Commit Graph

279 Commits

Author SHA1 Message Date
Ray Strode
e23f4d6c7c shellActionModes: disable POPUP keybindings in unlock screen
Certain keybindings should continue to work even when a popup
menu is on screen. For instance, the keybinding for showing
the app menu and the keyinding for showing the calendar are
examples.

This is achieved by putting in place a special "POPUP" action
mode, whenever a popup menu is active.  This mode replaces
the (e.g., "NORMAL" or "OVERVIEW") action mode that was in place
for as long as the popup menu is active.

But those keybindings should not work when the user is at the
unlock dialog (which uses an action mode of "UNLOCK").

Unfortunately, since commit c79d24b6 they do.

This commit addresses the problem by forcing the action mode
to NONE at the unlock screen when popups are visible.

CVE-2019-3820

Closes https://gitlab.gnome.org/GNOME/gnome-shell/issues/851
2019-02-05 11:14:01 -05:00
Florian Müllner
94423151b2 dbus: Move all interface descriptions into the resource
https://gitlab.gnome.org/GNOME/gnome-shell/issues/537
2018-09-17 07:34:49 +00:00
Marco Trevisan (Treviño)
f7029674b0 js, oVirt: Fix ES6 template string alignment
Fix wrong replacement of commit dbf993300a
to be style-contistent with other definitions
2018-08-30 04:49:17 +02:00
Marco Trevisan (Treviño)
dbf993300a js: use ES6 template strings for dbus interfaces
Use multiline template strings for dbus interfaces as they're easier to maintain
2018-08-27 19:23:00 +02:00
Marco Trevisan (Treviño)
cf69fe4b18 gdm, util: Always allow to retry login in unlock mode
When in lockscreen mode there's no point of resetting the auth login as there's
no welcome screen, and that would just cause the UI to freeze, with no reason.
This could have been useful if we were stopping the user to login for a given
time after ALLOWED_FAILURES attempts, but this is not the case yet.
2018-07-25 20:32:42 +00:00
Marco Trevisan (Treviño)
8f848925f6 authPrompt: Do not enable sensitivity if retries are disallowed
Set the sensitivity of the UI according to the canRetry parameter and thus
if no more logins are allowed don't take any input.

Fixes #311
2018-07-25 20:32:42 +00:00
Marco Trevisan (Treviño)
d21657fe61 authPrompt: Unset preemptiveAnswer on reset
When we get a reset signal the preemptiveAnswer should be also unset or it will
be used next time the user authPrompt will be activated, even without any further
user interaction.

Fixes #311
2018-07-25 20:32:41 +00:00
Florian Müllner
e36ba874a8 Stop using conditional catch statements
It is a mozilla extension that is going away in SpiderMonkey 60.

https://gitlab.gnome.org/GNOME/gnome-shell/merge_requests/151
2018-07-17 17:02:39 +00:00
verdre
1dd16618d1 loginDialog: Don't display timed login indicator if unused
This fixes the slightly bigger padding underneath the login item compared to the padding above
2018-04-19 17:26:14 +02:00
verdre
a4190f83ac loginDialog: Correct source name for timed login idle timeout
The _blockTimedLoginUntilIdle method sets a timeout to be called after
the user is idle for 5 seconds.  That timeout is erroneously given the
source name "[gnome-shell] this._timedLoginAnimationTime" which looks
like a copy-and-paste mistake.  The original intention was probably to
use a source name of "[gnome-shell] this._timedLoginIdleTimeOutId" which
more closely matches existing convention for source names.

This commit fixes that.
2018-04-19 17:26:14 +02:00
verdre
a8e17f73ec loginDialog: Use more function scope variables inside _startTimedLogin
Using function scope variables increases readability and prevents
unwanted changes from outside while the batch is running.
2018-04-19 17:26:13 +02:00
verdre
86a741c1ee loginDialog: Make sure timed login indicator is shown after idle timeout
If the idle timeout is done, always show the user list to make sure the
timed login indicator is visible.
2018-04-19 17:25:02 +02:00
verdre
5cc6fef689 loginDialog: Restrict grabbing of focus while timed login is running
Make sure the focus isn't grabbed right after user interaction starts a
new timed login. Only grab it after the idle timeout is done and on the
first run instead.
2018-04-19 09:08:45 +02:00
verdre
522a5fe480 loginDialog: Ensure old timed login timeout is removed before starting a new one
Normally, we give the user a 5 second grace period of inactivity before
starting a timed login operation. Unfortunately, that grace period
timeout isn't properly removed if the timed login operation is restarted
during the grace period. That means the timeout handler can
inadvertently get called multiple times leading to the grace period
duration getting subtracted from the total animation time more than
once.

