mirror/flatpak
1
0
Fork 0
mirror of https://github.com/flatpak/flatpak.git synced 2026-05-14 03:24:50 -04:00
Code Issues Packages Projects Releases Wiki Activity

common: Move flatpak_context_get_allowed_exports to FlatpakContext

Browse Source 
This allows us to break a circular dependency between utils and context.

Signed-off-by: Simon McVittie <smcv@collabora.com>
This commit is contained in:
Simon McVittie
2023-05-17 14:09:26 +01:00
parent 74abbbebfd
commit a01371ce02
6 changed files with 81 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/flatpak-builtins-build-finish.c
View File

@@ -32,6 +32,7 @@
#include "flatpak-builtins.h"
#include "flatpak-context-private.h"
#include "flatpak-dir-private.h"
#include "flatpak-utils-private.h"
#include "flatpak-run-private.h"
@@ -259,8 +260,8 @@ collect_exports (GFile *base,
g_auto(GStrv) allowed_extensions = NULL;
gboolean require_exact_match = FALSE;
if (!flatpak_get_allowed_exports (path, app_id, arg_context,
&allowed_extensions, &allowed_prefixes, &require_exact_match))
if (!flatpak_context_get_allowed_exports (arg_context, path, app_id,
&allowed_extensions, &allowed_prefixes, &require_exact_match))
return flatpak_fail (error, "Unexpectedly not allowed to export %s", path);
if (g_file_query_exists (src, cancellable))

7
common/flatpak-context-private.h
View File

@@ -173,4 +173,11 @@ G_DEFINE_AUTOPTR_CLEANUP_FUNC (FlatpakContext, flatpak_context_free)
GFile *flatpak_get_user_base_dir_location (void);
GFile *flatpak_get_data_dir (const char *app_id);
gboolean flatpak_context_get_allowed_exports (FlatpakContext *context,
const char *source_path,
const char *app_id,
char ***allowed_extensions_out,
char ***allowed_prefixes_out,
gboolean *require_exact_match_out);
#endif /* __FLATPAK_CONTEXT_H__ */

69
common/flatpak-context.c
View File

@@ -2972,3 +2972,72 @@ flatpak_context_append_bwrap_filesystem (FlatpakContext *context,
xdg_dirs_conf, strlen (xdg_dirs_conf), path, NULL);
}
}
gboolean
flatpak_context_get_allowed_exports (FlatpakContext *context,
const char *source_path,
const char *app_id,
char ***allowed_extensions_out,
char ***allowed_prefixes_out,
gboolean *require_exact_match_out)
{
g_autoptr(GPtrArray) allowed_extensions = g_ptr_array_new_with_free_func (g_free);
g_autoptr(GPtrArray) allowed_prefixes = g_ptr_array_new_with_free_func (g_free);
gboolean require_exact_match = FALSE;
g_ptr_array_add (allowed_prefixes, g_strdup_printf ("%s.*", app_id));
if (strcmp (source_path, "share/applications") == 0)
{
g_ptr_array_add (allowed_extensions, g_strdup (".desktop"));
}
else if (flatpak_has_path_prefix (source_path, "share/icons"))
{
g_ptr_array_add (allowed_extensions, g_strdup (".svgz"));
g_ptr_array_add (allowed_extensions, g_strdup (".png"));
g_ptr_array_add (allowed_extensions, g_strdup (".svg"));
g_ptr_array_add (allowed_extensions, g_strdup (".ico"));
}
else if (strcmp (source_path, "share/dbus-1/services") == 0)
{
g_auto(GStrv) owned_dbus_names = flatpak_context_get_session_bus_policy_allowed_own_names (context);
g_ptr_array_add (allowed_extensions, g_strdup (".service"));
for (GStrv iter = owned_dbus_names; *iter != NULL; ++iter)
g_ptr_array_add (allowed_prefixes, g_strdup (*iter));
/* We need an exact match with no extra garbage, because the filename refers to busnames
* and we can *only* match exactly these */
require_exact_match = TRUE;
}
else if (strcmp (source_path, "share/gnome-shell/search-providers") == 0)
{
g_ptr_array_add (allowed_extensions, g_strdup (".ini"));
}
else if (strcmp (source_path, "share/mime/packages") == 0)
{
g_ptr_array_add (allowed_extensions, g_strdup (".xml"));
}
else if (strcmp (source_path, "share/metainfo") == 0 ||
strcmp (source_path, "share/appdata") == 0)
{
g_ptr_array_add (allowed_extensions, g_strdup (".xml"));
}
else
return FALSE;
g_ptr_array_add (allowed_extensions, NULL);
g_ptr_array_add (allowed_prefixes, NULL);
if (allowed_extensions_out)
*allowed_extensions_out = (char **) g_ptr_array_free (g_steal_pointer (&allowed_extensions), FALSE);
if (allowed_prefixes_out)
*allowed_prefixes_out = (char **) g_ptr_array_free (g_steal_pointer (&allowed_prefixes), FALSE);
if (require_exact_match_out)
*require_exact_match_out = require_exact_match;
return TRUE;
}

