Skip to content

text: Provide clearer user prompts when requesting authorization. #1363

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

text: Provide clearer user prompts when requesting authorization. #1363

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions doc/udisks2-docs.xml.in.in
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -232,6 +232,10 @@
<entry><parameter>device</parameter></entry>
<entry>If the object is a block device, this property is set to the value of the <link linkend="gdbus-property-org-freedesktop-UDisks2-Block.PreferredDevice">Block:PreferredDevice</link> property. If set, this is guaranteed to be a device file, for example <quote>/dev/vg_lucifer/lv_root</quote> or <quote>/dev/sda1</quote>. If the object is not a block device, this is not set.</entry>
</row>
<row>
<entry><parameter>device.name</parameter></entry>
<entry>The value of this property is set to the best display name for this device, which may be the device's <link linkend="gdbus-property-org-freedesktop-UDisks2-Block.IdLabel">Block:IdLabel</link>, or the capacity name calculated from the partition size, or the name associated with the encrypted volume. If none of the above information is present, the data assigned to the <parameter>drive</parameter> will be used as the fallback solution.</entry>
</row>
<row>
<entry><parameter>drive</parameter></entry>
<entry>Like the <parameter>device</parameter> variable, but if the object is also a drive, this variable includes Vital Product Data about the drive such as the vendor and model identifiers (if available), for example <quote>INTEL SSDSA2MH080G1GC (/dev/sda1)</quote>. Otherwise is just set to the same value as <parameter>device</parameter>. If the object is not a block device, this is not set (it is however set if the object is a block device but not a drive).</entry>
Expand Down
2 changes: 1 addition & 1 deletion modules/lsm/lsm_linux_drive_local.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -275,7 +275,7 @@ is_authed (GDBusMethodInvocation *invocation,
UDISKS_OBJECT (block_object),
LSM_POLICY_ACTION_ID,
options,
N_("Authentication is required to change $(drive) LED"),
N_("Authentication is required to change $(device.name) LED"),
invocation))
goto out;

Expand Down
75 changes: 73 additions & 2 deletions src/udisksdaemonutil.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -690,6 +690,63 @@ check_authorization_no_polkit (UDisksDaemon *daemon,
return ret;
}


static gchar *
get_device_display_name (UDisksBlock *block)
{
gchar *display_name = NULL;
gchar *s = NULL;
const gchar *id_label = NULL;
const gchar *id_usage = NULL;
const gchar *id_type = NULL;

if (block == NULL)
goto out;

id_label = udisks_block_get_id_label (block);
id_usage = udisks_block_get_id_usage (block);
id_type = udisks_block_get_id_type (block);
if (id_label != NULL && strlen (id_label) > 0)
{
display_name = g_strdup (id_label);
}
else if (g_strcmp0 (id_usage, "crypto") == 0)
{
s = udisks_client_get_size_for_display (NULL, udisks_block_get_size (block), FALSE, FALSE);
if (g_strcmp0 (id_type, "crypto_unknown") == 0)
{
/* Translators: This is used for possibly encrypted volumes.
* The first %s is the formatted size (e.g. "42.0 MB").
*/
display_name = g_strdup_printf (N_("%s Possibly Encrypted"), s);
}
else
{
/* Translators: This is used for encrypted volumes.
* The first %s is the formatted size (e.g. "42.0 MB").
*/
display_name = g_strdup_printf (N_("%s Encrypted"), s);
}
g_free (s);
}
else
{
guint64 size = udisks_block_get_size (block);
if (size > 0)
{
s = udisks_client_get_size_for_display (NULL, size, FALSE, FALSE);
/* Translators: This is used for volume with no filesystem label.
* The first %s is the formatted size (e.g. "42.0 MB").
*/
display_name = g_strdup_printf (N_("%s Volume"), s);
g_free (s);
}
}

