qubespolicy: plug GUI code into qrexec-policy tool

Fixes QubesOS/qubes-issues#910

qubespolicy/cli.py

@@ -67,10 +67,25 @@ def main(args=None):
         policy = qubespolicy.Policy(args.service_name)
         action = policy.evaluate(system_info, args.domain, args.target)
         if action.action == qubespolicy.Action.ask:
-            #(... ask the user, see action.targets_for_ask ...)
-            # TODO: this is placeholder
-            #action.handle_user_response(response, target_chosen_by_user)
-            action.handle_user_response(False)
+            # late import to save on time for allow/deny actions
+            import qubespolicy.rpcconfirmation as rpcconfirmation
+            entries_info = system_info['domains'].copy()
+            for dispvm_base in system_info['domains']:
+                if not system_info['domains'][dispvm_base]['dispvm_allowed']:
+                    continue
+                dispvm_api_name = '$dispvm:' + dispvm_base
+                entries_info[dispvm_api_name] = \
+                    system_info['domains'][dispvm_base].copy()
+                entries_info[dispvm_api_name]['icon'] = \
+                    entries_info[dispvm_api_name]['icon'].replace('app', 'disp')
+
+            response = rpcconfirmation.confirm_rpc(
+                entries_info, args.domain, args.service_name,
+                action.targets_for_ask, action.target)
+            if response:
+                action.handle_user_response(True, response)
+            else:
+                action.handle_user_response(False)
         log.info(log_prefix + 'allowed')
         action.execute(caller_ident)
     except qubespolicy.PolicySyntaxError as e: