Merge branch 'jb40797' into 'master'

[devicelock] Allow backends to provide a reason for a lockout. Contributes to JB#40797

See merge request mer-core/nemo-qml-plugin-devicelock!32

dbus/org.nemomobile.devicelock.AuthenticationInput.xml

@@ -17,6 +17,9 @@
   <method name="RequestSecurityCode">
    <arg name="client" type="o" direction="in"/>
   </method>
+  <method name="Authorize">
+   <arg name="client" type="o" direction="in"/>
+  </method>
   <method name="Cancel">
    <arg name="client" type="o" direction="in"/>
   </method>

dbus/org.nemomobile.devicelock.Authenticator.xml

@@ -8,6 +8,11 @@
    <arg name="challenge_code" type="v" direction="in"/>
    <arg name="methods" type="u" direction="in"/>
   </method>
+  <method name="RequestPermission">
+    <arg name="client" type="o" direction="in"/>
+    <arg name="message" type="s" direction="in"/>
+    <arg name="methods" type="u" direction="in"/>
+  </method>
   <method name="Cancel">
    <arg name="client" type="o" direction="in"/>
   </method>

dbus/org.nemomobile.devicelock.Authorization.xml

@@ -4,6 +4,8 @@
  <interface name="org.nemomobile.devicelock.Authorization">
   <method name="RequestChallenge">
    <arg name="client" type="o" direction="in"/>
+   <arg name="requested_methods" type="u" direction="in"/>
+   <arg name="authenticating_pid" type="u" direction="in"/>
    <arg name="challenge_code" type="v" direction="out"/>
    <arg name="allowed_methods" type="u" direction="out"/>
   </method>

dbus/org.nemomobile.devicelock.client.Authenticator.xml

@@ -5,6 +5,9 @@
   <method name="Authenticated">
    <arg name="authentication_token" type="v" direction="in"/>
   </method>
+  <method name="PermissionGranted">
+   <arg name="method" type="u" direction="in"/>
+  </method>
   <method name="Aborted"/>
  </interface>
 </node>

rpm/nemo-qml-plugin-devicelock.spec

@@ -16,7 +16,6 @@ BuildRequires:  pkgconfig(libsystemd-daemon)
 BuildRequires:  pkgconfig(mce)
 BuildRequires:  pkgconfig(nemodbus)
 Obsoletes:      nemo-qml-plugin-devicelock-default < 0.2.0
-Requires:       nemo-devicelock-daemon
 
 %description
 %{summary}.
@@ -43,7 +42,6 @@ Requires:   pkgconfig(nemodbus)
 Summary:    Development libraries for device lock daemons
 Group:      Development/Libraries
 Requires:   %{name}-devel = %{version}-%{release}
-Requires:   nemo-devicelock-daemon-cli = %{version}-%{release}
 Requires:   pkgconfig(keepalive)
 Requires:   pkgconfig(libsystemd-daemon)
 Requires:   pkgconfig(mce)

src/nemo-devicelock/authenticationinput.cpp

@@ -434,6 +434,15 @@ void AuthenticationInput::requestSecurityCode()
     call(QStringLiteral("RequestSecurityCode"), m_localPath);
 }
 
+/*!
+    Informs the security dialog that an action was authorized without authenticating.
+*/
+
+void AuthenticationInput::authorize()
+{
+    call(QStringLiteral("Authorize"), m_localPath);
+}
+
 /*!
     Sends a request to cancel authentication to the security daemon.
 */

