1*647a425cSAndrew Rist /**************************************************************
2cdf0e10cSrcweir *
3*647a425cSAndrew Rist * Licensed to the Apache Software Foundation (ASF) under one
4*647a425cSAndrew Rist * or more contributor license agreements. See the NOTICE file
5*647a425cSAndrew Rist * distributed with this work for additional information
6*647a425cSAndrew Rist * regarding copyright ownership. The ASF licenses this file
7*647a425cSAndrew Rist * to you under the Apache License, Version 2.0 (the
8*647a425cSAndrew Rist * "License"); you may not use this file except in compliance
9*647a425cSAndrew Rist * with the License. You may obtain a copy of the License at
10*647a425cSAndrew Rist *
11*647a425cSAndrew Rist * http://www.apache.org/licenses/LICENSE-2.0
12*647a425cSAndrew Rist *
13*647a425cSAndrew Rist * Unless required by applicable law or agreed to in writing,
14*647a425cSAndrew Rist * software distributed under the License is distributed on an
15*647a425cSAndrew Rist * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16*647a425cSAndrew Rist * KIND, either express or implied. See the License for the
17*647a425cSAndrew Rist * specific language governing permissions and limitations
18*647a425cSAndrew Rist * under the License.
19*647a425cSAndrew Rist *
20*647a425cSAndrew Rist *************************************************************/
21*647a425cSAndrew Rist
22*647a425cSAndrew Rist
23cdf0e10cSrcweir
24cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove
25cdf0e10cSrcweir #include "precompiled_stoc.hxx"
26cdf0e10cSrcweir
27cdf0e10cSrcweir #include <hash_map>
28cdf0e10cSrcweir
29cdf0e10cSrcweir #include <osl/diagnose.h>
30cdf0e10cSrcweir #include <osl/file.h>
31cdf0e10cSrcweir #include <rtl/byteseq.hxx>
32cdf0e10cSrcweir #include <rtl/string.hxx>
33cdf0e10cSrcweir #include <rtl/ustrbuf.hxx>
34cdf0e10cSrcweir
35cdf0e10cSrcweir #include <cppuhelper/access_control.hxx>
36cdf0e10cSrcweir #include <cppuhelper/compbase2.hxx>
37cdf0e10cSrcweir #include <cppuhelper/implementationentry.hxx>
38cdf0e10cSrcweir
39cdf0e10cSrcweir #include <com/sun/star/lang/XServiceInfo.hpp>
40cdf0e10cSrcweir #include <com/sun/star/security/XAccessController.hpp>
41cdf0e10cSrcweir #include <com/sun/star/security/XPolicy.hpp>
42cdf0e10cSrcweir #include <com/sun/star/security/AllPermission.hpp>
43cdf0e10cSrcweir #include <com/sun/star/security/RuntimePermission.hpp>
44cdf0e10cSrcweir #include <com/sun/star/io/FilePermission.hpp>
45cdf0e10cSrcweir #include <com/sun/star/connection/SocketPermission.hpp>
46cdf0e10cSrcweir
47cdf0e10cSrcweir #define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) )
48cdf0e10cSrcweir #define SERVICE_NAME "com.sun.star.security.Policy"
49cdf0e10cSrcweir #define IMPL_NAME "com.sun.star.security.comp.stoc.FilePolicy"
50cdf0e10cSrcweir
51cdf0e10cSrcweir
52cdf0e10cSrcweir using namespace ::osl;
53cdf0e10cSrcweir using namespace ::rtl;
54cdf0e10cSrcweir using namespace ::cppu;
55cdf0e10cSrcweir using namespace ::com::sun::star;
56cdf0e10cSrcweir using namespace ::com::sun::star::uno;
57cdf0e10cSrcweir
58cdf0e10cSrcweir extern ::rtl_StandardModuleCount g_moduleCount;
59cdf0e10cSrcweir
60cdf0e10cSrcweir namespace stoc_sec
61cdf0e10cSrcweir {
62cdf0e10cSrcweir // static stuff initialized when loading lib
63cdf0e10cSrcweir static OUString s_implName = OUSTR(IMPL_NAME);
64cdf0e10cSrcweir static OUString s_serviceName = OUSTR(SERVICE_NAME);
65cdf0e10cSrcweir
66cdf0e10cSrcweir static Sequence< OUString > s_serviceNames = Sequence< OUString >( &s_serviceName, 1 );
67cdf0e10cSrcweir //##################################################################################################
