1*647a425cSAndrew Rist /************************************************************** 2cdf0e10cSrcweir * 3*647a425cSAndrew Rist * Licensed to the Apache Software Foundation (ASF) under one 4*647a425cSAndrew Rist * or more contributor license agreements. See the NOTICE file 5*647a425cSAndrew Rist * distributed with this work for additional information 6*647a425cSAndrew Rist * regarding copyright ownership. The ASF licenses this file 7*647a425cSAndrew Rist * to you under the Apache License, Version 2.0 (the 8*647a425cSAndrew Rist * "License"); you may not use this file except in compliance 9*647a425cSAndrew Rist * with the License. You may obtain a copy of the License at 10cdf0e10cSrcweir * 11*647a425cSAndrew Rist * http://www.apache.org/licenses/LICENSE-2.0 12cdf0e10cSrcweir * 13*647a425cSAndrew Rist * Unless required by applicable law or agreed to in writing, 14*647a425cSAndrew Rist * software distributed under the License is distributed on an 15*647a425cSAndrew Rist * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16*647a425cSAndrew Rist * KIND, either express or implied. See the License for the 17*647a425cSAndrew Rist * specific language governing permissions and limitations 18*647a425cSAndrew Rist * under the License. 19cdf0e10cSrcweir * 20*647a425cSAndrew Rist *************************************************************/ 21*647a425cSAndrew Rist 22*647a425cSAndrew Rist 23cdf0e10cSrcweir 24cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove 25cdf0e10cSrcweir #include "precompiled_stoc.hxx" 26cdf0e10cSrcweir 27cdf0e10cSrcweir #include <hash_map> 28cdf0e10cSrcweir 29cdf0e10cSrcweir #include <osl/diagnose.h> 30cdf0e10cSrcweir #include <osl/file.h> 31cdf0e10cSrcweir #include <rtl/byteseq.hxx> 32cdf0e10cSrcweir #include <rtl/string.hxx> 33cdf0e10cSrcweir #include <rtl/ustrbuf.hxx> 34cdf0e10cSrcweir 35cdf0e10cSrcweir #include <cppuhelper/access_control.hxx> 36cdf0e10cSrcweir #include <cppuhelper/compbase2.hxx> 37cdf0e10cSrcweir #include <cppuhelper/implementationentry.hxx> 38cdf0e10cSrcweir 39cdf0e10cSrcweir #include <com/sun/star/lang/XServiceInfo.hpp> 40cdf0e10cSrcweir #include <com/sun/star/security/XAccessController.hpp> 41cdf0e10cSrcweir #include <com/sun/star/security/XPolicy.hpp> 42cdf0e10cSrcweir #include <com/sun/star/security/AllPermission.hpp> 43cdf0e10cSrcweir #include <com/sun/star/security/RuntimePermission.hpp> 44cdf0e10cSrcweir #include <com/sun/star/io/FilePermission.hpp> 45cdf0e10cSrcweir #include <com/sun/star/connection/SocketPermission.hpp> 46cdf0e10cSrcweir 47cdf0e10cSrcweir #define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) ) 48cdf0e10cSrcweir #define SERVICE_NAME "com.sun.star.security.Policy" 49cdf0e10cSrcweir #define IMPL_NAME "com.sun.star.security.comp.stoc.FilePolicy" 50cdf0e10cSrcweir 51cdf0e10cSrcweir 52cdf0e10cSrcweir using namespace ::osl; 53cdf0e10cSrcweir using namespace ::rtl; 54cdf0e10cSrcweir using namespace ::cppu; 55cdf0e10cSrcweir using namespace ::com::sun::star; 56cdf0e10cSrcweir using namespace ::com::sun::star::uno; 57cdf0e10cSrcweir 58cdf0e10cSrcweir extern ::rtl_StandardModuleCount g_moduleCount; 59cdf0e10cSrcweir 60cdf0e10cSrcweir namespace stoc_sec 61cdf0e10cSrcweir { 62cdf0e10cSrcweir // static stuff initialized when loading lib 63cdf0e10cSrcweir static OUString s_implName = OUSTR(IMPL_NAME); 64cdf0e10cSrcweir static OUString s_serviceName = OUSTR(SERVICE_NAME); 65cdf0e10cSrcweir 66cdf0e10cSrcweir static Sequence< OUString > s_serviceNames = Sequence< OUString >( &s_serviceName, 1 ); 67cdf0e10cSrcweir //################################################################################################## 68cdf0e10cSrcweir 69cdf0e10cSrcweir //-------------------------------------------------------------------------------------------------- 70cdf0e10cSrcweir static inline void dispose( Reference< XInterface > const & x ) 71cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 72cdf0e10cSrcweir { 73cdf0e10cSrcweir Reference< lang::XComponent > xComp( x, UNO_QUERY ); 74cdf0e10cSrcweir if (xComp.is()) 75cdf0e10cSrcweir { 76cdf0e10cSrcweir xComp->dispose(); 77cdf0e10cSrcweir } 78cdf0e10cSrcweir } 79cdf0e10cSrcweir 80cdf0e10cSrcweir //################################################################################################## 81cdf0e10cSrcweir 82cdf0e10cSrcweir struct MutexHolder 83cdf0e10cSrcweir { 84cdf0e10cSrcweir Mutex m_mutex; 85cdf0e10cSrcweir }; 86cdf0e10cSrcweir typedef WeakComponentImplHelper2< security::XPolicy, lang::XServiceInfo > t_helper; 87cdf0e10cSrcweir 88cdf0e10cSrcweir //================================================================================================== 89cdf0e10cSrcweir class FilePolicy 90cdf0e10cSrcweir : public MutexHolder 91cdf0e10cSrcweir , public t_helper 92cdf0e10cSrcweir { 93cdf0e10cSrcweir Reference< XComponentContext > m_xComponentContext; 94cdf0e10cSrcweir AccessControl m_ac; 95cdf0e10cSrcweir 96cdf0e10cSrcweir Sequence< Any > m_defaultPermissions; 97cdf0e10cSrcweir typedef std::hash_map< OUString, Sequence< Any >, OUStringHash > t_permissions; 98cdf0e10cSrcweir t_permissions m_userPermissions; 99cdf0e10cSrcweir bool m_init; 100cdf0e10cSrcweir 101cdf0e10cSrcweir protected: 102cdf0e10cSrcweir virtual void SAL_CALL disposing(); 103cdf0e10cSrcweir 104cdf0e10cSrcweir public: 105cdf0e10cSrcweir FilePolicy( Reference< XComponentContext > const & xComponentContext ) 106cdf0e10cSrcweir SAL_THROW( () ); 107cdf0e10cSrcweir virtual ~FilePolicy() 108cdf0e10cSrcweir SAL_THROW( () ); 109cdf0e10cSrcweir 110cdf0e10cSrcweir // XPolicy impl 111cdf0e10cSrcweir virtual Sequence< Any > SAL_CALL getPermissions( 112cdf0e10cSrcweir OUString const & userId ) 113cdf0e10cSrcweir throw (RuntimeException); 114cdf0e10cSrcweir virtual Sequence< Any > SAL_CALL getDefaultPermissions() 115cdf0e10cSrcweir throw (RuntimeException); 116cdf0e10cSrcweir virtual void SAL_CALL refresh() 117cdf0e10cSrcweir throw (RuntimeException); 118cdf0e10cSrcweir 119cdf0e10cSrcweir // XServiceInfo impl 120cdf0e10cSrcweir virtual OUString SAL_CALL getImplementationName() 121cdf0e10cSrcweir throw (RuntimeException); 122cdf0e10cSrcweir virtual sal_Bool SAL_CALL supportsService( OUString const & serviceName ) 123cdf0e10cSrcweir throw (RuntimeException); 124cdf0e10cSrcweir virtual Sequence< OUString > SAL_CALL getSupportedServiceNames() 125cdf0e10cSrcweir throw (RuntimeException); 126cdf0e10cSrcweir }; 127cdf0e10cSrcweir //__________________________________________________________________________________________________ 128cdf0e10cSrcweir FilePolicy::FilePolicy( Reference< XComponentContext > const & xComponentContext ) 129cdf0e10cSrcweir SAL_THROW( () ) 130cdf0e10cSrcweir : t_helper( m_mutex ) 131cdf0e10cSrcweir , m_xComponentContext( xComponentContext ) 132cdf0e10cSrcweir , m_ac( xComponentContext ) 133cdf0e10cSrcweir , m_init( false ) 134cdf0e10cSrcweir { 135cdf0e10cSrcweir g_moduleCount.modCnt.acquire( &g_moduleCount.modCnt ); 136cdf0e10cSrcweir } 137cdf0e10cSrcweir //__________________________________________________________________________________________________ 