1 /jds/bin/diff -uprN gnome-panel-2.27.91.old/gnome-panel/panel-addto.c gnome-panel-2.27.91/gnome-panel/panel-addto.c 2 --- gnome-panel-2.27.91.old/gnome-panel/panel-addto.c 2009-08-26 17:27:48.018970000 +0100 3 +++ gnome-panel-2.27.91/gnome-panel/panel-addto.c 2009-08-26 17:33:56.113982000 +0100 4 @@ -571,9 +571,10 @@ panel_addto_make_applet_model (PanelAddt 5 dialog, NULL); 6 } 7 8 -static void panel_addto_make_application_list (GSList **parent_list, 9 +static gint panel_addto_make_application_list (GSList **parent_list, 10 GMenuTreeDirectory *directory, 11 const char *filename); 12 +static void panel_addto_dialog_free_item_info (PanelAddtoItemInfo *item_info); 13 14 static void 15 panel_addto_prepend_directory (GSList **parent_list, 16 @@ -581,6 +582,7 @@ panel_addto_prepend_directory (GSList 17 const char *filename) 18 { 19 PanelAddtoAppList *data; 20 + gint entries_added = 0; 21 22 data = g_new0 (PanelAddtoAppList, 1); 23 24 @@ -600,9 +602,16 @@ panel_addto_prepend_directory (GSList 25 * So the iid is built when we select the row. 26 */ 27 28 - *parent_list = g_slist_prepend (*parent_list, data); 29 - 30 - panel_addto_make_application_list (&data->children, directory, filename); 31 + entries_added = panel_addto_make_application_list (&data->children, directory, filename); 32 + if (entries_added > 0) { 33 + /*Only prepend if there are entries */ 34 + *parent_list = g_slist_prepend (*parent_list, data); 35 + } 36 + else { 37 + /* Free data as not being appended */ 38 + panel_addto_dialog_free_item_info (&data->item_info); 39 + g_free (data); 40 + } 41 } 42 43 static void 44 @@ -624,12 +633,13 @@ panel_addto_prepend_entry (GSList 45 *parent_list = g_slist_prepend (*parent_list, data); 46 } 47 48 -static void 49 +static gint 50 panel_addto_prepend_alias (GSList **parent_list, 51 GMenuTreeAlias *alias, 52 const char *filename) 53 { 54 GMenuTreeItem *aliased_item; 55 + gint entry = 0; 56 57 aliased_item = gmenu_tree_alias_get_item (alias); 58 59 @@ -641,9 +651,14 @@ panel_addto_prepend_alias (GSList 60 break; 61 62 case GMENU_TREE_ITEM_ENTRY: 63 - panel_addto_prepend_entry (parent_list, 64 - GMENU_TREE_ENTRY (aliased_item), 65 - filename); 66 + 67 + if (panel_lockdown_is_allowed_menu_entry 68 + (GMENU_TREE_ENTRY (aliased_item))) { 69 + panel_addto_prepend_entry (parent_list, 70 + GMENU_TREE_ENTRY (aliased_item), 71 + filename); 72 + entry = 1; 73 + } 74 break; 75 76 default: 77 @@ -651,15 +666,17 @@ panel_addto_prepend_alias (GSList 78 } 79 80 gmenu_tree_item_unref (aliased_item); 81 + return entry; 82 } 83 84 -static void 85 +static gint 86 panel_addto_make_application_list (GSList **parent_list, 87 GMenuTreeDirectory *directory, 88 const char *filename) 89 { 90 GSList *items; 91 GSList *l; 92 + gint number_entries = 0; 93 94 items = gmenu_tree_directory_get_contents (directory); 95 96 @@ -670,11 +687,15 @@ panel_addto_make_application_list (GSLis 97 break; 98 99 case GMENU_TREE_ITEM_ENTRY: 100 - panel_addto_prepend_entry (parent_list, l->data, filename); 101 + if (panel_lockdown_is_allowed_menu_entry (l->data)) { 102 + panel_addto_prepend_entry (parent_list, l->data, filename); 103 + number_entries = number_entries + 1; 104 + } 105 break; 106 107 case GMENU_TREE_ITEM_ALIAS: 108 - panel_addto_prepend_alias (parent_list, l->data, filename); 109 + number_entries = number_entries + 110 + panel_addto_prepend_alias (parent_list, l->data, filename); 111 break; 112 113 default: 114 @@ -687,6 +708,8 @@ panel_addto_make_application_list (GSLis 115 g_slist_free (items); 116 117 *parent_list = g_slist_reverse (*parent_list); 118 + 119 + return number_entries; 120 } 121 122 static void 123 /jds/bin/diff -uprN gnome-panel-2.27.91.old/gnome-panel/panel-lockdown.h gnome-panel-2.27.91/gnome-panel/panel-lockdown.h 124 --- gnome-panel-2.27.91.old/gnome-panel/panel-lockdown.h 2009-08-26 17:27:47.990078000 +0100 125 +++ gnome-panel-2.27.91/gnome-panel/panel-lockdown.h 2009-08-26 17:34:10.921311000 +0100 126 @@ -25,8 +25,11 @@ 127 #ifndef __PANEL_LOCKDOWN_H__ 128 #define __PANEL_LOCKDOWN_H__ 129 130 +#include <libgnome/gnome-desktop-item.h> 131 #include <glib.h> 132 #include <glib-object.h> 133 +#include <gmenu-tree.h> 134 +#include "launcher.h" 135 136 G_BEGIN_DECLS 137 138 @@ -39,13 +42,56 @@ gboolean panel_lockdown_get_disable_lock 139 gboolean panel_lockdown_get_disable_log_out (void); 140 gboolean panel_lockdown_get_disable_force_quit (void); 141 142 +gboolean panel_lockdown_get_restrict_application_launching (void); 143 +GSList *panel_lockdown_get_allowed_applications (void); 144 + 145 gboolean panel_lockdown_is_applet_disabled (const char *iid); 146 +gboolean panel_lockdown_is_allowed_application (const gchar *app); 147 148 void panel_lockdown_notify_add (GCallback callback_func, 149 gpointer user_data); 150 void panel_lockdown_notify_remove (GCallback callback_func, 151 gpointer user_data); 152 153 +gchar *panel_lockdown_get_stripped_exec (const gchar *full_exec); 154 +gchar *panel_lockdown_get_exec_from_ditem (GnomeDesktopItem *ditem); 155 +gboolean panel_lockdown_ditem_in_allowed_applications (GnomeDesktopItem *ditem); 156 +gboolean panel_lockdown_is_disabled_command_line (const gchar *term_cmd); 157 + 158 +/** 159 + * Returns true if the ditem corresponds to an application whose use has been 160 + * disallowed by the administrator (tests whether restrictions are in place 161 + * and if the ditem matches the allowed applications list). 162 + */ 163 +gboolean panel_lockdown_is_forbidden_app (GnomeDesktopItem *ditem); 164 +/** 165 + * Returns true if the ditem corresponds to either an application whose use 166 + * has been disallowed by the administrator (same as previous function) or 167 + * a shell when command line use has been restricted. 168 + */ 169 +gboolean panel_lockdown_is_forbidden_ditem (GnomeDesktopItem *ditem); 170 +/** 171 + * Returns true if the command line corresponds to an application whose use 172 + * has been disallowed by the administrator. 173 + */ 174 +gboolean panel_lockdown_is_forbidden_command (const gchar *command); 175 + 176 +/** 177 + * Returns true if the menu entry corresponds to an application whose use 178 + * has been allowed by the administrator. 179 + */ 180 +gboolean panel_lockdown_is_allowed_menu_entry (GMenuTreeEntry *entry); 181 + 182 +/** 183 + * Returns true if the launcher application has been disallowed by the administrator. 184 + */ 185 +gboolean panel_lockdown_is_forbidden_launcher (Launcher *launcher); 186 + 187 +/** 188 + * Returns true if the key_file application has been disallowed by the administrator. 189 + */ 190 +gboolean panel_lockdown_is_forbidden_key_file (GKeyFile *key_file); 191 + 192 G_END_DECLS 193 194 #endif /* __PANEL_LOCKDOWN_H__ */ 195 /jds/bin/diff -uprN gnome-panel-2.27.91.old/gnome-panel/panel-menu-items.h gnome-panel-2.27.91/gnome-panel/panel-menu-items.h 196 --- gnome-panel-2.27.91.old/gnome-panel/panel-menu-items.h 2009-08-26 17:27:47.989560000 +0100 197 +++ gnome-panel-2.27.91/gnome-panel/panel-menu-items.h 2009-08-26 17:34:22.060144000 +0100 198 @@ -90,6 +90,8 @@ void panel_desktop_menu_item_set_panel ( 199 void panel_menu_items_append_lock_logout (GtkWidget *menu); 200 void panel_menu_item_activate_desktop_file (GtkWidget *menuitem, 201 const char *path); 202 +void panel_place_menu_item_recreate_menu (GtkWidget *widget); 203 +void panel_desktop_menu_item_recreate_menu (PanelDesktopMenuItem *desktop_item); 204 205 G_END_DECLS 206 207 /jds/bin/diff -uprN gnome-panel-2.27.91.old/gnome-panel/Makefile.am gnome-panel-2.27.91/gnome-panel/Makefile.am 208 --- gnome-panel-2.27.91.old/gnome-panel/Makefile.am 2009-08-26 17:27:47.958497000 +0100 209 +++ gnome-panel-2.27.91/gnome-panel/Makefile.am 2009-08-26 17:34:33.698263000 +0100 210 @@ -165,6 +165,8 @@ gnome_desktop_item_edit_SOURCES = \ 211 panel-ditem-editor.c \ 212 panel-marshal.c \ 213 panel-util.c \ 214 + panel-lockdown.c \ 215 + panel-gconf.c \ 216 xstuff.c 217 218 gnome_desktop_item_edit_LDFLAGS = -export-dynamic 219 /jds/bin/diff -uprN gnome-panel-2.27.91.old/gnome-panel/panel-action-button.c gnome-panel-2.27.91/gnome-panel/panel-action-button.c 220 --- gnome-panel-2.27.91.old/gnome-panel/panel-action-button.c 2009-08-26 17:27:47.940413000 +0100 221 +++ gnome-panel-2.27.91/gnome-panel/panel-action-button.c 2009-08-26 17:40:26.368224000 +0100 222 @@ -207,8 +207,11 @@ panel_action_shutdown_reboot_is_disabled 223 static void 224 panel_action_run_program (GtkWidget *widget) 225 { 226 - panel_run_dialog_present (gtk_widget_get_screen (widget), 227 - gtk_get_current_event_time ()); 228 + if (!panel_lockdown_get_restrict_application_launching () && 229 + !panel_lockdown_get_disable_command_line ()) { 230 + panel_run_dialog_present (gtk_widget_get_screen (widget), 231 + gtk_get_current_event_time ()); 232 + } 233 } 234 235 /* Search For Files 236 /jds/bin/diff -uprN gnome-panel-2.27.91.old/gnome-panel/panel-menu-bar.c gnome-panel-2.27.91/gnome-panel/panel-menu-bar.c 237 --- gnome-panel-2.27.91.old/gnome-panel/panel-menu-bar.c 