Thumbnailer

Merge lp:~jamesh/thumbnailer/dbus-aa-credentials into lp:thumbnailer/devel

  1. dbus-aa-credentials
  2. Merge into devel
Proposed by James Henstridge
Status: Merged
Approved by: Michi Henning
Approved revision: 223
Merged at revision: 214
Proposed branch: lp:~jamesh/thumbnailer/dbus-aa-credentials
Merge into: lp:thumbnailer/devel
Diff against target: 526 lines (+324/-7)
11 files modified
CMakeLists.txt (+1/-0)
debian/control (+1/-0)
src/service/CMakeLists.txt (+8/-2)
src/service/bus.xml (+9/-0)
src/service/credentialscache.cpp (+179/-0)
src/service/credentialscache.h (+81/-0)
src/service/dbusinterface.cpp (+16/-3)
src/service/dbusinterface.h (+4/-0)
src/service/handler.cpp (+21/-1)
src/service/handler.h (+3/-0)
tests/qml/CMakeLists.txt (+1/-1)
To merge this branch: bzr merge lp:~jamesh/thumbnailer/dbus-aa-credentials
Reviewer Review Type Date Requested Status
Michi Henning (community) Approve
PS Jenkins bot (community) continuous-integration Approve
Review via email: mp+261824@code.launchpad.net

Commit message

Track the credentials (user ID, AppArmor label) of clients connecting to the D-Bus service. This is not yet used to make security decisions.

Description of the change

This is the first step of the changing our security policy to rely on aa_query_label().

I've introduced a new step for the request handler to determine the AppArmor security context of the client. At the moment we're only printing it out in a log message, but eventually this information will be pushed down to the ThumbnailRequest where it can be used to make the security decision.

You can test this on the desktop by running thumbnailer-service in one terminal and in another run something like:

    aa-exec -p $profile thumbnailer-admin get $filename outdir/

You can get a list of available profiles on the system with "sudo aa-status". When run on the phone, you should see the labels for confined clients.

To avoid excessive GetConnectionCredentials() calls to the bus daemon, we cache the results in the CredentialsCache class.

To post a comment you must log in.
Revision history for this message
PS Jenkins bot (ps-jenkins) wrote :

PASSED: Continuous integration, rev:220
http://jenkins.qa.ubuntu.com/job/thumbnailer-devel-ci/269/
Executed test runs:
    SUCCESS: http://jenkins.qa.ubuntu.com/job/thumbnailer-devel-wily-amd64-ci/78
    SUCCESS: http://jenkins.qa.ubuntu.com/job/thumbnailer-devel-wily-armhf-ci/78
        deb: http://jenkins.qa.ubuntu.com/job/thumbnailer-devel-wily-armhf-ci/78/artifact/work/output/*zip*/output.zip
    SUCCESS: http://jenkins.qa.ubuntu.com/job/thumbnailer-devel-wily-i386-ci/78

Click here to trigger a rebuild:
http://s-jenkins.ubuntu-ci:8080/job/thumbnailer-devel-ci/269/rebuild

review: Approve (continuous-integration)
lp:~jamesh/thumbnailer/dbus-aa-credentials updated
221. By James Henstridge

A few style changes.

Revision history for this message
PS Jenkins bot (ps-jenkins) wrote :

PASSED: Continuous integration, rev:221
http://jenkins.qa.ubuntu.com/job/thumbnailer-devel-ci/270/
Executed test runs:
    SUCCESS: http://jenkins.qa.ubuntu.com/job/thumbnailer-devel-wily-amd64-ci/79
    SUCCESS: http://jenkins.qa.ubuntu.com/job/thumbnailer-devel-wily-armhf-ci/79
        deb: http://jenkins.qa.ubuntu.com/job/thumbnailer-devel-wily-armhf-ci/79/artifact/work/output/*zip*/output.zip
    SUCCESS: http://jenkins.qa.ubuntu.com/job/thumbnailer-devel-wily-i386-ci/79

Click here to trigger a rebuild:
http://s-jenkins.ubuntu-ci:8080/job/thumbnailer-devel-ci/270/rebuild

review: Approve (continuous-integration)
Revision history for this message
Michi Henning (michihenning) wrote :

Looks really nice, thank you!

