KDE Authorization Library: final step (maybe)
Hello again! It’s time for the last (maybe) blog post about my gsoc.
My work on the GSoC project in the last weeks has focused on the integration of the new authorization library with the rest of kde. You can find all the code in the subversion at branches/work/kdelibs-libkauth and kdebase-libkauth.
A brief explaination of what I’ve done follows.
First of all, two new classes has been added to KDEUI. They’re KAuthorizedButton and KAuthorizedAction. The first is a KPushButton subclass that automatically handles authorization. If you need to execute a privileged action when the user clicks on a button you can use this one. For example:
KAuthorizedButton *button = new KAuthorizedButton(KStandardGuiItem::apply());
button->setAuthAction("org.kde.auth.example.apply");
connect(button, SIGNAL(authorized(KAuth::Action)), this, SLOT(applyClicked()));
This way the slot will be executed when the user clicks the button but only if it’s authorized to execute the action. Additionally, if the action requires authorization, the user will see a different icon (a key, a lock, or something like that. currently it’s the “dialog-password” icon, what do you suggest?). The KAuthorizedAction class works exactly the same, but it’s a KAction subclass for use in toolbars and menus.
The next step is the integration of the authorization library with the kde configuration modules API. Specifically, I’ve added some trivial APIs to the KCModule class to allow a module to declare that its save() method requires authorization to be executed. This way, System Settings and kcmshell can now handle authorization of the module’s save action. As part of my work I’ve ported the date/time kcm module to the new library. Its code already followed the caller/helper pattern, but authorization used kdesu and data was passed using commandline arguments. The new code saves some lines of code and seems a bit cleaner.
The method I’ve added to KCModule are setNeedsAuthorization() and setAuthAction() (and getters). A module calls the first method to tell the world that its save() method requires authorization. The second allows it to tell which action has to be authorized. Actually, needsAuthorization() will return true if a valid action has been set using setAuthAction(). Alternatively, a default action name is set if you only call setNeedsAuthorization(true). The default name will be “org.kde.kcontrol.name.save” where “name” is the KAboutData::appName() return value, so if you rely on this, your module have to provide a suitable KAboutData object. Note that in this case, setNeedsAuthorization() will also set the default helper ID to “org.kde.kcontrol.name” using KAuth::Action::setHelperID().
Writing a kcmodule that uses the new library is not so different from a stand-alone application. The only other thing to do is to call setNeedsAuthorization() or setAuthAction() in the constructor. Note that this applies to the action performed when the user clicks on Apply/Ok. If your module does something else (like the KDM module that installs themes), you’ll have to handle it yourself.
Now you can see how the date/time module looks like in the new System Settings app, with the policykit authorization dialog already opened (you can notice the different icon on the Apply button):
KDE Date/Time configuration module ported to libkauth
The different icon also appears in the close dialog:
The Apply/Discard/Cancel dialog when the Apply action requires authorization
Of course the icon the the standard Apply icon if the action doesn’t need authorization…
That’s all by now. In the near future, after the gsoc end, the new library will be moved into kdelibs and will be available to be used by everyone. I’ll help in its integration with the rest of KDE including KIO and GHNS, other kcm modules and applications such as ksysguard, so this could not be my last blog post on this topic, after all…
Bye bye!!
I don’t know if you have been working on that part again, but I think you know at least who works on it, so please, please add window decorations to the password dialog in the first screenshot. Having no decoration implies that you have to enter the password right now and that you can’t switch the window. But that is not true. I’m using Kubuntu 9.04 and I was really annoyed when I first saw that the dialog has no window border. I thought what’s that? And when looking closer I noticed that it’s just a normal dialog without decorations.
It should be either a window with decoration or when no decorations it has to be done correctly. That is: block global shortcuts, so that you can’t switch away, make it a window that bypasses the window manager and grab keyboard and mouse. But that would be rather annoying for the user (I’d call it a Vista’ish behaviour).
I can agree with you on this, but I can’t do much.
The piece of software that makes that dialog is PolicyKit-KDE, which is not mine and I don’t have any knowledge about how to hack it, so you should file a bug report. Anyway, I think that behaviour has been choosen to be consistent with the one implemented by the GNOME policykit dialog, but I don’t know if it grabs keyboard and mouse.
How does one exactly implement the privilege change? Are you forking the process, and changing the UID? Or does clicking a KAuthorizedButton only invoke some helper process?
Actually KAuthorizedButton only invokes the KAuth library that I wrote and talked about in previous posts. Read them and/or the API docs for more informations. Anyway, of course I’m launching an helper tool. The library makes writing the helper very easy, handling all the IPC and authorization stuff automatically. From the implementation point of view, as you probably know, a unix process with UID != 0 cannot change its UID, nor create child processes with a different UID. For this reason the caller/helper paradigm used by the library needed something external to launch the helper as root. In this case, DBus is used. When properly configured, dbus can launch an executable when a service name is requested but has not been registered yet, and it can be launched as any user you want, in this case root.
This is by far one of the most exciting news in KDE! Authorizations GUIs have always sucked in Linux, but this looks like to do the things in the right way™!
Congrats, awesome news!
BTW, could this bug also be fixed easily using your framework?
https://bugs.kde.org/show_bug.cgi?id=179289
First of all: thank you.
Then: yes, using the new library, dolphin could do what described in that bug report. It will be a _long_ work to port _all_ KDE apps to the new paradigm but in this case I think the bug isn’t related only to dolphin. If it uses KIO to move/copy file (and I suppose it does), porting KIO to the new framework will automatically make dolphin use it as well (and konqueror and open/save dialogs and everything else in KDE). KIO is the first on the black list after the gsoc finishes, so stay connected
Very cool, great job! I’m looking forward to the next KDE release
@Nicola Gigante Can I send you a cake?
@ Nicola Gigante
Thanks for the info. I just reported a bug for it: http://bugs.kde.org/show_bug.cgi?id=204058
If the behaviour was really chosen because of GNOME that would be rather bad. It should have looked at other KDE password dialogs
@Diego
Thanks XD