1 /** @file

     2  * Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies). 

     3  * All rights reserved.

     4  * This component and the accompanying materials are made available

     5  * under the terms of "Eclipse Public License v1.0"

     6  * which accompanies  this distribution, and is available 

     7  * at the URL "http://www.eclipse.org/legal/epl-v10.html".

     8  *

     9  * Initial Contributors:

    10  * Nokia Corporation - initial contribution.

    11  *

    12  * Contributors:

    13  *

    14  *  Description : Access control interface

    15  *

    16  */

    17 

    18 #ifndef UPNPSECACCESSCONTROLLER_H

    19 #define UPNPSECACCESSCONTROLLER_H

    20 

    21 // INCLUDES

    22 #include <e32base.h>

    23 

    24 // FORWARD DECLARATIONS

    25 class RUpnpSecurityManagerClientSession;

    26 class TInetAddr;

    27 

    28 // ENUMS

    29 enum TAccessType

    30     {

    31     ENoneAllowed,

    32     EAddressAllowed,

    33     EFileAllowed,

    34     EFileAndAddressAllowed

    35     };

    36 

    37 /**

    38  *  Access controller class

    39  *

    40  *  @lib upnpsecurity.lib

    41  *  @since S60 3.0

    42  */

    43 class CUpnpSecAccessController : public CBase

    44     {

    45 

    46 public:

    47     // Constructors and destructor.

    48 

    49     /**

    50      * Two-phased constructor.

    51      */

    52     IMPORT_C static CUpnpSecAccessController* NewL();

    53 

    54     /**

    55      * Destructor.

    56      */

    57     IMPORT_C virtual ~CUpnpSecAccessController();

    58 

    59 public:

    60     // S60 UpnpMediaServer security manager activation methods.

    61 

    62     /**

    63      * Enables the security plugin in Media Server.

    64      *

    65      * @since S60 3.1

    66      */

    67     IMPORT_C static void EnableMediaServerSecurityL();

    68 

    69     /**

    70      * Disables the security plugin in Media Server.

    71      *

    72      * @since S60 3.1

    73      */

    74     IMPORT_C static void DisableMediaServerSecurityL();

    75 

    76     /**

    77      * Returns the status of the Media Server security plugin.

    78      *

    79      * @since S60 3.1

    80      * @return TBool indicating the current status of the MS security

    81      */

    82     IMPORT_C static TBool IsMediaServerSecurityEnabledL();

    83 

    84 public:

    85     // Business logic methods for handling the whitelists.

    86 

    87     /**

    88      * Adds allowed file, so that no authorization is requested when

    89      * client gets this file.

    90      * @since S60 3.0

    91      * @param aFileName reference to allowed file

    92      * @return TInt indicating the status of operation

    93      */

    94     IMPORT_C TInt AddAllowedFile( const TDesC& aFileName );

    95 

    96     /**

    97      * Removes file from white list.

    98      * @since S60 3.0

    99      * @param aFileName reference to file to be removed

   100      * @return TInt indicating the status of operation

   101      */

   102     IMPORT_C TInt RemoveAllowedFile( const TDesC& aFileName );

   103 

   104     /**

   105      * Adds allowed IP address, so that no authorization is requested 

   106      * when client with that IP address makes connection request.

   107      * @since S60 3.0

   108      * @param aIpAddress reference to allowed IP address

   109      * @return TInt indicating the status of operation

   110      */

   111     IMPORT_C TInt AddAllowedAddress( const TInetAddr& aIpAddress );

   112 

   113     /**

   114      * Removes allowed IP address.

   115      * @since S60 3.0

   116      * @param aIpAddress reference to IP address to be removed

   117      * @return TInt indicating the status of operation

   118      */

   119     IMPORT_C TInt RemoveAllowedAddress( const TInetAddr& aIpAddress );

   120 

   121     /**

   122      * Removes all allowed files from white list.

   123      * @since S60 3.0

   124      * @return TInt indicating the status of operation

   125      */

   126     IMPORT_C TInt ResetFileList();

   127 

   128     /**

   129      * Removes all allowed IP Addresses from white list.

   130      * @since S60 3.0

   131      * @return TInt indicating the status of operation

   132      */

   133     IMPORT_C TInt ResetAddressList();

   134 

   135 public:

   136     // Business logic methods.

   137 

   138     /**

   139      * Checks if the given IP-address/action/file is authorized. Null

   140      * parameters (filename and/or action name) are allowed.

   141      *

   142      * Leaves with standard e32err error code in case of an error, or

   143      * with KErrAccessDenied if access is not authorized.

   144      *

   145      * @since S60 3.1

   146      * @param aIpAddress (const TInetAddr&) IP address

   147      * @param aFileName (const TDesC&) filename

   148      * @param aActionName (const TDesC8&) action name

   149      */

   150     IMPORT_C void CheckAuthorizationL( const TInetAddr& aIpAddress,

   151             const TDesC& aFileName,

   152             const TDesC8& aActionName );

   153 

   154     /**

   155      * Query user to authorize connection from an IP-address.

   156      *

   157      * Leaves with standard e32err error code in case of an error, or

   158      * with KErrAccessDenied if access is not authorized. 

   159      *

   160      * @since S60 3.1

   161      * @param aIpAddress (const TInetAddr&) reference to IP Address

   162      */

   163     IMPORT_C void QueryAuthorizationL( const TInetAddr& aIpAddress );

   164 

   165 private:

   166     // Business logic methods.

   167 

   168     /**

   169      * Set securitymanagersetting to given value

   170      * 

   171      * @param aSettingToSet value to set

   172      */

   173     static void SetSecurityManagerSettingL( const TDesC8& aSettingToSet );    

   174     

   175     /**

   176      * Checks if the requested file is automatically allowed.

   177      *

   178      * @since S60 3.1

   179      * @param aFileName (const TDesC&) the file that request concerns

   180      * @return TBool access request status

   181      */

   182     TBool IsAllowedFile( const TDesC& aFileName );

   183 

   184     /**

   185      * Checks if the requested action is automatically allowed.

   186      *

   187      * @since S60 3.1

   188      * @param aActionName (const TDesC8&) action name that request concerns

   189      * @return TBool access request status

   190      */

   191     TBool IsAllowedAction( const TDesC8& aActionName );

   192 

   193 private:

   194     // Constructors

   195 

   196     /**

   197      * Second-phase constructor.

   198      */

   199     void ConstructL();

   200 

   201     /**

   202      * C++ default constructor.

   203      */

   204     CUpnpSecAccessController();

   205 

   206 private:

   207     // Member variables

   208     RUpnpSecurityManagerClientSession* iSecurityManagerClientSession;

   209     };

   210 

   211 #endif // UPNPSECACCESSCONTROLLER_H

   212 // End of File