1 /*

     2 * Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies). 

     3 * All rights reserved.

     4 * This component and the accompanying materials are made available

     5 * under the terms of "Eclipse Public License v1.0"

     6 * which accompanies this distribution, and is available

     7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".

     8 *

     9 * Initial Contributors:

    10 * Nokia Corporation - initial contribution.

    11 *

    12 * Contributors:

    13 *

    14 * Description:   Interface for granting a permission and for using files from 

    15 *                apps' private cage. No capabilities required 

    16 *

    17 */

    18 

    19 

    20 

    21 #ifndef __FTOKENCLIENT_H__

    22 #define __FTOKENCLIENT_H__

    23 

    24 #include <e32std.h>

    25 #include <f32file.h>

    26 

    27 const TInt KMaxTokenLenght(8);

    28 

    29 /**

    30 * Utility class for for giving another process permission (token) to

    31 * access on demand a specific file from another process. The class

    32 * permits process (provider) to grant another process (consumer) ability to

    33 * open, read and close the named file on demand as the consumer so wishes, 

    34 * without repeated interaction between provider and consumer. 

    35 *

    36 * Tokens are valid as long the session used for grating the permission is connected 

    37 * 

    38 * @code

    39 *

    40 *    // Provider should usually instantiate session as member variable as session lifetime 

    41 *    // defines the tokens lifetime also, consumer may generate session on-demand based as well

    42 *

    43 *    RFTokenClient client;

    44 *    User::LeaveIfError(client.Connect());

    45 *    CleanupClosePushL(client);

    46 *

    47 *   // Provider, generating token based on known uid (made up uid in this example ;)

    48 *

    49 *   TInt64 token = 0;

    50 *   TPckg<TInt64> tokenbuf(token); 

    51 *    

    52 *   _LIT(KMYPRIVATEFILE, "z:\\private\\1028289F\\focus.png"); // full path with drive letter must be given

    53 *   

    54 *   TSecureId consumerSecId(0x10282845); 

    55 *

    56 *   User::LeaveIfError(iClient.GenerateToken(),TSecurityPolicy(consumerSecId), tokenbuf));

    57 *

    58 *   // Generating token based on existing token

    59 *   // Nb. Consumer may ensure extended lifetime for token by "cloning" it

    60 *   // (i.e. make sure that token remains valid even the session of orifial provider

    61 *   // is closed )  

    62 *

    63 *   TInt64 token2 = 0;

    64 *   TPckg<TInt64> tokenbuf2(token2); 

    65 *

    66 *    User::LeaveIfError(client.GenerateToken(tokenbuf, Application()->AppDllUid(), tokenbuf2));

    67 *

    68 *  // Consumer, opening file based on token

    69 *

    70 *   RFile file;

    71 *   User::LeaveIfError(client.OpenFileForToken(file, tokenbuf2));

    72 *    

    73 * @endcode

    74 */    

    75 NONSHARABLE_CLASS(RFTokenClient): public RSessionBase

    76     {

    77 public:

    78     /**

    79 	* Connects to server. If the server does not exist, starts the server .

    80 	*/

    81     IMPORT_C TInt Connect();

    82     

    83     /* Methods for granting permission */

    84     

    85     /**

    86 	* Generates token based on filename. Method is synchronous.

    87 	*

    88 	* @param aFileName          Filename of file to be shared

    89 	* @param aSecurityPolicy    Security policy that a process that process must fullfill to gain access to file 

    90 	* @param aToken             Generated token, 64-bit integer as a 8-bit descriptor              

    91 	* @return                   Any system wide error code, KErrNone on success

    92 	*/

    93     IMPORT_C TInt GenerateToken(const TDesC& aFileName, const TSecurityPolicy& aSecurityPolicy, TDes8& aToken) const;    

    94     

    95     /**

    96 	* Generates token based on open file handle. Method is synchronous.

    97 	*

    98 	* @param aOpenFile          Open filehandle, can reside other process gage as well

    99 	* @param aSecurityPolicy    Security policy that a process that process must fullfill to gain access to file 

   100 	* @param aToken             Generated token, 64-bit integer as a 8-bit descriptor              

   101 	* @return                   Any system wide error code, KErrNone on success

   102 	*/

   103     IMPORT_C TInt GenerateToken(const RFile& aOpenFile, const TSecurityPolicy& aSecurityPolicy, TDes8& aToken) const;    

   104     

   105     /**

   106 	* Generates token based on existing token. Method is synchronous.

   107 	*

   108 	* @param aExistingToken     Token that is valid inside this process (SecId matches)

   109 	* @param aSecurityPolicy    Security policy that a process that process must fullfill to gain access to file 

   110 	* @param aToken             Generated token, 64-bit integer as a 8-bit descriptor              

   111 	* @return                   Any system wide error code, KErrNone on success

   112 	*/

   113     IMPORT_C TInt GenerateToken(const TDesC8& aExistingToken, const TSecurityPolicy& aSecurityPolicy, TDes8& aToken) const;    

   114 

   115     

   116     /* Methods for granting permission, for convenience */

   117     

   118     /**

   119 	* Generates token based on filename. Method is synchronous.

   120 	*

   121 	* @param aFileName          Filename of file to be shared

   122 	* @param aConsumerUid       Secure id of process that gains access to file 

   123 	* @param aToken             Generated token, 64-bit integer as a 8-bit descriptor              

   124 	* @return                   Any system wide error code, KErrNone on success

   125 	*/

   126     IMPORT_C TInt GenerateToken(const TDesC& aFileName, const TUid& aConsumerUid, TDes8& aToken) const;

   127     

   128     /**

   129 	* Generates token based on open file handle. Method is synchronous.

   130 	*

   131 	* @param aOpenFile          Open filehandle, can reside other process gage as well

   132 	* @param aConsumerUid       Secure id of process that gains access to file 

   133 	* @param aToken             Generated token, 64-bit integer as a 8-bit descriptor              

   134 	* @return                   Any system wide error code, KErrNone on success

   135 	*/

   136     IMPORT_C TInt GenerateToken(const RFile& aOpenFile, const TUid& aConsumerUid, TDes8& aToken) const;    

   137     

   138     /**

   139 	* Generates token based on existing token. Method is synchronous.

   140 	*

   141 	* @param aExistingToken     Token that is valid inside this process (SecId matches)

   142 	* @param aConsumerUid       Secure id of process that gains access to file 

   143 	* @param aToken             Generated token, 64-bit integer as a 8-bit descriptor              

   144 	* @return                   Any system wide error code, KErrNone on success

   145 	*/

   146     IMPORT_C TInt GenerateToken(const TDesC8& aExistingToken, const TUid& aConsumerUid, TDes8& aToken) const;    

   147     

   148     

   149     /* Methods for accessing file based on token */

   150     

   151     /**

   152 	* Opens filehandle based on token. Method is synchronous.

   153 	*

   154 	* @param aHandle     Unattached handle 

   155 	* @param aToken      Token that is valid in for this process              

   156 	* @return            Any system wide error code, KErrNone on success

   157 	*/

   158     IMPORT_C TInt OpenFileForToken(RFile& aHandle, const TDesC8& aToken) const;

   159 

   160 private:

   161     TInt iSpare1;

   162     TInt iSpare2;

   163     };

   164     

   165 #endif