gnome-control-center/gcc-private-connection.patch

From 92c236ea488f8d774a876f1e6ece410b5c920173 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <chingpang@gmail.com>
Date: Tue, 14 Feb 2012 18:41:51 +0800
Subject: [PATCH] network: create private connections if the user if not
 authorized

This commit checks whether the polkit policy allows the user to
create a system connection without authentication. If not, create
private connections.

https://bugzilla.gnome.org/show_bug.cgi?id=646187
---
 configure.ac                      |    3 +-
 panels/network/cc-network-panel.c |   72 ++++++++++++++++++++++++++++++++++++-
 panels/network/cc-network-panel.h |    2 +
 panels/network/network-dialogs.c  |   16 ++++++++
 4 files changed, 91 insertions(+), 2 deletions(-)

Index: gnome-control-center-3.5.91/configure.ac
===================================================================
--- gnome-control-center-3.5.91.orig/configure.ac
+++ gnome-control-center-3.5.91/configure.ac
@@ -136,7 +136,8 @@ PKG_CHECK_MODULES(KEYBOARD_PANEL, $COMMO
 PKG_CHECK_MODULES(MEDIA_PANEL, $COMMON_MODULES)
 PKG_CHECK_MODULES(MOUSE_PANEL, $COMMON_MODULES xi >= 1.2
                   gnome-settings-daemon >= $GSD_REQUIRED_VERSION x11)
-PKG_CHECK_MODULES(NETWORK_PANEL, $COMMON_MODULES)
+PKG_CHECK_MODULES(NETWORK_PANEL, $COMMON_MODULES
+		  polkit-gobject-1 >= $POLKIT_REQUIRED_VERSION)
 PKG_CHECK_MODULES(ONLINE_ACCOUNTS_PANEL, $COMMON_MODULES goa-1.0 goa-backend-1.0 >= $GOA_REQUIRED_VERSION)
 PKG_CHECK_MODULES(POWER_PANEL, $COMMON_MODULES upower-glib >= 0.9.1
                   gnome-settings-daemon >= $GSD_REQUIRED_VERSION)
Index: gnome-control-center-3.5.91/panels/network/cc-network-panel.c
===================================================================
--- gnome-control-center-3.5.91.orig/panels/network/cc-network-panel.c
+++ gnome-control-center-3.5.91/panels/network/cc-network-panel.c
@@ -23,6 +23,8 @@
 #include <glib/gi18n.h>
 #include <stdlib.h>
 
+#include <polkit/polkit.h>
+
 #include "cc-network-panel.h"
 
 #include "nm-remote-settings.h"
@@ -73,6 +75,9 @@ struct _CcNetworkPanelPrivate
         gchar            *arg_device;
         gchar            *arg_access_point;
         gboolean          operation_done;
+
+        /* polkit authentication check */
+        gboolean          default_private;
 };
 
 enum {
@@ -1027,6 +1032,9 @@ cc_network_panel_init (CcNetworkPanel *p
         GtkTreeSelection *selection;
         GtkWidget *widget;
         GtkWidget *toplevel;
+        PolkitSubject    *subject;
+        PolkitAuthority  *authority;
+        PolkitAuthorizationResult *result;
 
         panel->priv = NETWORK_PANEL_PRIVATE (panel);
 
@@ -1112,6 +1120,28 @@ cc_network_panel_init (CcNetworkPanel *p
 
         /* add kill switch widgets when dialog activated */
         panel->priv->add_header_widgets_idle = g_idle_add (network_add_shell_header_widgets_cb, panel);
+
+	/* check the polkit authentication */
+	panel->priv->default_private = TRUE;
+	authority = polkit_authority_get_sync (NULL, NULL);
+	subject = polkit_unix_process_new (getpid ());
+	result = polkit_authority_check_authorization_sync (authority,
+			                                    subject,
+							    "org.freedesktop.NetworkManager.settings.modify.system",
+							    NULL,
+							    POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE,
+							    NULL,
+							    &error);
+	if (error || !result) {
+		g_warning ("Failed to check polkit authorization! %s",
+				error->message);
+		g_clear_error (&error);
+	} else if (polkit_authorization_result_get_is_authorized (result)) {
+		panel->priv->default_private = FALSE;
+	}
+	g_object_unref (result);
+	g_object_unref (authority);
+	g_object_unref (subject);
 }
 
 void
@@ -1122,3 +1152,9 @@ cc_network_panel_register (GIOModule *mo
                                         CC_TYPE_NETWORK_PANEL,
                                         "network", 0);
 }
+
+gboolean
+cc_network_panel_get_default_private (CcNetworkPanel *panel)
+{
+        return panel->priv->default_private;
+}
Index: gnome-control-center-3.5.91/panels/network/cc-network-panel.h
===================================================================
--- gnome-control-center-3.5.91.orig/panels/network/cc-network-panel.h
+++ gnome-control-center-3.5.91/panels/network/cc-network-panel.h
@@ -67,6 +67,8 @@ GType cc_network_panel_get_type (void) G
 
 void  cc_network_panel_register (GIOModule *module);
 
+gboolean cc_network_panel_get_default_private (CcNetworkPanel *panel);
+
 G_END_DECLS
 
 #endif /* _CC_NETWORK_PANEL_H */
Index: gnome-control-center-3.5.91/panels/network/network-dialogs.c
===================================================================
--- gnome-control-center-3.5.91.orig/panels/network/network-dialogs.c
+++ gnome-control-center-3.5.91/panels/network/network-dialogs.c
@@ -41,6 +41,7 @@ typedef struct {
         NMClient *client;
         NMRemoteSettings *settings;
         NMDevice *device;
+        gboolean default_private;
 } MobileDialogClosure;
 
 static void
@@ -288,6 +289,8 @@ cc_network_panel_connect_to_8021x_networ
         uuid = nm_utils_uuid_generate ();
         g_object_set (s_con, NM_SETTING_CONNECTION_UUID, uuid, NULL);
         g_free (uuid);
+        if (cc_network_panel_get_default_private (panel))
+                nm_setting_connection_add_permission (s_con, "user", g_get_user_name(), NULL);
         nm_connection_add_setting (connection, NM_SETTING (s_con));
 
         s_wifi = (NMSettingWireless *) nm_setting_wireless_new ();
@@ -345,6 +348,7 @@ cdma_mobile_wizard_done (NMAMobileWizard
 	if (!canceled && method) {
 		NMSetting *setting;
 		char *uuid, *id;
+		MobileDialogClosure *closure = user_data;
 
 		if (method->devtype != NM_DEVICE_MODEM_CAPABILITY_CDMA_EVDO) {
 			g_warning ("Unexpected device type (not CDMA).");
@@ -388,6 +392,11 @@ cdma_mobile_wizard_done (NMAMobileWizard
 		              NULL);
 		g_free (uuid);
 		g_free (id);
+		if (closure->default_private)
+			nm_setting_connection_add_permission ((NMSettingConnection *)setting,
+			                                      "user",
+                                                              g_get_user_name(),
+			                                      NULL);
 		nm_connection_add_setting (connection, setting);
 	}
 
@@ -407,6 +416,7 @@ gsm_mobile_wizard_done (NMAMobileWizard
 	if (!canceled && method) {
 		NMSetting *setting;
 		char *uuid, *id;
+		MobileDialogClosure *closure = user_data;
 
 		if (method->devtype != NM_DEVICE_MODEM_CAPABILITY_GSM_UMTS) {
 			g_warning ("Unexpected device type (not GSM).");
@@ -451,6 +461,11 @@ gsm_mobile_wizard_done (NMAMobileWizard
 		              NULL);
 		g_free (uuid);
 		g_free (id);
+		if (closure->default_private)
+			nm_setting_connection_add_permission ((NMSettingConnection *)setting,
+			                                      "user",
+                                                              g_get_user_name(),
+			                                      NULL);
 		nm_connection_add_setting (connection, setting);
 	}
 
@@ -480,6 +495,7 @@ cc_network_panel_connect_to_3g_network (
         closure->client = g_object_ref (client);
         closure->settings = g_object_ref (settings);
         closure->device = g_object_ref (device);
+        closure->default_private = cc_network_panel_get_default_private (panel);
 
 	caps = nm_device_modem_get_current_capabilities (NM_DEVICE_MODEM (device));
 	if (caps & NM_DEVICE_MODEM_CAPABILITY_GSM_UMTS) {
Index: gnome-control-center-3.5.91/panels/network/net-device-wifi.c
===================================================================
--- gnome-control-center-3.5.91.orig/panels/network/net-device-wifi.c
+++ gnome-control-center-3.5.91/panels/network/net-device-wifi.c
@@ -977,6 +977,9 @@ wireless_try_to_connect (NetDeviceWifi *
         NMSettingWireless *setting_wireless;
         NMRemoteSettings *remote_settings;
         NMClient *client;
+        CcNetworkPanel *panel;
+        NMConnection *partial = NULL;
+        NMSettingConnection *setting_con;
 
         if (device_wifi->priv->updating_device)
                 goto out;
@@ -1038,8 +1041,20 @@ wireless_try_to_connect (NetDeviceWifi *
         /* create one, as it's missing */
         g_debug ("no existing connection found for %s, creating",
                  ssid_target);
+
+        panel = net_object_get_panel (NET_OBJECT (device_wifi));
+        if (cc_network_panel_get_default_private (panel)) {
+                partial = nm_connection_new ();
+                setting_con = (NMSettingConnection *)nm_setting_connection_new ();
+                nm_connection_add_setting (partial, NM_SETTING (setting_con));
+                nm_setting_connection_add_permission (setting_con,
+                                                      "user",
+                                                      g_get_user_name(),
+                                                      NULL);
+        }
+
         nm_client_add_and_activate_connection (client,
-                                               NULL,
+                                               partial,
                                                device, object_path,
                                                connection_add_activate_cb, device_wifi);
 out:
@@ -1296,6 +1311,7 @@ start_shared_connection (NetDeviceWifi *
         GSList *l;
         NMClient *client;
         NMRemoteSettings *remote_settings;
+        CcNetworkPanel *panel;
 
         device = net_device_get_nm_device (NET_DEVICE (device_wifi));
         g_assert (nm_device_get_device_type (device) == NM_DEVICE_TYPE_WIFI);
@@ -1335,6 +1351,14 @@ start_shared_connection (NetDeviceWifi *
                       "id", "Hotspot",
                       "autoconnect", FALSE,
                       NULL);
+
+        panel = net_object_get_panel (NET_OBJECT (device_wifi));
+        if (cc_network_panel_get_default_private (panel))
+                nm_setting_connection_add_permission (sc,
+                                                      "user",
+                                                      g_get_user_name(),
+                                                      NULL);
+
         nm_connection_add_setting (c, (NMSetting *)sc);
 
         sw = (NMSettingWireless *)nm_setting_wireless_new ();