1bae3752eSAndrew Rist /************************************************************** 2cdf0e10cSrcweir * 3bae3752eSAndrew Rist * Licensed to the Apache Software Foundation (ASF) under one 4bae3752eSAndrew Rist * or more contributor license agreements. See the NOTICE file 5bae3752eSAndrew Rist * distributed with this work for additional information 6bae3752eSAndrew Rist * regarding copyright ownership. The ASF licenses this file 7bae3752eSAndrew Rist * to you under the Apache License, Version 2.0 (the 8bae3752eSAndrew Rist * "License"); you may not use this file except in compliance 9bae3752eSAndrew Rist * with the License. You may obtain a copy of the License at 10bae3752eSAndrew Rist * 11bae3752eSAndrew Rist * http://www.apache.org/licenses/LICENSE-2.0 12bae3752eSAndrew Rist * 13bae3752eSAndrew Rist * Unless required by applicable law or agreed to in writing, 14bae3752eSAndrew Rist * software distributed under the License is distributed on an 15bae3752eSAndrew Rist * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16bae3752eSAndrew Rist * KIND, either express or implied. See the License for the 17bae3752eSAndrew Rist * specific language governing permissions and limitations 18bae3752eSAndrew Rist * under the License. 19bae3752eSAndrew Rist * 20bae3752eSAndrew Rist *************************************************************/ 21bae3752eSAndrew Rist 22bae3752eSAndrew Rist 23cdf0e10cSrcweir #ifndef INCLUDED_unotools_SECURITYOPTIONS_HXX 24cdf0e10cSrcweir #define INCLUDED_unotools_SECURITYOPTIONS_HXX 25cdf0e10cSrcweir 26cdf0e10cSrcweir //_________________________________________________________________________________________________________________ 27cdf0e10cSrcweir // includes 28cdf0e10cSrcweir //_________________________________________________________________________________________________________________ 29cdf0e10cSrcweir 30cdf0e10cSrcweir #include "unotools/unotoolsdllapi.h" 31cdf0e10cSrcweir #include <sal/types.h> 32cdf0e10cSrcweir #include <osl/mutex.hxx> 33cdf0e10cSrcweir #include <com/sun/star/uno/Sequence.h> 34cdf0e10cSrcweir #include <rtl/ustring.hxx> 35cdf0e10cSrcweir #include <unotools/options.hxx> 36cdf0e10cSrcweir 37cdf0e10cSrcweir //_________________________________________________________________________________________________________________ 38cdf0e10cSrcweir // forward declarations 39cdf0e10cSrcweir //_________________________________________________________________________________________________________________ 40cdf0e10cSrcweir 41cdf0e10cSrcweir /*-************************************************************************************************************//** 42cdf0e10cSrcweir @short forward declaration to our private date container implementation 43cdf0e10cSrcweir @descr We use these class as internal member to support small memory requirements. 4486e1cf34SPedro Giffuni You can create the container if it is necessary. The class which use these mechanism 45cdf0e10cSrcweir is faster and smaller then a complete implementation! 46cdf0e10cSrcweir *//*-*************************************************************************************************************/ 47cdf0e10cSrcweir 48cdf0e10cSrcweir class SvtSecurityOptions_Impl; 49cdf0e10cSrcweir 50cdf0e10cSrcweir //_________________________________________________________________________________________________________________ 51cdf0e10cSrcweir // declarations 52cdf0e10cSrcweir //_________________________________________________________________________________________________________________ 53cdf0e10cSrcweir 54cdf0e10cSrcweir /*-************************************************************************************************************//** 55cdf0e10cSrcweir @descr These values present modes to handle StarOffice basic scripts. 56cdf0e10cSrcweir see GetBasicMode/SetBasicMode() for further informations 57cdf0e10cSrcweir *//*-*************************************************************************************************************/ 58cdf0e10cSrcweir 59cdf0e10cSrcweir enum EBasicSecurityMode 60cdf0e10cSrcweir { 61cdf0e10cSrcweir eNEVER_EXECUTE = 0, 62cdf0e10cSrcweir eFROM_LIST = 1, 63cdf0e10cSrcweir eALWAYS_EXECUTE = 2 64cdf0e10cSrcweir }; 65cdf0e10cSrcweir 66cdf0e10cSrcweir /*-************************************************************************************************************//** 67cdf0e10cSrcweir @short collect informations about security features 68cdf0e10cSrcweir @descr - 69cdf0e10cSrcweir 70cdf0e10cSrcweir @implements - 71cdf0e10cSrcweir @base - 72cdf0e10cSrcweir 73cdf0e10cSrcweir @ATTENTION This class is partially threadsafe. 