1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/security/authorisation/userpromptservice/inc_private/serviceconfig.h Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,106 @@
1.4 +/*
1.5 +* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
1.6 +* All rights reserved.
1.7 +* This component and the accompanying materials are made available
1.8 +* under the terms of the License "Eclipse Public License v1.0"
1.9 +* which accompanies this distribution, and is available
1.10 +* at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.11 +*
1.12 +* Initial Contributors:
1.13 +* Nokia Corporation - initial contribution.
1.14 +*
1.15 +* Contributors:
1.16 +*
1.17 +* Description:
1.18 +* Class definitions for configuration data used by the User Prompt Service client library.
1.19 +*
1.20 +*/
1.21 +
1.22 +
1.23 +/**
1.24 + @file
1.25 + @internalComponent
1.26 + @released
1.27 +*/
1.28 +
1.29 +#ifndef SERVICECONFIG_H
1.30 +#define SERVICECONFIG_H
1.31 +
1.32 +#include <e32base.h>
1.33 +#include <e32cmn.h>
1.34 +
1.35 +namespace UserPromptService
1.36 + {
1.37 + /**
1.38 + Specifies whether authorisation from the User Prompt Service is required for
1.39 + requests from clients that passed the system server's security check.
1.40 +
1.41 + Note that protected SID checks are based on the SID of the application excutable
1.42 + issuing the request, not the UID of the package owning that executable.
1.43 +
1.44 + If a policy file is not defined for a system server or service then a default
1.45 + value of ECheckNever will be used because this is compatible with the existing
1.46 + platform security behavior.
1.47 + */
1.48 + enum TAuthorisationPolicy
1.49 + {
1.50 + /**
1.51 + Ignore the system server (platsec) checks, and always ask the UPS what to do.
1.52 + */
1.53 + EAlwaysCheck = 0,
1.54 +
1.55 + /**
1.56 + For application executables with a protected SID, launched from the
1.57 + Z drive, where the system server checks have passed, allow the request.
1.58 + Otherwise call the UPS which may still choose to allow the request.
1.59 +
1.60 + For all other executables, ignore the system server (platsec) checks, and
1.61 + always ask the UPS what to do.
1.62 + */
1.63 + ECheckPostManufacture = 1,
1.64 +
1.65 + /**
1.66 + For application executables with a protected SID (regardless of drive), where
1.67 + the system server checks have passed, allow the request.
1.68 + Otherwise call the UPS which may still choose to allow the request.
1.69 +
1.70 + For all other executables, ignore the system server (platsec) checks, and
1.71 + always ask the UPS what to do.
1.72 + */
1.73 + ECheckUnprotectedSids = 2,
1.74 +
1.75 + /**
1.76 + If the system server checks passed, allow the request.
1.77 + If they failed, call the UPS which may still choose to allow the request.
1.78 + */
1.79 + ECheckIfFailed = 3,
1.80 +
1.81 + /**
1.82 + If the system server checks passed, allow the request.
1.83 + If the system server checks failed, reject the request.
1.84 +
1.85 + Never query the UPS - just use existing security check result implemented
1.86 + by system server.
1.87 + */
1.88 + ENeverCheck = 4
1.89 + };
1.90 +
1.91 + /**
1.92 + Encapsulates the configuration data for an individual service provided by a system server.
1.93 + This is used by the User Prompt Service client library and is derived from policy files.
1.94 +
1.95 + - Associates a service id with the policy that determines whether the system
1.96 + server should ask the User Prompt Service whether the client's request is authorised.
1.97 + */
1.98 + struct TServiceConfig
1.99 + {
1.100 + /** The UID of the service that this policy applies to. */
1.101 + TUint iServiceId; // This MUST be a TUint and MUST be at offset 0 in this struct
1.102 + /** Whether addtional authorisation is required from the user prompt service. */
1.103 + TAuthorisationPolicy iPolicy;
1.104 + TUint16 iMajorVersion; ///< Major version no. of UPS policy file.
1.105 + TUint16 iMinorVersion; ///< Minor version no. of UPS policy file.
1.106 + };
1.107 + }
1.108 +
1.109 +#endif // SERVICECONFIG_H