Just to show that I read it, I have to make at least one anal-retentive comment ;-)

qWarning() << "CredentialsCache::received_credentials: error retrieving credentials for" << peer << ":" << reply.error().message();

Should be

... CredentialsCache::received_credentials(): error ...

Splitting the line into two shorter ones would make it a little bit more readable.

review: Needs Fixing
lp:~jamesh/thumbnailer/dbus-aa-credentials updated
222. By James Henstridge

Make qml_test depend on thumbnailer-qml.

223. By James Henstridge

Fix up warning message, from Michi's review.

Revision history for this message
Michi Henning (michihenning) wrote :

Sweet, thank you!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'CMakeLists.txt'
--- CMakeLists.txt 2015-06-06 08:39:23 +0000
+++ CMakeLists.txt 2015-06-15 01:16:40 +0000
@@ -97,6 +97,7 @@
97pkg_check_modules(GIO_DEPS REQUIRED gio-2.0 gio-unix-2.0)97pkg_check_modules(GIO_DEPS REQUIRED gio-2.0 gio-unix-2.0)
98pkg_check_modules(IMG_DEPS REQUIRED gdk-pixbuf-2.0 libexif)98pkg_check_modules(IMG_DEPS REQUIRED gdk-pixbuf-2.0 libexif)
99pkg_check_modules(UNITY_API_DEPS REQUIRED libunity-api)99pkg_check_modules(UNITY_API_DEPS REQUIRED libunity-api)
100pkg_check_modules(APPARMOR_DEPS REQUIRED libapparmor)
100101
101include_directories(${GST_DEPS_INCLUDE_DIRS})102include_directories(${GST_DEPS_INCLUDE_DIRS})
102include_directories(${GOBJ_DEPS_INCLUDE_DIRS})103include_directories(${GOBJ_DEPS_INCLUDE_DIRS})
103104
=== modified file 'debian/control'
--- debian/control 2015-05-05 09:19:37 +0000
+++ debian/control 2015-06-15 01:16:40 +0000
@@ -7,6 +7,7 @@
7 cmake-extras,7 cmake-extras,
8 debhelper (>= 9),8 debhelper (>= 9),
9 gstreamer1.0-plugins-good,9 gstreamer1.0-plugins-good,
10 libapparmor-dev,
10 libboost-filesystem-dev,11 libboost-filesystem-dev,
11 libexif-dev,12 libexif-dev,
12 libgdk-pixbuf2.0-dev,13 libgdk-pixbuf2.0-dev,
1314
=== modified file 'src/service/CMakeLists.txt'
--- src/service/CMakeLists.txt 2015-06-08 03:25:50 +0000
+++ src/service/CMakeLists.txt 2015-06-15 01:16:40 +0000
@@ -1,10 +1,15 @@
1add_definitions(${THUMBNAILER_CFLAGS})1add_definitions(${APPARMOR_DEPS_CFLAGS})
22
3qt5_add_dbus_adaptor(adaptor_files dbusinterface.xml dbusinterface.h unity::thumbnailer::service::DBusInterface)3qt5_add_dbus_adaptor(adaptor_files dbusinterface.xml dbusinterface.h unity::thumbnailer::service::DBusInterface)
4qt5_add_dbus_adaptor(adaptor_files admininterface.xml admininterface.h unity::thumbnailer::service::AdminInterface)4qt5_add_dbus_adaptor(adaptor_files admininterface.xml admininterface.h unity::thumbnailer::service::AdminInterface)
55
6set_source_files_properties(bus.xml PROPERTIES
7 CLASSNAME BusInterface)
8qt5_add_dbus_interface(interface_files bus.xml businterface)
9
6add_executable(thumbnailer-service10add_executable(thumbnailer-service
7 admininterface.cpp11 admininterface.cpp
12 credentialscache.cpp
8 dbusinterface.cpp13 dbusinterface.cpp
9 handler.cpp14 handler.cpp
10 inactivityhandler.cpp15 inactivityhandler.cpp
@@ -12,10 +17,11 @@
12 ratelimiter.cpp17 ratelimiter.cpp
13 stats.cpp18 stats.cpp
14 ${adaptor_files}19 ${adaptor_files}
20 ${interface_files}
15 )21 )
1622
17qt5_use_modules(thumbnailer-service DBus Concurrent)23qt5_use_modules(thumbnailer-service DBus Concurrent)
18target_link_libraries(thumbnailer-service thumbnailer ${CMAKE_THREAD_LIBS_INIT})24target_link_libraries(thumbnailer-service thumbnailer ${CMAKE_THREAD_LIBS_INIT} ${APPARMOR_DEPS_LDFLAGS})
