1*647a425cSAndrew Rist /************************************************************** 2cdf0e10cSrcweir * 3*647a425cSAndrew Rist * Licensed to the Apache Software Foundation (ASF) under one 4*647a425cSAndrew Rist * or more contributor license agreements. See the NOTICE file 5*647a425cSAndrew Rist * distributed with this work for additional information 6*647a425cSAndrew Rist * regarding copyright ownership. The ASF licenses this file 7*647a425cSAndrew Rist * to you under the Apache License, Version 2.0 (the 8*647a425cSAndrew Rist * "License"); you may not use this file except in compliance 9*647a425cSAndrew Rist * with the License. You may obtain a copy of the License at 10*647a425cSAndrew Rist * 11*647a425cSAndrew Rist * http://www.apache.org/licenses/LICENSE-2.0 12*647a425cSAndrew Rist * 13*647a425cSAndrew Rist * Unless required by applicable law or agreed to in writing, 14*647a425cSAndrew Rist * software distributed under the License is distributed on an 15*647a425cSAndrew Rist * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16*647a425cSAndrew Rist * KIND, either express or implied. See the License for the 17*647a425cSAndrew Rist * specific language governing permissions and limitations 18*647a425cSAndrew Rist * under the License. 19*647a425cSAndrew Rist * 20*647a425cSAndrew Rist *************************************************************/ 21*647a425cSAndrew Rist 22*647a425cSAndrew Rist 23cdf0e10cSrcweir 24cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove 25cdf0e10cSrcweir #include "precompiled_stoc.hxx" 26cdf0e10cSrcweir 27cdf0e10cSrcweir #include <vector> 28cdf0e10cSrcweir #include <memory> 29cdf0e10cSrcweir 30cdf0e10cSrcweir #include <osl/diagnose.h> 31cdf0e10cSrcweir #include <osl/interlck.h> 32cdf0e10cSrcweir #include <osl/mutex.hxx> 33cdf0e10cSrcweir #include <osl/thread.hxx> 34cdf0e10cSrcweir 35cdf0e10cSrcweir #include <rtl/ustrbuf.hxx> 36cdf0e10cSrcweir #include <rtl/string.hxx> 37cdf0e10cSrcweir 38cdf0e10cSrcweir #include <uno/current_context.h> 39cdf0e10cSrcweir 40cdf0e10cSrcweir #include <cppuhelper/implbase1.hxx> 41cdf0e10cSrcweir #include <cppuhelper/compbase3.hxx> 42cdf0e10cSrcweir #include <cppuhelper/factory.hxx> 43cdf0e10cSrcweir #include <cppuhelper/implementationentry.hxx> 44cdf0e10cSrcweir 45cdf0e10cSrcweir #include <com/sun/star/uno/XCurrentContext.hpp> 46cdf0e10cSrcweir #include <com/sun/star/uno/DeploymentException.hpp> 47cdf0e10cSrcweir #include <com/sun/star/lang/DisposedException.hpp> 48cdf0e10cSrcweir #include <com/sun/star/lang/XComponent.hpp> 49cdf0e10cSrcweir #include <com/sun/star/lang/XServiceInfo.hpp> 50cdf0e10cSrcweir #include <com/sun/star/lang/XInitialization.hpp> 51cdf0e10cSrcweir #include <com/sun/star/security/XAccessController.hpp> 52cdf0e10cSrcweir #include <com/sun/star/security/XPolicy.hpp> 53cdf0e10cSrcweir 54cdf0e10cSrcweir #include "lru_cache.h" 55cdf0e10cSrcweir #include "permissions.h" 56cdf0e10cSrcweir 57cdf0e10cSrcweir #define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) ) 58cdf0e10cSrcweir #define SERVICE_NAME "com.sun.star.security.AccessController" 59cdf0e10cSrcweir #define IMPL_NAME "com.sun.star.security.comp.stoc.AccessController" 60cdf0e10cSrcweir #define USER_CREDS "access-control.user-credentials" 61cdf0e10cSrcweir 62cdf0e10cSrcweir 63cdf0e10cSrcweir using namespace ::std; 64cdf0e10cSrcweir using namespace ::osl; 65cdf0e10cSrcweir using namespace ::cppu; 66cdf0e10cSrcweir using namespace ::com::sun::star; 67cdf0e10cSrcweir using namespace ::com::sun::star::uno; 68cdf0e10cSrcweir using ::rtl::OUString; 69cdf0e10cSrcweir using ::rtl::OUStringBuffer; 70cdf0e10cSrcweir using ::rtl::OString; 71cdf0e10cSrcweir 72cdf0e10cSrcweir extern ::rtl_StandardModuleCount g_moduleCount; 73cdf0e10cSrcweir 74cdf0e10cSrcweir namespace stoc_sec 75cdf0e10cSrcweir { 76cdf0e10cSrcweir // static stuff initialized when loading lib 77cdf0e10cSrcweir static OUString s_envType = OUSTR(CPPU_CURRENT_LANGUAGE_BINDING_NAME); 78cdf0e10cSrcweir static OUString s_implName = OUSTR(IMPL_NAME); 79cdf0e10cSrcweir static OUString s_serviceName = OUSTR(SERVICE_NAME); 80cdf0e10cSrcweir static OUString s_acRestriction = OUSTR("access-control.restriction"); 81cdf0e10cSrcweir 82cdf0e10cSrcweir static Sequence< OUString > s_serviceNames = Sequence< OUString >( &s_serviceName, 1 ); 83cdf0e10cSrcweir 84cdf0e10cSrcweir //################################################################################################## 85cdf0e10cSrcweir 86cdf0e10cSrcweir /** ac context intersects permissions of two ac contexts 87cdf0e10cSrcweir */ 88cdf0e10cSrcweir class acc_Intersection 89cdf0e10cSrcweir : public WeakImplHelper1< security::XAccessControlContext > 90cdf0e10cSrcweir { 91cdf0e10cSrcweir Reference< security::XAccessControlContext > m_x1, m_x2; 92cdf0e10cSrcweir 93cdf0e10cSrcweir inline acc_Intersection( 94cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x1, 95cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x2 ) 96cdf0e10cSrcweir SAL_THROW( () ); 97cdf0e10cSrcweir 98cdf0e10cSrcweir public: 99cdf0e10cSrcweir virtual ~acc_Intersection() 100cdf0e10cSrcweir SAL_THROW( () ); 101cdf0e10cSrcweir 102cdf0e10cSrcweir static inline Reference< security::XAccessControlContext > create( 103cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x1, 104cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x2 ) 105cdf0e10cSrcweir SAL_THROW( () ); 106cdf0e10cSrcweir 107cdf0e10cSrcweir // XAccessControlContext impl 108cdf0e10cSrcweir virtual void SAL_CALL checkPermission( 109cdf0e10cSrcweir Any const & perm ) 110cdf0e10cSrcweir throw (RuntimeException); 111cdf0e10cSrcweir }; 112cdf0e10cSrcweir //__________________________________________________________________________________________________ 113cdf0e10cSrcweir inline acc_Intersection::acc_Intersection( 114cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x1, 115cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x2 ) 116cdf0e10cSrcweir SAL_THROW( () ) 117cdf0e10cSrcweir : m_x1( x1 ) 118cdf0e10cSrcweir , m_x2( x2 ) 119cdf0e10cSrcweir { 120cdf0e10cSrcweir g_moduleCount.modCnt.acquire( &g_moduleCount.modCnt ); 121cdf0e10cSrcweir } 122cdf0e10cSrcweir //__________________________________________________________________________________________________ 123cdf0e10cSrcweir acc_Intersection::~acc_Intersection() 