|
 |
dddd59 |
commit 6443736b88a6bfa74a24b7c60b1369d9777cb36a
|
|
|
dddd59 |
Author: Thomas Woerner <twoerner@redhat.com>
|
|
|
dddd59 |
Date: Tue Aug 23 16:40:24 2016 +0200
|
|
|
dddd59 |
|
|
|
dddd59 |
firewall.command: Fail with NOT_AUTHORIZED if authorization fails (RHBZ#1368549)
|
|
|
dddd59 |
|
|
|
dddd59 |
The NOT_AUTHORIZED was not detected in the sequence options code.
|
|
|
dddd59 |
|
|
|
dddd59 |
diff --git a/src/firewall/command.py b/src/firewall/command.py
|
|
|
dddd59 |
index 6e26c46..6936da0 100644
|
|
|
dddd59 |
--- a/src/firewall/command.py
|
|
|
dddd59 |
+++ b/src/firewall/command.py
|
|
|
dddd59 |
@@ -124,6 +124,7 @@ class FirewallCommand(object):
|
|
|
dddd59 |
action_method(*call_item)
|
|
|
dddd59 |
except (DBusException, Exception) as msg:
|
|
|
dddd59 |
if isinstance(msg, DBusException):
|
|
|
dddd59 |
+ self.fail_if_not_authorized(msg.get_dbus_name())
|
|
|
dddd59 |
msg = msg.get_dbus_message()
|
|
|
dddd59 |
else:
|
|
|
dddd59 |
msg = str(msg)
|
|
|
dddd59 |
@@ -216,6 +217,7 @@ class FirewallCommand(object):
|
|
|
dddd59 |
try:
|
|
|
dddd59 |
res = query_method(*call_item)
|
|
|
dddd59 |
except DBusException as msg:
|
|
|
dddd59 |
+ self.fail_if_not_authorized(msg.get_dbus_name())
|
|
|
dddd59 |
code = FirewallError.get_code(msg.get_dbus_message())
|
|
|
dddd59 |
if len(option) > 1:
|
|
|
dddd59 |
self.print_warning("Warning: %s" % msg.get_dbus_message())
|
|
|
dddd59 |
@@ -445,17 +447,19 @@ class FirewallCommand(object):
|
|
|
dddd59 |
def exception_handler(self, exception_message):
|
|
|
dddd59 |
if not self.__use_exception_handler:
|
|
|
dddd59 |
raise
|
|
|
dddd59 |
+ self.fail_if_not_authorized(exception_message)
|
|
|
dddd59 |
+ code = FirewallError.get_code(str(exception_message))
|
|
|
dddd59 |
+ if code in [ errors.ALREADY_ENABLED, errors.NOT_ENABLED,
|
|
|
dddd59 |
+ errors.ZONE_ALREADY_SET ]:
|
|
|
dddd59 |
+ self.print_warning("Warning: %s" % exception_message)
|
|
|
dddd59 |
+ else:
|
|
|
dddd59 |
+ self.print_and_exit("Error: %s" % exception_message, code)
|
|
|
dddd59 |
+
|
|
|
dddd59 |
+ def fail_if_not_authorized(self, exception_message):
|
|
|
dddd59 |
if "NotAuthorizedException" in exception_message:
|
|
|
dddd59 |
msg = """Authorization failed.
|
|
|
dddd59 |
Make sure polkit agent is running or run the application as superuser."""
|
|
|
dddd59 |
self.print_and_exit(msg, errors.NOT_AUTHORIZED)
|
|
|
dddd59 |
- else:
|
|
|
dddd59 |
- code = FirewallError.get_code(exception_message)
|
|
|
dddd59 |
- if code in [ errors.ALREADY_ENABLED, errors.NOT_ENABLED,
|
|
|
dddd59 |
- errors.ZONE_ALREADY_SET ]:
|
|
|
dddd59 |
- self.print_warning("Warning: %s" % exception_message)
|
|
|
dddd59 |
- else:
|
|
|
dddd59 |
- self.print_and_exit("Error: %s" % exception_message, code)
|
|
|
dddd59 |
|
|
|
dddd59 |
def deactivate_exception_handler(self):
|
|
|
dddd59 |
self.__use_exception_handler = False
|