138cdf0e10cSrcweir FilePolicy::~FilePolicy() 139cdf0e10cSrcweir SAL_THROW( () ) 140cdf0e10cSrcweir { 141cdf0e10cSrcweir g_moduleCount.modCnt.release( &g_moduleCount.modCnt ); 142cdf0e10cSrcweir } 143cdf0e10cSrcweir //__________________________________________________________________________________________________ 144cdf0e10cSrcweir void FilePolicy::disposing() 145cdf0e10cSrcweir { 146cdf0e10cSrcweir m_userPermissions.clear(); 147cdf0e10cSrcweir m_defaultPermissions = Sequence< Any >(); 148cdf0e10cSrcweir m_xComponentContext.clear(); 149cdf0e10cSrcweir } 150cdf0e10cSrcweir 151cdf0e10cSrcweir //__________________________________________________________________________________________________ 152cdf0e10cSrcweir Sequence< Any > FilePolicy::getPermissions( 153cdf0e10cSrcweir OUString const & userId ) 154cdf0e10cSrcweir throw (RuntimeException) 155cdf0e10cSrcweir { 156cdf0e10cSrcweir if (! m_init) 157cdf0e10cSrcweir { 158cdf0e10cSrcweir refresh(); 159cdf0e10cSrcweir m_init = true; 160cdf0e10cSrcweir } 161cdf0e10cSrcweir 162cdf0e10cSrcweir MutexGuard guard( m_mutex ); 163cdf0e10cSrcweir t_permissions::iterator iFind( m_userPermissions.find( userId ) ); 164cdf0e10cSrcweir if (m_userPermissions.end() == iFind) 165cdf0e10cSrcweir { 166cdf0e10cSrcweir return Sequence< Any >(); 167cdf0e10cSrcweir } 168cdf0e10cSrcweir else 169cdf0e10cSrcweir { 170cdf0e10cSrcweir return iFind->second; 171cdf0e10cSrcweir } 172cdf0e10cSrcweir } 173cdf0e10cSrcweir //__________________________________________________________________________________________________ 174cdf0e10cSrcweir Sequence< Any > FilePolicy::getDefaultPermissions() 175cdf0e10cSrcweir throw (RuntimeException) 176cdf0e10cSrcweir { 177cdf0e10cSrcweir if (! m_init) 178cdf0e10cSrcweir { 179cdf0e10cSrcweir refresh(); 180cdf0e10cSrcweir m_init = true; 181cdf0e10cSrcweir } 182cdf0e10cSrcweir 183cdf0e10cSrcweir MutexGuard guard( m_mutex ); 184cdf0e10cSrcweir return m_defaultPermissions; 185cdf0e10cSrcweir } 186cdf0e10cSrcweir 187cdf0e10cSrcweir //================================================================================================== 188cdf0e10cSrcweir class PolicyReader 189cdf0e10cSrcweir { 190cdf0e10cSrcweir OUString m_fileName; 191cdf0e10cSrcweir oslFileHandle m_file; 192cdf0e10cSrcweir 193cdf0e10cSrcweir sal_Int32 m_linepos; 194cdf0e10cSrcweir ByteSequence m_line; 195cdf0e10cSrcweir sal_Int32 m_pos; 196cdf0e10cSrcweir sal_Unicode m_back; 197cdf0e10cSrcweir 198cdf0e10cSrcweir sal_Unicode get() 199cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 200cdf0e10cSrcweir inline void back( sal_Unicode c ) SAL_THROW( () ) 201cdf0e10cSrcweir { m_back = c; } 202cdf0e10cSrcweir 203cdf0e10cSrcweir inline bool isWhiteSpace( sal_Unicode c ) SAL_THROW( () ) 204cdf0e10cSrcweir { return (' ' == c || '\t' == c || '\n' == c || '\r' == c); } 205cdf0e10cSrcweir void skipWhiteSpace() 206cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 207cdf0e10cSrcweir 208cdf0e10cSrcweir inline bool isCharToken( sal_Unicode c ) SAL_THROW( () ) 209cdf0e10cSrcweir { return (';' == c || ',' == c || '{' == c || '}' == c); } 210cdf0e10cSrcweir 211cdf0e10cSrcweir public: 212cdf0e10cSrcweir PolicyReader( OUString const & file, AccessControl & ac ) 213cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 214cdf0e10cSrcweir ~PolicyReader() 215cdf0e10cSrcweir SAL_THROW( () ); 216cdf0e10cSrcweir 217cdf0e10cSrcweir void error( OUString const & msg ) 218cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 219cdf0e10cSrcweir 220cdf0e10cSrcweir OUString getToken() 221cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 222cdf0e10cSrcweir OUString assureToken() 223cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 224cdf0e10cSrcweir OUString getQuotedToken() 225cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 226cdf0e10cSrcweir OUString assureQuotedToken() 227cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 228cdf0e10cSrcweir void assureToken( sal_Unicode token ) 229cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 230cdf0e10cSrcweir }; 231cdf0e10cSrcweir //__________________________________________________________________________________________________ 232cdf0e10cSrcweir void PolicyReader::assureToken( sal_Unicode token ) 233cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 234cdf0e10cSrcweir { 235cdf0e10cSrcweir skipWhiteSpace(); 236cdf0e10cSrcweir sal_Unicode c = get(); 237cdf0e10cSrcweir if (c == token) 238cdf0e10cSrcweir return; 239cdf0e10cSrcweir OUStringBuffer buf( 16 ); 240cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("expected >") ); 241cdf0e10cSrcweir buf.append( c ); 242cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("<!") ); 243cdf0e10cSrcweir error( buf.makeStringAndClear() ); 244cdf0e10cSrcweir } 245cdf0e10cSrcweir //__________________________________________________________________________________________________ 246cdf0e10cSrcweir OUString PolicyReader::assureQuotedToken() 247cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 248cdf0e10cSrcweir { 249cdf0e10cSrcweir OUString token( getQuotedToken() ); 250cdf0e10cSrcweir if (! token.getLength()) 251cdf0e10cSrcweir error( OUSTR("unexpected end of file!") ); 252cdf0e10cSrcweir return token; 253cdf0e10cSrcweir } 254cdf0e10cSrcweir //__________________________________________________________________________________________________ 255cdf0e10cSrcweir OUString PolicyReader::getQuotedToken() 256cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 257cdf0e10cSrcweir { 258cdf0e10cSrcweir skipWhiteSpace(); 259cdf0e10cSrcweir OUStringBuffer buf( 32 ); 260cdf0e10cSrcweir sal_Unicode c = get(); 261cdf0e10cSrcweir if ('\"' != c) 262cdf0e10cSrcweir error( OUSTR("expected quoting >\"< character!") ); 263cdf0e10cSrcweir c = get(); 264cdf0e10cSrcweir while ('\0' != c && '\"' != c) 265cdf0e10cSrcweir { 266cdf0e10cSrcweir buf.append( c ); 267cdf0e10cSrcweir c = get(); 268cdf0e10cSrcweir } 269cdf0e10cSrcweir return buf.makeStringAndClear(); 270cdf0e10cSrcweir } 271cdf0e10cSrcweir //__________________________________________________________________________________________________ 272cdf0e10cSrcweir OUString PolicyReader::assureToken() 273cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 274cdf0e10cSrcweir { 275cdf0e10cSrcweir OUString token( getToken() ); 276cdf0e10cSrcweir if (! token.getLength()) 277cdf0e10cSrcweir error( OUSTR("unexpected end of file!") ); 278cdf0e10cSrcweir return token; 279cdf0e10cSrcweir } 280cdf0e10cSrcweir //__________________________________________________________________________________________________ 281cdf0e10cSrcweir OUString PolicyReader::getToken() 282cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 283cdf0e10cSrcweir { 284cdf0e10cSrcweir skipWhiteSpace(); 285cdf0e10cSrcweir sal_Unicode c = get(); 286cdf0e10cSrcweir if (isCharToken( c )) 287cdf0e10cSrcweir return OUString( &c, 1 ); 288cdf0e10cSrcweir OUStringBuffer buf( 32 ); 289cdf0e10cSrcweir while ('\0' != c && !isCharToken( c ) && !isWhiteSpace( c )) 290cdf0e10cSrcweir { 291cdf0e10cSrcweir buf.append( c ); 292cdf0e10cSrcweir c = get(); 