Fix AdminAuthorization implementation.

- execute() does the magic of getting privileges and starting
  the process
- hasAdminRights() simply returns if we started privileged..

Change-Id: I0940a02556fe240af0ee7dfb068f7f8009eb683e
Reviewed-by: Karsten Heimrich <karsten.heimrich@digia.com>

src/libs/installer/adminauthorization.cpp

@@ -1,57 +0,0 @@
-/**************************************************************************
-**
-** Copyright (C) 2012-2013 Digia Plc and/or its subsidiary(-ies).
-** Contact: http://www.qt-project.org/legal
-**
-** This file is part of the Qt Installer Framework.
-**
-** $QT_BEGIN_LICENSE:LGPL$
-** Commercial License Usage
-** Licensees holding valid commercial Qt licenses may use this file in
-** accordance with the commercial license agreement provided with the
-** Software or, alternatively, in accordance with the terms contained in
-** a written agreement between you and Digia.  For licensing terms and
-** conditions see http://qt.digia.com/licensing.  For further information
-** use the contact form at http://qt.digia.com/contact-us.
-**
-** GNU Lesser General Public License Usage
-** Alternatively, this file may be used under the terms of the GNU Lesser
-** General Public License version 2.1 as published by the Free Software
-** Foundation and appearing in the file LICENSE.LGPL included in the
-** packaging of this file.  Please review the following information to
-** ensure the GNU Lesser General Public License version 2.1 requirements
-** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
-**
-** In addition, as a special exception, Digia gives you certain additional
-** rights.  These rights are described in the Digia Qt LGPL Exception
-** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
-**
-** GNU General Public License Usage
-** Alternatively, this file may be used under the terms of the GNU
-** General Public License version 3.0 as published by the Free Software
-** Foundation and appearing in the file LICENSE.GPL included in the
-** packaging of this file.  Please review the following information to
-** ensure the GNU General Public License version 3.0 requirements will be
-** met: http://www.gnu.org/copyleft/gpl.html.
-**
-**
-** $QT_END_LICENSE$
-**
-**************************************************************************/
-
-#include "adminauthorization.h"
-
-AdminAuthorizationBase::AdminAuthorizationBase()
-    : m_authorized(false)
-{
-}
-
-bool AdminAuthorizationBase::isAuthorized() const
-{
-    return m_authorized;
-}
-
-void AdminAuthorizationBase::setAuthorized()
-{
-    m_authorized = true;
-}

src/libs/installer/adminauthorization.h

@@ -1,6 +1,6 @@
 /**************************************************************************
 **
-** Copyright (C) 2012-2013 Digia Plc and/or its subsidiary(-ies).
+** Copyright (C) 2012-2014 Digia Plc and/or its subsidiary(-ies).
 ** Contact: http://www.qt-project.org/legal
 **
 ** This file is part of the Qt Installer Framework.
@@ -42,51 +42,17 @@
 #ifndef ADMINAUTHORIZATION_H
 #define ADMINAUTHORIZATION_H
 
-#include <QtCore/QObject>
+#include <QWidget>
 
-class AdminAuthorizationBase
+namespace QInstaller {
+
+class AdminAuthorization
 {
-protected:
-    AdminAuthorizationBase();
-
 public:
-    virtual ~AdminAuthorizationBase() {}
-
-    virtual bool authorize() = 0;
-    bool isAuthorized() const;
-
-protected:  
-    void setAuthorized();
-
-private:
-    bool m_authorized;
-};
-
-class AdminAuthorization : public QObject, public AdminAuthorizationBase
-{
-    Q_OBJECT
-    Q_PROPERTY(bool authorized READ isAuthorized)
-
-public:
-    AdminAuthorization();
-#ifdef Q_OS_MAC
-    ~AdminAuthorization();
-#endif
-
-    bool execute(QWidget *dialogParent, const QString &programs, const QStringList &arguments);
     static bool hasAdminRights();
-
-public Q_SLOTS:
-    bool authorize();
-
-Q_SIGNALS:
-    void authorized();
-
-#ifdef Q_OS_MAC
-private:
-    class Private;
-    Private *d;
-#endif
+    static bool execute(QWidget *parent, const QString &programs, const QStringList &arguments);
 };
 
