From a01371ce026fa580ac0e7bc750d3af39331d6a23 Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Wed, 17 May 2023 14:09:26 +0100 Subject: [PATCH] common: Move flatpak_context_get_allowed_exports to FlatpakContext This allows us to break a circular dependency between utils and context. Signed-off-by: Simon McVittie --- app/flatpak-builtins-build-finish.c | 5 ++- common/flatpak-context-private.h | 7 +++ common/flatpak-context.c | 69 ++++++++++++++++++++++++++++ common/flatpak-dir.c | 4 +- common/flatpak-utils-private.h | 9 ---- common/flatpak-utils.c | 70 ----------------------------- 6 files changed, 81 insertions(+), 83 deletions(-) diff --git a/app/flatpak-builtins-build-finish.c b/app/flatpak-builtins-build-finish.c index 4d25dd58db..1846129778 100644 --- a/app/flatpak-builtins-build-finish.c +++ b/app/flatpak-builtins-build-finish.c @@ -32,6 +32,7 @@ #include "flatpak-builtins.h" #include "flatpak-context-private.h" +#include "flatpak-dir-private.h" #include "flatpak-utils-private.h" #include "flatpak-run-private.h" @@ -259,8 +260,8 @@ collect_exports (GFile *base, g_auto(GStrv) allowed_extensions = NULL; gboolean require_exact_match = FALSE; - if (!flatpak_get_allowed_exports (path, app_id, arg_context, - &allowed_extensions, &allowed_prefixes, &require_exact_match)) + if (!flatpak_context_get_allowed_exports (arg_context, path, app_id, + &allowed_extensions, &allowed_prefixes, &require_exact_match)) return flatpak_fail (error, "Unexpectedly not allowed to export %s", path); if (g_file_query_exists (src, cancellable)) diff --git a/common/flatpak-context-private.h b/common/flatpak-context-private.h index 5a9ebe4cdd..88f53fba5b 100644 --- a/common/flatpak-context-private.h +++ b/common/flatpak-context-private.h @@ -173,4 +173,11 @@ G_DEFINE_AUTOPTR_CLEANUP_FUNC (FlatpakContext, flatpak_context_free) GFile *flatpak_get_user_base_dir_location (void); GFile *flatpak_get_data_dir (const char *app_id); +gboolean flatpak_context_get_allowed_exports (FlatpakContext *context, + const char *source_path, + const char *app_id, + char ***allowed_extensions_out, + char ***allowed_prefixes_out, + gboolean *require_exact_match_out); + #endif /* __FLATPAK_CONTEXT_H__ */ diff --git a/common/flatpak-context.c b/common/flatpak-context.c index 297a89ef1c..a382fcc7a9 100644 --- a/common/flatpak-context.c +++ b/common/flatpak-context.c @@ -2972,3 +2972,72 @@ flatpak_context_append_bwrap_filesystem (FlatpakContext *context, xdg_dirs_conf, strlen (xdg_dirs_conf), path, NULL); } } + +gboolean +flatpak_context_get_allowed_exports (FlatpakContext *context, + const char *source_path, + const char *app_id, + char ***allowed_extensions_out, + char ***allowed_prefixes_out, + gboolean *require_exact_match_out) +{ + g_autoptr(GPtrArray) allowed_extensions = g_ptr_array_new_with_free_func (g_free); + g_autoptr(GPtrArray) allowed_prefixes = g_ptr_array_new_with_free_func (g_free); + gboolean require_exact_match = FALSE; + + g_ptr_array_add (allowed_prefixes, g_strdup_printf ("%s.*", app_id)); + + if (strcmp (source_path, "share/applications") == 0) + { + g_ptr_array_add (allowed_extensions, g_strdup (".desktop")); + } + else if (flatpak_has_path_prefix (source_path, "share/icons")) + { + g_ptr_array_add (allowed_extensions, g_strdup (".svgz")); + g_ptr_array_add (allowed_extensions, g_strdup (".png")); + g_ptr_array_add (allowed_extensions, g_strdup (".svg")); + g_ptr_array_add (allowed_extensions, g_strdup (".ico")); + } + else if (strcmp (source_path, "share/dbus-1/services") == 0) + { + g_auto(GStrv) owned_dbus_names = flatpak_context_get_session_bus_policy_allowed_own_names (context); + + g_ptr_array_add (allowed_extensions, g_strdup (".service")); + + for (GStrv iter = owned_dbus_names; *iter != NULL; ++iter) + g_ptr_array_add (allowed_prefixes, g_strdup (*iter)); + + /* We need an exact match with no extra garbage, because the filename refers to busnames + * and we can *only* match exactly these */ + require_exact_match = TRUE; + } + else if (strcmp (source_path, "share/gnome-shell/search-providers") == 0) + { + g_ptr_array_add (allowed_extensions, g_strdup (".ini")); + } + else if (strcmp (source_path, "share/mime/packages") == 0) + { + g_ptr_array_add (allowed_extensions, g_strdup (".xml")); + } + else if (strcmp (source_path, "share/metainfo") == 0 || + strcmp (source_path, "share/appdata") == 0) + { + g_ptr_array_add (allowed_extensions, g_strdup (".xml")); + } + else + return FALSE; + + g_ptr_array_add (allowed_extensions, NULL); + g_ptr_array_add (allowed_prefixes, NULL); + + if (allowed_extensions_out) + *allowed_extensions_out = (char **) g_ptr_array_free (g_steal_pointer (&allowed_extensions), FALSE); + + if (allowed_prefixes_out) + *allowed_prefixes_out = (char **) g_ptr_array_free (g_steal_pointer (&allowed_prefixes), FALSE); + + if (require_exact_match_out) + *require_exact_match_out = require_exact_match; + + return TRUE; +} diff --git a/common/flatpak-dir.c b/common/flatpak-dir.c index cfb0fda26f..af68db671e 100644 --- a/common/flatpak-dir.c +++ b/common/flatpak-dir.c @@ -7722,8 +7722,8 @@ rewrite_export_dir (const char *app, if (!glnx_dirfd_iterator_init_at (source_parent_fd, source_name, FALSE, &source_iter, error)) goto out; - exports_allowed = flatpak_get_allowed_exports (source_path, app, context, - &allowed_extensions, &allowed_prefixes, &require_exact_match); + exports_allowed = flatpak_context_get_allowed_exports (context, source_path, app, + &allowed_extensions, &allowed_prefixes, &require_exact_match); visited_children = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL); diff --git a/common/flatpak-utils-private.h b/common/flatpak-utils-private.h index b9a68cdae4..82653880f6 100644 --- a/common/flatpak-utils-private.h +++ b/common/flatpak-utils-private.h @@ -24,12 +24,10 @@ #include #include "libglnx.h" -#include #include #include #include "flatpak-dbus-generated.h" #include "flatpak-document-dbus-generated.h" -#include "flatpak-context-private.h" #include "flatpak-error.h" #include "flatpak-glib-backports-private.h" #include "flatpak-variant-private.h" @@ -142,13 +140,6 @@ gboolean flatpak_var_ref_map_lookup_ref (VarRefMapRef ref_map, const char *ref, VarRefInfoRef *out_info); -gboolean flatpak_get_allowed_exports (const char *source_path, - const char *app_id, - FlatpakContext *context, - char ***allowed_extensions_out, - char ***allowed_prefixes_out, - gboolean *require_exact_match_out); - FlatpakDecomposed *flatpak_find_current_ref (const char *app_id, GCancellable *cancellable, GError **error); diff --git a/common/flatpak-utils.c b/common/flatpak-utils.c index b89e24466e..8606191467 100644 --- a/common/flatpak-utils.c +++ b/common/flatpak-utils.c @@ -643,76 +643,6 @@ flatpak_bwrap_is_unprivileged (void) (st.st_mode & S_ISUID) == 0; } -gboolean -flatpak_get_allowed_exports (const char *source_path, - const char *app_id, - FlatpakContext *context, - char ***allowed_extensions_out, - char ***allowed_prefixes_out, - gboolean *require_exact_match_out) -{ - g_autoptr(GPtrArray) allowed_extensions = g_ptr_array_new_with_free_func (g_free); - g_autoptr(GPtrArray) allowed_prefixes = g_ptr_array_new_with_free_func (g_free); - gboolean require_exact_match = FALSE; - - g_ptr_array_add (allowed_prefixes, g_strdup_printf ("%s.*", app_id)); - - if (strcmp (source_path, "share/applications") == 0) - { - g_ptr_array_add (allowed_extensions, g_strdup (".desktop")); - } - else if (flatpak_has_path_prefix (source_path, "share/icons")) - { - g_ptr_array_add (allowed_extensions, g_strdup (".svgz")); - g_ptr_array_add (allowed_extensions, g_strdup (".png")); - g_ptr_array_add (allowed_extensions, g_strdup (".svg")); - g_ptr_array_add (allowed_extensions, g_strdup (".ico")); - } - else if (strcmp (source_path, "share/dbus-1/services") == 0) - { - g_auto(GStrv) owned_dbus_names = flatpak_context_get_session_bus_policy_allowed_own_names (context); - - g_ptr_array_add (allowed_extensions, g_strdup (".service")); - - for (GStrv iter = owned_dbus_names; *iter != NULL; ++iter) - g_ptr_array_add (allowed_prefixes, g_strdup (*iter)); - - /* We need an exact match with no extra garbage, because the filename refers to busnames - * and we can *only* match exactly these */ - require_exact_match = TRUE; - } - else if (strcmp (source_path, "share/gnome-shell/search-providers") == 0) - { - g_ptr_array_add (allowed_extensions, g_strdup (".ini")); - } - else if (strcmp (source_path, "share/mime/packages") == 0) - { - g_ptr_array_add (allowed_extensions, g_strdup (".xml")); - } - else if (strcmp (source_path, "share/metainfo") == 0 || - strcmp (source_path, "share/appdata") == 0) - { - g_ptr_array_add (allowed_extensions, g_strdup (".xml")); - } - else - return FALSE; - - g_ptr_array_add (allowed_extensions, NULL); - g_ptr_array_add (allowed_prefixes, NULL); - - if (allowed_extensions_out) - *allowed_extensions_out = (char **) g_ptr_array_free (g_steal_pointer (&allowed_extensions), FALSE); - - if (allowed_prefixes_out) - *allowed_prefixes_out = (char **) g_ptr_array_free (g_steal_pointer (&allowed_prefixes), FALSE); - - if (require_exact_match_out) - *require_exact_match_out = require_exact_match; - - return TRUE; -} - - static char * line_get_word (char **line) {