Function are explained below:

CheckAccessRightsL() -------------------- CheckAccessRightsL() function is called by CPolicyServer when hspsThemeServer receives user request. Access rights are hard-coded here for S60 5.0, however, in later versions support for dynamic configuration of access rights must atken care. This would be appropriate to solve together TARM-policy implementation.

CheckQueryValidityL() ------------------- CheckQueryValidityL() function is called by hsps Theme Server's service handlers (ChspsInstallionHandler, ChspsMaintenanceHandler, and ChspsClientRequestHandler) for adjusting user request to match the access rights level that user actually have. This function is to be called immediately when actual ODT is known. In the istallation cases, ODT is known after manifest-file parsing. In the maintenanace cases, ODT is known immediately on query. In the theme usage cases, ODT is known when it application theme has retrieved from UI Definition Repository. For instance, if user is requesting the theme listing (message hspsGetListHeaders) with application UID set to 0 in query meaning that the query concerns all themes in storage. However, if user is not S60 Personalisation Application, the query must be restricted to the themes which belongs to the this particular client only. This solution follows the recilient server approach; when function is called, the user access rights are already checked by CheckUserAccessRightsL() function. In this sense, offering recilient service by adjusting user access insteads of denying it is reasonable resolution.