persistentstorage/dbms/inc/D32Security.h
changeset 0 08ec8eefde2f
equal deleted inserted replaced
-1:000000000000 0:08ec8eefde2f
       
     1 // Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).
       
     2 // All rights reserved.
       
     3 // This component and the accompanying materials are made available
       
     4 // under the terms of "Eclipse Public License v1.0"
       
     5 // which accompanies this distribution, and is available
       
     6 // at the URL "http://www.eclipse.org/legal/epl-v10.html".
       
     7 //
       
     8 // Initial Contributors:
       
     9 // Nokia Corporation - initial contribution.
       
    10 //
       
    11 // Contributors:
       
    12 //
       
    13 // Description:
       
    14 //
       
    15 
       
    16 #ifndef __D32SECURITY_H__
       
    17 #define __D32SECURITY_H__
       
    18 
       
    19 #include "D32Assert.h"
       
    20 
       
    21 //Forward declarations
       
    22 class RFs;
       
    23 
       
    24 /**
       
    25 DBSC namespace is a placeholder for security policy framework.
       
    26 DBSC stands for [D]ata[B]ase [S]e[C]urity.
       
    27 @internalComponent
       
    28 */
       
    29 namespace DBSC
       
    30 {
       
    31 
       
    32 /**
       
    33 KPolicyTypesCount specifies how many different policy type are maintained by the system.
       
    34 @internalComponent
       
    35 */
       
    36 const TInt KPolicyTypesCount = 3;
       
    37 
       
    38 /**
       
    39 Each secure shared database/table have a security policy associated with it.
       
    40 There are three security policy types:"READ" - EPTRead - for any database/table read operation,
       
    41                                      "WRITE"- EPTWrite - for any database/table write operation.
       
    42                                      "SCHEMA"- EPTSchema - for any database admin operation.
       
    43 To execute particular DBMS operation, the caller must have a set of Capabilities/SID/VID,
       
    44 which must satisfy related R/W/S security policies of the database/table, on which the operation 
       
    45 has to be performed.
       
    46 @internalComponent
       
    47 */
       
    48 typedef enum 
       
    49 	{
       
    50 	EPTNone		= 0, 
       
    51 	EPTRead		= 1 << 0, 
       
    52 	EPTWrite	= 1 << 1,
       
    53 	EPTSchema	= 1 << 2,
       
    54 	EPTLast	    = 1 << (KPolicyTypesCount - 1)
       
    55 	} TPolicyType;
       
    56 
       
    57 /**
       
    58 Type of the controled by the security policy object: database or table
       
    59 @internalComponent
       
    60 */
       
    61 typedef enum
       
    62 	{
       
    63 	EPOTNone,
       
    64 	EPOTDatabase,
       
    65 	EPOTTable
       
    66 	} TPolicyObjType;
       
    67 
       
    68 /**
       
    69 This enum represents possible type of the requested access when opening/creating a database
       
    70 on the server side:
       
    71 EATNonSecure - non-secure access to private/legacy/shared-non-secure database
       
    72 EATSecure - secure access to shared-secure database
       
    73 @internalComponent
       
    74 */
       
    75 typedef enum 
       
    76 	{
       
    77 	EATNonSecure, 
       
    78 	EATSecure
       
    79 	} TAccessType;
       
    80 
       
    81 /**
       
    82 This structure packs together the uid from the database format string and
       
    83 requested access type to the database.
       
    84 @internalComponent
       
    85 */
       
    86 struct TDbPolicyRequest
       
    87 	{
       
    88 	TUid		iUid;
       
    89 	TAccessType	iAccessType;
       
    90 	};
       
    91 
       
    92 /**
       
    93 MPolicy interface is used to check DBMS client capabilities against the security policy
       
    94 managed by this interface.
       
    95 The Check() method parameter, aPolicyType, specifies against which policy (R/W/S) caller
       
    96 capabilities/SID/VID have to be asserted.
       
    97 Do not put MPolicy interfaces in the CleanupStack! MPolicySpace instance will
       
    98 take care about them.
       
    99 Using MPolicy::Dump() method you can dump the content of the controled object
       
   100 into a text file. Note that the dump works only if you have __DBDUMP__ macro defined.
       
   101 @internalComponent
       
   102 */
       
   103 class MPolicy
       
   104 	{
       
   105 public:
       
   106 	virtual TBool Check(const RMessage2& aMessage, TPolicyType aPolicyType) const = 0; 
       
   107 	virtual TInt Get(TPolicyType aPolicyType, TSecurityPolicy& aPolicy) const = 0;
       
   108 	DECLARE_DB_DUMP(aFile)
       
   109 	};
       
   110 
       
   111 /**
       
   112 MPolicySpace interface represents an interface to the security policiy space, which manages
       
   113 all the security policies, presented in the system.
       
   114 It can be used to retrieve MPolicy interface for particular database/table object or
       
   115 getting the backup&restore security ID.
       
   116 MPolicySpace interface manages static data structure, created during the DBMS startup.
       
   117 The data in this structure will never be modified during the DBMS server life time.
       
   118 DbPolicyL() and TblPolicyL() leave with KErrArgument error, if there is no policy for
       
   119 the database/table object, represented in the method arguments.
       
   120 @internalComponent
       
   121 */
       
   122 class MPolicySpace
       
   123 	{
       
   124 public:
       
   125 	virtual void Release() = 0;
       
   126 	virtual const MPolicy* DbPolicyL(const TDbPolicyRequest& aDbPolicyRequest) const = 0;
       
   127 	virtual const MPolicy* TblPolicyL(const TDbPolicyRequest& aDbPolicyRequest, const TDesC& aTblName) const = 0;
       
   128 	virtual TSecureId BackupSIDL(TUid aDbUid) const = 0;
       
   129 	};
       
   130 
       
   131 /**
       
   132 TPolicySpaceFactory is a factory class, used for creating an object, which implements 
       
   133 MPolicySpace interface. 
       
   134 Do not forget that MPolicySpace is a "M" interface, so if 
       
   135 you want to push it in the Cleanup Stack, you should use CleanupReleasePushL() call, but not
       
   136 CleanupStack::PushL().
       
   137 @internalComponent
       
   138 */
       
   139 class TPolicySpaceFactory
       
   140 	{
       
   141 public:
       
   142 	static MPolicySpace* NewPolicySpaceL(RFs& aFs, const TDesC& aPrivatePath);
       
   143 	};
       
   144 
       
   145 } //end of - namespace DBSC
       
   146 
       
   147 #endif//__D32SECURITY_H__