1647a425cSAndrew Rist /**************************************************************
2cdf0e10cSrcweir *
3647a425cSAndrew Rist * Licensed to the Apache Software Foundation (ASF) under one
4647a425cSAndrew Rist * or more contributor license agreements. See the NOTICE file
5647a425cSAndrew Rist * distributed with this work for additional information
6647a425cSAndrew Rist * regarding copyright ownership. The ASF licenses this file
7647a425cSAndrew Rist * to you under the Apache License, Version 2.0 (the
8647a425cSAndrew Rist * "License"); you may not use this file except in compliance
9647a425cSAndrew Rist * with the License. You may obtain a copy of the License at
10647a425cSAndrew Rist *
11647a425cSAndrew Rist * http://www.apache.org/licenses/LICENSE-2.0
12647a425cSAndrew Rist *
13647a425cSAndrew Rist * Unless required by applicable law or agreed to in writing,
14647a425cSAndrew Rist * software distributed under the License is distributed on an
15647a425cSAndrew Rist * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16647a425cSAndrew Rist * KIND, either express or implied. See the License for the
17647a425cSAndrew Rist * specific language governing permissions and limitations
18647a425cSAndrew Rist * under the License.
19647a425cSAndrew Rist *
20647a425cSAndrew Rist *************************************************************/
21647a425cSAndrew Rist
22647a425cSAndrew Rist
23cdf0e10cSrcweir
24cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove
25cdf0e10cSrcweir #include "precompiled_stoc.hxx"
26cdf0e10cSrcweir
27cdf0e10cSrcweir #include <vector>
28cdf0e10cSrcweir #include <memory>
29cdf0e10cSrcweir
30cdf0e10cSrcweir #include <osl/diagnose.h>
31cdf0e10cSrcweir #include <osl/interlck.h>
32cdf0e10cSrcweir #include <osl/mutex.hxx>
33cdf0e10cSrcweir #include <osl/thread.hxx>
34cdf0e10cSrcweir
35cdf0e10cSrcweir #include <rtl/ustrbuf.hxx>
36cdf0e10cSrcweir #include <rtl/string.hxx>
37cdf0e10cSrcweir
38cdf0e10cSrcweir #include <uno/current_context.h>
39cdf0e10cSrcweir
40cdf0e10cSrcweir #include <cppuhelper/implbase1.hxx>
41cdf0e10cSrcweir #include <cppuhelper/compbase3.hxx>
42cdf0e10cSrcweir #include <cppuhelper/factory.hxx>
43cdf0e10cSrcweir #include <cppuhelper/implementationentry.hxx>
44cdf0e10cSrcweir
45cdf0e10cSrcweir #include <com/sun/star/uno/XCurrentContext.hpp>
46cdf0e10cSrcweir #include <com/sun/star/uno/DeploymentException.hpp>
47cdf0e10cSrcweir #include <com/sun/star/lang/DisposedException.hpp>
48cdf0e10cSrcweir #include <com/sun/star/lang/XComponent.hpp>
49cdf0e10cSrcweir #include <com/sun/star/lang/XServiceInfo.hpp>
50cdf0e10cSrcweir #include <com/sun/star/lang/XInitialization.hpp>
51cdf0e10cSrcweir #include <com/sun/star/security/XAccessController.hpp>
52cdf0e10cSrcweir #include <com/sun/star/security/XPolicy.hpp>
53cdf0e10cSrcweir
54cdf0e10cSrcweir #include "lru_cache.h"
55cdf0e10cSrcweir #include "permissions.h"
56cdf0e10cSrcweir
57cdf0e10cSrcweir #define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) )
58cdf0e10cSrcweir #define SERVICE_NAME "com.sun.star.security.AccessController"
59cdf0e10cSrcweir #define IMPL_NAME "com.sun.star.security.comp.stoc.AccessController"
60cdf0e10cSrcweir #define USER_CREDS "access-control.user-credentials"
61cdf0e10cSrcweir
62cdf0e10cSrcweir
63cdf0e10cSrcweir using namespace ::std;
64cdf0e10cSrcweir using namespace ::osl;
65cdf0e10cSrcweir using namespace ::cppu;
66cdf0e10cSrcweir using namespace ::com::sun::star;
67cdf0e10cSrcweir using namespace ::com::sun::star::uno;
68cdf0e10cSrcweir using ::rtl::OUString;
69cdf0e10cSrcweir using ::rtl::OUStringBuffer;
70cdf0e10cSrcweir using ::rtl::OString;
71cdf0e10cSrcweir
72cdf0e10cSrcweir extern ::rtl_StandardModuleCount g_moduleCount;
73cdf0e10cSrcweir
74cdf0e10cSrcweir namespace stoc_sec
75cdf0e10cSrcweir {
76cdf0e10cSrcweir // static stuff initialized when loading lib
77cdf0e10cSrcweir static OUString s_envType = OUSTR(CPPU_CURRENT_LANGUAGE_BINDING_NAME);
78cdf0e10cSrcweir static OUString s_implName = OUSTR(IMPL_NAME);
79cdf0e10cSrcweir static OUString s_serviceName = OUSTR(SERVICE_NAME);
80cdf0e10cSrcweir static OUString s_acRestriction = OUSTR("access-control.restriction");
81cdf0e10cSrcweir
82cdf0e10cSrcweir static Sequence< OUString > s_serviceNames = Sequence< OUString >( &s_serviceName, 1 );
83cdf0e10cSrcweir
84cdf0e10cSrcweir //##################################################################################################
85cdf0e10cSrcweir
86cdf0e10cSrcweir /** ac context intersects permissions of two ac contexts
87cdf0e10cSrcweir */
88cdf0e10cSrcweir class acc_Intersection
89cdf0e10cSrcweir : public WeakImplHelper1< security::XAccessControlContext >
90cdf0e10cSrcweir {
91cdf0e10cSrcweir Reference< security::XAccessControlContext > m_x1, m_x2;
92cdf0e10cSrcweir
93cdf0e10cSrcweir inline acc_Intersection(
94cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x1,
95cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x2 )
96cdf0e10cSrcweir SAL_THROW( () );
97cdf0e10cSrcweir
98cdf0e10cSrcweir public:
99cdf0e10cSrcweir virtual ~acc_Intersection()
100cdf0e10cSrcweir SAL_THROW( () );
101cdf0e10cSrcweir
102cdf0e10cSrcweir static inline Reference< security::XAccessControlContext > create(
103cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x1,
104cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x2 )
105cdf0e10cSrcweir SAL_THROW( () );
106cdf0e10cSrcweir
107cdf0e10cSrcweir // XAccessControlContext impl
108cdf0e10cSrcweir virtual void SAL_CALL checkPermission(
109cdf0e10cSrcweir Any const & perm )
110cdf0e10cSrcweir throw (RuntimeException);
111cdf0e10cSrcweir };
112cdf0e10cSrcweir //__________________________________________________________________________________________________
acc_Intersection(Reference<security::XAccessControlContext> const & x1,Reference<security::XAccessControlContext> const & x2)113cdf0e10cSrcweir inline acc_Intersection::acc_Intersection(
114cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x1,
115cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x2 )
116cdf0e10cSrcweir SAL_THROW( () )
117cdf0e10cSrcweir : m_x1( x1 )
118cdf0e10cSrcweir , m_x2( x2 )
119cdf0e10cSrcweir {
120cdf0e10cSrcweir g_moduleCount.modCnt.acquire( &g_moduleCount.modCnt );
121cdf0e10cSrcweir }
122cdf0e10cSrcweir //__________________________________________________________________________________________________
~acc_Intersection()123cdf0e10cSrcweir acc_Intersection::~acc_Intersection()
124cdf0e10cSrcweir SAL_THROW( () )
125cdf0e10cSrcweir {
126cdf0e10cSrcweir g_moduleCount.modCnt.release( &g_moduleCount.modCnt );
127cdf0e10cSrcweir }
128cdf0e10cSrcweir //--------------------------------------------------------------------------------------------------
