|
1 /* |
|
2 * Copyright (c) 2002-2004 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Implementation of policymanagement components |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 // INCLUDE FILES |
|
20 |
|
21 |
|
22 #include <commdb.h> |
|
23 |
|
24 #include "CommsDatEnforcement.h" |
|
25 #include "XACMLconstants.h" |
|
26 #include "debug.h" |
|
27 #include "PolicyEngineServer.h" |
|
28 #include "PolicyStorage.h" |
|
29 |
|
30 #include <protectdb.h> |
|
31 |
|
32 #include <commsdattypesv1_1.h> |
|
33 #include <WlanCdbCols.h> |
|
34 #include <d32dbms.h> |
|
35 #include <metadatabase.h> |
|
36 |
|
37 // EXTERNAL DATA STRUCTURES |
|
38 // EXTERNAL FUNCTION PROTOTYPES |
|
39 // CONSTANTS |
|
40 |
|
41 _LIT( KCommsDatEnformentPanic, "CommsDat enforcement panic"); |
|
42 |
|
43 |
|
44 //Repository UIDs |
|
45 |
|
46 const TUid TCommsDatRepository = { 0xCCCCCC00 }; |
|
47 const TUint32 KCDMaskRecordType = 0x7f800000; |
|
48 |
|
49 const TUint32 KWLANServiceExtRecord = 0x05000000; |
|
50 |
|
51 const TPtrC KWLANServiceExtTable( _S("WLANServiceExtensionTable")); |
|
52 const TPtrC KWLANServiceTable( _S("WLANServiceTable")); |
|
53 const TPtrC KWLANDeviceTable( _S("WLANDeviceTable")); |
|
54 const TPtrC KWLANSecondarySSID( _S("SecondarySSID")); |
|
55 const TPtrC KDestinationNetwork( _S("DestinationNetwork")); |
|
56 |
|
57 |
|
58 _LIT8( KAPURI, "AP"); |
|
59 |
|
60 |
|
61 // ----------------------------------------------------------------------------- |
|
62 // CCommsDatEnforcement::CCommsDatEnforcement() |
|
63 // ----------------------------------------------------------------------------- |
|
64 // |
|
65 CCommsDatEnforcement::CCommsDatEnforcement() |
|
66 { |
|
67 RDEBUG("CCommsDatEnforcement::CCommsDatEnforcement()"); |
|
68 } |
|
69 |
|
70 |
|
71 // ----------------------------------------------------------------------------- |
|
72 // CCommsDatEnforcement::~CCommsDatEnforcement() |
|
73 // ----------------------------------------------------------------------------- |
|
74 // |
|
75 CCommsDatEnforcement::~CCommsDatEnforcement() |
|
76 { |
|
77 RDEBUG("CCommsDatEnforcement::~CCommsDatEnforcement()"); |
|
78 |
|
79 if( iSession ) |
|
80 { |
|
81 iSession->Close(); |
|
82 delete iSession; |
|
83 } |
|
84 |
|
85 iMaskList.Close(); |
|
86 iTableList.Close(); |
|
87 iCommsDatEnforcement.Close(); |
|
88 iCentRepServer.Close(); |
|
89 iDMUtil.Close(); |
|
90 } |
|
91 |
|
92 |
|
93 // ----------------------------------------------------------------------------- |
|
94 // CCommsDatEnforcement::ConstructL() |
|
95 // ----------------------------------------------------------------------------- |
|
96 // |
|
97 void CCommsDatEnforcement::ConstructL() |
|
98 { |
|
99 RDEBUG("CCommsDatEnforcement::ConstructL()"); |
|
100 //no implementation needed |
|
101 iSession = CMDBSession::NewL( CMDBSession::LatestVersion() ); |
|
102 } |
|
103 |
|
104 // ----------------------------------------------------------------------------- |
|
105 // CCommsDatEnforcement::NewL() |
|
106 // ----------------------------------------------------------------------------- |
