diff options
| author | Dan Williams <dcbw@redhat.com> | 2010-03-01 09:15:01 -0800 |
|---|---|---|
| committer | Dan Williams <dcbw@redhat.com> | 2010-03-01 09:15:01 -0800 |
| commit | a9ef8cb1759f25ee26f8015aa2e45a2bd3cd2da7 (patch) | |
| tree | 801a638927d7b66676e372a97d37bbf1e6cea860 | |
| parent | 9d7cb0ddcf69993903c5bc51bbbfbd3a57f55413 (diff) | |
policy: split Device into Info and Control
It's useful to let distros and admins set policy differently for device
information (for support, inventory, etc) than for actually controlling
the device like PIN/PUK unlocks.
| -rw-r--r-- | policy/org.freedesktop.modem-manager.policy.in | 15 | ||||
| -rw-r--r-- | src/mm-auth-provider.h | 7 | ||||
| -rw-r--r-- | src/mm-modem-cdma.c | 2 | ||||
| -rw-r--r-- | src/mm-modem-gsm-card.c | 12 | ||||
| -rw-r--r-- | src/mm-modem-gsm-network.c | 2 |
5 files changed, 24 insertions, 14 deletions
diff --git a/policy/org.freedesktop.modem-manager.policy.in b/policy/org.freedesktop.modem-manager.policy.in index 1c6f214c..6ac75f4c 100644 --- a/policy/org.freedesktop.modem-manager.policy.in +++ b/policy/org.freedesktop.modem-manager.policy.in @@ -9,9 +9,18 @@ <vendor_url>http://www.freedesktop.org/wiki/ModemManager</vendor_url> <icon_name>modem-manager</icon_name> - <action id="org.freedesktop.ModemManager.Device"> - <_description>Unlock and retrieve mobile broadband device information</_description> - <_message>System policy prevents unlocking the device or requesting information from it.</_message> + <action id="org.freedesktop.ModemManager.Device.Control"> + <_description>Unlock and control a mobile broadband device</_description> + <_message>System policy prevents unlocking or controlling the mobile broadband device.</_message> + <defaults> + <allow_inactive>no</allow_inactive> + <allow_active>auth_self_keep</allow_active> + </defaults> + </action> + + <action id="org.freedesktop.ModemManager.Device.Info"> + <_description>Request mobile broadband device identifying information</_description> + <_message>System policy prevents requesting identifying information from the mobile broadband device.</_message> <defaults> <allow_inactive>no</allow_inactive> <allow_active>auth_self_keep</allow_active> diff --git a/src/mm-auth-provider.h b/src/mm-auth-provider.h index 94edc44d..c5fc961b 100644 --- a/src/mm-auth-provider.h +++ b/src/mm-auth-provider.h @@ -22,9 +22,10 @@ #include "mm-auth-request.h" /* Authorizations */ -#define MM_AUTHORIZATION_DEVICE "org.freedesktop.ModemManager.Device" -#define MM_AUTHORIZATION_CONTACTS "org.freedesktop.ModemManager.Contacts" -#define MM_AUTHORIZATION_SMS "org.freedesktop.ModemManager.SMS" +#define MM_AUTHORIZATION_DEVICE_INFO "org.freedesktop.ModemManager.Device.Info" +#define MM_AUTHORIZATION_DEVICE_CONTROL "org.freedesktop.ModemManager.Device.Control" +#define MM_AUTHORIZATION_CONTACTS "org.freedesktop.ModemManager.Contacts" +#define MM_AUTHORIZATION_SMS "org.freedesktop.ModemManager.SMS" /******************/ diff --git a/src/mm-modem-cdma.c b/src/mm-modem-cdma.c index 1a4fe6a2..e80dc4e2 100644 --- a/src/mm-modem-cdma.c +++ b/src/mm-modem-cdma.c @@ -212,7 +212,7 @@ impl_modem_cdma_get_esn (MMModemCdma *self, DBusGMethodInvocation *context) /* Make sure the caller is authorized to get the ESN */ if (!mm_modem_auth_request (MM_MODEM (self), - MM_AUTHORIZATION_DEVICE, + MM_AUTHORIZATION_DEVICE_INFO, context, esn_auth_cb, NULL, diff --git a/src/mm-modem-gsm-card.c b/src/mm-modem-gsm-card.c index 9881871c..f4a5138f 100644 --- a/src/mm-modem-gsm-card.c +++ b/src/mm-modem-gsm-card.c @@ -225,7 +225,7 @@ impl_gsm_modem_get_imei (MMModemGsmCard *modem, DBusGMethodInvocation *context) /* Make sure the caller is authorized to get the IMEI */ if (!mm_modem_auth_request (MM_MODEM (modem), - MM_AUTHORIZATION_DEVICE, + MM_AUTHORIZATION_DEVICE_INFO, context, imei_auth_cb, NULL, @@ -262,7 +262,7 @@ impl_gsm_modem_get_imsi (MMModemGsmCard *modem, DBusGMethodInvocation *context) /* Make sure the caller is authorized to get the IMSI */ if (!mm_modem_auth_request (MM_MODEM (modem), - MM_AUTHORIZATION_DEVICE, + MM_AUTHORIZATION_DEVICE_INFO, context, imsi_auth_cb, NULL, @@ -343,7 +343,7 @@ impl_gsm_modem_send_puk (MMModemGsmCard *modem, /* Make sure the caller is authorized to send the PUK */ if (!mm_modem_auth_request (MM_MODEM (modem), - MM_AUTHORIZATION_DEVICE, + MM_AUTHORIZATION_DEVICE_CONTROL, context, send_puk_auth_cb, info, @@ -386,7 +386,7 @@ impl_gsm_modem_send_pin (MMModemGsmCard *modem, /* Make sure the caller is authorized to unlock the modem */ if (!mm_modem_auth_request (MM_MODEM (modem), - MM_AUTHORIZATION_DEVICE, + MM_AUTHORIZATION_DEVICE_CONTROL, context, send_pin_auth_cb, info, @@ -430,7 +430,7 @@ impl_gsm_modem_enable_pin (MMModemGsmCard *modem, /* Make sure the caller is authorized to enable a PIN */ if (!mm_modem_auth_request (MM_MODEM (modem), - MM_AUTHORIZATION_DEVICE, + MM_AUTHORIZATION_DEVICE_CONTROL, context, enable_pin_auth_cb, info, @@ -474,7 +474,7 @@ impl_gsm_modem_change_pin (MMModemGsmCard *modem, /* Make sure the caller is authorized to change the PIN */ if (!mm_modem_auth_request (MM_MODEM (modem), - MM_AUTHORIZATION_DEVICE, + MM_AUTHORIZATION_DEVICE_CONTROL, context, change_pin_auth_cb, info, diff --git a/src/mm-modem-gsm-network.c b/src/mm-modem-gsm-network.c index bf52b942..f332f580 100644 --- a/src/mm-modem-gsm-network.c +++ b/src/mm-modem-gsm-network.c @@ -422,7 +422,7 @@ impl_gsm_modem_scan (MMModemGsmNetwork *modem, /* Make sure the caller is authorized to request a scan */ if (!mm_modem_auth_request (MM_MODEM (modem), - MM_AUTHORIZATION_DEVICE, + MM_AUTHORIZATION_DEVICE_CONTROL, context, scan_auth_cb, NULL, |