sl@0: // Copyright (c) 2004-2009 Nokia Corporation and/or its subsidiary(-ies). sl@0: // All rights reserved. sl@0: // This component and the accompanying materials are made available sl@0: // under the terms of "Eclipse Public License v1.0" sl@0: // which accompanies this distribution, and is available sl@0: // at the URL "http://www.eclipse.org/legal/epl-v10.html". sl@0: // sl@0: // Initial Contributors: sl@0: // Nokia Corporation - initial contribution. sl@0: // sl@0: // Contributors: sl@0: // sl@0: // Description: sl@0: // CPolicyBase, CDbPolicy, CTblPolicy, CPolicyDomain, sl@0: // TPolicyDomainBuilder, TPolicyDomainReader classes. sl@0: // MPolicyDomainPersister, MPolicyDomainLoader interfaces sl@0: // sl@0: // sl@0: sl@0: #ifndef __SC_POLICY_H__ sl@0: #define __SC_POLICY_H__ sl@0: sl@0: #include //CBase sl@0: #include "D32Security.h" sl@0: sl@0: namespace DBSC sl@0: { sl@0: sl@0: //Forward declarations sl@0: class CPolicyDomain; sl@0: sl@0: /** sl@0: CPolicyBase class implements MPolicy interface. sl@0: It describes an object that manages a set of TSecurityPolicy objects. sl@0: CPolicyBase::iPOType data member gives an information access to what kind of sl@0: database object (database or table) is controlled by the set of security policies. sl@0: CPolicyBase::Check() can be used to check caller access rights against specified policy type. sl@0: @see MPolicy sl@0: @internalComponent sl@0: */ sl@0: NONSHARABLE_CLASS(CPolicyBase) : public CBase, public MPolicy sl@0: { sl@0: public: sl@0: struct TPolicy sl@0: { sl@0: TPolicyType iType; sl@0: TSecurityPolicy iData; sl@0: }; sl@0: typedef RArray RPolicyCollection; sl@0: typedef enum {EPCNotFound, EPCPassed, EPCNotPassed} TPolicyCheckResult; sl@0: sl@0: public: sl@0: virtual ~CPolicyBase(); sl@0: virtual TBool Check(const RMessage2& aMessage, TPolicyType aPolicyType) const = 0; sl@0: virtual TInt Get(TPolicyType aPolicyType, TSecurityPolicy& aPolicy) const; sl@0: virtual void InvariantL() const; sl@0: DECLARE_DB_INVARIANT() sl@0: inline const RPolicyCollection& PolicyCollection() const; sl@0: sl@0: protected: sl@0: inline CPolicyBase(); sl@0: void ConstructL(const RPolicyCollection& aPolicyCollection); sl@0: const TSecurityPolicy* Policy(TPolicyType aPolicyType) const; sl@0: TPolicyCheckResult DoCheck(const RMessage2& aMessage, TPolicyType aPolicyType) const; sl@0: DECLARE_DB_DUMP2(aFile) sl@0: sl@0: private: sl@0: RPolicyCollection iPolicyCollection; sl@0: sl@0: }; sl@0: sl@0: /** sl@0: CDbPolicy class describes an object that manages the access to all databases, which sl@0: have the same format UID. sl@0: @see CPolicyBase sl@0: @see MPolicy sl@0: @internalComponent sl@0: */ sl@0: NONSHARABLE_CLASS(CDbPolicy) : public CPolicyBase sl@0: { sl@0: public: sl@0: static CDbPolicy* NewLC(const RPolicyCollection& aPolicyCollection); sl@0: inline static CDbPolicy* NewL(const RPolicyCollection& aPolicyCollection); sl@0: virtual ~CDbPolicy(); sl@0: virtual TBool Check(const RMessage2& aMessage, TPolicyType aPolicyType) const; sl@0: virtual void InvariantL() const; sl@0: DECLARE_DB_DUMP2(aFile) sl@0: sl@0: private: sl@0: inline CDbPolicy(); sl@0: sl@0: }; sl@0: sl@0: /** sl@0: CTblPolicy class describes an object that manages the access to all tables, which sl@0: have