create(Reference<security::XAccessControlContext> const & x1,Reference<security::XAccessControlContext> const & x2)129cdf0e10cSrcweir inline Reference< security::XAccessControlContext > acc_Intersection::create(
130cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x1,
131cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x2 )
132cdf0e10cSrcweir SAL_THROW( () )
133cdf0e10cSrcweir {
134cdf0e10cSrcweir if (! x1.is())
135cdf0e10cSrcweir return x2;
136cdf0e10cSrcweir if (! x2.is())
137cdf0e10cSrcweir return x1;
138cdf0e10cSrcweir return new acc_Intersection( x1, x2 );
139cdf0e10cSrcweir }
140cdf0e10cSrcweir //__________________________________________________________________________________________________
checkPermission(Any const & perm)141cdf0e10cSrcweir void acc_Intersection::checkPermission(
142cdf0e10cSrcweir Any const & perm )
143cdf0e10cSrcweir throw (RuntimeException)
144cdf0e10cSrcweir {
145cdf0e10cSrcweir m_x1->checkPermission( perm );
146cdf0e10cSrcweir m_x2->checkPermission( perm );
147cdf0e10cSrcweir }
148cdf0e10cSrcweir
149cdf0e10cSrcweir /** ac context unifies permissions of two ac contexts
150cdf0e10cSrcweir */
151cdf0e10cSrcweir class acc_Union
152cdf0e10cSrcweir : public WeakImplHelper1< security::XAccessControlContext >
153cdf0e10cSrcweir {
154cdf0e10cSrcweir Reference< security::XAccessControlContext > m_x1, m_x2;
155cdf0e10cSrcweir
156cdf0e10cSrcweir inline acc_Union(
157cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x1,
158cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x2 )
159cdf0e10cSrcweir SAL_THROW( () );
160cdf0e10cSrcweir
161cdf0e10cSrcweir public:
162cdf0e10cSrcweir virtual ~acc_Union()
163cdf0e10cSrcweir SAL_THROW( () );
164cdf0e10cSrcweir
165cdf0e10cSrcweir static inline Reference< security::XAccessControlContext > create(
166cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x1,
167cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x2 )
168cdf0e10cSrcweir SAL_THROW( () );
169cdf0e10cSrcweir
170cdf0e10cSrcweir // XAccessControlContext impl
171cdf0e10cSrcweir virtual void SAL_CALL checkPermission(
172cdf0e10cSrcweir Any const & perm )
173cdf0e10cSrcweir throw (RuntimeException);
174cdf0e10cSrcweir };
175cdf0e10cSrcweir //__________________________________________________________________________________________________
acc_Union(Reference<security::XAccessControlContext> const & x1,Reference<security::XAccessControlContext> const & x2)176cdf0e10cSrcweir inline acc_Union::acc_Union(
177cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x1,
178cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x2 )
179cdf0e10cSrcweir SAL_THROW( () )
180cdf0e10cSrcweir : m_x1( x1 )
181cdf0e10cSrcweir , m_x2( x2 )
182cdf0e10cSrcweir {
183cdf0e10cSrcweir g_moduleCount.modCnt.acquire( &g_moduleCount.modCnt );
184cdf0e10cSrcweir }
185cdf0e10cSrcweir //__________________________________________________________________________________________________
~acc_Union()186cdf0e10cSrcweir acc_Union::~acc_Union()
187cdf0e10cSrcweir SAL_THROW( () )
188cdf0e10cSrcweir {
189cdf0e10cSrcweir g_moduleCount.modCnt.release( &g_moduleCount.modCnt );
190cdf0e10cSrcweir }
191cdf0e10cSrcweir //--------------------------------------------------------------------------------------------------
create(Reference<security::XAccessControlContext> const & x1,Reference<security::XAccessControlContext> const & x2)192cdf0e10cSrcweir inline Reference< security::XAccessControlContext > acc_Union::create(
193cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x1,
194cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x2 )
195cdf0e10cSrcweir SAL_THROW( () )
196cdf0e10cSrcweir {
197cdf0e10cSrcweir if (! x1.is())
198cdf0e10cSrcweir return Reference< security::XAccessControlContext >(); // unrestricted
199cdf0e10cSrcweir if (! x2.is())
200cdf0e10cSrcweir return Reference< security::XAccessControlContext >(); // unrestricted
201cdf0e10cSrcweir return new acc_Union( x1, x2 );
202cdf0e10cSrcweir }
203cdf0e10cSrcweir //__________________________________________________________________________________________________
checkPermission(Any const & perm)204cdf0e10cSrcweir void acc_Union::checkPermission(
205cdf0e10cSrcweir Any const & perm )
206cdf0e10cSrcweir throw (RuntimeException)
207cdf0e10cSrcweir {
208cdf0e10cSrcweir try
209cdf0e10cSrcweir {
210cdf0e10cSrcweir m_x1->checkPermission( perm );
211cdf0e10cSrcweir }
212cdf0e10cSrcweir catch (security::AccessControlException &)
213cdf0e10cSrcweir {
214cdf0e10cSrcweir m_x2->checkPermission( perm );
215cdf0e10cSrcweir }
216cdf0e10cSrcweir }
217cdf0e10cSrcweir
218cdf0e10cSrcweir /** ac context doing permission checks on static permissions
219cdf0e10cSrcweir */
220cdf0e10cSrcweir class acc_Policy
221cdf0e10cSrcweir : public WeakImplHelper1< security::XAccessControlContext >
222cdf0e10cSrcweir {
223cdf0e10cSrcweir PermissionCollection m_permissions;
224cdf0e10cSrcweir
225cdf0e10cSrcweir public:
226cdf0e10cSrcweir inline acc_Policy(
227cdf0e10cSrcweir PermissionCollection const & permissions )
228cdf0e10cSrcweir SAL_THROW( () );
229cdf0e10cSrcweir virtual ~acc_Policy()
230cdf0e10cSrcweir SAL_THROW( () );
231cdf0e10cSrcweir
232cdf0e10cSrcweir // XAccessControlContext impl
233cdf0e10cSrcweir virtual void SAL_CALL checkPermission(
234cdf0e10cSrcweir Any const & perm )
235cdf0e10cSrcweir throw (RuntimeException);
236cdf0e10cSrcweir };
237cdf0e10cSrcweir //__________________________________________________________________________________________________
acc_Policy(PermissionCollection const & permissions)238cdf0e10cSrcweir inline acc_Policy::acc_Policy(
239cdf0e10cSrcweir PermissionCollection const & permissions )
240cdf0e10cSrcweir SAL_THROW( () )
241cdf0e10cSrcweir : m_permissions( permissions )
242cdf0e10cSrcweir {
243cdf0e10cSrcweir g_moduleCount.modCnt.acquire( &g_moduleCount.modCnt );
244cdf0e10cSrcweir }
245cdf0e10cSrcweir //__________________________________________________________________________________________________
~acc_Policy()246cdf0e10cSrcweir acc_Policy::~acc_Policy()
247cdf0e10cSrcweir SAL_THROW( () )
248cdf0e10cSrcweir {
249cdf0e10cSrcweir g_moduleCount.modCnt.release( &g_moduleCount.modCnt );
250cdf0e10cSrcweir }
251cdf0e10cSrcweir //__________________________________________________________________________________________________
checkPermission(Any const & perm)252cdf0e10cSrcweir void acc_Policy::checkPermission(
253cdf0e10cSrcweir Any const & perm )
254cdf0e10cSrcweir throw (RuntimeException)
255cdf0e10cSrcweir {
256cdf0e10cSrcweir m_permissions.checkPermission( perm );
257cdf0e10cSrcweir }
258cdf0e10cSrcweir
259cdf0e10cSrcweir /** current context overriding dynamic ac restriction
260cdf0e10cSrcweir */
