GNOME Software

Merge ~jamesh/gnome-software:classic-snap-install into gnome-software:wip/ubuntu-master

  1. Git
  2. lp:~jamesh/gnome-software
  3. classic-snap-install
  4. Merge into wip/ubuntu-master
Proposed by James Henstridge
Status: Needs review
Proposed branch: ~jamesh/gnome-software:classic-snap-install
Merge into: gnome-software:wip/ubuntu-master
Diff against target: 168 lines (+75/-4)
3 files modified
plugins/snap/gs-plugin-snap.c (+19/-2)
src/gs-details-page.c (+14/-0)
src/gs-details-page.ui (+42/-2)
Reviewer Review Type Date Requested Status
GNOME3 Team Pending
Review via email: mp+326206@code.launchpad.net

Description of the change

Add support for installing classic snaps through gnome-software.

This is using Robert Ancell's patch from bug 1690280, along with a change to the details page to display a warning for snap packages that don't have the SANDBOXED kudo (which is currently granted to any snap using strict confinement).

There are a few open questions:

1. Is this where the warning should sit?
2. What exact text should it contain?

As far as warnings to users go, I would tend to think a strict confined snap that connects to the home interface to be similarly dangerous to a classic snap. It doesn't look like we can detect that case from the metadata returned by "find" requests though.

To post a comment you must log in.
Revision history for this message
Robert Ancell (robert-ancell) wrote :

This should be proposed upstream. I notice I didn't open an upstream bug - can you do that?

