Fix AdminAuthorization implementation.

- execute() does the magic of getting privileges and starting the process - hasAdminRights() simply returns if we started privileged.. Change-Id: I0940a02556fe240af0ee7dfb068f7f8009eb683e Reviewed-by: Karsten Heimrich <karsten.heimrich@digia.com>
2025-04-29 15:04:32 +00:00 · 2014-06-13 12:03:49 +02:00 · 2014-06-13 12:03:49 +02:00 · b8c0d6d49b
commit b8c0d6d49b
parent 246e13d692
7 changed files with 50 additions and 200 deletions
--- a/src/libs/installer/adminauthorization.cpp
+++ b/src/libs/installer/adminauthorization.cpp
@ -1,57 +0,0 @@
 /**************************************************************************
 **
 ** Copyright (C) 2012-2013 Digia Plc and/or its subsidiary(-ies).
 ** Contact: http://www.qt-project.org/legal
 **
 ** This file is part of the Qt Installer Framework.
 **
 ** $QT_BEGIN_LICENSE:LGPL$
 ** Commercial License Usage
 ** Licensees holding valid commercial Qt licenses may use this file in
 ** accordance with the commercial license agreement provided with the
 ** Software or, alternatively, in accordance with the terms contained in
 ** a written agreement between you and Digia.  For licensing terms and
 ** conditions see http://qt.digia.com/licensing.  For further information
 ** use the contact form at http://qt.digia.com/contact-us.
 **
 ** GNU Lesser General Public License Usage
 ** Alternatively, this file may be used under the terms of the GNU Lesser
 ** General Public License version 2.1 as published by the Free Software
 ** Foundation and appearing in the file LICENSE.LGPL included in the
 ** packaging of this file.  Please review the following information to
 ** ensure the GNU Lesser General Public License version 2.1 requirements
 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
 **
 ** In addition, as a special exception, Digia gives you certain additional
 ** rights.  These rights are described in the Digia Qt LGPL Exception
 ** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
 **
 ** GNU General Public License Usage
 ** Alternatively, this file may be used under the terms of the GNU
 ** General Public License version 3.0 as published by the Free Software
 ** Foundation and appearing in the file LICENSE.GPL included in the
 ** packaging of this file.  Please review the following information to
 ** ensure the GNU General Public License version 3.0 requirements will be
 ** met: http://www.gnu.org/copyleft/gpl.html.
 **
 **
 ** $QT_END_LICENSE$
 **
 **************************************************************************/
 #include "adminauthorization.h"
 AdminAuthorizationBase::AdminAuthorizationBase()
    : m_authorized(false)
 {
 }
 bool AdminAuthorizationBase::isAuthorized() const
 {
    return m_authorized;
 }
 void AdminAuthorizationBase::setAuthorized()
 {
    m_authorized = true;
 }
--- a/src/libs/installer/adminauthorization.h
+++ b/src/libs/installer/adminauthorization.h
@ -1,6 +1,6 @@
 /**************************************************************************
 **
-** Copyright (C) 2012-2013 Digia Plc and/or its subsidiary(-ies).
+** Copyright (C) 2012-2014 Digia Plc and/or its subsidiary(-ies).
 ** Contact: http://www.qt-project.org/legal
 **
 ** This file is part of the Qt Installer Framework.
@ -42,51 +42,17 @@
 #ifndef ADMINAUTHORIZATION_H
 #define ADMINAUTHORIZATION_H
-#include <QtCore/QObject>
+#include <QWidget>
-class AdminAuthorizationBase
+namespace QInstaller {
 class AdminAuthorization
 {
 protected:
    AdminAuthorizationBase();
 public:
    virtual ~AdminAuthorizationBase() {}
    virtual bool authorize() = 0;
    bool isAuthorized() const;
 protected:  
    void setAuthorized();
 private:
    bool m_authorized;
 };
 class AdminAuthorization : public QObject, public AdminAuthorizationBase
 {
    Q_OBJECT
    Q_PROPERTY(bool authorized READ isAuthorized)
 public:
    AdminAuthorization();
 #ifdef Q_OS_MAC
    ~AdminAuthorization();
 #endif
    bool execute(QWidget *dialogParent, const QString &programs, const QStringList &arguments);
    static bool hasAdminRights();
-
+    static bool execute(QWidget *parent, const QString &programs, const QStringList &arguments);
 public Q_SLOTS:
    bool authorize();
 Q_SIGNALS:
    void authorized();
 #ifdef Q_OS_MAC
 private:
    class Private;
    Private *d;
 #endif
 };
 } // namespace QInstaller
 #endif // ADMINAUTHORIZATION_H
--- a/src/libs/installer/adminauthorization_mac.cpp
+++ b/src/libs/installer/adminauthorization_mac.cpp
@ -1,6 +1,6 @@
 /**************************************************************************
 **
-** Copyright (C) 2012-2013 Digia Plc and/or its subsidiary(-ies).
