Generalize polkit checks from firewall

cockpit-project / cockpit

Cockpit is a web-based graphical interface for servers.

http://www.cockpit-project.org/

GNU Lesser General Public License v2.1

11.24k stars 1.11k forks source link

Generalize polkit checks from firewall #11033

Open martinpitt opened 5 years ago

martinpitt commented 5 years ago

The firewall page is the first page which does a polkit check for a read-only view of the UI when the logged-in user doesn't have sufficient permissions.

A lot of other pages could use something like this as well. Choose another page where we can use this and move the functionality into pkg/lib

ancorgs commented 2 years ago

The check in the firewall page is certainly a step in the right direction, but please improve it before replicating the model. It introduces a hard dependency on polkit and is not fully precise, I fear. See https://github.com/cockpit-project/cockpit/issues/17669