From 294a5231b9a4b67220a38cacd0998e3a40ebd47b Mon Sep 17 00:00:00 2001
From: Marco Pesenti Gritti <mpg@redhat.com>
Date: Mon, 27 Aug 2007 16:25:45 +0000
Subject: 2647, if security is enabled let rainbow launch activities.

Also notify rainbow when active activity changes.
Patch by Ashsong, had to merge it manually.
---
diff --git a/bin/sugar.in b/bin/sugar.in
index 4e6fc8b..5026ad0 100644
--- a/bin/sugar.in
+++ b/bin/sugar.in
@@ -3,4 +3,8 @@
 export SUGAR_PREFIX=@prefix@
 export SUGAR_PATH=@prefix@/share/sugar
 export GTK2_RC_FILES=@prefix@/share/sugar/data/sugar-xo.gtkrc
-dbus-launch --exit-with-session sugar-shell
+if [ -f /etc/olpc-security ] ; then
+  dbus-launch --exit-with-session --config-file=/etc/dbus-1/session-olpc.conf sugar-shell
+else
+  dbus-launch --exit-with-session sugar-shell
+fi
diff --git a/shell/shellservice.py b/shell/shellservice.py
index d577a44..fdb2663 100644
--- a/shell/shellservice.py
+++ b/shell/shellservice.py
@@ -16,6 +16,7 @@
 
 """D-bus service providing access to the shell's functionality"""
 import dbus
+import os
 
 _DBUS_SERVICE = "org.laptop.Shell"
 _DBUS_SHELL_IFACE = "org.laptop.Shell"
@@ -40,6 +41,9 @@ class ShellService(dbus.service.Object):
     XXX At the moment the d-bus service methods do not appear to do
     anything other than add_bundle
     """
+
+    _rainbow = None
+
     def __init__(self, shell):
         self._shell = shell
         self._shell_model = shell.get_model()
@@ -98,9 +102,20 @@ class ShellService(dbus.service.Object):
     def _owner_icon_changed_cb(self, new_icon):
         self.IconChanged(dbus.ByteArray(new_icon))
 
+    def _get_rainbow_service(self):
+        """Lazily initializes an interface to the Rainbow security daemon."""
+        if self._rainbow is None:
+            service = iface = 'org.laptop.security.Rainbow'
+            system_bus = dbus.SystemBus()
+            object = system_bus.get_object(service, '/')
+            self._rainbow = dbus.Interface(object, dbus_interface=iface,
+                                                   follow_name_owner_change=True)
+        return self._rainbow
+
     @dbus.service.signal(_DBUS_OWNER_IFACE, signature="s")
     def CurrentActivityChanged(self, activity_id):
-        pass
+        if os.path.exists('/etc/olpc-security'):
+            self._get_rainbow_service().ChangeActivity(activity_id, dbus_interface=iface)
 
     def _cur_activity_changed_cb(self, owner, new_activity):
         new_id = ""
diff --git a/sugar/activity/activityfactory.py b/sugar/activity/activityfactory.py
index 404e5f4..d7d6d92 100644
--- a/sugar/activity/activityfactory.py
+++ b/sugar/activity/activityfactory.py
@@ -26,12 +26,18 @@ from sugar.presence import presenceservice
 from sugar.activity.activityhandle import ActivityHandle
 from sugar import util
 
+import os
+
 _SHELL_SERVICE = "org.laptop.Shell"
 _SHELL_PATH = "/org/laptop/Shell"
 _SHELL_IFACE = "org.laptop.Shell"
 
 _ACTIVITY_FACTORY_INTERFACE = "org.laptop.ActivityFactory"
 
+_RAINBOW_SERVICE_NAME = "org.laptop.security.Rainbow"
+_RAINBOW_ACTIVITY_FACTORY_PATH = "/"
+_RAINBOW_ACTIVITY_FACTORY_INTERFACE = "org.laptop.security.Rainbow"
+
 def create_activity_id():
     """Generate a new, unique ID for this activity"""
     pservice = presenceservice.get_instance()
@@ -84,6 +90,9 @@ class ActivityCreationHandler(gobject.GObject):
         particular type of activity is created during the activity
         registration process in shell bundle registry which creates 
         service definition files for each registered bundle type.
+
+        If the file '/etc/olpc-security' exists, then activity launching
+        will be delegated to the prototype 'Rainbow' security service.
         """
         gobject.GObject.__init__(self)
         self._service_name = service_name
@@ -112,10 +121,22 @@ class ActivityCreationHandler(gobject.GObject):
                     reply_handler=self._no_reply_handler,
                     error_handler=self._notify_launch_error_handler)
 
-        self._factory.create(self._activity_handle.get_dict(),
-                             timeout=120 * 1000,
-                             reply_handler=self._no_reply_handler,
-                             error_handler=self._create_error_handler)
+        if not os.path.exists('/etc/olpc-security'):
+            self._factory.create(self._activity_handle.get_dict(),
+                                 timeout=120 * 1000,
+                                 reply_handler=self._no_reply_handler,
+                                 error_handler=self._create_error_handler)
+        else:
+            system_bus = dbus.SystemBus()
+            factory = system_bus.get_object(_RAINBOW_SERVICE_NAME,
+                                            _RAINBOW_ACTIVITY_FACTORY_PATH)
+            factory.CreateActivity(
+                    self._service_name,
+                    self._activity_handle.get_dict(),
+                    timeout=120 * 1000,
+                    reply_handler=self._create_reply_handler,
+                    error_handler=self._create_error_handler,
+                    dbus_interface=_RAINBOW_ACTIVITY_FACTORY_INTERFACE)
 
     def get_activity_id(self):
         """Retrieve the unique identity for this activity"""
--
cgit v0.9.1