2009-08-26 17:27:47.961196000 +0100 238 +++ gnome-panel-2.27.91/gnome-panel/panel-menu-bar.c 2009-08-26 17:35:05.241962000 +0100 239 @@ -132,6 +132,32 @@ panel_menu_bar_setup_tooltip (PanelMenuB 240 } 241 242 static void 243 +panel_menu_bar_parent_set (GtkWidget *widget, 244 + GtkWidget *previous_parent); 245 + 246 +static void 247 +panel_menubar_recreate_menus (PanelMenuBar *menubar) 248 +{ 249 + if (menubar->priv->applications_menu != NULL) { 250 + while (GTK_MENU_SHELL (menubar->priv->applications_menu)->children) { 251 + gtk_widget_destroy ( 252 + GTK_MENU_SHELL (menubar->priv->applications_menu)->children->data); 253 + } 254 + menubar->priv->applications_menu = 255 + create_applications_menu ("applications.menu", NULL, TRUE); 256 + gtk_menu_item_set_submenu 257 + (GTK_MENU_ITEM (menubar->priv->applications_item), 258 + menubar->priv->applications_menu); 259 + 260 + panel_place_menu_item_recreate_menu(menubar->priv->places_item); 261 + panel_desktop_menu_item_recreate_menu( 262 + (PanelDesktopMenuItem *)menubar->priv->desktop_item); 263 + 264 + panel_menu_bar_parent_set ((GtkWidget *)menubar, NULL); 265 + } 266 +} 267 + 268 +static void 269 panel_menu_bar_init (PanelMenuBar *menubar) 270 { 271 GtkWidget *image; 272 @@ -164,6 +190,8 @@ panel_menu_bar_init (PanelMenuBar *menub 273 menubar->priv->desktop_item); 274 275 panel_menu_bar_setup_tooltip (menubar); 276 + panel_lockdown_notify_add (G_CALLBACK (panel_menubar_recreate_menus), 277 + menubar); 278 279 panel_menu_bar_update_text_gravity (menubar); 280 g_signal_connect (menubar, "screen-changed", 281 /jds/bin/diff -uprN gnome-panel-2.27.91.old/gnome-panel/gnome-desktop-item-edit.c gnome-panel-2.27.91/gnome-panel/gnome-desktop-item-edit.c 282 --- gnome-panel-2.27.91.old/gnome-panel/gnome-desktop-item-edit.c 2009-08-26 17:27:48.019780000 +0100 283 +++ gnome-panel-2.27.91/gnome-panel/gnome-desktop-item-edit.c 2009-08-26 17:41:37.134321000 +0100 284 @@ -21,7 +21,6 @@ GConfClient *panel_gconf_get_client (voi 285 #include "panel-config-global.h" 286 gboolean panel_global_config_get_tooltips_enabled (void) { return FALSE; } 287 #include "panel-lockdown.h" 288 -gboolean panel_lockdown_get_disable_lock_screen (void) { return FALSE; } 289 290 static int dialogs = 0; 291 static gboolean create_new = FALSE; 292 @@ -107,6 +106,8 @@ main (int argc, char * argv[]) 293 bind_textdomain_codeset (GETTEXT_PACKAGE, "UTF-8"); 294 textdomain (GETTEXT_PACKAGE); 295 296 + panel_lockdown_init (); 297 + 298 context = g_option_context_new (N_("- Edit .desktop files")); 299 g_option_context_set_translation_domain (context, GETTEXT_PACKAGE); 300 g_option_context_add_main_entries (context, options, GETTEXT_PACKAGE); 301 @@ -226,5 +227,7 @@ main (int argc, char * argv[]) 302 303 g_object_unref (program); 304 305 + panel_lockdown_finalize (); 306 + 307 return 0; 308 } 309 /jds/bin/diff -uprN gnome-panel-2.27.91.old/gnome-panel/panel-lockdown.c gnome-panel-2.27.91/gnome-panel/panel-lockdown.c 310 --- gnome-panel-2.27.91.old/gnome-panel/panel-lockdown.c 2009-08-26 17:27:47.989262000 +0100 311 +++ gnome-panel-2.27.91/gnome-panel/panel-lockdown.c 2009-08-26 17:50:44.869236000 +0100 312 @@ -28,13 +28,16 @@ 313 314 #include <string.h> 315 #include "panel-gconf.h" 316 +#include <libpanel-util/panel-keyfile.h> 317 318 -#define N_LISTENERS 6 319 +#define N_LISTENERS 8 320 321 #define PANEL_GLOBAL_LOCKDOWN_DIR "/apps/panel/global" 322 #define DESKTOP_GNOME_LOCKDOWN_DIR "/desktop/gnome/lockdown" 323 #define PANEL_GLOBAL_LOCKED_DOWN_KEY PANEL_GLOBAL_LOCKDOWN_DIR "/locked_down" 324 #define DISABLE_COMMAND_LINE_KEY DESKTOP_GNOME_LOCKDOWN_DIR "/disable_command_line" 325 +#define RESTRICT_APPLICATION_LAUNCHING_KEY DESKTOP_GNOME_LOCKDOWN_DIR "/restrict_application_launching" 326 +#define ALLOWED_APPLICATIONS_KEY DESKTOP_GNOME_LOCKDOWN_DIR "/allowed_applications" 327 #define DISABLE_LOCK_SCREEN_KEY DESKTOP_GNOME_LOCKDOWN_DIR "/disable_lock_screen" 328 #define DISABLE_LOG_OUT_KEY PANEL_GLOBAL_LOCKDOWN_DIR "/disable_log_out" 329 #define DISABLE_FORCE_QUIT_KEY PANEL_GLOBAL_LOCKDOWN_DIR "/disable_force_quit" 330 @@ -48,6 +51,9 @@ typedef struct { 331 guint disable_lock_screen : 1; 332 guint disable_log_out : 1; 333 guint disable_force_quit : 1; 334 + guint restrict_application_launching : 1; 335 + 336 + GSList *allowed_applications; 337 338 GSList *disabled_applets; 339 340 @@ -56,6 +62,12 @@ typedef struct { 341 GSList *closures; 342 } PanelLockdown; 343 344 +static const gchar *command_line_execs[] = { 345 + "/usr/bin/gnome-terminal", 346 + "/usr/bin/xterm" 347 +}; 348 +#define NUMBER_COMMAND_LINE_EXECS 2 349 + 350 static PanelLockdown panel_lockdown = { 0, }; 351 352 353 @@ -63,9 +75,17 @@ static inline void 354 panel_lockdown_invoke_closures (PanelLockdown *lockdown) 355 { 356 GSList *l; 357 + GSList *copy = NULL; 358 359 - for (l = lockdown->closures; l; l = l->next) 360 + copy = g_slist_copy (lockdown->closures); 361 + for (l = copy; l != NULL; l = l->next) { 362 + if (g_slist_find (lockdown->closures, l->data)) { 363 + g_closure_ref (l->data); 364 g_closure_invoke (l->data, NULL, 0, NULL, NULL); 365 + g_closure_unref (l->data); 366 + } 367 + } 368 + g_slist_free (copy); 369 } 370 371 static void 372 @@ -166,6 +186,50 @@ disabled_applets_notify (GConfClient * 373 panel_lockdown_invoke_closures (lockdown); 374 } 375 376 +static void 377 +restrict_application_launching_notify (GConfClient *client, 378 + guint cnxn_id, 379 + GConfEntry *entry, 380 + PanelLockdown *lockdown) 381 +{ 382 + if (!entry->value || entry->value->type != GCONF_VALUE_BOOL) 383 + return; 384 + 385 + lockdown->restrict_application_launching = 386 + gconf_value_get_bool (entry->value); 387 + 388 + panel_lockdown_invoke_closures (lockdown); 389 +} 390 + 391 + 392 +static void 393 +allowed_applications_notify (GConfClient *client, 394 + guint cnxn_id, 395 + GConfEntry *entry, 396 + PanelLockdown *lockdown) 397 +{ 398 + GSList *l; 399 + 400 + if (!entry->value || entry->value->type != GCONF_VALUE_LIST || 401 + gconf_value_get_list_type (entry->value) != GCONF_VALUE_STRING) 402 + return; 403 + 404 + for (l = lockdown->allowed_applications; l; l = l->next) 405 + g_free (l->data); 406 + g_slist_free (lockdown->allowed_applications); 407 + lockdown->allowed_applications = NULL; 408 + 409 + for (l = gconf_value_get_list (entry->value); l; l = l->next) { 410 + const char *iid = gconf_value_get_string (l->data); 411 + 412 + lockdown->allowed_applications = 413 + g_slist_prepend (lockdown->allowed_applications, 414 + g_strdup (iid)); 415 + } 416 + 417 + panel_lockdown_invoke_closures (lockdown); 418 +} 419 + 420 static gboolean 421 panel_lockdown_load_bool (PanelLockdown *lockdown, 422 GConfClient *client, 423 @@ -215,6 +279,28 @@ panel_lockdown_load_disabled_applets (Pa 424 return retval; 425 } 426 427 +static GSList * 428 +panel_lockdown_load_allowed_applications (PanelLockdown *lockdown, 429 + GConfClient *client, 430 + int listener) 431 +{ 432 + GSList *retval; 433 + 434 + retval = gconf_client_get_list (client, 435 + ALLOWED_APPLICATIONS_KEY, 436 + GCONF_VALUE_STRING, 437 + NULL); 438 + 439 + lockdown->listeners [listener] = 440 + gconf_client_notify_add (client, 441 + ALLOWED_APPLICATIONS_KEY, 442 + (GConfClientNotifyFunc) allowed_applications_notify, 443 + lockdown, 444 + NULL, NULL); 445 + 446 + return retval; 447 +} 448 + 449 void 450 panel_lockdown_init (void) 451 { 452 @@ -273,6 +359,18 @@ panel_lockdown_init (void) 453 client, 454 i++); 455 456 + panel_lockdown.restrict_application_launching = 457 + panel_lockdown_load_bool (&panel_lockdown, 458 + client, 459 + RESTRICT_APPLICATION_LAUNCHING_KEY, 460 + (GConfClientNotifyFunc) restrict_application_launching_notify, 461 + i++); 462 + 463 + panel_lockdown.allowed_applications = 464 + panel_lockdown_load_allowed_applications (&panel_lockdown, 465 + client, 466 + i++); 467 + 468 g_assert (i == N_LISTENERS); 469 470 panel_lockdown.initialized = TRUE; 471 @@ -294,6 +392,13 @@ panel_lockdown_finalize (void) 472 g_slist_free (panel_lockdown.disabled_applets); 473 panel_lockdown.disabled_applets = NULL; 474 475 + for (l = panel_lockdown.allowed_applications; l; l = l->next) { 476 + g_free (l->data); 477 + } 478 + 479 + g_slist_free (panel_lockdown.allowed_applications); 480 + panel_lockdown.allowed_applications = NULL; 481 + 482 for (i = 0; i < N_LISTENERS; i++) { 483 if (panel_lockdown.listeners [i]) 484 gconf_client_notify_remove (client, 485 @@ -371,6 +476,36 @@ panel_lockdown_is_applet_disabled (const 486 return FALSE; 487 } 488 489 +gboolean 490 +panel_lockdown_get_restrict_application_launching (void) 491 +{ 492 + g_assert (panel_lockdown.initialized != FALSE); 493 + 494 + return panel_lockdown.restrict_application_launching; 495 +} 496 + 497 +GSList * 498 +panel_lockdown_get_allowed_applications (void) 499 +{ 500 + g_assert (panel_lockdown.initialized == TRUE); 501 + 502 + return panel_lockdown.allowed_applications; 503 +} 504 + 505 +gboolean 506 +panel_lockdown_is_allowed_application (const gchar *app) 507 +{ 508 + GSList *l; 509 + 510 + g_assert (panel_lockdown.initialized != FALSE); 511 + 512 + for (l = panel_lockdown.allowed_applications; l; l = l->next) 513 + if (!strcmp (l->data, app)) 514 + return TRUE; 515 + 516 + return FALSE; 517 +} 518 + 519 static GClosure * 520 panel_lockdown_notify_find (GSList *closures, 521 GCallback callback_func, 522 @@ -440,3 +575,161 @@ panel_lockdown_notify_remove (GCallback 523 524 g_closure_unref (closure); 525 } 526 + 527 +gchar * 528 +panel_lockdown_get_stripped_exec (const gchar *full_exec) 529 +{ 530 + gchar *str1, *str2, *retval, *p; 531 + 532 + str1 = g_strdup (full_exec); 533 + p = strtok (str1, " "); 534 + 535 + if (p != NULL) 536 + str2 = g_strdup (p); 537 + else 538 + str2 = g_strdup (full_exec); 539 + 540 + g_free (str1); 541 + 542 + if (g_path_is_absolute (str2)) 543 + retval = g_strdup (str2); 544 + else 545 + retval = g_strdup (g_find_program_in_path ((const gchar *)str2)); 546 + g_free (str2); 547 + 548 + return retval; 549 +} 550 + 551 +gchar * 552 +panel_lockdown_get_exec_from_ditem (GnomeDesktopItem *ditem) 553 +{ 554 + const char *full_exec; 555 + gchar *retval = NULL; 556 + 557 + full_exec = gnome_desktop_item_get_string (ditem, 558 + GNOME_DESKTOP_ITEM_EXEC); 559 + 560 + if (full_exec != NULL) 561 + retval = panel_lockdown_get_stripped_exec (full_exec); 562 + 563 + return retval; 564 +} 565 + 566 +gboolean 567 +panel_lockdown_ditem_in_allowed_applications (GnomeDesktopItem *ditem) 568 +{ 569 + gboolean retval = FALSE; 570 + gchar *stripped_exec; 571 + 572 + stripped_exec = panel_lockdown_get_exec_from_ditem (ditem); 573 + 574 + if (stripped_exec != NULL) { 575 + retval = panel_lockdown_is_allowed_application (stripped_exec); 576 + g_free (stripped_exec); 577 + } 578 + 579 + return retval; 580 +} 581 + 582 +gboolean 583 +panel_lockdown_is_disabled_command_line (const gchar *term_cmd) 584 +{ 585 + int i = 0; 586 + gboolean retval = FALSE; 587 + 588 + for (i=0; i<NUMBER_COMMAND_LINE_EXECS; i++) { 589 + if (!strcmp (command_line_execs [i], term_cmd)) { 590 + retval = TRUE; 591 + break; 592 + } 593 + } 594 + 595 + return retval; 596 +} 597 + 598 +gboolean 599 +panel_lockdown_is_forbidden_app(GnomeDesktopItem *ditem) { 600 + g_return_val_if_fail (ditem != NULL, TRUE) ; 601 + return panel_lockdown_get_restrict_application_launching () && 602 + !panel_lockdown_ditem_in_allowed_applications (ditem) ; 603 +} 604 + 605 +gboolean 606 +panel_lockdown_is_forbidden_ditem(GnomeDesktopItem *ditem) 607 +{ 608 + g_return_val_if_fail (ditem != NULL, TRUE) ; 609 + if (panel_lockdown_is_forbidden_app (ditem)) { return TRUE ; } 610 + if (panel_lockdown_get_disable_command_line ()) { 611 + char *stripped = panel_lockdown_get_exec_from_ditem (ditem) ; 612 + 613 + if (stripped != NULL) { 614 + gboolean retCode = 615 + panel_lockdown_is_disabled_command_line (stripped) ; 616 + 617 + g_free (stripped) ; 618 + return retCode ; 619 + } 620 + } 621 + return FALSE ; 622 +} 623 + 624 +gboolean 625 +panel_lockdown_is_forbidden_command (const char *command) 626 +{ 627 + g_return_val_if_fail (command != NULL, TRUE) ; 628 + return panel_lockdown_get_restrict_application_launching () && 629 + !panel_lockdown_is_allowed_application (command) ; 630 +} 631 + 632 +gboolean 633 +panel_lockdown_is_allowed_menu_entry (GMenuTreeEntry *entry) 634 +{ 635 + const char *path; 636 + GnomeDesktopItem *item = NULL ; 637 + 638 + if (!panel_lockdown_get_restrict_application_launching ()) 639 + return TRUE; 640 + 641 + path = gmenu_tree_entry_get_desktop_file_path (entry) ; 642 + 643 + if (path != NULL) { 644 + item = gnome_desktop_item_new_from_file (path, 0, NULL) ; 645 + if (item != NULL) { 646 + gboolean retCode = !panel_lockdown_is_forbidden_ditem (item) ; 647 + 648 + gnome_desktop_item_unref (item) ; 649 + return retCode ; 650 + } 651 + } 652 + return TRUE ; 653 +} 654 + 655 +gboolean 656 +panel_lockdown_is_forbidden_launcher (Launcher *launcher) 657 +{ 658 + return (panel_lockdown_is_forbidden_key_file(launcher->key_file)); 659 +} 660 + 661 +gboolean 662 +panel_lockdown_is_forbidden_key_file (GKeyFile *key_file) 663 +{ 664 + gchar *full_exec; /* Executable including possible arguments */ 665 + gchar *stripped_exec; /* Executable with arguments stripped away */ 666 + gboolean retval = FALSE; 667 + 668 + /* If restrict_application_launching not set on return TRUE */ 669 + if (!panel_lockdown_get_restrict_application_launching ()) { 670 + return retval; 671 + } 672 + 673 + if (key_file != NULL) 674 + { 