293cdf0e10cSrcweir } 294cdf0e10cSrcweir back( c ); 295cdf0e10cSrcweir return buf.makeStringAndClear(); 296cdf0e10cSrcweir } 297cdf0e10cSrcweir //__________________________________________________________________________________________________ 298cdf0e10cSrcweir void PolicyReader::skipWhiteSpace() 299cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 300cdf0e10cSrcweir { 301cdf0e10cSrcweir sal_Unicode c; 302cdf0e10cSrcweir do 303cdf0e10cSrcweir { 304cdf0e10cSrcweir c = get(); 305cdf0e10cSrcweir } 306cdf0e10cSrcweir while (isWhiteSpace( c )); // seeking next non-whitespace char 307cdf0e10cSrcweir 308cdf0e10cSrcweir if ('/' == c) // C/C++ like comment 309cdf0e10cSrcweir { 310cdf0e10cSrcweir c = get(); 311cdf0e10cSrcweir if ('/' == c) // C++ like comment 312cdf0e10cSrcweir { 313cdf0e10cSrcweir do 314cdf0e10cSrcweir { 315cdf0e10cSrcweir c = get(); 316cdf0e10cSrcweir } 317cdf0e10cSrcweir while ('\n' != c && '\0' != c); // seek eol/eof 318cdf0e10cSrcweir skipWhiteSpace(); // cont skip on next line 319cdf0e10cSrcweir } 320cdf0e10cSrcweir else if ('*' == c) // C like comment 321cdf0e10cSrcweir { 322cdf0e10cSrcweir bool fini = true; 323cdf0e10cSrcweir do 324cdf0e10cSrcweir { 325cdf0e10cSrcweir c = get(); 326cdf0e10cSrcweir if ('*' == c) 327cdf0e10cSrcweir { 328cdf0e10cSrcweir c = get(); 329cdf0e10cSrcweir fini = ('/' == c || '\0' == c); 330cdf0e10cSrcweir } 331cdf0e10cSrcweir else 332cdf0e10cSrcweir { 333cdf0e10cSrcweir fini = ('\0' == c); 334cdf0e10cSrcweir } 335cdf0e10cSrcweir } 336cdf0e10cSrcweir while (! fini); 337cdf0e10cSrcweir skipWhiteSpace(); // cont skip on next line 338cdf0e10cSrcweir } 339cdf0e10cSrcweir else 340cdf0e10cSrcweir { 341cdf0e10cSrcweir error( OUSTR("expected C/C++ like comment!") ); 342cdf0e10cSrcweir } 343cdf0e10cSrcweir } 344cdf0e10cSrcweir else if ('#' == c) // script like comment 345cdf0e10cSrcweir { 346cdf0e10cSrcweir do 347cdf0e10cSrcweir { 348cdf0e10cSrcweir c = get(); 349cdf0e10cSrcweir } 350cdf0e10cSrcweir while ('\n' != c && '\0' != c); // seek eol/eof 351cdf0e10cSrcweir skipWhiteSpace(); // cont skip on next line 352cdf0e10cSrcweir } 353cdf0e10cSrcweir 354cdf0e10cSrcweir else // is token char 355cdf0e10cSrcweir { 356cdf0e10cSrcweir back( c ); 357cdf0e10cSrcweir } 358cdf0e10cSrcweir } 359cdf0e10cSrcweir //__________________________________________________________________________________________________ 360cdf0e10cSrcweir sal_Unicode PolicyReader::get() 361cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 362cdf0e10cSrcweir { 363cdf0e10cSrcweir if ('\0' != m_back) // one char push back possible 364cdf0e10cSrcweir { 365cdf0e10cSrcweir sal_Unicode c = m_back; 366cdf0e10cSrcweir m_back = '\0'; 367cdf0e10cSrcweir return c; 368cdf0e10cSrcweir } 369cdf0e10cSrcweir else if (m_pos == m_line.getLength()) // provide newline as whitespace 370cdf0e10cSrcweir { 371cdf0e10cSrcweir ++m_pos; 372cdf0e10cSrcweir return '\n'; 373cdf0e10cSrcweir } 374cdf0e10cSrcweir else if (m_pos > m_line.getLength()) // read new line 375cdf0e10cSrcweir { 376cdf0e10cSrcweir sal_Bool eof; 377cdf0e10cSrcweir oslFileError rc = ::osl_isEndOfFile( m_file, &eof ); 378cdf0e10cSrcweir if (osl_File_E_None != rc) 379cdf0e10cSrcweir error( OUSTR("checking eof failed!") ); 380cdf0e10cSrcweir if (eof) 381cdf0e10cSrcweir return '\0'; 382cdf0e10cSrcweir 383cdf0e10cSrcweir rc = ::osl_readLine( m_file, reinterpret_cast< sal_Sequence ** >( &m_line ) ); 384cdf0e10cSrcweir if (osl_File_E_None != rc) 385cdf0e10cSrcweir error( OUSTR("read line failed!") ); 386cdf0e10cSrcweir ++m_linepos; 