124cdf0e10cSrcweir SAL_THROW( () ) 125cdf0e10cSrcweir { 126cdf0e10cSrcweir g_moduleCount.modCnt.release( &g_moduleCount.modCnt ); 127cdf0e10cSrcweir } 128cdf0e10cSrcweir //-------------------------------------------------------------------------------------------------- 129cdf0e10cSrcweir inline Reference< security::XAccessControlContext > acc_Intersection::create( 130cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x1, 131cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x2 ) 132cdf0e10cSrcweir SAL_THROW( () ) 133cdf0e10cSrcweir { 134cdf0e10cSrcweir if (! x1.is()) 135cdf0e10cSrcweir return x2; 136cdf0e10cSrcweir if (! x2.is()) 137cdf0e10cSrcweir return x1; 138cdf0e10cSrcweir return new acc_Intersection( x1, x2 ); 139cdf0e10cSrcweir } 140cdf0e10cSrcweir //__________________________________________________________________________________________________ 141cdf0e10cSrcweir void acc_Intersection::checkPermission( 142cdf0e10cSrcweir Any const & perm ) 143cdf0e10cSrcweir throw (RuntimeException) 144cdf0e10cSrcweir { 145cdf0e10cSrcweir m_x1->checkPermission( perm ); 146cdf0e10cSrcweir m_x2->checkPermission( perm ); 147cdf0e10cSrcweir } 148cdf0e10cSrcweir 149cdf0e10cSrcweir /** ac context unifies permissions of two ac contexts 150cdf0e10cSrcweir */ 151cdf0e10cSrcweir class acc_Union 152cdf0e10cSrcweir : public WeakImplHelper1< security::XAccessControlContext > 153cdf0e10cSrcweir { 154cdf0e10cSrcweir Reference< security::XAccessControlContext > m_x1, m_x2; 155cdf0e10cSrcweir 156cdf0e10cSrcweir inline acc_Union( 157cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x1, 158cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x2 ) 159cdf0e10cSrcweir SAL_THROW( () ); 160cdf0e10cSrcweir 161cdf0e10cSrcweir public: 162cdf0e10cSrcweir virtual ~acc_Union() 163cdf0e10cSrcweir SAL_THROW( () ); 164cdf0e10cSrcweir 165cdf0e10cSrcweir static inline Reference< security::XAccessControlContext > create( 166cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x1, 167cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x2 ) 168cdf0e10cSrcweir SAL_THROW( () ); 169cdf0e10cSrcweir 170cdf0e10cSrcweir // XAccessControlContext impl 171cdf0e10cSrcweir virtual void SAL_CALL checkPermission( 172cdf0e10cSrcweir Any const & perm ) 173cdf0e10cSrcweir throw (RuntimeException); 174cdf0e10cSrcweir }; 175cdf0e10cSrcweir //__________________________________________________________________________________________________ 176cdf0e10cSrcweir inline acc_Union::acc_Union( 177cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x1, 178cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x2 ) 179cdf0e10cSrcweir SAL_THROW( () ) 180cdf0e10cSrcweir : m_x1( x1 ) 181cdf0e10cSrcweir , m_x2( x2 ) 182cdf0e10cSrcweir { 183cdf0e10cSrcweir g_moduleCount.modCnt.acquire( &g_moduleCount.modCnt ); 184cdf0e10cSrcweir } 185cdf0e10cSrcweir //__________________________________________________________________________________________________ 186cdf0e10cSrcweir acc_Union::~acc_Union() 187cdf0e10cSrcweir SAL_THROW( () ) 188cdf0e10cSrcweir { 189cdf0e10cSrcweir g_moduleCount.modCnt.release( &g_moduleCount.modCnt ); 190cdf0e10cSrcweir } 191cdf0e10cSrcweir //-------------------------------------------------------------------------------------------------- 192cdf0e10cSrcweir inline Reference< security::XAccessControlContext > acc_Union::create( 193cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x1, 194cdf0e10cSrcweir Reference< security::XAccessControlContext > const & x2 ) 195cdf0e10cSrcweir SAL_THROW( () ) 196cdf0e10cSrcweir { 197cdf0e10cSrcweir if (! x1.is()) 198cdf0e10cSrcweir return Reference< security::XAccessControlContext >(); // unrestricted 199cdf0e10cSrcweir if (! x2.is()) 200cdf0e10cSrcweir return Reference< security::XAccessControlContext >(); // unrestricted 201cdf0e10cSrcweir return new acc_Union( x1, x2 ); 202cdf0e10cSrcweir } 203cdf0e10cSrcweir //__________________________________________________________________________________________________ 204cdf0e10cSrcweir void acc_Union::checkPermission( 205cdf0e10cSrcweir Any const & perm ) 206cdf0e10cSrcweir throw (RuntimeException) 207cdf0e10cSrcweir { 208cdf0e10cSrcweir try 209cdf0e10cSrcweir { 210cdf0e10cSrcweir m_x1->checkPermission( perm ); 211cdf0e10cSrcweir } 212cdf0e10cSrcweir catch (security::AccessControlException &) 213cdf0e10cSrcweir { 214cdf0e10cSrcweir m_x2->checkPermission( perm ); 215cdf0e10cSrcweir } 216cdf0e10cSrcweir } 217cdf0e10cSrcweir 218cdf0e10cSrcweir /** ac context doing permission checks on static permissions 219cdf0e10cSrcweir */ 220cdf0e10cSrcweir class acc_Policy 221cdf0e10cSrcweir : public WeakImplHelper1< security::XAccessControlContext > 222cdf0e10cSrcweir { 223cdf0e10cSrcweir PermissionCollection m_permissions; 224cdf0e10cSrcweir 225cdf0e10cSrcweir public: 226cdf0e10cSrcweir inline acc_Policy( 227cdf0e10cSrcweir PermissionCollection const & permissions ) 228cdf0e10cSrcweir SAL_THROW( () ); 229cdf0e10cSrcweir virtual ~acc_Policy() 230cdf0e10cSrcweir SAL_THROW( () ); 231cdf0e10cSrcweir 232cdf0e10cSrcweir // XAccessControlContext impl 233cdf0e10cSrcweir virtual void SAL_CALL checkPermission( 234cdf0e10cSrcweir Any const & perm ) 235cdf0e10cSrcweir throw (RuntimeException); 236cdf0e10cSrcweir }; 237cdf0e10cSrcweir //__________________________________________________________________________________________________ 238cdf0e10cSrcweir inline acc_Policy::acc_Policy( 239cdf0e10cSrcweir PermissionCollection const & permissions ) 240cdf0e10cSrcweir SAL_THROW( () ) 241cdf0e10cSrcweir : m_permissions( permissions ) 242cdf0e10cSrcweir { 243cdf0e10cSrcweir g_moduleCount.modCnt.acquire( &g_moduleCount.modCnt ); 244cdf0e10cSrcweir } 245cdf0e10cSrcweir //__________________________________________________________________________________________________ 246cdf0e10cSrcweir acc_Policy::~acc_Policy() 247cdf0e10cSrcweir SAL_THROW( () ) 248cdf0e10cSrcweir { 249cdf0e10cSrcweir g_moduleCount.modCnt.release( &g_moduleCount.modCnt ); 250cdf0e10cSrcweir } 251cdf0e10cSrcweir //__________________________________________________________________________________________________ 252cdf0e10cSrcweir void acc_Policy::checkPermission( 253cdf0e10cSrcweir Any const & perm ) 254cdf0e10cSrcweir throw (RuntimeException) 255cdf0e10cSrcweir { 256cdf0e10cSrcweir m_permissions.checkPermission( perm ); 