19set_target_properties(thumbnailer-service PROPERTIES AUTOMOC TRUE)25set_target_properties(thumbnailer-service PROPERTIES AUTOMOC TRUE)
20add_dependencies(thumbnailer-service vs-thumb)26add_dependencies(thumbnailer-service vs-thumb)
2127
2228
=== added file 'src/service/bus.xml'
--- src/service/bus.xml 1970-01-01 00:00:00 +0000
+++ src/service/bus.xml 2015-06-15 01:16:40 +0000
@@ -0,0 +1,9 @@
1<node>
2 <interface name="org.freedesktop.DBus">
3 <method name="GetConnectionCredentials">
4 <arg direction="in" type="s" name="bus_name" />
5 <arg direction="out" type="a{sv}" name="credentials" />
6 <annotation name="org.qtproject.QtDBus.QtTypeName.Out0" value="QVariantMap" />
7 </method>
8 </interface>
9</node>
010
=== added file 'src/service/credentialscache.cpp'
--- src/service/credentialscache.cpp 1970-01-01 00:00:00 +0000
+++ src/service/credentialscache.cpp 2015-06-15 01:16:40 +0000
@@ -0,0 +1,179 @@
1/*
2 * Copyright (C) 2015 Canonical, Ltd.
3 *
4 * This library is free software; you can redistribute it and/or modify it under
5 * the terms of version 3 of the GNU General Public License as published
6 * by the Free Software Foundation.
7 *
8 * This library is distributed in the hope that it will be useful, but WITHOUT
9 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
10 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
11 * details.
12 *
13 * You should have received a copy of the GNU General Public License
14 * along with this program. If not, see <http://www.gnu.org/licenses/>.
15 *
16 * Authors:
17 * James Henstridge <james.henstridge@canonical.com>
18 */
19
20#include "credentialscache.h"
21
22#include <QDBusPendingCallWatcher>
23
24#include <assert.h>
25#include <vector>
26#include <sys/apparmor.h>
27
28using namespace std;
29
30namespace {
31
32char const DBUS_BUS_NAME[] = "org.freedesktop.DBus";
33char const DBUS_BUS_PATH[] = "/org/freedesktop/DBus";
34
35char const UNIX_USER_ID[] = "UnixUserID";
36char const LINUX_SECURITY_LABEL[] = "LinuxSecurityLabel";
37
38int const MAX_CACHE_SIZE = 50;
39
40}
41
42namespace unity
43{
44
45namespace thumbnailer
46{
47
48namespace service
49{
50
51struct CredentialsCache::Request
52{
53 QDBusPendingCallWatcher watcher;
54 std::vector<CredentialsCache::Callback> callbacks;
55
56 Request(QDBusPendingReply<QVariantMap> call) : watcher(call) {}
57};
58
59CredentialsCache::CredentialsCache(QDBusConnection const& bus)
60 : bus_daemon_(DBUS_BUS_NAME, DBUS_BUS_PATH, bus)
61 , apparmor_enabled_(aa_is_enabled())
62{
63}
64
65CredentialsCache::~CredentialsCache() = default;
66
67void CredentialsCache::get(QString const& peer, Callback callback)
68{
69 // Return the credentials directly if they are cached
70 try
71 {
72 Credentials const& credentials = cache_.at(peer);
73 callback(credentials);
74 return;
75 }
76 catch (std::out_of_range const &)
77 {
78 // ignore
79 }
80
81 // If the credentials exist in the previous generation of the
82 // cache, move them to the current generation.
83 try
84 {
85 Credentials& credentials = old_cache_.at(peer);
86 cache_.emplace(peer, std::move(credentials));
87 old_cache_.erase(peer);
88 callback(cache_.at(peer));
89 return;
90 }
91 catch (std::out_of_range const &)
92 {
93 // ignore
94 }
95
96 // If the credentials are already being requested, add ourselves
97 // to the callback list.
98 try
99 {
100 unique_ptr<Request>& request = pending_.at(peer);
101 request->callbacks.push_back(callback);
102 return;
103 }
104 catch (std::out_of_range const &)
105 {
106 // ignore
107 }
108
