Malcontent.AppFilter¶

Fields¶

None

Methods¶

class	`deserialize` (variant, user_id)
class	`error_quark` ()
	`equal` (b)
	`get_oars_sections` ()
	`get_oars_value` (oars_section)
	`get_user_id` ()
	`is_appinfo_allowed` (app_info)
	`is_content_type_allowed` (content_type)
	`is_enabled` ()
	`is_flatpak_app_allowed` (app_id)
	`is_flatpak_ref_allowed` (app_ref)
	`is_path_allowed` (path)
	`is_system_installation_allowed` ()
	`is_user_installation_allowed` ()
	`ref` ()
	`serialize` ()
	`unref` ()

Details¶

class Malcontent.AppFilter¶

Malcontent.AppFilter is an opaque, immutable structure which contains a snapshot of the app filtering settings for a user at a given time. This includes a list of apps which are explicitly banned or allowed to be run by that user.

Typically, app filter settings can only be changed by the administrator, and are read-only for non-administrative users. The precise policy is set using polkit.

New in version 0.2.0.

classmethod deserialize(variant, user_id)¶

Parameters:

variant (GLib.Variant) – a serialized app filter variant
user_id (int) – the ID of the user the app filter relates to

Raises:

GLib.Error

Returns:

deserialized app filter

Return type:

Malcontent.AppFilter

Deserialize an app filter previously serialized with Malcontent.AppFilter.serialize(). This function guarantees to be able to deserialize any serialized form from this version or older versions of libmalcontent.

If deserialization fails, Malcontent.ManagerError.INVALID_DATA will be returned.

New in version 0.7.0.

classmethod error_quark()¶

Return type:: int

equal(b)¶

Parameters:: b (Malcontent.AppFilter) – an Malcontent.AppFilter
Returns:: True if self and b are equal, False otherwise
Return type:: bool

Check whether app filters self and b are equal.

New in version 0.10.0.

get_oars_sections()¶

Returns:: None-terminated array of OARS sections
Return type:: [str]

List the OARS sections present in this app filter. The sections are returned in lexicographic order. A section will be listed even if its stored value is Malcontent.AppFilterOarsValue.UNKNOWN. The returned list may be empty.

New in version 0.2.0.

get_oars_value(oars_section)¶

Parameters:: oars_section (str) – name of the OARS section to get the value from
Returns:: an Malcontent.AppFilterOarsValue
Return type:: Malcontent.AppFilterOarsValue

Get the value assigned to the given oars_section in the OARS filter stored within self. If that section has no value explicitly defined, Malcontent.AppFilterOarsValue.UNKNOWN is returned.

This value is the most intense value allowed for apps to have in this section, inclusive. Any app with a more intense value for this section must be hidden from the user whose self this is.

This does not factor in Malcontent.AppFilter.is_system_installation_allowed().

New in version 0.2.0.

get_user_id()¶

Returns:: user ID of the relevant user, or (uid_t) -1 if unknown
Return type:: int

Get the user ID of the user this Malcontent.AppFilter is for.

New in version 0.2.0.

is_appinfo_allowed(app_info)¶

Parameters:: app_info (Gio.AppInfo) – application information
Returns:: True if the user this self corresponds to is allowed to run the app represented by app_info according to the self policy; False otherwise
Return type:: bool

Check whether the app with the given app_info is allowed to be run according to this app filter. This matches on multiple keys potentially present in the Gio.AppInfo, including the path of the executable.

If the appfilter is a blocklist, the app_info is blocked if any of its keys are blocked. If the appfilter is an allowlist, the app_info is allowed if any of its keys are allowed.

New in version 0.2.0.

is_content_type_allowed(content_type)¶

Parameters:: content_type (str) – content type to check
Returns:: True if the user this self corresponds to is allowed to run programs handling content_type according to the self policy; False otherwise
Return type:: bool

Check whether apps handling the given content_type are allowed to be run according to this app filter.

Note that this method doesn’t match content subtypes. For example, if application/xml is added to the blocklist but application/xspf+xml is not, a check for whether application/xspf+xml is blocklisted would return false.

New in version 0.4.0.

is_enabled()¶

Returns:: True if the app filter contains at least one non-default value, False if it’s entirely default
Return type:: bool

Check whether the app filter is enabled and is going to impose at least one restriction on the user. This gives a high level view of whether app filter parental controls are ‘enabled’ for the given user.

New in version 0.7.0.

is_flatpak_app_allowed(app_id)¶

Parameters:: app_id (str) – flatpak ID for the app, for example org.gnome.Builder
Returns:: True if the user this self corresponds to is allowed to run the flatpak called app_id according to the self policy; False otherwise
Return type:: bool

Check whether the flatpak app with the given app_id is allowed to be run according to this app filter. This is a globbing match, matching app_id against potentially multiple entries in the blocklist, as the blocklist contains flatpak refs (for example, app/org.gnome.Builder/x86_64/master) which contain architecture and branch information. App IDs (for example, org.gnome.Builder) do not contain architecture or branch information.

New in version 0.2.0.

is_flatpak_ref_allowed(app_ref)¶

Parameters:: app_ref (str) – flatpak ref for the app, for example app/org.gnome.Builder/x86_64/master
Returns:: True if the user this self corresponds to is allowed to run the flatpak called app_ref according to the self policy; False otherwise
Return type:: bool

Check whether the flatpak app with the given app_ref is allowed to be run according to this app filter.

New in version 0.2.0.

is_path_allowed(path)¶

Parameters:: path (str) – absolute path of a program to check
Returns:: True if the user this self corresponds to is allowed to run the program at path according to the self policy; False otherwise
Return type:: bool

Check whether the program at path is allowed to be run according to this app filter. path will be canonicalised without doing any I/O.

New in version 0.2.0.

is_system_installation_allowed()¶

Returns:: True if app installation is allowed to the system repository for this user; False if it is unconditionally disallowed for this user
Return type:: bool

Get whether the user is allowed to install to the flatpak system repository. This should be queried in addition to the OARS values (Malcontent.AppFilter.get_oars_value()) — if it returns False, the OARS values should be ignored and app installation should be unconditionally disallowed.

New in version 0.2.0.

is_user_installation_allowed()¶

Returns:: True if app installation is allowed to the user repository for this user; False if it is unconditionally disallowed for this user
Return type:: bool

Get whether the user is allowed to install to their flatpak user repository. This should be queried in addition to the OARS values (Malcontent.AppFilter.get_oars_value()) — if it returns False, the OARS values should be ignored and app installation should be unconditionally disallowed.

New in version 0.2.0.

ref()¶

Returns:: the same pointer as self
Return type:: Malcontent.AppFilter

Increment the reference count of self, and return the same pointer to it.

New in version 0.2.0.

serialize()¶

Returns:: a new, floating GLib.Variant containing the app filter
Return type:: GLib.Variant

Build a GLib.Variant which contains the app filter from self, in an opaque variant format. This format may change in future, but Malcontent.AppFilter.deserialize() is guaranteed to always be able to load any variant produced by the current or any previous version of Malcontent.AppFilter.serialize().

New in version 0.7.0.

unref()¶: Decrement the reference count of self. If the reference count reaches zero, free the self and all its resources.

New in version 0.2.0.