|
1 // Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
2 // All rights reserved. |
|
3 // This component and the accompanying materials are made available |
|
4 // under the terms of "Eclipse Public License v1.0" |
|
5 // which accompanies this distribution, and is available |
|
6 // at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
7 // |
|
8 // Initial Contributors: |
|
9 // Nokia Corporation - initial contribution. |
|
10 // |
|
11 // Contributors: |
|
12 // |
|
13 // Description: |
|
14 // DBMS client/server session class - "DBMS security" related - full security support |
|
15 // |
|
16 // |
|
17 |
|
18 #include "SD_STD.H" |
|
19 |
|
20 /** |
|
21 Retrieves a list of names of secure shared databases, which share the same security policy, |
|
22 as determined by the supplied UID. |
|
23 If a database name is longer than KDbMaxName, it will not be added to the list. |
|
24 |
|
25 @param aDrive The drive number to be searched. |
|
26 @param aPolicyUid Database security policy UID. |
|
27 @return A list with names of the found databases, which have the same database security uid. |
|
28 The database name output format is: \<name\>.\<ext\>. The caller is resonsible for deleting |
|
29 the database names list. |
|
30 @leave KErrNoMemory - not enough memory for the operation to be done |
|
31 @leave KErrArgument - invalid UID parameter (including KNullUid value) |
|
32 @leave KErrBadName - invalid drive number (not in A-Z range) |
|
33 @leave KErrNotReady - the drive is not presented in the system |
|
34 @leave Some other system-wide error codes |
|
35 |
|
36 @publishedAll |
|
37 @released |
|
38 */ |
|
39 EXPORT_C CDbDatabaseNames* RDbs::DatabaseNamesL(TDriveNumber aDrive, TUid aPolicyUid) |
|
40 { |
|
41 TIpcArgs args(aDrive, aPolicyUid.iUid); |
|
42 RReadStream in(HDbsBuf::NewLC(*this, EDbsDatabaseList, args)); |
|
43 CDbDatabaseNames* dbNames = CDbDatabaseNames::NewLC(); |
|
44 in >> *dbNames; |
|
45 CleanupStack::Pop(dbNames); |
|
46 CleanupStack::PopAndDestroy();//HDbsBuf |
|
47 return dbNames; |
|
48 } |
|
49 |
|
50 /** |
|
51 Copies an existing secure shared database to a new secure shared database. |
|
52 The new database will have the same security policy as the old one. |
|
53 The maximum length of the target database name (with the extension) is KDbMaxName. |
|
54 |
|
55 @param aSrcDbName Source database name (\<drive\>:\<name\>.\<ext\> format) |
|
56 @param aDestDbName Destination database name (\<drive\>:\<name\>.\<ext\> format) |
|
57 @param aPolicyUid The database security policy UID. The destination database will have |
|
58 the same policy UID. |
|
59 @return KErrNone if successful, otherwise one of the system-wide error codes, including: |
|
60 KErrPermissionDenied - the caller has not enough rights to do the operation or |
|
61 the destination drive is a ROM drive; |
|
62 KErrArgument - invalid source or destination database names (null name, too long name, only drive letter); |
|
63 invalid or null UID; |
|
64 KErrNotReady - the drive in database name is not presented in the system; |
|
65 KErrNotFound - the source database not found; |
|
66 KErrInUse - the source database is in use; |
|
67 KErrAlreadyExists - the destination database already exists; |
|
68 KErrNoMemory - not enough memory for the operation to be done; |
|
69 |
|
70 @capability Note For a secure shared database, the caller must satisfy the schema |
|
71 access policy for the database. |
|
72 |
|
73 @publishedAll |
|
74 @released |
|
75 */ |
|
76 EXPORT_C TInt RDbs::CopyDatabase(const TDesC& aSrcDbName, const TDesC& aDestDbName, TUid aPolicyUid) |
|
77 { |
|
78 TIpcArgs args(&aSrcDbName, &aDestDbName, aPolicyUid.iUid); |
|
79 return SendReceive(DbsMessage(EDbsCopyDatabase, KDbsSessionHandle), args); |
|
80 } |
|
81 |
|
82 /** |
|
83 Deletes an existing secure shared database. |
|
84 |
|
85 @param aDbName Source database name (\<drive\>:\<name\>.\<ext\> format) |
|
86 @param aPolicyUid Database security policy UID. |
|
87 @return KErrNone if successful, otherwise one of the system-wide error codes, including: |
|
88 KErrInUse (if the database is in use at the moment); |
|
89 KErrNotFound - the database not found; |
|
90 KErrPermissionDenied - the caller has not enough rights to do the operation; |
|
91 |
|
92 @capability Note For a secure shared database, the caller must satisfy the schema |
|
93 access policy for the database. |
|
94 |
|
95 @publishedAll |
|
96 @released |
|
97 */ |
|
98 EXPORT_C TInt RDbs::DeleteDatabase(const TDesC& aDbName, TUid aPolicyUid) |
|
99 { |
|
100 TIpcArgs args(&aDbName, aPolicyUid.iUid); |
|
101 return SendReceive(DbsMessage(EDbsDeleteDatabase, KDbsSessionHandle), args); |
|
102 } |
|
103 |
|
104 /** |
|
105 Returns in aPolicy output parameter requested database/table security policy of type aPolicyType. |
|
106 @param aPolicyUid Database security policy UID |
|
107 @param aTableName Table name. |
|
108 @param aMask Bit-field: it includes ther policy type: EReadPolicy, EWritePolicy, ESchemaPolicy |
|
109 and the request type - database or table. |
|
110 @param aPolicy It will be initialized with the requested security policy data after a successfull call. |
|
111 @return KErrNone if successful, otherwise some of the system-wide error codes, including: |
|
112 KErrArgument - some of the arguments has an invalid value. |
|
113 KErrNotSupported - the method has been called with aMask containing ESchemaPolicy |
|
114 for a table object. |
|
115 |
|
116 @publishedAll |
|
117 @released |
|
118 */ |
|
119 TInt RDbs::GetPolicy(TUid aPolicyUid, const TDesC& aTableName, TUint aMask, |
|
120 TSecurityPolicy& aPolicy) |
|
121 { |
|
122 TBuf8<sizeof(TSecurityPolicy)> spData; |
|
123 TIpcArgs args(aPolicyUid.iUid, aMask, &aTableName, &spData); |
|
124 TInt err = SendReceive(DbsMessage(EDbsGetSecurityPolicy, KDbsSessionHandle), args); |
|
125 if(err == KErrNone) |
|
126 { |
|
127 err = aPolicy.Set(spData); |
|
128 } |
|
129 return err; |
|
130 } |
|
131 |
|
132 /** |
|
133 Returns in the aDbPolicy output parameter the requested database security policy of type aPolicyType. |
|
134 |
|
135 @param aPolicyUid Database security policy UID. |
|
136 @param aPolicyType Policy type: EReadPolicy, EWritePolicy, ESchemaPolicy. |
|
137 @param aDbPolicy It will be initialized with the requested security policy data after a successfull call. |
|
138 @return KErrNone if successful, otherwise one of the system-wide error codes, including |
|
139 KErrArgument - some of the arguments has an invalid value. |
|
140 |
|
141 @publishedAll |
|
142 @released |
|
143 */ |
|
144 EXPORT_C TInt RDbs::GetDatabasePolicy(TUid aPolicyUid, TPolicyType aPolicyType, |
|
145 TSecurityPolicy& aDbPolicy) |
|
146 { |
|
147 return GetPolicy(aPolicyUid, KNullDesC, aPolicyType, aDbPolicy); |
|
148 } |
|
149 |
|
150 /** |
|
151 Returns in the aTablePolicy output parameter the requested table security policy of type aPolicyType. |
|
152 |
|
153 @param aPolicyUid Database security policy UID. |
|
154 @param aTableName Table name. |
|