261cdf0e10cSrcweir class acc_CurrentContext
262cdf0e10cSrcweir : public ImplHelper1< XCurrentContext >
263cdf0e10cSrcweir {
264cdf0e10cSrcweir oslInterlockedCount m_refcount;
265cdf0e10cSrcweir
266cdf0e10cSrcweir Reference< XCurrentContext > m_xDelegate;
267cdf0e10cSrcweir Any m_restriction;
268cdf0e10cSrcweir
269cdf0e10cSrcweir public:
270cdf0e10cSrcweir inline acc_CurrentContext(
271cdf0e10cSrcweir Reference< XCurrentContext > const & xDelegate,
272cdf0e10cSrcweir Reference< security::XAccessControlContext > const & xRestriction )
273cdf0e10cSrcweir SAL_THROW( () );
274cdf0e10cSrcweir virtual ~acc_CurrentContext() SAL_THROW( () );
275cdf0e10cSrcweir
276cdf0e10cSrcweir // XInterface impl
277cdf0e10cSrcweir virtual void SAL_CALL acquire()
278cdf0e10cSrcweir throw ();
279cdf0e10cSrcweir virtual void SAL_CALL release()
280cdf0e10cSrcweir throw ();
281cdf0e10cSrcweir
282cdf0e10cSrcweir // XCurrentContext impl
283cdf0e10cSrcweir virtual Any SAL_CALL getValueByName( OUString const & name )
284cdf0e10cSrcweir throw (RuntimeException);
285cdf0e10cSrcweir };
286cdf0e10cSrcweir //__________________________________________________________________________________________________
acc_CurrentContext(Reference<XCurrentContext> const & xDelegate,Reference<security::XAccessControlContext> const & xRestriction)287cdf0e10cSrcweir inline acc_CurrentContext::acc_CurrentContext(
288cdf0e10cSrcweir Reference< XCurrentContext > const & xDelegate,
289cdf0e10cSrcweir Reference< security::XAccessControlContext > const & xRestriction )
290cdf0e10cSrcweir SAL_THROW( () )
291cdf0e10cSrcweir : m_refcount( 0 )
292cdf0e10cSrcweir , m_xDelegate( xDelegate )
293cdf0e10cSrcweir {
294cdf0e10cSrcweir g_moduleCount.modCnt.acquire( &g_moduleCount.modCnt );
295cdf0e10cSrcweir
296cdf0e10cSrcweir if (xRestriction.is())
297cdf0e10cSrcweir {
298cdf0e10cSrcweir m_restriction = makeAny( xRestriction );
299cdf0e10cSrcweir }
300cdf0e10cSrcweir // return empty any otherwise on getValueByName(), not null interface
301cdf0e10cSrcweir }
302cdf0e10cSrcweir //__________________________________________________________________________________________________
~acc_CurrentContext()303cdf0e10cSrcweir acc_CurrentContext::~acc_CurrentContext()
304cdf0e10cSrcweir SAL_THROW( () )
305cdf0e10cSrcweir {
306cdf0e10cSrcweir g_moduleCount.modCnt.release( &g_moduleCount.modCnt );
307cdf0e10cSrcweir }
308cdf0e10cSrcweir //__________________________________________________________________________________________________
acquire()309cdf0e10cSrcweir void acc_CurrentContext::acquire()
310cdf0e10cSrcweir throw ()
311cdf0e10cSrcweir {
312cdf0e10cSrcweir ::osl_incrementInterlockedCount( &m_refcount );
313cdf0e10cSrcweir }
314cdf0e10cSrcweir //__________________________________________________________________________________________________
release()315cdf0e10cSrcweir void acc_CurrentContext::release()
316cdf0e10cSrcweir throw ()
317cdf0e10cSrcweir {
318cdf0e10cSrcweir if (! ::osl_decrementInterlockedCount( &m_refcount ))
319cdf0e10cSrcweir {
320cdf0e10cSrcweir delete this;
321cdf0e10cSrcweir }
322cdf0e10cSrcweir }
323cdf0e10cSrcweir //__________________________________________________________________________________________________
getValueByName(OUString const & name)324cdf0e10cSrcweir Any acc_CurrentContext::getValueByName( OUString const & name )
325cdf0e10cSrcweir throw (RuntimeException)
326cdf0e10cSrcweir {
327cdf0e10cSrcweir if (name.equals( s_acRestriction ))
328cdf0e10cSrcweir {
329cdf0e10cSrcweir return m_restriction;
330cdf0e10cSrcweir }
331cdf0e10cSrcweir else if (m_xDelegate.is())
332cdf0e10cSrcweir {
333cdf0e10cSrcweir return m_xDelegate->getValueByName( name );
334cdf0e10cSrcweir }
335cdf0e10cSrcweir else
336cdf0e10cSrcweir {
337cdf0e10cSrcweir return Any();
338cdf0e10cSrcweir }
339cdf0e10cSrcweir }
340cdf0e10cSrcweir
341cdf0e10cSrcweir //##################################################################################################
342cdf0e10cSrcweir
343cdf0e10cSrcweir //--------------------------------------------------------------------------------------------------
dispose(Reference<XInterface> const & x)344cdf0e10cSrcweir static inline void dispose( Reference< XInterface > const & x )
345cdf0e10cSrcweir SAL_THROW( (RuntimeException) )
346cdf0e10cSrcweir {
347cdf0e10cSrcweir Reference< lang::XComponent > xComp( x, UNO_QUERY );
348cdf0e10cSrcweir if (xComp.is())
349cdf0e10cSrcweir {
350cdf0e10cSrcweir xComp->dispose();
351cdf0e10cSrcweir }
352cdf0e10cSrcweir }
353cdf0e10cSrcweir //--------------------------------------------------------------------------------------------------
getDynamicRestriction(Reference<XCurrentContext> const & xContext)354cdf0e10cSrcweir static inline Reference< security::XAccessControlContext > getDynamicRestriction(
355cdf0e10cSrcweir Reference< XCurrentContext > const & xContext )
356cdf0e10cSrcweir SAL_THROW( (RuntimeException) )
357cdf0e10cSrcweir {
358cdf0e10cSrcweir if (xContext.is())
359cdf0e10cSrcweir {
360cdf0e10cSrcweir Any acc( xContext->getValueByName( s_acRestriction ) );
361cdf0e10cSrcweir if (typelib_TypeClass_INTERFACE == acc.pType->eTypeClass)
362cdf0e10cSrcweir {
363cdf0e10cSrcweir // avoid ref-counting
364cdf0e10cSrcweir OUString const & typeName =
365cdf0e10cSrcweir *reinterpret_cast< OUString const * >( &acc.pType->pTypeName );
366cdf0e10cSrcweir if (typeName.equalsAsciiL(
367cdf0e10cSrcweir RTL_CONSTASCII_STRINGPARAM("com.sun.star.security.XAccessControlContext") ))
368cdf0e10cSrcweir {
369cdf0e10cSrcweir return Reference< security::XAccessControlContext >(
370cdf0e10cSrcweir *reinterpret_cast< security::XAccessControlContext ** const >( acc.pData ) );
371cdf0e10cSrcweir }
372cdf0e10cSrcweir else // try to query
373cdf0e10cSrcweir {
374cdf0e10cSrcweir return Reference< security::XAccessControlContext >::query(
375cdf0e10cSrcweir *reinterpret_cast< XInterface ** const >( acc.pData ) );
376cdf0e10cSrcweir }
377cdf0e10cSrcweir }
378cdf0e10cSrcweir }
379cdf0e10cSrcweir return Reference< security::XAccessControlContext >();
380cdf0e10cSrcweir }
381cdf0e10cSrcweir //==================================================================================================
382cdf0e10cSrcweir class cc_reset
383cdf0e10cSrcweir {
384cdf0e10cSrcweir void * m_cc;
385cdf0e10cSrcweir public:
386cdf0e10cSrcweir inline cc_reset( void * cc ) SAL_THROW( () )
387cdf0e10cSrcweir : m_cc( cc ) {}
388cdf0e10cSrcweir inline ~cc_reset() SAL_THROW( () )
389cdf0e10cSrcweir { ::uno_setCurrentContext( m_cc, s_envType.pData, 0 ); }
390cdf0e10cSrcweir };
391cdf0e10cSrcweir
392cdf0e10cSrcweir //##################################################################################################
393cdf0e10cSrcweir
