FCL/sf/mw/ipconnmgmt: comparison cmmanager/cmmgr/cmmserver/src/cmmsession.cpp

equal deleted inserted replaced

-:7ec726f93df1
+:489cf6208544
 case ECmmGetSupportedBearers:
 {
 GetSupportedBearersL( aMessage );
 }
 break;
+case ECmmGetUncategorizedIcon:
+{
+GetUncategorizedIconL( aMessage );
+}
+break;
 case ECmmReadDefaultConnection:
 {
 ReadDefaultConnectionL( aMessage );
 }
 break;
 case EDestMetadata:
 case EDestGetProtectionLevel:
 case EDestIsConnected:
 case EDestIsHidden:
 case EDestIsEqual:
+case EDestGetIcon:
 case EDestAddConnMethod:
 case EDestAddEmbeddedDestination:
 case EDestDeleteConnMethod:
 case EDestRemoveConnMethod:
 case EDestModifyPriority:
 case EDestSetMetadata:
 case EDestSetProtection:
 case EDestSetHidden:
 case EDestUpdate:
 case EDestDelete:
+case EDestSetIcon:
 {
 ServiceDestinationL( aMessage );
 }
 break;
 return;
 }
 CleanupStack::PushL( result );
 TInt bufferLen = aMessage.GetDesMaxLength( 2 );
-if ( result && result->Length() > bufferLen )
+if ( result->Length() > bufferLen )
 {
 User::Leave( KErrArgument );
 }
 TPtrC resultPtr = result->Des();
 return;
 }
 CleanupStack::PushL( result );
 TInt bufferLen = aMessage.GetDesMaxLength( 2 );
-if ( result && result->Length() > bufferLen )
+if ( result->Length() > bufferLen )
 {
 User::Leave( KErrArgument );
 }
 TPtrC8 resultPtr = result->Des();
 return;
 }
 CleanupStack::PushL( result );
 TInt bufferLen = aMessage.GetDesMaxLength( 2 );
-if ( result && result->Length() > bufferLen )
+if ( result->Length() > bufferLen )
 {
 User::Leave( KErrArgument );
 }
 TPtrC resultPtr = result->Des();
 return;
 }
 CleanupStack::PushL( result );
 TInt bufferLen = aMessage.GetDesMaxLength( 2 );
-if ( result && result->Length() > bufferLen )
+if ( result->Length() > bufferLen )
 {
 User::Leave( KErrArgument );
 }
 TPtrC8 resultPtr = result->Des();
 CleanupStack::PopAndDestroy( bearerBuf );
 CleanupStack::PopAndDestroy( &bearerArray );
 OstTraceFunctionExit0( DUP1_CCMMSESSION_GETSUPPORTEDBEARERSL_EXIT );
+}
+// -----------------------------------------------------------------------------
+// CCmmSession::GetUncategorizedIconL
+// -----------------------------------------------------------------------------
+//
+void CCmmSession::GetUncategorizedIconL( const RMessage2& aMessage )
+{
+OstTraceFunctionEntry0( CCMMSESSION_GETUNCATEGORIZEDICONL_ENTRY );
+HBufC* result = KNullDesC().AllocLC(); //TODO, Is there an uncategorized icon?
+TInt bufferLen = aMessage.GetDesMaxLength( 0 );
+if ( result->Length() > bufferLen )
+{
+User::Leave( KErrArgument );
+}
+TPtrC resultPtr = result->Des();
+aMessage.WriteL( 0, resultPtr );
+CleanupStack::PopAndDestroy( result );
+OstTraceFunctionExit0( CCMMSESSION_GETUNCATEGORIZEDICONL_EXIT );
 }
 // -----------------------------------------------------------------------------
 // CCmmSession::ReadDefaultConnectionL
 // -----------------------------------------------------------------------------
 if ( connMethod->IsEmbeddedDestination() )
 {
 User::Leave( KErrArgument );
 }
-//TODO, capability check, what to do if anything is protected.
+// Check the protection level of the destination.
+// And based on that check the needed capabilities from the client.
+CMManager::TProtectionLevel protLevel( CMManager::EProtLevel0 );
+destination->GetProtectionL( protLevel );
+CPolicyServer::TCustomResult capabilities( CPolicyServer::EPass );
+if ( protLevel == CMManager::EProtLevel1 )
+{
+capabilities = iServer.CapabilityCheckWithProtection( aMessage );
+}
+if ( capabilities == CPolicyServer::EFail )
+{
+User::Leave( KErrPermissionDenied );
+}
 // Add connection method into destination.
