1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/persistentdata/persistentstorage/dbms/inc/D32Security.h Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,147 @@
1.4 +// Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies).
1.5 +// All rights reserved.
1.6 +// This component and the accompanying materials are made available
1.7 +// under the terms of "Eclipse Public License v1.0"
1.8 +// which accompanies this distribution, and is available
1.9 +// at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.10 +//
1.11 +// Initial Contributors:
1.12 +// Nokia Corporation - initial contribution.
1.13 +//
1.14 +// Contributors:
1.15 +//
1.16 +// Description:
1.17 +//
1.18 +
1.19 +#ifndef __D32SECURITY_H__
1.20 +#define __D32SECURITY_H__
1.21 +
1.22 +#include "D32Assert.h"
1.23 +
1.24 +//Forward declarations
1.25 +class RFs;
1.26 +
1.27 +/**
1.28 +DBSC namespace is a placeholder for security policy framework.
1.29 +DBSC stands for [D]ata[B]ase [S]e[C]urity.
1.30 +@internalComponent
1.31 +*/
1.32 +namespace DBSC
1.33 +{
1.34 +
1.35 +/**
1.36 +KPolicyTypesCount specifies how many different policy type are maintained by the system.
1.37 +@internalComponent
1.38 +*/
1.39 +const TInt KPolicyTypesCount = 3;
1.40 +
1.41 +/**
1.42 +Each secure shared database/table have a security policy associated with it.
1.43 +There are three security policy types:"READ" - EPTRead - for any database/table read operation,
1.44 + "WRITE"- EPTWrite - for any database/table write operation.
1.45 + "SCHEMA"- EPTSchema - for any database admin operation.
1.46 +To execute particular DBMS operation, the caller must have a set of Capabilities/SID/VID,
1.47 +which must satisfy related R/W/S security policies of the database/table, on which the operation
1.48 +has to be performed.
1.49 +@internalComponent
1.50 +*/
1.51 +typedef enum
1.52 + {
1.53 + EPTNone = 0,
1.54 + EPTRead = 1 << 0,
1.55 + EPTWrite = 1 << 1,
1.56 + EPTSchema = 1 << 2,
1.57 + EPTLast = 1 << (KPolicyTypesCount - 1)
1.58 + } TPolicyType;
1.59 +
1.60 +/**
1.61 +Type of the controled by the security policy object: database or table
1.62 +@internalComponent
1.63 +*/
1.64 +typedef enum
1.65 + {
1.66 + EPOTNone,
1.67 + EPOTDatabase,
1.68 + EPOTTable
1.69 + } TPolicyObjType;
1.70 +
1.71 +/**
1.72 +This enum represents possible type of the requested access when opening/creating a database
1.73 +on the server side:
1.74 +EATNonSecure - non-secure access to private/legacy/shared-non-secure database
1.75 +EATSecure - secure access to shared-secure database
1.76 +@internalComponent
1.77 +*/
1.78 +typedef enum
1.79 + {
1.80 + EATNonSecure,
1.81 + EATSecure
1.82 + } TAccessType;
1.83 +
1.84 +/**
1.85 +This structure packs together the uid from the database format string and
1.86 +requested access type to the database.
1.87 +@internalComponent
1.88 +*/
1.89 +struct TDbPolicyRequest
1.90 + {
1.91 + TUid iUid;
1.92 + TAccessType iAccessType;
1.93 + };
1.94 +
1.95 +/**
1.96 +MPolicy interface is used to check DBMS client capabilities against the security policy
1.97 +managed by this interface.
1.98 +The Check() method parameter, aPolicyType, specifies against which policy (R/W/S) caller
1.99 +capabilities/SID/VID have to be asserted.
1.100 +Do not put MPolicy interfaces in the CleanupStack! MPolicySpace instance will
1.101 +take care about them.
1.102 +Using MPolicy::Dump() method you can dump the content of the controled object
1.103 +into a text file. Note that the dump works only if you have __DBDUMP__ macro defined.
1.104 +@internalComponent
1.105 +*/
1.106 +class MPolicy
1.107 + {
1.108 +public:
1.109 + virtual TBool Check(const RMessage2& aMessage, TPolicyType aPolicyType) const = 0;
1.110 + virtual TInt Get(TPolicyType aPolicyType, TSecurityPolicy& aPolicy) const = 0;
1.111 + DECLARE_DB_DUMP(aFile)
1.112 + };
1.113 +
1.114 +/**
1.115 +MPolicySpace interface represents an interface to the security policiy space, which manages
1.116 +all the security policies, presented in the system.
1.117 +It can be used to retrieve MPolicy interface for particular database/table object or
1.118 +getting the backup&restore security ID.
1.119 +MPolicySpace interface manages static data structure, created during the DBMS startup.
1.120 +The data in this structure will never be modified during the DBMS server life time.
1.121 +DbPolicyL() and TblPolicyL() leave with KErrArgument error, if there is no policy for
1.122 +the database/table object, represented in the method arguments.
1.123 +@internalComponent
1.124 +*/
1.125 +class MPolicySpace
1.126 + {
1.127 +public:
1.128 + virtual void Release() = 0;
1.129 + virtual const MPolicy* DbPolicyL(const TDbPolicyRequest& aDbPolicyRequest) const = 0;
1.130 + virtual const MPolicy* TblPolicyL(const TDbPolicyRequest& aDbPolicyRequest, const TDesC& aTblName) const = 0;
1.131 + virtual TSecureId BackupSIDL(TUid aDbUid) const = 0;
1.132 + };
1.133 +
1.134 +/**
1.135 +TPolicySpaceFactory is a factory class, used for creating an object, which implements
1.136 +MPolicySpace interface.
1.137 +Do not forget that MPolicySpace is a "M" interface, so if
1.138 +you want to push it in the Cleanup Stack, you should use CleanupReleasePushL() call, but not
1.139 +CleanupStack::PushL().
1.140 +@internalComponent
1.141 +*/
1.142 +class TPolicySpaceFactory
1.143 + {
1.144 +public:
1.145 + static MPolicySpace* NewPolicySpaceL(RFs& aFs, const TDesC& aPrivatePath);
1.146 + };
1.147 +
1.148 +} //end of - namespace DBSC
1.149 +
1.150 +#endif//__D32SECURITY_H__