394cdf0e10cSrcweir struct MutexHolder
395cdf0e10cSrcweir {
396cdf0e10cSrcweir Mutex m_mutex;
397cdf0e10cSrcweir };
398cdf0e10cSrcweir typedef WeakComponentImplHelper3<
399cdf0e10cSrcweir security::XAccessController, lang::XServiceInfo, lang::XInitialization > t_helper;
400cdf0e10cSrcweir
401cdf0e10cSrcweir //==================================================================================================
402cdf0e10cSrcweir class AccessController
403cdf0e10cSrcweir : public MutexHolder
404cdf0e10cSrcweir , public t_helper
405cdf0e10cSrcweir {
406cdf0e10cSrcweir Reference< XComponentContext > m_xComponentContext;
407cdf0e10cSrcweir
408cdf0e10cSrcweir Reference< security::XPolicy > m_xPolicy;
409cdf0e10cSrcweir Reference< security::XPolicy > const & getPolicy()
410cdf0e10cSrcweir SAL_THROW( (RuntimeException) );
411cdf0e10cSrcweir
412cdf0e10cSrcweir // mode
413cdf0e10cSrcweir enum Mode { OFF, ON, DYNAMIC_ONLY, SINGLE_USER, SINGLE_DEFAULT_USER } m_mode;
414cdf0e10cSrcweir
415cdf0e10cSrcweir PermissionCollection m_defaultPermissions;
416cdf0e10cSrcweir // for single-user mode
417cdf0e10cSrcweir PermissionCollection m_singleUserPermissions;
418cdf0e10cSrcweir OUString m_singleUserId;
419cdf0e10cSrcweir bool m_defaultPerm_init;
420cdf0e10cSrcweir bool m_singleUser_init;
421cdf0e10cSrcweir // for multi-user mode
422cdf0e10cSrcweir lru_cache< OUString, PermissionCollection, ::rtl::OUStringHash, equal_to< OUString > >
423cdf0e10cSrcweir m_user2permissions;
424cdf0e10cSrcweir
425cdf0e10cSrcweir ThreadData m_rec;
426cdf0e10cSrcweir typedef vector< pair< OUString, Any > > t_rec_vec;
427cdf0e10cSrcweir inline void clearPostPoned() SAL_THROW( () );
428cdf0e10cSrcweir void checkAndClearPostPoned() SAL_THROW( (RuntimeException) );
429cdf0e10cSrcweir
430cdf0e10cSrcweir PermissionCollection getEffectivePermissions(
431cdf0e10cSrcweir Reference< XCurrentContext > const & xContext,
432cdf0e10cSrcweir Any const & demanded_perm )
433cdf0e10cSrcweir SAL_THROW( (RuntimeException) );
434cdf0e10cSrcweir
435cdf0e10cSrcweir protected:
436cdf0e10cSrcweir virtual void SAL_CALL disposing();
437cdf0e10cSrcweir
438cdf0e10cSrcweir public:
439cdf0e10cSrcweir AccessController( Reference< XComponentContext > const & xComponentContext )
440cdf0e10cSrcweir SAL_THROW( (RuntimeException) );
441cdf0e10cSrcweir virtual ~AccessController()
442cdf0e10cSrcweir SAL_THROW( () );
443cdf0e10cSrcweir
444cdf0e10cSrcweir // XInitialization impl
445cdf0e10cSrcweir virtual void SAL_CALL initialize(
446cdf0e10cSrcweir Sequence< Any > const & arguments )
447cdf0e10cSrcweir throw (Exception);
448cdf0e10cSrcweir
449cdf0e10cSrcweir // XAccessController impl
450cdf0e10cSrcweir virtual void SAL_CALL checkPermission(
451cdf0e10cSrcweir Any const & perm )
452cdf0e10cSrcweir throw (RuntimeException);
453cdf0e10cSrcweir virtual Any SAL_CALL doRestricted(
454cdf0e10cSrcweir Reference< security::XAction > const & xAction,
455cdf0e10cSrcweir Reference< security::XAccessControlContext > const & xRestriction )
456cdf0e10cSrcweir throw (Exception);
457cdf0e10cSrcweir virtual Any SAL_CALL doPrivileged(
458cdf0e10cSrcweir Reference< security::XAction > const & xAction,
459cdf0e10cSrcweir Reference< security::XAccessControlContext > const & xRestriction )
460cdf0e10cSrcweir throw (Exception);
461cdf0e10cSrcweir virtual Reference< security::XAccessControlContext > SAL_CALL getContext()
462cdf0e10cSrcweir throw (RuntimeException);
463cdf0e10cSrcweir
464cdf0e10cSrcweir // XServiceInfo impl
465cdf0e10cSrcweir virtual OUString SAL_CALL getImplementationName()
466cdf0e10cSrcweir throw (RuntimeException);
467cdf0e10cSrcweir virtual sal_Bool SAL_CALL supportsService( OUString const & serviceName )
468cdf0e10cSrcweir throw (RuntimeException);
469cdf0e10cSrcweir virtual Sequence< OUString > SAL_CALL getSupportedServiceNames()
470cdf0e10cSrcweir throw (RuntimeException);
471cdf0e10cSrcweir };
472cdf0e10cSrcweir //__________________________________________________________________________________________________
AccessController(Reference<XComponentContext> const & xComponentContext)473cdf0e10cSrcweir AccessController::AccessController( Reference< XComponentContext > const & xComponentContext )
474cdf0e10cSrcweir SAL_THROW( (RuntimeException) )
475cdf0e10cSrcweir : t_helper( m_mutex )
476cdf0e10cSrcweir , m_xComponentContext( xComponentContext )
477cdf0e10cSrcweir , m_mode( ON ) // default
478cdf0e10cSrcweir , m_defaultPerm_init( false )
479cdf0e10cSrcweir , m_singleUser_init( false )
480cdf0e10cSrcweir , m_rec( 0 )
481cdf0e10cSrcweir {
482cdf0e10cSrcweir g_moduleCount.modCnt.acquire( &g_moduleCount.modCnt );
483cdf0e10cSrcweir
484cdf0e10cSrcweir OUString mode;
485cdf0e10cSrcweir if (m_xComponentContext->getValueByName( OUSTR("/services/" SERVICE_NAME "/mode") ) >>= mode)
486cdf0e10cSrcweir {
487cdf0e10cSrcweir if (mode.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM("off") ))
488cdf0e10cSrcweir {
489cdf0e10cSrcweir m_mode = OFF;
490cdf0e10cSrcweir }
491cdf0e10cSrcweir else if (mode.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM("on") ))
492cdf0e10cSrcweir {
493cdf0e10cSrcweir m_mode = ON;
494cdf0e10cSrcweir }
495cdf0e10cSrcweir else if (mode.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM("dynamic-only") ))
496cdf0e10cSrcweir {
497cdf0e10cSrcweir m_mode = DYNAMIC_ONLY;
498cdf0e10cSrcweir }
499cdf0e10cSrcweir else if (mode.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM("single-user") ))
500cdf0e10cSrcweir {
501cdf0e10cSrcweir m_xComponentContext->getValueByName(
502cdf0e10cSrcweir OUSTR("/services/" SERVICE_NAME "/single-user-id") ) >>= m_singleUserId;
503cdf0e10cSrcweir if (! m_singleUserId.getLength())
504cdf0e10cSrcweir {
505cdf0e10cSrcweir throw RuntimeException(
506cdf0e10cSrcweir OUSTR("expected a user id in component context entry "
507cdf0e10cSrcweir "\"/services/" SERVICE_NAME "/single-user-id\"!"),
508cdf0e10cSrcweir (OWeakObject *)this );
509cdf0e10cSrcweir }
510cdf0e10cSrcweir m_mode = SINGLE_USER;
511cdf0e10cSrcweir }
512cdf0e10cSrcweir else if (mode.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM("single-default-user") ))
513cdf0e10cSrcweir {
514cdf0e10cSrcweir m_mode = SINGLE_DEFAULT_USER;
515cdf0e10cSrcweir }
516cdf0e10cSrcweir }
517cdf0e10cSrcweir
518cdf0e10cSrcweir // switch on caching for DYNAMIC_ONLY and ON (sharable multi-user process)
519cdf0e10cSrcweir if (ON == m_mode || DYNAMIC_ONLY == m_mode)
520cdf0e10cSrcweir {
521cdf0e10cSrcweir sal_Int32 cacheSize = 0; // multi-user cache size
522cdf0e10cSrcweir if (! (m_xComponentContext->getValueByName(
523cdf0e10cSrcweir OUSTR("/services/" SERVICE_NAME "/user-cache-size") ) >>= cacheSize))
524cdf0e10cSrcweir {
525cdf0e10cSrcweir cacheSize = 128; // reasonable default?