 TInt index = destination->AddConnMethodL( *connMethod );
 // Update destination into database.
 if ( iCache.CheckIfCmConnected( connMethodId ) )
 {
 User::Leave( KErrInUse );
 }
-//TODO, capability checks, what to do if anything is protected.
+// Check the protection level of the source and target destination.
+// And based on those check the needed capabilities from the client.
+TBool protectionExists( EFalse );
+CMManager::TProtectionLevel protLevelSource( CMManager::EProtLevel0 );
+sourceDestination->GetProtectionL( protLevelSource );
+if ( protLevelSource == CMManager::EProtLevel1
+|| protLevelSource == CMManager::EProtLevel3 )
+{
+protectionExists = ETrue;
+}
+// If source destination is not protected check the target destination.
+if ( !protectionExists )
+{
+CMManager::TProtectionLevel protLevelTarget( CMManager::EProtLevel0 );
+targetDestination->GetProtectionL( protLevelTarget );
+if ( protLevelTarget == CMManager::EProtLevel1 )
+{
+protectionExists = ETrue;
+}
+}
+CPolicyServer::TCustomResult capabilities( CPolicyServer::EPass );
+if ( protectionExists )
+{
+capabilities = iServer.CapabilityCheckWithProtection( aMessage );
+}
+if ( capabilities == CPolicyServer::EFail )
+{
+User::Leave( KErrPermissionDenied );
+}
 // Add connection method into target destination and update it.
 attributesPckg().iIndex = targetDestination->AddConnMethodL( *connMethod );
 targetDestination->UpdateL();
 CCmmDestinationInstance* destinationInstance =
 ( CCmmDestinationInstance* )iDestinationObjects->AtL( aMessage.Int0() );
 CCmmConnMethodInstance* connMethodInstance =
 ( CCmmConnMethodInstance* )iConnMethodObjects->AtL( aMessage.Int1() );
-//TODO, capability checks
+// Check the protection level of the destination.
+// And based on that check the needed capabilities from the client.
+CMManager::TProtectionLevel protLevel( CMManager::EProtLevel0 );
+destinationInstance->GetProtectionL( protLevel );
+CPolicyServer::TCustomResult capabilities( CPolicyServer::EPass );
+if ( protLevel == CMManager::EProtLevel1 || protLevel == CMManager::EProtLevel3 )
+{
+capabilities = iServer.CapabilityCheckWithProtection( aMessage );
+}
+if ( capabilities == CPolicyServer::EFail )
+{
+User::Leave( KErrPermissionDenied );
+}
 destinationInstance->RemoveConnMethodFromDestinationL( *connMethodInstance );
 destinationInstance->UpdateL();
 OstTraceFunctionExit0( CCMMSESSION_REMOVECONNMETHODL_EXIT );
 OstTraceFunctionEntry0( CCMMSESSION_REMOVEALLREFERENCESL_ENTRY );
 CCmmConnMethodInstance* connMethodInstance =
 ( CCmmConnMethodInstance* )iConnMethodObjects->AtL( aMessage.Int0() );
+TBool capabilityCheckNeeded( EFalse );
+iCache.CheckIfConnMethodBelongsToProtectedDestinationL(
+*connMethodInstance,
+capabilityCheckNeeded );
+if ( capabilityCheckNeeded )
+{
+CPolicyServer::TCustomResult capabilities( CPolicyServer::EPass );
+capabilities = iServer.CapabilityCheckWithProtection( aMessage );
+if ( capabilities == CPolicyServer::EFail )
+{
+User::Leave( KErrPermissionDenied );
+}
+}
 iCache.CheckIfConnMethodReferencesCanBeRemovedL( *connMethodInstance );
 iCache.RemoveAllReferencesToConnMethodL( *connMethodInstance );
 OstTraceFunctionExit0( CCMMSESSION_REMOVEALLREFERENCESL_EXIT );
 }
 case EDestIsEqual:
 {
 DestinationIsEqualL( aMessage );
 }
 break;
+case EDestGetIcon:
+{
+GetDestinationIconL( aMessage );
+}
+break;
 case EDestAddConnMethod:
 {
 DestAddConnMethodL( aMessage );
 }
 break;
 }
 break;
 case EDestDelete:
 {
 DeleteDestinationL( aMessage );
+}
+break;
+case EDestSetIcon:
+{
+SetDestinationIconL( aMessage );
 }
 break;
 default:
 {
 User::Leave( KErrNotSupported );
 OstTraceFunctionExit0( CCMMSESSION_GETDESTINATIONNAMEL_EXIT );
 }
 // -----------------------------------------------------------------------------
+// CCmmSession::GetDestinationIconL
+// -----------------------------------------------------------------------------
+//
+void CCmmSession::GetDestinationIconL( const RMessage2& aMessage )
+{
+OstTraceFunctionEntry0( CCMMSESSION_GETDESTINATIONICONL_ENTRY );
+CCmmDestinationInstance* destinationInstance =
+( CCmmDestinationInstance* )iDestinationObjects->AtL( aMessage.Int3() );
+HBufC* icon = destinationInstance->GetDestinationIconL();
+CleanupStack::PushL( icon );
+TPtrC iconPtr( icon->Des() );
+TInt bufferLen = aMessage.GetDesMaxLength( 0 );
+if ( iconPtr.Length() > bufferLen )
+{
+User::Leave( KErrArgument );
+}
+aMessage.WriteL( 0, iconPtr );
+CleanupStack::PopAndDestroy( icon );
+OstTraceFunctionExit0( CCMMSESSION_GETDESTINATIONICONL_EXIT );
+}
+// -----------------------------------------------------------------------------
 // CCmmSession::GetDestinationIdL
 // -----------------------------------------------------------------------------
 //
 void CCmmSession::GetDestinationIdL( const RMessage2& aMessage )
 {
 {
 OstTraceFunctionEntry0( CCMMSESSION_DESTADDCONNMETHODL_ENTRY );
 CCmmDestinationInstance* destination =
 ( CCmmDestinationInstance* )iDestinationObjects->AtL( aMessage.Int3() );
+// Check the protection and if protected check the needed capabilities.
+CMManager::TProtectionLevel protLevel =
+destination->CurrentProtectionLevel();
+if ( protLevel == CMManager::EProtLevel1 )
+{
+CPolicyServer::TCustomResult capabilities( CPolicyServer::EPass );
+capabilities = iServer.CapabilityCheckWithProtection( aMessage );
+if ( capabilities == CPolicyServer::EFail )
+{
+User::Leave( KErrPermissionDenied );
+}
+}
 CCmmConnMethodInstance* connMethod =
 ( CCmmConnMethodInstance* )iConnMethodObjects->AtL( aMessage.Int0() );
 if ( connMethod->IsEmbeddedDestination() )
 {
 //
 void CCmmSession::DestAddEmbeddedDestinationL( const RMessage2& aMessage )
 {
 OstTraceFunctionEntry0( CCMMSESSION_DESTADDEMBEDDEDDESTINATIONL_ENTRY );
-CCmmDestinationInstance* destination =
+CCmmDestinationInstance* destinationInstance =
 ( CCmmDestinationInstance* )iDestinationObjects->AtL( aMessage.Int3() );
+// Check the protection and if protected check the needed capabilities.
+CMManager::TProtectionLevel protLevel =
+destinationInstance->CurrentProtectionLevel();
+if ( protLevel == CMManager::EProtLevel1 )
+{
+CPolicyServer::TCustomResult capabilities( CPolicyServer::EPass );
+capabilities = iServer.CapabilityCheckWithProtection( aMessage );
+if ( capabilities == CPolicyServer::EFail )
+{
+User::Leave( KErrPermissionDenied );
+}
+}
 CCmmDestinationInstance* embeddedDestination =
 ( CCmmDestinationInstance* )iDestinationObjects->AtL( aMessage.Int0() );
-TInt index = destination->AddEmbeddedDestinationL( *embeddedDestination );
+TInt index = destinationInstance->AddEmbeddedDestinationL( *embeddedDestination );
 TPckg<TInt> indexPckg( index );
 aMessage.WriteL( 1, indexPckg );
 OstTraceFunctionExit0( CCMMSESSION_DESTADDEMBEDDEDDESTINATIONL_EXIT );
 }
 CCmmDestinationInstance* destinationInstance =
 ( CCmmDestinationInstance* )iDestinationObjects->AtL( aMessage.Int3() );
 CCmmConnMethodInstance* connMethodInstance =
 ( CCmmConnMethodInstance* )iConnMethodObjects->AtL( aMessage.Int0() );
-//TODO, capability checks
+// Check the protection of destination and if protected check the needed
+// capabilities.
