Many of the components were not compilingm,because bld.inf had undefined flag #ifdef RD_CUSTOMIZABLE_AI. All the flags removed now. Components do not compile right away. E.g. many icons are missing and need to be copied from Symbian3. See example from MCSPlugin. Shortcut plugin does not need to be compiled as MCSPlugin replaces it.
/*
* Copyright (c) 2007-2008 Nokia Corporation and/or its subsidiary(-ies).
* All rights reserved.
* This component and the accompanying materials are made available
* under the terms of the License "Eclipse Public License v1.0"
* which accompanies this distribution, and is available
* at the URL "http://www.eclipse.org/legal/epl-v10.html".
*
* Initial Contributors:
* Nokia Corporation - initial contribution.
*
* Contributors:
*
* Description: Client side proxy class representing script session
*
*/
#ifndef _CRTSECMGRSCRIPTSESSION_H_
#define _CRTSECMGRSCRIPTSESSION_H_
#include <rtsecmanager.rsg>
#include <rtsecmgrcommondef.h>
#include <rtsecmgrpermission.h>
#include <rtsecmgrscript.h>
#include <rtsecmgrtrustinfo.h>
class CCoeEnv;
class CRTSecMgrSubSessionProxy;
/**
* Type holding data to be used while prompting.
*
* The default or custom (runtime over-ridden) prompt handler requires the permission
* type to prompt and the user-selection to be returned to security
* manager for access permission check
*
* @lib rtsecmgrclient.lib
*/
class CPromptData : public CBase
{
public:
/**
* Two-phased constructor
*
* Constructs a CPromptData instance
*
* @return pointer to an instance of CPromptData
*/
static CPromptData* NewL()
{
CPromptData* self = CPromptData::NewLC ();
CleanupStack::Pop (self);
return self;
}
/**
* Two-phased constructor
*
* Constructs a CPromptData instance and leaves the created instance
* onto the cleanupstack.
*
* @return pointer to an instance of CPromptData
*/
static CPromptData* NewLC()
{
CPromptData* self = new (ELeave) CPromptData();
CleanupStack::PushL (self);
self->ConstructL ();
return self;
}
/**
* Destructor
*
*/
~CPromptData()
{
if(iPermission)
delete iPermission;
}
/*
*
*
*/
void ConstructL()
{
}
/**
* Returns permission data
*
* @return an object containing the permission data
*/
inline CPermission* Permission() const
{
return iPermission;
}
/**
* Sets the user-selection data
*
* @param aUserSelection TUserPromptOption user-selected data value
*/
inline void SetUserSelection(TUserPromptOption aUserSelection)
{
iUserSelection = aUserSelection;
}
/**
* Sets the permission value of the domain
*
* @param aPermission CPermission permission value of the domain
*/
inline void SetPermissions(CPermission& aPermission)
{
if(iPermission)
{
delete iPermission;
iPermission = NULL;
}
iPermission = CPermission::NewL(aPermission);
//iPermission = &aPermission;
}
private:
//private default constructor
CPromptData::CPromptData() :
iUserSelection(RTUserPrompt_UnDefined)
{
}
//private permission data
CPermission* iPermission;
//private user-selection
TUserPromptOption iUserSelection;
friend class CRTSecMgrScriptSession;
};
//typdef to model list of prompt data structure
typedef RPointerArray<CPromptData> RPromptDataList;
typedef RArray<TInt> RResourceArray;
/*
* Prompt callback handler class.
*
* Runtimes should implement the prompt handler function to prompt the user
* and to obtain the user option chosen. The prompt data are used by
* runtime security manager for further access permission check.
*
* If runtimes do not override prompt handling, security manager component
* would then provide default prompt handler functionality.
*
* @lib rtsecmgrclient.lib
*/
class MSecMgrPromptHandler
{
public:
/**
* Prompts the user.
*
* @param aPromptDataList RPromptDataList list of prompt data used by
* prompt callback handler to show to the user
*
* @return KErrNone if prompting successful; In case of failure, one of
* system wide error codes
*/
virtual TInt Prompt(RPromptDataList& aPromptDataList , TExecutableID aExecID = KAnonymousScript) =0;
/**
* Sets the user chosen prompt selection.