109 // Ask the bus daemon for the peer's credentials
110 unique_ptr<Request> request(
111 new Request(bus_daemon_.GetConnectionCredentials(peer)));
112 QObject::connect(&request->watcher, &QDBusPendingCallWatcher::finished,
113 [this, peer](QDBusPendingCallWatcher *watcher)
114 {
115 this->received_credentials(peer, *watcher);
116 });
117 request->callbacks.push_back(callback);
118 pending_.emplace(peer, std::move(request));
119}
120
121void CredentialsCache::received_credentials(QString const& peer, QDBusPendingReply<QVariantMap> reply)
122{
123 Credentials credentials;
124 if (reply.isError())
125 {
126 qWarning() << "CredentialsCache::received_credentials(): "
127 "error retrieving credentials for" << peer <<
128 ":" << reply.error().message();
129 }
130 else
131 {
132 credentials.valid = true;
133 // The contents of this map are described in the specification here:
134 // http://dbus.freedesktop.org/doc/dbus-specification.html#bus-messages-get-connection-credentials
135 credentials.user = reply.value().value(UNIX_USER_ID).value<uint32_t>();
136 if (apparmor_enabled_)
137 {
138 QByteArray label = reply.value().value(LINUX_SECURITY_LABEL).value<QByteArray>();
139 if (label.size() > 0) {
140 // The label is null terminated.
141 assert(label[label.size()-1] == '\0');
142 label.truncate(label.size() - 1);
143 // Trim the mode off the end of the label.
144 int pos = label.lastIndexOf(' ');
145 if (pos > 0 && label.endsWith(')') && label[pos+1] == '(')
146 {
147 label.truncate(pos);
148 }
149 credentials.label = string(label.constData(), label.size());
150 }
151 }
152 else
153 {
154 // If AppArmor is not enabled, treat peer as unconfined.
155 credentials.label = "unconfined";
156 }
157 }
158
159 // If we've hit our maximum cache size, start a new generation.
160 if (cache_.size() >= MAX_CACHE_SIZE)
161 {
162 old_cache_ = std::move(cache_);
163 cache_.clear();
164 }
165 cache_.emplace(peer, credentials);
166
167 // Notify anyone waiting on the request and remove it from the map:
168 for (auto& callback : pending_.at(peer)->callbacks)
169 {
170 callback(credentials);
171 }
172 pending_.erase(peer);
173}
174
175} // namespace service
176
177} // namespace thumbnailer
178
179} // namespace unity
0180
=== added file 'src/service/credentialscache.h'
--- src/service/credentialscache.h 1970-01-01 00:00:00 +0000
+++ src/service/credentialscache.h 2015-06-15 01:16:40 +0000
@@ -0,0 +1,81 @@
1/*
2 * Copyright (C) 2015 Canonical, Ltd.
3 *
4 * This library is free software; you can redistribute it and/or modify it under
5 * the terms of version 3 of the GNU General Public License as published
6 * by the Free Software Foundation.
7 *
8 * This library is distributed in the hope that it will be useful, but WITHOUT
9 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
10 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
11 * details.
12 *
13 * You should have received a copy of the GNU General Public License
14 * along with this program. If not, see <http://www.gnu.org/licenses/>.
15 *
16 * Authors:
17 * James Henstridge <james.henstridge@canonical.com>
18 */
19
20#pragma once
21
22#include "businterface.h"
23
24#include <QDBusConnection>
25#include <QDBusPendingCall>
26#include <QString>
27
28#include <functional>
29#include <map>
30#include <memory>
31#include <string>
32#include <sys/types.h>
33
34namespace unity
35{
36
37namespace thumbnailer
38{
39
40namespace service
41{
42
43
44class CredentialsCache final {
45public:
46 struct Credentials
47 {