+CMManager::TProtectionLevel protLevel =
+destinationInstance->CurrentProtectionLevel();
+if ( protLevel == CMManager::EProtLevel1 ||
+protLevel == CMManager::EProtLevel3 )
+{
+CPolicyServer::TCustomResult capabilities( CPolicyServer::EPass );
+capabilities = iServer.CapabilityCheckWithProtection( aMessage );
+if ( capabilities == CPolicyServer::EFail )
+{
+User::Leave( KErrPermissionDenied );
+}
+}
+// Check the protection of CM and if protected check the needed
+// capabilities.
+CheckCapabilitiesForProtectedCML( aMessage, connMethodInstance );
 destinationInstance->DeleteConnMethodFromDestinationL( *connMethodInstance );
 OstTraceFunctionExit0( CCMMSESSION_DESTDELETECONNMETHODL_EXIT );
 }
 CCmmDestinationInstance* destinationInstance =
 ( CCmmDestinationInstance* )iDestinationObjects->AtL( aMessage.Int3() );
 CCmmConnMethodInstance* connMethodInstance =
 ( CCmmConnMethodInstance* )iConnMethodObjects->AtL( aMessage.Int0() );
-//TODO, capability checks
+// Check the protection of destination and if protected check the needed
+// capabilities.
+CMManager::TProtectionLevel protLevel =
+destinationInstance->CurrentProtectionLevel();
+if ( protLevel == CMManager::EProtLevel1 ||
+protLevel == CMManager::EProtLevel3 )
+{
+CPolicyServer::TCustomResult capabilities( CPolicyServer::EPass );
+capabilities = iServer.CapabilityCheckWithProtection( aMessage );
+if ( capabilities == CPolicyServer::EFail )
+{
+User::Leave( KErrPermissionDenied );
+}
+}
 destinationInstance->RemoveConnMethodFromDestinationL( *connMethodInstance );
 OstTraceFunctionExit0( CCMMSESSION_DESTREMOVECONNMETHODL_EXIT );
 }
 {
 OstTraceFunctionEntry0( CCMMSESSION_MODIFYCONNMETHODPRIORITYL_ENTRY );
 CCmmDestinationInstance* destinationInstance =
 ( CCmmDestinationInstance* )iDestinationObjects->AtL( aMessage.Int3() );
+// Check the protection of destination and if protected check the needed
+// capabilities.
+CMManager::TProtectionLevel protLevel =
+destinationInstance->CurrentProtectionLevel();
+if ( protLevel == CMManager::EProtLevel1 ||
+protLevel == CMManager::EProtLevel3 )
+{
+CPolicyServer::TCustomResult capabilities( CPolicyServer::EPass );
+capabilities = iServer.CapabilityCheckWithProtection( aMessage );
+if ( capabilities == CPolicyServer::EFail )
+{
+User::Leave( KErrPermissionDenied );
+}
+}
 CCmmConnMethodInstance* connMethodInstance =
 ( CCmmConnMethodInstance* )iConnMethodObjects->AtL( aMessage.Int0() );
-//TODO, capability checks
 // Index values start from 0 (0 meaning highest priority).
 TUint index( ( TUint )aMessage.Int1() );
 destinationInstance->ModifyConnMethodPriorityL( *connMethodInstance, index );
 {
 OstTraceFunctionEntry0( CCMMSESSION_SETDESTINATIONNAMEL_ENTRY );
 CCmmDestinationInstance* destinationInstance =
 ( CCmmDestinationInstance* )iDestinationObjects->AtL( aMessage.Int3() );
+// Check that client does not try to change the name of the Internet Destination.
+TUint32 metadata( 0 );
+destinationInstance->GetMetadataL( CMManager::ESnapMetadataPurpose, metadata );
+if ( metadata == CMManager::ESnapPurposeInternet )
+{
+User::Leave( KErrPermissionDenied );
+}
+// Check the protection and if protected check the needed capabilities.
+CMManager::TProtectionLevel protLevel =
+destinationInstance->CurrentProtectionLevel();
+if ( protLevel == CMManager::EProtLevel1 ||
+protLevel == CMManager::EProtLevel2 )
+{
+CPolicyServer::TCustomResult capabilities( CPolicyServer::EPass );
+capabilities = iServer.CapabilityCheckWithProtection( aMessage );
+if ( capabilities == CPolicyServer::EFail )
+{
+User::Leave( KErrPermissionDenied );
+}
+}
 // Load and check name.