This commit ensures we only ever have one grace period timeout scheduled
at a time.
2018-04-19 09:08:45 +02:00
verdre
b1239b1257 loginDialog: Use GLib instead of Mainloop for timeout
imports.mainloop is deprecated
2018-04-19 09:08:45 +02:00
verdre
58063d9ee1 loginDialog: Move reset of timed login into _startTimedLogin
This way we can make sure that already running timed logins are
always reset when starting a new one.
2018-04-19 09:08:45 +02:00
verdre
d7aba2dece loginDialog: Ensure timed login indicator is hidden on key presses
The timed login feature currently cancels the timed login operation when
a user presses a key but, oddly, only hides the indicator when the user
releases the key. This means that if a user holds down a key that
doesn't key repeat, the timed login indicator will continue to run after
the timed login operation is cancelled.

This commit address the problem by ensuring the timed login indicator is
hidden on any key press event, at the same time the timed login
operation is canceled.
2018-04-19 09:08:45 +02:00
Florian Müllner
3b1330880f cleanup: Use Function.prototype.bind()
When not using arrow notation with anonymous functions, we use Lang.bind()
to bind `this` to named callbacks. However since ES5, this functionality
is already provided by Function.prototype.bind() - in fact, Lang.bind()
itself uses it when no extra arguments are specified. Just use the built-in
function directly where possible, and use arrow notation in the few places
where we pass additional arguments.

https://gitlab.gnome.org/GNOME/gnome-shell/merge_requests/23
2018-02-21 13:55:02 +00:00
Florian Müllner
213e38c2ef cleanup: Use arrow notation for anonymous functions
Arrow notation is great, use it consistently through-out the code base
to bind `this` to anonymous functions, replacing the more overbose
Lang.bind(this, function() {}).

https://gitlab.gnome.org/GNOME/gnome-shell/merge_requests/23
2018-02-21 13:55:00 +00:00
Florian Müllner
76f09b1e49 cleanup: Use method syntax
Modern javascript has a short-hand for function properties, embrace
it for better readability and to prepare for an eventual port to
ES6 classes.

https://gitlab.gnome.org/GNOME/gnome-shell/merge_requests/23
2018-02-21 13:54:58 +00:00
Ray Strode
e1d9bdbbd6 loginDialog: only emit session-activated on user action
Right now we emit session-activated any time the bullet
moves in the session menu. That includes at startup when
picking an item arbitrarily, and any time GDM reports the
session was read from the user's account settings.

session-activated informs GDM about the newly selected session,
so emitting it in response to GDM reporting a session is a
bad idea.

This commit changes the code to only emit session-activated when
the user explicitly activates a session item from the gear menu.

Note, we no longer set the active session explicitly at start up.
This is a good thing since the item we were picking wasn't
necessarily correct.  It does means if GDM fails to inform us
about the correct default session we'll now show no bullet instead
of a bullet on the wrong item.

https://bugzilla.gnome.org/show_bug.cgi?id=740142
2018-02-20 10:27:08 -05:00
Ray Strode
58827ba36d gdm: use password authentication if all schemes are disabled
This prevents a traceback, at least.
2018-02-20 10:21:23 -05:00
Ray Strode
9ef1bc7273 gdm: honor timed login delay even if animations disabled
gnome-shell currently initiates an automatic login attempt if
timed login is enabled and the timed login animation completes.

Unfortunately, if animations are disabled (as is the case for
virtual machines) then the timed login animation will complete
instantly, and timed login will proceed immediately after gnome-shell
has noticed the user is idle for 5 seconds.

This commit addresses that problem by initiating timed login and the
animation from a main loop timeout, instead of using the tweener api.
2018-02-20 10:18:18 -05:00
Florian Müllner
e39f4ec0d6 gdmUtils: Define constants with 'var'
Most of those are accessed outside the module itself, but commit
033277b6 missed them ...

https://bugzilla.gnome.org/show_bug.cgi?id=785556
2017-08-10 20:16:06 +02:00
Florian Müllner
033277b68f Define externally accessible contants with 'var' instead of 'const'
Just as we did with classes, define other constants that are (or
may be) used from other modules with 'var' to cut down on warnings.

https://bugzilla.gnome.org/show_bug.cgi?id=785084
2017-07-18 21:52:06 +02:00
Florian Müllner
2582d16ca7 Define classes with 'var' instead of 'const'
Any symbols (including class properties) that should be visible
outside the module it's defined in need to be defined as global.
For now gjs still allows the access for 'const', but get rid of
the warnings spill now by changing it.

