|
1 // Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
2 // All rights reserved. |
|
3 // This component and the accompanying materials are made available |
|
4 // under the terms of "Eclipse Public License v1.0" |
|
5 // which accompanies this distribution, and is available |
|
6 // at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
7 // |
|
8 // Initial Contributors: |
|
9 // Nokia Corporation - initial contribution. |
|
10 // |
|
11 // Contributors: |
|
12 // |
|
13 // Description: |
|
14 // CPolicyBase, CDbPolicy, CTblPolicy, CPolicyDomain, |
|
15 // TPolicyDomainBuilder, TPolicyDomainReader classes. |
|
16 // MPolicyDomainPersister, MPolicyDomainLoader interfaces |
|
17 // |
|
18 // |
|
19 |
|
20 #ifndef __SC_POLICY_H__ |
|
21 #define __SC_POLICY_H__ |
|
22 |
|
23 #include <e32base.h> //CBase |
|
24 #include "D32Security.h" |
|
25 |
|
26 namespace DBSC |
|
27 { |
|
28 |
|
29 //Forward declarations |
|
30 class CPolicyDomain; |
|
31 |
|
32 /** |
|
33 CPolicyBase class implements MPolicy interface. |
|
34 It describes an object that manages a set of TSecurityPolicy objects. |
|
35 CPolicyBase::iPOType data member gives an information access to what kind of |
|
36 database object (database or table) is controlled by the set of security policies. |
|
37 CPolicyBase::Check() can be used to check caller access rights against specified policy type. |
|
38 @see MPolicy |
|
39 @internalComponent |
|
40 */ |
|
41 NONSHARABLE_CLASS(CPolicyBase) : public CBase, public MPolicy |
|
42 { |
|
43 public: |
|
44 struct TPolicy |
|
45 { |
|
46 TPolicyType iType; |
|
47 TSecurityPolicy iData; |
|
48 }; |
|
49 typedef RArray<TPolicy> RPolicyCollection; |
|
50 typedef enum {EPCNotFound, EPCPassed, EPCNotPassed} TPolicyCheckResult; |
|
51 |
|
52 public: |
|
53 virtual ~CPolicyBase(); |
|
54 virtual TBool Check(const RMessage2& aMessage, TPolicyType aPolicyType) const = 0; |
|
55 virtual TInt Get(TPolicyType aPolicyType, TSecurityPolicy& aPolicy) const; |
|
56 virtual void InvariantL() const; |
|
57 DECLARE_DB_INVARIANT() |
|
58 inline const RPolicyCollection& PolicyCollection() const; |
|
59 |
|
60 protected: |
|
61 inline CPolicyBase(); |
|
62 void ConstructL(const RPolicyCollection& aPolicyCollection); |
|
63 const TSecurityPolicy* Policy(TPolicyType aPolicyType) const; |
|
64 TPolicyCheckResult DoCheck(const RMessage2& aMessage, TPolicyType aPolicyType) const; |
|
65 DECLARE_DB_DUMP2(aFile) |
|
66 |
|
67 private: |
|
68 RPolicyCollection iPolicyCollection; |
|
69 |
|
70 }; |
|
71 |
|
72 /** |
|
73 CDbPolicy class describes an object that manages the access to all databases, which |
|
74 have the same format UID. |
|
75 @see CPolicyBase |
|
76 @see MPolicy |
|
77 @internalComponent |
|
78 */ |
|
79 NONSHARABLE_CLASS(CDbPolicy) : public CPolicyBase |
|
80 { |
|
81 public: |
|
82 static CDbPolicy* NewLC(const RPolicyCollection& aPolicyCollection); |
|
83 inline static CDbPolicy* NewL(const RPolicyCollection& aPolicyCollection); |
|
84 virtual ~CDbPolicy(); |
|
85 virtual TBool Check(const RMessage2& aMessage, TPolicyType aPolicyType) const; |
|
86 virtual void InvariantL() const; |
|
87 DECLARE_DB_DUMP2(aFile) |
|
88 |
|
89 private: |
|
90 inline CDbPolicy(); |
|
91 |
|
92 }; |
|
93 |
|
94 /** |
|
95 CTblPolicy class describes an object that manages the access to all tables, which |
|
96 have particular format UID and particular name. |
|
97 @see CPolicyBase |
