diff -r 7aa6007702af -r 61b27eec6533 serviceapifw_plat/rtsecuritymanager_client_api/inc/rtsecmgrscriptsession.h --- a/serviceapifw_plat/rtsecuritymanager_client_api/inc/rtsecmgrscriptsession.h Fri Apr 16 15:54:49 2010 +0300 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,661 +0,0 @@ -/* -* Copyright (c) 2007-2008 Nokia Corporation and/or its subsidiary(-ies). -* All rights reserved. -* This component and the accompanying materials are made available -* under the terms of the License "Eclipse Public License v1.0" -* which accompanies this distribution, and is available -* at the URL "http://www.eclipse.org/legal/epl-v10.html". -* -* Initial Contributors: -* Nokia Corporation - initial contribution. -* -* Contributors: -* -* Description: Client side proxy class representing script session - * -*/ - - - - - - - -#ifndef _CRTSECMGRSCRIPTSESSION_H_ -#define _CRTSECMGRSCRIPTSESSION_H_ - -#include -#include -#include -#include -#include - -class CCoeEnv; -class CRTSecMgrSubSessionProxy; - -/** - * Type holding data to be used while prompting. - * - * The default or custom (runtime over-ridden) prompt handler requires the permission - * type to prompt and the user-selection to be returned to security - * manager for access permission check - * - * @lib rtsecmgrclient.lib - */ -class CPromptData : public CBase - { -public: - - /** - * Two-phased constructor - * - * Constructs a CPromptData instance - * - * @return pointer to an instance of CPromptData - */ - static CPromptData* NewL() - { - CPromptData* self = CPromptData::NewLC (); - CleanupStack::Pop (self); - return self; - } - - /** - * Two-phased constructor - * - * Constructs a CPromptData instance and leaves the created instance - * onto the cleanupstack. - * - * @return pointer to an instance of CPromptData - */ - - static CPromptData* NewLC() - { - CPromptData* self = new (ELeave) CPromptData(); - CleanupStack::PushL (self); - self->ConstructL (); - return self; - } - - - /** - * Destructor - * - */ - ~CPromptData() - { - if(iPermission) - delete iPermission; - - } - - - /* - * - * - */ - void ConstructL() - { - - } - - /** - * Returns permission data - * - * @return an object containing the permission data - */ - inline CPermission* Permission() const - { - return iPermission; - } - - /** - * Sets the user-selection data - * - * @param aUserSelection TUserPromptOption user-selected data value - */ - inline void SetUserSelection(TUserPromptOption aUserSelection) - { - iUserSelection = aUserSelection; - } - - /** - * Sets the permission value of the domain - * - * @param aPermission CPermission permission value of the domain - */ - - inline void SetPermissions(CPermission& aPermission) - { - if(iPermission) - { - delete iPermission; - iPermission = NULL; - } - - iPermission = CPermission::NewL(aPermission); - //iPermission = &aPermission; - } -private: - //private default constructor - CPromptData::CPromptData() : - iUserSelection(RTUserPrompt_UnDefined) - { - } - - //private permission data - CPermission* iPermission; - - //private user-selection - TUserPromptOption iUserSelection; - - friend class CRTSecMgrScriptSession; - }; - -//typdef to model list of prompt data structure -typedef RPointerArray RPromptDataList; -typedef RArray RResourceArray; - -/* - * Prompt callback handler class. - * - * Runtimes should implement the prompt handler function to prompt the user - * and to obtain the user option chosen. The prompt data are used by - * runtime security manager for further access permission check. - * - * If runtimes do not override prompt handling, security manager component - * would then provide default prompt handler functionality. - * - * @lib rtsecmgrclient.lib - */ -class MSecMgrPromptHandler - { -public: - /** - * Prompts the user. - * - * @param aPromptDataList RPromptDataList list of prompt data used by - * prompt callback handler to show to the user - * - * @return KErrNone if prompting successful; In case of failure, one of - * system wide error codes - */ - virtual TInt Prompt(RPromptDataList& aPromptDataList , TExecutableID aExecID = KAnonymousScript) =0; - - /** - * Sets the user chosen prompt selection. - * - * @param aPromptUiOption TSecMgrPromptUIOption prompt selection - */ - virtual void SetPromptOption(TSecMgrPromptUIOption aPromptUiOption) =0; - /** - * Returns the prompt selection - * - * @return TSecMgrPromptUIOption the prompt selection - */ - virtual TSecMgrPromptUIOption PromptOption() const =0; - }; - -struct TPermanentInfo - { - TPermGrant iAllowedBits; //permanent allowed caps - TPermGrant iDeniedBits; //permanent denied caps - RProviderArray iAllowedProviders; //permanent allowed providers - RProviderArray iDeniedProviders; //permanent