fix(auth): add polkit support

Replace UnixProcessSubject(PID) with SystemBusNameSubject for
Polkit authorization, and add centralized checkAuthorization()
to all service methods for consistent access control.

将Polkit鉴权方式从进程PID切换为DBus总线名，并在所有服务
方法中添加统一的鉴权检查，实现一致的访问控制。

Log: 将DBus鉴权方式从PID切换为总线名并统一鉴权入口
PMS: BUG-364093
Influence: 所有通过DBus调用的服务方法现在均需通过Polkit鉴权，提升系统安全性。

Author: wangrong1069

application/main.cpp

@@ -1,4 +1,4 @@
-// SPDX-FileCopyrightText: 2022 UnionTech Software Technology Co., Ltd.
+// SPDX-FileCopyrightText: 2022 - 2026 UnionTech Software Technology Co., Ltd.
 //
 // SPDX-License-Identifier: GPL-3.0-only
 
@@ -128,7 +128,10 @@ int main(int argc, char *argv[])
             proc.startDetached("/usr/bin/dbus-send --system --type=method_call --dest=com.deepin.diskmanager /com/deepin/diskmanager com.deepin.diskmanager.Quit");
         }
 
-        proc.startDetached("/usr/bin/deepin-diskmanager-authenticateProxy");
+        QStringList argList;
+        argList << QDBusConnection::systemBus().baseService();
+        qDebug() << "Starting deepin-diskmanager-authenticateProxy with args:" << argList;
+        proc.startDetached("deepin-diskmanager-authenticateProxy", argList);
 
         //正常启动程序后,循环查询后台服务是否已经启动,如果后台服务启动说明鉴权成功,启动前端界面
         while (1) {

service/PolicyKitHelper.cpp

@@ -1,4 +1,4 @@
-// SPDX-FileCopyrightText: 2022 UnionTech Software Technology Co., Ltd.
+// SPDX-FileCopyrightText: 2022 - 2026 UnionTech Software Technology Co., Ltd.
 //
 // SPDX-License-Identifier: GPL-3.0-only
 
@@ -8,17 +8,18 @@
 
 #include "PolicyKitHelper.h"
 #include <QDebug>
-bool PolicyKitHelper::checkAuthorization(const QString& actionId, qint64 applicationPid)
+
+bool PolicyKitHelper::checkAuthorization(const QString& actionId, const QString& appBusName)
 {
+    if (appBusName.isEmpty())
+        return false;
+
     Authority::Result result;
-    // 第一个参数是需要验证的action，和规则文件写的保持一致
-    result = Authority::instance()->checkAuthorizationSync(actionId, UnixProcessSubject(applicationPid),
+    result = Authority::instance()->checkAuthorizationSync(actionId, SystemBusNameSubject(appBusName),
                                                            Authority::AllowUserInteraction);
     if (result == Authority::Yes) {
-//        qDebug() << 111111111;
         return true;
     }else {
-//        qDebug() << 22222222;
         return false;
     }
 }

service/PolicyKitHelper.h

@@ -1,4 +1,4 @@
-// SPDX-FileCopyrightText: 2022 UnionTech Software Technology Co., Ltd.
+// SPDX-FileCopyrightText: 2022 - 2026 UnionTech Software Technology Co., Ltd.
 //
 // SPDX-License-Identifier: GPL-3.0-only
 
@@ -14,7 +14,7 @@ class PolicyKitHelper
         return &instance;
     }
 
-    bool checkAuthorization(const QString& actionId, qint64 applicationPid);
+    bool checkAuthorization(const QString& actionId, const QString& appBusName);
 
 private:
     PolicyKitHelper();