526cdf0e10cSrcweir }
527cdf0e10cSrcweir #ifdef __CACHE_DIAGNOSE
528cdf0e10cSrcweir cacheSize = 2;
529cdf0e10cSrcweir #endif
530cdf0e10cSrcweir m_user2permissions.setSize( cacheSize );
531cdf0e10cSrcweir }
532cdf0e10cSrcweir }
533cdf0e10cSrcweir //__________________________________________________________________________________________________
~AccessController()534cdf0e10cSrcweir AccessController::~AccessController()
535cdf0e10cSrcweir SAL_THROW( () )
536cdf0e10cSrcweir {
537cdf0e10cSrcweir g_moduleCount.modCnt.release( &g_moduleCount.modCnt );
538cdf0e10cSrcweir }
539cdf0e10cSrcweir //__________________________________________________________________________________________________
disposing()540cdf0e10cSrcweir void AccessController::disposing()
541cdf0e10cSrcweir {
542cdf0e10cSrcweir m_mode = OFF; // avoid checks from now on xxx todo review/ better DYNAMIC_ONLY?
543cdf0e10cSrcweir m_xPolicy.clear();
544cdf0e10cSrcweir m_xComponentContext.clear();
545cdf0e10cSrcweir }
546cdf0e10cSrcweir
547cdf0e10cSrcweir // XInitialization impl
548cdf0e10cSrcweir //__________________________________________________________________________________________________
initialize(Sequence<Any> const & arguments)549cdf0e10cSrcweir void AccessController::initialize(
550cdf0e10cSrcweir Sequence< Any > const & arguments )
551cdf0e10cSrcweir throw (Exception)
552cdf0e10cSrcweir {
553cdf0e10cSrcweir // xxx todo: review for forking
554cdf0e10cSrcweir // portal forking hack: re-initialize for another user-id
555cdf0e10cSrcweir if (SINGLE_USER != m_mode) // only if in single-user mode
556cdf0e10cSrcweir {
557cdf0e10cSrcweir throw RuntimeException(
558cdf0e10cSrcweir OUSTR("invalid call: ac must be in \"single-user\" mode!"), (OWeakObject *)this );
559cdf0e10cSrcweir }
560cdf0e10cSrcweir OUString userId;
561cdf0e10cSrcweir arguments[ 0 ] >>= userId;
562cdf0e10cSrcweir if (! userId.getLength())
563cdf0e10cSrcweir {
564cdf0e10cSrcweir throw RuntimeException(
565cdf0e10cSrcweir OUSTR("expected a user-id as first argument!"), (OWeakObject *)this );
566cdf0e10cSrcweir }
567cdf0e10cSrcweir // assured that no sync is necessary: no check happens at this forking time
568cdf0e10cSrcweir m_singleUserId = userId;
569cdf0e10cSrcweir m_singleUser_init = false;
570cdf0e10cSrcweir }
571cdf0e10cSrcweir
572cdf0e10cSrcweir //__________________________________________________________________________________________________
getPolicy()573cdf0e10cSrcweir Reference< security::XPolicy > const & AccessController::getPolicy()
574cdf0e10cSrcweir SAL_THROW( (RuntimeException) )
575cdf0e10cSrcweir {
576cdf0e10cSrcweir // get policy singleton
577cdf0e10cSrcweir if (! m_xPolicy.is())
578cdf0e10cSrcweir {
579cdf0e10cSrcweir Reference< security::XPolicy > xPolicy;
580cdf0e10cSrcweir m_xComponentContext->getValueByName(
581cdf0e10cSrcweir OUSTR("/singletons/com.sun.star.security.thePolicy") ) >>= xPolicy;
582cdf0e10cSrcweir if (xPolicy.is())
583cdf0e10cSrcweir {
584cdf0e10cSrcweir MutexGuard guard( m_mutex );
585cdf0e10cSrcweir if (! m_xPolicy.is())
586cdf0e10cSrcweir {
587cdf0e10cSrcweir m_xPolicy = xPolicy;
588cdf0e10cSrcweir }
589cdf0e10cSrcweir }
590cdf0e10cSrcweir else
591cdf0e10cSrcweir {
592cdf0e10cSrcweir throw SecurityException(
593cdf0e10cSrcweir OUSTR("cannot get policy singleton!"), (OWeakObject *)this );
594cdf0e10cSrcweir }
595cdf0e10cSrcweir }
596cdf0e10cSrcweir return m_xPolicy;
597cdf0e10cSrcweir }
598cdf0e10cSrcweir
599cdf0e10cSrcweir #ifdef __DIAGNOSE
dumpPermissions(PermissionCollection const & collection,OUString const & userId=OUString ())600cdf0e10cSrcweir static void dumpPermissions(
601cdf0e10cSrcweir PermissionCollection const & collection, OUString const & userId = OUString() ) SAL_THROW( () )
602cdf0e10cSrcweir {
603cdf0e10cSrcweir OUStringBuffer buf( 48 );
604cdf0e10cSrcweir if (userId.getLength())
605cdf0e10cSrcweir {
606cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("> dumping permissions of user \"") );
607cdf0e10cSrcweir buf.append( userId );
608cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\":") );
609cdf0e10cSrcweir }
610cdf0e10cSrcweir else
611cdf0e10cSrcweir {
612cdf0e10cSrcweir buf.appendAscii(
613cdf0e10cSrcweir RTL_CONSTASCII_STRINGPARAM("> dumping default permissions:") );
614cdf0e10cSrcweir }
615cdf0e10cSrcweir OString str( ::rtl::OUStringToOString( buf.makeStringAndClear(), RTL_TEXTENCODING_ASCII_US ) );
616cdf0e10cSrcweir OSL_TRACE( str.getStr() );
617cdf0e10cSrcweir Sequence< OUString > permissions( collection.toStrings() );
618cdf0e10cSrcweir OUString const * p = permissions.getConstArray();
619cdf0e10cSrcweir for ( sal_Int32 nPos = 0; nPos < permissions.getLength(); ++nPos )
620cdf0e10cSrcweir {
621cdf0e10cSrcweir OString str( ::rtl::OUStringToOString( p[ nPos ], RTL_TEXTENCODING_ASCII_US ) );
622cdf0e10cSrcweir OSL_TRACE( str.getStr() );
623cdf0e10cSrcweir }
624cdf0e10cSrcweir OSL_TRACE( "> permission dump done" );
625cdf0e10cSrcweir }
626cdf0e10cSrcweir #endif
627cdf0e10cSrcweir
628cdf0e10cSrcweir
629cdf0e10cSrcweir //__________________________________________________________________________________________________
clearPostPoned()630cdf0e10cSrcweir inline void AccessController::clearPostPoned() SAL_THROW( () )
631cdf0e10cSrcweir {
632cdf0e10cSrcweir delete reinterpret_cast< t_rec_vec * >( m_rec.getData() );
633cdf0e10cSrcweir m_rec.setData( 0 );
634cdf0e10cSrcweir }
635cdf0e10cSrcweir //__________________________________________________________________________________________________
checkAndClearPostPoned()636cdf0e10cSrcweir void AccessController::checkAndClearPostPoned() SAL_THROW( (RuntimeException) )
637cdf0e10cSrcweir {
638cdf0e10cSrcweir // check postponed permissions
639cdf0e10cSrcweir auto_ptr< t_rec_vec > rec( reinterpret_cast< t_rec_vec * >( m_rec.getData() ) );
640cdf0e10cSrcweir m_rec.setData( 0 ); // takeover ownership
641cdf0e10cSrcweir OSL_ASSERT( rec.get() );
642cdf0e10cSrcweir if (rec.get())
643cdf0e10cSrcweir {
644cdf0e10cSrcweir t_rec_vec const & vec = *rec.get();
645cdf0e10cSrcweir switch (m_mode)
646cdf0e10cSrcweir {
647cdf0e10cSrcweir case SINGLE_USER:
648cdf0e10cSrcweir {
649cdf0e10cSrcweir OSL_ASSERT( m_singleUser_init );
650cdf0e10cSrcweir for ( size_t nPos = 0; nPos < vec.size(); ++nPos )
651cdf0e10cSrcweir {
652cdf0e10cSrcweir pair< OUString, Any > const & p = vec[ nPos ];
653cdf0e10cSrcweir OSL_ASSERT( m_singleUserId.equals( p.first ) );
654cdf0e10cSrcweir m_singleUserPermissions.checkPermission( p.second );
655cdf0e10cSrcweir }
656cdf0e10cSrcweir break;
657cdf0e10cSrcweir }
658cdf0e10cSrcweir case SINGLE_DEFAULT_USER:
659cdf0e10cSrcweir {
660cdf0e10cSrcweir OSL_ASSERT( m_defaultPerm_init );
661cdf0e10cSrcweir for ( size_t nPos = 0; nPos < vec.size(); ++nPos )
662cdf0e10cSrcweir {
663cdf0e10cSrcweir pair< OUString, Any > const & p = vec[ nPos ];
664cdf0e10cSrcweir OSL_ASSERT( !p.first.getLength() ); // default-user
665cdf0e10cSrcweir m_defaultPermissions.checkPermission( p.second );
666cdf0e10cSrcweir }
667cdf0e10cSrcweir break;
668cdf0e10cSrcweir }
669cdf0e10cSrcweir case ON:
670cdf0e10cSrcweir {
671cdf0e10cSrcweir for ( size_t nPos = 0; nPos < vec.size(); ++nPos )
672cdf0e10cSrcweir {
673cdf0e10cSrcweir pair< OUString, Any > const & p = vec[ nPos ];
674cdf0e10cSrcweir PermissionCollection const * pPermissions;
675cdf0e10cSrcweir // lookup policy for user
676cdf0e10cSrcweir {
677cdf0e10cSrcweir MutexGuard guard( m_mutex );
678cdf0e10cSrcweir pPermissions = m_user2permissions.lookup( p.first );
679cdf0e10cSrcweir }
680cdf0e10cSrcweir OSL_ASSERT( pPermissions );
681cdf0e10cSrcweir if (pPermissions)
682cdf0e10cSrcweir {
683cdf0e10cSrcweir pPermissions->checkPermission( p.second );
684cdf0e10cSrcweir }
685cdf0e10cSrcweir }
686cdf0e10cSrcweir break;
687cdf0e10cSrcweir }
688cdf0e10cSrcweir default:
689cdf0e10cSrcweir OSL_ENSURE( 0, "### this should never be called in this ac mode!" );
690cdf0e10cSrcweir break;
691cdf0e10cSrcweir }
692cdf0e10cSrcweir }
693cdf0e10cSrcweir }
694cdf0e10cSrcweir //__________________________________________________________________________________________________
695cdf0e10cSrcweir /** this is the only function calling the policy singleton and thus has to take care
696cdf0e10cSrcweir of recurring calls!