155 @param aPolicyType Policy type: EReadPolicy, EWritePolicy. |
|
156 @param aTablePolicy It will be initialized with the requested security policy data after a successfull call. |
|
157 @return KErrNone if successful, otherwise one of the system-wide error codes, including: |
|
158 KErrArgument - some of the arguments has an invalid value. |
|
159 KErrNotSupported - the method has been called with aPolicyType = ESchemaPolicy; |
|
160 |
|
161 @publishedAll |
|
162 @released |
|
163 */ |
|
164 EXPORT_C TInt RDbs::GetTablePolicy(TUid aPolicyUid, const TDesC& aTableName, TPolicyType aPolicyType, |
|
165 TSecurityPolicy& aTablePolicy) |
|
166 { |
|
167 return GetPolicy(aPolicyUid, aTableName, aPolicyType | KTablePolicyMaskBit, aTablePolicy); |
|
168 } |
|
169 |
|
170 /** |
|
171 Returns in the aDbPolicy and aTablePolicy output parameters the requested database and table |
|
172 security policies of type aPolicyType. |
|
173 |
|
174 @param aPolicyUid Database security policy UID. |
|
175 @param aTableName Table name. |
|
176 @param aPolicyType Policy type: EReadPolicy, EWritePolicy. |
|
177 @param aDbPolicy It will be initialized with the requested security policy data after a successfull call. |
|
178 @param aTablePolicy It will be initialized with the requested security policy data after a successfull call. |
|
179 @return KErrNone if successful, otherwise one of the system-wide error codes, including: |
|
180 KErrArgument - some of the arguments has an invalid value. |
|
181 KErrNotSupported - the method has been called with aPolicyType = ESchemaPolicy; |
|
182 |
|
183 @publishedAll |
|
184 @released |
|
185 */ |
|
186 EXPORT_C TInt RDbs::GetTablePolicies(TUid aPolicyUid, const TDesC& aTableName, TPolicyType aPolicyType, |
|
187 TSecurityPolicy& aDbPolicy, TSecurityPolicy& aTablePolicy) |
|
188 { |
|
189 TInt err = GetDatabasePolicy(aPolicyUid, aPolicyType, aDbPolicy); |
|
190 if(err == KErrNone) |
|
191 { |
|
192 err = GetTablePolicy(aPolicyUid, aTableName, aPolicyType, aTablePolicy); |
|
193 } |
|
194 return err; |
|
195 } |
|
196 |
|
197 /** |
|
198 The method will fill out aBackupPath argument with the full path of aDbName secure |
|
199 shared database. |
|
200 @param aRequesterSID Security ID of the process which is supposed to backup or restore |
|
201 the database. 0 or ECapability_None are invalid values for |
|
202 aRequesterSID parameter. |
|
203 @param aDbName Secure shared database name, which path will be set in aBackupPath |
|
204 parameter. The name's format is \<drive\>:\<name\>.\<ext\> |
|
205 @param aDbPolicyUid Database security policy UID. |
|
206 @param aBackupPath An output parameter. After a successfull call, the DBMS server |
|
207 will fill out the full database path there. aBackupPath must offer |
|
208 enough space to get the whole database path. Probably the best |
|
209 aBackupPath length is KMaxPath value. |
|
210 @return KErrNone if successful, otherwise one of the system-wide error codes, including: |
|
211 - KErrArgument - 0 or ECapability_None process SID, null UID, |
|
212 null or invalid database name, |
|
213 the database is not secure shared database; |
|
214 - KErrNotFound - the database file does not exist; |
|
215 - KErrPermissionDenied - the supplied process SID does not match the database backup& |
|
216 restore SID or the database backup&restore SID is 0 or ECapability_None. |
|
217 @deprecated |
|
218 */ |
|
219 EXPORT_C TInt RDbs::GetBackupPath(TSecureId aRequesterSID, const TDesC& aDbName, |
|
220 TUid aDbPolicyUid, TDes& aBackupPath) |
|
