Refactor InputEvent handler code.

- Make static methods virtual and store instances in the chains. - Propagate security context information. - Saner security policy implementation.
author: Sebastien Braun 2010-10-05 15:07:43 +0200
committer: Sebastien Braun 2010-10-05 18:15:50 +0200
commit: c5c46660130456afea285e460be44e1c723e4a49 (patch)
tree: bbfbfac760c26fc2618f288c466c0e2b6df84c20
parent: Remove unnecessary Qt dependency from inputEvent.cpp (diff)
download: pvs-c5c46660130456afea285e460be44e1c723e4a49.tar.gz
pvs-c5c46660130456afea285e460be44e1c723e4a49.tar.xz
pvs-c5c46660130456afea285e460be44e1c723e4a49.zip
8 files changed, 90 insertions, 50 deletions
diff --git a/src/input/inputEventHandler.h b/src/input/inputEventHandler.h
index 3910f93..330f5a7 100644
--- a/src/input/inputEventHandler.h
+++ b/src/input/inputEventHandler.h
@@ -27,49 +27,80 @@
 #define HANDLER_CODE_DONT_CARE 0xffff
 #define HANDLER_VALUE_DONT_CARE 0xffffffff
 
+class InputEventContext
+{
+public:
+	virtual pid_t getSenderPid() const = 0;
+	virtual uid_t getSenderUid() const = 0;
+	virtual gid_t getSenderGid() const = 0;
+};
+
+struct SpecialInputEventDescription
+{
+	SpecialInputEventDescription(QString const& d, quint16 t, quint16 c, quint32 v = 0)
+		: descriptionString(d), evtType(t), evtCode(c), evtValue(v)
+	{
+	}
+
+	QString descriptionString;
+	quint16 evtType;
+	quint16 evtCode;
+	quint32 evtValue;
+
+	InputEvent toEvent() const
+	{
+		return InputEvent(evtType, evtCode, evtValue);
+	}
+};
+
 template<quint16 Type = HANDLER_TYPE_DONT_CARE,
 		quint16 Code = HANDLER_CODE_DONT_CARE,
 		quint32 Value = HANDLER_VALUE_DONT_CARE>
 class DefaultInputEventHandler {
 public:
-	static bool matches(InputEvent const& evt) {
-		if(Type != 0xffff) {
+	virtual bool matches(InputEvent const& evt, InputEventContext const*) {
+		if(Type != HANDLER_TYPE_DONT_CARE) {
 			if(evt.type() != Type)
 				return false;
 		}
-		if(Code != 0xffff) {
+		if(Code != HANDLER_CODE_DONT_CARE) {
 			if(evt.code() != Code)
 				return false;
 		}
-		if(Value != 0xffffffff) {
+		if(Value != HANDLER_VALUE_DONT_CARE) {
 			if(evt.value() != Value)
 				return false;
 		}
 		return true;
 	}
 
-	static void initialize()
+	virtual void initialize()
 	{
 	}
-};
 
-namespace policy {
+	virtual void handle(InputEvent const& evt, InputEventContext const*) = 0;
 
-struct NoSecurityCheck {
-	static bool allow(InputEvent const&) {
-		return true;
+	static void describeInto(QList<SpecialInputEventDescription>& description)
+	{
 	}
 };
 
-struct PhysicalSeatSecurityCheck {
-	static bool allow(InputEvent const&) {
-		return /* TODO implement */ true;
-	}
+namespace policy {
+
+enum SecurityFlags {
+	SEC_PHYSICAL_SEAT = 1,
+	SEC_PRIVILEGED_USER = 2
 };
 
-struct AlwaysDenySecurityCheck {
-	static bool allow(InputEvent const&) {
-		return false;
+bool allowPhysicalSeat(InputEvent const& evt, InputEventContext const* ctx);
+bool allowPrivilegedUser(InputEvent const& evt, InputEventContext const* ctx);
+
+template<int flags = 0>
+struct Security
+{
+	bool allow(InputEvent const& evt, InputEventContext const* ctx)
+	{
+		return true;
 	}
 };
 
@@ -107,39 +138,43 @@ template<bool Enabled, typename Delegate, typename SecurityPolicy>
 class HandlerHelper
 {
 public:
-	static bool handle(InputEvent const& evt) {
-		if(!SecurityPolicy::allow(evt))
+	bool handle(InputEvent const& evt, InputEventContext const* context = 0) {
+		if(!securityPolicy.allow(evt, context))
 		{
 			return true;
 		}
-		if(Delegate::matches(evt)) {
-			Delegate::handle(evt);
+		if(delegate.matches(evt, context)) {
+			delegate.handle(evt, context);
 			return true;
 		} else {
 			return false;
 		}
 	}
 
