sl@0: // Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies). sl@0: // All rights reserved. sl@0: // This component and the accompanying materials are made available sl@0: // under the terms of "Eclipse Public License v1.0" sl@0: // which accompanies this distribution, and is available sl@0: // at the URL "http://www.eclipse.org/legal/epl-v10.html". sl@0: // sl@0: // Initial Contributors: sl@0: // Nokia Corporation - initial contribution. sl@0: // sl@0: // Contributors: sl@0: // sl@0: // Description: sl@0: // CPolicyBase, CDbPolicy, CTblPolicy, CPolicyDomain classes sl@0: // sl@0: // sl@0: sl@0: #include "SC_Policy.h" sl@0: sl@0: namespace DBSC sl@0: { sl@0: sl@0: /////////////////////////////////////////////////////////////////////////////////////////// sl@0: //CPolicyBase class sl@0: sl@0: /** sl@0: */ sl@0: CPolicyBase::~CPolicyBase() sl@0: { sl@0: iPolicyCollection.Close();//Collection of R/W/S security policies sl@0: } sl@0: sl@0: #ifdef __DBDUMP__ sl@0: /** sl@0: Dumps the content of a CPolicyBase instance to a text file. sl@0: @param aFile A reference to RFile object, which has to be used for the output. sl@0: */ sl@0: void CPolicyBase::Dump(RFile& aFile) const sl@0: { sl@0: DB_INVARIANT(); sl@0: sl@0: _LIT8(KClassName, "Class: CPolicyBase. this=%X"); sl@0: _LIT8(KCount, "Security Policy, Count=%d"); sl@0: _LIT8(KCrLf, "\r\n"); sl@0: _LIT8(KPolicyType, "Policy type: "); sl@0: _LIT8(KRead, "Read, "); sl@0: _LIT8(KWrite, "Write, "); sl@0: _LIT8(KSchema, "Schema, "); sl@0: _LIT8(KPolicyData, "Policy data: "); sl@0: _LIT8(KFmt, "%02X "); sl@0: TBuf8<100> buf; sl@0: sl@0: buf.Format(KClassName, this); sl@0: (void)aFile.Write(buf); sl@0: (void)aFile.Write(KCrLf); sl@0: sl@0: TInt cnt = iPolicyCollection.Count(); sl@0: buf.Format(KCount, TInt32(cnt)); sl@0: (void)aFile.Write(buf); sl@0: (void)aFile.Write(KCrLf); sl@0: sl@0: for(TInt i=0;i-1;--i) sl@0: { sl@0: TPolicy& policy = const_cast (iPolicyCollection[i]); sl@0: if(policy.iType == EPTNone) sl@0: { sl@0: __LEAVE(KErrGeneral); sl@0: } sl@0: if(mask & policy.iType) //This security policy is duplicated sl@0: { sl@0: __LEAVE(KErrGeneral); sl@0: } sl@0: TPtrC8 packet = policy.iData.Package(); sl@0: if(policy.iData.Set(packet) != KErrNone) sl@0: { sl@0: __LEAVE(KErrGeneral); sl@0: } sl@0: mask |= policy.iType; sl@0: } sl@0: } sl@0: sl@0: /** sl@0: This method implements pure virtual MPolicy::Get(). sl@0: It searches object's policy collection for a policy of type aPolicyType sl@0: and initializes aPolicy parameter with the found policy. sl@0: @param aPolicyType Type of the requested security policy: read/write/schema sl@0: @param aPolicy Outout parameter, which will be initialized with the found security policy data. sl@0: @return System-wide error code, including KErrNotFound if the requested policy was not found. sl@0: */ sl@0: TInt CPolicyBase::Get(TPolicyType aPolicyType, TSecurityPolicy& aPolicy) const sl@0: { sl@0: DB_INVARIANT(); sl@0: TInt err = KErrNotFound; sl@0: const TSecurityPolicy* securityPolicy = Policy(aPolicyType); sl@0: if(securityPolicy) sl@0: { sl@0: err = aPolicy.Set(securityPolicy->Package()); sl@0: } sl@0: return err; sl@0: } sl@0: sl@0: #ifdef __DBINVARIANT__ sl@0: /** sl@0: Asserts the internal state of CPolicyBase instance. sl@0: It can be used for pre- or post- condition checks in CPolicyBase methods implementations. sl@0: */ sl@0: void CPolicyBase::Invariant() const sl@0: { sl@0: TRAPD(err, InvariantL()); sl@0: DB_INVARIANT_ASSERT(err == KErrNone); sl@0: } sl@0: #endif//__DBINVARIANT__ sl@0: sl@0: /** sl@0: The method traverses the policies collection and searches for a policy of aPolicyType type. sl@0: If such a policy exists, a const pointer to it will be returned, otherwise - NULL. sl@0: @param aPolicyType Policy type - R/W/S sl@0: @return A const pointer to the found policy or NULL if not found. sl@0: */ sl@0: const TSecurityPolicy* CPolicyBase::Policy(TPolicyType aPolicyType) const sl@0: { sl@0: __ASSERT(aPolicyType != EPTNone); sl@0: const TSecurityPolicy* policy = NULL; sl@0: for(TInt i=(iPolicyCollection.Count()-1);i>-1;--i) sl@0: { sl@0: if(iPolicyCollection[i].iType == aPolicyType) sl@0: { sl@0: policy = &iPolicyCollection[i].iData; sl@0: break; sl@0: } sl@0: } sl@0: return policy; sl@0: } sl@0: sl@0: /** sl@0: Asserts caller capabilities/SID/VID. sl@0: @param aMessage An object whith caller capabilities/SID/VID, which has to be checked. sl@0: @param aPolicyType Policy type - R/W/S. sl@0: @return EPCNotFound - the policy cannot be found sl@0: EPCPassed - policy check passed sl@0: EPCNotPassed - policy check not passed sl@0: */ sl@0: CPolicyBase::TPolicyCheckResult CPolicyBase::DoCheck(const RMessage2& aMessage, TPolicyType aPolicyType) const sl@0: { sl@0: const TSecurityPolicy* securityPolicy = Policy(aPolicyType); sl@0: sl@0: if(!securityPolicy) sl@0: { sl@0: return EPCNotFound; sl@0: } sl@0: sl@0: return securityPolicy->CheckPolicy(aMessage) ? EPCPassed : EPCNotPassed; sl@0: } sl@0: sl@0: /////////////////////////////////////////////////////////////////////////////////////////// sl@0: //CDbPolicy class sl@0: sl@0: /** sl@0: */ sl@0: CDbPolicy::~CDbPolicy() sl@0: { sl@0: } sl@0: sl@0: /** sl@0: Asserts caller capabilities/SID/VID. sl@0: @param aMessage An object whith caller capabilities/SID/VID, which has to be checked. sl@0: @param aPolicyType Policy type - R/W/S. sl@0: @return ETrue The caller capabilities/SID/VID satisfy the specified security policy. sl@0: EFalse The check not passed. sl@0: @panic EDBSCPolicyNotFound, if there is no such policy sl@0: */ sl@0: TBool CDbPolicy::Check(const RMessage2& aMessage, TPolicyType aPolicyType) const sl@0: { sl@0: __ASSERT(aPolicyType != EPTNone); sl@0: DB_INVARIANT(); sl@0: TPolicyCheckResult res = DoCheck(aMessage, aPolicyType); sl@0: __ASSERT(res != EPCNotFound); sl@0: return res == EPCPassed ? ETrue : EFalse; sl@0: } sl@0: sl@0: /** sl@0: Standard phase-one factory method for CDbPolicy instance. sl@0: @param aPolicyCollection A const reference to a collection of R/W/S policies, which has to sl@0: be used to control the access to the database, controlled by CDbPolicy instance. sl@0: @return A pointer to just created CDbPolicy instance. sl@0: @leave System-wide error codes, including KErrNoMemory. sl@0: */ sl@0: CDbPolicy* CDbPolicy::NewLC(const CPolicyBase::RPolicyCollection& aPolicyCollection) sl@0: { sl@0: CDbPolicy* self = new (ELeave) CDbPolicy; sl@0: CleanupStack::PushL(self); sl@0: self->ConstructL(aPolicyCollection); sl@0: return self; sl@0: } sl@0: sl@0: #ifdef __DBDUMP__ sl@0: /** sl@0: Dumps the content of a CDbPolicy instance to a text file. sl@0: @param aFile A reference to RFile object, which has to be used for the output. sl@0: */ sl@0: void CDbPolicy::Dump(RFile& aFile) const sl@0: { sl@0: DB_INVARIANT(); sl@0: sl@0: _LIT8(KClassName, "Class: CDbPolicy. this=%X"); sl@0: _LIT8(KCrLf, "\r\n"); sl@0: _LIT8(KObjType, "Object: Database"); sl@0: _LIT8(KEnd, "=========================="); sl@0: TBuf8<40> buf; sl@0: sl@0: buf.Format(KClassName, this); sl@0: (void)aFile.Write(buf); sl@0: (void)aFile.Write(KCrLf); sl@0: (void)aFile.Write(KObjType); sl@0: (void)aFile.Write(KCrLf); sl@0: CPolicyBase::Dump(aFile); sl@0: (void)aFile.Write(KEnd); sl@0: (void)aFile.Write(KCrLf); sl@0: } sl@0: #endif//__DBDUMP__ sl@0: sl@0: /** sl@0: It is used in the production code. sl@0: If the object data is not in a consistent state, the method will leave sl@0: with KErrGeneral error. sl@0: @leave KErrGeneral, if the object data is not in a consistent state sl@0: */ sl@0: void CDbPolicy::InvariantL() const sl@0: { sl@0: for(TInt c=0;c (1 << c); sl@0: if(Policy(t) == NULL) sl@0: { sl@0: __LEAVE(KErrGeneral); sl@0: } sl@0: } sl@0: CPolicyBase::InvariantL(); sl@0: } sl@0: sl@0: /////////////////////////////////////////////////////////////////////////////////////////// sl@0: //CTblPolicy class sl@0: sl@0: /** sl@0: */ sl@0: CTblPolicy::~CTblPolicy() sl@0: { sl@0: delete iTblName; sl@0: } sl@0: sl@0: /** sl@0: Asserts caller capabilities/SID/VID. sl@0: @param aMessage An object whith caller capabilities/SID/VID, which has to be checked. sl@0: @param aPolicyType Policy type - R/W/S. sl@0: @return ETrue The caller capabilities/SID/VID satisfy the specified security policy. sl@0: EFalse The check not passed. sl@0: @panic EDBSCPolicyNotFound, if there is no such policy sl@0: */ sl@0: TBool CTblPolicy::Check(const RMessage2& aMessage, TPolicyType aPolicyType) const sl@0: { sl@0: __ASSERT(aPolicyType != EPTNone); sl@0: __ASSERT(iDbPolicy); sl@0: DB_INVARIANT(); sl@0: TPolicyCheckResult res = EPCNotPassed; sl@0: //1. Check database security policy sl@0: if(iDbPolicy->Check(aMessage, aPolicyType)) sl@0: { sl@0: //2. Check table security policy sl@0: res = DoCheck(aMessage, aPolicyType); sl@0: } sl@0: //If there is no table security policy of the requested type - no problem, the database sl@0: //security policy of that type has been checked already and the check passed. sl@0: return res == EPCNotPassed ? EFalse : ETrue; sl@0: } sl@0: sl@0: /** sl@0: This method implements pure virtual MPolicy::Get(). sl@0: It searches object's policy collection for a policy of type aPolicyType sl@0: and initializes aPolicy parameter with the found policy. sl@0: @param aPolicyType Type of the requested security policy: read/write sl@0: @param aPolicy Outout parameter, which will be initialized with the found security