697cdf0e10cSrcweir
698cdf0e10cSrcweir @param demanded_perm (if not empty) is the demanded permission of a checkPermission() call
699cdf0e10cSrcweir which will be postponed for recurring calls
700cdf0e10cSrcweir */
getEffectivePermissions(Reference<XCurrentContext> const & xContext,Any const & demanded_perm)701cdf0e10cSrcweir PermissionCollection AccessController::getEffectivePermissions(
702cdf0e10cSrcweir Reference< XCurrentContext > const & xContext,
703cdf0e10cSrcweir Any const & demanded_perm )
704cdf0e10cSrcweir SAL_THROW( (RuntimeException) )
705cdf0e10cSrcweir {
706cdf0e10cSrcweir OUString userId;
707cdf0e10cSrcweir
708cdf0e10cSrcweir switch (m_mode)
709cdf0e10cSrcweir {
710cdf0e10cSrcweir case SINGLE_USER:
711cdf0e10cSrcweir {
712cdf0e10cSrcweir if (m_singleUser_init)
713cdf0e10cSrcweir return m_singleUserPermissions;
714cdf0e10cSrcweir userId = m_singleUserId;
715cdf0e10cSrcweir break;
716cdf0e10cSrcweir }
717cdf0e10cSrcweir case SINGLE_DEFAULT_USER:
718cdf0e10cSrcweir {
719cdf0e10cSrcweir if (m_defaultPerm_init)
720cdf0e10cSrcweir return m_defaultPermissions;
721cdf0e10cSrcweir break;
722cdf0e10cSrcweir }
723cdf0e10cSrcweir case ON:
724cdf0e10cSrcweir {
725cdf0e10cSrcweir if (xContext.is())
726cdf0e10cSrcweir {
727cdf0e10cSrcweir xContext->getValueByName( OUSTR(USER_CREDS ".id") ) >>= userId;
728cdf0e10cSrcweir }
729cdf0e10cSrcweir if (! userId.getLength())
730cdf0e10cSrcweir {
731cdf0e10cSrcweir throw SecurityException(
732cdf0e10cSrcweir OUSTR("cannot determine current user in multi-user ac!"), (OWeakObject *)this );
733cdf0e10cSrcweir }
734cdf0e10cSrcweir
735cdf0e10cSrcweir // lookup policy for user
736cdf0e10cSrcweir MutexGuard guard( m_mutex );
737cdf0e10cSrcweir PermissionCollection const * pPermissions = m_user2permissions.lookup( userId );
738cdf0e10cSrcweir if (pPermissions)
739cdf0e10cSrcweir return *pPermissions;
740cdf0e10cSrcweir break;
741cdf0e10cSrcweir }
742cdf0e10cSrcweir default:
743cdf0e10cSrcweir OSL_ENSURE( 0, "### this should never be called in this ac mode!" );
744cdf0e10cSrcweir return PermissionCollection();
745cdf0e10cSrcweir }
746cdf0e10cSrcweir
747cdf0e10cSrcweir // call on policy
748cdf0e10cSrcweir // iff this is a recurring call for the default user, then grant all permissions
749cdf0e10cSrcweir t_rec_vec * rec = reinterpret_cast< t_rec_vec * >( m_rec.getData() );
750cdf0e10cSrcweir if (rec) // tls entry exists => this is recursive call
751cdf0e10cSrcweir {
752cdf0e10cSrcweir if (demanded_perm.hasValue())
753cdf0e10cSrcweir {
754cdf0e10cSrcweir // enqueue
755cdf0e10cSrcweir rec->push_back( pair< OUString, Any >( userId, demanded_perm ) );
756cdf0e10cSrcweir }
757cdf0e10cSrcweir #ifdef __DIAGNOSE
758cdf0e10cSrcweir OUStringBuffer buf( 48 );
759cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("> info: recurring call of user \"") );
760cdf0e10cSrcweir buf.append( userId );
761cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\"") );
762cdf0e10cSrcweir OString str(
763cdf0e10cSrcweir ::rtl::OUStringToOString( buf.makeStringAndClear(), RTL_TEXTENCODING_ASCII_US ) );
764cdf0e10cSrcweir OSL_TRACE( str.getStr() );
765cdf0e10cSrcweir #endif
766cdf0e10cSrcweir return PermissionCollection( new AllPermission() );
767cdf0e10cSrcweir }
768cdf0e10cSrcweir else // no tls
769cdf0e10cSrcweir {
770cdf0e10cSrcweir rec = new t_rec_vec;
771cdf0e10cSrcweir m_rec.setData( rec );
772cdf0e10cSrcweir }
773cdf0e10cSrcweir
774cdf0e10cSrcweir try // calls on API
775cdf0e10cSrcweir {
776cdf0e10cSrcweir // init default permissions
777cdf0e10cSrcweir if (! m_defaultPerm_init)
778cdf0e10cSrcweir {
779cdf0e10cSrcweir PermissionCollection defaultPermissions(
780cdf0e10cSrcweir getPolicy()->getDefaultPermissions() );
781cdf0e10cSrcweir // assign
782cdf0e10cSrcweir MutexGuard guard( m_mutex );
783cdf0e10cSrcweir if (! m_defaultPerm_init)
784cdf0e10cSrcweir {
785cdf0e10cSrcweir m_defaultPermissions = defaultPermissions;
786cdf0e10cSrcweir m_defaultPerm_init = true;
787cdf0e10cSrcweir }
788cdf0e10cSrcweir #ifdef __DIAGNOSE
789cdf0e10cSrcweir dumpPermissions( m_defaultPermissions );
790cdf0e10cSrcweir #endif
791cdf0e10cSrcweir }
792cdf0e10cSrcweir
793cdf0e10cSrcweir PermissionCollection ret;
794cdf0e10cSrcweir
795cdf0e10cSrcweir // init user permissions
796cdf0e10cSrcweir switch (m_mode)
797cdf0e10cSrcweir {
798cdf0e10cSrcweir case SINGLE_USER:
799cdf0e10cSrcweir {
800cdf0e10cSrcweir ret = PermissionCollection(
801cdf0e10cSrcweir getPolicy()->getPermissions( userId ), m_defaultPermissions );
802cdf0e10cSrcweir {
803cdf0e10cSrcweir // assign
804cdf0e10cSrcweir MutexGuard guard( m_mutex );
805cdf0e10cSrcweir if (m_singleUser_init)
806cdf0e10cSrcweir {
807cdf0e10cSrcweir ret = m_singleUserPermissions;
808cdf0e10cSrcweir }
809cdf0e10cSrcweir else
810cdf0e10cSrcweir {
811cdf0e10cSrcweir m_singleUserPermissions = ret;
812cdf0e10cSrcweir m_singleUser_init = true;
813cdf0e10cSrcweir }
814cdf0e10cSrcweir }
815cdf0e10cSrcweir #ifdef __DIAGNOSE
816cdf0e10cSrcweir dumpPermissions( ret, userId );
817cdf0e10cSrcweir #endif
818cdf0e10cSrcweir break;
819cdf0e10cSrcweir }
820cdf0e10cSrcweir case SINGLE_DEFAULT_USER:
821cdf0e10cSrcweir {
822cdf0e10cSrcweir ret = m_defaultPermissions;
823cdf0e10cSrcweir break;
824cdf0e10cSrcweir }
825cdf0e10cSrcweir case ON:
826cdf0e10cSrcweir {
827cdf0e10cSrcweir ret = PermissionCollection(
828cdf0e10cSrcweir getPolicy()->getPermissions( userId ), m_defaultPermissions );
829cdf0e10cSrcweir {
830cdf0e10cSrcweir // cache
831cdf0e10cSrcweir MutexGuard guard( m_mutex );
832cdf0e10cSrcweir m_user2permissions.set( userId, ret );
833cdf0e10cSrcweir }
834cdf0e10cSrcweir #ifdef __DIAGNOSE
835cdf0e10cSrcweir dumpPermissions( ret, userId );
836cdf0e10cSrcweir #endif
837cdf0e10cSrcweir break;
838cdf0e10cSrcweir }
839cdf0e10cSrcweir default:
840cdf0e10cSrcweir break;
841cdf0e10cSrcweir }
842cdf0e10cSrcweir
843cdf0e10cSrcweir // check postponed
844cdf0e10cSrcweir checkAndClearPostPoned();
845cdf0e10cSrcweir return ret;
846cdf0e10cSrcweir }
847cdf0e10cSrcweir catch (security::AccessControlException & exc) // wrapped into DeploymentException
848cdf0e10cSrcweir {
849cdf0e10cSrcweir clearPostPoned(); // safety: exception could have happened before checking postponed?
850cdf0e10cSrcweir OUStringBuffer buf( 64 );
851cdf0e10cSrcweir buf.appendAscii(
852*86e1cf34SPedro Giffuni RTL_CONSTASCII_STRINGPARAM("deployment error (AccessControlException occurred): ") );
853cdf0e10cSrcweir buf.append( exc.Message );
854cdf0e10cSrcweir throw DeploymentException( buf.makeStringAndClear(), exc.Context );
855cdf0e10cSrcweir }
856cdf0e10cSrcweir catch (RuntimeException &)
857cdf0e10cSrcweir {
858cdf0e10cSrcweir // dont check postponed, just cleanup
859cdf0e10cSrcweir clearPostPoned();
860cdf0e10cSrcweir delete reinterpret_cast< t_rec_vec * >( m_rec.getData() );
861cdf0e10cSrcweir m_rec.setData( 0 );
862cdf0e10cSrcweir throw;
863cdf0e10cSrcweir }
864cdf0e10cSrcweir catch (Exception &)
865cdf0e10cSrcweir {
866cdf0e10cSrcweir // check postponed permissions first
867cdf0e10cSrcweir // => AccessControlExceptions are errors, user exceptions not!
868cdf0e10cSrcweir checkAndClearPostPoned();
869cdf0e10cSrcweir throw;
870cdf0e10cSrcweir }
871cdf0e10cSrcweir catch (...)
872cdf0e10cSrcweir {
873cdf0e10cSrcweir // dont check postponed, just cleanup
874cdf0e10cSrcweir clearPostPoned();
875cdf0e10cSrcweir throw;
876cdf0e10cSrcweir }
877cdf0e10cSrcweir }
878cdf0e10cSrcweir
879cdf0e10cSrcweir // XAccessController impl
880cdf0e10cSrcweir //__________________________________________________________________________________________________
checkPermission(Any const & perm)881cdf0e10cSrcweir void AccessController::checkPermission(
882cdf0e10cSrcweir Any const & perm )
883cdf0e10cSrcweir throw (RuntimeException)
884cdf0e10cSrcweir {
885cdf0e10cSrcweir if (rBHelper.bDisposed)
886cdf0e10cSrcweir {
887cdf0e10cSrcweir throw lang::DisposedException(
888cdf0e10cSrcweir OUSTR("checkPermission() call on disposed AccessController!"), (OWeakObject *)this );
889cdf0e10cSrcweir }
890cdf0e10cSrcweir
891cdf0e10cSrcweir if (OFF == m_mode)
892cdf0e10cSrcweir return;
893cdf0e10cSrcweir
894cdf0e10cSrcweir // first dynamic check of ac contexts
895cdf0e10cSrcweir Reference< XCurrentContext > xContext;
896cdf0e10cSrcweir ::uno_getCurrentContext( (void **)&xContext, s_envType.pData, 0 );
897cdf0e10cSrcweir Reference< security::XAccessControlContext > xACC( getDynamicRestriction( xContext ) );
898cdf0e10cSrcweir if (xACC.is())
899cdf0e10cSrcweir {
900cdf0e10cSrcweir xACC->checkPermission( perm );
901cdf0e10cSrcweir }
902cdf0e10cSrcweir
903cdf0e10cSrcweir if (DYNAMIC_ONLY == m_mode)
904cdf0e10cSrcweir return;
905cdf0e10cSrcweir
906cdf0e10cSrcweir // then static check
907cdf0e10cSrcweir getEffectivePermissions( xContext, perm ).checkPermission( perm );
908cdf0e10cSrcweir }
909cdf0e10cSrcweir //__________________________________________________________________________________________________
doRestricted(Reference<security::XAction> const & xAction,Reference<security::XAccessControlContext> const & xRestriction)910cdf0e10cSrcweir Any AccessController::doRestricted(
911cdf0e10cSrcweir Reference< security::XAction > const & xAction,
912cdf0e10cSrcweir Reference< security::XAccessControlContext > const & xRestriction )
913cdf0e10cSrcweir throw (Exception)
914cdf0e10cSrcweir {
915cdf0e10cSrcweir if (rBHelper.bDisposed)
916cdf0e10cSrcweir {
917cdf0e10cSrcweir throw lang::DisposedException(
918cdf0e10cSrcweir OUSTR("doRestricted() call on disposed AccessController!"), (OWeakObject *)this );
919cdf0e10cSrcweir }
920cdf0e10cSrcweir
921cdf0e10cSrcweir if (OFF == m_mode) // optimize this way, because no dynamic check will be performed
922cdf0e10cSrcweir return xAction->run();
923cdf0e10cSrcweir
924cdf0e10cSrcweir if (xRestriction.is())
925cdf0e10cSrcweir {
926cdf0e10cSrcweir Reference< XCurrentContext > xContext;
927cdf0e10cSrcweir ::uno_getCurrentContext( (void **)&xContext, s_envType.pData, 0 );
928cdf0e10cSrcweir
929cdf0e10cSrcweir // override restriction
930cdf0e10cSrcweir Reference< XCurrentContext > xNewContext(
931cdf0e10cSrcweir new acc_CurrentContext( xContext, acc_Intersection::create(
932cdf0e10cSrcweir xRestriction, getDynamicRestriction( xContext ) ) ) );
933cdf0e10cSrcweir ::uno_setCurrentContext( xNewContext.get(), s_envType.pData, 0 );
934cdf0e10cSrcweir cc_reset reset( xContext.get() );
935cdf0e10cSrcweir return xAction->run();
936cdf0e10cSrcweir }
937cdf0e10cSrcweir else
938cdf0e10cSrcweir {
939cdf0e10cSrcweir return xAction->run();
940cdf0e10cSrcweir }
941cdf0e10cSrcweir }
942cdf0e10cSrcweir //__________________________________________________________________________________________________
doPrivileged(Reference<security::XAction> const & xAction,Reference<security::XAccessControlContext> const & xRestriction)943cdf0e10cSrcweir Any AccessController::doPrivileged(
944cdf0e10cSrcweir Reference< security::XAction > const & xAction,
945cdf0e10cSrcweir Reference< security::XAccessControlContext > const & xRestriction )
946cdf0e10cSrcweir throw (Exception)
947cdf0e10cSrcweir {
948cdf0e10cSrcweir if (rBHelper.bDisposed)
949cdf0e10cSrcweir {
950cdf0e10cSrcweir throw lang::DisposedException(
951cdf0e10cSrcweir OUSTR("doPrivileged() call on disposed AccessController!"), (OWeakObject *)this );
952cdf0e10cSrcweir }
953cdf0e10cSrcweir
954cdf0e10cSrcweir if (OFF == m_mode) // no dynamic check will be performed
955cdf0e10cSrcweir {
956cdf0e10cSrcweir return xAction->run();
957cdf0e10cSrcweir }
958cdf0e10cSrcweir