-	static void initialize()
+	void initialize()
 	{
-		Delegate::initialize();
+		delegate.initialize();
 	}
+
+private:
+	Delegate delegate;
+	SecurityPolicy securityPolicy;
 };
 
 template<typename Delegate, typename SecurityPolicy>
 class HandlerHelper<false, Delegate, SecurityPolicy>
 {
 public:
-	static bool handle(InputEvent const& evt) {
+	bool handle(InputEvent const& evt, InputEventContext const* context = 0) {
 		return false;
 	}
 
-	static void initialize()
+	void initialize()
 	{
 	}
 };
 
-template<typename Delegate, typename SecurityPolicy = policy::NoSecurityCheck, typename SystemPolicy = policy::RequireNoSystem>
+template<typename Delegate, typename SystemPolicy = policy::RequireNoSystem, typename SecurityPolicy = policy::Security<> >
 struct Handler : public HandlerHelper<SystemPolicy::enabled, Delegate, SecurityPolicy>
 {
 };
@@ -153,28 +188,31 @@ private:
 
 	typedef typename boost::mpl::deref<Begin>::type handler_type;
 
+	handler_type _handler;
+	next_in_chain _next;
+
 public:
-	static void handle(InputEvent const& evt) {
-		if(!handler_type::handle(evt)) {
-			next_in_chain::handle(evt);
+	void handle(InputEvent const& evt, InputEventContext const* context = 0) {
+		if(!_handler.handle(evt, context)) {
+			_next.handle(evt, context);
 		}
 	}
 
-	static void initialize() {
-		handler_type::initialize();
-		next_in_chain::initialize();
+	void initialize() {
+		_handler.initialize();
+		_next.initialize();
+	}
 	}
 };
 
 template<typename End>
 struct InputEventHandlerChainHelper<End, End>
 {
-public:
-	static void handle(InputEvent const&) {
+	void handle(InputEvent const&, InputEventContext const* context = 0) {
 		// do nothing
 	}
 
-	static void initialize() {
+	void initialize() {
 		// do nothing
 	}
 };
diff --git a/src/input/unprivilegedHandlerChain.h b/src/input/inputHandlerChain.h
index 734720a..4bb9fe5 100644
--- a/src/input/unprivilegedHandlerChain.h
+++ b/src/input/inputHandlerChain.h
@@ -24,9 +24,9 @@
 #include "x11FakeMouseHandler.h"
 
 typedef boost::mpl::list<
-		Handler<X11FakeKeyboardHandler, policy::NoSecurityCheck, policy::RequireSystem<policy::UnixLike> >,
-		Handler<X11FakeMouseButtonHandler, policy::NoSecurityCheck, policy::RequireSystem<policy::UnixLike> >,
-		Handler<X11FakeMouseMovementHandler, policy::NoSecurityCheck, policy::RequireSystem<policy::UnixLike> >
+		Handler<X11FakeKeyboardHandler, policy::RequireSystem<policy::UnixLike> >,
+		Handler<X11FakeMouseButtonHandler, policy::RequireSystem<policy::UnixLike> >,
+		Handler<X11FakeMouseMovementHandler, policy::RequireSystem<policy::UnixLike> >
 >::type unprivileged_handler_list;
 
 typedef InputEventHandlerChain<unprivileged_handler_list> unprivileged_handler_chain;
diff --git a/src/input/x11FakeKeyboardHandler.cpp b/src/input/x11FakeKeyboardHandler.cpp
index 82cc437..3a0b864 100644
--- a/src/input/x11FakeKeyboardHandler.cpp
+++ b/src/input/x11FakeKeyboardHandler.cpp
@@ -20,6 +20,7 @@
 // Qt headers need to be included before X11 headers
 #include <QApplication>
 #include <QtCore>
+#include "x11FakeKeyboardHandler.h"
 // #include <multimap>
 #include <X11/X.h>
 #include <X11/Xlib.h>
@@ -30,7 +31,6 @@
 #include <X11/XKBlib.h>
 #include <src/util/consoleLogger.h>
 #include "x11InputUtils.h"
-#include "x11FakeKeyboardHandler.h"
 
 //////////////////////// INPUT EVENT TRANSLATION /////////////////////////////////
 
@@ -766,7 +766,7 @@ void X11FakeKeyboardHandler::initialize()
 	current_modifiers = 0;
 }
 
-void X11FakeKeyboardHandler::handle(InputEvent const& evt)
+void X11FakeKeyboardHandler::handle(InputEvent const& evt, InputEventContext const*)
 {
 	Display* dpy = X11InputUtils::display();
 
diff --git a/src/input/x11FakeKeyboardHandler.h b/src/input/x11FakeKeyboardHandler.h
index c888202..3dde7cc 100644
--- a/src/input/x11FakeKeyboardHandler.h
+++ b/src/input/x11FakeKeyboardHandler.h
@@ -22,8 +22,8 @@
 class X11FakeKeyboardHandler : public DefaultInputEventHandler<InputEvent::ET_KEY>
 {
 public:
-	static void handle(InputEvent const&);
-	static void initialize();
+	void handle(InputEvent const&, InputEventContext const* = 0);
+	void initialize();
 };
 
