File indexing completed on 2024-04-28 03:52:38
0001 /* 0002 SPDX-FileCopyrightText: 2008 Nicola Gigante <nicola.gigante@gmail.com> 0003 0004 SPDX-License-Identifier: LGPL-2.1-or-later 0005 */ 0006 0007 #include "../../policy-gen/policy-gen.h" 0008 0009 #include <Security/Security.h> 0010 #include <iostream> 0011 0012 #include <QDebug> 0013 0014 using namespace std; 0015 0016 void output(const QList<Action> &actions, const QMap<QString, QString> &domain) 0017 { 0018 AuthorizationRef auth; 0019 AuthorizationCreate(NULL, kAuthorizationEmptyEnvironment, kAuthorizationFlagDefaults, &auth); 0020 0021 OSStatus err; 0022 0023 for (const Action &action : std::as_const(actions)) { 0024 err = AuthorizationRightGet(action.name.toLatin1().constData(), NULL); 0025 0026 if (err != errAuthorizationSuccess) { 0027 QString rule; 0028 0029 if (action.policy == QLatin1String("yes")) { 0030 rule = QString::fromLatin1(kAuthorizationRuleClassAllow); 0031 } else if (action.policy == QLatin1String("no")) { 0032 rule = QString::fromLatin1(kAuthorizationRuleClassDeny); 0033 } else if (action.policy == QLatin1String("auth_self")) { 0034 rule = QString::fromLatin1(kAuthorizationRuleAuthenticateAsSessionUser); 0035 } else if (action.policy == QLatin1String("auth_admin")) { 0036 rule = QString::fromLatin1(kAuthorizationRuleAuthenticateAsAdmin); 0037 } 0038 0039 CFStringRef cfRule = CFStringCreateWithCString(NULL, rule.toLatin1().constData(), kCFStringEncodingASCII); 0040 CFStringRef cfPrompt = 0041 CFStringCreateWithCString(NULL, action.descriptions.value(QLatin1String("en")).toLatin1().constData(), kCFStringEncodingASCII); 0042 0043 err = AuthorizationRightSet(auth, action.name.toLatin1().constData(), cfRule, cfPrompt, NULL, NULL); 0044 if (err != noErr) { 0045 cerr << "You don't have the right to edit the security database (try to run cmake with sudo): " << err << endl; 0046 exit(1); 0047 } else { 0048 qInfo() << "Created or updated rule" << rule << "for right entry" << action.name << "policy" << action.policy << "; domain=" << domain; 0049 } 0050 } 0051 } 0052 }