68cdf0e10cSrcweir
69cdf0e10cSrcweir //--------------------------------------------------------------------------------------------------
dispose(Reference<XInterface> const & x)70cdf0e10cSrcweir static inline void dispose( Reference< XInterface > const & x )
71cdf0e10cSrcweir SAL_THROW( (RuntimeException) )
72cdf0e10cSrcweir {
73cdf0e10cSrcweir Reference< lang::XComponent > xComp( x, UNO_QUERY );
74cdf0e10cSrcweir if (xComp.is())
75cdf0e10cSrcweir {
76cdf0e10cSrcweir xComp->dispose();
77cdf0e10cSrcweir }
78cdf0e10cSrcweir }
79cdf0e10cSrcweir
80cdf0e10cSrcweir //##################################################################################################
81cdf0e10cSrcweir
82cdf0e10cSrcweir struct MutexHolder
83cdf0e10cSrcweir {
84cdf0e10cSrcweir Mutex m_mutex;
85cdf0e10cSrcweir };
86cdf0e10cSrcweir typedef WeakComponentImplHelper2< security::XPolicy, lang::XServiceInfo > t_helper;
87cdf0e10cSrcweir
88cdf0e10cSrcweir //==================================================================================================
89cdf0e10cSrcweir class FilePolicy
90cdf0e10cSrcweir : public MutexHolder
91cdf0e10cSrcweir , public t_helper
92cdf0e10cSrcweir {
93cdf0e10cSrcweir Reference< XComponentContext > m_xComponentContext;
94cdf0e10cSrcweir AccessControl m_ac;
95cdf0e10cSrcweir
96cdf0e10cSrcweir Sequence< Any > m_defaultPermissions;
97cdf0e10cSrcweir typedef std::hash_map< OUString, Sequence< Any >, OUStringHash > t_permissions;
98cdf0e10cSrcweir t_permissions m_userPermissions;
99cdf0e10cSrcweir bool m_init;
100cdf0e10cSrcweir
101cdf0e10cSrcweir protected:
102cdf0e10cSrcweir virtual void SAL_CALL disposing();
103cdf0e10cSrcweir
104cdf0e10cSrcweir public:
105cdf0e10cSrcweir FilePolicy( Reference< XComponentContext > const & xComponentContext )
106cdf0e10cSrcweir SAL_THROW( () );
107cdf0e10cSrcweir virtual ~FilePolicy()
108cdf0e10cSrcweir SAL_THROW( () );
109cdf0e10cSrcweir
110cdf0e10cSrcweir // XPolicy impl
111cdf0e10cSrcweir virtual Sequence< Any > SAL_CALL getPermissions(
112cdf0e10cSrcweir OUString const & userId )
113cdf0e10cSrcweir throw (RuntimeException);
114cdf0e10cSrcweir virtual Sequence< Any > SAL_CALL getDefaultPermissions()
115cdf0e10cSrcweir throw (RuntimeException);
116cdf0e10cSrcweir virtual void SAL_CALL refresh()
117cdf0e10cSrcweir throw (RuntimeException);
118cdf0e10cSrcweir
119cdf0e10cSrcweir // XServiceInfo impl
120cdf0e10cSrcweir virtual OUString SAL_CALL getImplementationName()
121cdf0e10cSrcweir throw (RuntimeException);
122cdf0e10cSrcweir virtual sal_Bool SAL_CALL supportsService( OUString const & serviceName )
123cdf0e10cSrcweir throw (RuntimeException);
124cdf0e10cSrcweir virtual Sequence< OUString > SAL_CALL getSupportedServiceNames()
125cdf0e10cSrcweir throw (RuntimeException);
126cdf0e10cSrcweir };
127cdf0e10cSrcweir //__________________________________________________________________________________________________
FilePolicy(Reference<XComponentContext> const & xComponentContext)128cdf0e10cSrcweir FilePolicy::FilePolicy( Reference< XComponentContext > const & xComponentContext )
129cdf0e10cSrcweir SAL_THROW( () )
130cdf0e10cSrcweir : t_helper( m_mutex )
131cdf0e10cSrcweir , m_xComponentContext( xComponentContext )
132cdf0e10cSrcweir , m_ac( xComponentContext )
133cdf0e10cSrcweir , m_init( false )
134cdf0e10cSrcweir {
135cdf0e10cSrcweir g_moduleCount.modCnt.acquire( &g_moduleCount.modCnt );
136cdf0e10cSrcweir }
137cdf0e10cSrcweir //__________________________________________________________________________________________________
~FilePolicy()138cdf0e10cSrcweir FilePolicy::~FilePolicy()
