# HG changeset patch # User Dremov Kirill (Nokia-D-MSW/Tampere) # Date 1252576712 -10800 # Node ID a7062f7f0b790c78fcbd1f874e24b5822db62f69 # Parent 947415ec76039039241bc26b3cc41d0106f63449 Revision: 200935 Kit: 200937 diff -r 947415ec7603 -r a7062f7f0b79 languageinterworkingfw/servicehandler/inc/liwservicehandlerimpl.h --- a/languageinterworkingfw/servicehandler/inc/liwservicehandlerimpl.h Fri Jul 03 15:51:30 2009 +0100 +++ b/languageinterworkingfw/servicehandler/inc/liwservicehandlerimpl.h Thu Sep 10 12:58:32 2009 +0300 @@ -107,6 +107,10 @@ */ void QueryImplementationL(CLiwCriteriaItem* aItem, RCriteriaArray& aProviderList); void GetCapabilitiesL(RArray& secMgrCapList,CLiwGenericParamList* pMetaData); + /** + * @see CLiwServiceHandler::GetProviderResourceFile() + */ + void GetProviderResourceFile(TDes& aFilePath, CLiwGenericParamList* pMetaData); /** * @see CLiwServiceHandler::GetInterest() diff -r 947415ec7603 -r a7062f7f0b79 languageinterworkingfw/servicehandler/src/liwservicehandlerimpl.cpp --- a/languageinterworkingfw/servicehandler/src/liwservicehandlerimpl.cpp Fri Jul 03 15:51:30 2009 +0100 +++ b/languageinterworkingfw/servicehandler/src/liwservicehandlerimpl.cpp Thu Sep 10 12:58:32 2009 +0300 @@ -2471,6 +2471,32 @@ } } +void CLiwServiceHandlerImpl::GetProviderResourceFile(TDes& aFilePath,CLiwGenericParamList* pMetaData) +{ + _LIT8(KResourceFile,"res"); + + TInt pos = 0; + const TLiwGenericParam* pCapData = pMetaData->FindFirst(pos,KResourceFile); + + if(pCapData) + { + const CLiwList* pCapList = pCapData->Value().AsList(); + if(pCapList) + { + for(TInt idx(0);idx!=pCapList->Count();++idx) + { + TLiwVariant capVar; + capVar.PushL(); + pCapList->AtL(idx, capVar); + aFilePath = capVar.AsDes(); + CleanupStack::Pop(&capVar); + capVar.Reset(); + } + } + + } +} + void CLiwServiceHandlerImpl::ComputeIntfVersion(CLiwServiceData* pProvMetaData,TReal& aIntfVersion) { CLiwGenericParamList* pMetaDataList = pProvMetaData->GetMetaData(); @@ -2822,12 +2848,21 @@ if(pChosenImpl) { RArray provCaps; - GetCapabilitiesL(provCaps,pServiceData->GetMetaData()); - + TFileName provResourcePath; + GetCapabilitiesL(provCaps,pServiceData->GetMetaData()); + TInt isAllowed(KErrNone); if(aScriptSession) - isAllowed = aScriptSession->IsAllowed(provCaps); + { + if(aScriptSession->PromptOption() == RTPROMPTUI_PROVIDER) + { + GetProviderResourceFile(provResourcePath, pServiceData->GetMetaData()); + isAllowed = aScriptSession->IsAllowed(provCaps, pChosenImpl->ImplementationUid(), provResourcePath); + } + else + isAllowed = aScriptSession->IsAllowed(provCaps); + } if(KErrNone==isAllowed) { diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/inc/rtsecmgrdef.h --- a/rtsecuritymanager/inc/rtsecmgrdef.h Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/inc/rtsecmgrdef.h Thu Sep 10 12:58:32 2009 +0300 @@ -53,7 +53,8 @@ ECheckPermission, EUpdatePermanentGrant, EGetScriptFile, - ESecMgrSrvReqEnd + ESecMgrSrvReqEnd, + EUpdatePermanentGrantProvider }; const TInt KSecurityServerUid2Int(0x1020507E); diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/inc/rtsecmgrmsg.h --- a/rtsecuritymanager/inc/rtsecmgrmsg.h Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/inc/rtsecmgrmsg.h Thu Sep 10 12:58:32 2009 +0300 @@ -162,5 +162,153 @@ HBufC* iHashMarker; }; +NONSHARABLE_CLASS(CRTPermGrantMessage) : public CBase + { + public: + /** + * Destructor. + */ + IMPORT_C virtual ~CRTPermGrantMessage(); + + /** + * Two-phased constructor. + * + * Creates an instance of CRTPermGrantMessage. + */ + IMPORT_C static CRTPermGrantMessage* NewL(); + + /** + * Two-phased constructor. + * + * Creates an instance of CRTPermGrantMessage + * and leaves it on cleanupstack + */ + IMPORT_C static CRTPermGrantMessage* NewLC(); + + /** + * Two-phased constructor. + * + * Creates an instance of CRTPermGrantMessage + * from the input source + * + * @param aBuf input source data + * + * @return CRTPermGrantMessage* created instance of CRTPermGrantMessage + * + */ + IMPORT_C static CRTPermGrantMessage* NewL(const TDesC8& aBuf); + + /** + * Two-phased constructor. + * + * Creates an instance of CRTPermGrantMessage + * from the input source and leaves it on cleanup stack + * + * @param aBuf input source data + * + * @return CRTPermGrantMessage* created instance of CRTPermGrantMessage + * + */ + IMPORT_C static CRTPermGrantMessage* NewLC(const TDesC8& aBuf); + + /** + * Two-phased constructor. + * + * Creates an instance of CRTPermGrantMessage + * + * @param aAllowedProviders RProviderArray Allowed service providers + * @param aDeniedProviders RProviderArray Denied service providers + * @param aScriptId TExecutableID script identifier + * @return CRTPermGrantMessage* created instance of CRTPermGrantMessage + * + */ + IMPORT_C static CRTPermGrantMessage* NewL(RProviderArray aAllowedProviders, RProviderArray aDeniedProviders,TExecutableID aScriptId); + + /** + * Two-phased constructor. + * + * Creates an instance of CRTPermGrantMessage and leaves it on the cleanup stack + * + * @param aAllowedProviders RProviderArray Allowed service providers + * @param aDeniedProviders RProviderArray Denied service providers + * @param aScriptId TExecutableID script identifier + * @return CRTPermGrantMessage* created instance of CRTPermGrantMessage + * + */ + IMPORT_C static CRTPermGrantMessage* NewLC(RProviderArray aAllowedProviders, RProviderArray aDeniedProviders,TExecutableID aScriptId); + + /** + * Get Method. + * + * Gets the list of Allowed providers + * + * @param aAllowedProviders RProviderArray In/Out parameter which will contain the list of allowed providers + */ + IMPORT_C void AllowedProviders(RProviderArray& aAllowedProviders); + + /** + * Get Method. + * + * Gets the list of Allowed providers + * + * @param aDeniedProviders RProviderArray In/Out parameter which will contain the list of denied providers + */ + IMPORT_C void DeniedProviders(RProviderArray& aDeniedProviders); + + /** + * Get Method + * + * Gets the script Identifier. + * + * @return TExecutableID the script identifier + */ + IMPORT_C TExecutableID ScriptID(); + + /** + * Set Method. + * + * Sets the list of Allowed providers + * + * @param aAllowedProviders RProviderArray input parameter which contains the list of allowed providers + */ + IMPORT_C void setAllowedProviders(RProviderArray aAllowedProviders); + + /** + * Set Method. + * + * Sets the list of Denied providers + * + * @param aDeniedProviders RProviderArray input parameter which contains the list of denied providers + */ + IMPORT_C void setDeniedProviders(RProviderArray aDeniedProviders); + + /** + * Set Method + * + * Sets the script Identifier. + * + * @param TExecutableID the script identifier + */ + IMPORT_C void setScriptID(TExecutableID aScriptId); + + /* + * Creates an HBufC8 representation of CRTPermGrantMessage + * + * @return HBufC8* buffer representation of CRTPermGrantMessage + */ + IMPORT_C HBufC8* PackMessageL(); + + private: + CRTPermGrantMessage(); + CRTPermGrantMessage(RProviderArray aAllowedProviders,RProviderArray aDeniedProviders,TExecutableID aScriptId); + void ConstructL(const TDesC8& aBuf); + void InternalizeL(RReadStream& aSink); + void ExternalizeL(RWriteStream& aSource); + private: + RProviderArray iAllowedProviders; + RProviderArray iDeniedProviders; + TExecutableID iScriptId; + }; + #endif // RTSECMGRMSG_H diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerclient/BWINS/RTSecMgrClientU.DEF --- a/rtsecuritymanager/rtsecuritymanagerclient/BWINS/RTSecMgrClientU.DEF Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerclient/BWINS/RTSecMgrClientU.DEF Thu Sep 10 12:58:32 2009 +0300 @@ -18,4 +18,6 @@ ?UnSetPolicy@CRTSecManager@@QAEHH@Z @ 17 NONAME ; int CRTSecManager::UnSetPolicy(int) ?UpdatePolicy@CRTSecManager@@QAEHHABVRFile@@@Z @ 18 NONAME ; int CRTSecManager::UpdatePolicy(int, class RFile const &) ?UpdatePolicy@CRTSecManager@@QAEHHABVTDesC8@@@Z @ 19 NONAME ; int CRTSecManager::UpdatePolicy(int, class TDesC8 const &) + ?IsAllowed@CRTSecMgrScriptSession@@QAEHABV?