312 StorageNames.CLASS); |
312 StorageNames.CLASS); |
313 String target = getStorageAttributeValue(permEntries[i], |
313 String target = getStorageAttributeValue(permEntries[i], |
314 StorageNames.NAME); |
314 StorageNames.NAME); |
315 String actionList = getStorageAttributeValue(permEntries[i], |
315 String actionList = getStorageAttributeValue(permEntries[i], |
316 StorageNames.ACTION); |
316 StorageNames.ACTION); |
317 String fgName = getStorageAttributeValue(permEntries[i], |
317 FunctionGroup fg = decodeFunctionGroup( |
318 StorageNames.FUNCTION_GROUP); |
318 getStorageAttributeValue(permEntries[i], |
319 if (fgName != null) |
319 StorageNames.FUNCTION_GROUP)); |
|
320 if (fg != null) |
320 { |
321 { |
321 UserSecuritySettings cachedSettings = |
322 UserSecuritySettings cachedSettings = |
322 (UserSecuritySettings)fGroups.get(fgName); |
323 (UserSecuritySettings)fGroups.get(fg.name); |
323 if (cachedSettings != null) |
324 if (cachedSettings != null) |
324 { |
325 { |
325 permissions.addElement( |
326 permissions.addElement( |
326 new PolicyBasedPermissionImpl( |
327 new PolicyBasedPermissionImpl( |
327 className, |
328 className, |
328 target, |
329 target, |
329 actionList, |
330 actionList, |
|
331 fg.type, |
330 cachedSettings)); |
332 cachedSettings)); |
331 } |
333 } |
332 else |
334 else |
333 { |
335 { |
334 // query the settings details |
336 // query the settings details |
336 fgQuery.addAttribute(new StorageAttribute( |
338 fgQuery.addAttribute(new StorageAttribute( |
337 StorageAttribute.ID, |
339 StorageAttribute.ID, |
338 appUID.getStringValue())); |
340 appUID.getStringValue())); |
339 fgQuery.addAttribute(new StorageAttribute( |
341 fgQuery.addAttribute(new StorageAttribute( |
340 StorageNames.FUNCTION_GROUP, |
342 StorageNames.FUNCTION_GROUP, |
341 fgName)); |
343 fg.name)); |
342 fgQuery.addAttribute(new StorageAttribute( |
344 fgQuery.addAttribute(new StorageAttribute( |
343 StorageNames.ALLOWED_SETTINGS, |
345 StorageNames.ALLOWED_SETTINGS, |
344 "")); |
346 "")); |
345 fgQuery.addAttribute(new StorageAttribute( |
347 fgQuery.addAttribute(new StorageAttribute( |
346 StorageNames.CURRENT_SETTING, |
348 StorageNames.CURRENT_SETTING, |
362 getStorageAttributeValue(fgEntries[0], |
364 getStorageAttributeValue(fgEntries[0], |
363 StorageNames.CURRENT_SETTING)).intValue(); |
365 StorageNames.CURRENT_SETTING)).intValue(); |
364 String blanketPrompt = getStorageAttributeValue(fgEntries[0], |
366 String blanketPrompt = getStorageAttributeValue(fgEntries[0], |
365 StorageNames.BLANKET_PROMPT); |
367 StorageNames.BLANKET_PROMPT); |
366 UserSecuritySettings settings = new UserSecuritySettingsImpl( |
368 UserSecuritySettings settings = new UserSecuritySettingsImpl( |
367 fgName, |
369 fg.name, |
368 currentSetting, |
370 currentSetting, |
369 decodeAllowedSettings(allowedSettings), |
371 decodeAllowedSettings(allowedSettings), |
370 ("1".equals(blanketPrompt) ? true : false)); |
372 ("1".equals(blanketPrompt) ? true : false), |
|
373 fg.isActive); |
371 permissions.addElement( |
374 permissions.addElement( |
372 new PolicyBasedPermissionImpl( |
375 new PolicyBasedPermissionImpl( |
373 className, |
376 className, |
374 target, |
377 target, |
375 actionList, |
378 actionList, |
|
379 fg.type, |
376 settings)); |
380 settings)); |
377 fGroups.put(fgName, settings); |
381 fGroups.put(fg.name, settings); |
378 } |
382 } |
379 catch (NumberFormatException e) |
383 catch (NumberFormatException e) |
380 { |
384 { |
381 Logger.ELOG(Logger.EJavaSecurity, "Permission read failed", e); |
385 Logger.ELOG(Logger.EJavaSecurity, "Permission read failed", e); |
382 } |
386 } |
481 // (if not already done) |
488 // (if not already done) |
482 String fgName = settings.getName(); |
489 String fgName = settings.getName(); |
483 StorageAttribute fgAttribute = new StorageAttribute( |
490 StorageAttribute fgAttribute = new StorageAttribute( |
484 StorageNames.FUNCTION_GROUP, |
491 StorageNames.FUNCTION_GROUP, |
485 fgName); |
492 fgName); |
486 permEntry.addAttribute(fgAttribute); |
493 if (p.getType() == PolicyBasedPermission.USER_ASSIGNED_TYPE |
|
494 || !settings.isActive()) |
|
495 { |
|
496 // the inactive settings or the settings of assigned |
|
497 // permissions with user settings should be activated |
|
498 // only after the first usage of the permission. |
|
499 // Otherwise it creates confusion for the user, |
|
500 // like in the following use cases: |
|
501 // 1) the installation time dialog would include the assigned |
|
502 // permissions even though the MIDlet did not request it |
|
503 // 2) after installing a MIDlet suite and before accessing |
|
504 // some protected functionality (which is guarder by |
|
505 // assigned permission with user setting) the user sees |
|
506 // the settings of the permissions in the MIDlet settings |
|
507 // (even though the MIDlet might never access such |
|
508 // functionality) |
|
509 // |
|
510 // disabling the settings = alter the name of the function |
|
511 // group stored in PERMISSIONS table |
|
512 permEntry.addAttribute(new StorageAttribute( |
|
513 StorageNames.FUNCTION_GROUP, |
|
514 encodeFunctionGroup(p.getType(),fgName))); |
|
515 } |
|
516 else |
|
517 { |
|
518 permEntry.addAttribute(fgAttribute); |
|
519 } |
487 // Do we need to check if the settings which already exist |
520 // Do we need to check if the settings which already exist |
488 // are equal to the ones which are to be inserted? |
521 // are equal to the ones which are to be inserted? |
489 // This won't even happen, since all the settings are read |
522 // This won't even happen, since all the settings are read |
490 // from the security policy |
523 // from the security policy |
491 // If we don't check, then the first settings are stored and are |
524 // If we don't check, then the first settings are stored and are |
720 entry.addAttribute(new StorageAttribute( |
753 entry.addAttribute(new StorageAttribute( |
721 StorageNames.VALID_CERTS, |
754 StorageNames.VALID_CERTS, |
722 validCerts)); |
755 validCerts)); |
723 } |
756 } |
724 int securityWarningsMode = data.getSecurityWarningsMode(); |
757 int securityWarningsMode = data.getSecurityWarningsMode(); |
|
758 if (update) |
|
759 { |
|
760 securityWarningsMode = readSecurityWarningsMode(appUID); |
|
761 } |
725 if (securityWarningsMode == GeneralSecuritySettings.DEFAULT_SECURITY_MODE |
762 if (securityWarningsMode == GeneralSecuritySettings.DEFAULT_SECURITY_MODE |
726 || securityWarningsMode == GeneralSecuritySettings.USER_SECURITY_MODE) |
763 || securityWarningsMode == GeneralSecuritySettings.USER_SECURITY_MODE) |
727 { |
764 { |
728 entry.addAttribute(new StorageAttribute( |
765 entry.addAttribute(new StorageAttribute( |
729 StorageNames.SECURITY_WARNINGS, |
766 StorageNames.SECURITY_WARNINGS, |
1011 settings[i].getName(), |
1048 settings[i].getName(), |
1012 currentInteractionMode, |
1049 currentInteractionMode, |
1013 blanketPromptShown); |
1050 blanketPromptShown); |
1014 } |
1051 } |
1015 } |
1052 } |
|
1053 } |
|
1054 |
|
1055 /** |
|
1056 * Activates user security settings |
|
1057 * |
|
1058 * @param appUID the UID of the application whose user |
|
1059 settings are activatesversion is read |
|
1060 * @param settingsName the name of permission whose settings |
|
1061 * which are activated |
|
1062 */ |
|
1063 public void activateUserSecuritySettings( |
|
1064 Uid msUID, |
|
1065 PolicyBasedPermission permission) |
|
1066 { |
|
1067 if (permission.getUserSecuritySettings() == null) |
|
1068 { |
|
1069 return; |
|
1070 } |
|
1071 StorageEntry oldEntry = new StorageEntry(); |
|
1072 oldEntry.addAttribute(new StorageAttribute( |
|
1073 StorageAttribute.ID, |
|
1074 msUID.getStringValue())); |
|
1075 oldEntry.addAttribute(new StorageAttribute( |
|
1076 StorageNames.FUNCTION_GROUP, |
|
1077 encodeFunctionGroup(permission.getType(), |
|
1078 permission.getUserSecuritySettings().getName()))); |
|
1079 StorageEntry newEntry = new StorageEntry(); |
|
1080 newEntry.addAttribute(new StorageAttribute( |
|
1081 StorageAttribute.ID, |
|
1082 msUID.getStringValue())); |
|
1083 newEntry.addAttribute(new StorageAttribute( |
|
1084 StorageNames.FUNCTION_GROUP, |
|
1085 permission.getUserSecuritySettings().getName())); |
|
1086 doStorageUpdate(StorageNames.MIDP_PERMISSIONS_TABLE, |
|
1087 newEntry, |
|
1088 oldEntry); |
1016 } |
1089 } |
1017 |
1090 |
1018 /** |
1091 /** |
1019 * Reads the value of the suite version attribute |
1092 * Reads the value of the suite version attribute |
1020 * |
1093 * |
1211 UserSecuritySettings newSettings |
1284 UserSecuritySettings newSettings |
1212 = p.getUserSecuritySettings(); |
1285 = p.getUserSecuritySettings(); |
1213 if (oldSettings != null |
1286 if (oldSettings != null |
1214 && newSettings != null) |
1287 && newSettings != null) |
1215 { |
1288 { |
|
1289 boolean activeSettings = false; |
|
1290 if (oldSettings.isActive() |
|
1291 || newSettings.isActive()) |
|
1292 { |
|
1293 activeSettings = true; |
|
1294 } |
1216 newGrantedPermissions.addElement( |
1295 newGrantedPermissions.addElement( |
1217 new PolicyBasedPermissionImpl( |
1296 new PolicyBasedPermissionImpl( |
1218 p.getName(), |
1297 p.getName(), |
1219 p.getTarget(), |
1298 p.getTarget(), |
1220 p.getActionList(), |
1299 p.getActionList(), |
|
1300 p.getType(), |
1221 new UserSecuritySettingsImpl( |
1301 new UserSecuritySettingsImpl( |
1222 newSettings.getName(), |
1302 newSettings.getName(), |
1223 oldSettings.getCurrentInteractionMode(), |
1303 oldSettings.getCurrentInteractionMode(), |
1224 newSettings.getAllowedInteractionModes(), |
1304 newSettings.getAllowedInteractionModes(), |
1225 oldSettings.getBlanketPrompt()))); |
1305 oldSettings.getBlanketPrompt(), |
|
1306 activeSettings))); |
1226 } |
1307 } |
1227 else |
1308 else |
1228 { |
1309 { |
1229 newGrantedPermissions.addElement(p); |
1310 newGrantedPermissions.addElement(p); |
1230 } |
1311 } |
1790 return i; |
1871 return i; |
1791 } |
1872 } |
1792 } |
1873 } |
1793 return NOT_FOUND; |
1874 return NOT_FOUND; |
1794 } |
1875 } |
|
1876 |
|
1877 private String encodeFunctionGroup(int type, String name) |
|
1878 { |
|
1879 return (type + ";" + name); |
|
1880 } |
|
1881 |
|
1882 private FunctionGroup decodeFunctionGroup(String fg) |
|
1883 { |
|
1884 boolean isActive = true; |
|
1885 if (fg != null) |
|
1886 { |
|
1887 int sepIndex = fg.indexOf(";"); |
|
1888 int type = PolicyBasedPermission.USER_TYPE; |
|
1889 if (sepIndex != -1) |
|
1890 { |
|
1891 isActive = false; |
|
1892 try |
|
1893 { |
|
1894 type = Integer.valueOf( |
|
1895 fg.substring(0, sepIndex)).intValue(); |
|
1896 } |
|
1897 catch (NumberFormatException e) |
|
1898 { |
|
1899 } |
|
1900 } |
|
1901 return new FunctionGroup(type, fg.substring(sepIndex + 1), isActive); |
|
1902 } |
|
1903 return null; |
|
1904 } |
|
1905 |
|
1906 private class FunctionGroup |
|
1907 { |
|
1908 FunctionGroup(int type, String name, boolean isActive) |
|
1909 { |
|
1910 this.type = type; |
|
1911 this.name = name; |
|
1912 this.isActive = isActive; |
|
1913 } |
|
1914 private boolean isActive; |
|
1915 private int type; |
|
1916 private String name; |
|
1917 } |
1795 } |
1918 } |