*
* @param aPromptUiOption TSecMgrPromptUIOption prompt selection
*/
virtual void SetPromptOption(TSecMgrPromptUIOption aPromptUiOption) =0;
/**
* Returns the prompt selection
*
* @return TSecMgrPromptUIOption the prompt selection
*/
virtual TSecMgrPromptUIOption PromptOption() const =0;
};
struct TPermanentInfo
{
TPermGrant iAllowedBits; //permanent allowed caps
TPermGrant iDeniedBits; //permanent denied caps
RProviderArray iAllowedProviders; //permanent allowed providers
RProviderArray iDeniedProviders; //permanent denied providers
};
struct TSessionInfo
{
TCapabilityBitSet AllowedCaps; //caps allowed for this session (caps allowed for this session & perm allowed)
TCapabilityBitSet DeniedCaps; //caps denied for this sesion (caps denied for this session & perm denied)
RProviderArray AllowedProviders;//providers allowed for this session
RProviderArray DeniedProviders;//providers denied for this session
};
/**
*
* Thin proxy to the client side sub-session handle.
*
* This class implements the default prompt handling functionality. In addition, the main
* functionality of native platform access check is performed by CRTSecMgrScriptSession.
*
* @lib rtsecmgrclient.lib
*
*/
NONSHARABLE_CLASS(CRTSecMgrScriptSession) : public CBase, MSecMgrPromptHandler
{
public:
/**
* Two-phased constructor
*
* Constructs a CRTSecMgrScriptSession instance
*
* Initializes client side script sub-session.
*
* @param MSecMgrPromptHandler pointer to a prompt handler callback
*
* @return pointer to an instance of CRTSecMgrScriptSession if succesful;
* Otherwise NULL
*/
static CRTSecMgrScriptSession* NewL(MSecMgrPromptHandler* aPromptHdlr=0);
/**
* Two-phased constructor
*
* Constructs a CRTSecMgrScriptSession instance and leaves the created instance
* on the cleanupstack
*
* Initializes client side script sub-session.
*
* @param MSecMgrPromptHandler pointer to a prompt handler callback
*
* @return pointer to an instance of CRTSecMgrScriptSession if succesful;
* Otherwise NULL
*/
static CRTSecMgrScriptSession* NewLC(MSecMgrPromptHandler* aPromptHdlr=0);
/**
* Callback funciton for moreinfo link in advanced prompt
*
* Calls the moreinfo function for indivudual capability or for a alias group
*
* @param aCallbackParam TAny* pointer to TCallbackParam
*
*/
static TInt LinkCallback(TAny *aCallbackParam);
/**
* Destructor
*
* Closes the sub-session
*
*/
IMPORT_C ~CRTSecMgrScriptSession();
/**
* Opens security manager script sub-session. This method in turn opens a
* sub-session on the server side, by bringing script related data onto the cache.
*
* @param aParentSession RSessionBase handle to parent security manager session
* @param aPolicyID TPolicyID policy identifier of the script associated with this script session
* @param aExecID TExecutableID identifier of the script associated with this script session
*
* @return KErrNone if successful; In case of failure, one of system wide error cods
*/
TInt Open(const RSessionBase& aParentSession,TPolicyID aPolicyID,TExecutableID aExecID);
/**
* Opens security manager script sub-session. This method in turn opens a
* sub-session on the server side, by bringing script related data onto the cache.
*
* @param aParentSession RSessionBase handle to parent security manager session
* @param aPolicyID TPolicyID policy identifier of the script associated with this script session
* @param aExecID TExecutableID identifier of the script associated with this script session
* @param aHashValue TDesC hash value of the scrpt passed while registering the script
*
* @return KErrNone if successful; In case of failure, one of system wide error cods
*/
TInt Open(const RSessionBase& aParentSession,TPolicyID aPolicyID,TExecutableID aExecID,const TDesC& aHashValue);
/**
* Opens security manager script sub-session. This method in turn opens a
* sub-session on the server side, by bringing script related data onto the cache.
*
* @param aParentSession RSessionBase handle to parent security manager session
* @param aPolicyID TPolicyID policy identifier of the script associated with this script session
* @param aExecID TExecutableID identifier of the script associated with this script session
* @param aTrustInfo CTrustInfo trust data structure
*
* @return KErrNone if successful; In case of failure, one of system wide error cods
*/
TInt Open(const RSessionBase& aParentSession,TPolicyID aPolicyID,TExecutableID aExecID,const CTrustInfo& aTrustInfo);
/**
* Performs access permission check
*
* This method evaluates access permission by comparing the expected capabilities
* to perform service invocation with the capabilities of the script. The
* capabilities of the script is computed as sum of :
*
* - default allowed capabilities as specified in security access policy
* - user-granted capabilities, allowed by user while prompting
*
* The capabilities allowed by the user could be of various durations, like
* session-based, blanket/permanent and the one valid for the current invocation only
* (one-shot)
*
* @param aCapabilitiesToCheck RCapabilityArray list of capabilities to be checked against
* script's capbilities
*
* @return EAccessOk if the access permission check is successful; Else, EAccessNOk
*/
IMPORT_C TInt IsAllowed(const RCapabilityArray& aCapabilitiesToCheck);
/**
* Performs access permission check
*
* This overloaded method evaluates access permission by comparing the expected capabilities
* to perform service invocation with the capabilities of the script. The
* capabilities of the script is computed as sum of :
*
* - default allowed capabilities as specified in security access policy
* - user-granted capabilities, allowed by user while prompting
*
* The capabilities allowed by the user could be of various durations, like
* session-based, blanket/permanent and the one valid for the current invocation only
* (one-shot)
*
* This overloaded version returns the list of capabilities that do not match after
* access permission check. This can be used by the client to display to the user the
* list of unmatched capabilities
*
* @param aCapabilitiesToCheck RCapabilityArray list of capabilities to be checked against
* script's capbilities
* @param aUnMatchedCapabilities RCapabilityArray list of unmatched capabilities
*
* @return EAccessOk if the access permission check is successful; Else, EAccessNOk
*/
IMPORT_C TInt IsAllowed(const RCapabilityArray& aCapabilitiesToCheck,RCapabilityArray& aUnMatchedCapabilities);
/**
* Performs access permission check
*
* This overloaded method evaluates access permission by comparing the expected capabilities
* to perform service invocation with the capabilities of the script. The
* capabilities of the script is computed as sum of :
*
* - default allowed capabilities as specified in security access policy
* - user-granted capabilities, allowed by user while prompting
*
* The capabilities allowed by the user could be of various durations, like
* session-based, blanket/permanent and the one valid for the current invocation only
* (one-shot)
*
* This overloaded version returns the list of capabilities that do not match after
* access permission check. This can be used by the client to display to the user the
* list of unmatched capabilities
*
* @param aCapabilitiesToCheck RCapabilityArray list of capabilities to be checked against
* script's capbilities
* @param aProviderUid TProviderUid The provider that is being loaded
* @param aResourceFilePath TFileName resource file containing the string to prompt.
*
* @return EAccessOk if the access permission check is successful; Else, EAccessNOk
*/
IMPORT_C TInt IsAllowed(const RCapabilityArray& aCapabilitiesToCheck, TProviderUid aProviderUid, TFileName aResourceFileName);
/**
* Definition of default prompt handler.
*
* @param aPromptDataList RPromptDataList list of prompt data used by
* prompt callback handler to show to the user
*
* @return KErrNone if prompting successful; In case of failure, one of
* system wide error codes
*
*/
TInt Prompt(RPromptDataList& aPromptDataList , TExecutableID aExecID = KAnonymousScript);
/**
* Definition of cost notification.
*
*/
void PromptCostL() ;
/**
* Gets the underlying script object
*
* This method is to be used by components, such as application manager,
* that are interested in displaying script related information to the user.
*
* Following are the script related information:
*
* - Capabilities allowed by default
* - User-grantable capabilities
* - Currently allowed or denied blanket permissions
*
* Note that this method should not be used by runtimes unless and until there is
* a strong design justification
*
* @return a reference to underlying script object
*/
inline CScript& CRTSecMgrScriptSession::Script()
{
return *iScript;
}
/**
* Returns prompt handler reference
*
* @return reference to prompt handler
*/
inline MSecMgrPromptHandler* PromptHandler() const
{
return iPromptHdlr;
}
/**
* Sets prompt UI option. The supported prompt options are :
*
* - Basic/Default
* - Advanced
*
* The difference between the basic and advanced prompt option
* reisdes in the fact the number of prompt options and the corresponding
* prompt texts displayed would be different.
*
* If not explictly, the default prompt UI option is set to basic/default prompt UI.
*
* @param aUIPromptOption TSecMgrPromptUIOption basic/advanced prompt UI option
*/
inline void SetPromptOption(TSecMgrPromptUIOption aUIPromptOption)
{
iUIPromptOption = aUIPromptOption;
}
/**
* Gets prompt UI option. The supported prompt options are :
*
* - Basic/Default
* - Advanced
*
* The difference between the basic and advanced prompt option
* reisdes in the fact the number of prompt options and the corresponding
* prompt texts displayed would be different.
*
* @return aUIPromptOption TSecMgrPromptUIOption basic/advanced prompt UI option
*/
inline TSecMgrPromptUIOption PromptOption() const
{
return iUIPromptOption;
}
/**
* Sets the application name to the value passed by the runtime.