48 bool valid = false;
49 uid_t user = 0;
50 // Not using QString, because this is not necessarily unicode.
51 std::string label;
52 };
53 typedef std::function<void(Credentials const&)> Callback;
54
55 CredentialsCache(QDBusConnection const& bus);
56 ~CredentialsCache();
57
58 CredentialsCache(CredentialsCache const&) = delete;
59 CredentialsCache& operator=(CredentialsCache const&) = delete;
60
61 // Retrieve the security credentials for the given D-Bus peer.
62 void get(QString const& peer, Callback callback);
63
64private:
65 struct Request;
66
67 BusInterface bus_daemon_;
68 bool apparmor_enabled_;
69
70 std::map<QString,Credentials> cache_;
71 std::map<QString,Credentials> old_cache_;
72 std::map<QString,std::unique_ptr<Request>> pending_;
73
74 void received_credentials(QString const& peer, QDBusPendingReply<QVariantMap> reply);
75};
76
77} // namespace service
78
79} // namespace thumbnailer
80
81} // namespace unity
082
=== modified file 'src/service/dbusinterface.cpp'
--- src/service/dbusinterface.cpp 2015-06-08 03:59:53 +0000
+++ src/service/dbusinterface.cpp 2015-06-15 01:16:40 +0000
@@ -52,6 +52,15 @@
52{52{
53}53}
5454
55CredentialsCache& DBusInterface::credentials()
56{
57 if (!credentials_)
58 {
59 credentials_.reset(new CredentialsCache(connection()));
60 }
61 return *credentials_.get();
62}
63
55QDBusUnixFileDescriptor DBusInterface::GetAlbumArt(QString const& artist,64QDBusUnixFileDescriptor DBusInterface::GetAlbumArt(QString const& artist,
56 QString const& album,65 QString const& album,
57 QSize const& requestedSize)66 QSize const& requestedSize)
@@ -64,7 +73,8 @@
64 auto request = thumbnailer_->get_album_art(artist.toStdString(), album.toStdString(), requestedSize);73 auto request = thumbnailer_->get_album_art(artist.toStdString(), album.toStdString(), requestedSize);
65 queueRequest(new Handler(connection(), message(),74 queueRequest(new Handler(connection(), message(),
66 check_thread_pool_, create_thread_pool_,75 check_thread_pool_, create_thread_pool_,
67 download_limiter_, std::move(request), details));76 download_limiter_, credentials(),
77 std::move(request), details));
68 }78 }
69 // LCOV_EXCL_START79 // LCOV_EXCL_START
70 catch (exception const& e)80 catch (exception const& e)
@@ -89,7 +99,8 @@
89 auto request = thumbnailer_->get_artist_art(artist.toStdString(), album.toStdString(), requestedSize);99 auto request = thumbnailer_->get_artist_art(artist.toStdString(), album.toStdString(), requestedSize);
90 queueRequest(new Handler(connection(), message(),100 queueRequest(new Handler(connection(), message(),
91 check_thread_pool_, create_thread_pool_,101 check_thread_pool_, create_thread_pool_,
92 download_limiter_, std::move(request), details));102 download_limiter_, credentials(),
103 std::move(request), details));
93 }104 }
94 // LCOV_EXCL_START105 // LCOV_EXCL_START
95 catch (exception const& e)106 catch (exception const& e)
@@ -107,6 +118,7 @@
107 QSize const& requestedSize)118 QSize const& requestedSize)
108{119{
109 std::unique_ptr<ThumbnailRequest> request;120 std::unique_ptr<ThumbnailRequest> request;
121
110 try122 try
111 {123 {
112 QString details;124 QString details;
@@ -115,7 +127,8 @@
115 auto request = thumbnailer_->get_thumbnail(filename.toStdString(), filename_fd.fileDescriptor(), requestedSize);127 auto request = thumbnailer_->get_thumbnail(filename.toStdString(), filename_fd.fileDescriptor(), requestedSize);
116 queueRequest(new Handler(connection(), message(),128 queueRequest(new Handler(connection(), message(),
