an authorization.
|
the object |
|
callback function |
|
user data |
Returns : |
TRUE if the caller short-circuited the iteration.
|
Since 0.7