|
107 // |
|
108 CCommsDatEnforcement* CCommsDatEnforcement::NewL( const TDesC8& aEnforcementId ) |
|
109 { |
|
110 RDEBUG("CCommsDatEnforcement::NewL()"); |
|
111 CCommsDatEnforcement* self = 0; |
|
112 |
|
113 if( aEnforcementId == PolicyLanguage::Constants::EAPEnforcementPolicy ) |
|
114 { |
|
115 RDEBUG(" -> EAPEnforcementPolicy"); |
|
116 self = new ( ELeave ) CCommsDatEnforcement(); |
|
117 self->ConstructL(); |
|
118 CleanupStack::PushL( self ); |
|
119 self->iMaskList.AppendL( KCDTIdWAPAccessPointRecord ); |
|
120 self->iTableList.AppendL( TPtrC(KCDTypeNameWAPAccessPoint )); |
|
121 self->iMaskList.AppendL( KCDTIdWAPSMSBearerRecord ); |
|
122 self->iTableList.AppendL( TPtrC(KCDTypeNameWAPSMSBearer) ); |
|
123 self->iMaskList.AppendL( KCDTIdWAPIPBearerRecord ); |
|
124 self->iTableList.AppendL( TPtrC(KCDTypeNameWAPIPBearer) ); |
|
125 self->iMaskList.AppendL( KCDTIdIAPRecord ); |
|
126 self->iTableList.AppendL( TPtrC(KCDTypeNameIAP) ); |
|
127 self->iSettingType = EAPEnforcement; |
|
128 CleanupStack::Pop( self ); |
|
129 } |
|
130 else if( aEnforcementId == PolicyLanguage::Constants::EWLANEnforcementPolicy ) |
|
131 { |
|
132 RDEBUG(" -> EWLANEnforcementPolicy"); |
|
133 self = new ( ELeave ) CCommsDatEnforcement(); |
|
134 self->ConstructL(); |
|
135 CleanupStack::PushL( self ); |
|
136 self->iMaskList.AppendL( KWLANServiceExtRecord ); |
|
137 self->iTableList.AppendL( KWLANServiceExtTable ); |
|
138 |
|
139 TUint32 wlanServiceTableId = self->GetRecordIdL( KWLANServiceTable ); |
|
140 self->iMaskList.AppendL( wlanServiceTableId ); |
|
141 self->iTableList.AppendL( KWLANServiceTable ); |
|
142 |
|
143 TUint32 wlanDeviceTableId = self->GetRecordIdL( KWLANDeviceTable ); |
|
144 self->iMaskList.AppendL( wlanDeviceTableId ); |
|
145 self->iTableList.AppendL( KWLANDeviceTable ); |
|
146 |
|
147 TUint32 wlanSSIDTableId = self->GetRecordIdL( KWLANSecondarySSID ); |
|
148 self->iMaskList.AppendL( wlanSSIDTableId ); |
|
149 self->iTableList.AppendL( KWLANSecondarySSID ); |
|
150 |
|
151 TUint32 wlanDestinationNetworkTableId = self->GetRecordIdL( KDestinationNetwork ); |
|
152 self->iMaskList.AppendL( wlanDestinationNetworkTableId ); |
|
153 self->iTableList.AppendL( KDestinationNetwork ); |
|
154 |
|
155 self->iSettingType = EWLANEnforcement; |
|
156 CleanupStack::Pop( self ); |
|
157 } |
|
158 |
|
159 return self; |
|
160 } |
|
161 |
|
162 |
|
163 // ----------------------------------------------------------------------------- |
|
164 // CCommsDatEnforcement::ValidEnforcementElement() |
|
165 // ----------------------------------------------------------------------------- |
|
166 // |
|
167 TBool CCommsDatEnforcement::ValidEnforcementElement( const TDesC8& aEnforcementId ) |
|
168 { |
|
169 RDEBUG("CCommsDatEnforcement::ValidEnforcementElement()"); |
|
170 if ( aEnforcementId == PolicyLanguage::Constants::EAPEnforcementPolicy ) |
|
171 { |
|
172 RDEBUG(" -> valid EAPEnforcementPolicy"); |
|
173 return ETrue; |
|
174 } |
|
175 else if ( aEnforcementId == PolicyLanguage::Constants::EWLANEnforcementPolicy ) |
|
176 { |
|
177 RDEBUG(" -> valid EWLANEnforcementPolicy"); |