139cdf0e10cSrcweir SAL_THROW( () )
140cdf0e10cSrcweir {
141cdf0e10cSrcweir g_moduleCount.modCnt.release( &g_moduleCount.modCnt );
142cdf0e10cSrcweir }
143cdf0e10cSrcweir //__________________________________________________________________________________________________
disposing()144cdf0e10cSrcweir void FilePolicy::disposing()
145cdf0e10cSrcweir {
146cdf0e10cSrcweir m_userPermissions.clear();
147cdf0e10cSrcweir m_defaultPermissions = Sequence< Any >();
148cdf0e10cSrcweir m_xComponentContext.clear();
149cdf0e10cSrcweir }
150cdf0e10cSrcweir
151cdf0e10cSrcweir //__________________________________________________________________________________________________
getPermissions(OUString const & userId)152cdf0e10cSrcweir Sequence< Any > FilePolicy::getPermissions(
153cdf0e10cSrcweir OUString const & userId )
154cdf0e10cSrcweir throw (RuntimeException)
155cdf0e10cSrcweir {
156cdf0e10cSrcweir if (! m_init)
157cdf0e10cSrcweir {
158cdf0e10cSrcweir refresh();
159cdf0e10cSrcweir m_init = true;
160cdf0e10cSrcweir }
161cdf0e10cSrcweir
162cdf0e10cSrcweir MutexGuard guard( m_mutex );
163cdf0e10cSrcweir t_permissions::iterator iFind( m_userPermissions.find( userId ) );
164cdf0e10cSrcweir if (m_userPermissions.end() == iFind)
165cdf0e10cSrcweir {
166cdf0e10cSrcweir return Sequence< Any >();
167cdf0e10cSrcweir }
168cdf0e10cSrcweir else
169cdf0e10cSrcweir {
170cdf0e10cSrcweir return iFind->second;
171cdf0e10cSrcweir }
172cdf0e10cSrcweir }
173cdf0e10cSrcweir //__________________________________________________________________________________________________
getDefaultPermissions()174cdf0e10cSrcweir Sequence< Any > FilePolicy::getDefaultPermissions()
175cdf0e10cSrcweir throw (RuntimeException)
176cdf0e10cSrcweir {
177cdf0e10cSrcweir if (! m_init)
178cdf0e10cSrcweir {
179cdf0e10cSrcweir refresh();
180cdf0e10cSrcweir m_init = true;
181cdf0e10cSrcweir }
182cdf0e10cSrcweir
183cdf0e10cSrcweir MutexGuard guard( m_mutex );
184cdf0e10cSrcweir return m_defaultPermissions;
185cdf0e10cSrcweir }
186cdf0e10cSrcweir
187cdf0e10cSrcweir //==================================================================================================
188cdf0e10cSrcweir class PolicyReader
189cdf0e10cSrcweir {
190cdf0e10cSrcweir OUString m_fileName;
191cdf0e10cSrcweir oslFileHandle m_file;
192cdf0e10cSrcweir
193cdf0e10cSrcweir sal_Int32 m_linepos;
194cdf0e10cSrcweir ByteSequence m_line;
195cdf0e10cSrcweir sal_Int32 m_pos;
196cdf0e10cSrcweir sal_Unicode m_back;
197cdf0e10cSrcweir
198cdf0e10cSrcweir sal_Unicode get()
199cdf0e10cSrcweir SAL_THROW( (RuntimeException) );
back(sal_Unicode c)200cdf0e10cSrcweir inline void back( sal_Unicode c ) SAL_THROW( () )
201cdf0e10cSrcweir { m_back = c; }
202cdf0e10cSrcweir
isWhiteSpace(sal_Unicode c)203cdf0e10cSrcweir inline bool isWhiteSpace( sal_Unicode c ) SAL_THROW( () )
204cdf0e10cSrcweir { return (' ' == c || '\t' == c || '\n' == c || '\r' == c); }
205cdf0e10cSrcweir void skipWhiteSpace()
206cdf0e10cSrcweir SAL_THROW( (RuntimeException) );
207cdf0e10cSrcweir
isCharToken(sal_Unicode c)208cdf0e10cSrcweir inline bool isCharToken( sal_Unicode c ) SAL_THROW( () )
209cdf0e10cSrcweir { return (';' == c || ',' == c || '{' == c || '}' == c); }
210cdf0e10cSrcweir
211cdf0e10cSrcweir public:
212cdf0e10cSrcweir PolicyReader( OUString const & file, AccessControl & ac )
213cdf0e10cSrcweir SAL_THROW( (RuntimeException) );
214cdf0e10cSrcweir ~PolicyReader()
215cdf0e10cSrcweir SAL_THROW( () );
216cdf0e10cSrcweir
217cdf0e10cSrcweir void error( OUString const & msg )
218cdf0e10cSrcweir SAL_THROW( (RuntimeException) );
219cdf0e10cSrcweir
220cdf0e10cSrcweir OUString getToken()
