gio/auto/debug_controller_dbus.rs
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311
// This file was generated by gir (https://github.com/gtk-rs/gir)
// from gir-files (https://github.com/gtk-rs/gir-files)
// DO NOT EDIT
use crate::{ffi, Cancellable, DBusConnection, DBusMethodInvocation, DebugController, Initable};
use glib::{
prelude::*,
signal::{connect_raw, SignalHandlerId},
translate::*,
};
use std::boxed::Box as Box_;
glib::wrapper! {
/// `GDebugControllerDBus` is an implementation of [`DebugController`][crate::DebugController]
/// which exposes debug settings as a D-Bus object.
///
/// It is a [`Initable`][crate::Initable] object, and will register an object at
/// `/org/gtk/Debugging` on the bus given as
/// [`connection`][struct@crate::DebugControllerDBus#connection] once it’s initialized. The
/// object will be unregistered when the last reference to the
/// `GDebugControllerDBus` is dropped.
///
/// This D-Bus object can be used by remote processes to enable or disable debug
/// output in this process. Remote processes calling
/// `org.gtk.Debugging.SetDebugEnabled()` will affect the value of
/// [`debug-enabled`][struct@crate::DebugController#debug-enabled] and, by default,
/// `log_get_debug_enabled()`.
///
/// By default, no processes are allowed to call `SetDebugEnabled()` unless a
/// [`authorize`][struct@crate::DebugControllerDBus#authorize] signal handler is installed. This
/// is because the process may be privileged, or might expose sensitive
/// information in its debug output. You may want to restrict the ability to
/// enable debug output to privileged users or processes.
///
/// One option is to install a D-Bus security policy which restricts access to
/// `SetDebugEnabled()`, installing something like the following in
/// `$datadir/dbus-1/system.d/`:
///
/// ```xml
/// <?xml version="1.0"?> <!--*-nxml-*-->
/// <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
/// "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
/// <busconfig>
/// <policy user="root">
/// <allow send_destination="com.example.MyService" send_interface="org.gtk.Debugging"/>
/// </policy>
/// <policy context="default">
/// <deny send_destination="com.example.MyService" send_interface="org.gtk.Debugging"/>
/// </policy>
/// </busconfig>
/// ```
///
/// This will prevent the `SetDebugEnabled()` method from being called by all
/// except root. It will not prevent the `DebugEnabled` property from being read,
/// as it’s accessed through the `org.freedesktop.DBus.Properties` interface.
///
/// Another option is to use polkit to allow or deny requests on a case-by-case
/// basis, allowing for the possibility of dynamic authorisation. To do this,
/// connect to the [`authorize`][struct@crate::DebugControllerDBus#authorize] signal and query
/// polkit in it:
///
/// **⚠️ The following code is in c ⚠️**
///
/// ```c
/// g_autoptr(GError) child_error = NULL;
/// g_autoptr(GDBusConnection) connection = g_bus_get_sync (G_BUS_TYPE_SYSTEM, NULL, NULL);
/// gulong debug_controller_authorize_id = 0;
///
/// // Set up the debug controller.