|
178 return ETrue; |
|
179 } |
|
180 |
|
181 return EFalse; |
|
182 } |
|
183 |
|
184 |
|
185 // ----------------------------------------------------------------------------- |
|
186 // CCommsDatEnforcement::InitEnforcement() |
|
187 // ----------------------------------------------------------------------------- |
|
188 // |
|
189 void CCommsDatEnforcement::InitEnforcementL( TRequestStatus& aRequestStatus ) |
|
190 { |
|
191 RDEBUG("CCommsDatEnforcement::InitEnforcementL()"); |
|
192 //set restore flag |
|
193 if ( iAccessControlList->Count() ) |
|
194 { |
|
195 iRestore = EFalse; |
|
196 } |
|
197 else |
|
198 { |
|
199 iRestore = ETrue; |
|
200 iInitState++; |
|
201 } |
|
202 |
|
203 //in first phase open connections to centreptool |
|
204 if ( iInitState == 0 || iRestore ) |
|
205 { |
|
206 RDEBUG(" -> Opening connections ... "); |
|
207 User::LeaveIfError( iCentRepServer.Connect() ); |
|
208 User::LeaveIfError( iCommsDatEnforcement.Open( TCommsDatRepository , iCentRepServer ) ); |
|
209 User::LeaveIfError( iDMUtil.Connect()); |
|
210 RDEBUG(" -> Opening connections ... DONE!"); |
|
211 } |
|
212 |
|
213 //init each session in own cycle.... |
|
214 switch ( iInitState ) |
|
215 { |
|
216 case 0: |
|
217 { |
|
218 RDEBUG("CCommsDatEnforcement: Protect AP tables ... "); |
|
219 CCommsDatabaseProtect* dbprotect = CCommsDatabaseProtect::NewL(); |
|
220 |
|
221 //add protection for GS |
|
222 for ( TInt i( 0 ); i < iTableList.Count(); i++ ) |
|
223 { |
|
224 TInt err = dbprotect->ProtectTable( iTableList[ i ] ); |
|
225 RDEBUG_2("CCommsDatEnforcement: Protection status %d", err ); |
|
226 } |
|
227 |
|
228 delete dbprotect; |
|
229 dbprotect = NULL; |
|
230 |
|
231 // enable all WLAN AP locks |
|
232 if(iSettingType == EWLANEnforcement) |
|
233 { |
|
234 LockWLANAccessPointsL( ETrue ); |
|
235 } |
|
236 |
|
237 //compelete request |
|
238 TRequestStatus * status = &aRequestStatus; |
|
239 User::RequestComplete( status, KErrNone ); |
|
240 } |
|
241 break; |
|
242 case 1: |
|
243 { |
|
244 RDEBUG("CCommsDatEnforcement: Init commsDat enforcement session"); |
|
245 iCommsDatEnforcement.InitSession( aRequestStatus ); |
|
246 } |
|
247 break; |
|
248 default: |
|
249 { |
|
250 RDEBUG("**** CCommsDatEnforcement PANIC, invalid switch-case!"); |
|
251 User::Panic( KCommsDatEnformentPanic, KErrAbort ); |
|
252 } |
|
253 break; |
|
254 } |
|
255 |
|
256 iInitState++; |
|
257 } |
|
258 |
|
259 |
|
260 // ----------------------------------------------------------------------------- |
|
261 // CCommsDatEnforcement::InitReady() |
|
262 // ----------------------------------------------------------------------------- |
|
263 // |
|
264 TBool CCommsDatEnforcement::InitReady() |
|
265 { |
|
266 RDEBUG("CCommsDatEnforcement::InitReady()"); |
|
267 return ( iInitState > 1 ); |
|
268 } |
|
269 |
|
270 |
|
271 // ----------------------------------------------------------------------------- |
|
272 // CCommsDatEnforcement::InitReady() |
|
273 // ----------------------------------------------------------------------------- |
|
274 // |
|