959cdf0e10cSrcweir Reference< XCurrentContext > xContext;
960cdf0e10cSrcweir ::uno_getCurrentContext( (void **)&xContext, s_envType.pData, 0 );
961cdf0e10cSrcweir
962cdf0e10cSrcweir Reference< security::XAccessControlContext > xOldRestr(
963cdf0e10cSrcweir getDynamicRestriction( xContext ) );
964cdf0e10cSrcweir
965cdf0e10cSrcweir if (xOldRestr.is()) // previous restriction
966cdf0e10cSrcweir {
967cdf0e10cSrcweir // override restriction
968cdf0e10cSrcweir Reference< XCurrentContext > xNewContext(
969cdf0e10cSrcweir new acc_CurrentContext( xContext, acc_Union::create( xRestriction, xOldRestr ) ) );
970cdf0e10cSrcweir ::uno_setCurrentContext( xNewContext.get(), s_envType.pData, 0 );
971cdf0e10cSrcweir cc_reset reset( xContext.get() );
972cdf0e10cSrcweir return xAction->run();
973cdf0e10cSrcweir }
974cdf0e10cSrcweir else // no previous restriction => never current restriction
975cdf0e10cSrcweir {
976cdf0e10cSrcweir return xAction->run();
977cdf0e10cSrcweir }
978cdf0e10cSrcweir }
979cdf0e10cSrcweir //__________________________________________________________________________________________________
getContext()980cdf0e10cSrcweir Reference< security::XAccessControlContext > AccessController::getContext()
981cdf0e10cSrcweir throw (RuntimeException)
982cdf0e10cSrcweir {
983cdf0e10cSrcweir if (rBHelper.bDisposed)
984cdf0e10cSrcweir {
985cdf0e10cSrcweir throw lang::DisposedException(
986cdf0e10cSrcweir OUSTR("getContext() call on disposed AccessController!"), (OWeakObject *)this );
987cdf0e10cSrcweir }
988cdf0e10cSrcweir
989cdf0e10cSrcweir if (OFF == m_mode) // optimize this way, because no dynamic check will be performed
990cdf0e10cSrcweir {
991cdf0e10cSrcweir return new acc_Policy( PermissionCollection( new AllPermission() ) );
992cdf0e10cSrcweir }
993cdf0e10cSrcweir
994cdf0e10cSrcweir Reference< XCurrentContext > xContext;
995cdf0e10cSrcweir ::uno_getCurrentContext( (void **)&xContext, s_envType.pData, 0 );
996cdf0e10cSrcweir
997cdf0e10cSrcweir return acc_Intersection::create(
998cdf0e10cSrcweir getDynamicRestriction( xContext ),
999cdf0e10cSrcweir new acc_Policy( getEffectivePermissions( xContext, Any() ) ) );
1000cdf0e10cSrcweir }
1001cdf0e10cSrcweir
1002cdf0e10cSrcweir // XServiceInfo impl
1003cdf0e10cSrcweir //__________________________________________________________________________________________________
getImplementationName()1004cdf0e10cSrcweir OUString AccessController::getImplementationName()
1005cdf0e10cSrcweir throw (RuntimeException)
1006cdf0e10cSrcweir {
1007cdf0e10cSrcweir return s_implName;
1008cdf0e10cSrcweir }
1009cdf0e10cSrcweir //__________________________________________________________________________________________________
supportsService(OUString const & serviceName)1010cdf0e10cSrcweir sal_Bool AccessController::supportsService( OUString const & serviceName )
1011cdf0e10cSrcweir throw (RuntimeException)
1012cdf0e10cSrcweir {
1013cdf0e10cSrcweir OUString const * pNames = s_serviceNames.getConstArray();
1014cdf0e10cSrcweir for ( sal_Int32 nPos = s_serviceNames.getLength(); nPos--; )
1015cdf0e10cSrcweir {
1016cdf0e10cSrcweir if (serviceName.equals( pNames[ nPos ] ))
1017cdf0e10cSrcweir {
1018cdf0e10cSrcweir return sal_True;
1019cdf0e10cSrcweir }
1020cdf0e10cSrcweir }
1021cdf0e10cSrcweir return sal_False;
1022cdf0e10cSrcweir }
1023cdf0e10cSrcweir //__________________________________________________________________________________________________
getSupportedServiceNames()1024cdf0e10cSrcweir Sequence< OUString > AccessController::getSupportedServiceNames()
1025cdf0e10cSrcweir throw (RuntimeException)
1026cdf0e10cSrcweir {
1027cdf0e10cSrcweir return s_serviceNames;
1028cdf0e10cSrcweir }
1029cdf0e10cSrcweir }
1030cdf0e10cSrcweir //##################################################################################################
1031cdf0e10cSrcweir namespace stoc_bootstrap {
1032cdf0e10cSrcweir //--------------------------------------------------------------------------------------------------
ac_create(Reference<XComponentContext> const & xComponentContext)1033cdf0e10cSrcweir Reference< XInterface > SAL_CALL ac_create(
1034cdf0e10cSrcweir Reference< XComponentContext > const & xComponentContext )
1035cdf0e10cSrcweir SAL_THROW( (Exception) )
1036cdf0e10cSrcweir {
1037cdf0e10cSrcweir return (OWeakObject *)new stoc_sec::AccessController( xComponentContext );
1038cdf0e10cSrcweir }
1039cdf0e10cSrcweir //--------------------------------------------------------------------------------------------------
ac_getSupportedServiceNames()1040cdf0e10cSrcweir Sequence< OUString > ac_getSupportedServiceNames() SAL_THROW( () )
1041cdf0e10cSrcweir {
1042cdf0e10cSrcweir return stoc_sec::s_serviceNames;
1043cdf0e10cSrcweir }
1044cdf0e10cSrcweir //--------------------------------------------------------------------------------------------------
ac_getImplementationName()1045cdf0e10cSrcweir OUString ac_getImplementationName() SAL_THROW( () )
1046cdf0e10cSrcweir {
1047cdf0e10cSrcweir return stoc_sec::s_implName;
1048cdf0e10cSrcweir }
1049cdf0e10cSrcweir //--------------------------------------------------------------------------------------------------
1050cdf0e10cSrcweir Reference< XInterface > SAL_CALL filepolicy_create(
1051cdf0e10cSrcweir Reference< XComponentContext > const & xComponentContext )
1052cdf0e10cSrcweir SAL_THROW( (Exception) );
1053cdf0e10cSrcweir //--------------------------------------------------------------------------------------------------
1054cdf0e10cSrcweir Sequence< OUString > filepolicy_getSupportedServiceNames() SAL_THROW( () );
1055cdf0e10cSrcweir //--------------------------------------------------------------------------------------------------
1056cdf0e10cSrcweir OUString filepolicy_getImplementationName() SAL_THROW( () );
1057cdf0e10cSrcweir }
1058