|
98 @see MPolicy |
|
99 @internalComponent |
|
100 */ |
|
101 NONSHARABLE_CLASS(CTblPolicy) : public CPolicyBase |
|
102 { |
|
103 public: |
|
104 static CTblPolicy* NewLC(const TDesC& aTblName, |
|
105 const RPolicyCollection& aPolicyCollection, |
|
106 const CDbPolicy* aDbPolicy); |
|
107 inline static CTblPolicy* NewL(const TDesC& aTblName, |
|
108 const RPolicyCollection& aPolicyCollection, |
|
109 const CDbPolicy* aDbPolicy); |
|
110 virtual ~CTblPolicy(); |
|
111 virtual TBool Check(const RMessage2& aMessage, TPolicyType aPolicyType) const; |
|
112 virtual TInt Get(TPolicyType aPolicyType, TSecurityPolicy& aPolicy) const; |
|
113 virtual void InvariantL() const; |
|
114 inline const TDesC& TableName() const; |
|
115 DECLARE_DB_DUMP2(aFile) |
|
116 |
|
117 private: |
|
118 inline CTblPolicy(const CDbPolicy* aDbPolicy); |
|
119 void ConstructL(const TDesC& aTblName, const RPolicyCollection& aPolicyCollection); |
|
120 |
|
121 private: |
|
122 HBufC* iTblName; |
|
123 const CDbPolicy* iDbPolicy; |
|
124 |
|
125 }; |
|
126 |
|
127 /** |
|
128 TPolicyDomainBuilder class describes an object that can be used during the initialization |
|
129 to initialize CPolicyDomain objects. It is used by MPolicyDomainLoader interface. |
|
130 @internalComponent |
|
131 */ |
|
132 class TPolicyDomainBuilder |
|
133 { |
|
134 public: |
|
135 inline TPolicyDomainBuilder(CPolicyDomain& aPolicyDomain); |
|
136 void SetDbPolicyL(CDbPolicy* aDbPolicy); |
|
137 inline void AddTblPolicyL(CTblPolicy* aTblPolicy); |
|
138 inline void SetBackupSID(TSecureId& aSecureId); |
|
139 private: |
|
140 CPolicyDomain& iPolicyDomain; |
|
141 }; |
|
142 |
|
143 /** |
|
144 TPolicyDomainBuilder class describes an object that can be used to explore the content of |
|
145 CPolicyDomain objects. It is used by MPolicyDomainPersister interface. |
|
146 @internalComponent |
|
147 */ |
|
148 class TPolicyDomainReader |
|
149 { |
|
150 public: |
|
151 inline TPolicyDomainReader(const CPolicyDomain& aPolicyDomain); |
|
152 inline TUid Uid() const; |
|
153 inline const CDbPolicy& DbPolicy() const; |
|
154 inline void ResetTblPos() const; |
|
155 inline TInt TblPolicyCount() const; |
|
156 inline const CTblPolicy* NextTblPolicy() const; |
|
157 inline TSecureId BackupSID() const; |
|
158 private: |
|
159 const CPolicyDomain& iPolicyDomain; |
|
160 mutable TInt iIndex; |
|
161 }; |
|
162 |
|
163 /** |
|
164 MPolicyDomainPersister interface has to be implemented by DBSC clients, who want to store |
|
165 the information from CPolicyDomain objects (set of security policies) somewhere - text files, |
|
166 streams, ... It uses TPolicyDomainReader class to traverse CPolicyDomain collection of |
|
167 security policies. |
|
168 @see TPolicyDomainReader |
|
169 @internalComponent |
|
170 */ |
|
171 class MPolicyDomainPersister |
|
172 { |
|
173 public: |
|
174 virtual void RunL(const TPolicyDomainReader& aPolicyDomainReader) = 0; |
|
175 }; |
|
176 |
|
177 /** |
|
178 MPolicyDomainPersister interface has to be implemented by DBSC clients, who want to load |
|
179 set of security policies to CPolicyDomain objects from somewhere - text files, |
|
180 streams, ... It uses TPolicyDomainBuilder class to add to CPolicyDomain collection new |
|
181 security policies. |
|
182 @see TPolicyDomainBuilder |
|
183 @internalComponent |
|
184 */ |
|
185 class MPolicyDomainLoader |
|
186 { |
|
187 public: |