denied providers - }; - -struct TSessionInfo - { - TCapabilityBitSet AllowedCaps; //caps allowed for this session (caps allowed for this session & perm allowed) - TCapabilityBitSet DeniedCaps; //caps denied for this sesion (caps denied for this session & perm denied) - RProviderArray AllowedProviders;//providers allowed for this session - RProviderArray DeniedProviders;//providers denied for this session - }; - -/** - * - * Thin proxy to the client side sub-session handle. - * - * This class implements the default prompt handling functionality. In addition, the main - * functionality of native platform access check is performed by CRTSecMgrScriptSession. - * - * @lib rtsecmgrclient.lib - * - */ -NONSHARABLE_CLASS(CRTSecMgrScriptSession) : public CBase, MSecMgrPromptHandler - { -public: - /** - * Two-phased constructor - * - * Constructs a CRTSecMgrScriptSession instance - * - * Initializes client side script sub-session. - * - * @param MSecMgrPromptHandler pointer to a prompt handler callback - * - * @return pointer to an instance of CRTSecMgrScriptSession if succesful; - * Otherwise NULL - */ - static CRTSecMgrScriptSession* NewL(MSecMgrPromptHandler* aPromptHdlr=0); - - /** - * Two-phased constructor - * - * Constructs a CRTSecMgrScriptSession instance and leaves the created instance - * on the cleanupstack - * - * Initializes client side script sub-session. - * - * @param MSecMgrPromptHandler pointer to a prompt handler callback - * - * @return pointer to an instance of CRTSecMgrScriptSession if succesful; - * Otherwise NULL - */ - static CRTSecMgrScriptSession* NewLC(MSecMgrPromptHandler* aPromptHdlr=0); - - /** - * Callback funciton for moreinfo link in advanced prompt - * - * Calls the moreinfo function for indivudual capability or for a alias group - * - * @param aCallbackParam TAny* pointer to TCallbackParam - * - */ - static TInt LinkCallback(TAny *aCallbackParam); - - /** - * Destructor - * - * Closes the sub-session - * - */ - IMPORT_C ~CRTSecMgrScriptSession(); - - /** - * Opens security manager script sub-session. This method in turn opens a - * sub-session on the server side, by bringing script related data onto the cache. - * - * @param aParentSession RSessionBase handle to parent security manager session - * @param aPolicyID TPolicyID policy identifier of the script associated with this script session - * @param aExecID TExecutableID identifier of the script associated with this script session - * - * @return KErrNone if successful; In case of failure, one of system wide error cods - */ - TInt Open(const RSessionBase& aParentSession,TPolicyID aPolicyID,TExecutableID aExecID); - - /** - * Opens security manager script sub-session. This method in turn opens a - * sub-session on the server side, by bringing script related data onto the cache. - * - * @param aParentSession RSessionBase handle to parent security manager session - * @param aPolicyID TPolicyID policy identifier of the script associated with this script session - * @param aExecID TExecutableID identifier of the script associated with this script session - * @param aHashValue TDesC hash value of the scrpt passed while registering the script - * - * @return KErrNone if successful; In case of failure, one of system wide error cods - */ - TInt Open(const RSessionBase& aParentSession,TPolicyID aPolicyID,TExecutableID aExecID,const TDesC& aHashValue); - - /** - * Opens security manager script sub-session. This method in turn opens a - * sub-session on the server side, by bringing script related data onto the cache. - * - * @param aParentSession RSessionBase handle to parent security manager session - * @param aPolicyID TPolicyID policy identifier of the script associated with this script session - * @param aExecID TExecutableID identifier of the script associated with this script session - * @param aTrustInfo CTrustInfo trust data structure - * - * @return KErrNone if successful; In case of failure, one of system wide error cods - */ - TInt Open(const RSessionBase& aParentSession,TPolicyID aPolicyID,TExecutableID aExecID,const CTrustInfo& aTrustInfo); - - /** - * Performs access permission check - * - * This method evaluates access permission by comparing the expected capabilities - * to perform service invocation with the capabilities of the script. The - * capabilities of the script is computed as sum of : - * - * - default allowed capabilities as specified in security access policy - * - user-granted capabilities, allowed by user while prompting - * - * The capabilities allowed by the user could be of various durations, like - * session-based, blanket/permanent and the one valid for the current invocation only - * (one-shot) - * - * @param aCapabilitiesToCheck RCapabilityArray list of capabilities to be checked against - * script's capbilities - * - * @return EAccessOk if the access permission check is successful; Else, EAccessNOk - */ - IMPORT_C TInt IsAllowed(const RCapabilityArray& aCapabilitiesToCheck); - - /** - * Performs access permission check - * - * This overloaded method evaluates access permission by comparing the expected capabilities - * to perform service invocation with the capabilities of the script. The - * capabilities of the script is computed as sum of : - * - * - default allowed capabilities as specified in security access policy - * - user-granted capabilities, allowed by user while prompting - * - * The capabilities allowed by the user could be of various durations, like - * session-based, blanket/permanent and the one valid for the current invocation only - * (one-shot) - * - * This overloaded version returns the list of capabilities that do not match after - * access permission check. This can be used by the client to display to the user the - * list of unmatched capabilities - * - * @param aCapabilitiesToCheck RCapabilityArray list of capabilities to be checked against - * script's capbilities - * @param aUnMatchedCapabilities RCapabilityArray list of unmatched capabilities - * - * @return EAccessOk if the access permission check is successful; Else, EAccessNOk - */ - IMPORT_C TInt IsAllowed(const RCapabilityArray& aCapabilitiesToCheck,RCapabilityArray& aUnMatchedCapabilities); - - /** - * Performs access permission check - * - * This overloaded method evaluates access permission by comparing the expected capabilities - * to perform service invocation with the capabilities of the script. The - * capabilities of the script is computed as sum of : - * - * - default allowed capabilities as specified in security access policy - * - user-granted capabilities, allowed by user while prompting - * - * The capabilities allowed by the user could be of various durations, like - * session-based, blanket/permanent and the one valid for the current invocation only - * (one-shot) - * - * This overloaded version returns the list of capabilities that do not match after - * access permission check. This can be used by the client to display to the user the - * list of unmatched capabilities - * - * @param aCapabilitiesToCheck RCapabilityArray list of capabilities to be checked against - * script's capbilities - * @param aProviderUid TProviderUid The provider that is being loaded - * @param aResourceFilePath TFileName resource file containing the string to prompt. - * - * @return EAccessOk if the access permission check is successful; Else, EAccessNOk - */ - IMPORT_C TInt IsAllowed(const RCapabilityArray& aCapabilitiesToCheck, TProviderUid aProviderUid, TFileName aResourceFileName); - - /** - * Definition of default prompt handler. - * - * @param aPromptDataList RPromptDataList list of prompt data used by - * prompt callback handler to show to the user - * - * @return KErrNone if prompting successful; In case of failure, one of - * system wide error codes - * - */ - TInt Prompt(RPromptDataList& aPromptDataList , TExecutableID aExecID = KAnonymousScript); - - /** - * Definition of cost notification. - * - */ - void PromptCostL() ; - - /** - * Gets the underlying script object - * - * This method is to be used by components, such as application manager, - * that are interested in displaying script related information to the user. - * - * Following are the script related information: - * - * - Capabilities allowed by default - * - User-grantable capabilities - * - Currently allowed or denied blanket permissions - * - * Note that this method should not be used by runtimes unless and until there is - * a strong design justification - * - * @return a reference to underlying script object - */ - inline CScript& CRTSecMgrScriptSession::Script() - { - return *iScript; - } - - /** - * Returns prompt handler reference - * - * @return reference to prompt handler - */ - inline MSecMgrPromptHandler* PromptHandler() const - { - return iPromptHdlr; - } - - /** - * Sets prompt UI option. The supported prompt options are : - * - * - Basic/Default - * - Advanced - * - * The difference between the basic and advanced prompt option - * reisdes in the fact the number of prompt options and the corresponding - * prompt texts displayed would be different. - * - * If not explictly, the default prompt UI option is set to basic/default prompt UI. - * - * @param aUIPromptOption TSecMgrPromptUIOption basic/advanced prompt UI option - */ - inline void SetPromptOption(TSecMgrPromptUIOption aUIPromptOption) - { - iUIPromptOption = aUIPromptOption; - } - - /** - * Gets prompt UI option. The supported prompt options are : - * - * - Basic/Default - * - Advanced - * - * The difference between the basic and advanced prompt option - * reisdes in the fact the number of prompt options and the corresponding - * prompt texts displayed would be different. - * - * @return aUIPromptOption TSecMgrPromptUIOption basic/advanced prompt UI option - */ - inline TSecMgrPromptUIOption PromptOption() const - { - return iUIPromptOption; - } - - /** - * Sets the application name to the value passed by the runtime. - * The name is displayed as part of the prompt for provider based prompting. - * If name is not set then the default name is used. - * - * @param aName TDesC& name of the application. - */ - IMPORT_C void SetApplicationNameL(const TDesC& aName); - - -private: - /* - * Default private constructor - * - */ - CRTSecMgrScriptSession(MSecMgrPromptHandler* aPromptHdlr=0); - - /* - * Two phased constructor - * - */ - void ConstructL(); - - /* - * Contains prompt logic - * - */ - TInt Prompt(CPromptData* aPromptData); - - /* - * Private default implementation for advanced prompt UI option - * - */ - TInt PromptAdvanced(CPromptData* aPromptData); - - /* - * Logic for displaying more inormation when the user selects more info - * - */ - TInt MoreInfoL(CPromptData& aPromptData); - - /* - * Logic identifying the user-selection of prompt - * duration - * - */ - void HandleGrantChosen(CPromptData* aPromptData, - TCapabilityBitSet aCapBitSet, TCapabilityBitSet& aAllowedCaps, - TBool& aIsPermGrantModified); - - /* - * Private implementation to update blanket permission data - * - */ - void UpdatePermGrant(); - - /* - * Conversion utility to convert a single 32-bit value to the list of - * capabilities (RArray) - * - */ - void BuildCapsL(TCapabilityBitSet aCapBitSet, RCapabilityArray& aInOutTCapList); - - /* - * Private implementation to evaluate access permission check - * - */ - TInt IsAllowed(const RCapabilityArray& aCapsToCheck,RPromptDataList& aPromptDataList,TCapabilityBitSet& aUnMatchedCapBits); - - /* - * Private implementation to evaluate access permission check. This - * overloaded version additionally returns the unmatched capabilities - * - */ - TInt IsAllowed(const RCapabilityArray& aCapsToCheck,TCapabilityBitSet& aUnMatchedCapBits); - - /* - * Conversion utility to generate an unsigned 32-bit value toggling the individual bits - * to the corresponding TCapability value - * - */ - void AddCapability(TCapabilityBitSet& aInOutCapBitSet, TCapability aCapToSet); - - /* - * Attempts to close the script sub-session - * - */ - void Close(); - - /* - * Function to add the security manager resource file to the CONE environment - */ - void AddResourceFiles(); - - /* - * Function to add the provider's resource file from which the body of the prompt is populated. - * - * @param aResourceFileName TFileName The resource file to be added to the CONE environment - */ - TInt AddProviderResourceFile(TFileName aResourceFileName); - - /* - * Close all the resource files added to the CONE environment - */ - void CloseResourceFiles(); - -private: - /* - * permissions allowed or denied for the current session - * The lifetime of this data structure is associated - * with this script session - * - */ - struct - { - TSessionInfo* sessionInfo; //Information about what is allowed for this session (caps/providers allowed for this session & perm allowed) - TCapabilityBitSet DeniedCaps; //Information about what is denied for this session (caps/providers denied for this session & perm denied) - }_sessionData; - - /* - * anonymous enumerations for selection index - * - */ - enum - { - PROMPT_SELIDX_ZERO = 0, - PROMPT_SELIDX_ONE = PROMPT_SELIDX_ZERO + 1, - PROMPT_SELIDX_TWO = PROMPT_SELIDX_ZERO + 2, - PROMPT_SELIDX_THREE = PROMPT_SELIDX_ZERO + 3, - PROMPT_SELIDX_FOUR = PROMPT_SELIDX_ZERO + 4, - PROMPT_SELIDX_FIVE = PROMPT_SELIDX_ZERO + 5 - }; - - /* - * private script reference - * - */ - CScript* iScript; - - /* - * permanently allowed capability bits - * - */ - TPermanentInfo* _permanentInfo; //perm allowed information, persistently stored for this script - - /* - * Generic data about the script session - * - */ - HBufC* iSessionData; - - /* - * reference to prompt handler instance - * - */ - MSecMgrPromptHandler* iPromptHdlr; - - /* - * sub-session proxy pointer - * - */ - CRTSecMgrSubSessionProxy* iSubSessionProxy; - - /* - * pointer to Coe environment - */ - CCoeEnv* iCoeEnv; - - /* - * security manager resource file offset value - * - */ - RResourceArray iResourceOffsetArray; - - /* - * Prompt UI option - * - */ - TSecMgrPromptUIOption iUIPromptOption; - - /* - * Custom prompt flag - * - */ - TBool isCustomPrompt; - }; - -#endif //_CRTSECMGRSCRIPTSESSION_H_ -