1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 06:27:45 +00:00

ConfigServer+LibConfig: Add pledge_domains() API

This API lets applications specify which configuration domains they
will be accessing throughout their lifetime. It works similarly in
spirit to the kernel's pledge().

You cannot pledge_domains() more than once, and once you have used it,
it's no longer possible to access any other configuration domain.

This is obviously just a first cut of this mechanism, and we may need
to tweak it further as we go.
This commit is contained in:
Andreas Kling 2021-08-25 20:02:10 +02:00
parent 870ecd5190
commit eeddaa988a
5 changed files with 64 additions and 0 deletions

View file

@ -27,8 +27,32 @@ void ClientConnection::die()
s_connections.remove(client_id());
}
void ClientConnection::pledge_domains(Vector<String> const& domains)
{
if (m_has_pledged) {
did_misbehave("Tried to pledge domains twice.");
return;
}
m_has_pledged = true;
for (auto& domain : domains)
m_pledged_domains.set(domain);
}
bool ClientConnection::validate_access(String const& domain, String const& group, String const& key)
{
if (!m_has_pledged)
return true;
if (m_pledged_domains.contains(domain))
return true;
did_misbehave(String::formatted("Blocked attempt to access domain '{}', group={}, key={}", domain, group, key).characters());
return false;
}
Messages::ConfigServer::ReadStringValueResponse ClientConnection::read_string_value(String const& domain, String const& group, String const& key)
{
if (!validate_access(domain, group, key))
return nullptr;
auto config = Core::ConfigFile::open_for_app(domain);
if (!config->has_key(group, key))
return Optional<String> {};
@ -37,6 +61,9 @@ Messages::ConfigServer::ReadStringValueResponse ClientConnection::read_string_va
Messages::ConfigServer::ReadI32ValueResponse ClientConnection::read_i32_value(String const& domain, String const& group, String const& key)
{
if (!validate_access(domain, group, key))
return nullptr;
auto config = Core::ConfigFile::open_for_app(domain);
if (!config->has_key(group, key))
return Optional<i32> {};
@ -45,6 +72,9 @@ Messages::ConfigServer::ReadI32ValueResponse ClientConnection::read_i32_value(St
Messages::ConfigServer::ReadBoolValueResponse ClientConnection::read_bool_value(String const& domain, String const& group, String const& key)
{
if (!validate_access(domain, group, key))
return nullptr;
auto config = Core::ConfigFile::open_for_app(domain);
if (!config->has_key(group, key))
return Optional<bool> {};
@ -53,18 +83,27 @@ Messages::ConfigServer::ReadBoolValueResponse ClientConnection::read_bool_value(
void ClientConnection::write_string_value(String const& domain, String const& group, String const& key, String const& value)
{
if (!validate_access(domain, group, key))
return;
auto config = Core::ConfigFile::open_for_app(domain, Core::ConfigFile::AllowWriting::Yes);
config->write_entry(group, key, value);
}
void ClientConnection::write_i32_value(String const& domain, String const& group, String const& key, i32 value)
{
if (!validate_access(domain, group, key))
return;
auto config = Core::ConfigFile::open_for_app(domain, Core::ConfigFile::AllowWriting::Yes);
config->write_num_entry(group, key, value);
}
void ClientConnection::write_bool_value(String const& domain, String const& group, String const& key, bool value)
{
if (!validate_access(domain, group, key))
return;
auto config = Core::ConfigFile::open_for_app(domain, Core::ConfigFile::AllowWriting::Yes);
config->write_bool_entry(group, key, value);
}