275 void CCommsDatEnforcement::DoEnforcementL( TRequestStatus& aRequestStatus ) |
|
276 { |
|
277 RDEBUG("CCommsDatEnforcement::DoEnforcementL()"); |
|
278 if( !iRestore ) |
|
279 { |
|
280 //if there any number subject which have exclusively right for setting, give access only for DM client |
|
281 for ( TInt i( 0 ); i < iMaskList.Count(); i++ ) |
|
282 { |
|
283 RDEBUG_3(" making enforcement: %d/%d", i, iMaskList.Count() ); |
|
284 User::LeaveIfError( iCommsDatEnforcement.SetSIDWRForMask( iMaskList[ i ], KCDMaskRecordType, KDMClientUiD)); |
|
285 User::LeaveIfError( iCommsDatEnforcement.RemoveBackupFlagForMask( iMaskList[ i ], KCDMaskRecordType)); |
|
286 CPolicyStorage::PolicyStorage()->ActivateEnforcementFlagL( iSettingType ); |
|
287 } |
|
288 |
|
289 //ACL... |
|
290 RDEBUG(" making ACL modifications for enforcement ... "); |
|
291 User::LeaveIfError( iDMUtil.SetMngSessionCertificate( SessionCertificate() ) ); |
|
292 User::LeaveIfError( iDMUtil.AddACLForNode( KAPURI, EForChildrens, EACLDelete ) ); |
|
293 User::LeaveIfError( iDMUtil.AddACLForNode( KAPURI, EForNode, EACLGet ) ); |
|
294 User::LeaveIfError( iDMUtil.SetACLForNode( KAPURI, EForNode, EACLAdd ) ); |
|
295 RDEBUG(" making ACL modifications for enforcement ... DONE!"); |
|
296 } |
|
297 else |
|
298 { |
|
299 //Clear default settings |
|
300 for ( TInt i( 0 ); i < iMaskList.Count(); i++ ) |
|
301 { |
|
302 RDEBUG_3(" clearing default settings: %d/%d", i, iMaskList.Count() ); |
|
303 User::LeaveIfError( iCommsDatEnforcement.RestoreMask( iMaskList[ i ], KCDMaskRecordType )); |
|
304 User::LeaveIfError( iCommsDatEnforcement.RestoreBackupFlagForMask( iMaskList[ i ], KCDMaskRecordType)); |
|
305 CPolicyStorage::PolicyStorage()->DeactivateEnforcementFlagL( iSettingType ); |
|
306 } |
|
307 |
|
308 //ACL... |
|
309 RDEBUG(" removing ACL modifications for enforcement ... "); |
|
310 User::LeaveIfError( iDMUtil.RemoveACL( KAPURI, ETrue ) ); |
|
311 RDEBUG(" removing ACL modifications for enforcement ... DONE!"); |
|
312 |
|
313 } |
|
314 |
|
315 iEnforcementState++; |
|
316 TRequestStatus * status = &aRequestStatus; |
|
317 User::RequestComplete( status, KErrNone ); |
|
318 } |
|
319 |
|
320 // ----------------------------------------------------------------------------- |
|
321 // CCommsDatEnforcement::EnforcementReady() |
|
322 // ----------------------------------------------------------------------------- |
|
323 // |
|
324 TBool CCommsDatEnforcement::EnforcementReady() |
|
325 { |
|
326 RDEBUG("CCommsDatEnforcement::EnforcementReady()"); |
|
327 return iEnforcementState > 0; |
|
328 } |
|
329 |
|
330 // ----------------------------------------------------------------------------- |
|
331 // CCommsDatEnforcement::FinishEnforcementL() |
|
332 // ----------------------------------------------------------------------------- |
|
333 // |
|
334 void CCommsDatEnforcement::FinishEnforcementL( TBool aFlushSettings) |
|
335 { |
|
336 RDEBUG("CCommsDatEnforcement::FinishEnforcementL()"); |
|
337 //Close sessions |
|
338 if( aFlushSettings ) |
|
339 { |
|
340 iCommsDatEnforcement.Flush(); |
|
341 iDMUtil.Flush(); |