221cdf0e10cSrcweir SAL_THROW( (RuntimeException) );
222cdf0e10cSrcweir OUString assureToken()
223cdf0e10cSrcweir SAL_THROW( (RuntimeException) );
224cdf0e10cSrcweir OUString getQuotedToken()
225cdf0e10cSrcweir SAL_THROW( (RuntimeException) );
226cdf0e10cSrcweir OUString assureQuotedToken()
227cdf0e10cSrcweir SAL_THROW( (RuntimeException) );
228cdf0e10cSrcweir void assureToken( sal_Unicode token )
229cdf0e10cSrcweir SAL_THROW( (RuntimeException) );
230cdf0e10cSrcweir };
231cdf0e10cSrcweir //__________________________________________________________________________________________________
assureToken(sal_Unicode token)232cdf0e10cSrcweir void PolicyReader::assureToken( sal_Unicode token )
233cdf0e10cSrcweir SAL_THROW( (RuntimeException) )
234cdf0e10cSrcweir {
235cdf0e10cSrcweir skipWhiteSpace();
236cdf0e10cSrcweir sal_Unicode c = get();
237cdf0e10cSrcweir if (c == token)
238cdf0e10cSrcweir return;
239cdf0e10cSrcweir OUStringBuffer buf( 16 );
240cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("expected >") );
241cdf0e10cSrcweir buf.append( c );
242cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("<!") );
243cdf0e10cSrcweir error( buf.makeStringAndClear() );
244cdf0e10cSrcweir }
245cdf0e10cSrcweir //__________________________________________________________________________________________________
assureQuotedToken()246cdf0e10cSrcweir OUString PolicyReader::assureQuotedToken()
247cdf0e10cSrcweir SAL_THROW( (RuntimeException) )
248cdf0e10cSrcweir {
249cdf0e10cSrcweir OUString token( getQuotedToken() );
250cdf0e10cSrcweir if (! token.getLength())
251cdf0e10cSrcweir error( OUSTR("unexpected end of file!") );
252cdf0e10cSrcweir return token;
253cdf0e10cSrcweir }
254cdf0e10cSrcweir //__________________________________________________________________________________________________
getQuotedToken()255cdf0e10cSrcweir OUString PolicyReader::getQuotedToken()
256cdf0e10cSrcweir SAL_THROW( (RuntimeException) )
257cdf0e10cSrcweir {
258cdf0e10cSrcweir skipWhiteSpace();
259cdf0e10cSrcweir OUStringBuffer buf( 32 );
260cdf0e10cSrcweir sal_Unicode c = get();
261cdf0e10cSrcweir if ('\"' != c)
262cdf0e10cSrcweir error( OUSTR("expected quoting >\"< character!") );
263cdf0e10cSrcweir c = get();
264cdf0e10cSrcweir while ('\0' != c && '\"' != c)
265cdf0e10cSrcweir {
266cdf0e10cSrcweir buf.append( c );
267cdf0e10cSrcweir c = get();
268cdf0e10cSrcweir }
269cdf0e10cSrcweir return buf.makeStringAndClear();
270cdf0e10cSrcweir }
271cdf0e10cSrcweir //__________________________________________________________________________________________________
assureToken()272cdf0e10cSrcweir OUString PolicyReader::assureToken()
273cdf0e10cSrcweir SAL_THROW( (RuntimeException) )
274cdf0e10cSrcweir {
275cdf0e10cSrcweir OUString token( getToken() );
276cdf0e10cSrcweir if (! token.getLength())
277cdf0e10cSrcweir error( OUSTR("unexpected end of file!") );
278cdf0e10cSrcweir return token;
279cdf0e10cSrcweir }
280cdf0e10cSrcweir //__________________________________________________________________________________________________
getToken()281cdf0e10cSrcweir OUString PolicyReader::getToken()
282cdf0e10cSrcweir SAL_THROW( (RuntimeException) )
283cdf0e10cSrcweir {
284cdf0e10cSrcweir skipWhiteSpace();
285cdf0e10cSrcweir sal_Unicode c = get();
286cdf0e10cSrcweir if (isCharToken( c ))
287cdf0e10cSrcweir return OUString( &c, 1 );
288cdf0e10cSrcweir OUStringBuffer buf( 32 );
289cdf0e10cSrcweir while ('\0' != c && !isCharToken( c ) && !isWhiteSpace( c ))
290cdf0e10cSrcweir {
291cdf0e10cSrcweir buf.append( c );
292cdf0e10cSrcweir c = get();
293cdf0e10cSrcweir }
294cdf0e10cSrcweir back( c );
