Commit df549731 authored by Mathieu Bridon's avatar Mathieu Bridon Committed by Bastien Nocera

network: Only share a new wifi connection if the user is allowed to

Making a new connection available to other users requires being an
admin, or entering an admin password.

If we enable that option by default for new connections, we effectively
prevent non-admin users from connecting to new networks when they go to
the coffee shop without their laptop admin.

https://bugzilla.gnome.org/show_bug.cgi?id=751378
parent d2c0b662
...@@ -137,7 +137,8 @@ PKG_CHECK_MODULES(KEYBOARD_PANEL, $COMMON_MODULES ...@@ -137,7 +137,8 @@ PKG_CHECK_MODULES(KEYBOARD_PANEL, $COMMON_MODULES
PKG_CHECK_MODULES(MEDIA_PANEL, $COMMON_MODULES) PKG_CHECK_MODULES(MEDIA_PANEL, $COMMON_MODULES)
PKG_CHECK_MODULES(MOUSE_PANEL, $COMMON_MODULES xi >= 1.2 PKG_CHECK_MODULES(MOUSE_PANEL, $COMMON_MODULES xi >= 1.2
gnome-settings-daemon >= $GSD_REQUIRED_VERSION x11) gnome-settings-daemon >= $GSD_REQUIRED_VERSION x11)
PKG_CHECK_MODULES(NETWORK_PANEL, $COMMON_MODULES gmodule-2.0) PKG_CHECK_MODULES(NETWORK_PANEL, $COMMON_MODULES gmodule-2.0
polkit-gobject-1 >= $POLKIT_REQUIRED_VERSION)
PKG_CHECK_MODULES(NOTIFICATIONS_PANEL, $COMMON_MODULES) PKG_CHECK_MODULES(NOTIFICATIONS_PANEL, $COMMON_MODULES)
PKG_CHECK_MODULES(ONLINE_ACCOUNTS_PANEL, $COMMON_MODULES goa-1.0 goa-backend-1.0 >= $GOA_REQUIRED_VERSION) PKG_CHECK_MODULES(ONLINE_ACCOUNTS_PANEL, $COMMON_MODULES goa-1.0 goa-backend-1.0 >= $GOA_REQUIRED_VERSION)
PKG_CHECK_MODULES(POWER_PANEL, $COMMON_MODULES upower-glib >= 0.99.0 PKG_CHECK_MODULES(POWER_PANEL, $COMMON_MODULES upower-glib >= 0.99.0
......
...@@ -34,6 +34,7 @@ ...@@ -34,6 +34,7 @@
#include <nm-setting-wireless-security.h> #include <nm-setting-wireless-security.h>
#include <nm-remote-connection.h> #include <nm-remote-connection.h>
#include <nm-setting-wireless.h> #include <nm-setting-wireless.h>
#include <polkit/polkit.h>
#include "shell/list-box-helper.h" #include "shell/list-box-helper.h"
#include "network-dialogs.h" #include "network-dialogs.h"
...@@ -753,11 +754,32 @@ wireless_try_to_connect (NetDeviceWifi *device_wifi, ...@@ -753,11 +754,32 @@ wireless_try_to_connect (NetDeviceWifi *device_wifi,
g_debug ("no existing connection found for %s, creating", ssid_target); g_debug ("no existing connection found for %s, creating", ssid_target);
if (!is_8021x (device, ap_object_path)) { if (!is_8021x (device, ap_object_path)) {
GPermission *permission;
gboolean allowed_to_share = FALSE;
NMConnection *partial = NULL;
permission = polkit_permission_new_sync ("org.freedesktop.NetworkManager.settings.modify.system",
NULL, NULL, NULL);
if (permission) {
allowed_to_share = g_permission_get_allowed (permission);
g_object_unref (permission);
}
if (!allowed_to_share) {
NMSettingConnection *s_con;
s_con = (NMSettingConnection *)nm_setting_connection_new ();
nm_setting_connection_add_permission (s_con, "user", g_get_user_name (), NULL);
partial = nm_connection_new ();
nm_connection_add_setting (partial, NM_SETTING (s_con));
}
g_debug ("no existing connection found for %s, creating and activating one", ssid_target); g_debug ("no existing connection found for %s, creating and activating one", ssid_target);
nm_client_add_and_activate_connection (client, nm_client_add_and_activate_connection (client, partial,
NULL,
device, ap_object_path, device, ap_object_path,
connection_add_activate_cb, device_wifi); connection_add_activate_cb, device_wifi);
g_object_unref (partial);
} else { } else {
CcNetworkPanel *panel; CcNetworkPanel *panel;
GVariantBuilder *builder; GVariantBuilder *builder;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment