MhspsSecurityService. Part of HSPS Application Theme Management Service APIs.

Function are explained below:

CheckAccessRightsL() -------------------- CheckAccessRights function is used to limit client accesses to hsps Theme Server to the predefined ones. There will be a hardcoded access list with extension mechanism. CheckQueryValidityL() function is used to limit theme request to the set allowed for this particular user. For example, S60 Personalisation Application is allowed to operate with all themes in theme storage, however, AppShell is limited to operate with it own themes only. CheckAccessRightsL() function is called by CPolicyServer when hspsThemeServer receives user request. Access rights are hard-coded here for S60 3.1, however, in later versions, support for dynamic configuration of access rights must atken care. This would be appropriate to solve together TARM-policy implementation.

CheckQueryValidityL() ------------------- CheckQueryValidityL() function is called by hsps Theme Server's service handlers (ChspsInstallionHandler, ChspsMaintenanceHandler, and ChspsClientRequestHandler) for adjusting user request to match the access rights level that user actually will have. This function is to be called immediately when actual ODT is known. In the istallation cases, ODT is known after manifest-file parsing. In the maintenanace cases, ODT is known immediately on query. In the theme usage cases, ODT is known when it application theme has retrieved from UI Definition Repository. For instance, if user is requesting the theme listing (message hspsGetListHeaders) with application UID set to 0 in query meaning that the query concerns all themes in storage. However, if user is not S60 Personalisation Application, the query must not be allowed.