Add 'can_owner' flag to *Rule

This flag defines if the "Owner permissions on/off" button gets displayed in aa-logprof. False by default for all rule types (most of them don't support the owner conditional). Also false for non-owner FileRule. True only for FileRule if owner=True.
2025-08-30 22:05:27 +00:00 · 2017-12-17 16:31:05 +01:00
parent 6db30f8faf
commit 24eaea19e3
2 changed files with 4 additions and 0 deletions
--- a/utils/apparmor/rule/init.py
+++ b/utils/apparmor/rule/init.py
@@ -46,6 +46,9 @@ class BaseRule(object):
    # defines if the (N)ew option is displayed
    can_edit = False

+    # defines if the '(O)wner permissions on/off' option is displayed
+    can_owner = False
+
    def __init__(self, audit=False, deny=False, allow_keyword=False,
                 comment='', log_event=None):
        '''initialize variables needed by all rule types'''
--- a/utils/apparmor/rule/file.py
+++ b/utils/apparmor/rule/file.py
@@ -104,6 +104,7 @@ class FileRule(BaseRule):
        if type(owner) is not bool:
            raise AppArmorBug('non-boolean value passed to owner flag')
        self.owner = owner
+        self.can_owner = owner  # offer '(O)wner permissions on/off' buttons only if the rule has the owner flag

        if type(file_keyword) is not bool:
            raise AppArmorBug('non-boolean value passed to file keyword flag')