/// debug_controller = G_DEBUG_CONTROLLER (g_debug_controller_dbus_new (priv->connection, NULL, &child_error));
/// if (debug_controller == NULL)
/// {
/// g_error ("Could not register debug controller on bus: %s"),
/// child_error->message);
/// }
///
/// debug_controller_authorize_id = g_signal_connect (debug_controller,
/// "authorize",
/// G_CALLBACK (debug_controller_authorize_cb),
/// self);
///
/// static gboolean
/// debug_controller_authorize_cb (GDebugControllerDBus *debug_controller,
/// GDBusMethodInvocation *invocation,
/// gpointer user_data)
/// {
/// g_autoptr(PolkitAuthority) authority = NULL;
/// g_autoptr(PolkitSubject) subject = NULL;
/// g_autoptr(PolkitAuthorizationResult) auth_result = NULL;
/// g_autoptr(GError) local_error = NULL;
/// GDBusMessage *message;
/// GDBusMessageFlags message_flags;
/// PolkitCheckAuthorizationFlags flags = POLKIT_CHECK_AUTHORIZATION_FLAGS_NONE;
///
/// message = g_dbus_method_invocation_get_message (invocation);
/// message_flags = g_dbus_message_get_flags (message);
///
/// authority = polkit_authority_get_sync (NULL, &local_error);
/// if (authority == NULL)
/// {
/// g_warning ("Failed to get polkit authority: %s", local_error->message);
/// return FALSE;
/// }
///
/// if (message_flags & G_DBUS_MESSAGE_FLAGS_ALLOW_INTERACTIVE_AUTHORIZATION)
/// flags |= POLKIT_CHECK_AUTHORIZATION_FLAGS_ALLOW_USER_INTERACTION;
///
/// subject = polkit_system_bus_name_new (g_dbus_method_invocation_get_sender (invocation));
///
/// auth_result = polkit_authority_check_authorization_sync (authority,
/// subject,
/// "com.example.MyService.set-debug-enabled",
/// NULL,
/// flags,
/// NULL,
/// &local_error);
/// if (auth_result == NULL)
/// {
/// g_warning ("Failed to get check polkit authorization: %s", local_error->message);
/// return FALSE;
/// }
///
/// return polkit_authorization_result_get_is_authorized (auth_result);
/// }
/// ```
///
/// ## Properties
///
///
/// #### `connection`
/// The D-Bus connection to expose the debugging interface on.
///
/// Typically this will be the same connection (to the system or session bus)
/// which the rest of the application or service’s D-Bus objects are registered
/// on.
///
/// Readable | Writeable | Construct Only
/// <details><summary><h4>DebugController</h4></summary>
///
///
/// #### `debug-enabled`
/// [`true`] if debug output should be exposed (for example by forwarding it to
/// the journal), [`false`] otherwise.
///
/// Readable | Writeable
/// </details>
///
/// ## Signals
///
///
/// #### `authorize`
/// Emitted when a D-Bus peer is trying to change the debug settings and used
/// to determine if that is authorized.
///
/// This signal is emitted in a dedicated worker thread, so handlers are
/// allowed to perform blocking I/O. This means that, for example, it is
/// appropriate to call `polkit_authority_check_authorization_sync()` to check
/// authorization using polkit.
///
/// If [`false`] is returned then no further handlers are run and the request to
/// change the debug settings is rejected.
///
/// Otherwise, if [`true`] is returned, signal emission continues. If no handlers
/// return [`false`], then the debug settings are allowed to be changed.
///
/// Signal handlers must not modify @invocation, or cause it to return a value.
///
/// The default class handler just returns [`true`].
///
///
///
/// # Implements
///
/// [`DebugControllerDBusExt`][trait@crate::prelude::DebugControllerDBusExt], [`trait@glib::ObjectExt`], [`DebugControllerExt`][trait@crate::prelude::DebugControllerExt], [`InitableExt`][trait@crate::prelude::InitableExt], [`DebugControllerDBusExtManual`][trait@crate::prelude::DebugControllerDBusExtManual]
#[doc(alias = "GDebugControllerDBus")]
pub struct DebugControllerDBus(Object<ffi::GDebugControllerDBus, ffi::GDebugControllerDBusClass>) @implements DebugController, Initable;
match fn {
type_ => || ffi::g_debug_controller_dbus_get_type(),
}
}
impl DebugControllerDBus {
pub const NONE: Option<&'static DebugControllerDBus> = None;
/// Create a new #GDebugControllerDBus and synchronously initialize it.
///
/// Initializing the object will export the debug object on @connection. The
/// object will remain registered until the last reference to the
/// #GDebugControllerDBus is dropped.
///
/// Initialization may fail if registering the object on @connection fails.