295cdf0e10cSrcweir return buf.makeStringAndClear();
296cdf0e10cSrcweir }
297cdf0e10cSrcweir //__________________________________________________________________________________________________
skipWhiteSpace()298cdf0e10cSrcweir void PolicyReader::skipWhiteSpace()
299cdf0e10cSrcweir SAL_THROW( (RuntimeException) )
300cdf0e10cSrcweir {
301cdf0e10cSrcweir sal_Unicode c;
302cdf0e10cSrcweir do
303cdf0e10cSrcweir {
304cdf0e10cSrcweir c = get();
305cdf0e10cSrcweir }
306cdf0e10cSrcweir while (isWhiteSpace( c )); // seeking next non-whitespace char
307cdf0e10cSrcweir
308cdf0e10cSrcweir if ('/' == c) // C/C++ like comment
309cdf0e10cSrcweir {
310cdf0e10cSrcweir c = get();
311cdf0e10cSrcweir if ('/' == c) // C++ like comment
312cdf0e10cSrcweir {
313cdf0e10cSrcweir do
314cdf0e10cSrcweir {
315cdf0e10cSrcweir c = get();
316cdf0e10cSrcweir }
317cdf0e10cSrcweir while ('\n' != c && '\0' != c); // seek eol/eof
318cdf0e10cSrcweir skipWhiteSpace(); // cont skip on next line
319cdf0e10cSrcweir }
320cdf0e10cSrcweir else if ('*' == c) // C like comment
321cdf0e10cSrcweir {
322cdf0e10cSrcweir bool fini = true;
323cdf0e10cSrcweir do
324cdf0e10cSrcweir {
325cdf0e10cSrcweir c = get();
326cdf0e10cSrcweir if ('*' == c)
327cdf0e10cSrcweir {
328cdf0e10cSrcweir c = get();
329cdf0e10cSrcweir fini = ('/' == c || '\0' == c);
330cdf0e10cSrcweir }
331cdf0e10cSrcweir else
332cdf0e10cSrcweir {
333cdf0e10cSrcweir fini = ('\0' == c);
334cdf0e10cSrcweir }
335cdf0e10cSrcweir }
336cdf0e10cSrcweir while (! fini);
337cdf0e10cSrcweir skipWhiteSpace(); // cont skip on next line
338cdf0e10cSrcweir }
339cdf0e10cSrcweir else
340cdf0e10cSrcweir {
341cdf0e10cSrcweir error( OUSTR("expected C/C++ like comment!") );
342cdf0e10cSrcweir }
343cdf0e10cSrcweir }
344cdf0e10cSrcweir else if ('#' == c) // script like comment
345cdf0e10cSrcweir {
346cdf0e10cSrcweir do
347cdf0e10cSrcweir {
348cdf0e10cSrcweir c = get();
349cdf0e10cSrcweir }
350cdf0e10cSrcweir while ('\n' != c && '\0' != c); // seek eol/eof
351cdf0e10cSrcweir skipWhiteSpace(); // cont skip on next line
352cdf0e10cSrcweir }
353cdf0e10cSrcweir
354cdf0e10cSrcweir else // is token char
355cdf0e10cSrcweir {
356cdf0e10cSrcweir back( c );
357cdf0e10cSrcweir }
358cdf0e10cSrcweir }
359cdf0e10cSrcweir //__________________________________________________________________________________________________
get()360cdf0e10cSrcweir sal_Unicode PolicyReader::get()
361cdf0e10cSrcweir SAL_THROW( (RuntimeException) )
362cdf0e10cSrcweir {
363cdf0e10cSrcweir if ('\0' != m_back) // one char push back possible
364cdf0e10cSrcweir {
365cdf0e10cSrcweir sal_Unicode c = m_back;
366cdf0e10cSrcweir m_back = '\0';
367cdf0e10cSrcweir return c;
368cdf0e10cSrcweir }
369cdf0e10cSrcweir else if (m_pos == m_line.getLength()) // provide newline as whitespace
370cdf0e10cSrcweir {
371cdf0e10cSrcweir ++m_pos;
372cdf0e10cSrcweir return '\n';
373cdf0e10cSrcweir }
374cdf0e10cSrcweir else if (m_pos > m_line.getLength()) // read new line
375cdf0e10cSrcweir {
376cdf0e10cSrcweir sal_Bool eof;
377cdf0e10cSrcweir oslFileError rc = ::osl_isEndOfFile( m_file, &eof );
378cdf0e10cSrcweir if (osl_File_E_None != rc)
379cdf0e10cSrcweir error( OUSTR("checking eof failed!") );
380cdf0e10cSrcweir if (eof)
381cdf0e10cSrcweir return '\0';
382cdf0e10cSrcweir
383cdf0e10cSrcweir rc = ::osl_readLine( m_file, reinterpret_cast< sal_Sequence ** >( &m_line ) );
384cdf0e10cSrcweir if (osl_File_E_None != rc)
385cdf0e10cSrcweir error( OUSTR("read line failed!") );
386cdf0e10cSrcweir ++m_linepos;
387cdf0e10cSrcweir if (! m_line.getLength()) // empty line read
388cdf0e10cSrcweir {