257cdf0e10cSrcweir } 258cdf0e10cSrcweir 259cdf0e10cSrcweir /** current context overriding dynamic ac restriction 260cdf0e10cSrcweir */ 261cdf0e10cSrcweir class acc_CurrentContext 262cdf0e10cSrcweir : public ImplHelper1< XCurrentContext > 263cdf0e10cSrcweir { 264cdf0e10cSrcweir oslInterlockedCount m_refcount; 265cdf0e10cSrcweir 266cdf0e10cSrcweir Reference< XCurrentContext > m_xDelegate; 267cdf0e10cSrcweir Any m_restriction; 268cdf0e10cSrcweir 269cdf0e10cSrcweir public: 270cdf0e10cSrcweir inline acc_CurrentContext( 271cdf0e10cSrcweir Reference< XCurrentContext > const & xDelegate, 272cdf0e10cSrcweir Reference< security::XAccessControlContext > const & xRestriction ) 273cdf0e10cSrcweir SAL_THROW( () ); 274cdf0e10cSrcweir virtual ~acc_CurrentContext() SAL_THROW( () ); 275cdf0e10cSrcweir 276cdf0e10cSrcweir // XInterface impl 277cdf0e10cSrcweir virtual void SAL_CALL acquire() 278cdf0e10cSrcweir throw (); 279cdf0e10cSrcweir virtual void SAL_CALL release() 280cdf0e10cSrcweir throw (); 281cdf0e10cSrcweir 282cdf0e10cSrcweir // XCurrentContext impl 283cdf0e10cSrcweir virtual Any SAL_CALL getValueByName( OUString const & name ) 284cdf0e10cSrcweir throw (RuntimeException); 285cdf0e10cSrcweir }; 286cdf0e10cSrcweir //__________________________________________________________________________________________________ 287cdf0e10cSrcweir inline acc_CurrentContext::acc_CurrentContext( 288cdf0e10cSrcweir Reference< XCurrentContext > const & xDelegate, 289cdf0e10cSrcweir Reference< security::XAccessControlContext > const & xRestriction ) 290cdf0e10cSrcweir SAL_THROW( () ) 291cdf0e10cSrcweir : m_refcount( 0 ) 292cdf0e10cSrcweir , m_xDelegate( xDelegate ) 293cdf0e10cSrcweir { 294cdf0e10cSrcweir g_moduleCount.modCnt.acquire( &g_moduleCount.modCnt ); 295cdf0e10cSrcweir 296cdf0e10cSrcweir if (xRestriction.is()) 297cdf0e10cSrcweir { 298cdf0e10cSrcweir m_restriction = makeAny( xRestriction ); 299cdf0e10cSrcweir } 300cdf0e10cSrcweir // return empty any otherwise on getValueByName(), not null interface 301cdf0e10cSrcweir } 302cdf0e10cSrcweir //__________________________________________________________________________________________________ 303cdf0e10cSrcweir acc_CurrentContext::~acc_CurrentContext() 304cdf0e10cSrcweir SAL_THROW( () ) 305cdf0e10cSrcweir { 306cdf0e10cSrcweir g_moduleCount.modCnt.release( &g_moduleCount.modCnt ); 307cdf0e10cSrcweir } 308cdf0e10cSrcweir //__________________________________________________________________________________________________ 309cdf0e10cSrcweir void acc_CurrentContext::acquire() 310cdf0e10cSrcweir throw () 311cdf0e10cSrcweir { 312cdf0e10cSrcweir ::osl_incrementInterlockedCount( &m_refcount ); 313cdf0e10cSrcweir } 314cdf0e10cSrcweir //__________________________________________________________________________________________________ 315cdf0e10cSrcweir void acc_CurrentContext::release() 316cdf0e10cSrcweir throw () 317cdf0e10cSrcweir { 318cdf0e10cSrcweir if (! ::osl_decrementInterlockedCount( &m_refcount )) 319cdf0e10cSrcweir { 320cdf0e10cSrcweir delete this; 321cdf0e10cSrcweir } 322cdf0e10cSrcweir } 323cdf0e10cSrcweir //__________________________________________________________________________________________________ 324cdf0e10cSrcweir Any acc_CurrentContext::getValueByName( OUString const & name ) 325cdf0e10cSrcweir throw (RuntimeException) 326cdf0e10cSrcweir { 327cdf0e10cSrcweir if (name.equals( s_acRestriction )) 328cdf0e10cSrcweir { 329cdf0e10cSrcweir return m_restriction; 330cdf0e10cSrcweir } 331cdf0e10cSrcweir else if (m_xDelegate.is()) 332cdf0e10cSrcweir { 333cdf0e10cSrcweir return m_xDelegate->getValueByName( name ); 334cdf0e10cSrcweir } 335cdf0e10cSrcweir else 336cdf0e10cSrcweir { 337cdf0e10cSrcweir return Any(); 338cdf0e10cSrcweir } 339cdf0e10cSrcweir } 340cdf0e10cSrcweir 341cdf0e10cSrcweir //################################################################################################## 342cdf0e10cSrcweir 343cdf0e10cSrcweir //-------------------------------------------------------------------------------------------------- 344cdf0e10cSrcweir static inline void dispose( Reference< XInterface > const & x ) 345cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 346cdf0e10cSrcweir { 347cdf0e10cSrcweir Reference< lang::XComponent > xComp( x, UNO_QUERY ); 348cdf0e10cSrcweir if (xComp.is()) 349cdf0e10cSrcweir { 350cdf0e10cSrcweir xComp->dispose(); 351cdf0e10cSrcweir } 352cdf0e10cSrcweir } 353cdf0e10cSrcweir //-------------------------------------------------------------------------------------------------- 354cdf0e10cSrcweir static inline Reference< security::XAccessControlContext > getDynamicRestriction( 355cdf0e10cSrcweir Reference< XCurrentContext > const & xContext ) 356cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 357cdf0e10cSrcweir { 358cdf0e10cSrcweir if (xContext.is()) 359cdf0e10cSrcweir { 360cdf0e10cSrcweir Any acc( xContext->getValueByName( s_acRestriction ) ); 361cdf0e10cSrcweir if (typelib_TypeClass_INTERFACE == acc.pType->eTypeClass) 362cdf0e10cSrcweir { 363cdf0e10cSrcweir // avoid ref-counting 364cdf0e10cSrcweir OUString const & typeName = 365cdf0e10cSrcweir *reinterpret_cast< OUString const * >( &acc.pType->pTypeName ); 366cdf0e10cSrcweir if (typeName.equalsAsciiL( 367cdf0e10cSrcweir RTL_CONSTASCII_STRINGPARAM("com.sun.star.security.XAccessControlContext") )) 368cdf0e10cSrcweir { 369cdf0e10cSrcweir return Reference< security::XAccessControlContext >( 370cdf0e10cSrcweir *reinterpret_cast< security::XAccessControlContext ** const >( acc.pData ) ); 371cdf0e10cSrcweir } 372cdf0e10cSrcweir else // try to query 373cdf0e10cSrcweir { 374cdf0e10cSrcweir return Reference< security::XAccessControlContext >::query( 375cdf0e10cSrcweir *reinterpret_cast< XInterface ** const >( acc.pData ) ); 376cdf0e10cSrcweir } 377cdf0e10cSrcweir } 378cdf0e10cSrcweir } 379cdf0e10cSrcweir return Reference< security::XAccessControlContext >(); 380cdf0e10cSrcweir } 381cdf0e10cSrcweir //================================================================================================== 382cdf0e10cSrcweir class cc_reset 383cdf0e10cSrcweir { 384cdf0e10cSrcweir void * m_cc; 385cdf0e10cSrcweir public: 386cdf0e10cSrcweir inline cc_reset( void * cc ) SAL_THROW( () ) 387cdf0e10cSrcweir : m_cc( cc ) {} 388cdf0e10cSrcweir inline ~cc_reset() SAL_THROW( () ) 389cdf0e10cSrcweir { ::uno_setCurrentContext( m_cc, s_envType.pData, 0 ); } 390cdf0e10cSrcweir }; 391cdf0e10cSrcweir 392cdf0e10cSrcweir //################################################################################################## 393cdf0e10cSrcweir 394cdf0e10cSrcweir struct MutexHolder 395cdf0e10cSrcweir { 396cdf0e10cSrcweir Mutex m_mutex; 397cdf0e10cSrcweir }; 398cdf0e10cSrcweir typedef WeakComponentImplHelper3< 399cdf0e10cSrcweir security::XAccessController, lang::XServiceInfo, lang::XInitialization > t_helper; 400cdf0e10cSrcweir 401cdf0e10cSrcweir //================================================================================================== 402cdf0e10cSrcweir class AccessController 403cdf0e10cSrcweir : public MutexHolder 404cdf0e10cSrcweir , public t_helper 405cdf0e10cSrcweir { 406cdf0e10cSrcweir Reference< XComponentContext > m_xComponentContext; 407cdf0e10cSrcweir 408cdf0e10cSrcweir Reference< security::XPolicy > m_xPolicy; 409cdf0e10cSrcweir Reference< security::XPolicy > const & getPolicy() 410cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 411cdf0e10cSrcweir 412cdf0e10cSrcweir // mode 413cdf0e10cSrcweir enum Mode { OFF, ON, DYNAMIC_ONLY, SINGLE_USER, SINGLE_DEFAULT_USER } m_mode; 414cdf0e10cSrcweir 415cdf0e10cSrcweir PermissionCollection m_defaultPermissions; 416cdf0e10cSrcweir // for single-user mode 417cdf0e10cSrcweir PermissionCollection m_singleUserPermissions; 418cdf0e10cSrcweir OUString m_singleUserId; 419cdf0e10cSrcweir bool m_defaultPerm_init; 420cdf0e10cSrcweir bool m_singleUser_init; 421cdf0e10cSrcweir // for multi-user mode 422cdf0e10cSrcweir lru_cache< OUString, PermissionCollection, ::rtl::OUStringHash, equal_to< OUString > > 423cdf0e10cSrcweir m_user2permissions; 424cdf0e10cSrcweir 425cdf0e10cSrcweir ThreadData m_rec; 426cdf0e10cSrcweir typedef vector< pair< OUString, Any > > t_rec_vec; 427cdf0e10cSrcweir inline void clearPostPoned() SAL_THROW( () ); 428cdf0e10cSrcweir void checkAndClearPostPoned() SAL_THROW( (RuntimeException) ); 429cdf0e10cSrcweir 430cdf0e10cSrcweir PermissionCollection getEffectivePermissions( 431cdf0e10cSrcweir Reference< XCurrentContext > const & xContext, 432cdf0e10cSrcweir Any const & demanded_perm ) 433cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 434cdf0e10cSrcweir 435cdf0e10cSrcweir protected: 436cdf0e10cSrcweir virtual void SAL_CALL disposing(); 437cdf0e10cSrcweir 438cdf0e10cSrcweir public: 439cdf0e10cSrcweir AccessController( Reference< XComponentContext > const & xComponentContext ) 440cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 441cdf0e10cSrcweir virtual ~AccessController() 442cdf0e10cSrcweir SAL_THROW( () ); 443cdf0e10cSrcweir 444cdf0e10cSrcweir // XInitialization impl 445cdf0e10cSrcweir virtual void SAL_CALL initialize( 446cdf0e10cSrcweir Sequence< Any > const & arguments ) 447cdf0e10cSrcweir throw (Exception); 448cdf0e10cSrcweir 449cdf0e10cSrcweir // XAccessController impl 450cdf0e10cSrcweir virtual void SAL_CALL checkPermission( 451cdf0e10cSrcweir Any const & perm ) 452cdf0e10cSrcweir throw (RuntimeException); 453cdf0e10cSrcweir virtual Any SAL_CALL doRestricted( 454cdf0e10cSrcweir Reference< security::XAction > const & xAction, 455cdf0e10cSrcweir Reference< security::XAccessControlContext > const & xRestriction ) 456cdf0e10cSrcweir throw (Exception); 457cdf0e10cSrcweir virtual Any SAL_CALL doPrivileged( 458cdf0e10cSrcweir Reference< security::XAction > const & xAction, 459cdf0e10cSrcweir Reference< security::XAccessControlContext > const & xRestriction ) 460cdf0e10cSrcweir throw (Exception); 461cdf0e10cSrcweir virtual Reference< security::XAccessControlContext > SAL_CALL getContext() 462cdf0e10cSrcweir throw (RuntimeException); 463cdf0e10cSrcweir 464cdf0e10cSrcweir // XServiceInfo impl 465cdf0e10cSrcweir virtual OUString SAL_CALL getImplementationName() 466cdf0e10cSrcweir throw (RuntimeException); 467cdf0e10cSrcweir virtual sal_Bool SAL_CALL supportsService( OUString const & serviceName ) 468cdf0e10cSrcweir throw (RuntimeException); 469cdf0e10cSrcweir virtual Sequence< OUString > SAL_CALL getSupportedServiceNames() 470cdf0e10cSrcweir throw (RuntimeException); 471cdf0e10cSrcweir }; 472cdf0e10cSrcweir //__________________________________________________________________________________________________ 473cdf0e10cSrcweir AccessController::AccessController( Reference< XComponentContext > const & xComponentContext ) 474cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 475cdf0e10cSrcweir : t_helper( m_mutex ) 476cdf0e10cSrcweir , m_xComponentContext( xComponentContext ) 477cdf0e10cSrcweir , m_mode( ON ) // default 478cdf0e10cSrcweir , m_defaultPerm_init( false ) 479cdf0e10cSrcweir , m_singleUser_init( false ) 480cdf0e10cSrcweir , m_rec( 0 ) 481cdf0e10cSrcweir { 482cdf0e10cSrcweir g_moduleCount.modCnt.acquire( &g_moduleCount.modCnt ); 483cdf0e10cSrcweir 484cdf0e10cSrcweir OUString mode; 485cdf0e10cSrcweir if (m_xComponentContext->getValueByName( OUSTR("/services/" SERVICE_NAME "/mode") ) >>= mode) 486cdf0e10cSrcweir { 487cdf0e10cSrcweir if (mode.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM("off") )) 488cdf0e10cSrcweir { 489cdf0e10cSrcweir m_mode = OFF; 490cdf0e10cSrcweir } 491cdf0e10cSrcweir else if (mode.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM("on") )) 492cdf0e10cSrcweir { 493cdf0e10cSrcweir m_mode = ON; 494cdf0e10cSrcweir } 495cdf0e10cSrcweir else if (mode.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM("dynamic-only") )) 496cdf0e10cSrcweir { 497cdf0e10cSrcweir m_mode = DYNAMIC_ONLY; 498cdf0e10cSrcweir } 499cdf0e10cSrcweir else if (mode.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM("single-user") )) 500cdf0e10cSrcweir { 501cdf0e10cSrcweir m_xComponentContext->getValueByName( 502cdf0e10cSrcweir OUSTR("/services/" SERVICE_NAME "/single-user-id") ) >>= m_singleUserId; 503cdf0e10cSrcweir if (! m_singleUserId.getLength()) 504cdf0e10cSrcweir { 505cdf0e10cSrcweir throw RuntimeException( 506cdf0e10cSrcweir OUSTR("expected a user id in component context entry " 507cdf0e10cSrcweir "\"/services/" SERVICE_NAME "/single-user-id\"!"), 508cdf0e10cSrcweir (OWeakObject *)this ); 509cdf0e10cSrcweir } 510cdf0e10cSrcweir m_mode = SINGLE_USER; 511cdf0e10cSrcweir } 512cdf0e10cSrcweir else if (mode.