diff options
Diffstat (limited to 'stoc/source/security/access_controller.cxx')
-rw-r--r-- | stoc/source/security/access_controller.cxx | 1066 |
1 files changed, 0 insertions, 1066 deletions
diff --git a/stoc/source/security/access_controller.cxx b/stoc/source/security/access_controller.cxx deleted file mode 100644 index b42ab0efb..000000000 --- a/stoc/source/security/access_controller.cxx +++ /dev/null @@ -1,1066 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -// MARKER(update_precomp.py): autogen include statement, do not remove -#include "precompiled_stoc.hxx" - -#include <vector> -#include <memory> - -#include <osl/diagnose.h> -#include <osl/interlck.h> -#include <osl/mutex.hxx> -#include <osl/thread.hxx> - -#include <rtl/ustrbuf.hxx> -#include <rtl/string.hxx> - -#include <uno/current_context.h> - -#include <cppuhelper/implbase1.hxx> -#include <cppuhelper/compbase3.hxx> -#include <cppuhelper/factory.hxx> -#include <cppuhelper/implementationentry.hxx> - -#include <com/sun/star/uno/XCurrentContext.hpp> -#include <com/sun/star/uno/DeploymentException.hpp> -#include <com/sun/star/lang/DisposedException.hpp> -#include <com/sun/star/lang/XComponent.hpp> -#include <com/sun/star/lang/XServiceInfo.hpp> -#include <com/sun/star/lang/XInitialization.hpp> -#include <com/sun/star/security/XAccessController.hpp> -#include <com/sun/star/security/XPolicy.hpp> - -#include "lru_cache.h" -#include "permissions.h" -#include "bootstrapservices.hxx" - - -#define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) ) -#define SERVICE_NAME "com.sun.star.security.AccessController" -#define IMPL_NAME "com.sun.star.security.comp.stoc.AccessController" -#define USER_CREDS "access-control.user-credentials" - - -using namespace ::std; -using namespace ::osl; -using namespace ::cppu; -using namespace ::com::sun::star; -using namespace ::com::sun::star::uno; -using ::rtl::OUString; -using ::rtl::OUStringBuffer; -using ::rtl::OString; - -extern ::rtl_StandardModuleCount g_moduleCount; - -namespace stoc_sec -{ -// static stuff initialized when loading lib -static OUString s_envType = OUSTR(CPPU_CURRENT_LANGUAGE_BINDING_NAME); -static OUString s_acRestriction = OUSTR("access-control.restriction"); - -//################################################################################################## - -/** ac context intersects permissions of two ac contexts -*/ -class acc_Intersection - : public WeakImplHelper1< security::XAccessControlContext > -{ - Reference< security::XAccessControlContext > m_x1, m_x2; - - inline acc_Intersection( - Reference< security::XAccessControlContext > const & x1, - Reference< security::XAccessControlContext > const & x2 ) - SAL_THROW( () ); - -public: - virtual ~acc_Intersection() - SAL_THROW( () ); - - static inline Reference< security::XAccessControlContext > create( - Reference< security::XAccessControlContext > const & x1, - Reference< security::XAccessControlContext > const & x2 ) - SAL_THROW( () ); - - // XAccessControlContext impl - virtual void SAL_CALL checkPermission( - Any const & perm ) - throw (RuntimeException); -}; -//__________________________________________________________________________________________________ -inline acc_Intersection::acc_Intersection( - Reference< security::XAccessControlContext > const & x1, - Reference< security::XAccessControlContext > const & x2 ) - SAL_THROW( () ) - : m_x1( x1 ) - , m_x2( x2 ) -{ - g_moduleCount.modCnt.acquire( &g_moduleCount.modCnt ); -} -//__________________________________________________________________________________________________ -acc_Intersection::~acc_Intersection() - SAL_THROW( () ) -{ - g_moduleCount.modCnt.release( &g_moduleCount.modCnt ); -} -//-------------------------------------------------------------------------------------------------- -inline Reference< security::XAccessControlContext > acc_Intersection::create( - Reference< security::XAccessControlContext > const & x1, - Reference< security::XAccessControlContext > const & x2 ) - SAL_THROW( () ) -{ - if (! x1.is()) - return x2; - if (! x2.is()) - return x1; - return new acc_Intersection( x1, x2 ); -} -//__________________________________________________________________________________________________ -void acc_Intersection::checkPermission( - Any const & perm ) - throw (RuntimeException) -{ - m_x1->checkPermission( perm ); - m_x2->checkPermission( perm ); -} - -/** ac context unifies permissions of two ac contexts -*/ -class acc_Union - : public WeakImplHelper1< security::XAccessControlContext > -{ - Reference< security::XAccessControlContext > m_x1, m_x2; - - inline acc_Union( - Reference< security::XAccessControlContext > const & x1, - Reference< security::XAccessControlContext > const & x2 ) - SAL_THROW( () ); - -public: - virtual ~acc_Union() - SAL_THROW( () ); - - static inline Reference< security::XAccessControlContext > create( - Reference< security::XAccessControlContext > const & x1, - Reference< security::XAccessControlContext > const & x2 ) - SAL_THROW( () ); - - // XAccessControlContext impl - virtual void SAL_CALL checkPermission( - Any const & perm ) - throw (RuntimeException); -}; -//__________________________________________________________________________________________________ -inline acc_Union::acc_Union( - Reference< security::XAccessControlContext > const & x1, - Reference< security::XAccessControlContext > const & x2 ) - SAL_THROW( () ) - : m_x1( x1 ) - , m_x2( x2 ) -{ - g_moduleCount.modCnt.acquire( &g_moduleCount.modCnt ); -} -//__________________________________________________________________________________________________ -acc_Union::~acc_Union() - SAL_THROW( () ) -{ - g_moduleCount.modCnt.release( &g_moduleCount.modCnt ); -} -//-------------------------------------------------------------------------------------------------- -inline Reference< security::XAccessControlContext > acc_Union::create( - Reference< security::XAccessControlContext > const & x1, - Reference< security::XAccessControlContext > const & x2 ) - SAL_THROW( () ) -{ - if (! x1.is()) - return Reference< security::XAccessControlContext >(); // unrestricted - if (! x2.is()) - return Reference< security::XAccessControlContext >(); // unrestricted - return new acc_Union( x1, x2 ); -} -//__________________________________________________________________________________________________ -void acc_Union::checkPermission( - Any const & perm ) - throw (RuntimeException) -{ - try - { - m_x1->checkPermission( perm ); - } - catch (security::AccessControlException &) - { - m_x2->checkPermission( perm ); - } -} - -/** ac context doing permission checks on static permissions -*/ -class acc_Policy - : public WeakImplHelper1< security::XAccessControlContext > -{ - PermissionCollection m_permissions; - -public: - inline acc_Policy( - PermissionCollection const & permissions ) - SAL_THROW( () ); - virtual ~acc_Policy() - SAL_THROW( () ); - - // XAccessControlContext impl - virtual void SAL_CALL checkPermission( - Any const & perm ) - throw (RuntimeException); -}; -//__________________________________________________________________________________________________ -inline acc_Policy::acc_Policy( - PermissionCollection const & permissions ) - SAL_THROW( () ) - : m_permissions( permissions ) -{ - g_moduleCount.modCnt.acquire( &g_moduleCount.modCnt ); -} -//__________________________________________________________________________________________________ -acc_Policy::~acc_Policy() - SAL_THROW( () ) -{ - g_moduleCount.modCnt.release( &g_moduleCount.modCnt ); -} -//__________________________________________________________________________________________________ -void acc_Policy::checkPermission( - Any const & perm ) - throw (RuntimeException) -{ - m_permissions.checkPermission( perm ); -} - -/** current context overriding dynamic ac restriction -*/ -class acc_CurrentContext - : public ImplHelper1< XCurrentContext > -{ - oslInterlockedCount m_refcount; - - Reference< XCurrentContext > m_xDelegate; - Any m_restriction; - -public: - inline acc_CurrentContext( - Reference< XCurrentContext > const & xDelegate, - Reference< security::XAccessControlContext > const & xRestriction ) - SAL_THROW( () ); - virtual ~acc_CurrentContext() SAL_THROW( () ); - - // XInterface impl - virtual void SAL_CALL acquire() - throw (); - virtual void SAL_CALL release() - throw (); - - // XCurrentContext impl - virtual Any SAL_CALL getValueByName( OUString const & name ) - throw (RuntimeException); -}; -//__________________________________________________________________________________________________ -inline acc_CurrentContext::acc_CurrentContext( - Reference< XCurrentContext > const & xDelegate, - Reference< security::XAccessControlContext > const & xRestriction ) - SAL_THROW( () ) - : m_refcount( 0 ) - , m_xDelegate( xDelegate ) -{ - g_moduleCount.modCnt.acquire( &g_moduleCount.modCnt ); - - if (xRestriction.is()) - { - m_restriction = makeAny( xRestriction ); - } - // return empty any otherwise on getValueByName(), not null interface -} -//__________________________________________________________________________________________________ -acc_CurrentContext::~acc_CurrentContext() - SAL_THROW( () ) -{ - g_moduleCount.modCnt.release( &g_moduleCount.modCnt ); -} -//__________________________________________________________________________________________________ -void acc_CurrentContext::acquire() - throw () -{ - ::osl_incrementInterlockedCount( &m_refcount ); -} -//__________________________________________________________________________________________________ -void acc_CurrentContext::release() - throw () -{ - if (! ::osl_decrementInterlockedCount( &m_refcount )) - { - delete this; - } -} -//__________________________________________________________________________________________________ -Any acc_CurrentContext::getValueByName( OUString const & name ) - throw (RuntimeException) -{ - if (name.equals( s_acRestriction )) - { - return m_restriction; - } - else if (m_xDelegate.is()) - { - return m_xDelegate->getValueByName( name ); - } - else - { - return Any(); - } -} - -//################################################################################################## - -//-------------------------------------------------------------------------------------------------- -static inline void dispose( Reference< XInterface > const & x ) - SAL_THROW( (RuntimeException) ) -{ - Reference< lang::XComponent > xComp( x, UNO_QUERY ); - if (xComp.is()) - { - xComp->dispose(); - } -} -//-------------------------------------------------------------------------------------------------- -static inline Reference< security::XAccessControlContext > getDynamicRestriction( - Reference< XCurrentContext > const & xContext ) - SAL_THROW( (RuntimeException) ) -{ - if (xContext.is()) - { - Any acc( xContext->getValueByName( s_acRestriction ) ); - if (typelib_TypeClass_INTERFACE == acc.pType->eTypeClass) - { - // avoid ref-counting - OUString const & typeName = - *reinterpret_cast< OUString const * >( &acc.pType->pTypeName ); - if (typeName.equalsAsciiL( - RTL_CONSTASCII_STRINGPARAM("com.sun.star.security.XAccessControlContext") )) - { - return Reference< security::XAccessControlContext >( - *reinterpret_cast< security::XAccessControlContext ** const >( acc.pData ) ); - } - else // try to query - { - return Reference< security::XAccessControlContext >::query( - *reinterpret_cast< XInterface ** const >( acc.pData ) ); - } - } - } - return Reference< security::XAccessControlContext >(); -} -//================================================================================================== -class cc_reset -{ - void * m_cc; -public: - inline cc_reset( void * cc ) SAL_THROW( () ) - : m_cc( cc ) {} - inline ~cc_reset() SAL_THROW( () ) - { ::uno_setCurrentContext( m_cc, s_envType.pData, 0 ); } -}; - -//################################################################################################## - -struct MutexHolder -{ - Mutex m_mutex; -}; -typedef WeakComponentImplHelper3< - security::XAccessController, lang::XServiceInfo, lang::XInitialization > t_helper; - -//================================================================================================== -class AccessController - : public MutexHolder - , public t_helper -{ - Reference< XComponentContext > m_xComponentContext; - - Reference< security::XPolicy > m_xPolicy; - Reference< security::XPolicy > const & getPolicy() - SAL_THROW( (RuntimeException) ); - - // mode - enum Mode { OFF, ON, DYNAMIC_ONLY, SINGLE_USER, SINGLE_DEFAULT_USER } m_mode; - - PermissionCollection m_defaultPermissions; - // for single-user mode - PermissionCollection m_singleUserPermissions; - OUString m_singleUserId; - bool m_defaultPerm_init; - bool m_singleUser_init; - // for multi-user mode - lru_cache< OUString, PermissionCollection, ::rtl::OUStringHash, equal_to< OUString > > - m_user2permissions; - - ThreadData m_rec; - typedef vector< pair< OUString, Any > > t_rec_vec; - inline void clearPostPoned() SAL_THROW( () ); - void checkAndClearPostPoned() SAL_THROW( (RuntimeException) ); - - PermissionCollection getEffectivePermissions( - Reference< XCurrentContext > const & xContext, - Any const & demanded_perm ) - SAL_THROW( (RuntimeException) ); - -protected: - virtual void SAL_CALL disposing(); - -public: - AccessController( Reference< XComponentContext > const & xComponentContext ) - SAL_THROW( (RuntimeException) ); - virtual ~AccessController() - SAL_THROW( () ); - - // XInitialization impl - virtual void SAL_CALL initialize( - Sequence< Any > const & arguments ) - throw (Exception); - - // XAccessController impl - virtual void SAL_CALL checkPermission( - Any const & perm ) - throw (RuntimeException); - virtual Any SAL_CALL doRestricted( - Reference< security::XAction > const & xAction, - Reference< security::XAccessControlContext > const & xRestriction ) - throw (Exception); - virtual Any SAL_CALL doPrivileged( - Reference< security::XAction > const & xAction, - Reference< security::XAccessControlContext > const & xRestriction ) - throw (Exception); - virtual Reference< security::XAccessControlContext > SAL_CALL getContext() - throw (RuntimeException); - - // XServiceInfo impl - virtual OUString SAL_CALL getImplementationName() - throw (RuntimeException); - virtual sal_Bool SAL_CALL supportsService( OUString const & serviceName ) - throw (RuntimeException); - virtual Sequence< OUString > SAL_CALL getSupportedServiceNames() - throw (RuntimeException); -}; -//__________________________________________________________________________________________________ -AccessController::AccessController( Reference< XComponentContext > const & xComponentContext ) - SAL_THROW( (RuntimeException) ) - : t_helper( m_mutex ) - , m_xComponentContext( xComponentContext ) - , m_mode( ON ) // default - , m_defaultPerm_init( false ) - , m_singleUser_init( false ) - , m_rec( 0 ) -{ - g_moduleCount.modCnt.acquire( &g_moduleCount.modCnt ); - - OUString mode; - if (m_xComponentContext->getValueByName( OUSTR("/services/" SERVICE_NAME "/mode") ) >>= mode) - { - if (mode.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM("off") )) - { - m_mode = OFF; - } - else if (mode.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM("on") )) - { - m_mode = ON; - } - else if (mode.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM("dynamic-only") )) - { - m_mode = DYNAMIC_ONLY; - } - else if (mode.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM("single-user") )) - { - m_xComponentContext->getValueByName( - OUSTR("/services/" SERVICE_NAME "/single-user-id") ) >>= m_singleUserId; - if (! m_singleUserId.getLength()) - { - throw RuntimeException( - OUSTR("expected a user id in component context entry " - "\"/services/" SERVICE_NAME "/single-user-id\"!"), - (OWeakObject *)this ); - } - m_mode = SINGLE_USER; - } - else if (mode.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM("single-default-user") )) - { - m_mode = SINGLE_DEFAULT_USER; - } - } - - // switch on caching for DYNAMIC_ONLY and ON (sharable multi-user process) - if (ON == m_mode || DYNAMIC_ONLY == m_mode) - { - sal_Int32 cacheSize = 0; // multi-user cache size - if (! (m_xComponentContext->getValueByName( - OUSTR("/services/" SERVICE_NAME "/user-cache-size") ) >>= cacheSize)) - { - cacheSize = 128; // reasonable default? - } -#ifdef __CACHE_DIAGNOSE - cacheSize = 2; -#endif - m_user2permissions.setSize( cacheSize ); - } -} -//__________________________________________________________________________________________________ -AccessController::~AccessController() - SAL_THROW( () ) -{ - g_moduleCount.modCnt.release( &g_moduleCount.modCnt ); -} -//__________________________________________________________________________________________________ -void AccessController::disposing() -{ - m_mode = OFF; // avoid checks from now on xxx todo review/ better DYNAMIC_ONLY? - m_xPolicy.clear(); - m_xComponentContext.clear(); -} - -// XInitialization impl -//__________________________________________________________________________________________________ -void AccessController::initialize( - Sequence< Any > const & arguments ) - throw (Exception) -{ - // xxx todo: review for forking - // portal forking hack: re-initialize for another user-id - if (SINGLE_USER != m_mode) // only if in single-user mode - { - throw RuntimeException( - OUSTR("invalid call: ac must be in \"single-user\" mode!"), (OWeakObject *)this ); - } - OUString userId; - arguments[ 0 ] >>= userId; - if (! userId.getLength()) - { - throw RuntimeException( - OUSTR("expected a user-id as first argument!"), (OWeakObject *)this ); - } - // assured that no sync is necessary: no check happens at this forking time - m_singleUserId = userId; - m_singleUser_init = false; -} - -//__________________________________________________________________________________________________ -Reference< security::XPolicy > const & AccessController::getPolicy() - SAL_THROW( (RuntimeException) ) -{ - // get policy singleton - if (! m_xPolicy.is()) - { - Reference< security::XPolicy > xPolicy; - m_xComponentContext->getValueByName( - OUSTR("/singletons/com.sun.star.security.thePolicy") ) >>= xPolicy; - if (xPolicy.is()) - { - MutexGuard guard( m_mutex ); - if (! m_xPolicy.is()) - { - m_xPolicy = xPolicy; - } - } - else - { - throw SecurityException( - OUSTR("cannot get policy singleton!"), (OWeakObject *)this ); - } - } - return m_xPolicy; -} - -#ifdef __DIAGNOSE -static void dumpPermissions( - PermissionCollection const & collection, OUString const & userId = OUString() ) SAL_THROW( () ) -{ - OUStringBuffer buf( 48 ); - if (userId.getLength()) - { - buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("> dumping permissions of user \"") ); - buf.append( userId ); - buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\":") ); - } - else - { - buf.appendAscii( - RTL_CONSTASCII_STRINGPARAM("> dumping default permissions:") ); - } - OString str( ::rtl::OUStringToOString( buf.makeStringAndClear(), RTL_TEXTENCODING_ASCII_US ) ); - OSL_TRACE( "%s", str.getStr() ); - Sequence< OUString > permissions( collection.toStrings() ); - OUString const * p = permissions.getConstArray(); - for ( sal_Int32 nPos = 0; nPos < permissions.getLength(); ++nPos ) - { - OString str( ::rtl::OUStringToOString( p[ nPos ], RTL_TEXTENCODING_ASCII_US ) ); - OSL_TRACE( "%s", str.getStr() ); - } - OSL_TRACE( "> permission dump done" ); -} -#endif - - -//__________________________________________________________________________________________________ -inline void AccessController::clearPostPoned() SAL_THROW( () ) -{ - delete reinterpret_cast< t_rec_vec * >( m_rec.getData() ); - m_rec.setData( 0 ); -} -//__________________________________________________________________________________________________ -void AccessController::checkAndClearPostPoned() SAL_THROW( (RuntimeException) ) -{ - // check postponed permissions - auto_ptr< t_rec_vec > rec( reinterpret_cast< t_rec_vec * >( m_rec.getData() ) ); - m_rec.setData( 0 ); // takeover ownership - OSL_ASSERT( rec.get() ); - if (rec.get()) - { - t_rec_vec const & vec = *rec.get(); - switch (m_mode) - { - case SINGLE_USER: - { - OSL_ASSERT( m_singleUser_init ); - for ( size_t nPos = 0; nPos < vec.size(); ++nPos ) - { - pair< OUString, Any > const & p = vec[ nPos ]; - OSL_ASSERT( m_singleUserId.equals( p.first ) ); - m_singleUserPermissions.checkPermission( p.second ); - } - break; - } - case SINGLE_DEFAULT_USER: - { - OSL_ASSERT( m_defaultPerm_init ); - for ( size_t nPos = 0; nPos < vec.size(); ++nPos ) - { - pair< OUString, Any > const & p = vec[ nPos ]; - OSL_ASSERT( !p.first.getLength() ); // default-user - m_defaultPermissions.checkPermission( p.second ); - } - break; - } - case ON: - { - for ( size_t nPos = 0; nPos < vec.size(); ++nPos ) - { - pair< OUString, Any > const & p = vec[ nPos ]; - PermissionCollection const * pPermissions; - // lookup policy for user - { - MutexGuard guard( m_mutex ); - pPermissions = m_user2permissions.lookup( p.first ); - } - OSL_ASSERT( pPermissions ); - if (pPermissions) - { - pPermissions->checkPermission( p.second ); - } - } - break; - } - default: - OSL_FAIL( "### this should never be called in this ac mode!" ); - break; - } - } -} -//__________________________________________________________________________________________________ -/** this is the only function calling the policy singleton and thus has to take care - of recurring calls! - - @param demanded_perm (if not empty) is the demanded permission of a checkPermission() call - which will be postponed for recurring calls -*/ -PermissionCollection AccessController::getEffectivePermissions( - Reference< XCurrentContext > const & xContext, - Any const & demanded_perm ) - SAL_THROW( (RuntimeException) ) -{ - OUString userId; - - switch (m_mode) - { - case SINGLE_USER: - { - if (m_singleUser_init) - return m_singleUserPermissions; - userId = m_singleUserId; - break; - } - case SINGLE_DEFAULT_USER: - { - if (m_defaultPerm_init) - return m_defaultPermissions; - break; - } - case ON: - { - if (xContext.is()) - { - xContext->getValueByName( OUSTR(USER_CREDS ".id") ) >>= userId; - } - if (! userId.getLength()) - { - throw SecurityException( - OUSTR("cannot determine current user in multi-user ac!"), (OWeakObject *)this ); - } - - // lookup policy for user - MutexGuard guard( m_mutex ); - PermissionCollection const * pPermissions = m_user2permissions.lookup( userId ); - if (pPermissions) - return *pPermissions; - break; - } - default: - OSL_FAIL( "### this should never be called in this ac mode!" ); - return PermissionCollection(); - } - - // call on policy - // iff this is a recurring call for the default user, then grant all permissions - t_rec_vec * rec = reinterpret_cast< t_rec_vec * >( m_rec.getData() ); - if (rec) // tls entry exists => this is recursive call - { - if (demanded_perm.hasValue()) - { - // enqueue - rec->push_back( pair< OUString, Any >( userId, demanded_perm ) ); - } -#ifdef __DIAGNOSE - OUStringBuffer buf( 48 ); - buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("> info: recurring call of user \"") ); - buf.append( userId ); - buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\"") ); - OString str( - ::rtl::OUStringToOString( buf.makeStringAndClear(), RTL_TEXTENCODING_ASCII_US ) ); - OSL_TRACE( "%s", str.getStr() ); -#endif - return PermissionCollection( new AllPermission() ); - } - else // no tls - { - rec = new t_rec_vec; - m_rec.setData( rec ); - } - - try // calls on API - { - // init default permissions - if (! m_defaultPerm_init) - { - PermissionCollection defaultPermissions( - getPolicy()->getDefaultPermissions() ); - // assign - MutexGuard guard( m_mutex ); - if (! m_defaultPerm_init) - { - m_defaultPermissions = defaultPermissions; - m_defaultPerm_init = true; - } -#ifdef __DIAGNOSE - dumpPermissions( m_defaultPermissions ); -#endif - } - - PermissionCollection ret; - - // init user permissions - switch (m_mode) - { - case SINGLE_USER: - { - ret = PermissionCollection( - getPolicy()->getPermissions( userId ), m_defaultPermissions ); - { - // assign - MutexGuard guard( m_mutex ); - if (m_singleUser_init) - { - ret = m_singleUserPermissions; - } - else - { - m_singleUserPermissions = ret; - m_singleUser_init = true; - } - } -#ifdef __DIAGNOSE - dumpPermissions( ret, userId ); -#endif - break; - } - case SINGLE_DEFAULT_USER: - { - ret = m_defaultPermissions; - break; - } - case ON: - { - ret = PermissionCollection( - getPolicy()->getPermissions( userId ), m_defaultPermissions ); - { - // cache - MutexGuard guard( m_mutex ); - m_user2permissions.set( userId, ret ); - } -#ifdef __DIAGNOSE - dumpPermissions( ret, userId ); -#endif - break; - } - default: - break; - } - - // check postponed - checkAndClearPostPoned(); - return ret; - } - catch (security::AccessControlException & exc) // wrapped into DeploymentException - { - clearPostPoned(); // safety: exception could have happened before checking postponed? - OUStringBuffer buf( 64 ); - buf.appendAscii( - RTL_CONSTASCII_STRINGPARAM("deployment error (AccessControlException occurred): ") ); - buf.append( exc.Message ); - throw DeploymentException( buf.makeStringAndClear(), exc.Context ); - } - catch (RuntimeException &) - { - // dont check postponed, just cleanup - clearPostPoned(); - delete reinterpret_cast< t_rec_vec * >( m_rec.getData() ); - m_rec.setData( 0 ); - throw; - } - catch (Exception &) - { - // check postponed permissions first - // => AccessControlExceptions are errors, user exceptions not! - checkAndClearPostPoned(); - throw; - } - catch (...) - { - // dont check postponed, just cleanup - clearPostPoned(); - throw; - } -} - -// XAccessController impl -//__________________________________________________________________________________________________ -void AccessController::checkPermission( - Any const & perm ) - throw (RuntimeException) -{ - if (rBHelper.bDisposed) - { - throw lang::DisposedException( - OUSTR("checkPermission() call on disposed AccessController!"), (OWeakObject *)this ); - } - - if (OFF == m_mode) - return; - - // first dynamic check of ac contexts - Reference< XCurrentContext > xContext; - ::uno_getCurrentContext( (void **)&xContext, s_envType.pData, 0 ); - Reference< security::XAccessControlContext > xACC( getDynamicRestriction( xContext ) ); - if (xACC.is()) - { - xACC->checkPermission( perm ); - } - - if (DYNAMIC_ONLY == m_mode) - return; - - // then static check - getEffectivePermissions( xContext, perm ).checkPermission( perm ); -} -//__________________________________________________________________________________________________ -Any AccessController::doRestricted( - Reference< security::XAction > const & xAction, - Reference< security::XAccessControlContext > const & xRestriction ) - throw (Exception) -{ - if (rBHelper.bDisposed) - { - throw lang::DisposedException( - OUSTR("doRestricted() call on disposed AccessController!"), (OWeakObject *)this ); - } - - if (OFF == m_mode) // optimize this way, because no dynamic check will be performed - return xAction->run(); - - if (xRestriction.is()) - { - Reference< XCurrentContext > xContext; - ::uno_getCurrentContext( (void **)&xContext, s_envType.pData, 0 ); - - // override restriction - Reference< XCurrentContext > xNewContext( - new acc_CurrentContext( xContext, acc_Intersection::create( - xRestriction, getDynamicRestriction( xContext ) ) ) ); - ::uno_setCurrentContext( xNewContext.get(), s_envType.pData, 0 ); - cc_reset reset( xContext.get() ); - return xAction->run(); - } - else - { - return xAction->run(); - } -} -//__________________________________________________________________________________________________ -Any AccessController::doPrivileged( - Reference< security::XAction > const & xAction, - Reference< security::XAccessControlContext > const & xRestriction ) - throw (Exception) -{ - if (rBHelper.bDisposed) - { - throw lang::DisposedException( - OUSTR("doPrivileged() call on disposed AccessController!"), (OWeakObject *)this ); - } - - if (OFF == m_mode) // no dynamic check will be performed - { - return xAction->run(); - } - - Reference< XCurrentContext > xContext; - ::uno_getCurrentContext( (void **)&xContext, s_envType.pData, 0 ); - - Reference< security::XAccessControlContext > xOldRestr( - getDynamicRestriction( xContext ) ); - - if (xOldRestr.is()) // previous restriction - { - // override restriction - Reference< XCurrentContext > xNewContext( - new acc_CurrentContext( xContext, acc_Union::create( xRestriction, xOldRestr ) ) ); - ::uno_setCurrentContext( xNewContext.get(), s_envType.pData, 0 ); - cc_reset reset( xContext.get() ); - return xAction->run(); - } - else // no previous restriction => never current restriction - { - return xAction->run(); - } -} -//__________________________________________________________________________________________________ -Reference< security::XAccessControlContext > AccessController::getContext() - throw (RuntimeException) -{ - if (rBHelper.bDisposed) - { - throw lang::DisposedException( - OUSTR("getContext() call on disposed AccessController!"), (OWeakObject *)this ); - } - - if (OFF == m_mode) // optimize this way, because no dynamic check will be performed - { - return new acc_Policy( PermissionCollection( new AllPermission() ) ); - } - - Reference< XCurrentContext > xContext; - ::uno_getCurrentContext( (void **)&xContext, s_envType.pData, 0 ); - - return acc_Intersection::create( - getDynamicRestriction( xContext ), - new acc_Policy( getEffectivePermissions( xContext, Any() ) ) ); -} - -// XServiceInfo impl -//__________________________________________________________________________________________________ -OUString AccessController::getImplementationName() - throw (RuntimeException) -{ - return stoc_bootstrap::ac_getImplementationName(); -} -//__________________________________________________________________________________________________ -sal_Bool AccessController::supportsService( OUString const & serviceName ) - throw (RuntimeException) -{ - Sequence< OUString > aSNL = getSupportedServiceNames(); - const OUString * pNames = aSNL.getConstArray(); - for ( sal_Int32 nPos = aSNL.getLength(); --nPos; ) - { - if (serviceName.equals( pNames[ nPos ] )) - { - return sal_True; - } - } - return sal_False; -} -//__________________________________________________________________________________________________ -Sequence< OUString > AccessController::getSupportedServiceNames() - throw (RuntimeException) -{ - return stoc_bootstrap::ac_getSupportedServiceNames(); -} -} -//################################################################################################## -namespace stoc_bootstrap { -//-------------------------------------------------------------------------------------------------- -Reference< XInterface > SAL_CALL ac_create( - Reference< XComponentContext > const & xComponentContext ) - SAL_THROW( (Exception) ) -{ - return (OWeakObject *)new stoc_sec::AccessController( xComponentContext ); -} -//-------------------------------------------------------------------------------------------------- -Sequence< OUString > ac_getSupportedServiceNames() SAL_THROW( () ) -{ - Sequence< OUString > aSNS( 1 ); - aSNS.getArray()[0] = OUString(RTL_CONSTASCII_USTRINGPARAM(SERVICE_NAME)); - return aSNS; -} -//-------------------------------------------------------------------------------------------------- -OUString ac_getImplementationName() SAL_THROW( () ) -{ - static OUString s_implName = OUSTR(IMPL_NAME); - return s_implName; -} -//-------------------------------------------------------------------------------------------------- -Reference< XInterface > SAL_CALL filepolicy_create( - Reference< XComponentContext > const & xComponentContext ) - SAL_THROW( (Exception) ); -//-------------------------------------------------------------------------------------------------- -Sequence< OUString > filepolicy_getSupportedServiceNames() SAL_THROW( () ); -//-------------------------------------------------------------------------------------------------- -OUString filepolicy_getImplementationName() SAL_THROW( () ); -} - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ |