From 528b1f8e2976a58cde4437519e7d2ba40dc2fed0 Mon Sep 17 00:00:00 2001 From: Matthias Clasen Date: Fri, 10 Jun 2016 15:53:27 -0400 Subject: [PATCH] flatpak: Add a document-unexport command This calls org.freedesktop.portal.Documents.Delete to remove an exported file from the document database altogether. --- app/Makefile.am.inc | 1 + app/flatpak-builtins-document-unexport.c | 115 +++++++++++++++++++++++ app/flatpak-builtins.h | 1 + app/flatpak-main.c | 7 +- doc/Makefile.am | 1 + doc/flatpak-document-unexport.xml | 94 ++++++++++++++++++ 6 files changed, 217 insertions(+), 2 deletions(-) create mode 100644 app/flatpak-builtins-document-unexport.c create mode 100644 doc/flatpak-document-unexport.xml diff --git a/app/Makefile.am.inc b/app/Makefile.am.inc index b080df62..0b02d30b 100644 --- a/app/Makefile.am.inc +++ b/app/Makefile.am.inc @@ -27,6 +27,7 @@ flatpak_SOURCES = \ app/flatpak-builtins-build-sign.c \ app/flatpak-builtins-repo-update.c \ app/flatpak-builtins-document-export.c \ + app/flatpak-builtins-document-unexport.c \ app/flatpak-builtins-document-info.c \ $(xdp_dbus_built_sources) \ $(NULL) diff --git a/app/flatpak-builtins-document-unexport.c b/app/flatpak-builtins-document-unexport.c new file mode 100644 index 00000000..0851db80 --- /dev/null +++ b/app/flatpak-builtins-document-unexport.c @@ -0,0 +1,115 @@ +/* + * Copyright © 2016 Red Hat, Inc + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see . + * + * Authors: + * Matthias Clasen + */ + +#include "config.h" + +#include +#include +#include +#include +#include + +#include "libgsystem.h" +#include "libglnx/libglnx.h" +#include "document-portal/xdp-dbus.h" + +#include + +#include "flatpak-builtins.h" +#include "flatpak-utils.h" +#include "flatpak-run.h" + +static GOptionEntry options[] = { + { NULL } +}; + +gboolean +flatpak_builtin_document_unexport (int argc, char **argv, + GCancellable *cancellable, + GError **error) +{ + g_autoptr(GOptionContext) context = NULL; + g_autoptr(GDBusConnection) session_bus = NULL; + XdpDbusDocuments *documents; + const char *file; + g_autofree char *doc_id = NULL; + + context = g_option_context_new ("FILE - Unexport a file to apps"); + + if (!flatpak_option_context_parse (context, options, &argc, &argv, + FLATPAK_BUILTIN_FLAG_NO_DIR, + NULL, cancellable, error)) + return FALSE; + + if (argc < 2) + return usage_error (context, "FILE must be specified", error); + + file = argv[1]; + + session_bus = g_bus_get_sync (G_BUS_TYPE_SESSION, NULL, error); + if (session_bus == NULL) + return FALSE; + + documents = xdp_dbus_documents_proxy_new_sync (session_bus, 0, + "org.freedesktop.portal.Documents", + "/org/freedesktop/portal/documents", + NULL, error); + if (documents == NULL) + return FALSE; + + if (!xdp_dbus_documents_call_lookup_sync (documents, file, &doc_id, NULL, error)) + return FALSE; + + if (strcmp (doc_id, "") == 0) + { + g_print ("Not exported\n"); + return TRUE; + } + + if (!xdp_dbus_documents_call_delete_sync (documents, doc_id, NULL, error)) + return FALSE; + + return TRUE; +} + +gboolean +flatpak_complete_document_unexport (FlatpakCompletion *completion) +{ + g_autoptr(GOptionContext) context = NULL; + + context = g_option_context_new (""); + + if (!flatpak_option_context_parse (context, options, &completion->argc, &completion->argv, + FLATPAK_BUILTIN_FLAG_NO_DIR, NULL, NULL, NULL)) + return FALSE; + + switch (completion->argc) + { + case 0: + case 1: /* FILE */ + flatpak_complete_options (completion, global_entries); + flatpak_complete_options (completion, options); + + flatpak_complete_file (completion); + break; + } + + return TRUE; +} diff --git a/app/flatpak-builtins.h b/app/flatpak-builtins.h index ff870d21..dc95e0d1 100644 --- a/app/flatpak-builtins.h +++ b/app/flatpak-builtins.h @@ -78,6 +78,7 @@ BUILTINPROTO (build_bundle) BUILTINPROTO (build_import) BUILTINPROTO (build_update_repo) BUILTINPROTO (document_export) +BUILTINPROTO (document_unexport) BUILTINPROTO (document_info) BUILTINPROTO (override) diff --git a/app/flatpak-main.c b/app/flatpak-main.c index e6855af4..4a30476c 100644 --- a/app/flatpak-main.c +++ b/app/flatpak-main.c @@ -61,11 +61,14 @@ static FlatpakCommand commands[] = { { "\n Running applications" }, { "run", "Run an application", flatpak_builtin_run, flatpak_complete_run }, { "override", "Override permissions for an application", flatpak_builtin_override, flatpak_complete_override }, - { "document-export", "Grant an application access to a specific file", flatpak_builtin_document_export, flatpak_complete_document_export }, - { "document-info", "Show information about a specific file", flatpak_builtin_document_info, flatpak_complete_document_info }, { "make-current", "Specify default version to run", flatpak_builtin_make_current_app, flatpak_complete_make_current_app }, { "enter", "Enter the namespace of a running application", flatpak_builtin_enter, flatpak_complete_enter }, + { "\n Manage file access" }, + { "document-export", "Grant an application access to a specific file", flatpak_builtin_document_export, flatpak_complete_document_export }, + { "document-unexport", "Revoke access to a specific file", flatpak_builtin_document_unexport, flatpak_complete_document_unexport }, + { "document-info", "Show information about a specific file", flatpak_builtin_document_info, flatpak_complete_document_info }, + { "\n Manage remote repositories" }, { "remote-add", "Add a new remote repository (by URL)", flatpak_builtin_add_remote, flatpak_complete_add_remote }, { "remote-modify", "Modify properties of a configured remote", flatpak_builtin_modify_remote, flatpak_complete_modify_remote }, diff --git a/doc/Makefile.am b/doc/Makefile.am index 30f2a41e..8edefefa 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -31,6 +31,7 @@ man_MANS = \ flatpak-override.1 \ flatpak-enter.1 \ flatpak-document-export.1 \ + flatpak-document-unexport.1 \ flatpak-document-info.1 \ flatpak-build-init.1 \ flatpak-build.1 \ diff --git a/doc/flatpak-document-unexport.xml b/doc/flatpak-document-unexport.xml new file mode 100644 index 00000000..7e3d6db3 --- /dev/null +++ b/doc/flatpak-document-unexport.xml @@ -0,0 +1,94 @@ + + + + + + + flatpak document-unexport + flatpak + + + + Developer + Alexander + Larsson + alexl@redhat.com + + + + + + flatpak document-unexport + 1 + + + + flatpak-document-unexport + Stop exporting a file + + + + + flatpak document-export + OPTION + FILE + + + + + Description + + + Removes the document identifies for the file from the + document portal. This will make the document unavailable + to all sandboxed applications. + + + + + + Options + + The following options are understood: + + + + + + + + Show help options and exit. + + + + + + + + + Print debug information during command processing. + + + + + + + + Print version information and exit. + + + + + + + See also + + + flatpak1, + flatpak-document-export1 + + + + +