From a1e8c79d38c5255b48e5bc75e367929c50e22a5e Mon Sep 17 00:00:00 2001 From: "Zeeshan Ali (Khattak)" Date: Mon, 15 Feb 2016 19:50:25 +0000 Subject: [PATCH] location: Ask user to authorize applications While we could have implemented this already a while ago, this would have been a completely false security mechanism since we had no way of reliably identifying applications. Since now with xdg-app, we can at least reliably identify bundled applications, let's give users a choice of which applications in particular they are OK with giving location data to. While we still can't reliably identify system (non-xdg-app) applications, it seems extremely unlikely we'll ever be able to do that (at least not in the near future) so we'll have to trust them to not lie about their IDs. Next release of geoclue will take the ID of bundled application directly from corresponding xdg-app metadata so bundled applications can't simply lie about their IDs. https://bugzilla.gnome.org/show_bug.cgi?id=762119 --- js/ui/status/location.js | 45 +++++++++++++++++++++++++++++----------- 1 file changed, 33 insertions(+), 12 deletions(-) diff --git a/js/ui/status/location.js b/js/ui/status/location.js index ff3943201..c74ca5159 100644 --- a/js/ui/status/location.js +++ b/js/ui/status/location.js @@ -80,6 +80,8 @@ var XdgAppIface = ' \ \ '; +const PermissionStore = Gio.DBusProxy.makeProxyWrapper(XdgAppIface); + const Indicator = new Lang.Class({ Name: 'LocationIndicator', Extends: PanelMenu.SystemIndicator, @@ -117,24 +119,26 @@ const Indicator = new Lang.Class({ this._onSessionUpdated(); this._onMaxAccuracyLevelChanged(); this._connectToGeoclue(); + this._connectToPermissionStore(); }, get MaxAccuracyLevel() { return this._getMaxAccuracyLevel(); }, - // We (and geoclue) have currently no way to reliably identifying apps so - // for now, lets just authorize all apps as long as they provide a valid - // desktop ID. We also ensure they don't get more accuracy than global max. - AuthorizeApp: function(desktop_id, reqAccuracyLevel) { - var appSystem = Shell.AppSystem.get_default(); - var app = appSystem.lookup_app(desktop_id + ".desktop"); - if (app == null) { - return [false, 0]; - } + AuthorizeAppAsync: function(params, invocation) { + let [desktopId, reqAccuracyLevel] = params; - let allowedAccuracyLevel = clamp(reqAccuracyLevel, 0, this._getMaxAccuracyLevel()); - return [true, allowedAccuracyLevel]; + let authorizer = new AppAuthorizer(desktopId, + reqAccuracyLevel, + this._permStoreProxy, + this._getMaxAccuracyLevel()); + + authorizer.authorize(Lang.bind(this, function(accuracyLevel) { + let ret = (accuracyLevel != GeoclueAccuracyLevel.NONE); + invocation.return_value(GLib.Variant.new('(bu)', + [ret, accuracyLevel])); + })); }, _syncIndicator: function() { @@ -245,7 +249,24 @@ const Indicator = new Lang.Class({ let unpacked = properties.deep_unpack(); if ("InUse" in unpacked) this._syncIndicator(); - } + }, + + _connectToPermissionStore: function() { + this._permStoreProxy = null; + new PermissionStore(Gio.DBus.session, + 'org.freedesktop.XdgApp', + '/org/freedesktop/XdgApp/PermissionStore', + Lang.bind(this, this._onPermStoreProxyReady)); + }, + + _onPermStoreProxyReady: function(proxy, error) { + if (error != null) { + log(error.message); + return; + } + + this._permStoreProxy = proxy; + }, }); function clamp(value, min, max) {