389cdf0e10cSrcweir m_pos = 1; // read new line next time
390cdf0e10cSrcweir return '\n';
391cdf0e10cSrcweir }
392cdf0e10cSrcweir m_pos = 0;
393cdf0e10cSrcweir }
394cdf0e10cSrcweir return (m_line.getConstArray()[ m_pos++ ]);
395cdf0e10cSrcweir }
396cdf0e10cSrcweir //__________________________________________________________________________________________________
error(OUString const & msg)397cdf0e10cSrcweir void PolicyReader::error( OUString const & msg )
398cdf0e10cSrcweir SAL_THROW( (RuntimeException) )
399cdf0e10cSrcweir {
400cdf0e10cSrcweir OUStringBuffer buf( 32 );
401cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("error processing file \"") );
402cdf0e10cSrcweir buf.append( m_fileName );
403cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\" [line ") );
404cdf0e10cSrcweir buf.append( m_linepos );
405cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM(", column ") );
406cdf0e10cSrcweir buf.append( m_pos );
407cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("] ") );
408cdf0e10cSrcweir buf.append( msg );
409cdf0e10cSrcweir throw RuntimeException( buf.makeStringAndClear(), Reference< XInterface >() );
410cdf0e10cSrcweir }
411cdf0e10cSrcweir //__________________________________________________________________________________________________
PolicyReader(OUString const & fileName,AccessControl & ac)412cdf0e10cSrcweir PolicyReader::PolicyReader( OUString const & fileName, AccessControl & ac )
413cdf0e10cSrcweir SAL_THROW( (RuntimeException) )
414cdf0e10cSrcweir : m_fileName( fileName )
415cdf0e10cSrcweir , m_linepos( 0 )
416cdf0e10cSrcweir , m_pos( 1 ) // force readline
417cdf0e10cSrcweir , m_back( '\0' )
418cdf0e10cSrcweir {
419cdf0e10cSrcweir ac.checkFilePermission( m_fileName, OUSTR("read") );
420cdf0e10cSrcweir if (osl_File_E_None != ::osl_openFile( m_fileName.pData, &m_file, osl_File_OpenFlag_Read ))
421cdf0e10cSrcweir {
422cdf0e10cSrcweir OUStringBuffer buf( 32 );
423cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("cannot open file \"") );
424cdf0e10cSrcweir buf.append( m_fileName );
425cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\"!") );
426cdf0e10cSrcweir throw RuntimeException( buf.makeStringAndClear(), Reference< XInterface >() );
427cdf0e10cSrcweir }
428cdf0e10cSrcweir }
429cdf0e10cSrcweir //__________________________________________________________________________________________________
~PolicyReader()430cdf0e10cSrcweir PolicyReader::~PolicyReader()
431cdf0e10cSrcweir SAL_THROW( () )
432cdf0e10cSrcweir {
433cdf0e10cSrcweir if ( ::osl_closeFile( m_file ) != osl_File_E_None ) {
434cdf0e10cSrcweir OSL_ASSERT( false );
435cdf0e10cSrcweir }
436cdf0e10cSrcweir }
437cdf0e10cSrcweir
438cdf0e10cSrcweir static OUString s_grant = OUSTR("grant");
439cdf0e10cSrcweir static OUString s_user = OUSTR("user");
440cdf0e10cSrcweir static OUString s_permission = OUSTR("permission");
441cdf0e10cSrcweir static OUString s_openBrace = OUSTR("{");
442cdf0e10cSrcweir static OUString s_closingBrace = OUSTR("}");
443cdf0e10cSrcweir
444cdf0e10cSrcweir static OUString s_filePermission = OUSTR("com.sun.star.io.FilePermission");
445cdf0e10cSrcweir static OUString s_socketPermission = OUSTR("com.sun.star.connection.SocketPermission");
446cdf0e10cSrcweir static OUString s_runtimePermission = OUSTR("com.sun.star.security.RuntimePermission");
447cdf0e10cSrcweir static OUString s_allPermission = OUSTR("com.sun.star.security.AllPermission");
448cdf0e10cSrcweir
449cdf0e10cSrcweir //__________________________________________________________________________________________________
refresh()450cdf0e10cSrcweir void FilePolicy::refresh()