$RArray@W4TCapability@@@@VTUid@@V?$TBuf@$0BAA@@@@Z @ 20 NONAME ; int CRTSecMgrScriptSession::IsAllowed(class RArray const &, class TUid, class TBuf<256>) + ?SetApplicationNameL@CRTSecMgrScriptSession@@QAEXABVTDesC16@@@Z @ 21 NONAME ; void CRTSecMgrScriptSession::SetApplicationNameL(class TDesC16 const &) diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerclient/EABI/RTSecMgrClientU.DEF --- a/rtsecuritymanager/rtsecuritymanagerclient/EABI/RTSecMgrClientU.DEF Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerclient/EABI/RTSecMgrClientU.DEF Thu Sep 10 12:58:32 2009 +0300 @@ -24,4 +24,6 @@ _ZN22CRTSecMgrScriptSessionD0Ev @ 23 NONAME _ZN22CRTSecMgrScriptSessionD1Ev @ 24 NONAME _ZN22CRTSecMgrScriptSessionD2Ev @ 25 NONAME + _ZN22CRTSecMgrScriptSession19SetApplicationNameLERK7TDesC16 @ 26 NONAME + _ZN22CRTSecMgrScriptSession9IsAllowedERK6RArrayI11TCapabilityE4TUid4TBufILi256EE @ 27 NONAME diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerclient/data/rtsecmanager.rss --- a/rtsecuritymanager/rtsecuritymanagerclient/data/rtsecmanager.rss Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerclient/data/rtsecmanager.rss Thu Sep 10 12:58:32 2009 +0300 @@ -110,6 +110,8 @@ RESOURCE TBUF r_rtsecmgr_item_more_info { buf=qtn_rtsecmgr_item_more_info; } RESOURCE TBUF r_rtsecmgr_more_info_query { buf=qtn_rtsecmgr_info_about_group; } RESOURCE TBUF r_rtsecmgr_cost_info { buf=qtn_rtsecmgr_prompt_cost_network; } +RESOURCE TBUF r_default_application_name {buf=qtn_rtsecmgr_prompt_query_application;} + RESOURCE LISTBOX r_setting_app_listbox { flags = EEikListBoxMultipleSelection; diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerclient/group/rtsecmgrclient.mmp --- a/rtsecuritymanager/rtsecuritymanagerclient/group/rtsecmgrclient.mmp Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerclient/group/rtsecmgrclient.mmp Thu Sep 10 12:58:32 2009 +0300 @@ -30,7 +30,7 @@ CAPABILITY CAP_CLIENT_DLL VENDORID VID_DEFAULT -VERSION 10.1 +VERSION 10.2 paged MW_LAYER_SYSTEMINCLUDE diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerclient/inc/rtsecmgrclient.h --- a/rtsecuritymanager/rtsecuritymanagerclient/inc/rtsecmgrclient.h Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerclient/inc/rtsecmgrclient.h Thu Sep 10 12:58:32 2009 +0300 @@ -332,6 +332,19 @@ */ TInt UpdatePermGrant(TExecutableID aScriptID, TPermGrant aPermGrant, TPermGrant aPermDenied) const; + + /** + * Updates the blanket permission data of the script + * + * @param aScriptID TExecutableID Identifier of the scipt + * @param aAllowedProviders RProviderArray Blanket allowed providers + * @param aDeniedProviders RProviderArray Blanket denied providers + * + * @return KErrNone if update of blanket permission successul; Otherwise one of + * system wide error codes + * + */ + TInt UpdatePermGrant(TExecutableID aScriptID, RProviderArray aAllowedProviders, RProviderArray aDeniedProviders) const; private: diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerclient/loc/rtsecmanager.loc --- a/rtsecuritymanager/rtsecuritymanagerclient/loc/rtsecmanager.loc Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerclient/loc/rtsecmanager.loc Thu Sep 10 12:58:32 2009 +0300 @@ -386,5 +386,13 @@ // #define qtn_rtsecmgr_info_about_group "Application needs following permissions from the group" +//d: Runtime security manager prompt text +//l: popup_info_list_pane_t1 +//w: +//r:5.0 +// +#define qtn_rtsecmgr_prompt_query_application "Application" + + // End of File diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerclient/src/rtsecmgrclient.cpp --- a/rtsecuritymanager/rtsecuritymanagerclient/src/rtsecmgrclient.cpp Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerclient/src/rtsecmgrclient.cpp Thu Sep 10 12:58:32 2009 +0300 @@ -637,6 +637,20 @@ } // +//Updates the blanket permission data of the script +// +TInt RSecMgrSubSession::UpdatePermGrant(TExecutableID aScriptID, + RProviderArray aAllowedProviders, RProviderArray aDeniedProviders) const + { + CRTPermGrantMessage* msg = CRTPermGrantMessage::NewL(aAllowedProviders , aDeniedProviders , aScriptID); + HBufC8* buffer = msg->PackMessageL(); + TIpcArgs args(buffer); + TInt ret = SendReceive (EUpdatePermanentGrantProvider, args); + delete buffer; + delete msg; + return ret; + } +// // Close the subsession. // void RSecMgrSubSession::Close() diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerclient/src/rtsecmgrscriptsession.cpp --- a/rtsecuritymanager/rtsecuritymanagerclient/src/rtsecmgrscriptsession.cpp Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerclient/src/rtsecmgrscriptsession.cpp Thu Sep 10 12:58:32 2009 +0300 @@ -40,12 +40,15 @@ #include "rtsecmgrclient.h" #include "rtsecmgrdef.h" +#define FIRST_RESOURCE_ID(x) ((x)+2); + //security manager resource file literal _LIT(KSecMgrResourceFile, "RTSecManager.RSC"); //constant for descriptor array granularity const TInt KDescArrayInit = 6; -const TInt KMaxBuf=256; +const TInt KMaxBuf=255; + //typedef of selection index array typedef RArray RSelIdxArray; @@ -159,12 +162,10 @@ // --------------------------------------------------------------------------- // CRTSecMgrScriptSession::CRTSecMgrScriptSession(MSecMgrPromptHandler* aPromptHdlr) : - iPermBits(KDefaultNullBit), iDeniedBits(KDefaultNullBit), - iPromptHdlr(aPromptHdlr), iUIPromptOption(RTPROMPTUI_DEFAULT), isCustomPrompt(EFalse) + iPromptHdlr(aPromptHdlr), iUIPromptOption(RTPROMPTUI_DEFAULT), isCustomPrompt(EFalse) { - _sessionInfo.AllowedCaps = KDefaultNullBit; - _sessionInfo.DeniedCaps = KDefaultNullBit; -} + iSessionData = NULL; + } // --------------------------------------------------------------------------- // Defintiion of second-phase constructor @@ -210,15 +211,26 @@ iPromptHdlr = this; //default prompt handler isCustomPrompt = ETrue ; } - - + _permanentInfo = new(ELeave) TPermanentInfo; + _sessionData.sessionInfo = new(ELeave) TSessionInfo; + _sessionData.sessionInfo->AllowedCaps = KDefaultNullBit; + _sessionData.sessionInfo->DeniedCaps = KDefaultNullBit; + _sessionData.sessionInfo->AllowedProviders.Reset(); + _sessionData.sessionInfo->DeniedProviders.Reset(); + _permanentInfo->iAllowedBits = KDefaultNullBit; + _permanentInfo->iDeniedBits = KDefaultNullBit; + _permanentInfo->iAllowedProviders.Reset(); + _permanentInfo->iDeniedProviders.Reset(); + iResourceOffsetArray.Reset(); } +//--------------------------------------------------------------------------------- +//Method to add the resource files to CONE environment. +//--------------------------------------------------------------------------------- void CRTSecMgrScriptSession::AddResourceFiles() { if(iCoeEnv) - { - + { CDesCArray* diskList = new (ELeave) CDesCArrayFlat(KDescArrayInit); CleanupStack::PushL (diskList); @@ -236,21 +248,69 @@ BaflUtils::NearestLanguageFile (iCoeEnv->FsSession (), resFile); if ( BaflUtils::FileExists (iCoeEnv->FsSession (), resFile)) { - TRAPD (err, iResourceOffset = iCoeEnv->AddResourceFileL (resFile)); + TRAPD (err, iResourceOffsetArray.Append(iCoeEnv->AddResourceFileL (resFile))); User::LeaveIfError (err); break; } } - CleanupStack::PopAndDestroy (diskList); } } +//--------------------------------------------------------------------------------------- +//Method to add provider resource files into the CONE environment +//Returns the first resource identifier which has the prompt string +//--------------------------------------------------------------------------------------- +TInt CRTSecMgrScriptSession::AddProviderResourceFile(TFileName aResourceFileName) + { + RResourceFile resFile; + TInt resID(KErrNone); + if(iCoeEnv) + { + CDesCArray* diskList = new (ELeave) CDesCArrayFlat(KDescArrayInit); + CleanupStack::PushL (diskList); + + BaflUtils::GetDiskListL (iCoeEnv->FsSession (), *diskList); + for (TInt idx(0); idxCount ();++idx) + { + TInt intDrive; + TChar ch = ((*diskList)[idx])[0]; + RFs::CharToDrive (ch, intDrive); + TDriveUnit curDrive(intDrive); + + TFileName resFileName(curDrive.Name ()); + resFileName.Append (KDC_APP_RESOURCE_DIR); + resFileName.Append (aResourceFileName); + BaflUtils::NearestLanguageFile (iCoeEnv->FsSession (), resFileName); + if ( BaflUtils::FileExists (iCoeEnv->FsSession (), resFileName)) + { + TRAPD(err,resFile.OpenL(iCoeEnv->FsSession(),resFileName)); + if(err == KErrNone) + { + resFile.ConfirmSignatureL(0); + resID = FIRST_RESOURCE_ID(resFile.Offset()); + resFile.Close(); + iResourceOffsetArray.Append(iCoeEnv->AddResourceFileL (resFileName)); + break; + } + } + } + CleanupStack::PopAndDestroy(diskList); + } + return resID; + } + +//-------------------------------------------------------------------------------------------- +//Close the resource files previously added +//-------------------------------------------------------------------------------------------- void CRTSecMgrScriptSession::CloseResourceFiles() { - if ( iResourceOffset && iCoeEnv) - iCoeEnv->DeleteResourceFile (iResourceOffset); - iResourceOffset = 0; + if (iCoeEnv) + { + for(TInt i(0); i < iResourceOffsetArray.Count(); i++) + iCoeEnv->DeleteResourceFile (iResourceOffsetArray[i]); + iResourceOffsetArray.Reset(); + } } // --------------------------------------------------------------------------- // Destructor @@ -259,6 +319,17 @@ // EXPORT_C CRTSecMgrScriptSession::~CRTSecMgrScriptSession() { + _permanentInfo->iAllowedProviders.Close(); + _permanentInfo->iDeniedProviders.Close(); + _sessionData.sessionInfo->AllowedProviders.Close(); + _sessionData.sessionInfo->DeniedProviders.Close(); + delete _permanentInfo; + delete _sessionData.sessionInfo; + if(iSessionData) + { + delete iSessionData; + iSessionData = NULL; + } Close (); } @@ -279,10 +350,12 @@ TInt ret((*iSubSessionProxy)->Open (aParentSession, *iScript, aPolicyID)); if ( KErrNone==ret) - { - iPermBits = iScript->PermGranted (); - iDeniedBits = iScript->PermDenied (); - } + { + _permanentInfo->iAllowedBits = iScript->PermGranted (); + _permanentInfo->iDeniedBits = iScript->PermDenied (); + iScript->PermGranted(_permanentInfo->iAllowedProviders); + iScript->PermDenied(_permanentInfo->iDeniedProviders); + } return ret; } @@ -304,8 +377,10 @@ TInt ret((*iSubSessionProxy)->Open (aParentSession, *iScript, aPolicyID, aHashValue)); if ( KErrNone==ret) { - iPermBits = iScript->PermGranted (); - iDeniedBits = iScript->PermDenied (); + _permanentInfo->iAllowedBits = iScript->PermGranted (); + _permanentInfo->iDeniedBits = iScript->PermDenied (); + iScript->PermGranted(_permanentInfo->iAllowedProviders); + iScript->PermDenied(_permanentInfo->iDeniedProviders); } return ret; @@ -328,9 +403,11 @@ TInt ret((*iSubSessionProxy)->Open (aParentSession, *iScript, aPolicyID, aTrustInfo)); if ( KErrNone==ret) - { - iPermBits = iScript->PermGranted (); - iDeniedBits = iScript->PermDenied (); + { + _permanentInfo->iAllowedBits = iScript->PermGranted (); + _permanentInfo->iDeniedBits = iScript->PermDenied (); + iScript->PermGranted(_permanentInfo->iAllowedProviders); + iScript->PermDenied(_permanentInfo->iDeniedProviders); } return ret; @@ -391,13 +468,13 @@ capToCheck &= ~(iScript->PermissionSet().UnconditionalCaps()); /* Check if a;ready denied. No point in going forward */ - if(capToCheck & _sessionInfo.DeniedCaps || capToCheck & iDeniedBits) + if(capToCheck & _sessionData.sessionInfo->DeniedCaps || capToCheck & _permanentInfo->iDeniedBits) return EAccessNok; TCapabilityBitSet allowedCaps(KDefaultNullBit); - allowedCaps |= _sessionInfo.AllowedCaps; //for session allowed - allowedCaps &= ~iDeniedBits; - allowedCaps |= iPermBits; //for permanently allowed + allowedCaps |= _sessionData.sessionInfo->AllowedCaps; //for session allowed + allowedCaps &= ~_permanentInfo->iDeniedBits; + allowedCaps |= _permanentInfo->iAllowedBits; //for permanently allowed //In case if all the capabilities required by the service provider //are allowed without prompting @@ -428,13 +505,13 @@ capToCheck &= tempCapToCheck; if ( capToCheck ) { - if ( capToCheck & iDeniedBits) //check if permanently disabled + if ( capToCheck & _permanentInfo->iDeniedBits) //check if permanently disabled { allowedCaps &= ~tempCapToCheck; //just in case... - _sessionInfo.DeniedCaps &= ~tempCapToCheck; //just in case... + _sessionData.sessionInfo->DeniedCaps &= ~tempCapToCheck; //just in case... } else - if ( capToCheck & _sessionInfo.DeniedCaps) //not necessary to do this check... + if ( capToCheck & _sessionData.sessionInfo->DeniedCaps) //not necessary to do this check... { allowedCaps &= ~tempCapToCheck; //just in case... } @@ -449,10 +526,10 @@ if ( (perm->Condition() & RTUserPrompt_OneShot) ||(perm->Condition() & RTUserPrompt_Session) ||((perm->Condition() & RTUserPrompt_Permanent) && (iScript->ScriptID()!=KAnonymousScript))) { - if ( !(_sessionInfo.AllowedCaps & capToCheck)) + if ( !(_sessionData.sessionInfo->AllowedCaps & capToCheck)) { //check if it's denied for this session - if ( !(_sessionInfo.DeniedCaps & capToCheck)) + if ( !(_sessionData.sessionInfo->DeniedCaps & capToCheck)) { CPromptData* promptData = CPromptData::NewL();//should write NewL Function promptData->SetPermissions(*perm); @@ -502,12 +579,12 @@ if ( (iScript->ScriptID()!=KAnonymousScript)&&(isPermGrantModified)) UpdatePermGrant ();//commit perm grant change - finalCaps |= iPermBits ; + finalCaps |= _permanentInfo->iAllowedBits ; if((finalCaps & NetworkServices_CAP) && isCustomPrompt) PromptCostL() ; - finalCaps |= _sessionInfo.AllowedCaps ; + finalCaps |= _sessionData.sessionInfo->AllowedCaps ; if ( KErrNone == ((finalCaps & original_capToCheck) ^ original_capToCheck)) @@ -1099,46 +1176,46 @@ if ( RTUserPrompt_OneShot==optionChosen) { - _sessionInfo.AllowedCaps &= ~aCapBitSet; + _sessionData.sessionInfo->AllowedCaps &= ~aCapBitSet; aAllowedCaps = aCapBitSet; } else if ( RTUserPrompt_Denied==optionChosen) //one-shot denied { aAllowedCaps &= ~aCapBitSet; - _sessionInfo.AllowedCaps &= ~aCapBitSet; //disable in session pattern too... + _sessionData.sessionInfo->AllowedCaps &= ~aCapBitSet; //disable in session pattern too... } else if ( RTUserPrompt_Session==optionChosen) { - _sessionInfo.AllowedCaps |= aCapBitSet;//Enable in _sessionInfo.Allowed & allowed + _sessionData.sessionInfo->AllowedCaps |= aCapBitSet;//Enable in _sessionData.Allowed & allowed aAllowedCaps = aCapBitSet; } else if ( RTUserPrompt_SessionDenied==optionChosen) //session denied { aAllowedCaps &= ~aCapBitSet; - _sessionInfo.AllowedCaps &= ~aCapBitSet; //disable in session pattern too... - _sessionInfo.DeniedCaps |= aCapBitSet; //enable denied in session bit + _sessionData.sessionInfo->AllowedCaps &= ~aCapBitSet; //disable in session pattern too... + _sessionData.sessionInfo->DeniedCaps |= aCapBitSet; //enable denied in session bit } else if ( RTUserPrompt_Permanent==optionChosen) { aIsPermGrantModified = ETrue; //to commit the change to persistent store - _sessionInfo.AllowedCaps |= aCapBitSet; + _sessionData.sessionInfo->AllowedCaps |= aCapBitSet; aAllowedCaps = aCapBitSet; - iPermBits |= aCapBitSet; - iDeniedBits &= ~aCapBitSet; //just in case.... + _permanentInfo->iAllowedBits |= aCapBitSet; + _permanentInfo->iDeniedBits &= ~aCapBitSet; //just in case.... } else if ( RTUserPrompt_PermDenied==optionChosen) //permanent denied { aIsPermGrantModified = ETrue; aAllowedCaps &= ~aCapBitSet; - _sessionInfo.AllowedCaps &= ~aCapBitSet; //disable in session pattern too... - _sessionInfo.DeniedCaps |= aCapBitSet; //enable denied in session bit - iPermBits &= ~aCapBitSet; //disable in perm bits - iDeniedBits |= aCapBitSet; //enable in perm denied bit pattern + _sessionData.sessionInfo->AllowedCaps &= ~aCapBitSet; //disable in session pattern too... + _sessionData.sessionInfo->DeniedCaps |= aCapBitSet; //enable denied in session bit + _permanentInfo->iAllowedBits &= ~aCapBitSet; //disable in perm bits + _permanentInfo->iDeniedBits |= aCapBitSet; //enable in perm denied bit pattern //Commit the change to persistent store... } } @@ -1149,8 +1226,10 @@ // void CRTSecMgrScriptSession::UpdatePermGrant() { - (*iSubSessionProxy)->UpdatePermGrant (iScript->ScriptID (), iPermBits, - iDeniedBits); + if(iUIPromptOption == RTPROMPTUI_PROVIDER) + (*iSubSessionProxy)->UpdatePermGrant (iScript->ScriptID (),_permanentInfo->iAllowedProviders, _permanentInfo->iDeniedProviders); + else + (*iSubSessionProxy)->UpdatePermGrant (iScript->ScriptID (), _permanentInfo->iAllowedBits,_permanentInfo->iDeniedBits); } // @@ -1188,8 +1267,9 @@ */ void CRTSecMgrScriptSession::Close() { - if ( iResourceOffset && iCoeEnv) - iCoeEnv->DeleteResourceFile (iResourceOffset); + if (iCoeEnv) + for(TInt i(0); i < iResourceOffsetArray.Count(); i++) + iCoeEnv->DeleteResourceFile (iResourceOffsetArray[i]); if ( iScript) { @@ -1213,3 +1293,195 @@ (cb->iRTSecMgrScriptSession)->MoreInfoL(*(cb->iPromptData)); return KErrNone; } + +//--------------------------------------------------------------------------------------------------- +//Overloaded IsAllowed method for provider based prompting +//--------------------------------------------------------------------------------------------------- +EXPORT_C TInt CRTSecMgrScriptSession::IsAllowed(const RCapabilityArray& aCapabilitiesToCheck, + TProviderUid aProviderUid, + TFileName aResourceFileName) +{ + if ( aCapabilitiesToCheck.Count () <= 0) + { + return EAccessOk; //if no capabilities are required, safely return + } + if ( aCapabilitiesToCheck.Find(ECapabilityTCB) != KErrNotFound) + return EAccessNok; + + if((aProviderUid.iUid <= KErrNone) || ((aResourceFileName.Compare(KNullDesC))==KErrNone)) + return ErrInvalidParameters; + + TInt stackResCnt(0); + TCapabilityBitSet capToCheck(KDefaultNullBit); + for (TInt i(0); i!=aCapabilitiesToCheck.Count (); ++i) + AddCapability (capToCheck, aCapabilitiesToCheck[i]); + + capToCheck &= ~(iScript->PermissionSet().UnconditionalCaps()); + if (!capToCheck) + return EAccessOk; + if((_sessionData.sessionInfo->DeniedProviders.Find(aProviderUid) != KErrNotFound) || (_permanentInfo->iDeniedProviders.Find(aProviderUid) != KErrNotFound)) + return EAccessNok; + + if((_sessionData.sessionInfo->AllowedProviders.Find(aProviderUid) != KErrNotFound)|| (_permanentInfo->iAllowedProviders.Find(aProviderUid) != KErrNotFound)) + return EAccessOk; + + TBool isPermGrantModified(EFalse); + RPermissions perms = iScript->PermissionSet().Permissions(); + TCapabilityBitSet tempCapToCheck(KDefaultNullBit); + + //All the capabilities allowed for the domain + for (TInt permIdx(0); permIdx!=perms.Count();++permIdx) + { + tempCapToCheck |= perms[permIdx]->PermissionData(); + } + + //If the capabilities is allowed with prompting + if((tempCapToCheck & capToCheck) == capToCheck) + { + /*TODO: Changes based on the decision on what needs + to be done of the default capability is different + for capabilities required by the provider. Presently taking least duration*/ + TUserPromptOption defaultOption(RTUserPrompt_OneShot); + for(TInt i=0; i < perms.Count(); i++) + { + if((perms[i]->Default() == RTUserPrompt_OneShot) && (perms[i]->PermissionData() & capToCheck)) + { + defaultOption = RTUserPrompt_OneShot; + break; + } + else if((perms[i]->Default() == RTUserPrompt_Session) && (perms[i]->PermissionData() & capToCheck)) + { + defaultOption = RTUserPrompt_Session; + } + else if((perms[i]->Default() == RTUserPrompt_Permanent) && (perms[i]->PermissionData() & capToCheck) && (defaultOption != RTUserPrompt_Session)) + { + defaultOption = RTUserPrompt_Permanent; + } + } + //= perms[0]->Default(); + //TUserPromptOption defaultOption(RTUserPrompt_Session); + AddResourceFiles(); + TInt resID(KErrNone); + resID = AddProviderResourceFile(aResourceFileName); + + if(resID <= KErrNone) + return KErrNotFound; + + HBufC* messageBody = NULL; + + //Get the application name. If not set use the default name + if(iSessionData != NULL ) + { + TPtr appNamePtr = iSessionData->Des(); + messageBody = StringLoader::LoadL( resID, appNamePtr, iCoeEnv ); + CleanupStack::PushL(messageBody); + ++stackResCnt; + } + else + { + HBufC* defaultName = iCoeEnv->AllocReadResourceLC(R_DEFAULT_APPLICATION_NAME); + TPtr defaultNamePtr = defaultName->Des(); + messageBody = StringLoader::LoadL( resID, defaultNamePtr, iCoeEnv ); + CleanupStack::PopAndDestroy(defaultName); + CleanupStack::PushL(messageBody); + ++stackResCnt; + } + + CAknMessageQueryDialog* queryDialog = new(ELeave) CAknMessageQueryDialog(); + CleanupStack::PushL (queryDialog); + ++stackResCnt; + + queryDialog->PrepareLC (R_ADVPROMPT_MESSAGE_QUERY); + + queryDialog->SetMessageTextL(messageBody->Des()); + + HBufC* headerText(NULL); + CAknPopupHeadingPane* heading = queryDialog->QueryHeading (); + if ( heading) + { + heading->SetLayout (CAknPopupHeadingPane::EMessageQueryHeadingPane); + headerText = iCoeEnv->AllocReadResourceLC (R_RTSECMGR_PROMPT_QUERY_HEADER); + heading->SetTextL (headerText->Des ()); + ++stackResCnt; + } + + TInt ret(EAccessNok); + TBool costPromptRequired(EFalse); + CleanupStack::Pop (stackResCnt); + TInt queryOk = queryDialog->RunLD (); + if ( queryOk == EAknSoftkeyYes) + { + + if ( defaultOption & RTUserPrompt_OneShot) + { + ret = EAccessOk; + } + else if ( defaultOption& RTUserPrompt_Session) + { + _sessionData.sessionInfo->AllowedProviders.Append(aProviderUid); //session allow + ret = EAccessOk; + } + else if ( defaultOption& RTUserPrompt_Permanent) + { + _sessionData.sessionInfo->AllowedProviders.Append(aProviderUid); //session allow + _permanentInfo->iAllowedProviders.Append(aProviderUid); //permanent allow + isPermGrantModified = ETrue; //Flag for server update + ret = EAccessOk; + } + else + { + ret = EAccessNok; + } + } + else + { + if ( defaultOption & RTUserPrompt_OneShot) + { + ret = EAccessNok; + } + else if ( defaultOption& RTUserPrompt_Session) + { + _sessionData.sessionInfo->DeniedProviders.Append(aProviderUid); //session deny + ret = EAccessNok; + } + else if ( defaultOption& RTUserPrompt_Permanent) + { + _sessionData.sessionInfo->DeniedProviders.Append(aProviderUid); //session deny + _permanentInfo->iDeniedProviders.Append(aProviderUid); //permanent deny + isPermGrantModified = ETrue; //Flag for server update + ret = EAccessNok; + } + } + CloseResourceFiles(); + + /* If its a pre-registered script and perm grant is modified update server */ + if(isPermGrantModified && (iScript->ScriptID() != KAnonymousScript)) + UpdatePermGrant(); + + if(messageBody) + delete messageBody; + + if(headerText) + delete headerText; + + return ret; + } + return EAccessNok; + } + +//--------------------------------------------------------------------------------------------- +//Method to set the application name. +//Called by the runtimes to set the name of the widget/flash content +//--------------------------------------------------------------------------------------------- +EXPORT_C void CRTSecMgrScriptSession::SetApplicationNameL(const TDesC& aName) + { + if(iSessionData) + { + delete iSessionData; + iSessionData = NULL; + } + /* Limit on the length of the application name */ + /*if(aName.Length() > KMaxAppName) + User::Leave(KErrOverflow);*/ + iSessionData = aName.AllocL(); + } diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerserver/group/RTSecMgrServer.mmp --- a/rtsecuritymanager/rtsecuritymanagerserver/group/RTSecMgrServer.mmp Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerserver/group/RTSecMgrServer.mmp Thu Sep 10 12:58:32 2009 +0300 @@ -34,7 +34,7 @@ CAPABILITY CAP_SERVER -VERSION 10.1 +VERSION 10.2 paged SOURCEPATH ../src diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerserver/inc/rtsecmgrscriptmanager.h --- a/rtsecuritymanager/rtsecuritymanagerserver/inc/rtsecmgrscriptmanager.h Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerserver/inc/rtsecmgrscriptmanager.h Thu Sep 10 12:58:32 2009 +0300 @@ -141,6 +141,18 @@ */ void UpdatePermGrantL(TExecutableID aExecID, TPermGrant aPermGrant, TPermGrant aPermDenied); + + /** + * Updates permanently granted or denied permission data + * of the script + * + * @param aExecID TExecutableID script identifier + * @param aPermGrant TPermGrant permanently allowed permission + * @param aPermDenied TPermGrant permanently denied permission + * + */ + void UpdatePermGrantL(TExecutableID aExecID, RProviderArray aAllowedProviders, + RProviderArray aDeniedProviders); /** * Gets the script file name diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerserver/inc/rtsecmgrserver.h --- a/rtsecuritymanager/rtsecuritymanagerserver/inc/rtsecmgrserver.h Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerserver/inc/rtsecmgrserver.h Thu Sep 10 12:58:32 2009 +0300 @@ -276,6 +276,18 @@ TPermGrant aPermDenied); /* + * Utility method to update the permanently allowed or denied + * permissions for the script object + * + * @param aExecID TExecutableID script identifier of script object whose + * permanent permissions are modified + * @param aPermGrant TPermGrant permanently allowed permissions + * @param aPermDenied TPermGrant permanently denied permissions + * + */ + void UpdatePermGrantL(TExecutableID aExecID, RProviderArray aAllowedProviders, + RProviderArray aDeniedProviders); + /* * Utility method to create a backup for the policy file * * @param aPolicyID TPolicyID policy identifier for the file diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerserver/inc/rtsecmgrserver.inl --- a/rtsecuritymanager/rtsecuritymanagerserver/inc/rtsecmgrserver.inl Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerserver/inc/rtsecmgrserver.inl Thu Sep 10 12:58:32 2009 +0300 @@ -78,6 +78,12 @@ iScriptMgr->UpdatePermGrantL (aExecID, aPermGrant, aPermDenied); } +inline void CRTSecMgrServer::UpdatePermGrantL(TExecutableID aExecID, + RProviderArray aAllowedProviders,RProviderArray aDeniedProviders) + { + iScriptMgr->UpdatePermGrantL (aExecID, aAllowedProviders, aDeniedProviders); + } + inline TInt CRTSecMgrServer::ReadCounter(TExecutableID& aExecID) { return iSecMgrDb->ReadCounter (aExecID); diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerserver/inc/rtsecmgrsubsession.h --- a/rtsecuritymanager/rtsecuritymanagerserver/inc/rtsecmgrsubsession.h Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerserver/inc/rtsecmgrsubsession.h Thu Sep 10 12:58:32 2009 +0300 @@ -70,6 +70,14 @@ * */ void UpdatePermGrantL(const RMessage2& aMessage); + + /** + * Handles update permanent permission service + * + * @param aMessage const RMessage2& Input message + * + */ + void UpdatePermGrantProviderL(const RMessage2& aMessage); /** * Gets script identifier of the underlying script object diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerserver/src/rtsecmgrclientapi.cpp --- a/rtsecuritymanager/rtsecuritymanagerserver/src/rtsecmgrclientapi.cpp Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerserver/src/rtsecmgrclientapi.cpp Thu Sep 10 12:58:32 2009 +0300 @@ -400,3 +400,31 @@ aMessage.Write (EMsgArgZero, pkg); } } + +void CRTSecMgrSubSession::UpdatePermGrantProviderL(const RMessage2& aMessage) + { + HBufC8* desData = HBufC8::NewLC (KMaxMsgLength); + TPtr8 readPtr(desData->Des ()); + aMessage.ReadL (EMsgArgZero, readPtr); + CRTPermGrantMessage *msg = CRTPermGrantMessage::NewLC(readPtr); + + if ( !iSession->IsScriptSessionOpen(msg->ScriptID(),this)) + { + RProviderArray allowedProviders; + RProviderArray deniedProviders; + allowedProviders.Reset(); + deniedProviders.Reset(); + msg->AllowedProviders(allowedProviders); + msg->DeniedProviders(deniedProviders); + iSecMgrServer->UpdatePermGrantL (msg->ScriptID(),allowedProviders,deniedProviders); + allowedProviders.Close(); + deniedProviders.Close(); + } + else + { + TPckgBuf pkg((TInt)ErrUpdatePermGrantFailed); + aMessage.Write (EMsgArgZero, pkg); + } + CleanupStack::PopAndDestroy(msg); + CleanupStack::PopAndDestroy(desData); + } diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerserver/src/rtsecmgrscriptmanager.cpp --- a/rtsecuritymanager/rtsecuritymanagerserver/src/rtsecmgrscriptmanager.cpp Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerserver/src/rtsecmgrscriptmanager.cpp Thu Sep 10 12:58:32 2009 +0300 @@ -204,3 +204,18 @@ } } } + +void CScriptManager::UpdatePermGrantL(TExecutableID aExecID,RProviderArray aAllowedProviders, + RProviderArray aDeniedProviders) +{ + for(TInt i(0);i!=iScripts.Count();++i) + { + if(iScripts[i]->ScriptID()==aExecID) + { + iScripts[i]->SetPermGranted(aAllowedProviders); + iScripts[i]->SetPermDenied(aDeniedProviders); + iSecMgrDB->WriteScriptInfoL(aExecID,*iScripts[i]); + return; + } + } +} diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerserver/src/rtsecmgrserversession.cpp --- a/rtsecuritymanager/rtsecuritymanagerserver/src/rtsecmgrserversession.cpp Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerserver/src/rtsecmgrserversession.cpp Thu Sep 10 12:58:32 2009 +0300 @@ -126,6 +126,9 @@ case EGetScriptFile: subSession->GetScriptFile (aMessage); return; + case EUpdatePermanentGrantProvider: + subSession->UpdatePermGrantProviderL (aMessage); + return; default: PanicClient (aMessage, EBadRequest); return; diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerutil/BWINS/RTSecMgrUtilU.DEF --- a/rtsecuritymanager/rtsecuritymanagerutil/BWINS/RTSecMgrUtilU.DEF Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerutil/BWINS/RTSecMgrUtilU.DEF Thu Sep 10 12:58:32 2009 +0300 @@ -57,4 +57,22 @@ ?SetPermissionSet@CScript@@QAEXABVCPermissionSet@@@Z @ 56 NONAME ; void CScript::SetPermissionSet(class CPermissionSet const &) ?UnconditionalCaps@CPermissionSet@@QBEKXZ @ 57 NONAME ; unsigned long CPermissionSet::UnconditionalCaps(void) const ?UnconditionalCaps@CPermissionSet@@QBEXAAV?