1/* -*- mode: js; js-indent-level: 4; indent-tabs-mode: nil -*- */ 2 3/* see test/polkitbackend/test-polkitbackendjsauthority.c */ 4 5/* NOTE: this is the /etc/polkit-1/rules.d version of 10-testing.rules */ 6 7// --------------------------------------------------------------------- 8// admin rules 9 10polkit.addAdminRule(function(action, subject) { 11 if (action.id == "net.company.action1") { 12 return ["unix-group:admin"]; 13 } 14}); 15 16polkit.addAdminRule(function(action, subject) { 17 if (action.id == "net.company.action2") { 18 return ["unix-group:users"]; 19 } 20}); 21 22polkit.addAdminRule(function(action, subject) { 23 if (action.id == "net.company.action3") { 24 return ["unix-netgroup:foo"]; 25 } 26}); 27 28// Fallback 29polkit.addAdminRule(function(action, subject) { 30 return ["unix-group:admin", "unix-user:root"]; 31}); 32 33// ----- 34 35// --------------------------------------------------------------------- 36// basics 37 38polkit.addRule(function(action, subject) { 39 if (action.id == "net.company.productA.action0") { 40 return polkit.Result.AUTH_ADMIN; 41 } 42}); 43 44polkit.addRule(function(action, subject) { 45 if (action.id == "net.company.productA.action1") { 46 return polkit.Result.AUTH_SELF; 47 } 48}); 49 50polkit.addRule(function(action, subject) { 51 if (action.id == "net.company.order0") { 52 return polkit.Result.YES; 53 } 54}); 55 56polkit.addRule(function(action, subject) { 57 if (action.id == "net.company.john_action") { 58 if (subject.user == "john") { 59 return polkit.Result.YES; 60 } else { 61 return polkit.Result.NO; 62 } 63 } 64}); 65 66polkit.addRule(function(action, subject) { 67 if (action.id == "net.company.highuid2_action") { 68 if (subject.user == "highuid2") { 69 return polkit.Result.YES; 70 } else { 71 return polkit.Result.NO; 72 } 73 } 74}); 75 76 77// --------------------------------------------------------------------- 78// variables 79 80polkit.addRule(function(action, subject) { 81 if (action.id == "net.company.group.variables") { 82 if (action.lookup("foo") == "1") 83 return polkit.Result.YES; 84 else if (action.lookup("foo") == "2") 85 return polkit.Result.AUTH_SELF; 86 else 87 return polkit.Result.AUTH_ADMIN; 88 } 89}); 90 91 92// --------------------------------------------------------------------- 93// group membership 94 95polkit.addRule(function(action, subject) { 96 if (action.id == "net.company.group.only_group_users") { 97 if (subject.isInGroup("users")) 98 return polkit.Result.YES; 99 else 100 return polkit.Result.NO; 101 } 102}); 103 104// --------------------------------------------------------------------- 105// netgroup membership 106 107polkit.addRule(function(action, subject) { 108 if (action.id == "net.company.group.only_netgroup_users") { 109 if (subject.isInNetGroup("foo")) 110 return polkit.Result.YES; 111 else 112 return polkit.Result.NO; 113 } 114}); 115 116// --------------------------------------------------------------------- 117// spawning 118 119polkit.addRule(function(action, subject) { 120 if (action.id == "net.company.spawning.non_existing_helper") { 121 try { 122 polkit.spawn(["/path/to/non/existing/helper"]); 123 return polkit.Result.NO; 124 } catch (error) { 125 return polkit.Result.YES; 126 } 127 } 128}); 129 130polkit.addRule(function(action, subject) { 131 if (action.id == "net.company.spawning.successful_helper") { 132 try { 133 polkit.spawn(["/bin/true"]); 134 return polkit.Result.YES; 135 } catch (error) { 136 return polkit.Result.NO; 137 } 138 } 139}); 140 141polkit.addRule(function(action, subject) { 142 if (action.id == "net.company.spawning.failing_helper") { 143 try { 144 polkit.spawn(["/bin/false"]); 145 return polkit.Result.NO; 146 } catch (error) { 147 return polkit.Result.YES; 148 } 149 } 150}); 151 152polkit.addRule(function(action, subject) { 153 if (action.id == "net.company.spawning.helper_with_output") { 154 try { 155 var out = polkit.spawn(["echo", "-n", "-e", "Hello\nWorld"]); 156 if (out == "Hello\nWorld") 157 return polkit.Result.YES; 158 else 159 return polkit.Result.NO; 160 } catch (error) { 161 return polkit.Result.NO; 162 } 163 } 164}); 165 166polkit.addRule(function(action, subject) { 167 if (action.id == "net.company.spawning.helper_timeout") { 168 try { 169 polkit.spawn(["sleep", "20"]); 170 return polkit.Result.NO; 171 } catch (error) { 172 if (error == "Error: Error spawning helper: Timed out after 10 seconds (g-io-error-quark, 24)") 173 return polkit.Result.YES; 174 return polkit.Result.NO; 175 } 176 } 177}); 178 179// --------------------------------------------------------------------- 180// runaway scripts 181 182polkit.addRule(function(action, subject) { 183 if (action.id == "net.company.run_away_script") { 184 try { 185 // The following code will never terminate so the runaway 186 // script killer will step in after 15 seconds and throw 187 // an exception... 188 while (true) 189 ; 190 } catch (error) { 191 if (error == "Terminating runaway script") 192 return polkit.Result.YES; 193 return polkit.Result.NO; 194 } 195 } 196}); 197