out:
return display_name;
}

/**
* udisks_daemon_util_check_authorization_sync:
* @daemon: A #UDisksDaemon.
Expand All @@ -716,8 +773,9 @@ check_authorization_no_polkit (UDisksDaemon *daemon,
* can be used in @message but note that not all variables can be used
* in all checks. For example, any check involving a #UDisksDrive or a
* #UDisksBlock object can safely include the fragment
* <quote>$(drive)</quote> since it will always expand to the name of
* the drive, e.g. <quote>INTEL SSDSA2MH080G1GC (/dev/sda1)</quote> or
* <quote>$(device.name)</quote> since it will always expand to the name of
* the partition or drive, e.g. <quote>MyUDisks (/dev/sda1)</quote> or
* <quote>INTEL SSDSA2MH080G1GC (/dev/sda1)</quote> or
* the block device file e.g. <quote>/dev/vg_lucifer/lv_root</quote>
* or <quote>/dev/sda1</quote>. However this won't work for operations
* that isn't on a drive or block device, for example calls on the
Expand Down Expand Up @@ -774,6 +832,7 @@ udisks_daemon_util_check_authorization_sync_with_error (UDisksDaemon *
gboolean auth_no_user_interaction = FALSE;
const gchar *details_device = NULL;
gchar *details_drive = NULL;
gchar *device_display_name = NULL;

authority = udisks_daemon_get_authority (daemon);
if (authority == NULL)
Expand Down Expand Up @@ -885,6 +944,14 @@ udisks_daemon_util_check_authorization_sync_with_error (UDisksDaemon *

if (block != NULL)
{
gchar *s = NULL;
s = get_device_display_name (block);
if (s)
{
device_display_name = g_strdup_printf ("%s (%s)", s, details_device);
g_free (s);
}

_safe_polkit_details_insert (details, "id.type", udisks_block_get_id_type (block));
_safe_polkit_details_insert (details, "id.usage", udisks_block_get_id_usage (block));
_safe_polkit_details_insert (details, "id.version", udisks_block_get_id_version (block));
Expand All @@ -909,6 +976,9 @@ udisks_daemon_util_check_authorization_sync_with_error (UDisksDaemon *
polkit_details_insert (details, "device", details_device);
if (details_drive != NULL)
polkit_details_insert (details, "drive", details_drive);
if (device_display_name == NULL)
device_display_name = g_strdup (details_drive);
polkit_details_insert (details, "device.name", device_display_name);

sub_error = NULL;
result = polkit_authority_check_authorization_sync (authority,
Expand Down Expand Up @@ -962,6 +1032,7 @@ udisks_daemon_util_check_authorization_sync_with_error (UDisksDaemon *

out:
g_free (details_drive);
g_free (device_display_name);
g_clear_object (&block_object);
g_clear_object (&drive_object);
g_clear_object (&block);
Expand Down
28 changes: 14 additions & 14 deletions src/udiskslinuxblock.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2907,10 +2907,10 @@ format_check_auth (UDisksDaemon *daemon,
* requests erasing a hard disk using the SECURE ERASE UNIT
* command.
*
* Do not translate $(drive), it's a placeholder and
* Do not translate $(device.name), it's a placeholder and
* will be replaced by the name of the drive/device in question
*/
message = N_("Authentication is required to perform a secure erase of $(drive)");
message = N_("Authentication is required to perform a secure erase of $(device.name)");
action_id = "org.freedesktop.udisks2.ata-secure-erase";
}
else
Expand All @@ -2919,10 +2919,10 @@ format_check_auth (UDisksDaemon *daemon,
* device. This includes both creating a filesystem or partition
* table.
*
* Do not translate $(drive), it's a placeholder and will
* Do not translate $(device.name), it's a placeholder and will
* be replaced by the name of the drive/device in question
*/
message = N_("Authentication is required to format $(drive)");
message = N_("Authentication is required to format $(device.name)");
action_id = format_extra_args ? "org.freedesktop.udisks2.modify-device-system" :
"org.freedesktop.udisks2.modify-device";
if (!udisks_daemon_util_setup_by_user (daemon, object, caller_uid))
Expand Down Expand Up @@ -3913,10 +3913,10 @@ handle_open_for_backup (UDisksBlock *block,
/* Translators: Shown in authentication dialog when creating a
* disk image file.
*
* Do not translate $(drive), it's a placeholder and will
* Do not translate $(device.name), it's a placeholder and will
* be replaced by the name of the drive/device in question
*/
N_("Authentication is required to open $(drive) for reading"),
N_("Authentication is required to open $(device.name) for reading"),
invocation))
goto out;