particular format UID and particular name. sl@0: @see CPolicyBase sl@0: @see MPolicy sl@0: @internalComponent sl@0: */ sl@0: NONSHARABLE_CLASS(CTblPolicy) : public CPolicyBase sl@0: { sl@0: public: sl@0: static CTblPolicy* NewLC(const TDesC& aTblName, sl@0: const RPolicyCollection& aPolicyCollection, sl@0: const CDbPolicy* aDbPolicy); sl@0: inline static CTblPolicy* NewL(const TDesC& aTblName, sl@0: const RPolicyCollection& aPolicyCollection, sl@0: const CDbPolicy* aDbPolicy); sl@0: virtual ~CTblPolicy(); sl@0: virtual TBool Check(const RMessage2& aMessage, TPolicyType aPolicyType) const; sl@0: virtual TInt Get(TPolicyType aPolicyType, TSecurityPolicy& aPolicy) const; sl@0: virtual void InvariantL() const; sl@0: inline const TDesC& TableName() const; sl@0: DECLARE_DB_DUMP2(aFile) sl@0: sl@0: private: sl@0: inline CTblPolicy(const CDbPolicy* aDbPolicy); sl@0: void ConstructL(const TDesC& aTblName, const RPolicyCollection& aPolicyCollection); sl@0: sl@0: private: sl@0: HBufC* iTblName; sl@0: const CDbPolicy* iDbPolicy; sl@0: sl@0: }; sl@0: sl@0: /** sl@0: TPolicyDomainBuilder class describes an object that can be used during the initialization sl@0: to initialize CPolicyDomain objects. It is used by MPolicyDomainLoader interface. sl@0: @internalComponent sl@0: */ sl@0: class TPolicyDomainBuilder sl@0: { sl@0: public: sl@0: inline TPolicyDomainBuilder(CPolicyDomain& aPolicyDomain); sl@0: void SetDbPolicyL(CDbPolicy* aDbPolicy); sl@0: inline void AddTblPolicyL(CTblPolicy* aTblPolicy); sl@0: inline void SetBackupSID(TSecureId& aSecureId); sl@0: private: sl@0: CPolicyDomain& iPolicyDomain; sl@0: }; sl@0: sl@0: /** sl@0: TPolicyDomainBuilder class describes an object that can be used to explore the content of sl@0: CPolicyDomain objects. It is used by MPolicyDomainPersister interface. sl@0: @internalComponent sl@0: */ sl@0: class TPolicyDomainReader sl@0: { sl@0: public: sl@0: inline TPolicyDomainReader(const CPolicyDomain& aPolicyDomain); sl@0: inline TUid Uid() const; sl@0: inline const CDbPolicy& DbPolicy() const; sl@0: inline void ResetTblPos() const; sl@0: inline TInt TblPolicyCount() const; sl@0: inline const CTblPolicy* NextTblPolicy() const; sl@0: inline TSecureId BackupSID() const; sl@0: private: sl@0: const CPolicyDomain& iPolicyDomain; sl@0: mutable TInt iIndex; sl@0: }; sl@0: sl@0: /** sl@0: MPolicyDomainPersister interface has to be implemented by DBSC clients, who want to store sl@0: the information from CPolicyDomain objects (set of security policies) somewhere - text files, sl@0: streams, ... It uses TPolicyDomainReader class to traverse CPolicyDomain collection of sl@0: security policies. sl@0: @see TPolicyDomainReader sl@0: @internalComponent sl@0: */ sl@0: class MPolicyDomainPersister sl@0: { sl@0: public: sl@0: virtual void RunL(const TPolicyDomainReader& aPolicyDomainReader) = 0; sl@0: }; sl@0: sl@0: /** sl@0: MPolicyDomainPersister interface has to be implemented by DBSC clients, who want to load sl@0: set of security policies to CPolicyDomain objects from somewhere - text files, sl@0: streams, ... It uses TPolicyDomainBuilder class to add to CPolicyDomain collection new sl@0: security policies. sl@0: @see TPolicyDomainBuilder sl@0: @internalComponent sl@0: */ sl@0: class MPolicyDomainLoader