mirrors/pipewire
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/pipewire/pipewire.git synced 2025-11-02 09:01:50 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
pipewire/src/examples/media-session/access-flatpak.c
Peter Hutterer 55f01ae679 media-session: document the access-flatpak module
2021-09-06 07:29:28 +00:00

211 lines
5.8 KiB
C
Raw Blame History

/* PipeWire
*
* Copyright © 2020 Wim Taymans
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice (including the next
* paragraph) shall be included in all copies or substantial portions of the
* Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
* DEALINGS IN THE SOFTWARE.
*/
#include <string.h>
#include <stdio.h>
#include <errno.h>
#include <math.h>
#include <time.h>
#include "config.h"
#include <spa/utils/string.h>
#include "pipewire/pipewire.h"
#include "media-session.h"
/** \page page_media_session_module_access_flatpak Media Session Module: Access Flatpak
*
* The Access Flatpak module manages permissions for flatpak clients. It
* monitors clients with a \ref PW_KEY_ACCESS value of `"flatpak"` and
* restricts those clients to the \ref PW_PERM_R and \ref PW_PERM_X
* permissions.
*
* Clients of \ref PW_KEY_MEDIA_CATEGORY type "Manager" are permitted full
* access (\ref PW_PERM_ALL).
*
* The value "flatpak" is typically assigned by the \ref page_module_access.
*
* ## Module Properties
*
* This module requires the following properties on the client object:
* - \ref PW_KEY_ACCESS
* - \ref PW_KEY_MEDIA_CATEGORY (optional, only matters for "Manager" objects)
*/
#define NAME "access-flatpak"
#define SESSION_KEY "access-flatpak"
struct impl {
struct sm_media_session *session;
struct spa_hook listener;
struct spa_list client_list;
};
struct client {
struct sm_client *obj;
uint32_t id;
struct impl *impl;
struct spa_list link; /**< link in impl client_list */
struct spa_hook listener;
unsigned int active:1;
};
static void object_update(void *data)
{
struct client *client = data;
struct impl *impl = client->impl;
const char *str;
pw_log_debug(NAME" %p: client %p %08x", impl, client, client->obj->obj.changed);
if (client->obj->obj.avail & SM_CLIENT_CHANGE_MASK_INFO &&
!client->active) {
struct pw_permission permissions[1];
uint32_t perms;
if (client->obj->info == NULL || client->obj->info->props == NULL ||
(str = spa_dict_lookup(client->obj->info->props, PW_KEY_ACCESS)) == NULL ||
!spa_streq(str, "flatpak"))
return;
if ((str = spa_dict_lookup(client->obj->info->props, PW_KEY_MEDIA_CATEGORY)) != NULL &&
(spa_streq(str, "Manager"))) {
/* FIXME, use permission store to check if this app is allowed to
* be a manager app */
perms = PW_PERM_ALL;
} else {
/* limited access for everything else */
perms = PW_PERM_R | PW_PERM_X;
}
pw_log_info(NAME" %p: flatpak client %d granted 0x%08x permissions"
, impl, client->id, perms);
permissions[0] = PW_PERMISSION_INIT(PW_ID_ANY, perms);
pw_client_update_permissions(client->obj->obj.proxy,
1, permissions);
client->active = true;
}
}
static const struct sm_object_events object_events = {
SM_VERSION_OBJECT_EVENTS,
.update = object_update
};
static int
handle_client(struct impl *impl, struct sm_object *object)
{
struct client *client;
pw_log_debug(NAME" %p: client", impl);
client = sm_object_add_data(object, SESSION_KEY, sizeof(struct client));
client->obj = (struct sm_client*)object;
client->id = object->id;
client->impl = impl;
spa_list_append(&impl->client_list, &client->link);
client->obj->obj.mask |= SM_CLIENT_CHANGE_MASK_INFO;
sm_object_add_listener(&client->obj->obj, &client->listener, &object_events, client);
return 1;
}
static void destroy_client(struct impl *impl, struct client *client)
{
spa_list_remove(&client->link);
spa_hook_remove(&client->listener);
sm_object_remove_data((struct sm_object*)client->obj, SESSION_KEY);
}
static void session_create(void *data, struct sm_object *object)
{
struct impl *impl = data;
int res;
pw_log_debug(NAME " %p: create global '%d'", impl, object->id);
if (spa_streq(object->type, PW_TYPE_INTERFACE_Client))
res = handle_client(impl, object);
else
res = 0;
if (res < 0)
pw_log_warn(NAME" %p: can't handle global %d", impl, object->id);
}
static void session_remove(void *data, struct sm_object *object)
{
struct impl *impl = data;
pw_log_debug(NAME " %p: remove global '%d'", impl, object->id);
if (spa_streq(object->type, PW_TYPE_INTERFACE_Client)) {
struct client *client;
if ((client = sm_object_get_data(object, SESSION_KEY)) != NULL)
destroy_client(impl, client);
}
}
static void session_destroy(void *data)
{
struct impl *impl = data;
struct client *client;
spa_list_consume(client, &impl->client_list, link)
destroy_client(impl, client);
spa_hook_remove(&impl->listener);
free(impl);
}
static const struct sm_media_session_events session_events = {
SM_VERSION_MEDIA_SESSION_EVENTS,
.create = session_create,
.remove = session_remove,
.destroy = session_destroy,
};
int sm_access_flatpak_start(struct sm_media_session *session)
{
struct impl *impl;
impl = calloc(1, sizeof(struct impl));
if (impl == NULL)
return -errno;
impl->session = session;
spa_list_init(&impl->client_list);
sm_media_session_add_listener(impl->session,
&impl->listener,
&session_events, impl);
return 0;
}
Reference in a new issue View git blame Copy permalink