4
common/flatpak-dir.c
View File

@@ -7722,8 +7722,8 @@ rewrite_export_dir (const char *app,
if (!glnx_dirfd_iterator_init_at (source_parent_fd, source_name, FALSE, &source_iter, error))
goto out;
exports_allowed = flatpak_get_allowed_exports (source_path, app, context,
&allowed_extensions, &allowed_prefixes, &require_exact_match);
exports_allowed = flatpak_context_get_allowed_exports (context, source_path, app,
&allowed_extensions, &allowed_prefixes, &require_exact_match);
visited_children = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL);

9
common/flatpak-utils-private.h
View File

@@ -24,12 +24,10 @@
#include <string.h>
#include "libglnx.h"
#include <flatpak-common-types-private.h>
#include <gio/gio.h>
#include <gio/gunixfdlist.h>
#include "flatpak-dbus-generated.h"
#include "flatpak-document-dbus-generated.h"
#include "flatpak-context-private.h"
#include "flatpak-error.h"
#include "flatpak-glib-backports-private.h"
#include "flatpak-variant-private.h"
@@ -142,13 +140,6 @@ gboolean flatpak_var_ref_map_lookup_ref (VarRefMapRef ref_map,
const char *ref,
VarRefInfoRef *out_info);
gboolean flatpak_get_allowed_exports (const char *source_path,
const char *app_id,
FlatpakContext *context,
char ***allowed_extensions_out,
char ***allowed_prefixes_out,
gboolean *require_exact_match_out);
FlatpakDecomposed *flatpak_find_current_ref (const char *app_id,
GCancellable *cancellable,
GError **error);

70
common/flatpak-utils.c
View File

@@ -643,76 +643,6 @@ flatpak_bwrap_is_unprivileged (void)
(st.st_mode & S_ISUID) == 0;
}
gboolean
flatpak_get_allowed_exports (const char *source_path,
const char *app_id,
FlatpakContext *context,
char ***allowed_extensions_out,
char ***allowed_prefixes_out,
gboolean *require_exact_match_out)
{
g_autoptr(GPtrArray) allowed_extensions = g_ptr_array_new_with_free_func (g_free);
g_autoptr(GPtrArray) allowed_prefixes = g_ptr_array_new_with_free_func (g_free);
gboolean require_exact_match = FALSE;
g_ptr_array_add (allowed_prefixes, g_strdup_printf ("%s.*", app_id));
if (strcmp (source_path, "share/applications") == 0)
{
g_ptr_array_add (allowed_extensions, g_strdup (".desktop"));
}
else if (flatpak_has_path_prefix (source_path, "share/icons"))
{
g_ptr_array_add (allowed_extensions, g_strdup (".svgz"));
g_ptr_array_add (allowed_extensions, g_strdup (".png"));
g_ptr_array_add (allowed_extensions, g_strdup (".svg"));
g_ptr_array_add (allowed_extensions, g_strdup (".ico"));
}
else if (strcmp (source_path, "share/dbus-1/services") == 0)
{
g_auto(GStrv) owned_dbus_names = flatpak_context_get_session_bus_policy_allowed_own_names (context);
g_ptr_array_add (allowed_extensions, g_strdup (".service"));
for (GStrv iter = owned_dbus_names; *iter != NULL; ++iter)
g_ptr_array_add (allowed_prefixes, g_strdup (*iter));
/* We need an exact match with no extra garbage, because the filename refers to busnames
* and we can *only* match exactly these */
require_exact_match = TRUE;
}
else if (strcmp (source_path, "share/gnome-shell/search-providers") == 0)
{
g_ptr_array_add (allowed_extensions, g_strdup (".ini"));
}
else if (strcmp (source_path, "share/mime/packages") == 0)
{
g_ptr_array_add (allowed_extensions, g_strdup (".xml"));
}
else if (strcmp (source_path, "share/metainfo") == 0 ||
strcmp (source_path, "share/appdata") == 0)
{
g_ptr_array_add (allowed_extensions, g_strdup (".xml"));
}
else
return FALSE;
g_ptr_array_add (allowed_extensions, NULL);
g_ptr_array_add (allowed_prefixes, NULL);
if (allowed_extensions_out)
*allowed_extensions_out = (char **) g_ptr_array_free (g_steal_pointer (&allowed_extensions), FALSE);
if (allowed_prefixes_out)
*allowed_prefixes_out = (char **) g_ptr_array_free (g_steal_pointer (&allowed_prefixes), FALSE);
if (require_exact_match_out)
*require_exact_match_out = require_exact_match;
return TRUE;
}
static char *
line_get_word (char **line)
{