https://bugzilla.gnome.org/show_bug.cgi?id=785084
2017-07-18 21:52:06 +02:00
Florian Müllner
358133e82f Initialize properties in _init()
While we've always considered it good style to initialize JS properties,
some code that relies on uninitialized properties having an implicit
value of 'undefined' has slipped in over time. The updated SpiderMonkey
version used by gjs now warns when accessing those properties, so we
should make sure that they are properly initialized to avoid log spam,
even though all warnings addressed here occur in conditionals that
produce the correct result with 'undefined'.

https://bugzilla.gnome.org/show_bug.cgi?id=781471
2017-07-13 17:23:54 +02:00
Florian Müllner
526f2c8bcf loginDialog: Only highlight a single item at any time
The user list uses the same indication for hover and focus, so it
is possible for two items to be highlighted at the same time. Using
different styling would improve the situation, but only to some
extent - the user would still need to figure out which highlight
corresponds to which activation method. So instead, copy the
approach we use in popup menus and use a single property for
highlights that is updated by both focus- and hover changes.

https://bugzilla.gnome.org/show_bug.cgi?id=772284
2017-07-13 14:57:07 +02:00
Ray Strode
a782de6e06 authPrompt: allow empty response to PAM messages
Some PAM modules say "Press enter to continue" or
whatever.  We need to support them.

This commit allows empty responses to PAM questions,
but still requires a non-empty response for username.

https://bugzilla.gnome.org/show_bug.cgi?id=784360
2017-07-10 09:23:11 -04:00
Ray Strode
0f8718287a gdmUtil: Fix auth prompt drawing over user list
If the user fails to enter their password then hits escape, we
jump back to the user list, then ask again for a password in a
garbled screen. this commit fixes that by skipping a retry if
the operation is cancelled.

https://bugzilla.gnome.org/show_bug.cgi?id=784361
2017-07-10 09:22:32 -04:00
Xiaoguang Wang
fbc5e3709e loginDialog: Disable user list when no user
https://bugzilla.gnome.org/show_bug.cgi?id=731320
2017-07-07 11:21:09 -05:00
Michael Catanzaro
a00a186772 authPrompt: Remove stray tab character 2017-06-29 18:16:32 -05:00
Ray Strode
e3330b638a Revert "gdmUtil: Fix auth prompt drawing over user list"
This reverts commit 875a1d6159.

(this was pushed accidentally, isn't the right patch, and lacks
 a bug reference)
2017-06-28 13:16:22 -04:00
Michael Catanzaro
82e20f94f4 authPrompt: Reorder import
5b339c8371 put this in the wrong place.
2017-06-28 02:35:46 -05:00
Michael Catanzaro
293d1697fe Fix a typo 2017-06-26 13:47:19 -05:00
Ray Strode
875a1d6159 gdmUtil: Fix auth prompt drawing over user list
If the user fails to enter their password then hits escape, we
jump back to the user list, then ask again for a password in a
garbled screen. this commit fixes that by guarding against the retry
if the fail counter is reset.
2017-06-22 14:31:19 -04:00
Xiaoguang Wang
fcbb942e24 loginDialog: Fix session button can be clicked
When session menu button is hidden, button can be clicked and show popup
menu.

https://bugzilla.gnome.org/show_bug.cgi?id=781482
2017-04-19 10:27:41 -04:00
Florian Müllner
c0861b1227 gdm: Handle absence of Fprint.Manager service
We rely on the service to detect whether a fingerprint reader is
present. It is fine to not support fingerprint authentication
when the service is missing, but currently we don't handle this
case at all and end up with a non-functional login screen.

https://bugzilla.gnome.org/show_bug.cgi?id=780063
2017-03-20 19:02:07 +01:00
Ray Strode
93071d9167 loginDialog: don't allow type ahead at the login screen
It's weird if after you select a username from the user list, there's
a password already filled in.

This commit disables at that feature for the login screen
(but keeps it in tact for the unlock screen)

https://bugzilla.gnome.org/show_bug.cgi?id=766139
2017-02-14 03:05:33 +01:00
victoryang
5b339c8371 authPrompt.js: turn off the ellipsization of pam messages
When the user gets long failure messages from pam, the authPrompt
message label will clip the message and ellipsize with '…'.

This commit turns off ellipsization from the label, so it will
properly wrap.

https://bugzilla.gnome.org/show_bug.cgi?id=764445
2016-10-14 09:28:34 -04:00
Michael Catanzaro
cae4d92191 loginDialog: fix cancel button in ask for username mode
If the user clicks Not Listed? to enter ask for username mode, clicks
cancel, and then attempts to log in via the user list, the user will see
"Authentication failed" after correctly typing the password, and then
will become stuck in an empty screen with just the gray noise background.