$RArray@W4TCapability@@@@@Z @ 58 NONAME ; void CPermissionSet::UnconditionalCaps(class RArray &) const + ?PermDenied@CScript@@QAEXAAV?$RArray@VTUid@@@@@Z @ 59 NONAME ; void CScript::PermDenied(class RArray &) + ?PermGranted@CScript@@QAEXAAV?$RArray@VTUid@@@@@Z @ 60 NONAME ; void CScript::PermGranted(class RArray &) + ?SetPermDenied@CScript@@QAEXV?$RArray@VTUid@@@@@Z @ 61 NONAME ; void CScript::SetPermDenied(class RArray) + ?SetPermGranted@CScript@@QAEXV?$RArray@VTUid@@@@@Z @ 62 NONAME ; void CScript::SetPermGranted(class RArray) + ??1CRTPermGrantMessage@@UAE@XZ @ 63 NONAME ; CRTPermGrantMessage::~CRTPermGrantMessage(void) + ?AllowedProviders@CRTPermGrantMessage@@QAEXAAV?$RArray@VTUid@@@@@Z @ 64 NONAME ; void CRTPermGrantMessage::AllowedProviders(class RArray &) + ?DeniedProviders@CRTPermGrantMessage@@QAEXAAV?$RArray@VTUid@@@@@Z @ 65 NONAME ; void CRTPermGrantMessage::DeniedProviders(class RArray &) + ?NewL@CRTPermGrantMessage@@SAPAV1@ABVTDesC8@@@Z @ 66 NONAME ; class CRTPermGrantMessage * CRTPermGrantMessage::NewL(class TDesC8 const &) + ?NewL@CRTPermGrantMessage@@SAPAV1@V?$RArray@VTUid@@@@0H@Z @ 67 NONAME ; class CRTPermGrantMessage * CRTPermGrantMessage::NewL(class RArray, class RArray, int) + ?NewL@CRTPermGrantMessage@@SAPAV1@XZ @ 68 NONAME ; class CRTPermGrantMessage * CRTPermGrantMessage::NewL(void) + ?NewLC@CRTPermGrantMessage@@SAPAV1@ABVTDesC8@@@Z @ 69 NONAME ; class CRTPermGrantMessage * CRTPermGrantMessage::NewLC(class TDesC8 const &) + ?NewLC@CRTPermGrantMessage@@SAPAV1@V?$RArray@VTUid@@@@0H@Z @ 70 NONAME ; class CRTPermGrantMessage * CRTPermGrantMessage::NewLC(class RArray, class RArray, int) + ?NewLC@CRTPermGrantMessage@@SAPAV1@XZ @ 71 NONAME ; class CRTPermGrantMessage * CRTPermGrantMessage::NewLC(void) + ?PackMessageL@CRTPermGrantMessage@@QAEPAVHBufC8@@XZ @ 72 NONAME ; class HBufC8 * CRTPermGrantMessage::PackMessageL(void) + ?ScriptID@CRTPermGrantMessage@@QAEHXZ @ 73 NONAME ; int CRTPermGrantMessage::ScriptID(void) + ?setAllowedProviders@CRTPermGrantMessage@@QAEXV?$RArray@VTUid@@@@@Z @ 74 NONAME ; void CRTPermGrantMessage::setAllowedProviders(class RArray) + ?setDeniedProviders@CRTPermGrantMessage@@QAEXV?$RArray@VTUid@@@@@Z @ 75 NONAME ; void CRTPermGrantMessage::setDeniedProviders(class RArray) + ?setScriptID@CRTPermGrantMessage@@QAEXH@Z @ 76 NONAME ; void CRTPermGrantMessage::setScriptID(int) diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerutil/EABI/RTSecMgrUtilU.DEF --- a/rtsecuritymanager/rtsecuritymanagerutil/EABI/RTSecMgrUtilU.DEF Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerutil/EABI/RTSecMgrUtilU.DEF Thu Sep 10 12:58:32 2009 +0300 @@ -65,4 +65,24 @@ _ZNK7CScript13PermissionSetEv @ 64 NONAME _ZNK7CScript8PolicyIDEv @ 65 NONAME _ZNK7CScript8ScriptIDEv @ 66 NONAME + _ZN19CRTPermGrantMessage11setScriptIDEi @ 67 NONAME + _ZN19CRTPermGrantMessage12PackMessageLEv @ 68 NONAME + _ZN19CRTPermGrantMessage15DeniedProvidersER6RArrayI4TUidE @ 69 NONAME + _ZN19CRTPermGrantMessage16AllowedProvidersER6RArrayI4TUidE @ 70 NONAME + _ZN19CRTPermGrantMessage18setDeniedProvidersE6RArrayI4TUidE @ 71 NONAME + _ZN19CRTPermGrantMessage19setAllowedProvidersE6RArrayI4TUidE @ 72 NONAME + _ZN19CRTPermGrantMessage4NewLE6RArrayI4TUidES2_i @ 73 NONAME + _ZN19CRTPermGrantMessage4NewLERK6TDesC8 @ 74 NONAME + _ZN19CRTPermGrantMessage4NewLEv @ 75 NONAME + _ZN19CRTPermGrantMessage5NewLCE6RArrayI4TUidES2_i @ 76 NONAME + _ZN19CRTPermGrantMessage5NewLCERK6TDesC8 @ 77 NONAME + _ZN19CRTPermGrantMessage5NewLCEv @ 78 NONAME + _ZN19CRTPermGrantMessage8ScriptIDEv @ 79 NONAME + _ZN19CRTPermGrantMessageD0Ev @ 80 NONAME + _ZN19CRTPermGrantMessageD1Ev @ 81 NONAME + _ZN19CRTPermGrantMessageD2Ev @ 82 NONAME + _ZN7CScript10PermDeniedER6RArrayI4TUidE @ 83 NONAME + _ZN7CScript11PermGrantedER6RArrayI4TUidE @ 84 NONAME + _ZN7CScript13SetPermDeniedE6RArrayI4TUidE @ 85 NONAME + _ZN7CScript14SetPermGrantedE6RArrayI4TUidE @ 86 NONAME diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerutil/group/RTSecMgrUtil.mmp --- a/rtsecuritymanager/rtsecuritymanagerutil/group/RTSecMgrUtil.mmp Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerutil/group/RTSecMgrUtil.mmp Thu Sep 10 12:58:32 2009 +0300 @@ -30,7 +30,7 @@ CAPABILITY CAP_GENERAL_DLL VENDORID VID_DEFAULT -VERSION 10.1 +VERSION 10.2 paged MW_LAYER_SYSTEMINCLUDE diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerutil/src/rtsecmgrmsg.cpp --- a/rtsecuritymanager/rtsecuritymanagerutil/src/rtsecmgrmsg.cpp Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerutil/src/rtsecmgrmsg.cpp Thu Sep 10 12:58:32 2009 +0300 @@ -118,3 +118,165 @@ iHashMarker = HBufC::NewL (aStream, KMaxHashValueDesLen); iPolicyID = aStream.ReadInt32L (); // Read iPolicyID } + +EXPORT_C CRTPermGrantMessage::~CRTPermGrantMessage() + { + iAllowedProviders.Close(); + iDeniedProviders.Close(); + } + +EXPORT_C CRTPermGrantMessage* CRTPermGrantMessage::NewL() + { + CRTPermGrantMessage* self = CRTPermGrantMessage::NewLC(); + CleanupStack::Pop(self); + return self; + } + +EXPORT_C CRTPermGrantMessage* CRTPermGrantMessage::NewLC() + { + CRTPermGrantMessage* self = new(ELeave) CRTPermGrantMessage(); + CleanupStack::PushL(self); + return self; + } + +EXPORT_C CRTPermGrantMessage* CRTPermGrantMessage::NewL(const TDesC8& aBuf) + { + CRTPermGrantMessage* self = CRTPermGrantMessage::NewLC(aBuf); + CleanupStack::Pop(self); + return self; + } + +EXPORT_C CRTPermGrantMessage* CRTPermGrantMessage::NewLC(const TDesC8& aBuf) + { + CRTPermGrantMessage* self = new(ELeave) CRTPermGrantMessage(); + CleanupStack::PushL(self); + self->ConstructL(aBuf); + return self; + } + +EXPORT_C CRTPermGrantMessage* CRTPermGrantMessage::NewL(RProviderArray aAllowedProviders, RProviderArray aDeniedProviders,TExecutableID aScriptId) + { + CRTPermGrantMessage* self = CRTPermGrantMessage::NewLC(aAllowedProviders,aDeniedProviders,aScriptId); + CleanupStack::Pop(self); + return self; + } + +EXPORT_C CRTPermGrantMessage* CRTPermGrantMessage::NewLC(RProviderArray aAllowedProviders, RProviderArray aDeniedProviders,TExecutableID aScriptId) + { + CRTPermGrantMessage* self = new(ELeave) CRTPermGrantMessage(aAllowedProviders,aDeniedProviders,aScriptId); + CleanupStack::PushL(self); + return self; + } + +CRTPermGrantMessage::CRTPermGrantMessage() + { + + } + +CRTPermGrantMessage::CRTPermGrantMessage(RProviderArray aAllowedProviders,RProviderArray aDeniedProviders,TExecutableID aScriptId) + { + iAllowedProviders.Reset(); + for(TInt i(0); i < aAllowedProviders.Count(); i++) + iAllowedProviders.Append(aAllowedProviders[i]); + iDeniedProviders.Reset(); + for(TInt i(0); i < aDeniedProviders.Count(); i++) + iDeniedProviders.Append(aDeniedProviders[i]); + iScriptId = aScriptId; + } + +void CRTPermGrantMessage::ConstructL(const TDesC8& aBuf) + { + RDesReadStream stream(aBuf); + CleanupClosePushL (stream); + InternalizeL (stream); + CleanupStack::PopAndDestroy (&stream); + } + +EXPORT_C void CRTPermGrantMessage::AllowedProviders(RProviderArray& aAllowedProviders) + { + aAllowedProviders.Reset(); + for(TInt i(0); i < iAllowedProviders.Count(); i++) + aAllowedProviders.Append(iAllowedProviders[i]); + } + +EXPORT_C void CRTPermGrantMessage::DeniedProviders(RProviderArray& aDeniedProviders) + { + aDeniedProviders.Reset(); + for(TInt i(0); i < iDeniedProviders.Count(); i++) + aDeniedProviders.Append(iDeniedProviders[i]); + } + +EXPORT_C TExecutableID CRTPermGrantMessage::ScriptID() + { + return iScriptId; + } + +EXPORT_C void CRTPermGrantMessage::setAllowedProviders(RProviderArray aAllowedProviders) + { + iAllowedProviders.Reset(); + for(TInt i(0); i < aAllowedProviders.Count(); i++) + iAllowedProviders.Append(aAllowedProviders[i]); + } + +EXPORT_C void CRTPermGrantMessage::setDeniedProviders(RProviderArray aDeniedProviders) + { + iDeniedProviders.Reset(); + for(TInt i(0); i < aDeniedProviders.Count(); i++) + iDeniedProviders.Append(aDeniedProviders[i]); + } + +EXPORT_C void CRTPermGrantMessage::setScriptID(TExecutableID aScriptId) + { + iScriptId = aScriptId; + } + +void CRTPermGrantMessage::InternalizeL(RReadStream& aSource) + { + iScriptId = aSource.ReadInt32L(); + TInt allowCnt = aSource.ReadInt32L(); + iAllowedProviders.Reset(); + for(TInt i(0); i < allowCnt; i++) + { + TInt uid = aSource.ReadInt32L(); + TUid allowPid = TUid::Uid(uid); + iAllowedProviders.Append(allowPid); + } + TInt denyCnt = aSource.ReadInt32L(); + iDeniedProviders.Reset(); + for(TInt i(0); i < denyCnt; i++) + { + TInt uid = aSource.ReadInt32L(); + TUid denyPid = TUid::Uid(uid); + iDeniedProviders.Append(denyPid); + } + } + +void CRTPermGrantMessage::ExternalizeL(RWriteStream& aSink) + { + aSink.WriteInt32L(iScriptId); + TInt cnt = iAllowedProviders.Count(); + aSink.WriteInt32L(cnt); + for(TInt i(0); i < iAllowedProviders.Count(); i++) + aSink.WriteInt32L(iAllowedProviders[i].iUid); + cnt = iDeniedProviders.Count(); + aSink.WriteInt32L(cnt); + for(TInt i(0); i < iDeniedProviders.Count(); i++) + aSink.WriteInt32L(iDeniedProviders[i].iUid); + } + +EXPORT_C HBufC8* CRTPermGrantMessage::PackMessageL() + { + // Dynamic data buffer + CBufFlat* buf = CBufFlat::NewL(KMaxMsgLength); + CleanupStack::PushL(buf); + RBufWriteStream stream(*buf); // Stream over the buffer + CleanupClosePushL(stream); + ExternalizeL(stream); + CleanupStack::PopAndDestroy(&stream); + // Create a heap descriptor from the buffer + HBufC8* des = HBufC8::NewL(buf->Size()); + TPtr8 ptr(des->Des()); + buf->Read(0, ptr, buf->Size()); + CleanupStack::PopAndDestroy(buf); // Finished with the buffer + return (des); + } diff -r 947415ec7603 -r a7062f7f0b79 rtsecuritymanager/rtsecuritymanagerutil/src/rtsecmgrscript.cpp --- a/rtsecuritymanager/rtsecuritymanagerutil/src/rtsecmgrscript.cpp Fri Jul 03 15:51:30 2009 +0100 +++ b/rtsecuritymanager/rtsecuritymanagerutil/src/rtsecmgrscript.cpp Thu Sep 10 12:58:32 2009 +0300 @@ -24,6 +24,7 @@ #include const TReal DEFAULT_VERSION(1.0); +const TReal VERSION_TWO(2.0); // --------------------------------------------------------------------------- // Destructor // --------------------------------------------------------------------------- @@ -33,6 +34,8 @@ delete iPermissionSet; if(iHashMark) delete iHashMark; + iAllowedProviders.Close(); + iDeniedProviders.Close(); } // --------------------------------------------------------------------------- @@ -84,7 +87,13 @@ iPolicyID = aRhs.iPolicyID; iPermGrant = aRhs.iPermGrant; iPermDenied = aRhs.iPermDenied; - + iAllowedProviders.Reset(); + for(TInt i(0); i < aRhs.iAllowedProviders.Count(); i++) + iAllowedProviders.Append(aRhs.iAllowedProviders[i]); + iDeniedProviders.Reset(); + for(TInt i(0); i < aRhs.iDeniedProviders.Count(); i++) + iDeniedProviders.Append(aRhs.iDeniedProviders[i]); + if(iHashMark) { delete iHashMark; @@ -168,12 +177,34 @@ } // --------------------------------------------------------------------------- +// Gets permanently granted permissions of the script +// --------------------------------------------------------------------------- +// +EXPORT_C void CScript::PermGranted(RProviderArray& aAllowedProviders) + { + aAllowedProviders.Reset(); + for(TInt i(0); i < iAllowedProviders.Count(); i++) + aAllowedProviders.Append(iAllowedProviders[i]); + } + +// --------------------------------------------------------------------------- +// Gets permanently denied permissions of the script +// --------------------------------------------------------------------------- +// +EXPORT_C void CScript::PermDenied(RProviderArray& aDeniedProviders) + { + aDeniedProviders.Reset(); + for(TInt i(0); i < iDeniedProviders.Count(); i++) + aDeniedProviders.Append(iDeniedProviders[i]); + } + +// --------------------------------------------------------------------------- // ExternalizeLs script data to stream // --------------------------------------------------------------------------- // EXPORT_C void CScript::ExternalizeL(RWriteStream& aSink) const { - aSink.WriteReal32L(DEFAULT_VERSION); + aSink.WriteReal32L(VERSION_TWO); iPermissionSet->ExternalizeL (aSink); aSink.WriteInt32L (iScriptID); aSink.WriteInt32L (iPolicyID); @@ -186,6 +217,14 @@ } else aSink.WriteInt32L(0); + + //Present only in version 2 and forward. + aSink.WriteInt32L(iAllowedProviders.Count()); + for(TInt i(0); i < iAllowedProviders.Count(); i++) + aSink.WriteInt32L(iAllowedProviders[i].iUid); + aSink.WriteInt32L(iDeniedProviders.Count()); + for(TInt i(0); i < iDeniedProviders.Count(); i++) + aSink.WriteInt32L(iDeniedProviders[i].iUid); } // --------------------------------------------------------------------------- @@ -219,6 +258,25 @@ TPtr ptr(iHashMark->Des()); aSource.ReadL(ptr,hashMarkLen); } + if(version >= VERSION_TWO) + { + TInt allowCnt = aSource.ReadInt32L(); + iAllowedProviders.Reset(); + for(TInt i(0); i < allowCnt; i++) + { + TInt uid = aSource.ReadInt32L(); + TUid allowPid = TUid::Uid(uid); + iAllowedProviders.Append(allowPid); + } + TInt denyCnt = aSource.ReadInt32L(); + iDeniedProviders.Reset(); + for(TInt i(0); i < denyCnt; i++) + { + TInt uid = aSource.ReadInt32L(); + TUid denyPid = TUid::Uid(uid); + iDeniedProviders.Append(denyPid); + } + } } // --------------------------------------------------------------------------- @@ -238,3 +296,25 @@ { iPermDenied = aPermDenied; } + +// --------------------------------------------------------------------------- +// Sets permanently granted permissions of the script +// --------------------------------------------------------------------------- +// +EXPORT_C void CScript::SetPermGranted(RProviderArray aPermGrantProvider) + { + iAllowedProviders.Reset(); + for(TInt i(0); i < aPermGrantProvider.Count(); i++) + iAllowedProviders.Append(aPermGrantProvider[i]); + } + +// --------------------------------------------------------------------------- +// Sets permanently denied permissions of the script +// --------------------------------------------------------------------------- +// +EXPORT_C void CScript::SetPermDenied(RProviderArray aPermDeniedProvider) + { + iDeniedProviders.Reset(); + for(TInt i(0); i < aPermDeniedProvider.Count(); i++) + iDeniedProviders.Append(aPermDeniedProvider[i]); + } diff -r 947415ec7603 -r a7062f7f0b79 serviceapifw_plat/rtsecuritymanager_client_api/inc/rtsecmgrscriptsession.h --- a/serviceapifw_plat/rtsecuritymanager_client_api/inc/rtsecmgrscriptsession.h Fri Jul 03 15:51:30 2009 +0100 +++ b/serviceapifw_plat/rtsecuritymanager_client_api/inc/rtsecmgrscriptsession.h Thu Sep 10 12:58:32 2009 +0300 @@ -154,6 +154,7 @@ //typdef to model list of prompt data structure typedef RPointerArray RPromptDataList; +typedef RArray RResourceArray; /* * Prompt callback handler class. @@ -195,6 +196,22 @@ virtual TSecMgrPromptUIOption PromptOption() const =0; }; +struct TPermanentInfo + { + TPermGrant iAllowedBits; //permanent allowed