Core API Reference - Authorization Entry

PolKitAuthorization

typedef struct _PolKitAuthorization PolKitAuthorization;

Objects of this class are used to represent entries in the authorization database.

Since 0.7

polkit_authorization_ref ()

PolKitAuthorization* polkit_authorization_ref           (PolKitAuthorization *auth);

Increase reference count.

Since 0.7

polkit_authorization_unref ()

void                polkit_authorization_unref          (PolKitAuthorization *auth);

Decreases the reference count of the object. If it becomes zero, the object is freed. Before freeing, reference counts on embedded objects are decresed by one.

Since 0.7

polkit_authorization_debug ()

void                polkit_authorization_debug          (PolKitAuthorization *auth);

Print debug details

Since 0.7

polkit_authorization_validate ()

polkit_bool_t       polkit_authorization_validate       (PolKitAuthorization *auth);

Validate the object

Since 0.7

enum PolKitAuthorizationScope

typedef enum {
        POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT,
        POLKIT_AUTHORIZATION_SCOPE_PROCESS,
        POLKIT_AUTHORIZATION_SCOPE_SESSION,
        POLKIT_AUTHORIZATION_SCOPE_ALWAYS,
} PolKitAuthorizationScope;

The scope of an authorization; e.g. whether it's limited to a process, a session or unlimited.

Since 0.7

enum PolKitAuthorizationType

typedef enum {
        POLKIT_AUTHORIZATION_TYPE_UID,
} PolKitAuthorizationType;

The type of authorization; e.g. whether it applies to a user, group, security context and so on (right now only users are supported).

Since 0.7

polkit_authorization_type ()

PolKitAuthorizationType polkit_authorization_type       (PolKitAuthorization *auth);

Determine the type of authorization.

Since 0.7

polkit_authorization_get_action_id ()

const char*         polkit_authorization_get_action_id  (PolKitAuthorization *auth);

Get the action this authorization is for

Since 0.7

polkit_authorization_get_uid ()

uid_t               polkit_authorization_get_uid        (PolKitAuthorization *auth);

Gets the UNIX user id for the user the authorization is confined to.

Since 0.7

polkit_authorization_get_time_of_grant ()

time_t              polkit_authorization_get_time_of_grant
                                                        (PolKitAuthorization *auth);

Returns the point in time the authorization was granted. The value is UNIX time, e.g. number of seconds since the Epoch Jan 1, 1970 0:00 UTC.

Since 0.7

polkit_authorization_get_scope ()

PolKitAuthorizationScope polkit_authorization_get_scope (PolKitAuthorization *auth);

Get the scope of the authorization; e.g. whether it's confined to a single process, a single session or can be retained indefinitely. Also keep in mind that an authorization is subject to constraints, see polkit_authorization_constraints_foreach() for details.

Since 0.7

polkit_authorization_scope_process_get_pid ()

polkit_bool_t       polkit_authorization_scope_process_get_pid
                                                        (PolKitAuthorization *auth,
                                                         pid_t *out_pid,
                                                         polkit_uint64_t *out_pid_start_time);

If scope is POLKIT_AUTHORIZATION_SCOPE_PROCESS_ONE_SHOT or POLKIT_AUTHORIZATION_SCOPE_PROCESS, get information about what process the authorization is confined to.

As process identifiers can be recycled, the start time of the process (the unit is not well-defined; on Linux it's the number of milliseconds since the system was started) is also returned.

Since 0.7

polkit_authorization_scope_session_get_ck_objref ()

const char*         polkit_authorization_scope_session_get_ck_objref
                                                        (PolKitAuthorization *auth);

Gets the ConsoleKit object path for the session the authorization is confined to.

Since 0.7

polkit_authorization_was_granted_via_defaults ()

polkit_bool_t       polkit_authorization_was_granted_via_defaults
                                                        (PolKitAuthorization *auth,
                                                         uid_t *out_user_authenticated_as);

Determine if the authorization was obtained by the user by authenticating as himself or an administrator via the the "defaults" section in the .policy file for the action (e.g. "allow_any", "allow_inactive", "allow_active").

Compare with polkit_authorization_was_granted_explicitly() - only one of these functions can return TRUE.

Since 0.7

polkit_authorization_was_granted_explicitly ()

polkit_bool_t       polkit_authorization_was_granted_explicitly
                                                        (PolKitAuthorization *auth,
                                                         uid_t *out_by_whom,
                                                         polkit_bool_t *out_is_negative);

Determine if the authorization was explicitly granted by a sufficiently privileged user.

Compare with polkit_authorization_was_granted_via_defaults() - only one of these functions can return TRUE.

Since 0.7

PolKitAuthorizationConstraintsForeachFunc ()

polkit_bool_t       (*PolKitAuthorizationConstraintsForeachFunc)
                                                        (PolKitAuthorization *auth,
                                                         PolKitAuthorizationConstraint *authc,
                                                         void *user_data);

Callback function for polkit_authorization_constraints_foreach().

polkit_authorization_constraints_foreach ()

polkit_bool_t       polkit_authorization_constraints_foreach
                                                        (PolKitAuthorization *auth,
                                                         PolKitAuthorizationConstraintsForeachFunc cb,
                                                         void *user_data);

Iterate over all constraints associated with an authorization.

Since 0.7