|
342 } |
|
343 |
|
344 iCommsDatEnforcement.Close(); |
|
345 |
|
346 //Close centrep server... |
|
347 iCentRepServer.Close(); |
|
348 |
|
349 iDMUtil.Close(); |
|
350 |
|
351 |
|
352 if( iRestore && aFlushSettings ) |
|
353 { |
|
354 RDEBUG("PolicyEngineServer: Remove AP table Protection"); |
|
355 |
|
356 CCommsDatabaseProtect* dbprotect = CCommsDatabaseProtect::NewL(); |
|
357 CleanupStack::PushL( dbprotect ); |
|
358 |
|
359 TRAP_IGNORE( LockWLANAccessPointsL( EFalse ) ); |
|
360 //remove protection for GS |
|
361 for ( TInt i( 0 ); i < iTableList.Count(); i++ ) |
|
362 { |
|
363 TInt err = dbprotect->UnProtectTable( iTableList[ i ] ); |
|
364 RDEBUG_2("PolicyEngineServer: Protection status %d", err ); |
|
365 } |
|
366 //Condition when AP + WLAN are enforced and AP is being removed |
|
367 //GS should still show lock icons for WLANs |
|
368 RDbRowSet::TAccess checkAccessType = RDbRowSet::EReadOnly ; |
|
369 TRAP_IGNORE( checkAccessType = dbprotect->GetTableAccessL(TPtrC(WLAN_SERVICE))); |
|
370 switch(checkAccessType) |
|
371 { |
|
372 case RDbRowSet::EReadOnly : |
|
373 TRAP_IGNORE(LockWLANAccessPointsL( ETrue )); |
|
374 default : break; |
|
375 } |
|
376 CleanupStack::PopAndDestroy( dbprotect ); |
|
377 } |
|
378 } |
|
379 |
|
380 // ----------------------------------------------------------------------------- |
|
381 // CCommsDatEnforcement::AccessRightList() |
|
382 // ----------------------------------------------------------------------------- |
|
383 // |
|
384 void CCommsDatEnforcement::AccessRightList( RAccessControlList& aAccessControlList) |
|
385 { |
|
386 RDEBUG("CCommsDatEnforcement::AccessRightList()"); |
|
387 iAccessControlList = &aAccessControlList; |
|
388 } |
|
389 |
|
390 |
|
391 // ----------------------------------------------------------------------------- |
|
392 // CCommsDatEnforcement::ResetEnforcementL() |
|
393 // ----------------------------------------------------------------------------- |
|
394 // |
|
395 void CCommsDatEnforcement::ResetEnforcementL() |
|
396 { |
|
397 RDEBUG("CCommsDatEnforcement::ResetEnforcementL()"); |
|
398 |
|
399 User::LeaveIfError( iCentRepServer.Connect() ); |
|
400 User::LeaveIfError( iCommsDatEnforcement.Open( TCommsDatRepository , iCentRepServer ) ); |
|
401 User::LeaveIfError( iDMUtil.Connect()); |
|
402 |
|
403 TRequestStatus request; |
|
404 iCommsDatEnforcement.InitSession( request ); |
|
405 User::WaitForRequest( request); |
|
406 |
|
407 for ( TInt i( 0 ); i < iMaskList.Count(); i++ ) |
|
408 { |
|
409 User::LeaveIfError( iCommsDatEnforcement.RestoreMask( iMaskList[ i ], KCDMaskRecordType )); |
|
410 User::LeaveIfError( iCommsDatEnforcement.RestoreBackupFlagForMask( iMaskList[ i ], KCDMaskRecordType)); |
|
411 } |
|
412 |
|
413 //ACL... |
|
414 User::LeaveIfError( iDMUtil.RemoveACL( KAPURI, ETrue ) ); |
|
415 |
|
416 |
|
417 iCommsDatEnforcement.Flush(); |
|
418 iCommsDatEnforcement.Close(); |
|
419 iCentRepServer.Close(); |
|
420 iDMUtil.Close(); |
|
421 } |
|
422 |
|
423 |
|
424 // ----------------------------------------------------------------------------- |
|