Reply

There was an error fetching revisions from git servers. Please try again in a few minutes. If the problem persists, contact Launchpad support.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/plugins/snap/gs-plugin-snap.c b/plugins/snap/gs-plugin-snap.c
index b268a13..c5d9124 100644
--- a/plugins/snap/gs-plugin-snap.c
+++ b/plugins/snap/gs-plugin-snap.c
@@ -24,6 +24,12 @@
24#include <snapd-glib/snapd-glib.h>24#include <snapd-glib/snapd-glib.h>
25#include <gnome-software.h>25#include <gnome-software.h>
2626
27/* FIXME: <snapd-glib/snapd-glib.h> doesn't include
28 * snapd-enum-types.h, and it checks that this macro is defined */
29#define __SNAPD_GLIB_INSIDE__
30#include <snapd-glib/snapd-enum-types.h>
31#undef __SNAPD_GLIB_INSIDE__
32
27struct GsPluginData {33struct GsPluginData {
28 GsAuth *auth;34 GsAuth *auth;
29 GHashTable *store_snaps;35 GHashTable *store_snaps;
@@ -175,6 +181,8 @@ static GsApp *
175snap_to_app (GsPlugin *plugin, SnapdSnap *snap)181snap_to_app (GsPlugin *plugin, SnapdSnap *snap)
176{182{
177 GsApp *app;183 GsApp *app;
184 SnapdConfinement confinement;
185 GEnumClass *enum_class;
178186
179 /* create a unique ID for deduplication, TODO: branch? */187 /* create a unique ID for deduplication, TODO: branch? */
180 app = gs_app_new (snapd_snap_get_name (snap));188 app = gs_app_new (snapd_snap_get_name (snap));
@@ -186,7 +194,13 @@ snap_to_app (GsPlugin *plugin, SnapdSnap *snap)
186 gs_app_set_name (app, GS_APP_QUALITY_HIGHEST, snapd_snap_get_name (snap));194 gs_app_set_name (app, GS_APP_QUALITY_HIGHEST, snapd_snap_get_name (snap));
187 if (gs_plugin_check_distro_id (plugin, "ubuntu"))195 if (gs_plugin_check_distro_id (plugin, "ubuntu"))
188 gs_app_add_quirk (app, AS_APP_QUIRK_PROVENANCE);196 gs_app_add_quirk (app, AS_APP_QUIRK_PROVENANCE);
189 if (snapd_snap_get_confinement (snap) == SNAPD_CONFINEMENT_STRICT)197
198 confinement = snapd_snap_get_confinement (snap);
199 enum_class = g_type_class_ref (SNAPD_TYPE_CONFINEMENT);
200 gs_app_set_metadata (app, "snap::confinement", g_enum_get_value (enum_class, confinement)->value_nick);
201 g_type_class_unref (enum_class);
202
203 if (confinement == SNAPD_CONFINEMENT_STRICT)
190 gs_app_add_kudo (app, GS_APP_KUDO_SANDBOXED);204 gs_app_add_kudo (app, GS_APP_KUDO_SANDBOXED);
191205
192 return app;206 return app;
@@ -541,6 +555,7 @@ gs_plugin_app_install (GsPlugin *plugin,
541 GError **error)555 GError **error)
542{556{
543 g_autoptr(SnapdClient) client = NULL;557 g_autoptr(SnapdClient) client = NULL;
558 SnapdInstallFlags flags = SNAPD_INSTALL_FLAGS_NONE;
544559
545 /* We can only install apps we know of */560 /* We can only install apps we know of */
546 if (g_strcmp0 (gs_app_get_management_plugin (app), "snap") != 0)561 if (g_strcmp0 (gs_app_get_management_plugin (app), "snap") != 0)
@@ -550,7 +565,9 @@ gs_plugin_app_install (GsPlugin *plugin,
550 client = get_client (plugin, cancellable, error);565 client = get_client (plugin, cancellable, error);
551 if (client == NULL)566 if (client == NULL)
552 return FALSE;567 return FALSE;
553 if (!snapd_client_install_sync (client, gs_app_get_id (app), NULL, progress_cb, app, cancellable, error)) {568 if (g_strcmp0 (gs_app_get_metadata_item (app, "snap::confinement"), "classic") == 0)
569 flags |= SNAPD_INSTALL_FLAGS_CLASSIC;
570 if (!snapd_client_install2_sync (client, flags, gs_app_get_id (app), NULL, NULL, progress_cb, app, cancellable, error)) {
554 gs_app_set_state_recover (app);571 gs_app_set_state_recover (app);
555 return FALSE;572 return FALSE;
556 }573 }
diff --git a/src/gs-details-page.c b/src/gs-details-page.c
index d93c6b5..9a3d760 100644
--- a/src/gs-details-page.c
+++ b/src/gs-details-page.c
@@ -142,6 +142,7 @@ struct _GsDetailsPage
142 GtkWidget *label_content_rating_none;142 GtkWidget *label_content_rating_none;
143 GtkWidget *button_details_rating_value;143 GtkWidget *button_details_rating_value;
144 GtkWidget *label_details_rating_title;144 GtkWidget *label_details_rating_title;
145 GtkWidget *box_not_sandboxed_warning;
145};146};
146147
147G_DEFINE_TYPE (GsDetailsPage, gs_details_page, GS_TYPE_PAGE)148G_DEFINE_TYPE (GsDetailsPage, gs_details_page, GS_TYPE_PAGE)
@@ -964,6 +965,18 @@ gs_details_page_refresh_all (GsDetailsPage *self)
964 break;965 break;
965 }966 }
966967
968 /* Display a warning about non-sandboxed apps that may come
969 * from third party sources. Currently only checking snaps. */