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM("single-default-user") )) 513cdf0e10cSrcweir { 514cdf0e10cSrcweir m_mode = SINGLE_DEFAULT_USER; 515cdf0e10cSrcweir } 516cdf0e10cSrcweir } 517cdf0e10cSrcweir 518cdf0e10cSrcweir // switch on caching for DYNAMIC_ONLY and ON (sharable multi-user process) 519cdf0e10cSrcweir if (ON == m_mode || DYNAMIC_ONLY == m_mode) 520cdf0e10cSrcweir { 521cdf0e10cSrcweir sal_Int32 cacheSize = 0; // multi-user cache size 522cdf0e10cSrcweir if (! (m_xComponentContext->getValueByName( 523cdf0e10cSrcweir OUSTR("/services/" SERVICE_NAME "/user-cache-size") ) >>= cacheSize)) 524cdf0e10cSrcweir { 525cdf0e10cSrcweir cacheSize = 128; // reasonable default? 526cdf0e10cSrcweir } 527cdf0e10cSrcweir #ifdef __CACHE_DIAGNOSE 528cdf0e10cSrcweir cacheSize = 2; 529cdf0e10cSrcweir #endif 530cdf0e10cSrcweir m_user2permissions.setSize( cacheSize ); 531cdf0e10cSrcweir } 532cdf0e10cSrcweir } 533cdf0e10cSrcweir //__________________________________________________________________________________________________ 534cdf0e10cSrcweir AccessController::~AccessController() 535cdf0e10cSrcweir SAL_THROW( () ) 536cdf0e10cSrcweir { 537cdf0e10cSrcweir g_moduleCount.modCnt.release( &g_moduleCount.modCnt ); 538cdf0e10cSrcweir } 539cdf0e10cSrcweir //__________________________________________________________________________________________________ 540cdf0e10cSrcweir void AccessController::disposing() 541cdf0e10cSrcweir { 542cdf0e10cSrcweir m_mode = OFF; // avoid checks from now on xxx todo review/ better DYNAMIC_ONLY? 543cdf0e10cSrcweir m_xPolicy.clear(); 544cdf0e10cSrcweir m_xComponentContext.clear(); 545cdf0e10cSrcweir } 546cdf0e10cSrcweir 547cdf0e10cSrcweir // XInitialization impl 548cdf0e10cSrcweir //__________________________________________________________________________________________________ 549cdf0e10cSrcweir void AccessController::initialize( 550cdf0e10cSrcweir Sequence< Any > const & arguments ) 551cdf0e10cSrcweir throw (Exception) 552cdf0e10cSrcweir { 553cdf0e10cSrcweir // xxx todo: review for forking 554cdf0e10cSrcweir // portal forking hack: re-initialize for another user-id 555cdf0e10cSrcweir if (SINGLE_USER != m_mode) // only if in single-user mode 556cdf0e10cSrcweir { 557cdf0e10cSrcweir throw RuntimeException( 558cdf0e10cSrcweir OUSTR("invalid call: ac must be in \"single-user\" mode!"), (OWeakObject *)this ); 559cdf0e10cSrcweir } 560cdf0e10cSrcweir OUString userId; 561cdf0e10cSrcweir arguments[ 0 ] >>= userId; 562cdf0e10cSrcweir if (! userId.getLength()) 563cdf0e10cSrcweir { 564cdf0e10cSrcweir throw RuntimeException( 565cdf0e10cSrcweir OUSTR("expected a user-id as first argument!"), (OWeakObject *)this ); 566cdf0e10cSrcweir } 567cdf0e10cSrcweir // assured that no sync is necessary: no check happens at this forking time 568cdf0e10cSrcweir m_singleUserId = userId; 569cdf0e10cSrcweir m_singleUser_init = false; 570cdf0e10cSrcweir } 571cdf0e10cSrcweir 572cdf0e10cSrcweir //__________________________________________________________________________________________________ 573cdf0e10cSrcweir Reference< security::XPolicy > const & AccessController::getPolicy() 574cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 575cdf0e10cSrcweir { 576cdf0e10cSrcweir // get policy singleton 577cdf0e10cSrcweir if (! m_xPolicy.is()) 578cdf0e10cSrcweir { 579cdf0e10cSrcweir Reference< security::XPolicy > xPolicy; 580cdf0e10cSrcweir m_xComponentContext->getValueByName( 581cdf0e10cSrcweir OUSTR("/singletons/com.sun.star.security.thePolicy") ) >>= xPolicy; 582cdf0e10cSrcweir if (xPolicy.is()) 583cdf0e10cSrcweir { 584cdf0e10cSrcweir MutexGuard guard( m_mutex ); 585cdf0e10cSrcweir if (! m_xPolicy.is()) 586cdf0e10cSrcweir { 587cdf0e10cSrcweir m_xPolicy = xPolicy; 588cdf0e10cSrcweir } 589cdf0e10cSrcweir } 590cdf0e10cSrcweir else 591cdf0e10cSrcweir { 592cdf0e10cSrcweir throw SecurityException( 593cdf0e10cSrcweir OUSTR("cannot get policy singleton!"), (OWeakObject *)this ); 594cdf0e10cSrcweir } 595cdf0e10cSrcweir } 596cdf0e10cSrcweir return m_xPolicy; 597cdf0e10cSrcweir } 598cdf0e10cSrcweir 599cdf0e10cSrcweir #ifdef __DIAGNOSE 600cdf0e10cSrcweir static void dumpPermissions( 601cdf0e10cSrcweir PermissionCollection const & collection, OUString const & userId = OUString() ) SAL_THROW( () ) 602cdf0e10cSrcweir { 603cdf0e10cSrcweir OUStringBuffer buf( 48 ); 604cdf0e10cSrcweir if (userId.getLength()) 605cdf0e10cSrcweir { 606cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("> dumping permissions of user \"") ); 607cdf0e10cSrcweir buf.append( userId ); 608cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\":") ); 609cdf0e10cSrcweir } 610cdf0e10cSrcweir else 611cdf0e10cSrcweir { 612cdf0e10cSrcweir buf.appendAscii( 613cdf0e10cSrcweir RTL_CONSTASCII_STRINGPARAM("> dumping default permissions:") ); 614cdf0e10cSrcweir } 615cdf0e10cSrcweir OString str( ::rtl::OUStringToOString( buf.makeStringAndClear(), RTL_TEXTENCODING_ASCII_US ) ); 616cdf0e10cSrcweir OSL_TRACE( str.getStr() ); 617cdf0e10cSrcweir Sequence< OUString > permissions( collection.toStrings() ); 618cdf0e10cSrcweir OUString const * p = permissions.getConstArray(); 619cdf0e10cSrcweir for ( sal_Int32 nPos = 0; nPos < permissions.getLength(); ++nPos ) 620cdf0e10cSrcweir { 621cdf0e10cSrcweir OString str( ::rtl::OUStringToOString( p[ nPos ], RTL_TEXTENCODING_ASCII_US ) ); 622cdf0e10cSrcweir OSL_TRACE( str.getStr() ); 623cdf0e10cSrcweir } 624cdf0e10cSrcweir OSL_TRACE( "> permission dump done" ); 625cdf0e10cSrcweir } 626cdf0e10cSrcweir #endif 627cdf0e10cSrcweir 628cdf0e10cSrcweir 629cdf0e10cSrcweir //__________________________________________________________________________________________________ 630cdf0e10cSrcweir inline void AccessController::clearPostPoned() SAL_THROW( () ) 631cdf0e10cSrcweir { 632cdf0e10cSrcweir delete reinterpret_cast< t_rec_vec * >( m_rec.getData() ); 633cdf0e10cSrcweir m_rec.setData( 0 ); 634cdf0e10cSrcweir } 635cdf0e10cSrcweir //__________________________________________________________________________________________________ 636cdf0e10cSrcweir void AccessController::checkAndClearPostPoned() SAL_THROW( (RuntimeException) ) 637cdf0e10cSrcweir { 638cdf0e10cSrcweir // check postponed permissions 639cdf0e10cSrcweir auto_ptr< t_rec_vec > rec( reinterpret_cast< t_rec_vec * >( m_rec.getData() ) ); 640cdf0e10cSrcweir m_rec.setData( 0 ); // takeover ownership 641cdf0e10cSrcweir OSL_ASSERT( rec.get() ); 642cdf0e10cSrcweir if (rec.get()) 643cdf0e10cSrcweir { 