import dbus
import tuned.logs

log = tuned.logs.get()

class polkit():
	def __init__(self):
		self._bus = dbus.SystemBus()
		self._proxy = self._bus.get_object('org.freedesktop.PolicyKit1', '/org/freedesktop/PolicyKit1/Authority', follow_name_owner_changes = True)
		self._authority = dbus.Interface(self._proxy, dbus_interface='org.freedesktop.PolicyKit1.Authority')

	def check_authorization(self, sender, action_id):
		"""Check authorization, return codes:
			1  - authorized
			2  - polkit error, but authorized with fallback method
			0  - unauthorized
			-1 - polkit error and unauthorized by the fallback method
			-2 - polkit error and unable to use the fallback method
		"""

		if sender is None or action_id is None:
			return False
		details = {}
		flags = 1            # AllowUserInteraction flag
		cancellation_id = "" # No cancellation id
		subject = ("system-bus-name", {"name" : sender})
		try:
			ret = self._authority.CheckAuthorization(subject, action_id, details, flags, cancellation_id)[0]
		except (dbus.exceptions.DBusException, ValueError) as e:
			log.error("error querying polkit: %s" % e)
			# No polkit or polkit error, fallback to always allow root
			try:
				uid = self._bus.get_unix_user(sender)
			except dbus.exceptions.DBusException as e:
				log.error("error using falback authorization method: %s" % e)
				return -2
			if uid == 0:
				return 2
			else:
				return -1
		return 1 if ret else 0