 TInt destNameLength = aMessage.GetDesLength( 0 );
 if ( destNameLength <= 0 )
 {
 OstTraceFunctionExit0( CCMMSESSION_SETDESTINATIONNAMEL_EXIT );
 }
 // -----------------------------------------------------------------------------
-// CCmmSession::SetDestinationMetadataL
+// CCmmSession::SetDestinationIconL
 // -----------------------------------------------------------------------------
 //
-void CCmmSession::SetDestinationMetadataL( const RMessage2& aMessage )
+void CCmmSession::SetDestinationIconL( const RMessage2& aMessage )
 {
-OstTraceFunctionEntry0( CCMMSESSION_SETDESTINATIONMETADATAL_ENTRY );
+OstTraceFunctionEntry0( CCMMSESSION_SETDESTINATIONICONL_ENTRY );
-//TODO, Capability check. Protection level or Internet destination.
 CCmmDestinationInstance* destinationInstance =
 ( CCmmDestinationInstance* )iDestinationObjects->AtL( aMessage.Int3() );
+// Check the protection and if protected check the needed capabilities.
+CMManager::TProtectionLevel protLevel =
+destinationInstance->CurrentProtectionLevel(); //TODO, check the current level can't be altered without proper capas.
+if ( protLevel == CMManager::EProtLevel1 ||
+protLevel == CMManager::EProtLevel2 )
+{
+CPolicyServer::TCustomResult capabilities( CPolicyServer::EPass );
+capabilities = iServer.CapabilityCheckWithProtection( aMessage );
+if ( capabilities == CPolicyServer::EFail )
+{
+User::Leave( KErrPermissionDenied );
+}
+}
+// Load and check name.
+TInt destIconNameLength = aMessage.GetDesLength( 0 );
+if ( destIconNameLength < 0 || destIconNameLength > KCmmStringLengthMax )
+{
+User::Leave( KErrArgument );
+}
+HBufC* newIconName = HBufC::NewLC( destIconNameLength );
+TPtr ptrNewIconName = newIconName->Des();
+aMessage.ReadL( 0, ptrNewIconName );
+destinationInstance->SetDestinationIconL( *newIconName );
+CleanupStack::PopAndDestroy( newIconName );
+OstTraceFunctionExit0( CCMMSESSION_SETDESTINATIONICONL_EXIT );
+}
+// -----------------------------------------------------------------------------
+// CCmmSession::SetDestinationMetadataL
+// -----------------------------------------------------------------------------
+//
+void CCmmSession::SetDestinationMetadataL( const RMessage2& aMessage )
+{
+OstTraceFunctionEntry0( CCMMSESSION_SETDESTINATIONMETADATAL_ENTRY );
+CCmmDestinationInstance* destinationInstance =
+( CCmmDestinationInstance* )iDestinationObjects->AtL( aMessage.Int3() );
+// Check the protection and if protected check the needed capabilities.
+CMManager::TProtectionLevel protLevel =
+destinationInstance->CurrentProtectionLevel();
+if ( protLevel == CMManager::EProtLevel1 ||
+protLevel == CMManager::EProtLevel2 )
+{
+CPolicyServer::TCustomResult capabilities( CPolicyServer::EPass );
+capabilities = iServer.CapabilityCheckWithProtection( aMessage );
+if ( capabilities == CPolicyServer::EFail )
+{
+User::Leave( KErrPermissionDenied );
+}
+}
 CMManager::TSnapMetadataField metadataField =
 ( CMManager::TSnapMetadataField )aMessage.Int0();
 TUint32 metadata = aMessage.Int1();
 //
 void CCmmSession::SetDestinationProtectionL( const RMessage2& aMessage )
 {
 OstTraceFunctionEntry0( CCMMSESSION_SETDESTINATIONPROTECTIONL_ENTRY );
-//TODO, Capability check: ECapabilityNetworkControl
+// Check the needed capabilities.