+} // namespace QInstaller
+
 #endif // ADMINAUTHORIZATION_H

src/libs/installer/adminauthorization_mac.cpp

@@ -1,6 +1,6 @@
 /**************************************************************************
 **
-** Copyright (C) 2012-2013 Digia Plc and/or its subsidiary(-ies).
+** Copyright (C) 2012-2014 Digia Plc and/or its subsidiary(-ies).
 ** Contact: http://www.qt-project.org/legal
 **
 ** This file is part of the Qt Installer Framework.
@@ -44,71 +44,31 @@
 #include <Security/Authorization.h>
 #include <Security/AuthorizationTags.h>
 
-#include <QtCore/QStringList>
-#include <QtCore/QVector>
+#include <QStringList>
+#include <QVector>
 
 #include <unistd.h>
 
-
-// -- AdminAuthorization::Private
-
-class AdminAuthorization::Private
-{
-public:
-    Private() : auth(0) { }
-
-    AuthorizationRef auth;
-};
-
-
-// -- AdminAuthorization
-
-AdminAuthorization::AdminAuthorization()
-    : d(new Private)
-{
-    AuthorizationCreate(NULL, kAuthorizationEmptyEnvironment, kAuthorizationFlagDefaults, &d->auth);
-}
-
-AdminAuthorization::~AdminAuthorization()
-{
-    AuthorizationFree(d->auth, kAuthorizationFlagDestroyRights);
-    delete d;
-}
-
-bool AdminAuthorization::authorize()
-{
-    if (geteuid() == 0)
-        setAuthorized();
-
-    if (isAuthorized())
-        return true;
-
-    AuthorizationItem item;
-    item.name = kAuthorizationRightExecute;
-    item.valueLength = 0;
-    item.value = NULL;
-    item.flags = 0;
-
-    AuthorizationRights rights;
-    rights.count = 1;
-    rights.items = &item;
-
-    const AuthorizationFlags flags = kAuthorizationFlagDefaults | kAuthorizationFlagInteractionAllowed
-        | kAuthorizationFlagPreAuthorize | kAuthorizationFlagExtendRights;
-
-    const OSStatus result = AuthorizationCopyRights(d->auth, &rights, kAuthorizationEmptyEnvironment,
-        flags, 0);
-    if (result != errAuthorizationSuccess)
-        return false;
-
-    seteuid(0);
-    setAuthorized();
-    emit authorized();
-    return true;
-}
+namespace QInstaller {
 
 bool AdminAuthorization::execute(QWidget *, const QString &program, const QStringList &arguments)
 {
+    AuthorizationRef authorizationRef;
+    OSStatus status = AuthorizationCreate(NULL, kAuthorizationEmptyEnvironment,
+        kAuthorizationFlagDefaults, &authorizationRef);
+    if (status != errAuthorizationSuccess)
+        return false;
+
+    AuthorizationItem item = { kAuthorizationRightExecute, 0, 0, 0 };
+    AuthorizationRights rights = { 1, &item };
+    const AuthorizationFlags flags = kAuthorizationFlagDefaults | kAuthorizationFlagInteractionAllowed
+        | kAuthorizationFlagPreAuthorize | kAuthorizationFlagExtendRights;
+
+    status = AuthorizationCopyRights(authorizationRef, &rights, kAuthorizationEmptyEnvironment,
+        flags, 0);
+    if (status != errAuthorizationSuccess)
+        return false;
+
     QVector<char *> args;
     QVector<QByteArray> utf8Args;
     foreach (const QString &argument, arguments) {
@@ -118,12 +78,16 @@ bool AdminAuthorization::execute(QWidget *, const QString &program, const QStrin
     args.push_back(0);
 
     const QByteArray utf8Program = program.toUtf8();
-    const OSStatus result = AuthorizationExecuteWithPrivileges(d->auth, utf8Program.data(),
+    status = AuthorizationExecuteWithPrivileges(authorizationRef, utf8Program.data(),
         kAuthorizationFlagDefaults, args.data(), 0);
-    return result == errAuthorizationSuccess;
+
+    AuthorizationFree(authorizationRef, kAuthorizationFlagDestroyRights);
+    return status == errAuthorizationSuccess;
 }
 
 bool AdminAuthorization::hasAdminRights()
 {
     return geteuid() == 0;
 }
+
+} // namespace QInstaller

src/libs/installer/adminauthorization_win.cpp

@@ -1,6 +1,6 @@
 /**************************************************************************
 **
-** Copyright (C) 2012-2013 Digia Plc and/or its subsidiary(-ies).
+** Copyright (C) 2012-2014 Digia Plc and/or its subsidiary(-ies).
 ** Contact: http://www.qt-project.org/legal
 **
 ** This file is part of the Qt Installer Framework.
@@ -53,6 +53,8 @@
 # endif
 #endif
 
