Source/AuthorizedTaskManager.h

   1 // sshfs.app
   2 // Copyright 2007, Google Inc.
   3 //
   4 // Redistribution and use in source and binary forms, with or without
   5 // modification, are permitted provided that the following conditions are met:
   6 //
   7 //  1. Redistributions of source code must retain the above copyright notice,
   8 //     this list of conditions and the following disclaimer.
   9 //  2. Redistributions in binary form must reproduce the above copyright notice,
  10 //     this list of conditions and the following disclaimer in the documentation
  11 //     and/or other materials provided with the distribution.
  12 //  3. The name of the author may not be used to endorse or promote products
  13 //     derived from this software without specific prior written permission.
  14 //
  15 // THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
  16 // WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
  17 // MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
  18 // EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  19 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
  20 // PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
  21 // OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
  22 // WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
  23 // OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
  24 // ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  25
  26 // AuthorizedTaskManager mirrors an NSFileManager method,
  27 // but uses NSTask or AuthorizationExecuteWithPrivileges to invoke
  28 // tools to do the job.  This allows us to be using the same tools
  29 // regardless of whether the operation is authenticated with admin privs or not.
  30 // The differences between the auth and the non-auth code path is thus
  31 // minimized.
  32 //
  33 // Note that despite the similar names to NSFileManager methods,
  34 // this method observes the semantics of its underlying tool (ditto)
  35 //
  36 // USAGE NOTE: when running the task with admin privileges, this waits on any
  37 // child process, since AEWP doesn't tell us the child's pid.  This could be
  38 // fooled by any other child process that quits in the window between launch and
  39 // completion of our actual tool.  The effect could be harmless, it could be a
  40 // lack of synchronicity, or it could be an incorrect result for the
  41 // move/copy/etc operation.  See method runTaskForPath:withArguments:
  42 //
  43 // BUILD NOTE: link to Security.framework
  44
  45 #import <Cocoa/Cocoa.h>
  46 #include <Security/Security.h>
  47
  48 // supports common file manager tasks that may require admin privileges
  49 @interface AuthorizedTaskManager : NSObject {
  50   AuthorizationRef commonAuthorizationRef_;
  51 }
  52
  53 + (AuthorizedTaskManager *)sharedAuthorizedTaskManager;
  54
  55 // authorize creates and copies admin rights, raising the admin name/password
  56 // dialog if necessary (usually not necessary if this object has been authorized
  57 // recently and not deauthorized)
  58 - (BOOL)authorize;
  59
  60 // deauthorize dumps any existing authorization. Calling authorize afterwards
  61 // will raise the admin password dialog
  62 - (void)deauthorize;
  63
  64 // isAuthorized determines if authorization has been done, though does
  65 // not indicate if a timeout will require the user to re-auth via
  66 // the dialog again, so don't base UI decisions on this
  67 - (BOOL)isAuthorized;
  68
  69
  70 // copyPath:toPath calls ditto -rsrcFork
  71 - (BOOL)copyPath:(NSString *)src toPath:(NSString *)dest;
  72 @end