+CPolicyServer::TCustomResult capabilities( CPolicyServer::EPass );
+capabilities = iServer.CapabilityCheckWithProtection( aMessage );
+if ( capabilities == CPolicyServer::EFail )
+{
+User::Leave( KErrPermissionDenied );
+}
 CCmmDestinationInstance* destinationInstance =
 ( CCmmDestinationInstance* )iDestinationObjects->AtL( aMessage.Int3() );
 CMManager::TProtectionLevel protLevel =
 ( CMManager::TProtectionLevel )aMessage.Int0();
 OstTraceFunctionEntry0( CCMMSESSION_SETDESTINATIONHIDDENL_ENTRY );
 CCmmDestinationInstance* destinationInstance =
 ( CCmmDestinationInstance* )iDestinationObjects->AtL( aMessage.Int3() );
+// Check the protection and if protected check the needed capabilities.
+CMManager::TProtectionLevel protLevel =
+destinationInstance->CurrentProtectionLevel();
+if ( protLevel == CMManager::EProtLevel1 ||
+protLevel == CMManager::EProtLevel2 )
+{
+CPolicyServer::TCustomResult capabilities( CPolicyServer::EPass );
+capabilities = iServer.CapabilityCheckWithProtection( aMessage );
+if ( capabilities == CPolicyServer::EFail )
+{
+User::Leave( KErrPermissionDenied );
+}
+}
 TBool hidden = aMessage.Int0();
 destinationInstance->SetMetadataL( CMManager::ESnapMetadataHiddenAgent, hidden );
 OstTraceFunctionExit0( CCMMSESSION_SETDESTINATIONHIDDENL_EXIT );
 }
 {
 OstTraceFunctionEntry0( CCMMSESSION_UPDATEDESTINATIONL_ENTRY );
 CCmmDestinationInstance* destinationInstance =
 ( CCmmDestinationInstance* )iDestinationObjects->AtL( aMessage.Int3() );
+// Check the protection and if protected check the needed capabilities
+CMManager::TProtectionLevel protLevel =
+destinationInstance->CurrentProtectionLevel();
+if ( protLevel == CMManager::EProtLevel1 ||
+protLevel == CMManager::EProtLevel2 ||
+protLevel == CMManager::EProtLevel3 )
+{
+CPolicyServer::TCustomResult capabilities( CPolicyServer::EPass );
+capabilities = iServer.CapabilityCheckWithProtection( aMessage );
+if ( capabilities == CPolicyServer::EFail )
+{
+User::Leave( KErrPermissionDenied );
+}
+}
 destinationInstance->UpdateL();
 OstTraceFunctionExit0( CCMMSESSION_UPDATEDESTINATIONL_EXIT );
 }
 {
 OstTraceFunctionEntry0( CCMMSESSION_DELETEDESTINATIONL_ENTRY );
 CCmmDestinationInstance* destinationInstance =
 ( CCmmDestinationInstance* )iDestinationObjects->AtL( aMessage.Int3() );
+// Check the protection of destination and if protected check the needed
+// capabilities.
+CMManager::TProtectionLevel protLevel =
+destinationInstance->CurrentProtectionLevel();
+if ( protLevel == CMManager::EProtLevel1 ||
+protLevel == CMManager::EProtLevel2 ||
+protLevel == CMManager::EProtLevel3 )
+{
+CPolicyServer::TCustomResult capabilities( CPolicyServer::EPass );
+capabilities = iServer.CapabilityCheckWithProtection( aMessage );
+if ( capabilities == CPolicyServer::EFail )
+{
+User::Leave( KErrPermissionDenied );
+}
+}
 iCache.CheckIfDestinationCanBeDeletedL( *destinationInstance );
 iCache.DeleteDestinationL( *destinationInstance );
 // Close the destination handle. Destination instance destructor will
 {
 OstTraceFunctionEntry0( CCMMSESSION_CREATECONNMETHODL_ENTRY );
 TUint32 bearerType( aMessage.Int0() );
-CCmmConnMethodInstance* connMethod = CCmmConnMethodInstance::NewLC( this, &iCache );
+CCmmConnMethodInstance* connMethodInstance =
-iCache.CreateConnMethodL( *connMethod, NULL, bearerType, 0 );
+CCmmConnMethodInstance::NewLC( this, &iCache );
+iCache.CreateConnMethodL( *connMethodInstance, NULL, bearerType, 0 );
-iConnMethodContainer->AddL( ( CObject* ) connMethod );
-TInt handle = iConnMethodObjects->AddL( ( CObject* ) connMethod );
+iConnMethodContainer->AddL( ( CObject* ) connMethodInstance );
-connMethod->SetHandle( handle );
+TInt handle = iConnMethodObjects->AddL( ( CObject* ) connMethodInstance );
-CleanupStack::Pop( connMethod );
+connMethodInstance->SetHandle( handle );
+CleanupStack::Pop( connMethodInstance );
 TPckg<TInt> handlePckg( handle );
 TInt error = aMessage.Write( 3, handlePckg );
 if ( error )
 {
 //
 void CCmmSession::UpdateConnMethodL( const RMessage2& aMessage )
 {
 OstTraceFunctionEntry0( CCMMSESSION_UPDATECONNMETHODL_ENTRY );
-CCmmConnMethodInstance* connMethod =
+CCmmConnMethodInstance* connMethodInstance =
 ( CCmmConnMethodInstance* )iConnMethodObjects->AtL( aMessage.Int3() );
-connMethod->UpdateL();
+// Check if the Client has capabilities to delete this CM.
