• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: How do you use AuthorizationRuleIsAdmin?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How do you use AuthorizationRuleIsAdmin?

  • Subject: Re: How do you use AuthorizationRuleIsAdmin?
  • From: BK <email@hidden>
  • Date: Thu, 28 Jul 2005 00:01:23 +0900

On Jul 27, 2005, at 22:12, Nick Zitzmann wrote:

On Jul 27, 2005, at 12:51 AM, BK wrote:

How do I initialise an authorisation reference that I can pass to AuthorizationExecuteWithPrivileges (to tell the daemon to restart) such that it only executes if the user has authenticated himself as an admin user?

Call AuthorizationCopyRights() to pre-authorize the user.

Thanks, but that is precisely where I am stuck for I have no clue how to handle &rights.

As I said, the granularity of the whole rights thing is many times overkill if all you want to do is restart a daemon -- Ideally, what I would like to do is something like this ...

status = AuthorizationCopyRights (self->authRef, kAuthorizationRuleIsAdmin, NULL, NULL, &rights);

if (status == errAuthorizationSuccess)
	self->authRights = rights;
else
	self->authRights = NULL; // or whatever else represents "no rights"

then, when calling a method "restart", that method will call AuthorizationExecuteWithPrivileges passing self->authRef and the path to the daemon along with a "restart" parameter.There is also another method "restartForcefully" which will call AuthorizationExecuteWithPrivileges twice, again with the same self->authRef, once to kill the daemon and once to start it anew. All this should be allowed if the user has authenticated as an admin *once before*, regardless of what the authentication was meant for. Only criteria is whether or not the user is an admin -- anything else is of no interest.

However, kAuthorizationRuleIsAdmin is a constant of type integer and the parameter AuthorizationRights has to be a pointer. So, the question is how can I make this work along the intend shown in the above incorrect code and follwing paragraph?


You can also call AEWP() without pre-authorizing, but the authorization period won't last beyond the call to AEWP()

I wouldn't want to do that because it may mean that the user will be asked three times to authenticate if the restart doesn't work and "restartForcefully" is required to start it again.

Sorry for being such a nuisance, but I am still learning and this whole Authorization thing is a real pain to get one's head around.

thanks again
regards
bk



___________________________________________________________ How much free photo storage do you get? Store your holiday snaps for FREE with Yahoo! Photos http://uk.photos.yahoo.com
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >How do you use AuthorizationRuleIsAdmin? (From: BK <email@hidden>)
 >Re: How do you use AuthorizationRuleIsAdmin? (From: Nick Zitzmann <email@hidden>)

  • Prev by Date: Image transition
  • Next by Date: Re: Window Closing Behavior
  • Previous by thread: Re: How do you use AuthorizationRuleIsAdmin?
  • Next by thread: Window Closing Behavior
  • Index(es):
    • Date
    • Thread