caps + TPermGrant iDeniedBits; //permanent denied caps + RProviderArray iAllowedProviders; //permanent allowed providers + RProviderArray iDeniedProviders; //permanent denied providers + }; + +struct TSessionInfo + { + TCapabilityBitSet AllowedCaps; //caps allowed for this session (caps allowed for this session & perm allowed) + TCapabilityBitSet DeniedCaps; //caps denied for this sesion (caps denied for this session & perm denied) + RProviderArray AllowedProviders;//providers allowed for this session + RProviderArray DeniedProviders;//providers denied for this session + }; + /** * * Thin proxy to the client side sub-session handle. @@ -341,15 +358,42 @@ IMPORT_C TInt IsAllowed(const RCapabilityArray& aCapabilitiesToCheck,RCapabilityArray& aUnMatchedCapabilities); /** - * Definition of default prompt handler. - * - * @param aPromptDataList RPromptDataList list of prompt data used by - * prompt callback handler to show to the user - * - * @return KErrNone if prompting successful; In case of failure, one of - * system wide error codes - * - */ + * Performs access permission check + * + * This overloaded method evaluates access permission by comparing the expected capabilities + * to perform service invocation with the capabilities of the script. The + * capabilities of the script is computed as sum of : + * + * - default allowed capabilities as specified in security access policy + * - user-granted capabilities, allowed by user while prompting + * + * The capabilities allowed by the user could be of various durations, like + * session-based, blanket/permanent and the one valid for the current invocation only + * (one-shot) + * + * This overloaded version returns the list of capabilities that do not match after + * access permission check. This can be used by the client to display to the user the + * list of unmatched capabilities + * + * @param aCapabilitiesToCheck RCapabilityArray list of capabilities to be checked against + * script's capbilities + * @param aProviderUid TProviderUid The provider that is being loaded + * @param aResourceFilePath TFileName resource file containing the string to prompt. + * + * @return EAccessOk if the access permission check is successful; Else, EAccessNOk + */ + IMPORT_C TInt IsAllowed(const RCapabilityArray& aCapabilitiesToCheck, TProviderUid aProviderUid, TFileName aResourceFileName); + + /** + * Definition of default prompt handler. + * + * @param aPromptDataList RPromptDataList list of prompt data used by + * prompt callback handler to show to the user + * + * @return KErrNone if prompting successful; In case of failure, one of + * system wide error codes + * + */ TInt Prompt(RPromptDataList& aPromptDataList , TExecutableID aExecID = KAnonymousScript); /** @@ -425,6 +469,16 @@ { return iUIPromptOption; } + + /** + * Sets the application name to the value passed by the runtime. + * The name is displayed as part of the prompt for provider based prompting. + * If name is not set then the default name is used. + * + * @param aName TDesC& name of the application. + */ + IMPORT_C void SetApplicationNameL(const TDesC& aName); + private: /* @@ -504,8 +558,22 @@ * */ void Close(); - + + /* + * Function to add the security manager resource file to the CONE environment + */ void AddResourceFiles(); + + /* + * Function to add the provider's resource file from which the body of the prompt is populated. + * + * @param aResourceFileName TFileName The resource file to be added to the CONE environment + */ + TInt AddProviderResourceFile(TFileName aResourceFileName); + + /* + * Close all the resource files added to the CONE environment + */ void CloseResourceFiles(); private: @@ -517,9 +585,9 @@ */ struct { - TCapabilityBitSet AllowedCaps; //caps allowed for this session (caps allowed for this session & perm allowed) - TCapabilityBitSet DeniedCaps; //caps denied for this sesion (caps denied for this session & perm denied) - }_sessionInfo; + TSessionInfo* sessionInfo; //Information about what is allowed for this session (caps/providers allowed for this session & perm allowed) + TCapabilityBitSet DeniedCaps; //Information about what is denied for this session (caps/providers denied for this session & perm denied) + }_sessionData; /* * anonymous enumerations for selection index @@ -545,14 +613,14 @@ * permanently allowed capability bits * */ - TPermGrant iPermBits; //perm allowed caps, persistently stored for this script + TPermanentInfo* _permanentInfo; //perm allowed information, persistently stored for this script /* - * permanently denied capability bits + * Generic data about the script session * */ - TPermGrant iDeniedBits; //perm denied caps, persistently stored for this script - + HBufC* iSessionData; + /* * reference to prompt handler instance * @@ -574,7 +642,7 @@ * security manager resource file offset value * */ - TInt iResourceOffset; + RResourceArray iResourceOffsetArray; /* * Prompt UI option diff -r 947415ec7603 -r a7062f7f0b79 serviceapifw_plat/rtsecuritymanager_common_api/inc/rtsecmgrcommondef.h --- a/serviceapifw_plat/rtsecuritymanager_common_api/inc/rtsecmgrcommondef.h Fri Jul 03 15:51:30 2009 +0100 +++ b/serviceapifw_plat/rtsecuritymanager_common_api/inc/rtsecmgrcommondef.h Thu Sep 10 12:58:32 2009 +0300 @@ -30,6 +30,8 @@ typedef TInt TExecutableID; typedef TUint32 TPermGrant; typedef RArray RCapabilityArray; +typedef TUid TProviderUid; +typedef RArray RProviderArray; typedef TUint32 TCapabilityBitSet; @@ -86,7 +88,8 @@ enum TSecMgrPromptUIOption { RTPROMPTUI_DEFAULT = 0, - RTPROMPTUI_ADVANCED + RTPROMPTUI_ADVANCED, + RTPROMPTUI_PROVIDER }; //error code used btn server and client diff -r 947415ec7603 -r a7062f7f0b79 serviceapifw_plat/rtsecuritymanager_utility_api/inc/rtsecmgrscript.h --- a/serviceapifw_plat/rtsecuritymanager_utility_api/inc/rtsecmgrscript.h Fri Jul 03 15:51:30 2009 +0100 +++ b/serviceapifw_plat/rtsecuritymanager_utility_api/inc/rtsecmgrscript.h Thu Sep 10 12:58:32 2009 +0300 @@ -129,6 +129,22 @@ IMPORT_C TPermGrant PermDenied() const; /* + * Gets the permanently granted providers + * + * @param aAllowedProviders RProviderArray IN/OUT param which will co + * + */ + IMPORT_C void PermGranted(RProviderArray& aAllowedProviders) ; + + /* + * Gets the permanently denied permissions + * + * @return TPermGrant permanently denied permission + * + */ + IMPORT_C void PermDenied(RProviderArray& aDeniedProviders) ; + + /* * Sets the permissionset of the script * * @param aPermissionSet CPermissionSet source permissionset to be set @@ -166,6 +182,22 @@ IMPORT_C void SetPermDenied(TPermGrant aPermDenied); /* + * Sets permanently granted permission + * + * @param aPermGrant TPermGrant permanently granted permission to be set + * + */ + IMPORT_C void SetPermGranted(RProviderArray aPermGrantProviders); + + /* + * Sets permanently denied permission + * + * @param aPermDenied TPermGrant permanently denied permission to be set + * + */ + IMPORT_C void SetPermDenied(RProviderArray aPermDeniedProviders); + + /* * Sets hash value of the script * * @param aHashMark TDesC hash value of the script @@ -237,8 +269,17 @@ //permanently denied permission TPermGrant iPermDenied; //separate bit-patterns for permanently allowed & denied + //permanently allowed providers + RProviderArray iAllowedProviders; + + //permanently denied providers + RProviderArray iDeniedProviders; + //hash value of the script HBufC* iHashMark; + + // Reserved for future additions + TAny* iReserved; }; /*