refactor(accounts1): remove guest user functionality

Remove guest user feature to address security vulnerability identified in
security report. The CreateGuestUser() function had a race condition
when creating home directories in /tmp, which could allow other users
to pre-create directories under their control. Since guest user functionality
is no longer needed, it has been completely removed.

Pms: BUG-349985
Signed-off-by: ComixHe <heyuming@deepin.org>

Author: ComixHe

accounts1/accounts_dbusutil.go

@@ -1,4 +1,4 @@
-// SPDX-FileCopyrightText: 2018 - 2022 UnionTech Software Technology Co., Ltd.
+// SPDX-FileCopyrightText: 2018 - 2026 UnionTech Software Technology Co., Ltd.
 //
 // SPDX-License-Identifier: GPL-3.0-or-later
 
@@ -38,7 +38,6 @@ const (
 
 	actConfigFile       = actConfigDir + "/accounts.ini"
 	actConfigGroupGroup = "Accounts"
-	actConfigKeyGuest   = "AllowGuest"
 
 	interfacesFile = "/usr/share/dde-daemon/accounts/dbus-udcp.json"
 )
@@ -80,9 +79,6 @@ type Manager struct {
 	UserList   []string
 	UserListMu sync.RWMutex
 
-	// dbusutil-gen: ignore
-	GuestIcon  string
-	AllowGuest bool
 	// dbusutil-gen: equal=isStrvEqual
 	GroupList []string
 
@@ -138,9 +134,6 @@ func NewManager(service *dbusutil.Service) *Manager {
 	m.usersMap = make(map[string]*User)
 	m.userAddedChanMap = make(map[string]chan string)
 
-	m.GuestIcon = getRandomIcon()
-	m.AllowGuest = isGuestUserEnabled()
-
 	m.initUsers(getUserPaths())
 	m.initUdcpUsers()
 	m.initAccountDSettings()
@@ -539,21 +532,6 @@ func getUserPaths() []string {
 	return paths
 }
 
-func isGuestUserEnabled() bool {
-	v, exist := dutils.ReadKeyFromKeyFile(actConfigFile,
-		actConfigGroupGroup, actConfigKeyGuest, true)
-	if !exist {
-		return false
-	}
-
-	ret, ok := v.(bool)
-	if !ok {
-		return false
-	}
-
-	return ret
-}
-
 func (m *Manager) checkAuth(sender dbus.Sender) error {
 	return checkAuth(polkitActionUserAdministration, string(sender))
 }

accounts1/exported_methods_auto.go

@@ -1,4 +1,4 @@
-// SPDX-FileCopyrightText: 2018 - 2022 UnionTech Software Technology Co., Ltd.
+// SPDX-FileCopyrightText: 2018 - 2026 UnionTech Software Technology Co., Ltd.
 //
 // SPDX-License-Identifier: GPL-3.0-or-later
 
@@ -21,7 +21,6 @@ import (
 	login1 "github.com/linuxdeepin/go-dbus-factory/system/org.freedesktop.login1"
 	"github.com/linuxdeepin/go-lib/dbusutil"
 	"github.com/linuxdeepin/go-lib/users/passwd"
-	dutils "github.com/linuxdeepin/go-lib/utils"
 )
 
 const (
@@ -340,49 +339,6 @@ func (m *Manager) IsPasswordValid(password string) (valid bool, msg string, code
 	return errCode.IsOk(), errCode.Prompt(), int32(errCode), nil
 }
 
-func (m *Manager) AllowGuestAccount(sender dbus.Sender, allow bool) *dbus.Error {
-	err := m.checkAuth(sender)
-	if err != nil {
-		return dbusutil.ToError(err)
-	}
-
-	m.PropsMu.Lock()
-	defer m.PropsMu.Unlock()
-
-	if m.AllowGuest == allow {
-		return nil
-	}
-
-	success := dutils.WriteKeyToKeyFile(actConfigFile,
-		actConfigGroupGroup, actConfigKeyGuest, allow)
-	if !success {
-		return dbusutil.ToError(errors.New("enable guest user failed"))
-	}
-
-	m.AllowGuest = allow
-	_ = m.emitPropChangedAllowGuest(allow)
-	return nil
-}
-
-func (m *Manager) CreateGuestAccount(sender dbus.Sender) (user string, busErr *dbus.Error) {
-	err := m.checkAuth(sender)
-	if err != nil {
-		return "", dbusutil.ToError(err)
-	}
-
-	name, err := users.CreateGuestUser()
-	if err != nil {
-		return "", dbusutil.ToError(err)
-	}
-
-	info, err := users.GetUserInfoByName(name)
-	if err != nil {
-		return "", dbusutil.ToError(err)
-	}
-
-	return userDBusPathPrefix + info.Uid, nil
-}
-
 func (m *Manager) GetGroups() (groups []string, busErr *dbus.Error) {
 	groups, err := users.GetAllGroups()
 	return groups, dbusutil.ToError(err)