1 /**************************************************************
2  *
3  * Licensed to the Apache Software Foundation (ASF) under one
4  * or more contributor license agreements.  See the NOTICE file
5  * distributed with this work for additional information
6  * regarding copyright ownership.  The ASF licenses this file
7  * to you under the Apache License, Version 2.0 (the
8  * "License"); you may not use this file except in compliance
9  * with the License.  You may obtain a copy of the License at
10  *
11  *   http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing,
14  * software distributed under the License is distributed on an
15  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16  * KIND, either express or implied.  See the License for the
17  * specific language governing permissions and limitations
18  * under the License.
19  *
20  *************************************************************/
21 
22 
23 
24 
25 #ifndef _FRAMEWORK_SCRIPT_SCRIPTSECURITYMANAGER_HXX_
26 #define _FRAMEWORK_SCRIPT_SCRIPTSECURITYMANAGER_HXX_
27 
28 #include <hash_map>
29 #include <rtl/ustring.hxx>
30 #include <com/sun/star/uno/XComponentContext.hpp>
31 #include <com/sun/star/uno/RuntimeException.hpp>
32 #include <com/sun/star/lang/IllegalArgumentException.hpp>
33 #include <com/sun/star/security/AccessControlException.hpp>
34 #include <drafts/com/sun/star/script/framework/storage/XScriptInfo.hpp>
35 
36 namespace scripting_securitymgr
37 {
38 // for simplification
39 #define css ::com::sun::star
40 #define dcsssf ::drafts::com::sun::star::script::framework
41 
42 struct StoragePerm {
43     rtl::OUString scriptStorageURL;
44     sal_Int32 storageID;
45     sal_Bool execPermission;
46 };
47 
48 typedef ::std::hash_map< ::rtl::OUString, StoragePerm, ::rtl::OUStringHash,
49     ::std::equal_to< ::rtl::OUString > > Permission_Hash;
50 /**
51  * Class responsible for managing the ScriptSecurity.
52  */
53 class ScriptSecurityManager
54 {
55 public:
56     explicit ScriptSecurityManager(
57         const css::uno::Reference< css::uno::XComponentContext > & xContext )
58         throw ( css::uno::RuntimeException );
59     ~ScriptSecurityManager();
60     void addScriptStorage( rtl::OUString scriptStorageURL, sal_Int32 storageID)
61         throw ( css::uno::RuntimeException );
62 /**
63  * checks to see if the requested permission can be granted
64  * checks to see whether the requested ScriptPeremission is allowed.
65  */
66     void checkPermission( const rtl::OUString & scriptStorageURL,
67         const rtl::OUString & permissionRequest )
68         throw ( css::uno::RuntimeException, css::lang::IllegalArgumentException,
69             css::security::AccessControlException );
70     void removePermissionSettings ( ::rtl::OUString & scriptStorageURL );
71 private:
72     void readConfiguration() throw (css::uno::RuntimeException);
73 
74     short executeDialog ( const rtl::OUString & path )
75         throw (css::uno::RuntimeException);
76     short executeStandardDialog()
77         throw ( css::uno::RuntimeException );
78     short executePathDialog(const rtl::OUString & path)
79         throw ( css::uno::RuntimeException );
80 
81         void addToSecurePaths ( const rtl::OUString & path )
82         throw (css::uno::RuntimeException);
83     bool isSecureURL( const rtl::OUString & path );
84     css::uno::Reference< css::uno::XComponentContext > m_xContext;
85     sal_Bool m_confirmationRequired;
86     sal_Bool m_warning;
87     sal_Int32 m_runMacroSetting;
88     css::uno::Reference< css::lang::XMultiServiceFactory > m_xConfigProvFactory;
89     css::uno::Sequence< rtl::OUString > m_secureURL;
90     Permission_Hash m_permissionSettings;
91 
92 };
93 } // scripting_securitymgr
94 
95 #endif //_FRAMEWORK_SCRIPT_SCRIPTSECURITYMANAGER_HXX_
96