451cdf0e10cSrcweir throw (RuntimeException)
452cdf0e10cSrcweir {
453cdf0e10cSrcweir // read out file
454cdf0e10cSrcweir OUString fileName;
455cdf0e10cSrcweir m_xComponentContext->getValueByName(
456cdf0e10cSrcweir OUSTR("/implementations/" IMPL_NAME "/file-name") ) >>= fileName;
457cdf0e10cSrcweir if (! fileName.getLength())
458cdf0e10cSrcweir {
459cdf0e10cSrcweir throw RuntimeException(
460cdf0e10cSrcweir OUSTR("name of policy file unknown!"),
461cdf0e10cSrcweir (OWeakObject *)this );
462cdf0e10cSrcweir }
463cdf0e10cSrcweir
464cdf0e10cSrcweir PolicyReader reader( fileName, m_ac );
465cdf0e10cSrcweir
466cdf0e10cSrcweir // fill these two
467cdf0e10cSrcweir Sequence< Any > defaultPermissions;
468cdf0e10cSrcweir t_permissions userPermissions;
469cdf0e10cSrcweir
470cdf0e10cSrcweir OUString token( reader.getToken() );
471cdf0e10cSrcweir while (token.getLength())
472cdf0e10cSrcweir {
473cdf0e10cSrcweir if (! token.equals( s_grant ))
474cdf0e10cSrcweir reader.error( OUSTR("expected >grant< token!") );
475cdf0e10cSrcweir OUString userId;
476cdf0e10cSrcweir token = reader.assureToken();
477cdf0e10cSrcweir if (token.equals( s_user )) // next token is user-id
478cdf0e10cSrcweir {
479cdf0e10cSrcweir userId = reader.assureQuotedToken();
480cdf0e10cSrcweir token = reader.assureToken();
481cdf0e10cSrcweir }
482cdf0e10cSrcweir if (! token.equals( s_openBrace ))
483cdf0e10cSrcweir reader.error( OUSTR("expected opening brace >{<!") );
484cdf0e10cSrcweir token = reader.assureToken();
485cdf0e10cSrcweir // permissions list
486cdf0e10cSrcweir while (! token.equals( s_closingBrace ))
487cdf0e10cSrcweir {
488cdf0e10cSrcweir if (! token.equals( s_permission ))
489cdf0e10cSrcweir reader.error( OUSTR("expected >permission< or closing brace >}<!") );
490cdf0e10cSrcweir
491cdf0e10cSrcweir token = reader.assureToken(); // permission type
492cdf0e10cSrcweir Any perm;
493cdf0e10cSrcweir if (token.equals( s_filePermission )) // FilePermission
494cdf0e10cSrcweir {
495cdf0e10cSrcweir OUString url( reader.assureQuotedToken() );
496cdf0e10cSrcweir reader.assureToken( ',' );
497cdf0e10cSrcweir OUString actions( reader.assureQuotedToken() );
498cdf0e10cSrcweir perm <<= io::FilePermission( url, actions );
499cdf0e10cSrcweir }
500cdf0e10cSrcweir else if (token.equals( s_socketPermission )) // SocketPermission
501cdf0e10cSrcweir {
502cdf0e10cSrcweir OUString host( reader.assureQuotedToken() );
503cdf0e10cSrcweir reader.assureToken( ',' );
504cdf0e10cSrcweir OUString actions( reader.assureQuotedToken() );
505cdf0e10cSrcweir perm <<= connection::SocketPermission( host, actions );
506cdf0e10cSrcweir }
507cdf0e10cSrcweir else if (token.equals( s_runtimePermission )) // RuntimePermission
508cdf0e10cSrcweir {
509cdf0e10cSrcweir OUString name( reader.assureQuotedToken() );
510cdf0e10cSrcweir perm <<= security::RuntimePermission( name );
511cdf0e10cSrcweir }
512cdf0e10cSrcweir else if (token.equals( s_allPermission )) // AllPermission
513cdf0e10cSrcweir {
514cdf0e10cSrcweir perm <<= security::AllPermission();
515cdf0e10cSrcweir }
516cdf0e10cSrcweir else
517cdf0e10cSrcweir {
518cdf0e10cSrcweir reader.error( OUSTR("expected permission type!") );
519cdf0e10cSrcweir }
520cdf0e10cSrcweir
521cdf0e10cSrcweir reader.assureToken( ';' );
522cdf0e10cSrcweir
523cdf0e10cSrcweir // insert
524cdf0e10cSrcweir if (userId.getLength())
525cdf0e10cSrcweir {
526cdf0e10cSrcweir Sequence< Any > perms( userPermissions[ userId ] );
527cdf0e10cSrcweir sal_Int32 len = perms.getLength();
528cdf0e10cSrcweir perms.realloc( len +1 );
529cdf0e10cSrcweir perms[ len ] = perm;
530cdf0e10cSrcweir userPermissions[ userId ] = perms;
