permissions: add perms for plugin loading (#10184)

Adds permission management for loading plugins

---------

Co-authored-by: Jan Beich <jbeich@FreeBSD.org>

hyprpm/src/core/HyprlandSocket.cpp

@@ -0,0 +1,85 @@
+#include "HyprlandSocket.hpp"
+#include <pwd.h>
+#include <sys/socket.h>
+#include "../helpers/StringUtils.hpp"
+#include <print>
+#include <sys/un.h>
+#include <unistd.h>
+
+static int getUID() {
+    const auto UID   = getuid();
+    const auto PWUID = getpwuid(UID);
+    return PWUID ? PWUID->pw_uid : UID;
+}
+
+static std::string getRuntimeDir() {
+    const auto XDG = getenv("XDG_RUNTIME_DIR");
+
+    if (!XDG) {
+        const std::string USERID = std::to_string(getUID());
+        return "/run/user/" + USERID + "/hypr";
+    }
+
+    return std::string{XDG} + "/hypr";
+}
+
+std::string NHyprlandSocket::send(const std::string& cmd) {
+    const auto SERVERSOCKET = socket(AF_UNIX, SOCK_STREAM, 0);
+
+    if (SERVERSOCKET < 0) {
+        std::println("{}", failureString("Couldn't open a socket (1)"));
+        return "";
+    }
+
+    const auto HIS = getenv("HYPRLAND_INSTANCE_SIGNATURE");
+
+    if (!HIS) {
+        std::println("{}", failureString("HYPRLAND_INSTANCE_SIGNATURE was not set! (Is Hyprland running?) (3)"));
+        return "";
+    }
+
+    sockaddr_un serverAddress = {0};
+    serverAddress.sun_family  = AF_UNIX;
+
+    std::string socketPath = getRuntimeDir() + "/" + HIS + "/.socket.sock";
+
+    strncpy(serverAddress.sun_path, socketPath.c_str(), sizeof(serverAddress.sun_path) - 1);
+
+    if (connect(SERVERSOCKET, (sockaddr*)&serverAddress, SUN_LEN(&serverAddress)) < 0) {
+        std::println("{}", failureString("Couldn't connect to " + socketPath + ". (4)"));
+        return "";
+    }
+
+    auto sizeWritten = write(SERVERSOCKET, cmd.c_str(), cmd.length());
+
+    if (sizeWritten < 0) {
+        std::println("{}", failureString("Couldn't write (5)"));
+        return "";
+    }
+
+    std::string      reply               = "";
+    constexpr size_t BUFFER_SIZE         = 8192;
+    char             buffer[BUFFER_SIZE] = {0};
+
+    sizeWritten = read(SERVERSOCKET, buffer, BUFFER_SIZE);
+
+    if (sizeWritten < 0) {
+        std::println("{}", failureString("Couldn't read (6)"));
+        return "";
+    }
+
+    reply += std::string(buffer, sizeWritten);
+
+    while (sizeWritten == BUFFER_SIZE) {
+        sizeWritten = read(SERVERSOCKET, buffer, BUFFER_SIZE);
+        if (sizeWritten < 0) {
+            std::println("{}", failureString("Couldn't read (7)"));
+            return "";
+        }
+        reply += std::string(buffer, sizeWritten);
+    }
+
+    close(SERVERSOCKET);
+
+    return reply;
+}

hyprpm/src/core/HyprlandSocket.hpp

@@ -0,0 +1,7 @@
+#pragma once
+
+#include <string>
+
+namespace NHyprlandSocket {
+    std::string send(const std::string& cmd);
+};

hyprpm/src/core/PluginManager.cpp

@@ -4,6 +4,7 @@
 #include "../progress/CProgressBar.hpp"
 #include "Manifest.hpp"
 #include "DataState.hpp"
+#include "HyprlandSocket.hpp"
 
 #include <cstdio>
 #include <iostream>
@@ -66,7 +67,7 @@ SHyprlandVersion CPluginManager::getHyprlandVersion(bool running) {
     else
         onceInstalled = true;
 
-    const auto HLVERCALL = running ? execAndGet("hyprctl version") : execAndGet("Hyprland --version");
+    const auto HLVERCALL = running ? NHyprlandSocket::send("/version") : execAndGet("Hyprland --version");
     if (m_bVerbose)
         std::println("{}", verboseString("{} version returned: {}", running ? "running" : "installed", HLVERCALL));
 
@@ -797,9 +798,9 @@ ePluginLoadStateReturn CPluginManager::ensurePluginsLoadState(bool forceReload)
     }
     const auto HYPRPMPATH = DataState::getDataStatePath();
 
-    const auto json = glz::read_json<glz::json_t::array_t>(execAndGet("hyprctl plugins list -j"));
+    const auto json = glz::read_json<glz::json_t::array_t>(NHyprlandSocket::send("j/plugins list"));
     if (!json) {
-        std::println(stderr, "PluginManager: couldn't parse hyprctl output");
+        std::println(stderr, "PluginManager: couldn't parse plugin list output");
         return LOADSTATE_FAIL;
     }
 
@@ -888,9 +889,9 @@ bool CPluginManager::loadUnloadPlugin(const std::string& path, bool load) {
     }
 
     if (load)
-        execAndGet("hyprctl plugin load " + path);
+        NHyprlandSocket::send("/plugin load " + path);
     else
-        execAndGet("hyprctl plugin unload " + path);
+        NHyprlandSocket::send("/plugin unload " + path);
 
     return true;
 }
@@ -915,7 +916,7 @@ void CPluginManager::listAllPlugins() {
 }
 
 void CPluginManager::notify(const eNotifyIcons icon, uint32_t color, int durationMs, const std::string& message) {
-    execAndGet("hyprctl notify " + std::to_string((int)icon) + " " + std::to_string(durationMs) + " " + std::to_string(color) + " " + message);
+    NHyprlandSocket::send("/notify " + std::to_string((int)icon) + " " + std::to_string(durationMs) + " " + std::to_string(color) + " " + message);
 }
 
 std::string CPluginManager::headerError(const eHeadersErrors err) {