675 + full_exec = panel_key_file_get_string (key_file, "Exec"); 676 + if (full_exec != NULL) { 677 + stripped_exec = panel_lockdown_get_stripped_exec (full_exec); 678 + retval = panel_lockdown_is_forbidden_command (stripped_exec); 679 + g_free (stripped_exec); 680 + } 681 + } 682 + return retval; 683 +} 684 /jds/bin/diff -uprN gnome-panel-2.27.91.old/gnome-panel/panel-menu-items.c gnome-panel-2.27.91/gnome-panel/panel-menu-items.c 685 --- gnome-panel-2.27.91.old/gnome-panel/panel-menu-items.c 2009-08-26 17:27:47.973492000 +0100 686 +++ gnome-panel-2.27.91/gnome-panel/panel-menu-items.c 2009-08-26 17:36:15.979872000 +0100 687 @@ -157,6 +157,21 @@ panel_menu_items_append_from_desktop (Gt 688 char *icon; 689 char *name; 690 char *comment; 691 + GnomeDesktopItem *ditem; 692 + 693 + /* If restricted application, then don't append */ 694 + if (g_path_is_absolute (path)) 695 + ditem = gnome_desktop_item_new_from_file (path, 0, NULL); 696 + else 697 + ditem = gnome_desktop_item_new_from_basename (path, 0, NULL); 698 + if (ditem != NULL && panel_lockdown_is_forbidden_ditem (ditem)) { 699 + gnome_desktop_item_unref (ditem); 700 + return; 701 + } 702 + 703 + if (ditem != NULL) { 704 + gnome_desktop_item_unref (ditem); 705 + } 706 707 path_freeme = NULL; 708 709 @@ -1073,7 +1088,7 @@ panel_place_menu_item_create_menu (Panel 710 return places_menu; 711 } 712 713 -static void 714 +void 715 panel_place_menu_item_recreate_menu (GtkWidget *widget) 716 { 717 PanelPlaceMenuItem *place_item; 718 @@ -1181,7 +1196,7 @@ panel_desktop_menu_item_create_menu (Pan 719 return desktop_menu; 720 } 721 722 -static void 723 +void 724 panel_desktop_menu_item_recreate_menu (PanelDesktopMenuItem *desktop_item) 725 { 726 if (desktop_item->priv->menu) { 727 @@ -1548,8 +1563,11 @@ panel_menu_items_append_lock_logout (Gtk 728 tooltip = NULL; 729 } 730 731 - item = panel_menu_items_create_action_item_full (PANEL_ACTION_LOGOUT, 732 - label, tooltip); 733 + if (!panel_lockdown_get_disable_log_out ()) { 734 + item = panel_menu_items_create_action_item_full (PANEL_ACTION_LOGOUT, 735 + label, tooltip); 736 + } 737 + 738 g_free (label); 739 g_free (tooltip); 740 741 @@ -1575,5 +1593,21 @@ void 742 panel_menu_item_activate_desktop_file (GtkWidget *menuitem, 743 const char *path) 744 { 745 + GnomeDesktopItem *ditem; 746 + 747 + if (g_path_is_absolute (path)) 748 + ditem = gnome_desktop_item_new_from_file (path, 0, NULL); 749 + else 750 + ditem = gnome_desktop_item_new_from_basename (path, 0, NULL); 751 + 752 + if (ditem != NULL && panel_lockdown_is_forbidden_ditem (ditem)) { 753 + gnome_desktop_item_unref (ditem); 754 + return; /* Don't launch as it's a forbidden desktop file */ 755 + } 756 + 757 + if (ditem != NULL) { 758 + gnome_desktop_item_unref (ditem); 759 + } 760 + 761 panel_launch_desktop_file (path, menuitem_to_screen (menuitem), NULL); 762 } 763 /jds/bin/diff -uprN gnome-panel-2.27.91.old/gnome-panel/launcher.c gnome-panel-2.27.91/gnome-panel/launcher.c 764 --- gnome-panel-2.27.91.old/gnome-panel/launcher.c 2009-08-26 17:27:47.942300000 +0100 765 +++ gnome-panel-2.27.91/gnome-panel/launcher.c 2009-08-26 17:56:11.860620000 +0100 766 @@ -105,6 +105,9 @@ launch_url (Launcher *launcher) 767 g_return_if_fail (launcher != NULL); 768 g_return_if_fail (launcher->key_file != NULL); 769 770 + if (panel_lockdown_is_forbidden_launcher (launcher)) 771 + return; 772 + 773 /* FIXME panel_ditem_launch() should be enough for this! */ 774 url = panel_key_file_get_string (launcher->key_file, "URL"); 775 776 @@ -136,6 +139,9 @@ launcher_launch (Launcher *launcher, 777 g_return_if_fail (launcher != NULL); 778 g_return_if_fail (launcher->key_file != NULL); 779 780 + if (panel_lockdown_is_forbidden_launcher (launcher)) 781 + return; 782 + 783 if (panel_global_config_get_enable_animations ()) 784 xstuff_zoom_animate (widget, 785 button_widget_get_pixbuf (BUTTON_WIDGET (widget)), 786 @@ -410,6 +416,19 @@ drag_data_get_cb (GtkWidget *widg 787 788 } 789 790 +static void 791 +panel_recheck_launcher (Launcher *launcher) 792 +{ 793 + if (!launcher || !launcher->button) 794 + return; 795 + 796 + if (panel_lockdown_is_forbidden_launcher (launcher)) { 797 + gtk_widget_hide (launcher->button); 798 + } else { 799 + gtk_widget_show (launcher->button); 800 + } 801 +} 802 + 803 static Launcher * 804 create_launcher (const char *location) 805 { 806 @@ -488,7 +507,11 @@ create_launcher (const char *location) 807 FALSE, 808 PANEL_ORIENTATION_TOP); 809 810 - gtk_widget_show (launcher->button); 