644cdf0e10cSrcweir t_rec_vec const & vec = *rec.get(); 645cdf0e10cSrcweir switch (m_mode) 646cdf0e10cSrcweir { 647cdf0e10cSrcweir case SINGLE_USER: 648cdf0e10cSrcweir { 649cdf0e10cSrcweir OSL_ASSERT( m_singleUser_init ); 650cdf0e10cSrcweir for ( size_t nPos = 0; nPos < vec.size(); ++nPos ) 651cdf0e10cSrcweir { 652cdf0e10cSrcweir pair< OUString, Any > const & p = vec[ nPos ]; 653cdf0e10cSrcweir OSL_ASSERT( m_singleUserId.equals( p.first ) ); 654cdf0e10cSrcweir m_singleUserPermissions.checkPermission( p.second ); 655cdf0e10cSrcweir } 656cdf0e10cSrcweir break; 657cdf0e10cSrcweir } 658cdf0e10cSrcweir case SINGLE_DEFAULT_USER: 659cdf0e10cSrcweir { 660cdf0e10cSrcweir OSL_ASSERT( m_defaultPerm_init ); 661cdf0e10cSrcweir for ( size_t nPos = 0; nPos < vec.size(); ++nPos ) 662cdf0e10cSrcweir { 663cdf0e10cSrcweir pair< OUString, Any > const & p = vec[ nPos ]; 664cdf0e10cSrcweir OSL_ASSERT( !p.first.getLength() ); // default-user 665cdf0e10cSrcweir m_defaultPermissions.checkPermission( p.second ); 666cdf0e10cSrcweir } 667cdf0e10cSrcweir break; 668cdf0e10cSrcweir } 669cdf0e10cSrcweir case ON: 670cdf0e10cSrcweir { 671cdf0e10cSrcweir for ( size_t nPos = 0; nPos < vec.size(); ++nPos ) 672cdf0e10cSrcweir { 673cdf0e10cSrcweir pair< OUString, Any > const & p = vec[ nPos ]; 674cdf0e10cSrcweir PermissionCollection const * pPermissions; 675cdf0e10cSrcweir // lookup policy for user 676cdf0e10cSrcweir { 677cdf0e10cSrcweir MutexGuard guard( m_mutex ); 678cdf0e10cSrcweir pPermissions = m_user2permissions.lookup( p.first ); 679cdf0e10cSrcweir } 680cdf0e10cSrcweir OSL_ASSERT( pPermissions ); 681cdf0e10cSrcweir if (pPermissions) 682cdf0e10cSrcweir { 683cdf0e10cSrcweir pPermissions->checkPermission( p.second ); 684cdf0e10cSrcweir } 685cdf0e10cSrcweir } 686cdf0e10cSrcweir break; 687cdf0e10cSrcweir } 688cdf0e10cSrcweir default: 689cdf0e10cSrcweir OSL_ENSURE( 0, "### this should never be called in this ac mode!" ); 690cdf0e10cSrcweir break; 691cdf0e10cSrcweir } 692cdf0e10cSrcweir } 693cdf0e10cSrcweir } 694cdf0e10cSrcweir //__________________________________________________________________________________________________ 695cdf0e10cSrcweir /** this is the only function calling the policy singleton and thus has to take care 696cdf0e10cSrcweir of recurring calls! 697cdf0e10cSrcweir 698cdf0e10cSrcweir @param demanded_perm (if not empty) is the demanded permission of a checkPermission() call 699cdf0e10cSrcweir which will be postponed for recurring calls 700cdf0e10cSrcweir */ 701cdf0e10cSrcweir PermissionCollection AccessController::getEffectivePermissions( 702cdf0e10cSrcweir Reference< XCurrentContext > const & xContext, 703cdf0e10cSrcweir Any const & demanded_perm ) 704cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 705cdf0e10cSrcweir { 706cdf0e10cSrcweir OUString userId; 707cdf0e10cSrcweir 708cdf0e10cSrcweir switch (m_mode) 709cdf0e10cSrcweir { 710cdf0e10cSrcweir case SINGLE_USER: 711cdf0e10cSrcweir { 712cdf0e10cSrcweir if (m_singleUser_init) 713cdf0e10cSrcweir return m_singleUserPermissions; 714cdf0e10cSrcweir userId = m_singleUserId; 715cdf0e10cSrcweir break; 716cdf0e10cSrcweir } 717cdf0e10cSrcweir case SINGLE_DEFAULT_USER: 718cdf0e10cSrcweir { 719cdf0e10cSrcweir if (m_defaultPerm_init) 720cdf0e10cSrcweir return m_defaultPermissions; 721cdf0e10cSrcweir break; 722cdf0e10cSrcweir } 723cdf0e10cSrcweir case ON: 724cdf0e10cSrcweir { 725cdf0e10cSrcweir if (xContext.is()) 726cdf0e10cSrcweir { 727cdf0e10cSrcweir xContext->getValueByName( OUSTR(USER_CREDS ".id") ) >>= userId; 728cdf0e10cSrcweir } 729cdf0e10cSrcweir if (! userId.getLength()) 730cdf0e10cSrcweir { 731cdf0e10cSrcweir throw SecurityException( 732cdf0e10cSrcweir OUSTR("cannot determine current user in multi-user ac!"), (OWeakObject *)this ); 733cdf0e10cSrcweir } 734cdf0e10cSrcweir 735cdf0e10cSrcweir // lookup policy for user 736cdf0e10cSrcweir MutexGuard guard( m_mutex ); 737cdf0e10cSrcweir PermissionCollection const * pPermissions = m_user2permissions.lookup( userId ); 738cdf0e10cSrcweir if (pPermissions) 739cdf0e10cSrcweir return *pPermissions; 740cdf0e10cSrcweir break; 741cdf0e10cSrcweir } 742cdf0e10cSrcweir default: 743cdf0e10cSrcweir OSL_ENSURE( 0, "### this should never be called in this ac mode!" ); 744cdf0e10cSrcweir return PermissionCollection(); 745cdf0e10cSrcweir } 746cdf0e10cSrcweir 747cdf0e10cSrcweir // call on policy 748cdf0e10cSrcweir // iff this is a recurring call for the default user, then grant all permissions 749cdf0e10cSrcweir t_rec_vec * rec = reinterpret_cast< t_rec_vec * >( m_rec.getData() ); 750cdf0e10cSrcweir if (rec) // tls entry exists => this is recursive call 751cdf0e10cSrcweir { 752cdf0e10cSrcweir if (demanded_perm.hasValue()) 753cdf0e10cSrcweir { 754cdf0e10cSrcweir // enqueue 755cdf0e10cSrcweir rec->push_back( pair< OUString, Any >( userId, demanded_perm ) ); 756cdf0e10cSrcweir } 757cdf0e10cSrcweir #ifdef __DIAGNOSE 758cdf0e10cSrcweir OUStringBuffer buf( 48 ); 759cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("> info: recurring call of user \"") ); 760cdf0e10cSrcweir buf.append( userId ); 761cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\"") ); 762cdf0e10cSrcweir OString str( 763cdf0e10cSrcweir ::rtl::OUStringToOString( buf.makeStringAndClear(), RTL_TEXTENCODING_ASCII_US ) ); 764cdf0e10cSrcweir OSL_TRACE( str.getStr() ); 765cdf0e10cSrcweir #endif 766cdf0e10cSrcweir return PermissionCollection( new AllPermission() ); 767cdf0e10cSrcweir } 768cdf0e10cSrcweir else // no tls 769cdf0e10cSrcweir { 770cdf0e10cSrcweir rec = new t_rec_vec; 771cdf0e10cSrcweir m_rec.setData( rec ); 772cdf0e10cSrcweir } 773cdf0e10cSrcweir 774cdf0e10cSrcweir try // calls on API 775cdf0e10cSrcweir { 776cdf0e10cSrcweir // init default permissions 777cdf0e10cSrcweir if (! m_defaultPerm_init) 778cdf0e10cSrcweir { 779cdf0e10cSrcweir PermissionCollection defaultPermissions( 780cdf0e10cSrcweir getPolicy()->getDefaultPermissions() ); 781cdf0e10cSrcweir // assign 782cdf0e10cSrcweir MutexGuard guard( m_mutex ); 783cdf0e10cSrcweir if (! m_defaultPerm_init) 784cdf0e10cSrcweir { 785cdf0e10cSrcweir m_defaultPermissions = defaultPermissions; 786cdf0e10cSrcweir m_defaultPerm_init = true; 787cdf0e10cSrcweir } 788cdf0e10cSrcweir #ifdef __DIAGNOSE 789cdf0e10cSrcweir dumpPermissions( m_defaultPermissions ); 790cdf0e10cSrcweir #endif 791cdf0e10cSrcweir } 792cdf0e10cSrcweir 