221 { |
|
222 TIpcArgs args(aRequesterSID.iId, aDbPolicyUid.iUid, &aDbName, &aBackupPath); |
|
223 return SendReceive(DbsMessage(EDbsGetBackupPath, KDbsSessionHandle), args); |
|
224 } |
|
225 |
|
226 /** |
|
227 Retrieves a list of paths of secure shared databases, which share the same security policy, |
|
228 as determined by the supplied aDbPolicyUid parameter. |
|
229 Note: If there is a database file which full path length is bigger than KDbMaxStrLen characters, |
|
230 then this file will not be added to the returned CDbStrings array. |
|
231 |
|
232 @param aRequesterSID Security ID of the process which is supposed to backup or restore |
|
233 the database. 0 and ECapability_None are invalid values for |
|
234 aRequesterSID parameter. |
|
235 @param aDbPolicyUid Database security policy UID. |
|
236 @return A list with paths of the found databases, which have the same database security uid. |
|
237 The caller is resonsible for deleting the database paths list. |
|
238 @leave KErrArgument - 0 or ECapability_None process SID, null database security UID. |
|
239 @leave KErrPermissionDenied - the supplied process SID does not match the database backup& |
|
240 restore SID or the database backup&restore SID is 0 or ECapability_None. |
|
241 @leave Some other system-wide error codes |
|
242 |
|
243 @publishedAll |
|
244 @released |
|
245 */ |
|
246 EXPORT_C CDbStrings* RDbs::BackupPathsL(TSecureId aRequesterSid, TUid aDbPolicyUid) |
|
247 { |
|
248 TIpcArgs args(aRequesterSid.iId, aDbPolicyUid.iUid); |
|
249 RReadStream in(HDbsBuf::NewLC(*this, EDbsGetBackupPaths, args)); |
|
250 CDbStrings* dbPaths = CDbStrings::NewLC(); |
|
251 in >> *dbPaths; |
|
252 CleanupStack::Pop(dbPaths); |
|
253 CleanupStack::PopAndDestroy();//HDbsBuf |
|
254 return dbPaths; |
|
255 } |
|
256 |
|
257 /** |
|
258 Creates a secure shared database. |
|
259 Max allowed database name length (with the extension) is KDbMaxName symbols. |
|
260 |
|
261 In this "client-server" mode the database can be shared with the other clients. |
|
262 |
|
263 For creating a non-secure database, see RDbNamedDatabase::Create(), which first |
|
264 argument is a RFs reference (or RDbNamedDatabase::Replace()). |
|
265 |
|
266 @param aDbs A reference to DBMS session instance. |
|
267 @param aDatabase Database name. The name format is: \<drive\>:\<name\>.\<ext\> |
|
268 @param aFormat Database format string. The string format is: "SECURE[UID]", where UID |
|
269 is the database security policy UID. "SECURE" keyword is case insensitive. |
|
270 @return KErrNone if successful otherwise one of the system-wide error codes, including: |
|
271 KErrAlreadyExists - the database already exists; |
|
272 KErrNotSupported - invalid format string; |
|
273 KErrArgument - bad argument, including null/invaluid uids, the database name includes a path; |
|
274 KErrPermissionDenied - the caller has not enough rights to do the operation; |
|
275 |
|
276 @capability Note For a secure shared database, the caller must satisfy the schema |
|
277 access policy for the database. |
|
278 |
|
279 @see RDbNamedDatabase::Create(RFs& aFs, const TDesC& aSource, const TDesC& aFormat) |
|
280 @see RDbNamedDatabase::Replace(RFs& aFs, const TDesC& aSource, const TDesC& aFormat) |
|
281 |
|
282 @publishedAll |
|
283 @released |
|
284 */ |
|
285 EXPORT_C TInt RDbNamedDatabase::Create(RDbs& aDbs, const TDesC& aDatabase, const TDesC& aFormat) |
|
286 { |
|
287 TRAPD(r,iDatabase=CDbsSecureDatabase::NewL(aDbs,aDatabase,aFormat)); |
|
288 return r; |
|
289 } |