970 ret = FALSE;
971 switch (gs_app_get_bundle_kind (self->app)) {
972 case AS_BUNDLE_KIND_SNAP:
973 ret |= (kudos & GS_APP_KUDO_SANDBOXED) == 0;
974 break;
975 default:
976 break;
977 }
978 gtk_widget_set_visible (self->box_not_sandboxed_warning, ret);
979
967 /* are we trying to replace something in the baseos */980 /* are we trying to replace something in the baseos */
968 gtk_widget_set_visible (self->infobar_details_package_baseos,981 gtk_widget_set_visible (self->infobar_details_package_baseos,
969 gs_app_has_quirk (self->app, AS_APP_QUIRK_COMPULSORY) &&982 gs_app_has_quirk (self->app, AS_APP_QUIRK_COMPULSORY) &&
@@ -2351,6 +2364,7 @@ gs_details_page_class_init (GsDetailsPageClass *klass)
2351 gtk_widget_class_bind_template_child (widget_class, GsDetailsPage, label_content_rating_none);2364 gtk_widget_class_bind_template_child (widget_class, GsDetailsPage, label_content_rating_none);
2352 gtk_widget_class_bind_template_child (widget_class, GsDetailsPage, button_details_rating_value);2365 gtk_widget_class_bind_template_child (widget_class, GsDetailsPage, button_details_rating_value);
2353 gtk_widget_class_bind_template_child (widget_class, GsDetailsPage, label_details_rating_title);2366 gtk_widget_class_bind_template_child (widget_class, GsDetailsPage, label_details_rating_title);
2367 gtk_widget_class_bind_template_child (widget_class, GsDetailsPage, box_not_sandboxed_warning);
2354}2368}
23552369
2356static void2370static void
diff --git a/src/gs-details-page.ui b/src/gs-details-page.ui
index f1f1bd4..7d8cec5 100644
--- a/src/gs-details-page.ui
+++ b/src/gs-details-page.ui
@@ -601,6 +601,46 @@
601 </packing>601 </packing>
602 </child>602 </child>
603 <child>603 <child>
604 <object class="GtkBox" id="box_not_sandboxed_warning">
605 <property name="visible">False</property>
606 <property name="can_focus">False</property>
607 <property name="spacing">30</property>
608 <child>
609 <object class="GtkImage" id="image_not_sandboxed_image_icon">
610 <property name="visible">True</property>
611 <property name="can_focus">False</property>
612 <property name="pixel_size">16</property>
613 <property name="icon_name">dialog-warning</property>
614 <property name="icon_size">6</property>
615 </object>
616 <packing>
617 <property name="expand">False</property>
618 <property name="fill">True</property>
619 <property name="position">0</property>
620 </packing>
621 </child>
622 <child>
623 <object class="GtkLabel" id="label_not_sandboxed_warning">
624 <property name="visible">True</property>
625 <property name="can_focus">False</property>
626 <property name="label" translatable="yes">This third party package is not sandboxed. It will have access to your documents.</property>
627 <property name="xalign">0</property>
628 <property name="yalign">0.5</property>
629 </object>
630 <packing>
631 <property name="expand">True</property>
632 <property name="fill">True</property>
633 <property name="position">1</property>
634 </packing>
635 </child>
636 </object>
637 <packing>
638 <property name="expand">True</property>
639 <property name="fill">True</property>
640 <property name="position">12</property>
641 </packing>
642 </child>
643 <child>
604 <object class="GtkBox" id="box_details_details">644 <object class="GtkBox" id="box_details_details">
605 <property name="visible">True</property>645 <property name="visible">True</property>
606 <property name="can_focus">False</property>646 <property name="can_focus">False</property>
@@ -1135,7 +1175,7 @@
1135 <packing>1175 <packing>
1136 <property name="expand">False</property>1176 <property name="expand">False</property>
1137 <property name="fill">True</property>1177 <property name="fill">True</property>
1138 <property name="position">12</property>1178 <property name="position">13</property>
1139 </packing>1179 </packing>
1140 </child>1180 </child>
1141 <child>1181 <child>
@@ -1198,7 +1238,7 @@
1198 <packing>1238 <packing>
1199 <property name="expand">False</property>1239 <property name="expand">False</property>
1200 <property name="fill">True</property>1240 <property name="fill">True</property>
1201 <property name="position">13</property>1241 <property name="position">15</property>
1202 </packing>1242 </packing>
1203 </child>1243 </child>
1204 <child>1244 <child>

Subscribers

People subscribed via source and target branches

to all changes: