|
1 /* |
|
2 * Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of the License "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: |
|
15 * Class definitions for configuration data used by the User Prompt Service client library. |
|
16 * |
|
17 */ |
|
18 |
|
19 |
|
20 /** |
|
21 @file |
|
22 @internalComponent |
|
23 @released |
|
24 */ |
|
25 |
|
26 #ifndef SERVICECONFIG_H |
|
27 #define SERVICECONFIG_H |
|
28 |
|
29 #include <e32base.h> |
|
30 #include <e32cmn.h> |
|
31 |
|
32 namespace UserPromptService |
|
33 { |
|
34 /** |
|
35 Specifies whether authorisation from the User Prompt Service is required for |
|
36 requests from clients that passed the system server's security check. |
|
37 |
|
38 Note that protected SID checks are based on the SID of the application excutable |
|
39 issuing the request, not the UID of the package owning that executable. |
|
40 |
|
41 If a policy file is not defined for a system server or service then a default |
|
42 value of ECheckNever will be used because this is compatible with the existing |
|
43 platform security behavior. |
|
44 */ |
|
45 enum TAuthorisationPolicy |
|
46 { |
|
47 /** |
|
48 Ignore the system server (platsec) checks, and always ask the UPS what to do. |
|
49 */ |
|
50 EAlwaysCheck = 0, |
|
51 |
|
52 /** |
|
53 For application executables with a protected SID, launched from the |
|
54 Z drive, where the system server checks have passed, allow the request. |
|
55 Otherwise call the UPS which may still choose to allow the request. |
|
56 |
|
57 For all other executables, ignore the system server (platsec) checks, and |
|
58 always ask the UPS what to do. |
|
59 */ |
|
60 ECheckPostManufacture = 1, |
|
61 |
|
62 /** |
|
63 For application executables with a protected SID (regardless of drive), where |
|
64 the system server checks have passed, allow the request. |
|
65 Otherwise call the UPS which may still choose to allow the request. |
|
66 |
|
67 For all other executables, ignore the system server (platsec) checks, and |
|
68 always ask the UPS what to do. |
|
69 */ |
|
70 ECheckUnprotectedSids = 2, |
|
71 |
|
72 /** |
|
73 If the system server checks passed, allow the request. |
|
74 If they failed, call the UPS which may still choose to allow the request. |
|
75 */ |
|
76 ECheckIfFailed = 3, |
|
77 |
|
78 /** |
|
79 If the system server checks passed, allow the request. |
|
80 If the system server checks failed, reject the request. |
|
81 |
|
82 Never query the UPS - just use existing security check result implemented |
|
83 by system server. |
|
84 */ |
|
85 ENeverCheck = 4 |
|
86 }; |
|
87 |
|
88 /** |
|
89 Encapsulates the configuration data for an individual service provided by a system server. |
|
90 This is used by the User Prompt Service client library and is derived from policy files. |
|
91 |
|
92 - Associates a service id with the policy that determines whether the system |
|
93 server should ask the User Prompt Service whether the client's request is authorised. |
|
94 */ |
|
95 struct TServiceConfig |
|
96 { |
|
97 /** The UID of the service that this policy applies to. */ |
|
98 TUint iServiceId; // This MUST be a TUint and MUST be at offset 0 in this struct |
|
99 /** Whether addtional authorisation is required from the user prompt service. */ |
|
100 TAuthorisationPolicy iPolicy; |
|
101 TUint16 iMajorVersion; ///< Major version no. of UPS policy file. |
|
102 TUint16 iMinorVersion; ///< Minor version no. of UPS policy file. |
|
103 }; |
|
104 } |
|
105 |
|
106 #endif // SERVICECONFIG_H |