1 /************************************************************************* 2 * 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * Copyright 2000, 2010 Oracle and/or its affiliates. 6 * 7 * OpenOffice.org - a multi-platform office productivity suite 8 * 9 * This file is part of OpenOffice.org. 10 * 11 * OpenOffice.org is free software: you can redistribute it and/or modify 12 * it under the terms of the GNU Lesser General Public License version 3 13 * only, as published by the Free Software Foundation. 14 * 15 * OpenOffice.org is distributed in the hope that it will be useful, 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18 * GNU Lesser General Public License version 3 for more details 19 * (a copy is included in the LICENSE file that accompanied this code). 20 * 21 * You should have received a copy of the GNU Lesser General Public License 22 * version 3 along with OpenOffice.org. If not, see 23 * <http://www.openoffice.org/license.html> 24 * for a copy of the LGPLv3 License. 25 * 26 ************************************************************************/ 27 28 29 #ifndef _FRAMEWORK_SCRIPT_SCRIPTSECURITYMANAGER_HXX_ 30 #define _FRAMEWORK_SCRIPT_SCRIPTSECURITYMANAGER_HXX_ 31 32 #include <hash_map> 33 #include <rtl/ustring.hxx> 34 #include <com/sun/star/uno/XComponentContext.hpp> 35 #include <com/sun/star/uno/RuntimeException.hpp> 36 #include <com/sun/star/lang/IllegalArgumentException.hpp> 37 #include <com/sun/star/security/AccessControlException.hpp> 38 #include <drafts/com/sun/star/script/framework/storage/XScriptInfo.hpp> 39 40 namespace scripting_securitymgr 41 { 42 // for simplification 43 #define css ::com::sun::star 44 #define dcsssf ::drafts::com::sun::star::script::framework 45 46 struct StoragePerm { 47 rtl::OUString scriptStorageURL; 48 sal_Int32 storageID; 49 sal_Bool execPermission; 50 }; 51 52 typedef ::std::hash_map< ::rtl::OUString, StoragePerm, ::rtl::OUStringHash, 53 ::std::equal_to< ::rtl::OUString > > Permission_Hash; 54 /** 55 * Class responsible for managing the ScriptSecurity. 56 */ 57 class ScriptSecurityManager 58 { 59 public: 60 explicit ScriptSecurityManager( 61 const css::uno::Reference< css::uno::XComponentContext > & xContext ) 62 throw ( css::uno::RuntimeException ); 63 ~ScriptSecurityManager(); 64 void addScriptStorage( rtl::OUString scriptStorageURL, sal_Int32 storageID) 65 throw ( css::uno::RuntimeException ); 66 /** 67 * checks to see if the requested permission can be granted 68 * checks to see whether the requested ScriptPeremission is allowed. 69 */ 70 void checkPermission( const rtl::OUString & scriptStorageURL, 71 const rtl::OUString & permissionRequest ) 72 throw ( css::uno::RuntimeException, css::lang::IllegalArgumentException, 73 css::security::AccessControlException ); 74 void removePermissionSettings ( ::rtl::OUString & scriptStorageURL ); 75 private: 76 void readConfiguration() throw (css::uno::RuntimeException); 77 78 short executeDialog ( const rtl::OUString & path ) 79 throw (css::uno::RuntimeException); 80 short executeStandardDialog() 81 throw ( css::uno::RuntimeException ); 82 short executePathDialog(const rtl::OUString & path) 83 throw ( css::uno::RuntimeException ); 84 85 void addToSecurePaths ( const rtl::OUString & path ) 86 throw (css::uno::RuntimeException); 87 bool isSecureURL( const rtl::OUString & path ); 88 css::uno::Reference< css::uno::XComponentContext > m_xContext; 89 sal_Bool m_confirmationRequired; 90 sal_Bool m_warning; 91 sal_Int32 m_runMacroSetting; 92 css::uno::Reference< css::lang::XMultiServiceFactory > m_xConfigProvFactory; 93 css::uno::Sequence< rtl::OUString > m_secureURL; 94 Permission_Hash m_permissionSettings; 95 96 }; 97 } // scripting_securitymgr 98 99 #endif //_FRAMEWORK_SCRIPT_SCRIPTSECURITYMANAGER_HXX_ 100