[gnome-software/gnome-3-24] snap: Only show snaps as sandboxed if snapd supports confinmenent

From: Robert Ancell <rancell src gnome org>
To: commits-list gnome org
Cc:
Subject: [gnome-software/gnome-3-24] snap: Only show snaps as sandboxed if snapd supports confinmenent
Date: Mon, 17 Jul 2017 22:29:25 +0000 (UTC)
commit c602a9e6f71bee62218b0d7a3d3182c87f992935
Author: Robert Ancell <robert ancell canonical com>
Date:   Fri Jul 7 11:43:03 2017 +1200

    snap: Only show snaps as sandboxed if snapd supports confinmenent

 plugins/snap/gs-plugin-snap.c |   10 ++++++++-
 plugins/snap/gs-snapd.c       |   42 +++++++++++++++++++++++++++++++++++++++++
 plugins/snap/gs-snapd.h       |    3 ++
 3 files changed, 54 insertions(+), 1 deletions(-)
---
diff --git a/plugins/snap/gs-plugin-snap.c b/plugins/snap/gs-plugin-snap.c
index daa5b09..27460c4 100644
--- a/plugins/snap/gs-plugin-snap.c
+++ b/plugins/snap/gs-plugin-snap.c
@@ -28,6 +28,7 @@
 #include "gs-snapd.h"
 
 struct GsPluginData {
+       gboolean         system_is_confined;
        GsAuth          *auth;
        GHashTable      *store_snaps;
 };
@@ -64,6 +65,12 @@ gboolean
 gs_plugin_setup (GsPlugin *plugin, GCancellable *cancellable, GError **error)
 {
        GsPluginData *priv = gs_plugin_get_data (plugin);
+       g_autoptr(JsonObject) system_information = NULL;
+
+       system_information = gs_snapd_get_system_info (cancellable, error);
+       if (system_information == NULL)
+               return FALSE;
+       priv->system_is_confined = g_strcmp0 (json_object_get_string_member (system_information, 
"confinement"), "strict") == 0;
 
        /* load from disk */
        gs_auth_add_metadata (priv->auth, "macaroon", NULL);
@@ -172,6 +179,7 @@ get_snap_title (JsonObject *snap)
 static GsApp *
 snap_to_app (GsPlugin *plugin, JsonObject *snap)
 {
+       GsPluginData *priv = gs_plugin_get_data (plugin);
        GsApp *app;
 
        /* create a unique ID for deduplication, TODO: branch? */
@@ -184,7 +192,7 @@ snap_to_app (GsPlugin *plugin, JsonObject *snap)
        gs_app_set_name (app, GS_APP_QUALITY_HIGHEST, get_snap_title (snap));
        if (gs_plugin_check_distro_id (plugin, "ubuntu"))
                gs_app_add_quirk (app, AS_APP_QUIRK_PROVENANCE);
-       if (g_strcmp0 (json_object_get_string_member (snap, "confinement"), "strict") == 0)
+       if (priv->system_is_confined && g_strcmp0 (json_object_get_string_member (snap, "confinement"), 
"strict") == 0)
                gs_app_add_kudo (app, GS_APP_KUDO_SANDBOXED);
 
        return app;
diff --git a/plugins/snap/gs-snapd.c b/plugins/snap/gs-snapd.c
index 0b3ffe9..924b8ef 100644
--- a/plugins/snap/gs-snapd.c
+++ b/plugins/snap/gs-snapd.c
@@ -339,6 +339,48 @@ parse_result (const gchar *response, const gchar *response_type, GError **error)
 }
 
 JsonObject *
+gs_snapd_get_system_info (GCancellable *cancellable, GError **error)
+{
+       guint status_code;
+       g_autofree gchar *reason_phrase = NULL;
+       g_autofree gchar *response_type = NULL;
+       g_autofree gchar *response = NULL;
+       g_autoptr(JsonParser) parser = NULL;
+       JsonObject *root, *result;
+
+       if (!send_request ("GET", "/v2/system-info", NULL,
+                          NULL, NULL,
+                          &status_code, &reason_phrase,
+                          &response_type, &response, NULL,
+                          cancellable, error))
+               return NULL;
+
+       if (status_code != SOUP_STATUS_OK) {
+               g_set_error (error,
+                            GS_PLUGIN_ERROR,
+                            GS_PLUGIN_ERROR_INVALID_FORMAT,
+                            "snapd returned status code %u: %s",
+                            status_code, reason_phrase);
+               return NULL;
+       }
+
+       parser = parse_result (response, response_type, error);
+       if (parser == NULL)
+               return NULL;
+       root = json_node_get_object (json_parser_get_root (parser));
+       result = json_object_get_object_member (root, "result");
+       if (result == NULL) {
+               g_set_error (error,
+                            GS_PLUGIN_ERROR,
+                            GS_PLUGIN_ERROR_INVALID_FORMAT,
+                            "snapd returned no system information");
+               return NULL;
+       }
+
+       return json_object_ref (result);
+}
+
+JsonObject *
 gs_snapd_list_one (const gchar *macaroon, gchar **discharges,
                   const gchar *name,
                   GCancellable *cancellable, GError **error)
diff --git a/plugins/snap/gs-snapd.h b/plugins/snap/gs-snapd.h
index dc78db3..b0cf834 100644
--- a/plugins/snap/gs-snapd.h
+++ b/plugins/snap/gs-snapd.h
@@ -29,6 +29,9 @@ typedef void (*GsSnapdProgressCallback) (JsonObject *object, gpointer user_data)
 
 gboolean gs_snapd_exists               (void);
 
+JsonObject *gs_snapd_get_system_info   (GCancellable   *cancellable,
+                                        GError         **error);
+
 JsonObject *gs_snapd_list_one          (const gchar    *macaroon,
                                         gchar          **discharges,
                                         const gchar    *name,
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]