policy data. sl@0: @return System-wide error codes, including KErrNotSupported, if the request is for a schema policy. sl@0: */ sl@0: TInt CTblPolicy::Get(TPolicyType aPolicyType, TSecurityPolicy& aPolicy) const sl@0: { sl@0: if(aPolicyType == EPTSchema) sl@0: { sl@0: return KErrNotSupported; sl@0: } sl@0: DB_INVARIANT(); sl@0: TInt err = CPolicyBase::Get(aPolicyType, aPolicy); sl@0: if(err == KErrNotFound) sl@0: { sl@0: err = iDbPolicy->Get(aPolicyType, aPolicy); sl@0: } sl@0: __ASSERT(err != KErrNotFound); sl@0: return err; sl@0: } sl@0: sl@0: /** sl@0: Standard phase-one factory method for CTblPolicy instance. sl@0: @param aTblName Name of the controlled by this instance database table. sl@0: @param aPolicyCollection A const reference to a collection of R/W/S policies, which has to sl@0: be used to control the access to the table, controlled by CTblPolicy instance. sl@0: @param aDbPolicy The related for the table database policy. sl@0: CTblPolicy instance does not take the ownership on aDbPolicy pointer! sl@0: @return A pointer to just created CTblPolicy instance. sl@0: @leave System-wide error codes, including KErrNoMemory. sl@0: */ sl@0: CTblPolicy* CTblPolicy::NewLC(const TDesC& aTblName, sl@0: const CPolicyBase::RPolicyCollection& aPolicyCollection, sl@0: const CDbPolicy* aDbPolicy) sl@0: { sl@0: CTblPolicy* self = new (ELeave) CTblPolicy(aDbPolicy); sl@0: CleanupStack::PushL(self); sl@0: self->ConstructL(aTblName, aPolicyCollection); sl@0: return self; sl@0: } sl@0: sl@0: #ifdef __DBDUMP__ sl@0: /** sl@0: Dumps the content of a CTblPolicy instance to a text file. sl@0: @param aFile A reference to RFile object, which has to be used for the output. sl@0: */ sl@0: void CTblPolicy::Dump(RFile& aFile) const sl@0: { sl@0: DB_INVARIANT(); sl@0: sl@0: _LIT8(KClassName, "Class: CTblPolicy. this=%X"); sl@0: _LIT8(KDbPolicyPtr, "Db policy ptr=%X"); sl@0: _LIT8(KCrLf, "\r\n"); sl@0: _LIT8(KName, "Table name: "); sl@0: _LIT8(KObjType, "Object: Table"); sl@0: _LIT8(KEnd, "=========================="); sl@0: TBuf8<100> buf; sl@0: sl@0: buf.Format(KClassName, this); sl@0: (void)aFile.Write(buf); sl@0: (void)aFile.Write(KCrLf); sl@0: (void)aFile.Write(KObjType); sl@0: (void)aFile.Write(KCrLf); sl@0: buf.Format(KDbPolicyPtr, iDbPolicy); sl@0: (void)aFile.Write(buf); sl@0: (void)aFile.Write(KCrLf); sl@0: buf.Copy(KName); sl@0: buf.Append(*iTblName); sl@0: (void)aFile.Write(buf); sl@0: (void)aFile.Write(KCrLf); sl@0: CPolicyBase::Dump(aFile); sl@0: (void)aFile.Write(KEnd); sl@0: (void)aFile.Write(KCrLf); sl@0: } sl@0: #endif//__DBDUMP__ sl@0: sl@0: /** sl@0: It is used in the production code. sl@0: If the object data is not in a consistent state, the method will leave sl@0: with KErrGeneral error. sl@0: @leave KErrGeneral, if the object data is not in a consistent state sl@0: */ sl@0: void CTblPolicy::InvariantL() const sl@0: { sl@0: if(iDbPolicy == NULL) sl@0: { sl@0: __LEAVE(KErrGeneral); sl@0: } sl@0: if(iTblName == NULL || iTblName->Length() == 0) sl@0: { sl@0: __LEAVE(KErrGeneral); sl@0: } sl@0: if(Policy(EPTSchema) != NULL) sl@0: { sl@0: __LEAVE(KErrGeneral); sl@0: } sl@0: CPolicyBase::InvariantL(); sl@0: } sl@0: sl@0: /** sl@0: Standard phase-two construction method for CTblPolicy instance. sl@0: @param aTblName Name of the controlled by this instance database table. sl@0: @param aPolicyCollection A const reference to a collection of R/W/S policies, which has to sl@0: be used to control the access to the table object, controlled by CTblPolicy sl@0: instance. sl@0: */ sl@0: void CTblPolicy::ConstructL(const TDesC& aTblName, const CPolicyBase::RPolicyCollection& aPolicyCollection) sl@0: { sl@0: iTblName = HBufC::NewL(aTblName.Length()); sl@0: *iTblName = aTblName; sl@0: CPolicyBase::ConstructL(aPolicyCollection); sl@0: DB_INVARIANT(); sl@0: } sl@0: sl@0: /////////////////////////////////////////////////////////////////////////////////////////// sl@0: //CPolicyDomain class sl@0: sl@0: /** sl@0: Standard phase-one factory method for CPolicyDomain instance. sl@0: @param aUid UID of the controlled by this instance security policy domain. sl@0: @param aPDLoader A reference to an implementation of MPolicyDomainLoader interface, sl@0: which is used to load and add security policies to the controlled collection. sl@0: @return A pointer to just created CPolicyDomain instance. sl@0: @leave System-wide error codes, including KErrNoMemory. sl@0: */ sl@0: CPolicyDomain* CPolicyDomain::NewLC(TUid aUid, MPolicyDomainLoader& aPDLoader) sl@0: { sl@0: CPolicyDomain* self = new (ELeave) CPolicyDomain(aUid); sl@0: CleanupStack::PushL(self); sl@0: self->InternalizeL(aPDLoader); sl@0: return self; sl@0: } sl@0: sl@0: /** sl@0: */ sl@0: CPolicyDomain::~CPolicyDomain() sl@0: { sl@0: Destroy(); sl@0: } sl@0: sl@0: /** sl@0: The method returns the database policy interface. sl@0: @return A const pointer to the database policy interface in CPolicyDomain. sl@0: */ sl@0: const MPolicy* CPolicyDomain::DbPolicy() const sl@0: { sl@0: DB_INVARIANT(); sl@0: return iDbPolicy; sl@0: } sl@0: sl@0: /** sl@0: The method returns a table policy interface, identified by aTblName parameter. sl@0: @param aTblName Name of the table, which policy interface has to be retrieved. sl@0: @return A const pointer to the table policy interface, which is identified by aTblName parameter. sl@0: */ sl@0: const MPolicy* CPolicyDomain::TblPolicy(const TDesC& aTblName) const sl@0: { sl@0: __ASSERT(aTblName.Length() > 0); sl@0: DB_INVARIANT(); sl@0: const MPolicy* policy = NULL; sl@0: TInt cnt = iTPCollection.Count(); sl@0: for(TInt i=0;iTableName()) == 0) sl@0: { sl@0: policy = tblPolicy; sl@0: break; sl@0: } sl@0: } sl@0: if(!policy) sl@0: { sl@0: policy = iDbPolicy; sl@0: } sl@0: __ASSERT(policy); sl@0: return policy; sl@0: } sl@0: sl@0: /** sl@0: Externalizes the security policy collection using MPolicyDomainPersister interface as an sl@0: persister. sl@0: @param aPDPersister A reference to an MPolicyDomainPersister implementation, which will sl@0: persist the controlled collection of security policies. sl@0: */ sl@0: void CPolicyDomain::ExternalizeL(MPolicyDomainPersister& aPDPersister) const sl@0: { sl@0: DB_INVARIANT(); sl@0: TPolicyDomainReader reader(*this); sl@0: aPDPersister.RunL(reader); sl@0: } sl@0: sl@0: #ifdef __DBDUMP__ sl@0: /** sl@0: Dumps the content of a CPolicyDomain instance to a text file. sl@0: @param aFile A reference to RFile object, which has to be used for the output. sl@0: */ sl@0: void CPolicyDomain::Dump(RFile& aFile) const sl@0: { sl@0: DB_INVARIANT(); sl@0: sl@0: _LIT8(KClassName, "Class: CPolicyDomain. this=%X"); sl@0: _LIT8(KUidFmt, "UID=%X"); sl@0: _LIT8(KCrLf, "\r\n"); sl@0: _LIT8(KEnd, "=========================="); sl@0: _LIT8(KBackupSIDFmt, "BackupSID=%X"); sl@0: TBuf8<40> buf; sl@0: sl@0: buf.Format(KClassName, this); sl@0: (void)aFile.Write(buf); sl@0: (void)aFile.Write(KCrLf); sl@0: buf.Format(KUidFmt, iUid.iUid); sl@0: (void)aFile.Write(buf); sl@0: (void)aFile.Write(KCrLf); sl@0: (void)aFile.Write(KEnd); sl@0: (void)aFile.Write(KCrLf); sl@0: iDbPolicy->Dump(aFile); sl@0: TInt cnt = iTPCollection.Count(); sl@0: for(TInt i=0;iDump(aFile); sl@0: } sl@0: (void)aFile.Write(KEnd); sl@0: buf.Format(KBackupSIDFmt, iBackupSID.iUid); sl@0: (void)aFile.Write(buf); sl@0: (void)aFile.Write(KCrLf); sl@0: } sl@0: #endif//__DBDUMP__ sl@0: sl@0: /** sl@0: It is used in the production code. sl@0: If the object data is not in a consistent state, the method will leave sl@0: with KErrGeneral error. sl@0: @leave KErrGeneral, if the object data is not in a consistent state sl@0: */ sl@0: void CPolicyDomain::InvariantL() const sl@0: { sl@0: if(iUid == KNullUid) sl@0: { sl@0: __LEAVE(KErrGeneral); sl@0: } sl@0: if(iDbPolicy == NULL) sl@0: { sl@0: __LEAVE(KErrGeneral); sl@0: } sl@0: iDbPolicy->InvariantL(); sl@0: sl@0: TInt cnt = iTPCollection.Count(); sl@0: TInt i; sl@0: for(i=0;iInvariantL(); sl@0: } sl@0: //Check that each represented table has unique name sl@0: for(i=0;i<(cnt-1);++i) sl@0: { sl@0: for(TInt j=(i+1);jTableName() == iTPCollection[j]->TableName()) sl@0: { sl@0: __LEAVE(KErrGeneral); sl@0: } sl@0: } sl@0: } sl@0: } sl@0: sl@0: #ifdef __DBINVARIANT__ sl@0: /** sl@0: Asserts the internal state of CPolicyDomain instance. sl@0: It can be used for pre- or post- condition checks in CPolicyDomain methods implementations. sl@0: */ sl@0: void CPolicyDomain::Invariant() const sl@0: { sl@0: TRAPD(err, InvariantL()); sl@0: DB_INVARIANT_ASSERT(err == KErrNone); sl@0: } sl@0: #endif//__DBINVARIANT__ sl@0: sl@0: /** sl@0: Creates the collection of security policies using MPolicyDomainLoader interface as a security sl@0: policy loader. sl@0: @param aPDLoader A reference to MPolicyDomainLoader implementation, which is used to load sl@0: and add security policies to the controlled collection. sl@0: @leave System-wide error code including KErrGeneral if the data is not consistent sl@0: */ sl@0: void CPolicyDomain::InternalizeL(MPolicyDomainLoader& aPDLoader) sl@0: { sl@0: TPolicyDomainBuilder builder(*this); sl@0: aPDLoader.RunL(builder); sl@0: #ifdef __DBINVARIANT__ sl@0: Invariant(); sl@0: #else sl@0: InvariantL(); sl@0: #endif sl@0: } sl@0: sl@0: /** sl@0: The method destroys the controlled by CPolicyDomain collection of security policies. sl@0: */ sl@0: void CPolicyDomain::Destroy() sl@0: { sl@0: TInt cnt = iTPCollection.Count(); sl@0: for(TInt i=0;i