|
188 virtual void RunL(TPolicyDomainBuilder& aPolicyDomainBuilder) = 0; |
|
189 }; |
|
190 |
|
191 /** |
|
192 CPolicyDomain object describes a set of all security policies related to particular format UID. |
|
193 It describes only a collection of security policies and offers some functionality for |
|
194 retrieving particular database/table MPolicy interfaces. |
|
195 The responsibility for adding new items to secirity policy collection is delegated to |
|
196 TPolicyDomainBuilder class. |
|
197 The responsibility for traversing secirity policy collection is delegated to |
|
198 TPolicyDomainReader class. |
|
199 Both, TPolicyDomainBuilder and TPolicyDomainReader classes are not used directly by |
|
200 the CPolicyDomain class implementation. CPolicyDomain instances are created using |
|
201 MPolicyDomainLoader interface and externalized using MPolicyDomainPersister interface and |
|
202 they (the interfaces) use TPolicyDomainBuilder and TPolicyDomainReader respectively. |
|
203 The delegation of responsibilities for creation/traversing of CPolicyDomain security policy collection |
|
204 was done because CPolicyDomain class is a part of shared sources used in DBMS server implementation |
|
205 and DbSpConv tool implementation. |
|
206 DBMS server creates CPolicyDomain security policy collection from a binary policy files using |
|
207 TPDStreamLoader class (which implements MPolicyDomainLoader) and TPolicyDomainBuilder class |
|
208 to insert created CDbPolicy and CTblPolicy instances into CPolicyDomain collection. |
|
209 The rest of the possibilities: creating CPolicyDomain collection from a text policy file, |
|
210 exporting CPolicyDomain collection to a binary policy file, |
|
211 exporting CPolicyDomain collection to a text policy file, are used by the DbSpConv tool. |
|
212 So, CPolicyDomain class uses interfaces for its loading/storing, but their |
|
213 implementations are part of separate exe-s - no waste of production code. |
|
214 @see MPolicy |
|
215 @see CDbPolicy |
|
216 @see CTblPolicy |
|
217 @see TPolicyDomainBuilder |
|
218 @see TPolicyDomainReader |
|
219 @see MPolicyDomainLoader |
|
220 @see MPolicyDomainPersister |
|
221 @internalComponent |
|
222 */ |
|
223 NONSHARABLE_CLASS(CPolicyDomain) : public CBase |
|
224 { |
|
225 friend class TPolicyDomainBuilder; |
|
226 friend class TPolicyDomainReader; |
|
227 public: |
|
228 static CPolicyDomain* NewLC(TUid aUid, MPolicyDomainLoader& aPDLoader); |
|
229 inline static CPolicyDomain* NewL(TUid aUid, MPolicyDomainLoader& aPDLoader); |
|
230 virtual ~CPolicyDomain(); |
|
231 void ExternalizeL(MPolicyDomainPersister& aPDPersister) const; |
|
232 |
|
233 inline TUid Uid() const; |
|
234 const MPolicy* DbPolicy() const; |
|
235 const MPolicy* TblPolicy(const TDesC& aTblName) const; |
|
236 inline TSecureId BackupSID() const; |
|
237 |
|
238 virtual void InvariantL() const; |
|
239 DECLARE_DB_DUMP3(aFile) |
|
240 |
|
241 private: |
|
242 inline CPolicyDomain(TUid aUid); |
|
243 void InternalizeL(MPolicyDomainLoader& aPDLoader); |
|
244 void Destroy(); |
|
245 DECLARE_DB_INVARIANT2() |
|
246 |
|
247 private: |
|
248 TUid iUid; |
|
249 CDbPolicy* iDbPolicy; |
|
250 RPointerArray<CTblPolicy> iTPCollection; |
|
251 TSecureId iBackupSID; |
|
252 |
|
253 }; |
|
254 |
|
255 } //end of - namespace DBSC |
|
256 |
|
257 #include "SC_Policy.inl" |
|
258 |
|
259 #endif//__SC_POLICY_H__ |