74cdf0e10cSrcweir 75cdf0e10cSrcweir @devstatus ready to use 76cdf0e10cSrcweir *//*-*************************************************************************************************************/ 77cdf0e10cSrcweir 78cdf0e10cSrcweir class UNOTOOLS_DLLPUBLIC SvtSecurityOptions: public utl::detail::Options 79cdf0e10cSrcweir { 80cdf0e10cSrcweir //------------------------------------------------------------------------------------------------------------- 81cdf0e10cSrcweir // public types 82cdf0e10cSrcweir //------------------------------------------------------------------------------------------------------------- 83cdf0e10cSrcweir public: 84cdf0e10cSrcweir 85cdf0e10cSrcweir enum EOption 86cdf0e10cSrcweir { 87cdf0e10cSrcweir E_SECUREURLS, 88cdf0e10cSrcweir E_BASICMODE, // xmlsec05 depricated 89cdf0e10cSrcweir E_EXECUTEPLUGINS, // xmlsec05 depricated 90cdf0e10cSrcweir E_WARNING, // xmlsec05 depricated 91cdf0e10cSrcweir E_CONFIRMATION, // xmlsec05 depricated 92cdf0e10cSrcweir E_DOCWARN_SAVEORSEND, 93cdf0e10cSrcweir E_DOCWARN_SIGNING, 94cdf0e10cSrcweir E_DOCWARN_PRINT, 95cdf0e10cSrcweir E_DOCWARN_CREATEPDF, 96cdf0e10cSrcweir E_DOCWARN_REMOVEPERSONALINFO, 97cdf0e10cSrcweir E_DOCWARN_RECOMMENDPASSWORD, 98cdf0e10cSrcweir E_MACRO_SECLEVEL, 99cdf0e10cSrcweir E_MACRO_TRUSTEDAUTHORS, 100cdf0e10cSrcweir E_MACRO_DISABLE, 101cdf0e10cSrcweir E_CTRLCLICK_HYPERLINK 102cdf0e10cSrcweir }; 103cdf0e10cSrcweir 104cdf0e10cSrcweir enum MacroAction 105cdf0e10cSrcweir { 106cdf0e10cSrcweir MA_DONTRUN = 0, 107cdf0e10cSrcweir MA_CONFIRM, 108cdf0e10cSrcweir MA_RUN 109cdf0e10cSrcweir }; 110cdf0e10cSrcweir 111cdf0e10cSrcweir typedef ::com::sun::star::uno::Sequence< ::rtl::OUString > Certificate; 112cdf0e10cSrcweir 113cdf0e10cSrcweir /* 114cdf0e10cSrcweir // MT: Doesn't work for sequence... 115cdf0e10cSrcweir struct Certificate 116cdf0e10cSrcweir { 117cdf0e10cSrcweir ::rtl::OUString SubjectName; 118cdf0e10cSrcweir ::rtl::OUString SerialNumber; 119cdf0e10cSrcweir ::rtl::OUString RawData; 120cdf0e10cSrcweir }; 121cdf0e10cSrcweir */ 122cdf0e10cSrcweir 123cdf0e10cSrcweir //------------------------------------------------------------------------------------------------------------- 124cdf0e10cSrcweir // public methods 125cdf0e10cSrcweir //------------------------------------------------------------------------------------------------------------- 126cdf0e10cSrcweir 127cdf0e10cSrcweir public: 128cdf0e10cSrcweir 129cdf0e10cSrcweir //--------------------------------------------------------------------------------------------------------- 130cdf0e10cSrcweir // constructor / destructor 131cdf0e10cSrcweir //--------------------------------------------------------------------------------------------------------- 132cdf0e10cSrcweir 133cdf0e10cSrcweir /*-****************************************************************************************************//** 134cdf0e10cSrcweir @short standard constructor and destructor 135cdf0e10cSrcweir @descr This will initialize an instance with default values. 136cdf0e10cSrcweir We implement these class with a refcount mechanism! Every instance of this class increase it 137cdf0e10cSrcweir at create and decrease it at delete time - but all instances use the same data container! 138cdf0e10cSrcweir He is implemented as a static member ... 139cdf0e10cSrcweir 140cdf0e10cSrcweir @seealso member m_nRefCount 141cdf0e10cSrcweir @seealso member m_pDataContainer 142cdf0e10cSrcweir 143cdf0e10cSrcweir @param - 144cdf0e10cSrcweir @return - 145cdf0e10cSrcweir 146cdf0e10cSrcweir @onerror - 147cdf0e10cSrcweir *//*-*****************************************************************************************************/ 148cdf0e10cSrcweir 149cdf0e10cSrcweir SvtSecurityOptions(); 150cdf0e10cSrcweir virtual ~SvtSecurityOptions(); 151cdf0e10cSrcweir 152cdf0e10cSrcweir //--------------------------------------------------------------------------------------------------------- 153cdf0e10cSrcweir // interface 154cdf0e10cSrcweir //--------------------------------------------------------------------------------------------------------- 155cdf0e10cSrcweir 156cdf0e10cSrcweir /*-****************************************************************************************************//** 157cdf0e10cSrcweir @short returns readonly state 158cdf0e10cSrcweir @descr It can be called to get information about the readonly state of a provided item. 159cdf0e10cSrcweir @seealso - 160cdf0e10cSrcweir 161cdf0e10cSrcweir @param "eOption", specify, which item is queried 16215289133Smseidel @return <TRUE/> if item is readonly; <FALSE/> otherwise 163cdf0e10cSrcweir 164cdf0e10cSrcweir @onerror No error should occurre! 165cdf0e10cSrcweir *//*-*****************************************************************************************************/ 166cdf0e10cSrcweir 167cdf0e10cSrcweir sal_Bool IsReadOnly( EOption eOption ) const ; 168cdf0e10cSrcweir 169cdf0e10cSrcweir /*-****************************************************************************************************//** 170cdf0e10cSrcweir @short interface methods to get and set value of config key "org.openoffice.Office.Common/Security/Scripting/SecureURL" 171cdf0e10cSrcweir @descr These value displays the list of all trustworthy URLs. 172cdf0e10cSrcweir zB.: file:/ => All scripts from the local file system including a LAN; 173cdf0e10cSrcweir private:explorer => Scripts from the Explorer; 174cdf0e10cSrcweir private:help => Scripts in the help system; 175cdf0e10cSrcweir private:newmenu => Scripts that are executed by the commands File-New and AutoPilot; 176cdf0e10cSrcweir private:schedule => Scripts of the scheduler; 177cdf0e10cSrcweir private:searchfolder => Scripts of the searchfolder; 178cdf0e10cSrcweir private:user => Scripts that are entered in the URL field. 179cdf0e10cSrcweir @seealso - 180cdf0e10cSrcweir 181cdf0e10cSrcweir @param "seqURLList", new values to set it in configuration. 182cdf0e10cSrcweir @return The values which represent current state of internal variable. 183cdf0e10cSrcweir 184cdf0e10cSrcweir @onerror No error should occurre! 185cdf0e10cSrcweir *//*-*****************************************************************************************************/ 186cdf0e10cSrcweir 187cdf0e10cSrcweir ::com::sun::star::uno::Sequence< ::rtl::OUString > GetSecureURLs( ) const ; 188cdf0e10cSrcweir void SetSecureURLs( const ::com::sun::star::uno::Sequence< ::rtl::OUString >& seqURLList ) ; 189cdf0e10cSrcweir 190cdf0e10cSrcweir /*-****************************************************************************************************//** 191cdf0e10cSrcweir @short interface methods to get and set value of config key "org.openoffice.Office.Common/Security/Scripting/StarOfficeBasic" 192cdf0e10cSrcweir @descr These value determines how StarOffice Basic scripts should be handled. 193cdf0e10cSrcweir It exist 3 different modes: 194cdf0e10cSrcweir 0 = never execute 195cdf0e10cSrcweir 1 = from list 196cdf0e10cSrcweir 2 = always execute 197cdf0e10cSrcweir 198cdf0e10cSrcweir @ATTENTION These methods don't check for valid or invalid values! 199cdf0e10cSrcweir Our configuration server can do it ... but these implementation don't get any notifications 200cdf0e10cSrcweir about wrong commits ...! 201cdf0e10cSrcweir => If you set an invalid value - nothing will be changed. The information will lost. 202cdf0e10cSrcweir 203cdf0e10cSrcweir @seealso enum EBasicSecurityMode 204cdf0e10cSrcweir 205cdf0e10cSrcweir @param "eMode" to set new mode ... Value must defined as an enum of type EBasicSecurityMode! 206cdf0e10cSrcweir @return An enum value, which present current mode. 207cdf0e10cSrcweir 208cdf0e10cSrcweir @onerror No error should occurre! 209cdf0e10cSrcweir *//*-*****************************************************************************************************/ 210cdf0e10cSrcweir 211cdf0e10cSrcweir sal_Int32 GetMacroSecurityLevel ( ) const ; 212cdf0e10cSrcweir void SetMacroSecurityLevel ( sal_Int32 _nLevel ) ; 213cdf0e10cSrcweir 214cdf0e10cSrcweir sal_Bool IsMacroDisabled ( ) const ; 215cdf0e10cSrcweir 216cdf0e10cSrcweir /*-****************************************************************************************************//** 217*b12a77c9Smseidel @short special method to check an URL and his referer corresponding to our internal security cessation 218cdf0e10cSrcweir @descr Give us an URL and his referer and we will say you if these url can be scripted or not! 219cdf0e10cSrcweir 220cdf0e10cSrcweir @seealso - 221cdf0e10cSrcweir 222cdf0e10cSrcweir @param "sURL" reference to URL for checking 223cdf0e10cSrcweir @param "sReferer" reference to referer which whish to run script by given URL 224cdf0e10cSrcweir @return sal_True if URL is secure or security is obsolete(!) or sal_False otherwise. 225cdf0e10cSrcweir 226cdf0e10cSrcweir @onerror No error should occurre! 227cdf0e10cSrcweir *//*-*****************************************************************************************************/ 228cdf0e10cSrcweir 229cdf0e10cSrcweir sal_Bool IsSecureURL( const ::rtl::OUString& sURL , 230cdf0e10cSrcweir const ::rtl::OUString& sReferer ) const ; 231cdf0e10cSrcweir 232cdf0e10cSrcweir ::com::sun::star::uno::Sequence< Certificate > GetTrustedAuthors ( ) const ; 233cdf0e10cSrcweir void SetTrustedAuthors ( const ::com::sun::star::uno::Sequence< Certificate >& rAuthors ) ; 234cdf0e10cSrcweir sal_Bool IsTrustedAuthorsEnabled ( ) ; 235cdf0e10cSrcweir 236cdf0e10cSrcweir // for bool options only! 237cdf0e10cSrcweir bool IsOptionSet ( EOption eOption ) const ; 238cdf0e10cSrcweir bool SetOption ( EOption eOption, bool bValue ) ; 239cdf0e10cSrcweir bool IsOptionEnabled ( EOption eOption ) const ; 240cdf0e10cSrcweir 241cdf0e10cSrcweir // xmlsec05 depricated methods 242cdf0e10cSrcweir sal_Bool IsExecutePlugins() const; 243cdf0e10cSrcweir void SetExecutePlugins( sal_Bool bSet ); 244cdf0e10cSrcweir EBasicSecurityMode GetBasicMode( ) const ; 245cdf0e10cSrcweir void SetBasicMode( EBasicSecurityMode eMode ) ; 246cdf0e10cSrcweir sal_Bool IsWarningEnabled() const; 247cdf0e10cSrcweir void SetWarningEnabled( sal_Bool bSet ); 248cdf0e10cSrcweir sal_Bool IsConfirmationEnabled() const; 249cdf0e10cSrcweir void SetConfirmationEnabled( sal_Bool bSet ); 250cdf0e10cSrcweir 251cdf0e10cSrcweir //------------------------------------------------------------------------------------------------------------- 252cdf0e10cSrcweir // private methods 253cdf0e10cSrcweir //------------------------------------------------------------------------------------------------------------- 254cdf0e10cSrcweir 255cdf0e10cSrcweir private: 256cdf0e10cSrcweir 257cdf0e10cSrcweir /*-****************************************************************************************************//** 258cdf0e10cSrcweir @short return a reference to a static mutex 259cdf0e10cSrcweir @descr These class is partially threadsafe (for de-/initialization only). 260cdf0e10cSrcweir All access methods are'nt safe! 261cdf0e10cSrcweir We create a static mutex only for one ime and use at different times. 262cdf0e10cSrcweir 263cdf0e10cSrcweir @seealso - 264cdf0e10cSrcweir 265cdf0e10cSrcweir @param - 266cdf0e10cSrcweir @return A reference to a static mutex member. 267cdf0e10cSrcweir 268cdf0e10cSrcweir @onerror - 269cdf0e10cSrcweir *//*-*****************************************************************************************************/ 270cdf0e10cSrcweir 271cdf0e10cSrcweir UNOTOOLS_DLLPRIVATE static ::osl::Mutex& GetInitMutex(); 272cdf0e10cSrcweir 273cdf0e10cSrcweir //------------------------------------------------------------------------------------------------------------- 274cdf0e10cSrcweir // private member 275cdf0e10cSrcweir //------------------------------------------------------------------------------------------------------------- 276cdf0e10cSrcweir 277cdf0e10cSrcweir private: 278cdf0e10cSrcweir 279cdf0e10cSrcweir /*Attention 280cdf0e10cSrcweir 281cdf0e10cSrcweir Don't initialize these static member in these header! 282cdf0e10cSrcweir a) Double dfined symbols will be detected ... 283cdf0e10cSrcweir b) and unresolved externals exist at linking time. 284cdf0e10cSrcweir Do it in your source only. 285cdf0e10cSrcweir */ 286cdf0e10cSrcweir 287cdf0e10cSrcweir static SvtSecurityOptions_Impl* m_pDataContainer ; /// impl. data container as dynamic pointer for smaller memory requirements! 288cdf0e10cSrcweir static sal_Int32 m_nRefCount ; /// internal ref count mechanism 289cdf0e10cSrcweir 290cdf0e10cSrcweir }; // class SvtSecurityOptions 291cdf0e10cSrcweir 292cdf0e10cSrcweir #endif // #ifndef INCLUDED_unotools_SECURITYOPTIONS_HXX 293