First public contribution.
2 * Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
4 * This component and the accompanying materials are made available
5 * under the terms of the License "Eclipse Public License v1.0"
6 * which accompanies this distribution, and is available
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".
9 * Initial Contributors:
10 * Nokia Corporation - initial contribution.
19 #include <ups/policy.h>
21 using namespace UserPromptService;
23 EXPORT_C TSidClasses::TSidClasses(TUint16 aSidClasses)
24 : iSidClasses(aSidClasses)
27 @param aSidClasses A 32 bit integers that represents the set of SID classes.
32 EXPORT_C TBool TSidClasses::Contains(const TSecureId& aSid) const
34 Determines the set of SID classes contains a given SID.
35 @param aSid The SID to test.
36 @return ETrue if aSID lies within one of the SID classes.
39 TInt sidClass = (aSid.iId & 0xf0000000) >> 28;
40 return (1 << sidClass) & iSidClasses;
43 EXPORT_C CPolicy* CPolicy::NewL(const TSidClasses& aSidClasses, const RArray<TSecureId>& aSidList,
44 const TDesC& aDestination, TUint aOptions, const TUid& aPolicyEvaluator,
45 const TUid& aDialogCreator, TUint16 aFlags, TSystemServerSecurity aSystemServerSecurity,
46 TUint16 aMajorVersion, TUint16 aMinorVersion, TBool aDefault)
48 Creates a new policy object.
50 @param aSidClasses The classes of SIDs that this policy applies to.
51 @param aSidList A list of individual SIDs that this policy applies to. This overrides aSidClasses.
52 @param aDestination The wildcard string to match against destination supplied by the system server.
53 @param aOptions A bit field that defines whether the prompt should be displayed and if so,
54 what buttons should be available.
55 @param aPolicyEvaluator The implementation UID of the policy evaluator ECOM plug-in to use with this policy.
56 @param aDialogCreator The implementation UID of the dialog creator ECOM plug-in to use with this policy.
57 @param aFlags Flags specific to an individual policy evaluator.
58 @param aSystemServerSecurity Whether this policy is specific to clients that pass/fail
59 the system server's security check.
60 @param aMajorVersion The major version of the UPS policy file.
61 @param aMinorVersion The minor version of the UPS policy file.
62 @param aDefault Set to ETrue if this is an automatically generated policy
63 because no match was found in the policy file.
65 @return A pointer to the new policy object.
68 CPolicy* self = CPolicy::NewLC(aSidClasses, aSidList, aDestination, aOptions,
69 aPolicyEvaluator, aDialogCreator, aFlags, aSystemServerSecurity,
70 aMajorVersion, aMinorVersion, aDefault);
71 CleanupStack::Pop(self);
75 EXPORT_C CPolicy* CPolicy::NewLC(const TSidClasses& aSidClasses, const RArray<TSecureId>& aSidList,
76 const TDesC& aDestination, TUint aOptions, const TUid& aPolicyEvaluator,
77 const TUid& aDialogCreator, TUint16 aFlags, TSystemServerSecurity aSystemServerSecurity,
78 TUint16 aMajorVersion, TUint16 aMinorVersion, TBool aDefault)
80 Creates a new policy object and puts the pointer on the cleanup stack.
82 @param aSidClasses The classes of SIDs that this policy applies to.
83 @param aSidList A list of individual SIDs that this policy applies to. This overrides aSidClasses.
84 @param aDestination The wildcard string to match against destination supplied by the system server.
85 @param aOptions A bit field that defines whether the prompt should be displayed and if so,
86 what buttons should be available.
87 @param aPolicyEvaluator The implementation UID of the policy evaluator ECOM plug-in to use with this policy.
88 @param aDialogCreator The implementation UID of the dialog creator ECOM plug-in to use with this policy.
89 @param aFlags Flags specific to an individual policy evaluator.
90 @param aSystemServerSecurity Whether this policy is specific to clients that pass/fail
91 the system server's security check.
92 @param aMajorVersion The major version of the UPS policy file.
93 @param aMinorVersion The minor version of the UPS policy file.
94 @param aDefault Set to ETrue if this is an automatically generated policy
95 because no match was found in the policy file.
97 @return A pointer to the new policy object.
100 CPolicy* self = new(ELeave) CPolicy(
101 aSidClasses, aOptions, aPolicyEvaluator,
102 aDialogCreator, aFlags, aSystemServerSecurity,
103 aMajorVersion, aMinorVersion, aDefault);
104 CleanupStack::PushL(self);
105 self->ConstructL(aSidList, aDestination);
109 EXPORT_C TBool CPolicy::Matches(const TSecureId& aClientSid, const TDesC& aDestination, TBool aSecurityResult) const
111 Determines whether a request matches this policy.
112 The request matches if and only if the following conditions are true.
114 - aClientSid matches an entry in the SID list or lies within one of the classes of SIDs
115 - aDestination matches the destination wildcard string in the policy.
116 - The result of the system server's securitiy check for this client matches the rule defined
118 - iSystemServerSecurity == ESystemServerSecurityPassedOrFailed OR
119 - aSecurityResult == ETrue and iSystemServerSecurity == ESystemServerSecurityPassed OR
120 - aSecurityResult == EFalse and iSystemServerSecurity == ESystemServerSecurityFailed
122 @param aClientSid The SID of the client application
123 @param aDestination A descriptor containing the destination supplied by the system server.
124 @param aSecurityResult ETrue, if the client passed the system server's security check, otherwise, EFalse.
125 @return ETrue If the policy matches the request; otherwise EFalse is returned.