117 check_thread_pool_, create_thread_pool_,129 check_thread_pool_, create_thread_pool_,
118 extraction_limiter_, std::move(request), details));130 extraction_limiter_, credentials(),
131 std::move(request), details));
119 }132 }
120 catch (exception const& e)133 catch (exception const& e)
121 {134 {
122135
=== modified file 'src/service/dbusinterface.h'
--- src/service/dbusinterface.h 2015-06-05 08:27:20 +0000
+++ src/service/dbusinterface.h 2015-06-15 01:16:40 +0000
@@ -19,6 +19,7 @@
1919
20#pragma once20#pragma once
2121
22#include "credentialscache.h"
22#include "handler.h"23#include "handler.h"
23#include "ratelimiter.h"24#include "ratelimiter.h"
2425
@@ -65,9 +66,12 @@
65 void startInactivity();66 void startInactivity();
6667
67private:68private:
69 CredentialsCache& credentials();
70
68 std::shared_ptr<unity::thumbnailer::internal::Thumbnailer> const& thumbnailer_;71 std::shared_ptr<unity::thumbnailer::internal::Thumbnailer> const& thumbnailer_;
69 std::shared_ptr<QThreadPool> check_thread_pool_;72 std::shared_ptr<QThreadPool> check_thread_pool_;
70 std::shared_ptr<QThreadPool> create_thread_pool_;73 std::shared_ptr<QThreadPool> create_thread_pool_;
74 std::unique_ptr<CredentialsCache> credentials_;
71 std::map<Handler*, std::unique_ptr<Handler>> requests_;75 std::map<Handler*, std::unique_ptr<Handler>> requests_;
72 std::map<std::string, std::vector<Handler*>> request_keys_;76 std::map<std::string, std::vector<Handler*>> request_keys_;
73 unity::thumbnailer::internal::Settings settings_;77 unity::thumbnailer::internal::Settings settings_;
7478
=== modified file 'src/service/handler.cpp'
--- src/service/handler.cpp 2015-06-08 03:25:50 +0000
+++ src/service/handler.cpp 2015-06-15 01:16:40 +0000
@@ -122,6 +122,7 @@
122 shared_ptr<QThreadPool> check_pool;122 shared_ptr<QThreadPool> check_pool;
123 shared_ptr<QThreadPool> create_pool;123 shared_ptr<QThreadPool> create_pool;
124 RateLimiter& limiter;124 RateLimiter& limiter;
125 CredentialsCache& creds;
125 unique_ptr<ThumbnailRequest> request;126 unique_ptr<ThumbnailRequest> request;
126 chrono::system_clock::time_point start_time; // Overall start time127 chrono::system_clock::time_point start_time; // Overall start time
127 chrono::system_clock::time_point finish_time; // Overall finish time128 chrono::system_clock::time_point finish_time; // Overall finish time
@@ -139,6 +140,7 @@
139 shared_ptr<QThreadPool> check_pool,140 shared_ptr<QThreadPool> check_pool,
140 shared_ptr<QThreadPool> create_pool,141 shared_ptr<QThreadPool> create_pool,
141 RateLimiter& limiter,142 RateLimiter& limiter,
143 CredentialsCache& creds,
142 unique_ptr<ThumbnailRequest>&& request,144 unique_ptr<ThumbnailRequest>&& request,
143 QString const& details)145 QString const& details)
144 : bus(bus)146 : bus(bus)
@@ -146,6 +148,7 @@
146 , check_pool(check_pool)148 , check_pool(check_pool)
147 , create_pool(create_pool)149 , create_pool(create_pool)
148 , limiter(limiter)150 , limiter(limiter)
151 , creds(creds)
149 , request(move(request))152 , request(move(request))
150 , details(details)153 , details(details)
151 {154 {
@@ -158,9 +161,10 @@
158 shared_ptr<QThreadPool> check_pool,161 shared_ptr<QThreadPool> check_pool,
159 shared_ptr<QThreadPool> create_pool,162 shared_ptr<QThreadPool> create_pool,
160 RateLimiter& limiter,163 RateLimiter& limiter,
164 CredentialsCache& creds,
161 unique_ptr<ThumbnailRequest>&& request,165 unique_ptr<ThumbnailRequest>&& request,
