diff -r 675a964f4eb5 -r 35751d3474b7 authorisation/userpromptservice/policies/source/policy.cpp --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/authorisation/userpromptservice/policies/source/policy.cpp Thu Sep 10 14:01:51 2009 +0300 @@ -0,0 +1,341 @@ +/* +* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies). +* All rights reserved. +* This component and the accompanying materials are made available +* under the terms of the License "Eclipse Public License v1.0" +* which accompanies this distribution, and is available +* at the URL "http://www.eclipse.org/legal/epl-v10.html". +* +* Initial Contributors: +* Nokia Corporation - initial contribution. +* +* Contributors: +* +* Description: +* +*/ + + +#include + +using namespace UserPromptService; + +EXPORT_C TSidClasses::TSidClasses(TUint16 aSidClasses) + : iSidClasses(aSidClasses) +/** +Constructor +@param aSidClasses A 32 bit integers that represents the set of SID classes. +*/ + { + } + +EXPORT_C TBool TSidClasses::Contains(const TSecureId& aSid) const +/** +Determines the set of SID classes contains a given SID. +@param aSid The SID to test. +@return ETrue if aSID lies within one of the SID classes. +*/ + { + TInt sidClass = (aSid.iId & 0xf0000000) >> 28; + return (1 << sidClass) & iSidClasses; + } + +EXPORT_C CPolicy* CPolicy::NewL(const TSidClasses& aSidClasses, const RArray& aSidList, + const TDesC& aDestination, TUint aOptions, const TUid& aPolicyEvaluator, + const TUid& aDialogCreator, TUint16 aFlags, TSystemServerSecurity aSystemServerSecurity, + TUint16 aMajorVersion, TUint16 aMinorVersion, TBool aDefault) +/** +Creates a new policy object. + +@param aSidClasses The classes of SIDs that this policy applies to. +@param aSidList A list of individual SIDs that this policy applies to. This overrides aSidClasses. +@param aDestination The wildcard string to match against destination supplied by the system server. +@param aOptions A bit field that defines whether the prompt should be displayed and if so, + what buttons should be available. +@param aPolicyEvaluator The implementation UID of the policy evaluator ECOM plug-in to use with this policy. +@param aDialogCreator The implementation UID of the dialog creator ECOM plug-in to use with this policy. +@param aFlags Flags specific to an individual policy evaluator. +@param aSystemServerSecurity Whether this policy is specific to clients that pass/fail + the system server's security check. +@param aMajorVersion The major version of the UPS policy file. +@param aMinorVersion The minor version of the UPS policy file. +@param aDefault Set to ETrue if this is an automatically generated policy + because no match was found in the policy file. + +@return A pointer to the new policy object. + */ + { + CPolicy* self = CPolicy::NewLC(aSidClasses, aSidList, aDestination, aOptions, + aPolicyEvaluator, aDialogCreator, aFlags, aSystemServerSecurity, + aMajorVersion, aMinorVersion, aDefault); + CleanupStack::Pop(self); + return self; + } + +EXPORT_C CPolicy* CPolicy::NewLC(const TSidClasses& aSidClasses, const RArray& aSidList, + const TDesC& aDestination, TUint aOptions, const TUid& aPolicyEvaluator, + const TUid& aDialogCreator, TUint16 aFlags, TSystemServerSecurity aSystemServerSecurity, + TUint16 aMajorVersion, TUint16 aMinorVersion, TBool aDefault) +/** +Creates a new policy object and puts the pointer on the cleanup stack. + +@param aSidClasses The classes of SIDs that this policy applies to. +@param aSidList A list of individual SIDs that this policy applies to. This overrides aSidClasses. +@param aDestination The wildcard string to match against destination supplied by the system server. +@param aOptions A bit field that defines whether the prompt should be displayed and if so, + what buttons should be available. +@param aPolicyEvaluator The implementation UID of the policy evaluator ECOM plug-in to use with this policy. +@param aDialogCreator The implementation UID of the dialog creator ECOM plug-in to use with this policy. +@param aFlags Flags specific to an individual policy evaluator. +@param aSystemServerSecurity Whether this policy is specific to clients that pass/fail + the system server's security check. +@param aMajorVersion The major version of the UPS policy file. +@param aMinorVersion The minor version of the UPS policy file. +@param aDefault Set to ETrue if this is an automatically generated policy + because no match was found in the policy file. + +@return A pointer to the new policy object. + */ + { + CPolicy* self = new(ELeave) CPolicy( + aSidClasses, aOptions, aPolicyEvaluator, + aDialogCreator, aFlags, aSystemServerSecurity, + aMajorVersion, aMinorVersion, aDefault); + CleanupStack::PushL(self); + self->ConstructL(aSidList, aDestination); + return self; + } + +EXPORT_C TBool CPolicy::Matches(const TSecureId& aClientSid, const TDesC& aDestination, TBool aSecurityResult) const +/** +Determines whether a request matches this policy. +The request matches if and only if the following conditions are true. + +- aClientSid matches an entry in the SID list or lies within one of the classes of SIDs +- aDestination matches the destination wildcard string in the policy. +- The result of the system server's securitiy check for this client matches the rule defined + for this policy. + - iSystemServerSecurity == ESystemServerSecurityPassedOrFailed OR + - aSecurityResult == ETrue and iSystemServerSecurity == ESystemServerSecurityPassed OR + - aSecurityResult == EFalse and iSystemServerSecurity == ESystemServerSecurityFailed + +@param aClientSid The SID of the client application +@param aDestination A descriptor containing the destination supplied by the system server. +@param aSecurityResult ETrue, if the client passed the system server's security check, otherwise, EFalse. +@return ETrue If the policy matches the request; otherwise EFalse is returned. +*/ + { + if (iSystemServerSecurity == CPolicy::ESystemServerSecurityPassed && + ! aSecurityResult) + { + return EFalse; + } + else if (iSystemServerSecurity == CPolicy::ESystemServerSecurityFailed && + aSecurityResult) + { + return EFalse; + } + + TBool sidMatch(EFalse); + TInt sidListCount = iSidList.Count(); + if (sidListCount > 0) + { + for (TInt i = 0; i < sidListCount; ++i) + { + if (iSidList[i] == aClientSid.iId) + { + sidMatch = ETrue; + break; + } + } + } + else + { + sidMatch = iSidClasses.Contains(aClientSid); + } + + return sidMatch && (aDestination.MatchF(*iDestination) != KErrNotFound); + } + +EXPORT_C const TDesC& CPolicy::Destination() const +/** +Gets the destination wildcard string. +@return A reference to a descriptor containing the wildcard string to + match against the destination supplied by the system server. + */ + { + return *iDestination; + } + +EXPORT_C const TSidClasses& CPolicy::SidClasses() const +/** +Gets the classes of SIDs that are applicable to this policy. +@return The set of SID classes that this policy applies to. + */ + { + return iSidClasses; + } + +EXPORT_C const RArray& CPolicy::SidList() const +/** +Gets the list of individual SIDs that are applicable to this policy. +The SID list takes precedent over the SID classes when matching policies. + +@return The list of SIDs that this policy applies to as an array of + unsigned integers. +*/ + { + return iSidList; + } + +EXPORT_C CPolicy::TOptions CPolicy::Options() const +/** +Gets the options field for this policy. +@see CPolicy::TOptions +@return A 32bit integer containing the options. +*/ + { + return TOptions(iOptions); + } + +EXPORT_C const TUid& CPolicy::PolicyEvaluator() const +/** +Gets the implementation UID of the policy evaluator to use with this policy. +@return The implementation UID of the Policy Evaluator +*/ + { + return iPolicyEvaluator; + } + +EXPORT_C const TUid& CPolicy::DialogCreator() const +/** +Identifies the Dialog Creator to use with this policy. +@return The implementation UID of the Dialog Creator. +*/ + { + return iDialogCreator; + } + +EXPORT_C TUint16 CPolicy::Flags() const +/** +Gets the flags field. The contents of this field is specific to individual +policy evaluator plug-ins. + +@return The 16-bit flags field +*/ + { + return iFlags; + } + +EXPORT_C TBool CPolicy::Default() const +/** +If a policy file is defined for a request but no policy matches the request +then a default policy object is created to allow the user to authorise a one-shot +request.\n +This function allows the Policy Evaluator to check whether this policy +is the default policy. +N.B. This can be overriden by simply defining a policy at the end of the file +that matches all SIDs and has '*' as the destination wildcard. + +@return ETrue if this policy is the default (automatically generated) policy. +*/ + { + return iDefault; + } + +EXPORT_C TBool CPolicy::PromptRequired() const +/** +Examines the set of options to determine whether the policy requires a prompt to be +displayed. + +If the options fields only contains authorizations (EYes, ESessionYes or EAlways) or conversely +the options field only contains rejections (ENo,ESessionNo or ENever) then this function will +return EFalse.\n + +@return ETrue if a prompt is required or EFalse if a prompt is not required + (in which case the request will probably be silently accepted / rejected). +*/ + { + // (a yes option) && (a no option) + return ((iOptions & (EYes|ESessionYes|EAlways)) && (iOptions & (ENo|ESessionNo|ENever))); + } + +EXPORT_C CPolicy::TSystemServerSecurity CPolicy::SystemServerSecurity() const +/** +Whether this policy is specific to clients's that pass or fail the system +server's securitiy check. +@return An enum that dictates whether this policy only applies if the client + process passed/failed the system server's security check. +*/ + { + return iSystemServerSecurity; + } + +EXPORT_C TUint16 CPolicy::MajorVersion() const +/** +Gets the major version of the UPS policy file containing this policy. +@return A 16-bit unsigned number containing the major version number. +*/ + { + return iMajorVersion; + } + +EXPORT_C TUint16 CPolicy::MinorVersion() const +/** +Gets the minor version of the UPS policy file containing this policy. +@return A 16-bit unsigned number containing the minor version number. +*/ + { + return iMinorVersion; + } + +CPolicy::CPolicy(const TSidClasses& aSidClasses, TUint aOptions, + const TUid& aPolicyEvaluator, const TUid& aDialogCreator, + TUint16 aFlags, TSystemServerSecurity aSystemServerSecurity, + TUint16 aMajorVersion, TUint16 aMinorVersion, TBool aDefault) + +/** +Constructor +@param aSidClasses The classes of SIDs that this policy applies to. +@param aOptions A bit field that defines whether the prompt should be displayed and if so, + what buttons should be available. +@param aPolicyEvaluator The implementation UID of the policy evaluator ECOM plug-in to use with this policy. +@param aDialogCreator The implementation UID of the dialog creator ECOM plug-in to use with this policy. +@param aFlags Flags specific to an individual policy evaluator. +@param aSystemServerSecurity Whether this policy is specific to clients that pass/fail + the system server's security check. +@param aMajorVersion The major version of the UPS policy file. +@param aMinorVersion The minor version of the UPS policy file. +@param aDefault Set to ETrue if this is an automatically generated policy + because no match was found in the policy file. +*/ + : iSidClasses(aSidClasses), iOptions(aOptions), + iPolicyEvaluator(aPolicyEvaluator), iDialogCreator(aDialogCreator), + iFlags(aFlags), iSystemServerSecurity(aSystemServerSecurity), + iMajorVersion(aMajorVersion), iMinorVersion(aMinorVersion), iDefault(aDefault) + { + } + +void CPolicy::ConstructL(const RArray& aSidList, const TDesC& aDestination) +/** +Second phase constructor +@param aSidList A list (possibly empty) of SIDs that this policy applies to. +@param aDestination The destination wildcard string. +*/ + { + TInt numSids = aSidList.Count(); + for (TInt i = 0; i < numSids; ++i) + { + iSidList.AppendL(aSidList[i]); + } + iDestination = aDestination.AllocL(); + } + +CPolicy::~CPolicy() +/** +Destructor +*/ + { + delete iDestination; + iSidList.Close(); + }