----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://git.reviewboard.kde.org/r/129983/ -----------------------------------------------------------
(Updated March 9, 2017, 2:57 p.m.) Review request for KDE Frameworks, David Faure and Elvis Angelaccio. Changes ------- Addressed Aleix's issue. Removed 'requestroot' method which was pointless. Added method to display warning dialog if root access persists. Repository: kio Description ------- This is regarding the GSOC idea https://community.kde.org/GSoC/2017/Ideas#Project:_Polkit_support_in_KIO. This patch intends to demonstrate one possible approach to provide polkit support in kio. Here its only for the delete operation. This is based on the patch in task https://phabricator.kde.org/T5070. The approach is as follows; The file ioslave gets three methods, /*getRootPermission, execWithRoot and unsetRoot*/ with a variable /*isRoot*/ to store the persistance. The helper gets two actions, /*org.kde.kio.file.requestroot*/ and /*org.kde.kio.file.execute*/. When an action encounters access denied error the method "execWithRoot" is called with the action you want to perform and the path of objects upon which you want to perform the action as arguments. This method then calls "getRootPermission" for authorisation purpose. Upon successfull authorisation this will then go on performing the desired action as privileged user. Once the job is finished "unsetRoot" is called. For authorisation a call to "org.kde.kio.file.requestroot" will be made. This action has its "Policy" set to "auth_admin" so as to prompt for password every time its called. And the action "org.kde.kio.file.execute" has its "Policy" set to "yes" so that it can carry out the desired action as a priviledged user without asking for authentication. As for the deletion of files and directories are concerned, the authentication dialog will pop up only once i.e, for the first file/directory that needs requires a priviledged user to delete them. If there are more files which only priviledge users can delete then they will be deleted straightaway without asking for authentication. This is decided by the truth of variable "isRoot". Once the delete job is finished "isRoot" is set to false. In short once the job has started and authentication's been done, the root access will persist and once the job is finished the root access will reset. Diffs (updated) ----- src/ioslaves/file/CMakeLists.txt b9132ce src/ioslaves/file/file.h 109ea80 src/ioslaves/file/file.cpp eaf6c88 src/ioslaves/file/file_unix.cpp 82eb11a src/ioslaves/file/kauth/CMakeLists.txt PRE-CREATION src/ioslaves/file/kauth/file.actions PRE-CREATION src/ioslaves/file/kauth/helper.h PRE-CREATION src/ioslaves/file/kauth/helper.cpp PRE-CREATION Diff: https://git.reviewboard.kde.org/r/129983/diff/ Testing ------- File Attachments (updated) ---------------- warning dialog https://git.reviewboard.kde.org/media/uploaded/files/2017/03/09/d42570e8-aedf-4c02-801e-362a68755c2c__polkit_integration.png Thanks, Chinmoy Ranjan Pradhan