* The name is displayed as part of the prompt for provider based prompting.
* If name is not set then the default name is used.
*
* @param aName TDesC& name of the application.
*/
IMPORT_C void SetApplicationNameL(const TDesC& aName);
private:
/*
* Default private constructor
*
*/
CRTSecMgrScriptSession(MSecMgrPromptHandler* aPromptHdlr=0);
/*
* Two phased constructor
*
*/
void ConstructL();
/*
* Contains prompt logic
*
*/
TInt Prompt(CPromptData* aPromptData);
/*
* Private default implementation for advanced prompt UI option
*
*/
TInt PromptAdvanced(CPromptData* aPromptData);
/*
* Logic for displaying more inormation when the user selects more info
*
*/
TInt MoreInfoL(CPromptData& aPromptData);
/*
* Logic identifying the user-selection of prompt
* duration
*
*/
void HandleGrantChosen(CPromptData* aPromptData,
TCapabilityBitSet aCapBitSet, TCapabilityBitSet& aAllowedCaps,
TBool& aIsPermGrantModified);
/*
* Private implementation to update blanket permission data
*
*/
void UpdatePermGrant();
/*
* Conversion utility to convert a single 32-bit value to the list of
* capabilities (RArray<TCapability>)
*
*/
void BuildCapsL(TCapabilityBitSet aCapBitSet, RCapabilityArray& aInOutTCapList);
/*
* Private implementation to evaluate access permission check
*
*/
TInt IsAllowed(const RCapabilityArray& aCapsToCheck,RPromptDataList& aPromptDataList,TCapabilityBitSet& aUnMatchedCapBits);
/*
* Private implementation to evaluate access permission check. This
* overloaded version additionally returns the unmatched capabilities
*
*/
TInt IsAllowed(const RCapabilityArray& aCapsToCheck,TCapabilityBitSet& aUnMatchedCapBits);
/*
* Conversion utility to generate an unsigned 32-bit value toggling the individual bits
* to the corresponding TCapability value
*
*/
void AddCapability(TCapabilityBitSet& aInOutCapBitSet, TCapability aCapToSet);
/*
* Attempts to close the script sub-session
*
*/
void Close();
/*
* Function to add the security manager resource file to the CONE environment
*/
void AddResourceFiles();
/*
* Function to add the provider's resource file from which the body of the prompt is populated.
*
* @param aResourceFileName TFileName The resource file to be added to the CONE environment
*/
TInt AddProviderResourceFile(TFileName aResourceFileName);
/*
* Close all the resource files added to the CONE environment
*/
void CloseResourceFiles();
private:
/*
* permissions allowed or denied for the current session
* The lifetime of this data structure is associated
* with this script session
*
*/
struct
{
TSessionInfo* sessionInfo; //Information about what is allowed for this session (caps/providers allowed for this session & perm allowed)
TCapabilityBitSet DeniedCaps; //Information about what is denied for this session (caps/providers denied for this session & perm denied)
}_sessionData;
/*
* anonymous enumerations for selection index
*
*/
enum
{
PROMPT_SELIDX_ZERO = 0,
PROMPT_SELIDX_ONE = PROMPT_SELIDX_ZERO + 1,
PROMPT_SELIDX_TWO = PROMPT_SELIDX_ZERO + 2,
PROMPT_SELIDX_THREE = PROMPT_SELIDX_ZERO + 3,
PROMPT_SELIDX_FOUR = PROMPT_SELIDX_ZERO + 4,
PROMPT_SELIDX_FIVE = PROMPT_SELIDX_ZERO + 5
};
/*
* private script reference
*
*/
CScript* iScript;
/*
* permanently allowed capability bits
*
*/
TPermanentInfo* _permanentInfo; //perm allowed information, persistently stored for this script
/*
* Generic data about the script session
*
*/
HBufC* iSessionData;
/*
* reference to prompt handler instance
*
*/
MSecMgrPromptHandler* iPromptHdlr;
/*
* sub-session proxy pointer
*
*/
CRTSecMgrSubSessionProxy* iSubSessionProxy;
/*
* pointer to Coe environment
*/
CCoeEnv* iCoeEnv;
/*
* security manager resource file offset value
*
*/
RResourceArray iResourceOffsetArray;
/*
* Prompt UI option
*
*/
TSecMgrPromptUIOption iUIPromptOption;
/*
* Custom prompt flag
*
*/
TBool isCustomPrompt;
};
#endif //_CRTSECMGRSCRIPTSESSION_H_