 #endif /* X11FAKEKEYBOARDHANDLER_H_ */
diff --git a/src/input/x11FakeMouseHandler.cpp b/src/input/x11FakeMouseHandler.cpp
index 432e19f..58415d5 100644
--- a/src/input/x11FakeMouseHandler.cpp
+++ b/src/input/x11FakeMouseHandler.cpp
@@ -14,12 +14,12 @@
  # --------------------------------------------------------------------------
  */
 
+#include "x11FakeMouseHandler.h" // need to include before X headers
 #include <src/util/consoleLogger.h>
 #include <X11/extensions/XTest.h>
 #include "x11InputUtils.h"
-#include "x11FakeMouseHandler.h"
 
-void X11FakeMouseButtonHandler::handle(InputEvent const& evt)
+void X11FakeMouseButtonHandler::handle(InputEvent const& evt, InputEventContext const*)
 {
 	quint16 pressedButton = evt.pressedButton();
 
@@ -42,7 +42,7 @@ void X11FakeMouseButtonHandler::handle(InputEvent const& evt)
 	XFlush(dpy);
 }
 
-void X11FakeMouseMovementHandler::handle(InputEvent const& evt)
+void X11FakeMouseMovementHandler::handle(InputEvent const& evt, InputEventContext const*)
 {
 	ConsoleLog writeLine(QString("Received mouse motion event (%1,%2)").arg(evt.xCoord()).arg(evt.yCoord()));
 	Display* dpy = X11InputUtils::display();
diff --git a/src/input/x11FakeMouseHandler.h b/src/input/x11FakeMouseHandler.h
index 19ed29e..0e32256 100644
--- a/src/input/x11FakeMouseHandler.h
+++ b/src/input/x11FakeMouseHandler.h
@@ -22,13 +22,13 @@
 class X11FakeMouseButtonHandler : public DefaultInputEventHandler<InputEvent::ET_BUTTON>
 {
 public:
-	static void handle(InputEvent const&);
+	void handle(InputEvent const&, InputEventContext const* = 0);
 };
 
 class X11FakeMouseMovementHandler : public DefaultInputEventHandler<InputEvent::ET_POINTER>
 {
 public:
-	static void handle(InputEvent const&);
+	void handle(InputEvent const&, InputEventContext const* = 0);
 };
 
 #endif /* X11FAKEMOUSEHANDLER_H_ */
diff --git a/src/pvs.cpp b/src/pvs.cpp
index e44d04d..911ed0d 100644
--- a/src/pvs.cpp
+++ b/src/pvs.cpp
@@ -16,7 +16,7 @@
 #include "src/net/pvsServiceDiscovery.h"
 #include "src/net/pvsDiscoveredServer.h"
 #include "src/input/inputEvent.h"
-#include "src/input/unprivilegedHandlerChain.h"
+#include "src/input/inputHandlerChain.h"
 #include "src/input/x11InputUtils.h"
 
 // D-Bus
@@ -643,11 +643,11 @@ void PVS::handleInputEvent(InputEvent const& evt)
 {
 	std::string s = evt.toString();
 	ConsoleLog writeLine(QString("Received input event: %1").arg(s.c_str()));
-	unprivileged_handler_chain::handle(evt);
+	_inputEventHandlers.handle(evt);
 }
 
 void PVS::initializeInputEventHandling()
 {
 	X11InputUtils::setDisplay(X11Info::display());
-	unprivileged_handler_chain::initialize();
+	_inputEventHandlers.initialize();
 }
diff --git a/src/pvs.h b/src/pvs.h
index 8e94169..f4e53c0 100644
--- a/src/pvs.h
+++ b/src/pvs.h
@@ -24,6 +24,7 @@
 #include "src/version.h"
 #include "src/util/consoleLogger.h"
 #include "src/util/clientGUIUtils.h"
+#include "src/input/inputHandlerChain.h"
 
 
 class PVSServiceDiscovery;
@@ -144,6 +145,7 @@ private:
     int _timerLockDelay;
 
     // input event handling:
+    unprivileged_handler_chain _inputEventHandlers;
     void handleInputEvent(InputEvent const& evt);
     void initializeInputEventHandling();
 };
author	Sebastien Braun	2010-10-05 15:07:43 +0200
committer	Sebastien Braun	2010-10-05 18:15:50 +0200
commit	c5c46660130456afea285e460be44e1c723e4a49 (patch)
tree	bbfbfac760c26fc2618f288c466c0e2b6df84c20
parent	Remove unnecessary Qt dependency from inputEvent.cpp (diff)
download	pvs-c5c46660130456afea285e460be44e1c723e4a49.tar.gz pvs-c5c46660130456afea285e460be44e1c723e4a49.tar.xz pvs-c5c46660130456afea285e460be44e1c723e4a49.zip