387cdf0e10cSrcweir if (! m_line.getLength()) // empty line read 388cdf0e10cSrcweir { 389cdf0e10cSrcweir m_pos = 1; // read new line next time 390cdf0e10cSrcweir return '\n'; 391cdf0e10cSrcweir } 392cdf0e10cSrcweir m_pos = 0; 393cdf0e10cSrcweir } 394cdf0e10cSrcweir return (m_line.getConstArray()[ m_pos++ ]); 395cdf0e10cSrcweir } 396cdf0e10cSrcweir //__________________________________________________________________________________________________ 397cdf0e10cSrcweir void PolicyReader::error( OUString const & msg ) 398cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 399cdf0e10cSrcweir { 400cdf0e10cSrcweir OUStringBuffer buf( 32 ); 401cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("error processing file \"") ); 402cdf0e10cSrcweir buf.append( m_fileName ); 403cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\" [line ") ); 404cdf0e10cSrcweir buf.append( m_linepos ); 405cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM(", column ") ); 406cdf0e10cSrcweir buf.append( m_pos ); 407cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("] ") ); 408cdf0e10cSrcweir buf.append( msg ); 409cdf0e10cSrcweir throw RuntimeException( buf.makeStringAndClear(), Reference< XInterface >() ); 410cdf0e10cSrcweir } 411cdf0e10cSrcweir //__________________________________________________________________________________________________ 412cdf0e10cSrcweir PolicyReader::PolicyReader( OUString const & fileName, AccessControl & ac ) 413cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 414cdf0e10cSrcweir : m_fileName( fileName ) 415cdf0e10cSrcweir , m_linepos( 0 ) 416cdf0e10cSrcweir , m_pos( 1 ) // force readline 417cdf0e10cSrcweir , m_back( '\0' ) 418cdf0e10cSrcweir { 419cdf0e10cSrcweir ac.checkFilePermission( m_fileName, OUSTR("read") ); 420cdf0e10cSrcweir if (osl_File_E_None != ::osl_openFile( m_fileName.pData, &m_file, osl_File_OpenFlag_Read )) 421cdf0e10cSrcweir { 422cdf0e10cSrcweir OUStringBuffer buf( 32 ); 423cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("cannot open file \"") ); 424cdf0e10cSrcweir buf.append( m_fileName ); 425cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\"!") ); 426cdf0e10cSrcweir throw RuntimeException( buf.makeStringAndClear(), Reference< XInterface >() ); 427cdf0e10cSrcweir } 428cdf0e10cSrcweir } 429cdf0e10cSrcweir //__________________________________________________________________________________________________ 430cdf0e10cSrcweir PolicyReader::~PolicyReader() 431cdf0e10cSrcweir SAL_THROW( () ) 432cdf0e10cSrcweir { 433cdf0e10cSrcweir if ( ::osl_closeFile( m_file ) != osl_File_E_None ) { 434cdf0e10cSrcweir OSL_ASSERT( false ); 435cdf0e10cSrcweir } 436cdf0e10cSrcweir } 437cdf0e10cSrcweir 438cdf0e10cSrcweir static OUString s_grant = OUSTR("grant"); 439cdf0e10cSrcweir static OUString s_user = OUSTR("user"); 440cdf0e10cSrcweir static OUString s_permission = OUSTR("permission"); 441cdf0e10cSrcweir static OUString s_openBrace = OUSTR("{"); 442cdf0e10cSrcweir static OUString s_closingBrace = OUSTR("}"); 443cdf0e10cSrcweir 444cdf0e10cSrcweir static OUString s_filePermission = OUSTR("com.sun.star.io.FilePermission"); 445cdf0e10cSrcweir static OUString s_socketPermission = OUSTR("com.sun.star.connection.SocketPermission"); 446cdf0e10cSrcweir static OUString s_runtimePermission = OUSTR("com.sun.star.security.RuntimePermission"); 447cdf0e10cSrcweir static OUString s_allPermission = OUSTR("com.sun.star.security.AllPermission"); 448cdf0e10cSrcweir 449cdf0e10cSrcweir //__________________________________________________________________________________________________ 