811 + if (panel_lockdown_is_forbidden_launcher (launcher)) { 812 + gtk_widget_hide (launcher->button); 813 + } else { 814 + gtk_widget_show (launcher->button); 815 + } 816 817 /*gtk_drag_dest_set (GTK_WIDGET (launcher->button), 818 GTK_DEST_DEFAULT_ALL, 819 @@ -515,6 +538,8 @@ create_launcher (const char *location) 820 G_CALLBACK (destroy_launcher), 821 launcher); 822 823 + panel_lockdown_notify_add (G_CALLBACK (panel_recheck_launcher), launcher); 824 + 825 return launcher; 826 } 827 828 @@ -813,6 +838,12 @@ load_launcher_applet (const char * 829 /* setup button according to ditem */ 830 setup_button (launcher); 831 832 + if (panel_lockdown_is_forbidden_launcher (launcher)) { 833 + gtk_widget_hide (launcher->button); 834 + } else { 835 + gtk_widget_show (launcher->button); 836 + } 837 + 838 return launcher; 839 } 840 841 @@ -901,6 +932,10 @@ ask_about_launcher (const char *file, 842 if (file != NULL) 843 panel_key_file_set_string (key_file, "Exec", file); 844 panel_key_file_set_string (key_file, "Type", "Application"); 845 + 846 + if (panel_lockdown_is_forbidden_key_file (key_file)) 847 + return; /* Application being dragged is forbidden so just return */ 848 + 849 panel_ditem_editor_sync_display (PANEL_DITEM_EDITOR (dialog)); 850 851 panel_ditem_register_save_uri_func (PANEL_DITEM_EDITOR (dialog), 852 @@ -955,17 +990,19 @@ panel_launcher_create_from_info (PanelTo 853 } 854 855 location = panel_make_unique_desktop_uri (NULL, exec_or_uri); 856 - if (panel_key_file_to_file (key_file, location, &error)) { 857 - panel_launcher_create (toplevel, position, location); 858 - } else { 859 - panel_error_dialog (GTK_WINDOW (toplevel), 860 - gtk_window_get_screen (GTK_WINDOW (toplevel)), 861 - "cannot_save_launcher", TRUE, 862 - _("Could not save launcher"), 863 - error->message); 864 - g_error_free (error); 865 - } 866 867 + if (!panel_lockdown_is_forbidden_key_file (key_file)) { 868 + if (panel_key_file_to_file (key_file, location, &error)) { 869 + panel_launcher_create (toplevel, position, location); 870 + } else { 871 + panel_error_dialog (GTK_WINDOW (toplevel), 872 + gtk_window_get_screen (GTK_WINDOW (toplevel)), 873 + "cannot_save_launcher", TRUE, 874 + _("Could not save launcher"), 875 + error->message); 876 + g_error_free (error); 877 + } 878 + } 879 g_key_file_free (key_file); 880 } 881 882 --- gnome-panel-2.27.92/gnome-panel/menu.c.ori 2009-09-09 10:13:23.778451017 +0100 883 +++ gnome-panel-2.27.92/gnome-panel/menu.c 2009-09-09 10:21:41.371983238 +0100 884 @@ -74,7 +74,8 @@ 885 static GSList *image_menu_items = NULL; 886 887 static GtkWidget *populate_menu_from_directory (GtkWidget *menu, 888 - GMenuTreeDirectory *directory); 889 + GMenuTreeDirectory *directory, 890 + gboolean *is_hidden); 891 892 static void panel_load_menu_image_deferred (GtkWidget *image_menu_item, 893 GtkIconSize icon_size, 894 @@ -1272,7 +1273,8 @@ 895 } 896 897 static void 898 -submenu_to_display (GtkWidget *menu) 899 +submenu_to_display (GtkWidget *menu, 900 + gboolean *is_hidden) 901 { 902 GMenuTree *tree; 903 GMenuTreeDirectory *directory; 904 @@ -1307,7 +1309,15 @@ 905 } 906 907 if (directory) 908 - populate_menu_from_directory (menu, directory); 909 + { /* It's possible that is_hidden is NULL if we end up here from the show 910 + signal, which could only happen for the top level menu. */ 911 + gboolean local_is_hidden = FALSE; 912 + 913 + populate_menu_from_directory (menu, directory, &local_is_hidden); 914 + if (is_hidden != NULL) { 915 + *is_hidden = local_is_hidden; 916 + } 917 + } 918 919 append_callback = g_object_get_data (G_OBJECT (menu), 920 "panel-menu-append-callback"); 921 @@ -1321,10 +1331,11 @@ 922 submenu_to_display_in_idle (gpointer data) 923 { 924 GtkWidget *menu = GTK_WIDGET (data); 925 + gboolean is_hidden = FALSE; 926 927 g_object_set_data (G_OBJECT (menu), "panel-menu-idle-id", NULL); 928 929 - submenu_to_display (menu); 930 + submenu_to_display (menu, &is_hidden); 931 932 return FALSE; 933 } 934 @@ -1419,19 +1430,25 @@ 935 static void 936 create_submenu (GtkWidget *menu, 937 GMenuTreeDirectory *directory, 938 - GMenuTreeDirectory *alias_directory) 939 + GMenuTreeDirectory *alias_directory, 940 + gboolean *is_hidden) 941 { 942 GtkWidget *menuitem; 943 GtkWidget *submenu; 944 gboolean force_categories_icon; 945 946 + submenu = create_fake_menu (directory); 947 + if (panel_lockdown_get_restrict_application_launching ()) { 948 + submenu_to_display (submenu, is_hidden); 949 + } else { 950 + *is_hidden = FALSE; 951 + } 952 + 953 if (alias_directory) 954 menuitem = create_submenu_entry (menu, alias_directory); 955 else 956 menuitem = create_submenu_entry (menu, directory); 957 958 - submenu = create_fake_menu (directory); 959 - 960 gtk_menu_item_set_submenu (GTK_MENU_ITEM (menuitem), submenu); 961 962 /* Keep the infor that we force (or not) the icons to be visible */ 963 @@ -1440,15 +1457,21 @@ 964 g_object_set_data (G_OBJECT (submenu), 965 "panel-menu-force-icon-for-categories", 966 GINT_TO_POINTER (force_categories_icon)); 967 + 968 + if (*is_hidden) { 969 + gtk_widget_hide (menuitem); 970 + } 971 } 972 973 static void 974 create_header (GtkWidget *menu, 975 - GMenuTreeHeader *header) 976 + GMenuTreeHeader *header, 977 + gboolean *is_hidden) 978 { 979 GMenuTreeDirectory *directory; 980 GtkWidget *menuitem; 981 982 + *is_hidden = FALSE; 983 directory = gmenu_tree_header_get_directory (header); 984 menuitem = create_submenu_entry (menu, directory); 985 gmenu_tree_item_unref (directory); 986 @@ -1465,10 +1488,12 @@ 987 static void 988 create_menuitem (GtkWidget *menu, 989 GMenuTreeEntry *entry, 990 - GMenuTreeDirectory *alias_directory) 991 + GMenuTreeDirectory *alias_directory, 992 + gboolean *is_hidden) 993 { 994 GtkWidget *menuitem; 995 996 + *is_hidden = FALSE; 997 menuitem = panel_image_menu_item_new (); 998 999 g_object_set_data_full (G_OBJECT (menuitem), 1000 @@ -1545,12 +1570,18 @@ 1001 g_signal_connect (menuitem, "activate", 1002 G_CALLBACK (activate_app_def), entry); 1003 1004 - gtk_widget_show (menuitem); 1005 + if (entry != NULL && !panel_lockdown_is_allowed_menu_entry (entry)) { 1006 + gtk_widget_hide (menuitem); 1007 + *is_hidden = TRUE; 1008 + } else { 1009 + gtk_widget_show (menuitem); 1010 + } 1011 } 1012 1013 static void 1014 create_menuitem_from_alias (GtkWidget *menu, 1015 - GMenuTreeAlias *alias) 1016 + GMenuTreeAlias *alias, 1017 + gboolean *is_hidden) 1018 { 1019 GMenuTreeItem *aliased_item; 1020 1021 @@ -1560,13 +1591,15 @@ 1022 case GMENU_TREE_ITEM_DIRECTORY: 1023 create_submenu (menu, 1024 GMENU_TREE_DIRECTORY (aliased_item), 1025 - gmenu_tree_alias_get_directory (alias)); 1026 + gmenu_tree_alias_get_directory (alias), 1027 + is_hidden); 1028 break; 1029 1030 case GMENU_TREE_ITEM_ENTRY: 1031 create_menuitem (menu, 1032 GMENU_TREE_ENTRY (aliased_item), 1033 - gmenu_tree_alias_get_directory (alias)); 1034 + gmenu_tree_alias_get_directory (alias), 1035 + is_hidden); 1036 break; 1037 1038 default: 1039 @@ -1673,18 +1706,21 @@ 1040 1041 static GtkWidget * 1042 populate_menu_from_directory (GtkWidget *menu, 1043 - GMenuTreeDirectory *directory) 1044 + GMenuTreeDirectory *directory, 1045 + gboolean *is_hidden) 1046 { 1047 GSList *l; 1048 GSList *items; 1049 gboolean add_separator; 1050 1051 + *is_hidden = TRUE; 1052 add_separator = (GTK_MENU_SHELL (menu)->children != NULL); 1053 1054 items = gmenu_tree_directory_get_contents (directory); 1055 1056 for (l = items; l; l = l->next) { 1057 GMenuTreeItem *item = l->data; 1058 + gboolean is_item_hidden = TRUE; 1059 1060 if (add_separator || 1061 gmenu_tree_item_get_type (item) == GMENU_TREE_ITEM_SEPARATOR) { 1062 @@ -1694,11 +1730,13 @@ 1063 1064 switch (gmenu_tree_item_get_type (item)) { 1065 case GMENU_TREE_ITEM_DIRECTORY: 1066 - create_submenu (menu, GMENU_TREE_DIRECTORY (item), NULL); 1067 + create_submenu (menu, GMENU_TREE_DIRECTORY (item), NULL, 1068 + &is_item_hidden); 1069 break; 1070 1071 case GMENU_TREE_ITEM_ENTRY: 1072 - create_menuitem (menu, GMENU_TREE_ENTRY (item), NULL); 1073 + create_menuitem (menu, GMENU_TREE_ENTRY (item), NULL, 1074 + &is_item_hidden); 1075 break; 1076 1077 case GMENU_TREE_ITEM_SEPARATOR : 1078 @@ -1706,11 +1744,13 @@ 1079 break; 1080 1081 case GMENU_TREE_ITEM_ALIAS: 1082 - create_menuitem_from_alias (menu, GMENU_TREE_ALIAS (item)); 1083 + create_menuitem_from_alias (menu, GMENU_TREE_ALIAS (item), 1084 + &is_item_hidden); 1085 break; 1086 1087 case GMENU_TREE_ITEM_HEADER: 1088 - create_header (menu, GMENU_TREE_HEADER (item)); 1089 + create_header (menu, GMENU_TREE_HEADER (item), 1090 + &is_item_hidden); 1091 break; 1092 1093 default: 1094 @@ -1718,6 +1758,10 @@ 1095 } 1096 1097 gmenu_tree_item_unref (item); 1098 + 1099 + if (!is_item_hidden) { 1100 + *is_hidden = FALSE; 1101 + } 1102 } 1103 1104 g_slist_free (items); 1105
Indexes created Sat Nov 07 19:43:50 UTC 2009
Terms of Use |
Privacy |
Trademarks |
Copyright Policy |
Site Guidelines |
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
Copyright © 1995-2008 Sun Microsystems, Inc.