162 QString const& details)166 QString const& details)
163 : p(new HandlerPrivate(bus, message, check_pool, create_pool, limiter, move(request), details))167 : p(new HandlerPrivate(bus, message, check_pool, create_pool, limiter, creds, move(request), details))
164{168{
165 connect(&p->checkWatcher, &QFutureWatcher<FdOrError>::finished, this, &Handler::checkFinished);169 connect(&p->checkWatcher, &QFutureWatcher<FdOrError>::finished, this, &Handler::checkFinished);
166 connect(p->request.get(), &ThumbnailRequest::downloadFinished, this, &Handler::downloadFinished);170 connect(p->request.get(), &ThumbnailRequest::downloadFinished, this, &Handler::downloadFinished);
@@ -182,6 +186,22 @@
182186
183void Handler::begin()187void Handler::begin()
184{188{
189 p->creds.get(p->message.service(),
190 [this](CredentialsCache::Credentials const& credentials)
191 {
192 gotCredentials(credentials);
193 });
194}
195
196void Handler::gotCredentials(CredentialsCache::Credentials const& credentials)
197{
198 if (!credentials.valid)
199 {
200 sendError("gotCredentials(): " + details() + ": could not retrieve peer credentials");
201 return;
202 }
203 qDebug() << "Peer" << p->message.service() << "has uid =" << credentials.user << "label =" << QString::fromStdString(credentials.label);
204
185 auto do_check = [this]() -> FdOrError205 auto do_check = [this]() -> FdOrError
186 {206 {
187 try207 try
188208
=== modified file 'src/service/handler.h'
--- src/service/handler.h 2015-06-08 02:34:13 +0000
+++ src/service/handler.h 2015-06-15 01:16:40 +0000
@@ -19,6 +19,7 @@
1919
20#pragma once20#pragma once
2121
22#include "credentialscache.h"
22#include "ratelimiter.h"23#include "ratelimiter.h"
23#include <internal/thumbnailer.h>24#include <internal/thumbnailer.h>
2425
@@ -51,6 +52,7 @@
51 std::shared_ptr<QThreadPool> check_pool,52 std::shared_ptr<QThreadPool> check_pool,
52 std::shared_ptr<QThreadPool> create_pool,53 std::shared_ptr<QThreadPool> create_pool,
53 RateLimiter& limiter,54 RateLimiter& limiter,
55 CredentialsCache& creds,
54 std::unique_ptr<internal::ThumbnailRequest>&& request,56 std::unique_ptr<internal::ThumbnailRequest>&& request,
55 QString const& details);57 QString const& details);
56 ~Handler();58 ~Handler();
@@ -78,6 +80,7 @@
78private:80private:
79 void sendThumbnail(QDBusUnixFileDescriptor const& unix_fd);81 void sendThumbnail(QDBusUnixFileDescriptor const& unix_fd);
80 void sendError(QString const& error);82 void sendError(QString const& error);
83 void gotCredentials(CredentialsCache::Credentials const& credentials);
81 QDBusUnixFileDescriptor check();84 QDBusUnixFileDescriptor check();
82 QDBusUnixFileDescriptor create();85 QDBusUnixFileDescriptor create();
8386
8487
=== modified file 'tests/qml/CMakeLists.txt'
--- tests/qml/CMakeLists.txt 2015-06-04 08:45:20 +0000
+++ tests/qml/CMakeLists.txt 2015-06-15 01:16:40 +0000
@@ -1,5 +1,5 @@
1add_executable(qml_test qml_test.cpp)1add_executable(qml_test qml_test.cpp)
2qt5_use_modules(qml_test Qml DBus QuickTest)2qt5_use_modules(qml_test Qml DBus QuickTest)
3target_link_libraries(qml_test testutils)3target_link_libraries(qml_test testutils)
4add_dependencies(qml_test thumbnailer-service)4add_dependencies(qml_test thumbnailer-service thumbnailer-qml)
5add_test(qml xvfb-run -a -s "-screen 0 800x600x24" ./qml_test -import ${CMAKE_BINARY_DIR}/plugins)5add_test(qml xvfb-run -a -s "-screen 0 800x600x24" ./qml_test -import ${CMAKE_BINARY_DIR}/plugins)

Subscribers

People subscribed via source and target branches

to all changes: