|
1 /* |
|
2 * Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Interface for granting a permission and for using files from |
|
15 * apps' private cage. No capabilities required |
|
16 * |
|
17 */ |
|
18 |
|
19 |
|
20 |
|
21 #ifndef __FTOKENCLIENT_H__ |
|
22 #define __FTOKENCLIENT_H__ |
|
23 |
|
24 #include <e32std.h> |
|
25 #include <f32file.h> |
|
26 |
|
27 const TInt KMaxTokenLenght(8); |
|
28 |
|
29 /** |
|
30 * Utility class for for giving another process permission (token) to |
|
31 * access on demand a specific file from another process. The class |
|
32 * permits process (provider) to grant another process (consumer) ability to |
|
33 * open, read and close the named file on demand as the consumer so wishes, |
|
34 * without repeated interaction between provider and consumer. |
|
35 * |
|
36 * Tokens are valid as long the session used for grating the permission is connected |
|
37 * |
|
38 * @code |
|
39 * |
|
40 * // Provider should usually instantiate session as member variable as session lifetime |
|
41 * // defines the tokens lifetime also, consumer may generate session on-demand based as well |
|
42 * |
|
43 * RFTokenClient client; |
|
44 * User::LeaveIfError(client.Connect()); |
|
45 * CleanupClosePushL(client); |
|
46 * |
|
47 * // Provider, generating token based on known uid (made up uid in this example ;) |
|
48 * |
|
49 * TInt64 token = 0; |
|
50 * TPckg<TInt64> tokenbuf(token); |
|
51 * |
|
52 * _LIT(KMYPRIVATEFILE, "z:\\private\\1028289F\\focus.png"); // full path with drive letter must be given |
|
53 * |
|
54 * TSecureId consumerSecId(0x10282845); |
|
55 * |
|
56 * User::LeaveIfError(iClient.GenerateToken(),TSecurityPolicy(consumerSecId), tokenbuf)); |
|
57 * |
|
58 * // Generating token based on existing token |
|
59 * // Nb. Consumer may ensure extended lifetime for token by "cloning" it |
|
60 * // (i.e. make sure that token remains valid even the session of orifial provider |
|
61 * // is closed ) |
|
62 * |
|
63 * TInt64 token2 = 0; |
|
64 * TPckg<TInt64> tokenbuf2(token2); |
|
65 * |
|
66 * User::LeaveIfError(client.GenerateToken(tokenbuf, Application()->AppDllUid(), tokenbuf2)); |
|
67 * |
|
68 * // Consumer, opening file based on token |
|
69 * |
|
70 * RFile file; |
|
71 * User::LeaveIfError(client.OpenFileForToken(file, tokenbuf2)); |
|
72 * |
|
73 * @endcode |
|
74 */ |
|
75 NONSHARABLE_CLASS(RFTokenClient): public RSessionBase |
|
76 { |
|
77 public: |
|
78 /** |
|
79 * Connects to server. If the server does not exist, starts the server . |
|
80 */ |
|
81 IMPORT_C TInt Connect(); |
|
82 |
|
83 /* Methods for granting permission */ |
|
84 |
|
85 /** |
|
86 * Generates token based on filename. Method is synchronous. |
|
87 * |
|
88 * @param aFileName Filename of file to be shared |
|
89 * @param aSecurityPolicy Security policy that a process that process must fullfill to gain access to file |
|
90 * @param aToken Generated token, 64-bit integer as a 8-bit descriptor |
|
91 * @return Any system wide error code, KErrNone on success |
|
92 */ |
|
93 IMPORT_C TInt GenerateToken(const TDesC& aFileName, const TSecurityPolicy& aSecurityPolicy, TDes8& aToken) const; |
|
94 |
|
95 /** |
|
96 * Generates token based on open file handle. Method is synchronous. |
|
97 * |
|
98 * @param aOpenFile Open filehandle, can reside other process gage as well |
|
99 * @param aSecurityPolicy Security policy that a process that process must fullfill to gain access to file |
|
100 * @param aToken Generated token, 64-bit integer as a 8-bit descriptor |
|
101 * @return Any system wide error code, KErrNone on success |
|
102 */ |
|
103 IMPORT_C TInt GenerateToken(const RFile& aOpenFile, const TSecurityPolicy& aSecurityPolicy, TDes8& aToken) const; |
|
104 |
|
105 /** |
|
106 * Generates token based on existing token. Method is synchronous. |
|
107 * |
|
108 * @param aExistingToken Token that is valid inside this process (SecId matches) |
|
109 * @param aSecurityPolicy Security policy that a process that process must fullfill to gain access to file |
|
110 * @param aToken Generated token, 64-bit integer as a 8-bit descriptor |
|
111 * @return Any system wide error code, KErrNone on success |
|
112 */ |
|
113 IMPORT_C TInt GenerateToken(const TDesC8& aExistingToken, const TSecurityPolicy& aSecurityPolicy, TDes8& aToken) const; |
|
114 |
|
115 |
|
116 /* Methods for granting permission, for convenience */ |
|
117 |
|
118 /** |
|
119 * Generates token based on filename. Method is synchronous. |
|
120 * |
|
121 * @param aFileName Filename of file to be shared |
|
122 * @param aConsumerUid Secure id of process that gains access to file |
|
123 * @param aToken Generated token, 64-bit integer as a 8-bit descriptor |
|
124 * @return Any system wide error code, KErrNone on success |
|
125 */ |
|
126 IMPORT_C TInt GenerateToken(const TDesC& aFileName, const TUid& aConsumerUid, TDes8& aToken) const; |
|
127 |
|
128 /** |
|
129 * Generates token based on open file handle. Method is synchronous. |
|
130 * |
|
131 * @param aOpenFile Open filehandle, can reside other process gage as well |
|
132 * @param aConsumerUid Secure id of process that gains access to file |
|
133 * @param aToken Generated token, 64-bit integer as a 8-bit descriptor |
|
134 * @return Any system wide error code, KErrNone on success |
|
135 */ |
|
136 IMPORT_C TInt GenerateToken(const RFile& aOpenFile, const TUid& aConsumerUid, TDes8& aToken) const; |
|
137 |
|
138 /** |
|
139 * Generates token based on existing token. Method is synchronous. |
|
140 * |
|
141 * @param aExistingToken Token that is valid inside this process (SecId matches) |
|
142 * @param aConsumerUid Secure id of process that gains access to file |
|
143 * @param aToken Generated token, 64-bit integer as a 8-bit descriptor |
|
144 * @return Any system wide error code, KErrNone on success |
|
145 */ |
|
146 IMPORT_C TInt GenerateToken(const TDesC8& aExistingToken, const TUid& aConsumerUid, TDes8& aToken) const; |
|
147 |
|
148 |
|
149 /* Methods for accessing file based on token */ |
|
150 |
|
151 /** |
|
152 * Opens filehandle based on token. Method is synchronous. |
|
153 * |
|
154 * @param aHandle Unattached handle |
|
155 * @param aToken Token that is valid in for this process |
|
156 * @return Any system wide error code, KErrNone on success |
|
157 */ |
|
158 IMPORT_C TInt OpenFileForToken(RFile& aHandle, const TDesC8& aToken) const; |
|
159 |
|
160 private: |
|
161 TInt iSpare1; |
|
162 TInt iSpare2; |
|
163 }; |
|
164 |
|
165 #endif |