Expand Down Expand Up @@ -3984,10 +3984,10 @@ handle_open_for_restore (UDisksBlock *block,
/* Translators: Shown in authentication dialog when restoring
* from a disk image file.
*
* Do not translate $(drive), it's a placeholder and will
* Do not translate $(device.name), it's a placeholder and will
* be replaced by the name of the drive/device in question
*/
N_("Authentication is required to open $(drive) for writing"),
N_("Authentication is required to open $(device.name) for writing"),
invocation))
goto out;

Expand Down Expand Up @@ -4058,10 +4058,10 @@ handle_open_for_benchmark (UDisksBlock *block,
/* Translators: Shown in authentication dialog when an application
* wants to benchmark a device.
*
* Do not translate $(drive), it's a placeholder and will
* Do not translate $(device.name), it's a placeholder and will
* be replaced by the name of the drive/device in question
*/
N_("Authentication is required to open $(drive) for benchmarking"),
N_("Authentication is required to open $(device.name) for benchmarking"),
invocation))
goto out;

Expand Down Expand Up @@ -4141,10 +4141,10 @@ handle_open_device (UDisksBlock *block,
/* Translators: Shown in authentication dialog when an application
* wants to benchmark a device.
*
* Do not translate $(drive), it's a placeholder and will
* Do not translate $(device.name), it's a placeholder and will
* be replaced by the name of the drive/device in question
*/
N_("Authentication is required to open $(drive)."),
N_("Authentication is required to open $(device.name)."),
invocation))
goto out;

Expand Down Expand Up @@ -4198,10 +4198,10 @@ handle_rescan (UDisksBlock *block,
/* Translators: Shown in authentication dialog when an application
* wants to rescan a device.
*
* Do not translate $(drive), it's a placeholder and will
* Do not translate $(device.name), it's a placeholder and will
* be replaced by the name of the drive/device in question
*/
message = N_("Authentication is required to rescan $(drive)");
message = N_("Authentication is required to rescan $(device.name)");
action_id = "org.freedesktop.udisks2.rescan";

if (!udisks_daemon_util_check_authorization_sync (daemon,
Expand Down
12 changes: 6 additions & 6 deletions src/udiskslinuxdrive.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1114,10 +1114,10 @@ handle_eject (UDisksDrive *_drive,
/* Translators: Shown in authentication dialog when the user
* requests ejecting media from a drive.
*
* Do not translate $(drive), it's a placeholder and
* Do not translate $(device.name), it's a placeholder and
* will be replaced by the name of the drive/device in question
*/
message = N_("Authentication is required to eject $(drive)");
message = N_("Authentication is required to eject $(device.name)");
action_id = "org.freedesktop.udisks2.eject-media";
if (udisks_block_get_hint_system (block))
{
Expand Down Expand Up @@ -1203,10 +1203,10 @@ handle_set_configuration (UDisksDrive *_drive,
/* Translators: Shown in authentication dialog when the user
* changes settings for a drive.
*
* Do not translate $(drive), it's a placeholder and will be
* Do not translate $(device.name), it's a placeholder and will be
* replaced by the name of the drive/device in question
*/
message = N_("Authentication is required to configure settings for $(drive)");
message = N_("Authentication is required to configure settings for $(device.name)");
action_id = "org.freedesktop.udisks2.modify-drive-settings";

/* Check that the user is actually authorized */
Expand Down Expand Up @@ -1518,10 +1518,10 @@ handle_power_off (UDisksDrive *_drive,
/* Translators: Shown in authentication dialog when the user
* requests ejecting media from a drive.
*
* Do not translate $(drive), it's a placeholder and
* Do not translate $(device.name), it's a placeholder and
* will be replaced by the name of the drive/device in question
*/
message = N_("Authentication is required to power off $(drive)");
message = N_("Authentication is required to power off $(device.name)");
action_id = "org.freedesktop.udisks2.power-off-drive";
if (udisks_block_get_hint_system (block))
{
Expand Down
Loading