pub unsafe extern "C-unwind" fn AuthorizationCreate(
rights: *const AuthorizationRights,
environment: *const AuthorizationEnvironment,
flags: AuthorizationFlags,
authorization: *mut AuthorizationRef,
) -> i32Authorization only.Expand description
Create a new autorization object which can be used in other authorization calls. When the authorization is no longer needed AuthorizationFree should be called.
When the kAuthorizationFlagInteractionAllowed flag is set, user interaction will happen when required. Failing to set this flag will result in this call failing with a errAuthorizationInteractionNotAllowed status when interaction is required.
Setting the kAuthorizationFlagExtendRights flag will extend the currently available rights. If this flag is set the returned AuthorizationRef will grant all the rights requested when errAuthorizationSuccess is returned. If this flag is not set the operation will almost certainly succeed, but no attempt will be made to make the requested rights availible. Call AuthorizationCopyRights to figure out which of the requested rights are granted by the returned AuthorizationRef.
Setting the kAuthorizationFlagPartialRights flag will cause this call to succeed if only some of the requested rights are being granted by the returned AuthorizationRef. Unless this flag is set this API will fail if not all the requested rights could be obtained.
Setting the kAuthorizationFlagDestroyRights flag will prevent any rights obtained during this call from being preserved after returning from this API (This is most useful when the authorization parameter is NULL and the caller doesn’t want to affect the session state in any way).
Setting the kAuthorizationFlagPreAuthorize flag will pre authorize the requested rights so that at a later time – by calling AuthorizationMakeExternalForm() follow by AuthorizationCreateFromExternalForm() – the obtained rights can be used in a different process. Rights that can’t be preauthorized will be treated as if they were authorized for the sake of returning an error (in other words if all rights are either authorized or could not be preauthorized this call will still succeed). The rights which could not be preauthorized are not currently authorized and may fail to authorize when a later call to AuthorizationCopyRights() is made, unless the kAuthorizationFlagExtendRights and kAuthorizationFlagInteractionAllowed flags are set. Even then they might still fail if the user does not supply the correct credentials. The reason for passing in this flag is to provide correct audit trail information and to avoid unnecessary user interaction.
Parameter rights: (input/optional) An AuthorizationItemSet containing rights for which authorization is being requested. If none are specified the resulting AuthorizationRef will authorize nothing at all.
Parameter environment: (input/optional) An AuthorizationItemSet containing environment state used when making the autorization decision. See the AuthorizationEnvironment type for details.
Parameter flags: (input) options specified by the AuthorizationFlags enum. set all unused bits to zero to allow for future expansion.
Parameter authorization: (output optional) A pointer to an AuthorizationRef to be returned. When the returned AuthorizationRef is no longer needed AuthorizationFree should be called to prevent anyone from using the acquired rights. If NULL is specified no new rights are returned, but the system will attempt to authorize all the requested rights and return the appropriate status.
Returns: errAuthorizationSuccess 0 authorization or all requested rights succeeded.
errAuthorizationDenied -60005 The authorization for one or more of the requested rights was denied.
errAuthorizationCanceled -60006 The authorization was canceled by the user.
errAuthorizationInteractionNotAllowed -60007 The authorization was denied since no interaction with the user was allowed.
§Safety
rightsmust be a valid pointer or null.environmentmust be a valid pointer or null.authorizationmust be a valid pointer or null.