425 // CCommsDatEnforcement::LockWLANAccessPointsL() |
|
426 // ----------------------------------------------------------------------------- |
|
427 // |
|
428 void CCommsDatEnforcement::LockWLANAccessPointsL( TBool aLockValue ) |
|
429 { |
|
430 RDEBUG_2("CCommsDatEnforcement::LockAccessPoint( %d )", aLockValue ); |
|
431 |
|
432 //Get WLAN service table and get ServiceID--> which is nothing but IAP ID and lock that record |
|
433 |
|
434 //TBool ret = EFalse; |
|
435 TUint32 apIAPID = 0; |
|
436 |
|
437 CCommsDbTableView* checkView; |
|
438 CCommsDatabase* commsDataBase = CCommsDatabase::NewL(); |
|
439 CleanupStack::PushL( commsDataBase ); |
|
440 checkView = commsDataBase->OpenTableLC(TPtrC(IAP)); |
|
441 RDEBUG(" -> After opening IAP table "); |
|
442 TBuf<KCommsDbSvrMaxFieldLength> serviceType; |
|
443 TInt error = checkView->GotoFirstRecord(); |
|
444 RDEBUG(" -> After going to first record "); |
|
445 while (error == KErrNone) |
|
446 { |
|
447 RDEBUG(" -> KERRNONE "); |
|
448 // Get the ID and check for service type |
|
449 checkView->ReadTextL(TPtrC(IAP_SERVICE_TYPE), serviceType); |
|
450 if(serviceType == TPtrC(LAN_SERVICE)) |
|
451 { |
|
452 checkView->ReadUintL(TPtrC(COMMDB_ID), apIAPID); |
|
453 RDEBUG_2(" ->found %d WLAN AP. being protected or unprotected", apIAPID ); |
|
454 if(aLockValue) |
|
455 { |
|
456 ((CCommsDbProtectTableView*)checkView)->ProtectRecord(); |
|
457 RDEBUG(" -> WLAN AP protected successfully!"); |
|
458 } |
|
459 else |
|
460 { |
|
461 ((CCommsDbProtectTableView*)checkView)->UnprotectRecord(); |
|
462 RDEBUG(" -> WLAN AP UN protected successfully!"); |
|
463 } |
|
464 |
|
465 } |
|
466 error = checkView->GotoNextRecord(); |
|
467 |
|
468 } |
|
469 CleanupStack::PopAndDestroy(); // checkView |
|
470 |
|
471 CleanupStack::PopAndDestroy( commsDataBase ); |
|
472 |
|
473 |
|
474 } |
|
475 |
|
476 |
|
477 // ----------------------------------------------------------------------------- |
|
478 // CCommsDatEnforcement::GetRecordId() |
|
479 // ----------------------------------------------------------------------------- |
|
480 // |
|
481 TUint32 CCommsDatEnforcement::GetRecordIdL( const TDesC& aTableName ) |
|
482 { |
|
483 RDEBUG_2("looking rentrep record id for table: %S", &aTableName ); |
|
484 TMDBElementId tableRecordId = 0; |
|
485 CMDBGenericRecord* tempUserDefinedRecord = static_cast<CMDBGenericRecord*>(CCDRecordBase::RecordFactoryL(0)); |
|
486 CleanupStack::PushL(tempUserDefinedRecord); |
|
487 |
|
488 tempUserDefinedRecord->InitializeL(aTableName, NULL); |
|
489 tempUserDefinedRecord->LoadL(*iSession); |
|
490 |
|
491 // Get the Id that we're interested in... |
|
492 tableRecordId = tempUserDefinedRecord->TableId(); |
|
493 RDEBUG_2(" found tableRecordId: %08x", tableRecordId ); |
|
494 CleanupStack::PopAndDestroy(tempUserDefinedRecord); |
|
495 |
|
496 // ..and validate it. |
|
497 if ((tableRecordId & KCDMaskShowRecordType) < KCDInitialUDefRecordType) |
|
498 { |
|
499 RDEBUG("Error validating tableRecordId"); |
|
500 User::Leave(KErrNotFound); |
|
501 } |
|
502 |
|
503 return tableRecordId; |
|
504 } |
|
505 |