From: Ken VanDine Date: Wed, 14 Aug 2024 11:41:52 -0400 Subject: Allow blocking any installed desktop file Don't filter only flatpak installed applications, allows filtering out Debian and Snap apps instead of only Flatpak apps. This only hides the apps from the Activities Overview but does not prevent starting the apps in other ways. Bug: https://gitlab.freedesktop.org/pwithnall/malcontent/-/issues/58 Forwarded: no --- libmalcontent-ui/restrict-applications-selector.c | 68 ++++++++++++++++------- libmalcontent/app-filter.c | 21 ++++++- 2 files changed, 67 insertions(+), 22 deletions(-) diff --git a/libmalcontent-ui/restrict-applications-selector.c b/libmalcontent-ui/restrict-applications-selector.c index 83121b6..06f458a 100644 --- a/libmalcontent-ui/restrict-applications-selector.c +++ b/libmalcontent-ui/restrict-applications-selector.c @@ -557,17 +557,13 @@ reload_apps (MctRestrictApplicationsSelector *self) const gchar * const *supported_types; app_name = g_app_info_get_name (app); + g_autofree gchar *executable = NULL; supported_types = g_app_info_get_supported_types (app); if (!G_IS_DESKTOP_APP_INFO (app) || !g_app_info_should_show (app) || app_name[0] == '\0' || - /* FIXME: Only list flatpak apps and apps with X-Parental-Controls - * key set for now; we really need a system-wide MAC to be able to - * reliably support blocklisting system programs. */ - (!g_desktop_app_info_has_key (G_DESKTOP_APP_INFO (app), "X-Flatpak") && - !g_desktop_app_info_has_key (G_DESKTOP_APP_INFO (app), "X-Parental-Controls")) || /* Web browsers are special cased */ (supported_types && g_strv_contains (supported_types, WEB_BROWSERS_CONTENT_TYPE))) { @@ -595,7 +591,6 @@ reload_apps (MctRestrictApplicationsSelector *self) else if (g_desktop_app_info_has_key (G_DESKTOP_APP_INFO (app), "X-Parental-Controls")) { g_autofree gchar *parental_controls_type = NULL; - g_autofree gchar *executable = NULL; parental_controls_type = g_desktop_app_info_get_string (G_DESKTOP_APP_INFO (app), "X-Parental-Controls"); @@ -609,14 +604,30 @@ reload_apps (MctRestrictApplicationsSelector *self) executable, parental_controls_type); - /* Have we seen this executable before? */ - if (!g_hash_table_add (seen_executables, g_steal_pointer (&executable))) - { - g_debug (" → Skipping ‘%s’ due to seeing its executable already", - g_app_info_get_id (app)); - continue; - } } + else if (g_desktop_app_info_has_key (G_DESKTOP_APP_INFO (app), "X-SnapInstanceName")) + { + executable = g_strdup (g_app_info_get_commandline (app)); + g_debug ("Processing app ‘%s’ (Exec=%s)", + g_app_info_get_id (app), + executable); + } + else + { + executable = g_strdup (g_app_info_get_executable (app)); + g_debug ("Processing app ‘%s’ (Exec=%s)", + g_app_info_get_id (app), + executable); + } + + /* Have we seen this executable before? */ + if (executable != NULL && + !g_hash_table_add (seen_executables, g_steal_pointer (&executable))) + { + g_debug (" → Skipping ‘%s’ due to seeing its executable already", + g_app_info_get_id (app)); + continue; + } g_list_store_insert_sorted (self->apps, app, @@ -725,6 +736,7 @@ mct_restrict_applications_selector_build_app_filter (MctRestrictApplicationsSele while (g_hash_table_iter_next (&iter, (gpointer) &app, NULL)) { g_autofree gchar *flatpak_id = NULL; + g_autofree gchar *snap_id = NULL; flatpak_id = g_desktop_app_info_get_string (app, "X-Flatpak"); if (flatpak_id) @@ -745,15 +757,31 @@ mct_restrict_applications_selector_build_app_filter (MctRestrictApplicationsSele } else { - const gchar *executable = g_app_info_get_executable (G_APP_INFO (app)); - g_autofree gchar *path = (executable != NULL) ? g_find_program_in_path (executable) : NULL; - - if (!path) + g_autofree gchar *path = NULL; + if (g_desktop_app_info_has_key (G_DESKTOP_APP_INFO (app), "X-SnapInstanceName")) { - g_warning ("Skipping blocklisting executable ‘%s’ due to it not being found", executable); - continue; + const gchar *commandline = g_app_info_get_commandline (G_APP_INFO (app)); + g_auto(GStrv) commandline_list = g_strsplit (commandline, " ", -1); + for (size_t i = 0; commandline_list[i]; i++) + { + if (g_str_has_prefix (commandline_list[i], "/snap/bin/")) + { + path = g_strdup (commandline_list[i]); + break; + } + } } - + else + { + const gchar *executable = g_app_info_get_executable (G_APP_INFO (app)); + path = (executable != NULL) ? g_find_program_in_path (executable) : NULL; + if (!path) + { + g_warning ("Skipping blocklisting executable ‘%s’ due to it not being found", executable); + continue; + } + } + g_debug ("\t\t → Blocklisting path: %s", path); mct_app_filter_builder_blocklist_path (builder, path); } diff --git a/libmalcontent/app-filter.c b/libmalcontent/app-filter.c index 130d1b4..2de2b52 100644 --- a/libmalcontent/app-filter.c +++ b/libmalcontent/app-filter.c @@ -411,8 +411,25 @@ mct_app_filter_is_appinfo_allowed (MctAppFilter *filter, g_return_val_if_fail (filter->ref_count >= 1, FALSE); g_return_val_if_fail (G_IS_APP_INFO (app_info), FALSE); - exec = g_app_info_get_executable (app_info); - abs_path = (exec != NULL) ? g_find_program_in_path (exec) : NULL; + if (g_desktop_app_info_has_key (G_DESKTOP_APP_INFO (app_info), "X-SnapInstanceName")) + { + const gchar *commandline = g_app_info_get_commandline (G_APP_INFO (app_info)); + g_auto(GStrv) commandline_list = g_strsplit (commandline, " ", -1); + + for (size_t i = 0; commandline_list[i]; i++) + { + if (g_str_has_prefix (commandline_list[i], "/snap/bin/")) + { + abs_path = g_strdup (commandline_list[i]); + break; + } + } + } + else + { + exec = g_app_info_get_executable (app_info); + abs_path = (exec != NULL) ? g_find_program_in_path (exec) : NULL; + } if (abs_path != NULL && filter_fold_should_short_circuit (filter,