The problem is, we forgot to disconnect from the signal that's waiting
for the next button to be pressed on the username entry screen. Since
the signal handler that executes here is expecting the username to be
input, and isn't prepared for us to have switched back to user list,
various bad things happen. We try to start two gdm-password
conversations at once, for instance, one using the user's password as
the username. I stopped investigating here, because it's easy to fix by
disconnecting from the signal at the right time.

https://bugzilla.gnome.org/show_bug.cgi?id=770328
2016-09-10 16:50:53 -05:00
Michael Catanzaro
c65a9c4d2e authPrompt: Do not allow bypassing disabled Sign In button
The Next and Sign In buttons are disabled when the username/password
field is empty. However, the user can still bypass this button by
pressing the enter key, leading to some odd glitches with the log in
for 'Not Listed?' users.

This is easy to fix by simply not progressing to the next screen when
the button is disabled.

https://bugzilla.gnome.org/show_bug.cgi?id=746180
2016-01-07 17:19:04 -06:00
Michael Catanzaro
3803a880e8 loginDialog: Reconsider user for user list when user changes
Generally a user-changed operation will be uninteresting, but if the
user is currently in the user list and the account changes to locked, we
want to remove it from the list, or if the user is not in the list and
the account changed to unlocked, we want to add it to the list. This
fixes the case where a new user account created in gnome-control-center
does not appear in the user list. The password mode is set in the new
account immediately after it is created, but the operations are not
atomic, so the login dialog considers the new user account when it is
still locked and rejects it from being displayed, then immediately
afterwards the account is unlocked. This commit causes the login dialog
to show the account when this occurs.

The containsUser() check here is not strictly necessary, but reduces
spurious calls to addUser() and removeUser(), since there's no easy way
to check if the locked status of the account has changed (as it's much
easier to connect to one signal on the UserManager than to
notify::locked on each User object).

https://bugzilla.gnome.org/show_bug.cgi?id=758568
2015-12-02 18:23:36 +01:00
Michael Catanzaro
e1e08f0a68 loginDialog: Fix TypeError when user is deleted
LoginDialog has a private _user, but UserListItem has a public user.
Easy to get wrong since _user would be the right thing to type in 90% of
this file.
2015-11-23 17:44:49 -06:00
Ray Strode
489b96a310 gdm: don't emit start-session-when-ready from idle function
There's no point in delaying the emission.  We should do it
right away.

https://bugzilla.gnome.org/show_bug.cgi?id=754814
2015-10-20 17:10:06 -04:00
Michael Catanzaro
50b59e0ca6 batch: Add old commit message as comment at top of file
This is a lightly-edited version of Ray's commit message in
4902a600d5.
2015-10-13 14:43:39 -05:00
Florian Müllner
09dbe17da0 loginDialog: Limit user list to the available height
We currently will always allocate the user list's preferred size, so it
will grow indefinitely and never scroll; limit the height instead to
get the desired scrolling behavior when necessary.

https://bugzilla.gnome.org/show_bug.cgi?id=754525
2015-09-03 15:45:39 +02:00
Rui Matos
f2d4aa0822 authPrompt: hide/stop spinner after verfiication completes
When the user successfully types their password, we should hide
the spinner from the button well right away, so it doesn't
consume resources until reset (which may happen significantly later
if the user is vt switched away)

https://bugzilla.gnome.org/show_bug.cgi?id=753891
2015-08-31 15:24:27 -04:00
Ray Strode
030a22d795 authPrompt: stop spinner after its hidden
The code previously tried to stop spinner after it was hidden, but
due to an incorrect check was only stoppig it after it was shown.

Also, it was only stopping after hiding due to an animation, and
failing to stop it in the non-animated case.

This left the spinner hidden and running while VT switched away
from the login screen, only stopping when the auth prompt was
reset when switching back.

https://bugzilla.gnome.org/show_bug.cgi?id=753891
2015-08-31 15:19:26 -04:00
Ray Strode
08506eac2d gdm: clear user verifier when finished with it
We only need the user verifier for the purpose of user verification.
Once it's complete we should clear it so it doesn't get in the way
later.

This fixes a bug introduced in commit 3c8c5a5570 that leads to the
user session crashing when the login screen is reactivated.

https://bugzilla.gnome.org/show_bug.cgi?id=753181
2015-08-05 09:40:17 -04:00