polkitAgent: Use dialog as confirmation when the user has no password
When a user has no password and a polkit authentication is started, instead of blindly initiating the admin session, the regular "Authentication Requested" dialog is shown (but without the password entry). This means that the user's admin session is only effectively started after the user chooses to proceed with the authentication which provides an extra confirmation step that can be vital for critical tasks. Ideally we should use a different wording than "authentication" when the user has no password set, and use "confirmation" instead. However polkit already sends the requests with such messages (e.g. "Authentication is required to configure software repositories"), and it's important to show those to the user, so this patch keeps the regular wording.
This commit is contained in:
parent
7f8a1ec1fb
commit
903036e244
@ -27,6 +27,11 @@ var WORK_SPINNER_ICON_SIZE = 16;
|
|||||||
var WORK_SPINNER_ANIMATION_DELAY = 1.0;
|
var WORK_SPINNER_ANIMATION_DELAY = 1.0;
|
||||||
var WORK_SPINNER_ANIMATION_TIME = 0.3;
|
var WORK_SPINNER_ANIMATION_TIME = 0.3;
|
||||||
|
|
||||||
|
const DialogMode = {
|
||||||
|
AUTH: 0,
|
||||||
|
CONFIRM: 1
|
||||||
|
};
|
||||||
|
|
||||||
var AuthenticationDialog = new Lang.Class({
|
var AuthenticationDialog = new Lang.Class({
|
||||||
Name: 'AuthenticationDialog',
|
Name: 'AuthenticationDialog',
|
||||||
Extends: ModalDialog.ModalDialog,
|
Extends: ModalDialog.ModalDialog,
|
||||||
@ -59,10 +64,6 @@ var AuthenticationDialog = new Lang.Class({
|
|||||||
|
|
||||||
this._user = AccountsService.UserManager.get_default().get_user(userName);
|
this._user = AccountsService.UserManager.get_default().get_user(userName);
|
||||||
let userRealName = this._user.get_real_name()
|
let userRealName = this._user.get_real_name()
|
||||||
this._userLoadedId = this._user.connect('notify::is_loaded',
|
|
||||||
Lang.bind(this, this._onUserChanged));
|
|
||||||
this._userChangedId = this._user.connect('changed',
|
|
||||||
Lang.bind(this, this._onUserChanged));
|
|
||||||
|
|
||||||
// Special case 'root'
|
// Special case 'root'
|
||||||
let userIsRoot = false;
|
let userIsRoot = false;
|
||||||
@ -98,10 +99,14 @@ var AuthenticationDialog = new Lang.Class({
|
|||||||
y_align: St.Align.MIDDLE });
|
y_align: St.Align.MIDDLE });
|
||||||
}
|
}
|
||||||
|
|
||||||
this._onUserChanged();
|
|
||||||
|
|
||||||
this._passwordBox = new St.BoxLayout({ vertical: false, style_class: 'prompt-dialog-password-box' });
|
this._passwordBox = new St.BoxLayout({ vertical: false, style_class: 'prompt-dialog-password-box' });
|
||||||
content.messageBox.add(this._passwordBox);
|
content.messageBox.add(this._passwordBox);
|
||||||
|
|
||||||
|
// onUserChanged needs to be called after we have the _passwordBox set
|
||||||
|
this._user.connect('notify::is_loaded', Lang.bind(this, this._onUserChanged));
|
||||||
|
this._user.connect('changed', Lang.bind(this, this._onUserChanged));
|
||||||
|
this._onUserChanged();
|
||||||
|
|
||||||
this._passwordLabel = new St.Label(({ style_class: 'prompt-dialog-password-label' }));
|
this._passwordLabel = new St.Label(({ style_class: 'prompt-dialog-password-label' }));
|
||||||
this._passwordBox.add(this._passwordLabel, { y_fill: false, y_align: St.Align.MIDDLE });
|
this._passwordBox.add(this._passwordLabel, { y_fill: false, y_align: St.Align.MIDDLE });
|
||||||
this._passwordEntry = new St.Entry({ style_class: 'prompt-dialog-password-entry',
|
this._passwordEntry = new St.Entry({ style_class: 'prompt-dialog-password-entry',
|
||||||
@ -182,7 +187,7 @@ var AuthenticationDialog = new Lang.Class({
|
|||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
|
||||||
performAuthentication: function() {
|
_initiateSession: function() {
|
||||||
this.destroySession();
|
this.destroySession();
|
||||||
this._session = new PolkitAgent.Session({ identity: this._identityToAuth,
|
this._session = new PolkitAgent.Session({ identity: this._identityToAuth,
|
||||||
cookie: this._cookie });
|
cookie: this._cookie });
|
||||||
@ -193,6 +198,12 @@ var AuthenticationDialog = new Lang.Class({
|
|||||||
this._session.initiate();
|
this._session.initiate();
|
||||||
},
|
},
|
||||||
|
|
||||||
|
performAuthentication: function() {
|
||||||
|
if (this._mode == DialogMode.AUTH)
|
||||||
|
this._initiateSession();
|
||||||
|
this._ensureOpen();
|
||||||
|
},
|
||||||
|
|
||||||
_ensureOpen: function() {
|
_ensureOpen: function() {
|
||||||
// NOTE: ModalDialog.open() is safe to call if the dialog is
|
// NOTE: ModalDialog.open() is safe to call if the dialog is
|
||||||
// already open - it just returns true without side-effects
|
// already open - it just returns true without side-effects
|
||||||
@ -243,7 +254,10 @@ var AuthenticationDialog = new Lang.Class({
|
|||||||
},
|
},
|
||||||
|
|
||||||
_onAuthenticateButtonPressed: function() {
|
_onAuthenticateButtonPressed: function() {
|
||||||
this._onEntryActivate();
|
if (this._mode == DialogMode.CONFIRM)
|
||||||
|
this._initiateSession();
|
||||||
|
else
|
||||||
|
this._onEntryActivate();
|
||||||
},
|
},
|
||||||
|
|
||||||
_onSessionCompleted: function(session, gainedAuthorization) {
|
_onSessionCompleted: function(session, gainedAuthorization) {
|
||||||
@ -329,6 +343,13 @@ var AuthenticationDialog = new Lang.Class({
|
|||||||
this._userAvatar.update();
|
this._userAvatar.update();
|
||||||
this._userAvatar.actor.show();
|
this._userAvatar.actor.show();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (this._user.get_password_mode() == AccountsService.UserPasswordMode.NONE) {
|
||||||
|
this._mode = DialogMode.CONFIRM;
|
||||||
|
this._passwordBox.hide();
|
||||||
|
} else {
|
||||||
|
this._mode = DialogMode.AUTH;
|
||||||
|
}
|
||||||
},
|
},
|
||||||
|
|
||||||
cancel: function() {
|
cancel: function() {
|
||||||
|
Loading…
Reference in New Issue
Block a user