+CheckCapabilitiesForProtectedCML( aMessage, connMethodInstance );
+connMethodInstance->UpdateL();
 OstTraceFunctionExit0( CCMMSESSION_UPDATECONNMETHODL_EXIT );
 }
 // -----------------------------------------------------------------------------
 OstTraceFunctionExit0( CCMMSESSION_CLOSECONNMETHOD_EXIT );
 }
 // -----------------------------------------------------------------------------
-// CCmmSession::ConnMethodUpdateL
+// CCmmSession::DeleteConnMethodL
 // -----------------------------------------------------------------------------
 //
 void CCmmSession::DeleteConnMethodL( const RMessage2& aMessage )
 {
 OstTraceFunctionEntry0( CCMMSESSION_DELETECONNMETHODL_ENTRY );
 CCmmConnMethodInstance* connMethodInstance =
 ( CCmmConnMethodInstance* )iConnMethodObjects->AtL( aMessage.Int3() );
+// Check if the Client has capabilities to delete this CM.
+CheckCapabilitiesForProtectedCML( aMessage, connMethodInstance );
 iCache.CheckIfConnMethodCanBeDeletedL( *connMethodInstance );
 iCache.DeleteConnMethodL( *connMethodInstance );
 // Ignore the boolean return value. It is always true, or the
 // DeleteL()-call leaves.
 return;
 }
 CleanupStack::PushL( value );
 TPtrC valuePtr = value->Des();
-// check the buffer length of the given buffer
+// Check the buffer length of the given buffer.
 TInt bufferLen = aMessage.GetDesMaxLength( 1 );
 if ( valuePtr.Length() > bufferLen )
 {
 User::Leave( KErrArgument );
 }
 return;
 }
 CleanupStack::PushL( value );
 TPtrC8 valuePtr = value->Des();
-// check the buffer length of the given buffer
+// Check the buffer length of the given buffer.
 TInt bufferLen = aMessage.GetDesMaxLength( 1 );
 if ( valuePtr.Length() > bufferLen )
 {
 User::Leave( KErrArgument );
 }
 OstTraceFunctionEntry0( CCMMSESSION_SETINTATTRIBUTEL_ENTRY );
 CCmmConnMethodInstance* cm =
 ( CCmmConnMethodInstance* )iConnMethodObjects->AtL( aMessage.Int3() );
+// Check the capability needed if protected CM
+// ECapabilityWriteDeviceData is checked earlier already.
+CheckCapabilitiesForProtectedCML( aMessage, cm );
 TUint32 attribute( aMessage.Int0() );
 TUint32 value( aMessage.Int1() );
 cm->SetIntAttributeL( attribute, value );
 OstTraceFunctionEntry0( CCMMSESSION_SETBOOLATTRIBUTEL_ENTRY );
 CCmmConnMethodInstance* cm =
 ( CCmmConnMethodInstance* )iConnMethodObjects->AtL( aMessage.Int3() );
+// Check the capability needed if protected CM
+// ECapabilityWriteDeviceData is checked earlier already.
+CheckCapabilitiesForProtectedCML( aMessage, cm );
 TUint32 attribute( aMessage.Int0() );
 TBool value( aMessage.Int1() );
 cm->SetBoolAttributeL( attribute, value );
 {
 OstTraceFunctionEntry0( CCMMSESSION_SETSTRINGATTRIBUTEL_ENTRY );
 CCmmConnMethodInstance* cm =
 ( CCmmConnMethodInstance* )iConnMethodObjects->AtL( aMessage.Int3() );
+// Check the capability needed if protected CM
+// ECapabilityWriteDeviceData is checked earlier already.