src/nemo-devicelock/authenticationinput.h

@@ -66,7 +66,7 @@ class NEMODEVICELOCK_EXPORT AuthenticationInput : public QObject, private Connec
     Q_OBJECT
     Q_PROPERTY(Authenticator::Methods utilizedMethods READ utilizedMethods NOTIFY utilizedMethodsChanged)
     Q_PROPERTY(Status status READ status NOTIFY statusChanged)
-    Q_PROPERTY(bool authenticatingProcess READ authenticatingPid NOTIFY authenticatingPidChanged)
+    Q_PROPERTY(int authenticatingProcess READ authenticatingPid NOTIFY authenticatingPidChanged)
     Q_PROPERTY(bool active READ isActive WRITE setActive NOTIFY activeChanged)
     Q_PROPERTY(bool registered READ isRegistered WRITE setRegistered NOTIFY registeredChanged)
     Q_PROPERTY(int minimumCodeLength READ minimumCodeLength CONSTANT)
@@ -76,6 +76,7 @@ class NEMODEVICELOCK_EXPORT AuthenticationInput : public QObject, private Connec
     Q_PROPERTY(CodeGeneration codeGeneration READ codeGeneration NOTIFY codeGenerationChanged)
 public:
     enum Feedback {
+        Authorize,
         EnterSecurityCode,
         EnterNewSecurityCode,
         RepeatNewSecurityCode,
@@ -150,6 +151,7 @@ class NEMODEVICELOCK_EXPORT AuthenticationInput : public QObject, private Connec
 
     Q_INVOKABLE void enterSecurityCode(const QString &code);
     Q_INVOKABLE void requestSecurityCode();
+    Q_INVOKABLE void authorize();
     Q_INVOKABLE void cancel();
 
 signals:
@@ -164,7 +166,7 @@ class NEMODEVICELOCK_EXPORT AuthenticationInput : public QObject, private Connec
     void codeGenerationChanged();
     void codeInputIsKeyboardChanged();
 
-    void authenticationStarted(Feedback feedback, const QVariant &data);
+    void authenticationStarted(Feedback feedback, const QVariantMap &data);
     void authenticationUnavailable(Error error);
     void authenticationEvaluating();
     void authenticationProgress(int current, int maximum);

src/nemo-devicelock/authenticator.cpp

@@ -49,6 +49,11 @@ void AuthenticatorAdaptor::Authenticated(const QDBusVariant &authenticationToken
     m_authenticator->handleAuthentication(authenticationToken.variant());
 }
 
+void AuthenticatorAdaptor::PermissionGranted(uint method)
+{
+    m_authenticator->handlePermissionGranted(Authenticator::Method(method));
+}
+
 void AuthenticatorAdaptor::Aborted()
 {
     m_authenticator->handleAborted();
@@ -142,6 +147,40 @@ void Authenticator::authenticate(const QVariant &challengeCode, Methods methods)
     emit authenticatingChanged();
 }
 
+/*!
+    Requests the user grant permission for an action described by \a message and \a properties
+    using one of the given authentication \a methods.
+
+    The properties map may contain one of the following values:
+
+    \table
+    \header
+    \li Key
+    \li Value
+    \row
+    \li authenticatingPid
+    \li The PID of the application permissions are being requested for.
+    \endtable
+*/
+
+void Authenticator::requestPermission(
+        const QString &message, const QVariantMap &properties, Methods methods)
+{
+    const auto response = call(
+                QStringLiteral("RequestPermission"), m_localPath, message, properties, uint(methods));
+
+    m_authenticating = true;
+
+    response->onError([this](const QDBusError &) {
+        m_authenticating = false;
+
+        emit aborted();
+        emit authenticatingChanged();
+    });
+
+    emit authenticatingChanged();
+}
+
 /*!
     Cancels an active authentication request.
 */
@@ -174,6 +213,23 @@ void Authenticator::handleAuthentication(const QVariant &authenticationToken)
     }
 }
 
+/*!
+    \signal NemoDeviceLock::Authenticator::permissionGranted(Method method)
+
+    Signals that the user has successfully granted permission for the requested
+    action using the given authentication \a method.
+*/
+
+void Authenticator::handlePermissionGranted(Method method)
+{
+    if (m_authenticating) {
+        m_authenticating = false;
+
+        emit permissionGranted(method);
+        emit authenticatingChanged();
+    }
+}
+
 /*!
     \signal NemoDeviceLock::Authenticator::aborted()
 

src/nemo-devicelock/authenticator.h

@@ -52,6 +52,7 @@ class AuthenticatorAdaptor : public QDBusAbstractAdaptor
 
 public slots:
     Q_NOREPLY void Authenticated(const QDBusVariant &authenticationToken);
+    Q_NOREPLY void PermissionGranted(uint method);
     Q_NOREPLY void Aborted();
 
 private:
@@ -67,9 +68,11 @@ class NEMODEVICELOCK_EXPORT Authenticator : public QObject, private ConnectionCl
     Q_FLAGS(Methods)
 public:
     enum Method {
-        NoAuthentication    = 0x00,
-        SecurityCode        = 0x01,
-        Fingerprint         = 0x02
+        NoAuthentication    = 0x000,
+        SecurityCode        = 0x0001,
+        Fingerprint         = 0x0002,
+        Confirmation        = 0x1000,
+        AllAvailable = SecurityCode | Fingerprint | Confirmation
     };
 
