public/gpupdate
1
0
Fork 1
mirror of https://github.com/altlinux/gpupdate.git synced 2025-03-21 18:50:38 +03:00
Code Releases Wiki Activity

Added new templates for generating polkit rules

Browse Source
This commit is contained in:
Valery Sinelnikov 2022-11-09 16:15:54 +04:00
parent 249d3a6caa
commit 5bd64352f1
2 changed files with 126 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
gpoa/templates/48-group_policy_permissions_user.rules.j2 Normal file
View File

@ -0,0 +1,63 @@
{#
# GPOA - GPO Applier for Linux
#
# Copyright (C) 2019-2022 BaseALT Ltd.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#}
{% if res_no|length %}
polkit.addRule(function (action, subject) {
if ({% for res in res_no -%}
action.id == "{{res}}" {% if res_no|length == loop.index %}&&{% else %}||{% endif %}
{% endfor %}subject.user == "{{User}}") {
return polkit.Result.NO;
}
});{% endif %}{% if res_yes|length %}
polkit.addRule(function (action, subject) {
if ({% for res in res_yes -%}
action.id == "{{res}}" {% if res_yes|length == loop.index %}&&{% else %}||{% endif %}
{% endfor %}subject.user == "{{User}}") {
return polkit.Result.YES;
}
});{% endif %}{% if res_auth_self|length %}
polkit.addRule(function (action, subject) {
if ({% for res in res_auth_self -%}
action.id == "{{res}}" {% if res_auth_self|length == loop.index %}&&{% else %}||{% endif %}
{% endfor %}subject.user == "{{User}}") {
return polkit.Result.AUTH_SELF;
}
});{% endif %}{% if res_auth_admin|length %}
polkit.addRule(function (action, subject) {
if ({% for res in res_auth_admin -%}
action.id == "{{res}}" {% if res_auth_admin|length == loop.index %}&&{% else %}||{% endif %}
{% endfor %}subject.user == "{{User}}") {
return polkit.Result.AUTH_ADMIN;
}
});{% endif %}{% if res_auth_self_keep|length %}
polkit.addRule(function (action, subject) {
if ({% for res in res_auth_self_keep -%}
action.id == "{{res}}" {% if res_auth_self_keep|length == loop.index %}&&{% else %}||{% endif %}
{% endfor %}subject.user == "{{User}}") {
return polkit.Result.AUTH_SELF_KEEP;
}
});{% endif %}{% if res_auth_admin_keep|length %}
polkit.addRule(function (action, subject) {
if ({% for res in res_auth_admin_keep -%}
action.id == "{{res}}" {% if res_auth_admin_keep|length == loop.index %}&&{% else %}||{% endif %}
{% endfor %}subject.user == "{{User}}") {
return polkit.Result.AUTH_ADMIN_KEEP;
}
});
{% endif %}

63
gpoa/templates/49-group_policy_permissions.rules.j2 Normal file
View File

@ -0,0 +1,63 @@
{#
# GPOA - GPO Applier for Linux
#
# Copyright (C) 2019-2022 BaseALT Ltd.
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#}
{% if res_no|length %}
polkit.addRule(function (action, subject) {
if ({% for res in res_no -%}
action.id == "{{res}}"{% if res_no|length == loop.index %}){ {% else %} ||{% endif %}
{% endfor %} return polkit.Result.NO;
}
});
{% endif %}{% if res_yes|length %}
polkit.addRule(function (action, subject) {
if ({% for res in res_yes -%}
action.id == "{{res}}"{% if res_yes|length == loop.index %}){ {% else %} ||{% endif %}
{% endfor %} return polkit.Result.YES;
}
});
{% endif %}{% if res_auth_self|length %}
polkit.addRule(function (action, subject) {
if ({% for res in res_auth_self -%}
action.id == "{{res}}"{% if res_auth_self|length == loop.index %}){ {% else %} ||{% endif %}
{% endfor %} return polkit.Result.AUTH_SELF;
}
});
{% endif %}{% if res_auth_admin|length %}
polkit.addRule(function (action, subject) {
if ({% for res in res_auth_admin -%}
action.id == "{{res}}"{% if res_auth_admin|length == loop.index %}){ {% else %} ||{% endif %}
{% endfor %} return polkit.Result.AUTH_ADMIN;
}
});
{% endif %}{% if res_auth_self_keep|length %}
polkit.addRule(function (action, subject) {
if ({% for res in res_auth_self_keep -%}
action.id == "{{res}}"{% if res_auth_self_keep|length == loop.index %}){ {% else %} ||{% endif %}
{% endfor %} return polkit.Result.AUTH_SELF_KEEP;
}
});
{% endif %}{% if res_auth_admin_keep|length %}
polkit.addRule(function (action, subject) {
if ({% for res in res_auth_self_keep -%}
action.id == "{{res}}"{% if res_auth_self_keep|length == loop.index %}){ {% else %} ||{% endif %}
{% endfor %} return polkit.Result.AUTH_ADMIN_KEEP;
}
});
{% endif %}