128 if (iSystemServerSecurity == CPolicy::ESystemServerSecurityPassed &&
133 else if (iSystemServerSecurity == CPolicy::ESystemServerSecurityFailed &&
139 TBool sidMatch(EFalse);
140 TInt sidListCount = iSidList.Count();
141 if (sidListCount > 0)
143 for (TInt i = 0; i < sidListCount; ++i)
145 if (iSidList[i] == aClientSid.iId)
154 sidMatch = iSidClasses.Contains(aClientSid);
157 return sidMatch && (aDestination.MatchF(*iDestination) != KErrNotFound);
160 EXPORT_C const TDesC& CPolicy::Destination() const
162 Gets the destination wildcard string.
163 @return A reference to a descriptor containing the wildcard string to
164 match against the destination supplied by the system server.
167 return *iDestination;
170 EXPORT_C const TSidClasses& CPolicy::SidClasses() const
172 Gets the classes of SIDs that are applicable to this policy.
173 @return The set of SID classes that this policy applies to.
179 EXPORT_C const RArray<TSecureId>& CPolicy::SidList() const
181 Gets the list of individual SIDs that are applicable to this policy.
182 The SID list takes precedent over the SID classes when matching policies.
184 @return The list of SIDs that this policy applies to as an array of
191 EXPORT_C CPolicy::TOptions CPolicy::Options() const
193 Gets the options field for this policy.
194 @see CPolicy::TOptions
195 @return A 32bit integer containing the options.
198 return TOptions(iOptions);
201 EXPORT_C const TUid& CPolicy::PolicyEvaluator() const
203 Gets the implementation UID of the policy evaluator to use with this policy.
204 @return The implementation UID of the Policy Evaluator
207 return iPolicyEvaluator;
210 EXPORT_C const TUid& CPolicy::DialogCreator() const
212 Identifies the Dialog Creator to use with this policy.
213 @return The implementation UID of the Dialog Creator.
216 return iDialogCreator;
219 EXPORT_C TUint16 CPolicy::Flags() const
221 Gets the flags field. The contents of this field is specific to individual
222 policy evaluator plug-ins.
224 @return The 16-bit flags field
230 EXPORT_C TBool CPolicy::Default() const
232 If a policy file is defined for a request but no policy matches the request
233 then a default policy object is created to allow the user to authorise a one-shot
235 This function allows the Policy Evaluator to check whether this policy
236 is the default policy.
237 N.B. This can be overriden by simply defining a policy at the end of the file
238 that matches all SIDs and has '*' as the destination wildcard.
240 @return ETrue if this policy is the default (automatically generated) policy.
246 EXPORT_C TBool CPolicy::PromptRequired() const
248 Examines the set of options to determine whether the policy requires a prompt to be
251 If the options fields only contains authorizations (EYes, ESessionYes or EAlways) or conversely
252 the options field only contains rejections (ENo,ESessionNo or ENever) then this function will
255 @return ETrue if a prompt is required or EFalse if a prompt is not required
256 (in which case the request will probably be silently accepted / rejected).
259 // (a yes option) && (a no option)
260 return ((iOptions & (EYes|ESessionYes|EAlways)) && (iOptions & (ENo|ESessionNo|ENever)));
263 EXPORT_C CPolicy::TSystemServerSecurity CPolicy::SystemServerSecurity() const
265 Whether this policy is specific to clients's that pass or fail the system
266 server's securitiy check.
267 @return An enum that dictates whether this policy only applies if the client
268 process passed/failed the system server's security check.
271 return iSystemServerSecurity;
274 EXPORT_C TUint16 CPolicy::MajorVersion() const
276 Gets the major version of the UPS policy file containing this policy.
277 @return A 16-bit unsigned number containing the major version number.
280 return iMajorVersion;
283 EXPORT_C TUint16 CPolicy::MinorVersion() const
285 Gets the minor version of the UPS policy file containing this policy.
286 @return A 16-bit unsigned number containing the minor version number.
289 return iMinorVersion;
292 CPolicy::CPolicy(const TSidClasses& aSidClasses, TUint aOptions,
293 const TUid& aPolicyEvaluator, const TUid& aDialogCreator,
294 TUint16 aFlags, TSystemServerSecurity aSystemServerSecurity,
295 TUint16 aMajorVersion, TUint16 aMinorVersion, TBool aDefault)
299 @param aSidClasses The classes of SIDs that this policy applies to.
300 @param aOptions A bit field that defines whether the prompt should be displayed and if so,
301 what buttons should be available.
302 @param aPolicyEvaluator The implementation UID of the policy evaluator ECOM plug-in to use with this policy.
303 @param aDialogCreator The implementation UID of the dialog creator ECOM plug-in to use with this policy.
304 @param aFlags Flags specific to an individual policy evaluator.
305 @param aSystemServerSecurity Whether this policy is specific to clients that pass/fail
306 the system server's security check.
307 @param aMajorVersion The major version of the UPS policy file.
308 @param aMinorVersion The minor version of the UPS policy file.
309 @param aDefault Set to ETrue if this is an automatically generated policy
310 because no match was found in the policy file.
312 : iSidClasses(aSidClasses), iOptions(aOptions),
313 iPolicyEvaluator(aPolicyEvaluator), iDialogCreator(aDialogCreator),
314 iFlags(aFlags), iSystemServerSecurity(aSystemServerSecurity),
315 iMajorVersion(aMajorVersion), iMinorVersion(aMinorVersion), iDefault(aDefault)
319 void CPolicy::ConstructL(const RArray<TSecureId>& aSidList, const TDesC& aDestination)
321 Second phase constructor
322 @param aSidList A list (possibly empty) of SIDs that this policy applies to.
323 @param aDestination The destination wildcard string.
326 TInt numSids = aSidList.Count();
327 for (TInt i = 0; i < numSids; ++i)
329 iSidList.AppendL(aSidList[i]);
331 iDestination = aDestination.AllocL();