+** Copyright (C) 2012-2014 Digia Plc and/or its subsidiary(-ies).
 ** Contact: http://www.qt-project.org/legal
 **
 ** This file is part of the Qt Installer Framework.
@ -44,71 +44,31 @@
 #include <Security/Authorization.h>
 #include <Security/AuthorizationTags.h>
-#include <QtCore/QStringList>
+#include <QStringList>
-#include <QtCore/QVector>
+#include <QVector>
 #include <unistd.h>
-
+namespace QInstaller {
 // -- AdminAuthorization::Private
 class AdminAuthorization::Private
 {
 public:
    Private() : auth(0) { }
    AuthorizationRef auth;
 };
 // -- AdminAuthorization
 AdminAuthorization::AdminAuthorization()
    : d(new Private)
 {
    AuthorizationCreate(NULL, kAuthorizationEmptyEnvironment, kAuthorizationFlagDefaults, &d->auth);
 }
 AdminAuthorization::~AdminAuthorization()
 {
    AuthorizationFree(d->auth, kAuthorizationFlagDestroyRights);
    delete d;
 }
 bool AdminAuthorization::authorize()
 {
    if (geteuid() == 0)
        setAuthorized();
    if (isAuthorized())
        return true;
    AuthorizationItem item;
    item.name = kAuthorizationRightExecute;
    item.valueLength = 0;
    item.value = NULL;
    item.flags = 0;
    AuthorizationRights rights;
    rights.count = 1;
    rights.items = &item;
    const AuthorizationFlags flags = kAuthorizationFlagDefaults | kAuthorizationFlagInteractionAllowed
        | kAuthorizationFlagPreAuthorize | kAuthorizationFlagExtendRights;
    const OSStatus result = AuthorizationCopyRights(d->auth, &rights, kAuthorizationEmptyEnvironment,
        flags, 0);
    if (result != errAuthorizationSuccess)
        return false;
    seteuid(0);
    setAuthorized();
    emit authorized();
    return true;
 }
 bool AdminAuthorization::execute(QWidget *, const QString &program, const QStringList &arguments)
 {
    AuthorizationRef authorizationRef;
    OSStatus status = AuthorizationCreate(NULL, kAuthorizationEmptyEnvironment,
        kAuthorizationFlagDefaults, &authorizationRef);
    if (status != errAuthorizationSuccess)
        return false;
    AuthorizationItem item = { kAuthorizationRightExecute, 0, 0, 0 };
    AuthorizationRights rights = { 1, &item };
    const AuthorizationFlags flags = kAuthorizationFlagDefaults | kAuthorizationFlagInteractionAllowed
        | kAuthorizationFlagPreAuthorize | kAuthorizationFlagExtendRights;
    status = AuthorizationCopyRights(authorizationRef, &rights, kAuthorizationEmptyEnvironment,
        flags, 0);
    if (status != errAuthorizationSuccess)
        return false;
    QVector<char *> args;
    QVector<QByteArray> utf8Args;
    foreach (const QString &argument, arguments) {
@ -118,12 +78,16 @@ bool AdminAuthorization::execute(QWidget *, const QString &program, const QStrin
    args.push_back(0);
    const QByteArray utf8Program = program.toUtf8();
-    const OSStatus result = AuthorizationExecuteWithPrivileges(d->auth, utf8Program.data(),
+    status = AuthorizationExecuteWithPrivileges(authorizationRef, utf8Program.data(),
        kAuthorizationFlagDefaults, args.data(), 0);
-    return result == errAuthorizationSuccess;
+
    AuthorizationFree(authorizationRef, kAuthorizationFlagDestroyRights);
    return status == errAuthorizationSuccess;
 }
 bool AdminAuthorization::hasAdminRights()
 {
    return geteuid() == 0;
 }
 } // namespace QInstaller
--- a/src/libs/installer/adminauthorization_win.cpp
+++ b/src/libs/installer/adminauthorization_win.cpp
@ -1,6 +1,6 @@
 /**************************************************************************
 **
-** Copyright (C) 2012-2013 Digia Plc and/or its subsidiary(-ies).
+** Copyright (C) 2012-2014 Digia Plc and/or its subsidiary(-ies).
