common: Move flatpak_context_get_allowed_exports to FlatpakContext

This allows us to break a circular dependency between utils and context. Signed-off-by: Simon McVittie <[email protected]>
flatpak · May 3, 2024 · a01371c · a01371c
1 parent 74abbbe
commit a01371c
Show file tree

Hide file tree

Showing 6 changed files with 81 additions and 83 deletions.
diff --git a/app/flatpak-builtins-build-finish.c b/app/flatpak-builtins-build-finish.c
@@ -32,6 +32,7 @@
 
 #include "flatpak-builtins.h"
 #include "flatpak-context-private.h"
+#include "flatpak-dir-private.h"
 #include "flatpak-utils-private.h"
 #include "flatpak-run-private.h"
 
@@ -259,8 +260,8 @@ collect_exports (GFile *base,
  g_auto(GStrv) allowed_extensions = NULL;
  gboolean require_exact_match = FALSE;
 
- if (!flatpak_get_allowed_exports (path, app_id, arg_context,
- &allowed_extensions, &allowed_prefixes, &require_exact_match))
+ if (!flatpak_context_get_allowed_exports (arg_context, path, app_id,
+  &allowed_extensions, &allowed_prefixes, &require_exact_match))
  return flatpak_fail (error, "Unexpectedly not allowed to export %s", path);
 
  if (g_file_query_exists (src, cancellable))

diff --git a/common/flatpak-context-private.h b/common/flatpak-context-private.h
@@ -173,4 +173,11 @@ G_DEFINE_AUTOPTR_CLEANUP_FUNC (FlatpakContext, flatpak_context_free)
 GFile *flatpak_get_user_base_dir_location (void);
 GFile *flatpak_get_data_dir (const char *app_id);
 
+gboolean flatpak_context_get_allowed_exports (FlatpakContext *context,
+ const char *source_path,
+ const char *app_id,
+ char ***allowed_extensions_out,
+ char ***allowed_prefixes_out,
+ gboolean *require_exact_match_out);
+
 #endif /* __FLATPAK_CONTEXT_H__ */
diff --git a/common/flatpak-context.c b/common/flatpak-context.c
@@ -2972,3 +2972,72 @@ flatpak_context_append_bwrap_filesystem (FlatpakContext *context,
  xdg_dirs_conf, strlen (xdg_dirs_conf), path, NULL);
  }
 }
+
+gboolean
+flatpak_context_get_allowed_exports (FlatpakContext *context,
+ const char *source_path,
+ const char *app_id,
+ char ***allowed_extensions_out,
+ char ***allowed_prefixes_out,
+ gboolean *require_exact_match_out)
+{
+ g_autoptr(GPtrArray) allowed_extensions = g_ptr_array_new_with_free_func (g_free);
+ g_autoptr(GPtrArray) allowed_prefixes = g_ptr_array_new_with_free_func (g_free);
+ gboolean require_exact_match = FALSE;
+
+ g_ptr_array_add (allowed_prefixes, g_strdup_printf ("%s.*", app_id));
+
+ if (strcmp (source_path, "share/applications") == 0)
+ {
+ g_ptr_array_add (allowed_extensions, g_strdup (".desktop"));
+ }
+ else if (flatpak_has_path_prefix (source_path, "share/icons"))
+ {
+ g_ptr_array_add (allowed_extensions, g_strdup (".svgz"));
+ g_ptr_array_add (allowed_extensions, g_strdup (".png"));
+ g_ptr_array_add (allowed_extensions, g_strdup (".svg"));
+ g_ptr_array_add (allowed_extensions, g_strdup (".ico"));
+ }
+ else if (strcmp (source_path, "share/dbus-1/services") == 0)
+ {
+ g_auto(GStrv) owned_dbus_names = flatpak_context_get_session_bus_policy_allowed_own_names (context);
+
+ g_ptr_array_add (allowed_extensions, g_strdup (".service"));
+
+ for (GStrv iter = owned_dbus_names; *iter != NULL; ++iter)
+ g_ptr_array_add (allowed_prefixes, g_strdup (*iter));
+
+ /* We need an exact match with no extra garbage, because the filename refers to busnames
+ * and we can *only* match exactly these */
+ require_exact_match = TRUE;
+ }
+ else if (strcmp (source_path, "share/gnome-shell/search-providers") == 0)
+ {
+ g_ptr_array_add (allowed_extensions, g_strdup (".ini"));
+ }
+ else if (strcmp (source_path, "share/mime/packages") == 0)
+ {
+ g_ptr_array_add (allowed_extensions, g_strdup (".xml"));
+ }
+ else if (strcmp (source_path, "share/metainfo") == 0 ||
+ strcmp (source_path, "share/appdata") == 0)
+ {
+ g_ptr_array_add (allowed_extensions, g_strdup (".xml"));
+ }
+ else
+ return FALSE;
+
+ g_ptr_array_add (allowed_extensions, NULL);
+ g_ptr_array_add (allowed_prefixes, NULL);
+
+ if (allowed_extensions_out)
+ *allowed_extensions_out = (char **) g_ptr_array_free (g_steal_pointer (&allowed_extensions), FALSE);
+
+ if (allowed_prefixes_out)
+ *allowed_prefixes_out = (char **) g_ptr_array_free (g_steal_pointer (&allowed_prefixes), FALSE);
+
+ if (require_exact_match_out)
+ *require_exact_match_out = require_exact_match;
+
+ return TRUE;
+}
diff --git a/common/flatpak-dir.c b/common/flatpak-dir.c
@@ -7722,8 +7722,8 @@ rewrite_export_dir (const char *app,
  if (!glnx_dirfd_iterator_init_at (source_parent_fd, source_name, FALSE, &source_iter, error))
  goto out;
 