450cdf0e10cSrcweir void FilePolicy::refresh() 451cdf0e10cSrcweir throw (RuntimeException) 452cdf0e10cSrcweir { 453cdf0e10cSrcweir // read out file 454cdf0e10cSrcweir OUString fileName; 455cdf0e10cSrcweir m_xComponentContext->getValueByName( 456cdf0e10cSrcweir OUSTR("/implementations/" IMPL_NAME "/file-name") ) >>= fileName; 457cdf0e10cSrcweir if (! fileName.getLength()) 458cdf0e10cSrcweir { 459cdf0e10cSrcweir throw RuntimeException( 460cdf0e10cSrcweir OUSTR("name of policy file unknown!"), 461cdf0e10cSrcweir (OWeakObject *)this ); 462cdf0e10cSrcweir } 463cdf0e10cSrcweir 464cdf0e10cSrcweir PolicyReader reader( fileName, m_ac ); 465cdf0e10cSrcweir 466cdf0e10cSrcweir // fill these two 467cdf0e10cSrcweir Sequence< Any > defaultPermissions; 468cdf0e10cSrcweir t_permissions userPermissions; 469cdf0e10cSrcweir 470cdf0e10cSrcweir OUString token( reader.getToken() ); 471cdf0e10cSrcweir while (token.getLength()) 472cdf0e10cSrcweir { 473cdf0e10cSrcweir if (! token.equals( s_grant )) 474cdf0e10cSrcweir reader.error( OUSTR("expected >grant< token!") ); 475cdf0e10cSrcweir OUString userId; 476cdf0e10cSrcweir token = reader.assureToken(); 477cdf0e10cSrcweir if (token.equals( s_user )) // next token is user-id 478cdf0e10cSrcweir { 479cdf0e10cSrcweir userId = reader.assureQuotedToken(); 480cdf0e10cSrcweir token = reader.assureToken(); 481cdf0e10cSrcweir } 482cdf0e10cSrcweir if (! token.equals( s_openBrace )) 483cdf0e10cSrcweir reader.error( OUSTR("expected opening brace >{<!") ); 484cdf0e10cSrcweir token = reader.assureToken(); 485cdf0e10cSrcweir // permissions list 486cdf0e10cSrcweir while (! token.equals( s_closingBrace )) 487cdf0e10cSrcweir { 488cdf0e10cSrcweir if (! token.equals( s_permission )) 489cdf0e10cSrcweir reader.error( OUSTR("expected >permission< or closing brace >}<!") ); 490cdf0e10cSrcweir 491cdf0e10cSrcweir token = reader.assureToken(); // permission type 492cdf0e10cSrcweir Any perm; 493cdf0e10cSrcweir if (token.equals( s_filePermission )) // FilePermission 494cdf0e10cSrcweir { 495cdf0e10cSrcweir OUString url( reader.assureQuotedToken() ); 496cdf0e10cSrcweir reader.assureToken( ',' ); 497cdf0e10cSrcweir OUString actions( reader.assureQuotedToken() ); 498cdf0e10cSrcweir perm <<= io::FilePermission( url, actions ); 499cdf0e10cSrcweir } 500cdf0e10cSrcweir else if (token.equals( s_socketPermission )) // SocketPermission 501cdf0e10cSrcweir { 502cdf0e10cSrcweir OUString host( reader.assureQuotedToken() ); 503cdf0e10cSrcweir reader.assureToken( ',' ); 504cdf0e10cSrcweir OUString actions( reader.assureQuotedToken() ); 505cdf0e10cSrcweir perm <<= connection::SocketPermission( host, actions ); 506cdf0e10cSrcweir } 507cdf0e10cSrcweir else if (token.equals( s_runtimePermission )) // RuntimePermission 508cdf0e10cSrcweir { 509cdf0e10cSrcweir OUString name( reader.assureQuotedToken() ); 510cdf0e10cSrcweir perm <<= security::RuntimePermission( name ); 511cdf0e10cSrcweir } 512cdf0e10cSrcweir else if (token.equals( s_allPermission )) // AllPermission 513cdf0e10cSrcweir { 514cdf0e10cSrcweir perm <<= security::AllPermission(); 515cdf0e10cSrcweir } 516cdf0e10cSrcweir else 517cdf0e10cSrcweir { 518cdf0e10cSrcweir reader.error( OUSTR("expected permission type!") ); 519cdf0e10cSrcweir } 520cdf0e10cSrcweir 521cdf0e10cSrcweir reader.assureToken( ';' ); 522cdf0e10cSrcweir 523cdf0e10cSrcweir // insert 524cdf0e10cSrcweir if (userId.getLength()) 525cdf0e10cSrcweir { 526cdf0e10cSrcweir Sequence< Any > perms( userPermissions[ userId ] ); 527cdf0e10cSrcweir sal_Int32 len = perms.getLength(); 528cdf0e10cSrcweir perms.realloc( len +1 ); 529cdf0e10cSrcweir perms[ len ] = perm; 530cdf0e10cSrcweir userPermissions[ userId ] = perms; 531cdf0e10cSrcweir } 532cdf0e10cSrcweir else 533cdf0e10cSrcweir { 534cdf0e10cSrcweir sal_Int32 len = defaultPermissions.getLength(); 535cdf0e10cSrcweir defaultPermissions.realloc( len +1 ); 536cdf0e10cSrcweir defaultPermissions[ len ] = perm; 537cdf0e10cSrcweir } 538cdf0e10cSrcweir 539cdf0e10cSrcweir token = reader.assureToken(); // next permissions token 540cdf0e10cSrcweir } 541cdf0e10cSrcweir 542cdf0e10cSrcweir reader.assureToken( ';' ); // semi 543cdf0e10cSrcweir token = reader.getToken(); // next grant token 544cdf0e10cSrcweir } 545cdf0e10cSrcweir 546cdf0e10cSrcweir // assign new ones 547cdf0e10cSrcweir MutexGuard guard( m_mutex ); 548cdf0e10cSrcweir m_defaultPermissions = defaultPermissions; 549cdf0e10cSrcweir m_userPermissions = userPermissions; 550cdf0e10cSrcweir } 551cdf0e10cSrcweir 552cdf0e10cSrcweir //__________________________________________________________________________________________________ 553cdf0e10cSrcweir OUString FilePolicy::getImplementationName() 554cdf0e10cSrcweir throw (RuntimeException) 555cdf0e10cSrcweir { 556cdf0e10cSrcweir return s_implName; 557cdf0e10cSrcweir } 558cdf0e10cSrcweir //__________________________________________________________________________________________________ 559cdf0e10cSrcweir sal_Bool FilePolicy::supportsService( OUString const & serviceName ) 560cdf0e10cSrcweir throw (RuntimeException) 561cdf0e10cSrcweir { 562cdf0e10cSrcweir OUString const * pNames = s_serviceNames.getConstArray(); 563cdf0e10cSrcweir for ( sal_Int32 nPos = s_serviceNames.getLength(); nPos--; ) 564cdf0e10cSrcweir { 565cdf0e10cSrcweir if (serviceName.equals( pNames[ nPos ] )) 566cdf0e10cSrcweir { 567cdf0e10cSrcweir return sal_True; 568cdf0e10cSrcweir } 569cdf0e10cSrcweir } 570cdf0e10cSrcweir return sal_False; 571cdf0e10cSrcweir } 572cdf0e10cSrcweir //__________________________________________________________________________________________________ 573cdf0e10cSrcweir Sequence< OUString > FilePolicy::getSupportedServiceNames() 574cdf0e10cSrcweir throw (RuntimeException) 575cdf0e10cSrcweir { 576cdf0e10cSrcweir return s_serviceNames; 577cdf0e10cSrcweir } 578cdf0e10cSrcweir } 579cdf0e10cSrcweir //################################################################################################## 580cdf0e10cSrcweir namespace stoc_bootstrap 581cdf0e10cSrcweir { 582cdf0e10cSrcweir //-------------------------------------------------------------------------------------------------- 583cdf0e10cSrcweir Reference< XInterface > SAL_CALL filepolicy_create( 584cdf0e10cSrcweir Reference< XComponentContext > const & xComponentContext ) 585cdf0e10cSrcweir SAL_THROW( (Exception) ) 586cdf0e10cSrcweir { 587cdf0e10cSrcweir return (OWeakObject *)new stoc_sec::FilePolicy( xComponentContext ); 588cdf0e10cSrcweir } 589cdf0e10cSrcweir //-------------------------------------------------------------------------------------------------- 590cdf0e10cSrcweir Sequence< OUString > filepolicy_getSupportedServiceNames() SAL_THROW( () ) 591cdf0e10cSrcweir { 592cdf0e10cSrcweir return stoc_sec::s_serviceNames; 593cdf0e10cSrcweir } 594cdf0e10cSrcweir //-------------------------------------------------------------------------------------------------- 595cdf0e10cSrcweir OUString filepolicy_getImplementationName() SAL_THROW( () ) 596cdf0e10cSrcweir { 597cdf0e10cSrcweir return stoc_sec::s_implName; 598cdf0e10cSrcweir } 599cdf0e10cSrcweir } 600