1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
|
/*************************************************************************
*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* Copyright 2000, 2010 Oracle and/or its affiliates.
*
* OpenOffice.org - a multi-platform office productivity suite
*
* This file is part of OpenOffice.org.
*
* OpenOffice.org is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License version 3
* only, as published by the Free Software Foundation.
*
* OpenOffice.org is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License version 3 for more details
* (a copy is included in the LICENSE file that accompanied this code).
*
* You should have received a copy of the GNU Lesser General Public License
* version 3 along with OpenOffice.org. If not, see
* <http://www.openoffice.org/license.html>
* for a copy of the LGPLv3 License.
*
************************************************************************/
#ifndef __com_sun_star_security_XAccessController_idl__
#define __com_sun_star_security_XAccessController_idl__
#ifndef __com_sun_star_uno_XInterface_idl__
#include <com/sun/star/uno/XInterface.idl>
#endif
#ifndef __com_sun_star_security_XAccessControlContext_idl__
#include <com/sun/star/security/XAccessControlContext.idl>
#endif
#ifndef __com_sun_star_security_XAction_idl__
#include <com/sun/star/security/XAction.idl>
#endif
#ifndef __com_sun_star_security_AccessControlException_idl__
#include <com/sun/star/security/AccessControlException.idl>
#endif
//=============================================================================
module com { module sun { module star { module security {
//=============================================================================
/** Interface for checking permissions and invoking privileged or restricted
actions.
@since OOo 1.1.2
*/
published interface XAccessController : com::sun::star::uno::XInterface
{
/** Determines whether the access request indicated by the specified
permission should be allowed or denied, based on the security policy
currently in effect.
The semantics are equivalent to the security permission classes of
the Java platform.
<p>
You can also pass a sequence of permissions (sequence< any >) to check
a set of permissions, e.g. for performance reasons.
This method quietly returns if the access request is permitted,
or throws a suitable AccessControlException otherwise.
</p>
@param perm
permission to be checked
@throws AccessControlException
thrown if access is denied
@see ::com::sun::star::security::AccessControlException
@see ::com::sun::star::security::AllPermission
@see ::com::sun::star::security::RuntimePermission
@see ::com::sun::star::io::FilePermission
@see ::com::sun::star::connection::SocketPermission
*/
void checkPermission(
[in] any perm )
raises (AccessControlException);
/** Perform the specified action restricting permissions to the given
XAccessControlContext.
The action is performed with the intersection of the permissions of the currently installed
XAccessControlContext, the given XAccessControlContext and the security policy currently
in effect. The latter includes static security, e.g. based on user credentials.
<p>
If the specified XAccessControlContext is null, then the action is performed
with unmodified permissions, i.e. the call makes no sense.
</p>
@param action
action object to be executed
@param restriction
access control context to restrict permission; null for no restriction
@return
result
@throws com::sun::star::uno::Exception
any UNO exception may be thrown
*/
any doRestricted(
[in] XAction action,
[in] XAccessControlContext restriction )
raises (com::sun::star::uno::Exception);
/** Perform the specified action adding a set of permissions defined by the given
XAccessControlContext.
The action is performed with the union of the permissions of the currently installed
XAccessControlContext, the given XAccessControlContext and the security policy currently
in effect. The latter includes static security, e.g. based on user credentials.
<p>
If the given XAccessControlContext is null, then the action is performed
<b>only</b> with the permissions of the security policy currently in effect.
</p>
@attention
Do carefully use this method only for well known use-cases to avoid exploits!
Script engines executing sandboxed scripts should generally deny calling this
method.
@param action
action object to be executed
@param restriction
access control context to restrict permission; null for no restriction
@return
result
@throws com::sun::star::uno::Exception
any UNO exception may be thrown
*/
any doPrivileged(
[in] XAction action,
[in] XAccessControlContext restriction )
raises (com::sun::star::uno::Exception);
/** This method takes a "snapshot" of the current calling context
and returns it.
<p>
This context may then be checked at a later point, possibly in another thread.
</p>
@return
snapshot of context
*/
XAccessControlContext getContext();
};
//=============================================================================
}; }; }; };
#endif
|
