Offer TrackerEndpoint access control as API
While D-Bus endpoints typically have a protection layer through the portal, some form of access control may be desirable as well on other endpoints not offered in session/system buses (e.g. HTTP, or serving over private D-Bus connections).
This MR adds:
- The
TrackerEndpointDBus::block-call
signal, to allow control over requests based on the sender. This is quite similar to the existingTrackerEndpointHttp::block-remote-address
signal. -
TrackerEndpoint::readonly
property (plus getter/setter) to disallow updates. -
TrackerEndpoint::allowed-graphs
andTrackerEndpoint::allowed-services
properties (plus getter/setter) to restrict control to services and graphs in queries to the endpoint.
All TrackerEndpoint
properties are honored by D-Bus and HTTP endpoint subclasses.
The portal, that was doing all of this via private TrackerEndpointDBus hooks, is a prime case for this API and has been ported to it.