/// ## `connection`
/// a #GDBusConnection to register the debug object on
/// ## `cancellable`
/// a #GCancellable, or [`None`]
///
/// # Returns
///
/// a new #GDebugControllerDBus, or [`None`]
/// on failure
#[doc(alias = "g_debug_controller_dbus_new")]
pub fn new(
connection: &DBusConnection,
cancellable: Option<&impl IsA<Cancellable>>,
) -> Result<Option<DebugControllerDBus>, glib::Error> {
unsafe {
let mut error = std::ptr::null_mut();
let ret = ffi::g_debug_controller_dbus_new(
connection.to_glib_none().0,
cancellable.map(|p| p.as_ref()).to_glib_none().0,
&mut error,
);
if error.is_null() {
Ok(from_glib_full(ret))
} else {
Err(from_glib_full(error))
}
}
}
}
/// Trait containing all [`struct@DebugControllerDBus`] methods.
///
/// # Implementors
///
/// [`DebugControllerDBus`][struct@crate::DebugControllerDBus]
pub trait DebugControllerDBusExt: IsA<DebugControllerDBus> + 'static {
/// Stop the debug controller, unregistering its object from the bus.
///
/// Any pending method calls to the object will complete successfully, but new
/// ones will return an error. This method will block until all pending
/// #GDebugControllerDBus::authorize signals have been handled. This is expected
/// to not take long, as it will just be waiting for threads to join. If any
/// #GDebugControllerDBus::authorize signal handlers are still executing in other
/// threads, this will block until after they have returned.
///
/// This method will be called automatically when the final reference to the
/// #GDebugControllerDBus is dropped. You may want to call it explicitly to know
/// when the controller has been fully removed from the bus, or to break
/// reference count cycles.
///
/// Calling this method from within a #GDebugControllerDBus::authorize signal
/// handler will cause a deadlock and must not be done.
#[doc(alias = "g_debug_controller_dbus_stop")]
fn stop(&self) {
unsafe {
ffi::g_debug_controller_dbus_stop(self.as_ref().to_glib_none().0);
}
}
/// Emitted when a D-Bus peer is trying to change the debug settings and used
/// to determine if that is authorized.
///
/// This signal is emitted in a dedicated worker thread, so handlers are
/// allowed to perform blocking I/O. This means that, for example, it is
/// appropriate to call `polkit_authority_check_authorization_sync()` to check
/// authorization using polkit.
///
/// If [`false`] is returned then no further handlers are run and the request to
/// change the debug settings is rejected.
///
/// Otherwise, if [`true`] is returned, signal emission continues. If no handlers
/// return [`false`], then the debug settings are allowed to be changed.
///
/// Signal handlers must not modify @invocation, or cause it to return a value.
///
/// The default class handler just returns [`true`].
/// ## `invocation`
/// A #GDBusMethodInvocation.
///
/// # Returns
///
/// [`true`] if the call is authorized, [`false`] otherwise.
#[cfg(feature = "v2_72")]
#[cfg_attr(docsrs, doc(cfg(feature = "v2_72")))]
#[doc(alias = "authorize")]
fn connect_authorize<F: Fn(&Self, &DBusMethodInvocation) -> bool + 'static>(
&self,
f: F,
) -> SignalHandlerId {
unsafe extern "C" fn authorize_trampoline<
P: IsA<DebugControllerDBus>,
F: Fn(&P, &DBusMethodInvocation) -> bool + 'static,
>(
this: *mut ffi::GDebugControllerDBus,
invocation: *mut ffi::GDBusMethodInvocation,
f: glib::ffi::gpointer,
) -> glib::ffi::gboolean {
let f: &F = &*(f as *const F);
f(
DebugControllerDBus::from_glib_borrow(this).unsafe_cast_ref(),
&from_glib_borrow(invocation),
)
.into_glib()
}
unsafe {
let f: Box_<F> = Box_::new(f);
connect_raw(
self.as_ptr() as *mut _,
b"authorize\0".as_ptr() as *const _,
Some(std::mem::transmute::<*const (), unsafe extern "C" fn()>(
authorize_trampoline::<Self, F> as *const (),
)),
Box_::into_raw(f),
)
}
}
}
impl<O: IsA<DebugControllerDBus>> DebugControllerDBusExt for O {}