1 /*
2 SPDX-FileCopyrightText: 2008 Nicola Gigante <nicola.gigante@gmail.com>
3
4 SPDX-License-Identifier: LGPL-2.1-or-later
5 */
6
7 #include "../../policy-gen/policy-gen.h"
8
9 #include <Security/Security.h>
10 #include <iostream>
11
12 #include <QDebug>
13
14 using namespace std;
15
output(const QList<Action> & actions,const QMap<QString,QString> & domain)16 void output(const QList<Action> &actions, const QMap<QString, QString> &domain)
17 {
18 AuthorizationRef auth;
19 AuthorizationCreate(NULL, kAuthorizationEmptyEnvironment, kAuthorizationFlagDefaults, &auth);
20
21 OSStatus err;
22
23 for (const Action &action : std::as_const(actions)) {
24 err = AuthorizationRightGet(action.name.toLatin1().constData(), NULL);
25
26 if (err != errAuthorizationSuccess) {
27 QString rule;
28
29 if (action.policy == QLatin1String("yes")) {
30 rule = QString::fromLatin1(kAuthorizationRuleClassAllow);
31 } else if (action.policy == QLatin1String("no")) {
32 rule = QString::fromLatin1(kAuthorizationRuleClassDeny);
33 } else if (action.policy == QLatin1String("auth_self")) {
34 rule = QString::fromLatin1(kAuthorizationRuleAuthenticateAsSessionUser);
35 } else if (action.policy == QLatin1String("auth_admin")) {
36 rule = QString::fromLatin1(kAuthorizationRuleAuthenticateAsAdmin);
37 }
38
39 CFStringRef cfRule = CFStringCreateWithCString(NULL, rule.toLatin1().constData(), kCFStringEncodingASCII);
40 CFStringRef cfPrompt =
41 CFStringCreateWithCString(NULL, action.descriptions.value(QLatin1String("en")).toLatin1().constData(), kCFStringEncodingASCII);
42
43 err = AuthorizationRightSet(auth, action.name.toLatin1().constData(), cfRule, cfPrompt, NULL, NULL);
44 if (err != noErr) {
45 cerr << "You don't have the right to edit the security database (try to run cmake with sudo): " << err << endl;
46 exit(1);
47 } else {
48 qInfo() << "Created or updated rule" << rule << "for right entry" << action.name << "policy" << action.policy << "; domain=" << domain;
49 }
50 }
51 }
52 }
53