 ** Contact: http://www.qt-project.org/legal
 **
 ** This file is part of the Qt Installer Framework.
@ -53,6 +53,8 @@
 # endif
 #endif
 namespace QInstaller {
 struct DeCoInitializer
 {
    DeCoInitializer()
@ -67,17 +69,6 @@ struct DeCoInitializer
    bool neededCoInit;
 };
 AdminAuthorization::AdminAuthorization()
 {
 }
 bool AdminAuthorization::authorize()
 {
    setAuthorized();
    emit authorized();
    return true;
 }
 bool AdminAuthorization::hasAdminRights()
 {
    SID_IDENTIFIER_AUTHORITY authority = { SECURITY_NT_AUTHORITY };
@ -150,3 +141,5 @@ bool AdminAuthorization::execute(QWidget *, const QString &program, const QStrin
    }
    return false;
 }
 } // namespace QInstaller
--- a/src/libs/installer/adminauthorization_x11.cpp
+++ b/src/libs/installer/adminauthorization_x11.cpp
@ -1,6 +1,6 @@
 /**************************************************************************
 **
-** Copyright (C) 2012-2013 Digia Plc and/or its subsidiary(-ies).
+** Copyright (C) 2012-2014 Digia Plc and/or its subsidiary(-ies).
 ** Contact: http://www.qt-project.org/legal
 **
 ** This file is part of the Qt Installer Framework.
@ -69,31 +69,20 @@
 #define SU_COMMAND "/usr/bin/sudo"
 //#define SU_COMMAND "/bin/echo"
-AdminAuthorization::AdminAuthorization()
+namespace QInstaller {
 {
 }
-bool AdminAuthorization::authorize()
+static QString getPassword(QWidget *parent)
 {
    return true;
 }
 static QString getPassword(QWidget *)
 {
 #if QT_VERSION < 0x050000
    if (QApplication::type() == QApplication::GuiClient)
 #else
    if (qobject_cast<QApplication*> (qApp) != 0)
 #endif
 {
    if (qobject_cast<QApplication*> (qApp) != 0) {
        bool ok = false;
-        const QString result = QInputDialog::getText(0, QObject::tr("Authorization required"),
+        const QString result = QInputDialog::getText(parent, QObject::tr("Authorization required"),
           QObject::tr("Enter your password to authorize for sudo:"),
           QLineEdit::Password, QString(), &ok);
        return ok ? result : QString();
    } else {
        std::cout << QObject::tr("Authorization required").toStdString() << std::endl;
-        std::cout << QObject::tr("Enter your password to authorize for sudo:").toStdString() << std::endl;
+        std::cout << QObject::tr("Enter your password to authorize for sudo:").toStdString()
            << std::endl;
        std::string password;
        std::cin >> password;
        return QString::fromStdString(password);
@ -102,12 +91,7 @@ static QString getPassword(QWidget *)
 static void printError(QWidget *parent, const QString &value)
 {
-#if QT_VERSION < 0x050000
+    if (qobject_cast<QApplication*> (qApp) != 0) {
    if (QApplication::type() == QApplication::GuiClient)
 #else
    if (qobject_cast<QApplication*> (qApp) != 0)
 #endif
    {
        QMessageBox::critical(parent, QObject::tr( "Error acquiring admin rights" ), value,
            QMessageBox::Ok, QMessageBox::Ok);
    } else {
@ -280,3 +264,5 @@ bool AdminAuthorization::hasAdminRights()
 {
    return getuid() == 0;
 }
 } // namespace QInstaller
--- a/src/libs/installer/installer.pro
+++ b/src/libs/installer/installer.pro
@ -155,7 +155,6 @@ SOURCES += packagemanagercore.cpp \
    updater.cpp \
    operationrunner.cpp \
    updatesettings.cpp \
    adminauthorization.cpp \
    elevatedexecuteoperation.cpp \
    fakestopprocessforupdateoperation.cpp \
    lazyplaintextedit.cpp \
--- a/src/libs/installer/remoteclient_p.h
+++ b/src/libs/installer/remoteclient_p.h
@ -158,8 +158,7 @@ public:
        m_serverStarting = true;
        if (m_startServerAsAdmin) {
-            AdminAuthorization auth;
+             m_serverStarted = AdminAuthorization::execute(0, m_serverCommand, m_serverArguments);
            m_serverStarted = auth.authorize() && auth.execute(0, m_serverCommand, m_serverArguments);
            if (!m_serverStarted) {
                // something went wrong with authorizing, either user pressed cancel or entered