793cdf0e10cSrcweir PermissionCollection ret; 794cdf0e10cSrcweir 795cdf0e10cSrcweir // init user permissions 796cdf0e10cSrcweir switch (m_mode) 797cdf0e10cSrcweir { 798cdf0e10cSrcweir case SINGLE_USER: 799cdf0e10cSrcweir { 800cdf0e10cSrcweir ret = PermissionCollection( 801cdf0e10cSrcweir getPolicy()->getPermissions( userId ), m_defaultPermissions ); 802cdf0e10cSrcweir { 803cdf0e10cSrcweir // assign 804cdf0e10cSrcweir MutexGuard guard( m_mutex ); 805cdf0e10cSrcweir if (m_singleUser_init) 806cdf0e10cSrcweir { 807cdf0e10cSrcweir ret = m_singleUserPermissions; 808cdf0e10cSrcweir } 809cdf0e10cSrcweir else 810cdf0e10cSrcweir { 811cdf0e10cSrcweir m_singleUserPermissions = ret; 812cdf0e10cSrcweir m_singleUser_init = true; 813cdf0e10cSrcweir } 814cdf0e10cSrcweir } 815cdf0e10cSrcweir #ifdef __DIAGNOSE 816cdf0e10cSrcweir dumpPermissions( ret, userId ); 817cdf0e10cSrcweir #endif 818cdf0e10cSrcweir break; 819cdf0e10cSrcweir } 820cdf0e10cSrcweir case SINGLE_DEFAULT_USER: 821cdf0e10cSrcweir { 822cdf0e10cSrcweir ret = m_defaultPermissions; 823cdf0e10cSrcweir break; 824cdf0e10cSrcweir } 825cdf0e10cSrcweir case ON: 826cdf0e10cSrcweir { 827cdf0e10cSrcweir ret = PermissionCollection( 828cdf0e10cSrcweir getPolicy()->getPermissions( userId ), m_defaultPermissions ); 829cdf0e10cSrcweir { 830cdf0e10cSrcweir // cache 831cdf0e10cSrcweir MutexGuard guard( m_mutex ); 832cdf0e10cSrcweir m_user2permissions.set( userId, ret ); 833cdf0e10cSrcweir } 834cdf0e10cSrcweir #ifdef __DIAGNOSE 835cdf0e10cSrcweir dumpPermissions( ret, userId ); 836cdf0e10cSrcweir #endif 837cdf0e10cSrcweir break; 838cdf0e10cSrcweir } 839cdf0e10cSrcweir default: 840cdf0e10cSrcweir break; 841cdf0e10cSrcweir } 842cdf0e10cSrcweir 843cdf0e10cSrcweir // check postponed 844cdf0e10cSrcweir checkAndClearPostPoned(); 845cdf0e10cSrcweir return ret; 846cdf0e10cSrcweir } 847cdf0e10cSrcweir catch (security::AccessControlException & exc) // wrapped into DeploymentException 848cdf0e10cSrcweir { 849cdf0e10cSrcweir clearPostPoned(); // safety: exception could have happened before checking postponed? 850cdf0e10cSrcweir OUStringBuffer buf( 64 ); 851cdf0e10cSrcweir buf.appendAscii( 852cdf0e10cSrcweir RTL_CONSTASCII_STRINGPARAM("deployment error (AccessControlException occured): ") ); 853cdf0e10cSrcweir buf.append( exc.Message ); 854cdf0e10cSrcweir throw DeploymentException( buf.makeStringAndClear(), exc.Context ); 855cdf0e10cSrcweir } 856cdf0e10cSrcweir catch (RuntimeException &) 857cdf0e10cSrcweir { 858cdf0e10cSrcweir // dont check postponed, just cleanup 859cdf0e10cSrcweir clearPostPoned(); 860cdf0e10cSrcweir delete reinterpret_cast< t_rec_vec * >( m_rec.getData() ); 861cdf0e10cSrcweir m_rec.setData( 0 ); 862cdf0e10cSrcweir throw; 863cdf0e10cSrcweir } 864cdf0e10cSrcweir catch (Exception &) 865cdf0e10cSrcweir { 866cdf0e10cSrcweir // check postponed permissions first 867cdf0e10cSrcweir // => AccessControlExceptions are errors, user exceptions not! 868cdf0e10cSrcweir checkAndClearPostPoned(); 869cdf0e10cSrcweir throw; 870cdf0e10cSrcweir } 871cdf0e10cSrcweir catch (...) 872cdf0e10cSrcweir { 873cdf0e10cSrcweir // dont check postponed, just cleanup 874cdf0e10cSrcweir clearPostPoned(); 875cdf0e10cSrcweir throw; 876cdf0e10cSrcweir } 877cdf0e10cSrcweir } 878cdf0e10cSrcweir 879cdf0e10cSrcweir // XAccessController impl 880cdf0e10cSrcweir //__________________________________________________________________________________________________ 881cdf0e10cSrcweir void AccessController::checkPermission( 882cdf0e10cSrcweir Any const & perm ) 883cdf0e10cSrcweir throw (RuntimeException) 884cdf0e10cSrcweir { 885cdf0e10cSrcweir if (rBHelper.bDisposed) 886cdf0e10cSrcweir { 887cdf0e10cSrcweir throw lang::DisposedException( 888cdf0e10cSrcweir OUSTR("checkPermission() call on disposed AccessController!"), (OWeakObject *)this ); 889cdf0e10cSrcweir } 890cdf0e10cSrcweir 891cdf0e10cSrcweir if (OFF == m_mode) 892cdf0e10cSrcweir return; 893cdf0e10cSrcweir 894cdf0e10cSrcweir // first dynamic check of ac contexts 895cdf0e10cSrcweir Reference< XCurrentContext > xContext; 896cdf0e10cSrcweir ::uno_getCurrentContext( (void **)&xContext, s_envType.pData, 0 ); 897cdf0e10cSrcweir Reference< security::XAccessControlContext > xACC( getDynamicRestriction( xContext ) ); 898cdf0e10cSrcweir if (xACC.is()) 899cdf0e10cSrcweir { 900cdf0e10cSrcweir xACC->checkPermission( perm ); 901cdf0e10cSrcweir } 902cdf0e10cSrcweir 903cdf0e10cSrcweir if (DYNAMIC_ONLY == m_mode) 904cdf0e10cSrcweir return; 905cdf0e10cSrcweir 906cdf0e10cSrcweir // then static check 907cdf0e10cSrcweir getEffectivePermissions( xContext, perm ).checkPermission( perm ); 908cdf0e10cSrcweir } 909cdf0e10cSrcweir //__________________________________________________________________________________________________ 910cdf0e10cSrcweir Any AccessController::doRestricted( 911cdf0e10cSrcweir Reference< security::XAction > const & xAction, 912cdf0e10cSrcweir Reference< security::XAccessControlContext > const & xRestriction ) 913cdf0e10cSrcweir throw (Exception) 914cdf0e10cSrcweir { 915cdf0e10cSrcweir if (rBHelper.bDisposed) 916cdf0e10cSrcweir { 917cdf0e10cSrcweir throw lang::DisposedException( 918cdf0e10cSrcweir OUSTR("doRestricted() call on disposed AccessController!"), (OWeakObject *)this ); 919cdf0e10cSrcweir } 920cdf0e10cSrcweir 921cdf0e10cSrcweir if (OFF == m_mode) // optimize this way, because no dynamic check will be performed 922cdf0e10cSrcweir return xAction->run(); 923cdf0e10cSrcweir 924cdf0e10cSrcweir if (xRestriction.is()) 925cdf0e10cSrcweir { 926cdf0e10cSrcweir Reference< XCurrentContext > xContext; 927cdf0e10cSrcweir ::uno_getCurrentContext( (void **)&xContext, s_envType.pData, 0 ); 928cdf0e10cSrcweir 929cdf0e10cSrcweir // override restriction 930cdf0e10cSrcweir Reference< XCurrentContext > xNewContext( 931cdf0e10cSrcweir new acc_CurrentContext( xContext, acc_Intersection::create( 932cdf0e10cSrcweir xRestriction, getDynamicRestriction( xContext ) ) ) ); 933cdf0e10cSrcweir ::uno_setCurrentContext( xNewContext.get(), s_envType.pData, 0 ); 934cdf0e10cSrcweir cc_reset reset( xContext.get() ); 935cdf0e10cSrcweir return xAction->run(); 936cdf0e10cSrcweir } 937cdf0e10cSrcweir else 938cdf0e10cSrcweir { 939cdf0e10cSrcweir return xAction->run(); 940cdf0e10cSrcweir } 941cdf0e10cSrcweir } 942cdf0e10cSrcweir //__________________________________________________________________________________________________ 943cdf0e10cSrcweir Any AccessController::doPrivileged( 944cdf0e10cSrcweir Reference< security::XAction > const & xAction, 945cdf0e10cSrcweir Reference< security::XAccessControlContext > const & xRestriction ) 946cdf0e10cSrcweir throw (Exception) 947cdf0e10cSrcweir { 948cdf0e10cSrcweir if (rBHelper.bDisposed) 949cdf0e10cSrcweir { 950cdf0e10cSrcweir throw lang::DisposedException( 951cdf0e10cSrcweir OUSTR("doPrivileged() call on disposed AccessController!"), (OWeakObject *)this ); 952cdf0e10cSrcweir } 953cdf0e10cSrcweir 954cdf0e10cSrcweir if (OFF == m_mode) // no dynamic check will be performed 955cdf0e10cSrcweir { 956cdf0e10cSrcweir return xAction->run(); 957cdf0e10cSrcweir } 958cdf0e10cSrcweir 959cdf0e10cSrcweir Reference< XCurrentContext > xContext; 960cdf0e10cSrcweir ::uno_getCurrentContext( (void **)&xContext, s_envType.pData, 0 ); 961cdf0e10cSrcweir 962cdf0e10cSrcweir Reference< security::XAccessControlContext > xOldRestr( 963cdf0e10cSrcweir getDynamicRestriction( xContext ) ); 964cdf0e10cSrcweir 965cdf0e10cSrcweir if (xOldRestr.is()) // previous restriction 966cdf0e10cSrcweir { 967cdf0e10cSrcweir // override restriction 968cdf0e10cSrcweir Reference< XCurrentContext > xNewContext( 969cdf0e10cSrcweir new acc_CurrentContext( xContext, acc_Union::create( xRestriction, xOldRestr ) ) ); 970cdf0e10cSrcweir ::uno_setCurrentContext( xNewContext.get(), s_envType.pData, 0 ); 971cdf0e10cSrcweir cc_reset reset( xContext.get() ); 972cdf0e10cSrcweir return xAction->run(); 973cdf0e10cSrcweir } 974cdf0e10cSrcweir else // no previous restriction => never current restriction 975cdf0e10cSrcweir { 976cdf0e10cSrcweir return xAction->run(); 977cdf0e10cSrcweir } 978cdf0e10cSrcweir } 979cdf0e10cSrcweir //__________________________________________________________________________________________________ 980cdf0e10cSrcweir Reference< security::XAccessControlContext > AccessController::getContext() 981cdf0e10cSrcweir throw (RuntimeException) 982cdf0e10cSrcweir { 983cdf0e10cSrcweir if (rBHelper.bDisposed) 984cdf0e10cSrcweir { 985cdf0e10cSrcweir throw lang::DisposedException( 986cdf0e10cSrcweir OUSTR("getContext() call on disposed AccessController!"), (OWeakObject *)this ); 987cdf0e10cSrcweir } 988cdf0e10cSrcweir 989cdf0e10cSrcweir if (OFF == m_mode) // optimize this way, because no dynamic check will be performed 990cdf0e10cSrcweir { 991cdf0e10cSrcweir return new acc_Policy( PermissionCollection( new AllPermission() ) ); 992cdf0e10cSrcweir } 993cdf0e10cSrcweir 994cdf0e10cSrcweir Reference< XCurrentContext > xContext; 995cdf0e10cSrcweir ::uno_getCurrentContext( (void **)&xContext, s_envType.pData, 0 ); 996cdf0e10cSrcweir 997cdf0e10cSrcweir return acc_Intersection::create( 998cdf0e10cSrcweir getDynamicRestriction( xContext ), 999cdf0e10cSrcweir new acc_Policy( getEffectivePermissions( xContext, Any() ) ) ); 1000cdf0e10cSrcweir } 1001cdf0e10cSrcweir 1002cdf0e10cSrcweir // XServiceInfo impl 1003cdf0e10cSrcweir //__________________________________________________________________________________________________ 1004cdf0e10cSrcweir OUString AccessController::getImplementationName() 1005cdf0e10cSrcweir throw (RuntimeException) 1006cdf0e10cSrcweir { 1007cdf0e10cSrcweir return s_implName; 1008cdf0e10cSrcweir } 1009cdf0e10cSrcweir //__________________________________________________________________________________________________ 1010cdf0e10cSrcweir sal_Bool AccessController::supportsService( OUString const & serviceName ) 1011cdf0e10cSrcweir throw (RuntimeException) 1012cdf0e10cSrcweir { 1013cdf0e10cSrcweir OUString const * pNames = s_serviceNames.getConstArray(); 1014cdf0e10cSrcweir for ( sal_Int32 nPos = s_serviceNames.getLength(); nPos--; ) 1015cdf0e10cSrcweir { 1016cdf0e10cSrcweir if (serviceName.equals( pNames[ nPos ] )) 1017cdf0e10cSrcweir { 1018cdf0e10cSrcweir return sal_True; 1019cdf0e10cSrcweir } 1020cdf0e10cSrcweir } 1021cdf0e10cSrcweir return sal_False; 1022cdf0e10cSrcweir } 1023cdf0e10cSrcweir //__________________________________________________________________________________________________ 1024cdf0e10cSrcweir Sequence< OUString > AccessController::getSupportedServiceNames() 1025cdf0e10cSrcweir throw (RuntimeException) 1026cdf0e10cSrcweir { 1027cdf0e10cSrcweir return s_serviceNames; 1028cdf0e10cSrcweir } 1029cdf0e10cSrcweir } 1030cdf0e10cSrcweir //################################################################################################## 1031cdf0e10cSrcweir namespace stoc_bootstrap { 1032cdf0e10cSrcweir //-------------------------------------------------------------------------------------------------- 1033cdf0e10cSrcweir Reference< XInterface > SAL_CALL ac_create( 1034cdf0e10cSrcweir Reference< XComponentContext > const & xComponentContext ) 1035cdf0e10cSrcweir SAL_THROW( (Exception) ) 1036cdf0e10cSrcweir { 1037cdf0e10cSrcweir return (OWeakObject *)new stoc_sec::AccessController( xComponentContext ); 1038cdf0e10cSrcweir } 1039cdf0e10cSrcweir //-------------------------------------------------------------------------------------------------- 1040cdf0e10cSrcweir Sequence< OUString > ac_getSupportedServiceNames() SAL_THROW( () ) 1041cdf0e10cSrcweir { 1042cdf0e10cSrcweir return stoc_sec::s_serviceNames; 1043cdf0e10cSrcweir } 1044cdf0e10cSrcweir //-------------------------------------------------------------------------------------------------- 1045cdf0e10cSrcweir OUString ac_getImplementationName() SAL_THROW( () ) 1046cdf0e10cSrcweir { 1047cdf0e10cSrcweir return stoc_sec::s_implName; 1048cdf0e10cSrcweir } 1049cdf0e10cSrcweir //-------------------------------------------------------------------------------------------------- 1050cdf0e10cSrcweir Reference< XInterface > SAL_CALL filepolicy_create( 1051cdf0e10cSrcweir Reference< XComponentContext > const & xComponentContext ) 1052cdf0e10cSrcweir SAL_THROW( (Exception) ); 1053cdf0e10cSrcweir //-------------------------------------------------------------------------------------------------- 1054cdf0e10cSrcweir Sequence< OUString > filepolicy_getSupportedServiceNames() SAL_THROW( () ); 1055cdf0e10cSrcweir //-------------------------------------------------------------------------------------------------- 1056cdf0e10cSrcweir OUString filepolicy_getImplementationName() SAL_THROW( () ); 1057cdf0e10cSrcweir } 1058