bus-polkit: move verification to a separate function

2025-01-11 09:18:07 +03:00 · 2023-02-03 14:05:46 +01:00 · 2023-02-03 14:05:46 +01:00 · d2c50a176d
commit d2c50a176d
parent bc8187f75a
1 changed files with 58 additions and 42 deletions
--- a/src/shared/bus-polkit.c
+++ b/src/shared/bus-polkit.c
@ -246,43 +246,29 @@ fail:
        return r;
 }

-#endif
-
-int bus_verify_polkit_async(
+static int process_polkit_response(
+                AsyncPolkitQuery *q,
                sd_bus_message *call,
-                int capability,
                const char *action,
                const char **details,
-                bool interactive,
-                uid_t good_user,
                Hashmap **registry,
                sd_bus_error *ret_error) {

-        const char *sender;
-        int r;
+        int authorized, challenge, r;

+        assert(q);
        assert(call);
        assert(action);
        assert(registry);
+        assert(ret_error);

-        r = check_good_user(call, good_user);
-        if (r != 0)
-                return r;
-
-#if ENABLE_POLKIT
-        AsyncPolkitQuery *q = hashmap_get(*registry, call);
-        if (q) {
-                int authorized, challenge;
-
-                /* This is the second invocation of this function, and there's already a response from
-                 * polkit, let's process it */
+        assert(q->action);
        assert(q->reply);

        /* If the operation we want to authenticate changed between the first and the second time,
         * let's not use this authentication, it might be out of date as the object and context we
         * operate on might have changed. */
-                if (!streq(q->action, action) ||
-                    !strv_equal(q->details, (char**) details))
+        if (!streq(q->action, action) || !strv_equal(q->details, (char**) details))
                return -ESTALE;

        if (sd_bus_message_is_method_error(q->reply, NULL)) {
@ -313,6 +299,36 @@ int bus_verify_polkit_async(

        return -EACCES;
 }
+
+#endif
+
+int bus_verify_polkit_async(
+                sd_bus_message *call,
+                int capability,
+                const char *action,
+                const char **details,
+                bool interactive,
+                uid_t good_user,
+                Hashmap **registry,
+                sd_bus_error *ret_error) {
+
+        const char *sender;
+        int r;
+
+        assert(call);
+        assert(action);
+        assert(registry);
+
+        r = check_good_user(call, good_user);
+        if (r != 0)
+                return r;
+
+#if ENABLE_POLKIT
+        AsyncPolkitQuery *q = hashmap_get(*registry, call);
+        /* This is the second invocation of this function, and there's already a response from
+         * polkit, let's process it */
+        if (q)
+                return process_polkit_response(q, call, action, details, registry, ret_error);
 #endif

        r = sd_bus_query_sender_privilege(call, capability);