531cdf0e10cSrcweir }
532cdf0e10cSrcweir else
533cdf0e10cSrcweir {
534cdf0e10cSrcweir sal_Int32 len = defaultPermissions.getLength();
535cdf0e10cSrcweir defaultPermissions.realloc( len +1 );
536cdf0e10cSrcweir defaultPermissions[ len ] = perm;
537cdf0e10cSrcweir }
538cdf0e10cSrcweir
539cdf0e10cSrcweir token = reader.assureToken(); // next permissions token
540cdf0e10cSrcweir }
541cdf0e10cSrcweir
542cdf0e10cSrcweir reader.assureToken( ';' ); // semi
543cdf0e10cSrcweir token = reader.getToken(); // next grant token
544cdf0e10cSrcweir }
545cdf0e10cSrcweir
546cdf0e10cSrcweir // assign new ones
547cdf0e10cSrcweir MutexGuard guard( m_mutex );
548cdf0e10cSrcweir m_defaultPermissions = defaultPermissions;
549cdf0e10cSrcweir m_userPermissions = userPermissions;
550cdf0e10cSrcweir }
551cdf0e10cSrcweir
552cdf0e10cSrcweir //__________________________________________________________________________________________________
getImplementationName()553cdf0e10cSrcweir OUString FilePolicy::getImplementationName()
554cdf0e10cSrcweir throw (RuntimeException)
555cdf0e10cSrcweir {
556cdf0e10cSrcweir return s_implName;
557cdf0e10cSrcweir }
558cdf0e10cSrcweir //__________________________________________________________________________________________________
supportsService(OUString const & serviceName)559cdf0e10cSrcweir sal_Bool FilePolicy::supportsService( OUString const & serviceName )
560cdf0e10cSrcweir throw (RuntimeException)
561cdf0e10cSrcweir {
562cdf0e10cSrcweir OUString const * pNames = s_serviceNames.getConstArray();
563cdf0e10cSrcweir for ( sal_Int32 nPos = s_serviceNames.getLength(); nPos--; )
564cdf0e10cSrcweir {
565cdf0e10cSrcweir if (serviceName.equals( pNames[ nPos ] ))
566cdf0e10cSrcweir {
567cdf0e10cSrcweir return sal_True;
568cdf0e10cSrcweir }
569cdf0e10cSrcweir }
570cdf0e10cSrcweir return sal_False;
571cdf0e10cSrcweir }
572cdf0e10cSrcweir //__________________________________________________________________________________________________
getSupportedServiceNames()573cdf0e10cSrcweir Sequence< OUString > FilePolicy::getSupportedServiceNames()
574cdf0e10cSrcweir throw (RuntimeException)
575cdf0e10cSrcweir {
576cdf0e10cSrcweir return s_serviceNames;
577cdf0e10cSrcweir }
578cdf0e10cSrcweir }
579cdf0e10cSrcweir //##################################################################################################
580cdf0e10cSrcweir namespace stoc_bootstrap
581cdf0e10cSrcweir {
582cdf0e10cSrcweir //--------------------------------------------------------------------------------------------------
filepolicy_create(Reference<XComponentContext> const & xComponentContext)583cdf0e10cSrcweir Reference< XInterface > SAL_CALL filepolicy_create(
584cdf0e10cSrcweir Reference< XComponentContext > const & xComponentContext )
585cdf0e10cSrcweir SAL_THROW( (Exception) )
586cdf0e10cSrcweir {
587cdf0e10cSrcweir return (OWeakObject *)new stoc_sec::FilePolicy( xComponentContext );
588cdf0e10cSrcweir }
589cdf0e10cSrcweir //--------------------------------------------------------------------------------------------------
filepolicy_getSupportedServiceNames()590cdf0e10cSrcweir Sequence< OUString > filepolicy_getSupportedServiceNames() SAL_THROW( () )
591cdf0e10cSrcweir {
592cdf0e10cSrcweir return stoc_sec::s_serviceNames;
593cdf0e10cSrcweir }
594cdf0e10cSrcweir //--------------------------------------------------------------------------------------------------
filepolicy_getImplementationName()595cdf0e10cSrcweir OUString filepolicy_getImplementationName() SAL_THROW( () )
596cdf0e10cSrcweir {
597cdf0e10cSrcweir return stoc_sec::s_implName;
598cdf0e10cSrcweir }
599cdf0e10cSrcweir }
600