+namespace QInstaller {
+
 struct DeCoInitializer
 {
     DeCoInitializer()
@@ -67,17 +69,6 @@ struct DeCoInitializer
     bool neededCoInit;
 };
 
-AdminAuthorization::AdminAuthorization()
-{
-}
-
-bool AdminAuthorization::authorize()
-{
-    setAuthorized();
-    emit authorized();
-    return true;
-}
-
 bool AdminAuthorization::hasAdminRights()
 {
     SID_IDENTIFIER_AUTHORITY authority = { SECURITY_NT_AUTHORITY };
@@ -150,3 +141,5 @@ bool AdminAuthorization::execute(QWidget *, const QString &program, const QStrin
     }
     return false;
 }
+
+} // namespace QInstaller

src/libs/installer/adminauthorization_x11.cpp

@@ -1,6 +1,6 @@
 /**************************************************************************
 **
-** Copyright (C) 2012-2013 Digia Plc and/or its subsidiary(-ies).
+** Copyright (C) 2012-2014 Digia Plc and/or its subsidiary(-ies).
 ** Contact: http://www.qt-project.org/legal
 **
 ** This file is part of the Qt Installer Framework.
@@ -69,31 +69,20 @@
 #define SU_COMMAND "/usr/bin/sudo"
 //#define SU_COMMAND "/bin/echo"
 
-AdminAuthorization::AdminAuthorization()
-{
-}
+namespace QInstaller {
 
-bool AdminAuthorization::authorize()
+static QString getPassword(QWidget *parent)
 {
-    return true;
-}
-  
-static QString getPassword(QWidget *)
-{
-#if QT_VERSION < 0x050000
-    if (QApplication::type() == QApplication::GuiClient)
-#else
-    if (qobject_cast<QApplication*> (qApp) != 0)
-#endif
-    {
+    if (qobject_cast<QApplication*> (qApp) != 0) {
         bool ok = false;
-        const QString result = QInputDialog::getText(0, QObject::tr("Authorization required"),
+        const QString result = QInputDialog::getText(parent, QObject::tr("Authorization required"),
            QObject::tr("Enter your password to authorize for sudo:"),
            QLineEdit::Password, QString(), &ok);
         return ok ? result : QString();
     } else {
         std::cout << QObject::tr("Authorization required").toStdString() << std::endl;
-        std::cout << QObject::tr("Enter your password to authorize for sudo:").toStdString() << std::endl;
+        std::cout << QObject::tr("Enter your password to authorize for sudo:").toStdString()
+            << std::endl;
         std::string password;
         std::cin >> password;
         return QString::fromStdString(password);
@@ -102,12 +91,7 @@ static QString getPassword(QWidget *)
 
 static void printError(QWidget *parent, const QString &value)
 {
-#if QT_VERSION < 0x050000
-    if (QApplication::type() == QApplication::GuiClient)
-#else
-    if (qobject_cast<QApplication*> (qApp) != 0)
-#endif
-    {
+    if (qobject_cast<QApplication*> (qApp) != 0) {
         QMessageBox::critical(parent, QObject::tr( "Error acquiring admin rights" ), value,
             QMessageBox::Ok, QMessageBox::Ok);
     } else {
@@ -280,3 +264,5 @@ bool AdminAuthorization::hasAdminRights()
 {
     return getuid() == 0;
 }
+
+} // namespace QInstaller

src/libs/installer/installer.pro

@@ -155,7 +155,6 @@ SOURCES += packagemanagercore.cpp \
     updater.cpp \
     operationrunner.cpp \
     updatesettings.cpp \
-    adminauthorization.cpp \
     elevatedexecuteoperation.cpp \
     fakestopprocessforupdateoperation.cpp \
     lazyplaintextedit.cpp \

src/libs/installer/remoteclient_p.h

@@ -158,8 +158,7 @@ public:
         m_serverStarting = true;
 
         if (m_startServerAsAdmin) {
-            AdminAuthorization auth;
-            m_serverStarted = auth.authorize() && auth.execute(0, m_serverCommand, m_serverArguments);
+             m_serverStarted = AdminAuthorization::execute(0, m_serverCommand, m_serverArguments);
 
             if (!m_serverStarted) {
                 // something went wrong with authorizing, either user pressed cancel or entered