In a gdm session, we may not know what mouse orientation the user
may be in, so it makes sense to support both the left and right
mouse buttons to activate login or other items.
Additionally, add the behavior to all modal dialog items, even in
a user session, because it's unlikely that the user will right-click
on buttons, and it makes for an easier implementation.
https://bugzilla.gnome.org/show_bug.cgi?id=688748
Due to limitations and bugs in SpiderMonkey's GC, wrapper objects
for cairo contexts and similar may not get cleaned up immediately
after repainting, leading to leaking memory. Explicitly disposing
of such objects after they're not needed can clean up large portions
of memory for cairo surfaces.
https://bugzilla.gnome.org/show_bug.cgi?id=685513
We need to do a better job of indicating login process. This can
sometimes take a few seconds (particularly if you get your password
wrong): we need to give better feedback of what's going on.
This adds a spinner next to the login button if the authorization takes
some time.
https://bugzilla.gnome.org/show_bug.cgi?id=687113
The login dialog had these issues:
- the entry was not really disabled, you could still edit text
- the sensitivity state was not reset on verification failure
- the session list was not disabled
The unlock dialog had these issues:
- "Login as another user..." was not insensitive
- redundant password char setting, overwriting the one given by the
question
The entry insensitive style was also wrong.
https://bugzilla.gnome.org/show_bug.cgi?id=687113
For now we just use it to assign an identifier to modal modes in
which we want to allow some keybindings, but we don't use it for
any actual filtering; we'll start doing this shortly.
https://bugzilla.gnome.org/show_bug.cgi?id=688202
If I click on "Not listed?" in the login screen, I come to a username
field with two buttons: "Cancel" and "Sign In".
Clicking on "Sign In" doesn't actually sign me in though - it takes me
to the login entry. It would be better to rename "Sign In" to "Next" for
the username stage, therefore.
Gdm emit a signal to ask a question or a secret, but we can not know if
this is the last authentication question, hence we only use "Sign In"
for secret questions which improve the situation a lot.
https://bugzilla.gnome.org/show_bug.cgi?id=687656
In some deployments showing a user list at the login
screen is undesirable.
GDM's fallback login screen has a configuration key:
org.gnome.login-screen disable-user-list false
that causes the user-list to get hidden.
This commit adds similar functionality to the normal,
shell-based login screen.
Based on a series of patches by Marius Rieder.
https://bugzilla.gnome.org/show_bug.cgi?id=660660
Right now when a user clicks "Not Listed?" they end up
seeing a session list that gets reset after they enter their
username.
This commit hides the session list until the username has
been entered.
https://bugzilla.gnome.org/show_bug.cgi?id=660660
For the "Not Listed?" case we will need to be able
to identify when the user has entered their username.
Once we have a way of tracking when the username is
entered, we can then defer showing the session list
too early, before the user can reliably pick a
session.
This username tracking will also be important for
implementing a disable-user-list configuration key.
If the config key gets toggled off at runtime, we'll
need to know if we're at a disruptive part of
the authentication process or not, so we know whether
we can can expose the user list right away, or wait
until the authentication conversation finishes.
Right now, we pass null in for an initial username,
and let the PAM machinery ask the user, which means we
have no good way of knowing when the username is entered.
This commit changes the "Not Listed?" code to ask the
user their username up front, before starting the PAM
conversation in much the same way we do if the user
picks a user from the user list.
https://bugzilla.gnome.org/show_bug.cgi?id=660660
You can't login until something has been entered in the password field.
We should therefore make the login button insensitive until you have
entered some text.
https://bugzilla.gnome.org/show_bug.cgi?id=687112
If it is updated after checking, it counts the number of failures
not including the current one, so it allows one extra attempt. Instead,
by updating it before checking, we get the expected result of dropping the
curtain at the third password.
https://bugzilla.gnome.org/show_bug.cgi?id=687132
When the user has the entered the password for the second time
and clicked OK, clear messages from the previous attempt, so any
new failure is shown clearly.
https://bugzilla.gnome.org/show_bug.cgi?id=687132
GDM has a 'logo' key in its schema to allow distributors to add
some branding. It is currently placed above the user list, which
no longer works too well since the login screen lost its dialog
window. Display the logo in the top-left corner instead of the
Activities button instead.
https://bugzilla.gnome.org/show_bug.cgi?id=685852
Check an environment variable, GDM_GREETER_TEST. If 1, LoginDialog will
skip anything that fails outside a GDM session.
It is therefore possible to test the GDM greeter without installing it
system-wide, by attempting login as the already logged in user (uses the
same code path as the unlock dialog).
https://bugzilla.gnome.org/show_bug.cgi?id=683725
GDM's GSettings schema contains a 'disable-restart-buttons' key
that currently is only supported by the fallback greeter.
Implement support in the shell greeter as well.
https://bugzilla.gnome.org/show_bug.cgi?id=686247
Adding a group to the Ctrl-Alt-Tab popup will also add it to the
focus manager. Due to that, we currently end up with two focus
groups added for the login dialog - an explicit one for the entire
dialog, and an implicit one for the main content group.
When doing keynav, we ascend in the widget hierarchy from the
currently focused actor until we find a valid focus root, so
adding a children of the dialog as focus root breaks keynav to
any actors that are not inside the main content group.
The simple fix is to use the same group in both cases.
https://bugzilla.gnome.org/show_bug.cgi?id=684730
Now that we use a different text style for the username depending on
whether the user list is expanded or not, changing the :expanded style
before the actual transition looks disruptive. Adding the style right
before fading in other items and removing it right after fading them
out gives a better result.
https://bugzilla.gnome.org/show_bug.cgi?id=685201
Currently the layout of the password prompt differs slightly between
login dialog and unlock screen - for the former, the prompt is
displayed next to the user avatar, replacing the user name, for
the latter, it is diplayed below both avatar and name.
https://bugzilla.gnome.org/show_bug.cgi?id=685201
_moveFocusToItems seems to be called to early causing
clutter_actor_grab_key_focus not to be called.
So queue another attempt with BEFORE_REDRAW priority when
this happens to make sure we actually move the focus sucessfully.
https://bugzilla.gnome.org/show_bug.cgi?id=684650
Currently the default action is performed twice when pressing Return
in the login dialog, once in response to the entry's 'activate' signal,
and again by activating the default button. Usually this is not a
problem, as the second invocation is simply ignored, however it breaks
the case where multiple consecutive questions are asked (e.g. username
and password in the 'Not listed' case).
Fix the problem by not handling the 'activate' signal at all.
https://bugzilla.gnome.org/show_bug.cgi?id=685511
Instead of leaving the login or unlock dialogs in an inconsistent state,
catch DBus errors and show an Authentication Error message. The error
details are logged in the session logs.
https://bugzilla.gnome.org/show_bug.cgi?id=683060
commit e333263fd6 changed fingerprint.js
to not throw an exception when fprintd is uninstalled, by adding the
flags DO_NOT_LOAD_PROPERTIES and DO_NOT_AUTO_START
DO_NOT_LOAD_PROPERTIES is correct. Loading the properties is what makes
it fail at initialization time when not installed. DO_NOT_AUTO_START is
not correct though. It means fprintd will never get activated implicitly
when we need it.
This commit removes DO_NOT_AUTO_START thus making fprintd start when we
need it, but not fail at initialization time when not around.
https://bugzilla.gnome.org/show_bug.cgi?id=683131
Instead of showing a notification, add a small message immediately
below the entry, and give the user two more attempts to login,
before going back to the welcome or lock screen.
https://bugzilla.gnome.org/show_bug.cgi?id=682544
Ensure that all async callbacks check and ignore G_IO_ERROR_CANCELLED.
Ensure that all runs of authentication have their own GCancellable, so
that .begin() can be called multiple times on the same user verifier.
Check for fingerprint reader when beginning authentication, and not
when reset by GDM.
https://bugzilla.gnome.org/show_bug.cgi?id=682544
Otherwise the second attempt tot login after pressing "escape" key
on the login "freeze" and raise an exception about IOError operation
cancelled.
https://bugzilla.gnome.org/show_bug.cgi?id=681537
The fingerprint message is useful for users that click their
names in the user list to let them know if fingerprint login
is available.
This same place on screen (below the login entry) can potentially
be used for other messages as well.
This commit changes the variable and style names surrounding
this feature to be more generic.
A subsequent commit will leverage this functionality to provide
a hint on how to log in to the local enterprise domain controller
(if relevant).
https://bugzilla.gnome.org/show_bug.cgi?id=681975
Various code around had different paths for ConsoleKit and
logind. Consolidate it by making an abstract class that all
callers can use, which hides the implementation details of the
two daemons.
https://bugzilla.gnome.org/show_bug.cgi?id=682096
In preparation for accessing it in the screenshield, factor out
common code for ConsoleKit and Systemd.
Also, clean up ConsoleKit manager, as the daemon is required in
a non systemd installation. In particular:
- We allow it to be autostarted at session startup (or really,
we expect it to be already there, started by GDM during session
opening).
- We no longer silently assume that the session is active if
it can't start.
https://bugzilla.gnome.org/show_bug.cgi?id=682096
GetUserVerifier can only be called from the greeter session,
and fails with AccessDenied in all other cases. Also, calling it
hides the real error from OpenReauthenticationChannel, which
instead should be logged.
https://bugzilla.gnome.org/show_bug.cgi?id=680750
Unlike the fallback gdm UI, we do not indicate in the user list
whether a user already has an open session or not. This information
is useful, so use a spotlight effect similar to the running-app
indicator to mark logged in users.
https://bugzilla.gnome.org/show_bug.cgi?id=658185
We want to style user list items differently depending on whether
the list is expanded or shrunk; instead of manually updating the
items' style, we can just expose the :expanded style on the list
itself and use that in the CSS.
https://bugzilla.gnome.org/show_bug.cgi?id=658185