+CheckCapabilitiesForProtectedCML( aMessage, cm );
 TUint32 attribute( aMessage.Int0() );
 HBufC* value = HBufC::NewLC( aMessage.GetDesLengthL( 1 ) );
 TPtr valuePtr( value->Des() );
 {
 OstTraceFunctionEntry0( CCMMSESSION_SETSTRING8ATTRIBUTEL_ENTRY );
 CCmmConnMethodInstance* cm =
 ( CCmmConnMethodInstance* )iConnMethodObjects->AtL( aMessage.Int3() );
+// Check the capability needed if protected CM
+// ECapabilityWriteDeviceData is checked earlier already.
+CheckCapabilitiesForProtectedCML( aMessage, cm );
 TUint32 attribute( aMessage.Int0() );
 HBufC8* value = HBufC8::NewLC( aMessage.GetDesLengthL( 1 ) );
 TPtr8 valuePtr( value->Des() );
 TUint32 bearerType( aMessage.Int1() );
 CCmmDestinationInstance* destination =
 ( CCmmDestinationInstance* )iDestinationObjects->AtL( destinationHandle );
+// Check the protection and if protected check the needed capabilities.
+CMManager::TProtectionLevel protLevel =
+destination->CurrentProtectionLevel();
+if ( protLevel == CMManager::EProtLevel1 )
+{
+CPolicyServer::TCustomResult capabilities( CPolicyServer::EPass );
+capabilities = iServer.CapabilityCheckWithProtection( aMessage );
+if ( capabilities == CPolicyServer::EFail )
+{
+User::Leave( KErrPermissionDenied );
+}
+}
 CCmmConnMethodInstance* connMethod = CCmmConnMethodInstance::NewLC( this, &iCache );
 iCache.CreateConnMethodL( *connMethod, destination, bearerType, 0 );
 iConnMethodContainer->AddL( ( CObject* ) connMethod );
 TInt handle = iConnMethodObjects->AddL( ( CObject* ) connMethod );
 TUint32 connMethodId( aMessage.Int2() );
 CCmmDestinationInstance* destination =
 ( CCmmDestinationInstance* )iDestinationObjects->AtL( destinationHandle );
+// Check the protection and if protected check the needed capabilities.
+CMManager::TProtectionLevel protLevel =
+destination->CurrentProtectionLevel();
+if ( protLevel == CMManager::EProtLevel1 )
+{
+CPolicyServer::TCustomResult capabilities( CPolicyServer::EPass );
+capabilities = iServer.CapabilityCheckWithProtection( aMessage );
+if ( capabilities == CPolicyServer::EFail )
+{
+User::Leave( KErrPermissionDenied );
+}
+}
 CCmmConnMethodInstance* connMethod =
 CCmmConnMethodInstance::NewLC( this, &iCache );
 // Will check if ID is available.
 iCache.CreateConnMethodL( *connMethod, destination, bearerType, connMethodId );
 User::Leave( error );
 }
 OstTraceFunctionExit0( CCMMSESSION_GETEMBEDDEDDESTINATIONL_EXIT );
 }
+// -----------------------------------------------------------------------------
+// Check if CM is protected and if so then check the needed capabilities.
+// -----------------------------------------------------------------------------
+//
+void CCmmSession::CheckCapabilitiesForProtectedCML(
+const RMessage2& aMessage,
+CCmmConnMethodInstance* aConnectionMethodInstance )
+{
+OstTraceFunctionEntry0( CCMMSESSION_CHECKCAPABILITIESFORPROTECTEDCML_ENTRY );
+TBool prot = aConnectionMethodInstance->GetBoolAttributeL( CMManager::ECmProtected );
+if ( prot )
+{
+CPolicyServer::TCustomResult capabilities( CPolicyServer::EPass );
+capabilities = iServer.CapabilityCheckWithProtection( aMessage );
+if ( capabilities == CPolicyServer::EFail )
+{
+User::Leave( KErrPermissionDenied );
+}
+}
+OstTraceFunctionExit0( CCMMSESSION_CHECKCAPABILITIESFORPROTECTEDCML_EXIT );
+}
 // End of file

changeset 27	489cf6208544
parent 20	9c97ad6591ae
child 40	c5b848e6c7d1