     Q_DECLARE_FLAGS(Methods, Method)
@@ -81,14 +84,17 @@ class NEMODEVICELOCK_EXPORT Authenticator : public QObject, private ConnectionCl
     bool isAuthenticating() const;
 
     Q_INVOKABLE void authenticate(
-            const QVariant &challengeCode, Methods methods = Methods(SecurityCode | Fingerprint));
+            const QVariant &challengeCode, Methods methods = AllAvailable);
+    Q_INVOKABLE void requestPermission(
+            const QString &message, const QVariantMap &properties, Methods methods = AllAvailable);
     Q_INVOKABLE void cancel();
 
 signals:
     void availableMethodsChanged();
     void authenticatingChanged();
 
     void authenticated(const QVariant &authenticationToken);
+    void permissionGranted(Method method);
     void aborted();
 
 private:
@@ -97,6 +103,7 @@ class NEMODEVICELOCK_EXPORT Authenticator : public QObject, private ConnectionCl
     inline void connected();
 
     inline void handleAuthentication(const QVariant &authenticationToken);
+    inline void handlePermissionGranted(Method method);
     inline void handleAborted();
 
     AuthenticatorAdaptor m_adaptor;

src/nemo-devicelock/host/cli/cliauthenticator.cpp

@@ -65,7 +65,7 @@ Authenticator::Methods CliAuthenticator::availableMethods() const
 }
 
 
-HostAuthenticationInput::Availability CliAuthenticator::availability() const
+HostAuthenticationInput::Availability CliAuthenticator::availability(QVariantMap *) const
 {
     if (m_watcher->securityCodeSet()) {
         const int maximum = maximumAttempts();
@@ -103,7 +103,7 @@ void CliAuthenticator::enterSecurityCode(const QString &code)
     m_securityCode.clear();
 }
 
-QVariant CliAuthenticator::authenticateChallengeCode(const QVariant &)
+QVariant CliAuthenticator::authenticateChallengeCode(const QVariant &, Authenticator::Method, uint)
 {
     return m_securityCode;
 }

src/nemo-devicelock/host/cli/cliauthenticator.h

@@ -51,14 +51,15 @@ class CliAuthenticator : public HostAuthenticator
     ~CliAuthenticator();
 
     Authenticator::Methods availableMethods() const override;
-    Availability availability() const override;
+    Availability availability(QVariantMap *feedbackData) const override;
 
     int checkCode(const QString &code) override;
     int setCode(const QString &oldCode, const QString &newCode) override;
     bool clearCode(const QString &code) override;
 
     void enterSecurityCode(const QString &code);
-    QVariant authenticateChallengeCode(const QVariant &challengeCode);
+    QVariant authenticateChallengeCode(
+            const QVariant &challengeCode, Authenticator::Method method, uint authenticatingPid) override;
 
 private:
     QExplicitlySharedDataPointer<LockCodeWatcher> m_watcher;

src/nemo-devicelock/host/cli/clidevicelock.cpp

@@ -54,7 +54,7 @@ CliDeviceLock::~CliDeviceLock()
 {
 }
 
-HostAuthenticationInput::Availability CliDeviceLock::availability() const
+HostAuthenticationInput::Availability CliDeviceLock::availability(QVariantMap *) const
 {
     if (m_watcher->securityCodeSet()) {
         const int maximum = maximumAttempts();

src/nemo-devicelock/host/cli/clidevicelock.h

@@ -49,7 +49,7 @@ class CliDeviceLock : public MceDeviceLock
     CliDeviceLock(QObject *parent = nullptr);
     ~CliDeviceLock();
 
-    Availability availability() const override;
+    Availability availability(QVariantMap *data) const override;
 
     int checkCode(const QString &code) override;
     int setCode(const QString &oldCode, const QString &newCode) override;