sl@0: { sl@0: public: sl@0: virtual void RunL(TPolicyDomainBuilder& aPolicyDomainBuilder) = 0; sl@0: }; sl@0: sl@0: /** sl@0: CPolicyDomain object describes a set of all security policies related to particular format UID. sl@0: It describes only a collection of security policies and offers some functionality for sl@0: retrieving particular database/table MPolicy interfaces. sl@0: The responsibility for adding new items to secirity policy collection is delegated to sl@0: TPolicyDomainBuilder class. sl@0: The responsibility for traversing secirity policy collection is delegated to sl@0: TPolicyDomainReader class. sl@0: Both, TPolicyDomainBuilder and TPolicyDomainReader classes are not used directly by sl@0: the CPolicyDomain class implementation. CPolicyDomain instances are created using sl@0: MPolicyDomainLoader interface and externalized using MPolicyDomainPersister interface and sl@0: they (the interfaces) use TPolicyDomainBuilder and TPolicyDomainReader respectively. sl@0: The delegation of responsibilities for creation/traversing of CPolicyDomain security policy collection sl@0: was done because CPolicyDomain class is a part of shared sources used in DBMS server implementation sl@0: and DbSpConv tool implementation. sl@0: DBMS server creates CPolicyDomain security policy collection from a binary policy files using sl@0: TPDStreamLoader class (which implements MPolicyDomainLoader) and TPolicyDomainBuilder class sl@0: to insert created CDbPolicy and CTblPolicy instances into CPolicyDomain collection. sl@0: The rest of the possibilities: creating CPolicyDomain collection from a text policy file, sl@0: exporting CPolicyDomain collection to a binary policy file, sl@0: exporting CPolicyDomain collection to a text policy file, are used by the DbSpConv tool. sl@0: So, CPolicyDomain class uses interfaces for its loading/storing, but their sl@0: implementations are part of separate exe-s - no waste of production code. sl@0: @see MPolicy sl@0: @see CDbPolicy sl@0: @see CTblPolicy sl@0: @see TPolicyDomainBuilder sl@0: @see TPolicyDomainReader sl@0: @see MPolicyDomainLoader sl@0: @see MPolicyDomainPersister sl@0: @internalComponent sl@0: */ sl@0: NONSHARABLE_CLASS(CPolicyDomain) : public CBase sl@0: { sl@0: friend class TPolicyDomainBuilder; sl@0: friend class TPolicyDomainReader; sl@0: public: sl@0: static CPolicyDomain* NewLC(TUid aUid, MPolicyDomainLoader& aPDLoader); sl@0: inline static CPolicyDomain* NewL(TUid aUid, MPolicyDomainLoader& aPDLoader); sl@0: virtual ~CPolicyDomain(); sl@0: void ExternalizeL(MPolicyDomainPersister& aPDPersister) const; sl@0: sl@0: inline TUid Uid() const; sl@0: const MPolicy* DbPolicy() const; sl@0: const MPolicy* TblPolicy(const TDesC& aTblName) const; sl@0: inline TSecureId BackupSID() const; sl@0: sl@0: virtual void InvariantL() const; sl@0: DECLARE_DB_DUMP3(aFile) sl@0: sl@0: private: sl@0: inline CPolicyDomain(TUid aUid); sl@0: void InternalizeL(MPolicyDomainLoader& aPDLoader); sl@0: void Destroy(); sl@0: DECLARE_DB_INVARIANT2() sl@0: sl@0: private: sl@0: TUid iUid; sl@0: CDbPolicy* iDbPolicy; sl@0: RPointerArray iTPCollection; sl@0: TSecureId iBackupSID; sl@0: sl@0: }; sl@0: sl@0: } //end of - namespace DBSC sl@0: sl@0: #include "SC_Policy.inl" sl@0: sl@0: #endif//__SC_POLICY_H__