- exports_allowed = flatpak_get_allowed_exports (source_path, app, context,
- &allowed_extensions, &allowed_prefixes, &require_exact_match);
+ exports_allowed = flatpak_context_get_allowed_exports (context, source_path, app,
+  &allowed_extensions, &allowed_prefixes, &require_exact_match);
 
  visited_children = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL);
 

diff --git a/common/flatpak-utils-private.h b/common/flatpak-utils-private.h
@@ -24,12 +24,10 @@
 #include <string.h>
 
 #include "libglnx.h"
-#include <flatpak-common-types-private.h>
 #include <gio/gio.h>
 #include <gio/gunixfdlist.h>
 #include "flatpak-dbus-generated.h"
 #include "flatpak-document-dbus-generated.h"
-#include "flatpak-context-private.h"
 #include "flatpak-error.h"
 #include "flatpak-glib-backports-private.h"
 #include "flatpak-variant-private.h"
@@ -142,13 +140,6 @@ gboolean flatpak_var_ref_map_lookup_ref (VarRefMapRef ref_map,
  const char *ref,
  VarRefInfoRef *out_info);
 
-gboolean flatpak_get_allowed_exports (const char *source_path,
- const char *app_id,
- FlatpakContext *context,
- char ***allowed_extensions_out,
- char ***allowed_prefixes_out,
- gboolean *require_exact_match_out);
-
 FlatpakDecomposed *flatpak_find_current_ref (const char *app_id,
  GCancellable *cancellable,
  GError **error);

diff --git a/common/flatpak-utils.c b/common/flatpak-utils.c
@@ -643,76 +643,6 @@ flatpak_bwrap_is_unprivileged (void)
  (st.st_mode & S_ISUID) == 0;
 }
 
-gboolean
-flatpak_get_allowed_exports (const char *source_path,
- const char *app_id,
- FlatpakContext *context,
- char ***allowed_extensions_out,
- char ***allowed_prefixes_out,
- gboolean *require_exact_match_out)
-{
- g_autoptr(GPtrArray) allowed_extensions = g_ptr_array_new_with_free_func (g_free);
- g_autoptr(GPtrArray) allowed_prefixes = g_ptr_array_new_with_free_func (g_free);
- gboolean require_exact_match = FALSE;
-
- g_ptr_array_add (allowed_prefixes, g_strdup_printf ("%s.*", app_id));
-
- if (strcmp (source_path, "share/applications") == 0)
- {
- g_ptr_array_add (allowed_extensions, g_strdup (".desktop"));
- }
- else if (flatpak_has_path_prefix (source_path, "share/icons"))
- {
- g_ptr_array_add (allowed_extensions, g_strdup (".svgz"));
- g_ptr_array_add (allowed_extensions, g_strdup (".png"));
- g_ptr_array_add (allowed_extensions, g_strdup (".svg"));
- g_ptr_array_add (allowed_extensions, g_strdup (".ico"));
- }
- else if (strcmp (source_path, "share/dbus-1/services") == 0)
- {
- g_auto(GStrv) owned_dbus_names = flatpak_context_get_session_bus_policy_allowed_own_names (context);
-
- g_ptr_array_add (allowed_extensions, g_strdup (".service"));
-
- for (GStrv iter = owned_dbus_names; *iter != NULL; ++iter)
- g_ptr_array_add (allowed_prefixes, g_strdup (*iter));
-
- /* We need an exact match with no extra garbage, because the filename refers to busnames
- * and we can *only* match exactly these */
- require_exact_match = TRUE;
- }
- else if (strcmp (source_path, "share/gnome-shell/search-providers") == 0)
- {
- g_ptr_array_add (allowed_extensions, g_strdup (".ini"));
- }
- else if (strcmp (source_path, "share/mime/packages") == 0)
- {
- g_ptr_array_add (allowed_extensions, g_strdup (".xml"));
- }
- else if (strcmp (source_path, "share/metainfo") == 0 ||
- strcmp (source_path, "share/appdata") == 0)
- {
- g_ptr_array_add (allowed_extensions, g_strdup (".xml"));
- }
- else
- return FALSE;
-
- g_ptr_array_add (allowed_extensions, NULL);
- g_ptr_array_add (allowed_prefixes, NULL);
-
- if (allowed_extensions_out)
- *allowed_extensions_out = (char **) g_ptr_array_free (g_steal_pointer (&allowed_extensions), FALSE);
-
- if (allowed_prefixes_out)
- *allowed_prefixes_out = (char **) g_ptr_array_free (g_steal_pointer (&allowed_prefixes), FALSE);
-
- if (require_exact_match_out)
- *require_exact_match_out = require_exact_match;
-
- return TRUE;
-}
-
-
 static char *
 line_get_word (char **line)
 {