Sanitize security model yet again

The flags model was not satisfactory since it made it unnecessarily
difficult to express the standard policy of "allow all to users that are
physically sitting in front of the machine and to privileged users".

The new model expressly knows different policies (two at the moment)
and refrains from decomposing them. Additional policies are not difficult
to add.

1 files changed, 5 insertions, 5 deletions

diff --git a/src/input/inputHandlerChain.h b/src/input/inputHandlerChain.h
index 8bcb1d8..b012aa6 100644
--- a/src/input/inputHandlerChain.h
+++ b/src/input/inputHandlerChain.h
@@ -34,14 +34,14 @@ typedef boost::mpl::list<
 		Handler<PrivilegedHandlerForwarder>
 >::type unprivileged_handler_list;
 
-typedef InputEventHandlerChain<unprivileged_handler_list> unprivileged_handler_chain;
+typedef InputEventHandlerChain<policy::SecurityAllowAny, unprivileged_handler_list> unprivileged_handler_chain;
 
 typedef boost::mpl::list<
-		Handler<SayHelloHandler>,
-		Handler<KillX11Handler, policy::RequireSystem<policy::Linux>, policy::Security<policy::SEC_PHYSICAL_SEAT> >,
-		Handler<RebootLinuxSystemHandler, policy::RequireSystem<policy::Linux>, policy::Security<policy::SEC_PHYSICAL_SEAT> >
+		Handler<SayHelloHandler, policy::RequireNoSystem, policy::SecurityAllowAny >,
+		Handler<KillX11Handler, policy::RequireSystem<policy::Linux> >,
+		Handler<RebootLinuxSystemHandler, policy::RequireSystem<policy::Linux> >
 >::type privileged_handler_list;
 
-typedef InputEventHandlerChain<privileged_handler_list> privileged_handler_chain;
+typedef InputEventHandlerChain<policy::SecurityAllowPhysicalOrPrivileged, privileged_handler_list> privileged_handler_chain;
 
 #endif /* INPUTHANDLERCHAIN_H_ */