1*cdf0e10cSrcweir /************************************************************************* 2*cdf0e10cSrcweir * 3*cdf0e10cSrcweir * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4*cdf0e10cSrcweir * 5*cdf0e10cSrcweir * Copyright 2000, 2010 Oracle and/or its affiliates. 6*cdf0e10cSrcweir * 7*cdf0e10cSrcweir * OpenOffice.org - a multi-platform office productivity suite 8*cdf0e10cSrcweir * 9*cdf0e10cSrcweir * This file is part of OpenOffice.org. 10*cdf0e10cSrcweir * 11*cdf0e10cSrcweir * OpenOffice.org is free software: you can redistribute it and/or modify 12*cdf0e10cSrcweir * it under the terms of the GNU Lesser General Public License version 3 13*cdf0e10cSrcweir * only, as published by the Free Software Foundation. 14*cdf0e10cSrcweir * 15*cdf0e10cSrcweir * OpenOffice.org is distributed in the hope that it will be useful, 16*cdf0e10cSrcweir * but WITHOUT ANY WARRANTY; without even the implied warranty of 17*cdf0e10cSrcweir * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18*cdf0e10cSrcweir * GNU Lesser General Public License version 3 for more details 19*cdf0e10cSrcweir * (a copy is included in the LICENSE file that accompanied this code). 20*cdf0e10cSrcweir * 21*cdf0e10cSrcweir * You should have received a copy of the GNU Lesser General Public License 22*cdf0e10cSrcweir * version 3 along with OpenOffice.org. If not, see 23*cdf0e10cSrcweir * <http://www.openoffice.org/license.html> 24*cdf0e10cSrcweir * for a copy of the LGPLv3 License. 25*cdf0e10cSrcweir * 26*cdf0e10cSrcweir ************************************************************************/ 27*cdf0e10cSrcweir 28*cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove 29*cdf0e10cSrcweir #include "precompiled_stoc.hxx" 30*cdf0e10cSrcweir 31*cdf0e10cSrcweir #include <hash_map> 32*cdf0e10cSrcweir 33*cdf0e10cSrcweir #include <osl/diagnose.h> 34*cdf0e10cSrcweir #include <osl/file.h> 35*cdf0e10cSrcweir #include <rtl/byteseq.hxx> 36*cdf0e10cSrcweir #include <rtl/string.hxx> 37*cdf0e10cSrcweir #include <rtl/ustrbuf.hxx> 38*cdf0e10cSrcweir 39*cdf0e10cSrcweir #include <cppuhelper/access_control.hxx> 40*cdf0e10cSrcweir #include <cppuhelper/compbase2.hxx> 41*cdf0e10cSrcweir #include <cppuhelper/implementationentry.hxx> 42*cdf0e10cSrcweir 43*cdf0e10cSrcweir #include <com/sun/star/lang/XServiceInfo.hpp> 44*cdf0e10cSrcweir #include <com/sun/star/security/XAccessController.hpp> 45*cdf0e10cSrcweir #include <com/sun/star/security/XPolicy.hpp> 46*cdf0e10cSrcweir #include <com/sun/star/security/AllPermission.hpp> 47*cdf0e10cSrcweir #include <com/sun/star/security/RuntimePermission.hpp> 48*cdf0e10cSrcweir #include <com/sun/star/io/FilePermission.hpp> 49*cdf0e10cSrcweir #include <com/sun/star/connection/SocketPermission.hpp> 50*cdf0e10cSrcweir 51*cdf0e10cSrcweir #define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) ) 52*cdf0e10cSrcweir #define SERVICE_NAME "com.sun.star.security.Policy" 53*cdf0e10cSrcweir #define IMPL_NAME "com.sun.star.security.comp.stoc.FilePolicy" 54*cdf0e10cSrcweir 55*cdf0e10cSrcweir 56*cdf0e10cSrcweir using namespace ::osl; 57*cdf0e10cSrcweir using namespace ::rtl; 58*cdf0e10cSrcweir using namespace ::cppu; 59*cdf0e10cSrcweir using namespace ::com::sun::star; 60*cdf0e10cSrcweir using namespace ::com::sun::star::uno; 61*cdf0e10cSrcweir 62*cdf0e10cSrcweir extern ::rtl_StandardModuleCount g_moduleCount; 63*cdf0e10cSrcweir 64*cdf0e10cSrcweir namespace stoc_sec 65*cdf0e10cSrcweir { 66*cdf0e10cSrcweir // static stuff initialized when loading lib 67*cdf0e10cSrcweir static OUString s_implName = OUSTR(IMPL_NAME); 68*cdf0e10cSrcweir static OUString s_serviceName = OUSTR(SERVICE_NAME); 69*cdf0e10cSrcweir 70*cdf0e10cSrcweir static Sequence< OUString > s_serviceNames = Sequence< OUString >( &s_serviceName, 1 ); 71*cdf0e10cSrcweir //################################################################################################## 72*cdf0e10cSrcweir 73*cdf0e10cSrcweir //-------------------------------------------------------------------------------------------------- 74*cdf0e10cSrcweir static inline void dispose( Reference< XInterface > const & x ) 75*cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 76*cdf0e10cSrcweir { 77*cdf0e10cSrcweir Reference< lang::XComponent > xComp( x, UNO_QUERY ); 78*cdf0e10cSrcweir if (xComp.is()) 79*cdf0e10cSrcweir { 80*cdf0e10cSrcweir xComp->dispose(); 81*cdf0e10cSrcweir } 82*cdf0e10cSrcweir } 83*cdf0e10cSrcweir 84*cdf0e10cSrcweir //################################################################################################## 85*cdf0e10cSrcweir 86*cdf0e10cSrcweir struct MutexHolder 87*cdf0e10cSrcweir { 88*cdf0e10cSrcweir Mutex m_mutex; 89*cdf0e10cSrcweir }; 90*cdf0e10cSrcweir typedef WeakComponentImplHelper2< security::XPolicy, lang::XServiceInfo > t_helper; 91*cdf0e10cSrcweir 92*cdf0e10cSrcweir //================================================================================================== 93*cdf0e10cSrcweir class FilePolicy 94*cdf0e10cSrcweir : public MutexHolder 95*cdf0e10cSrcweir , public t_helper 96*cdf0e10cSrcweir { 97*cdf0e10cSrcweir Reference< XComponentContext > m_xComponentContext; 98*cdf0e10cSrcweir AccessControl m_ac; 99*cdf0e10cSrcweir 100*cdf0e10cSrcweir Sequence< Any > m_defaultPermissions; 101*cdf0e10cSrcweir typedef std::hash_map< OUString, Sequence< Any >, OUStringHash > t_permissions; 102*cdf0e10cSrcweir t_permissions m_userPermissions; 103*cdf0e10cSrcweir bool m_init; 104*cdf0e10cSrcweir 105*cdf0e10cSrcweir protected: 106*cdf0e10cSrcweir virtual void SAL_CALL disposing(); 107*cdf0e10cSrcweir 108*cdf0e10cSrcweir public: 109*cdf0e10cSrcweir FilePolicy( Reference< XComponentContext > const & xComponentContext ) 110*cdf0e10cSrcweir SAL_THROW( () ); 111*cdf0e10cSrcweir virtual ~FilePolicy() 112*cdf0e10cSrcweir SAL_THROW( () ); 113*cdf0e10cSrcweir 114*cdf0e10cSrcweir // XPolicy impl 115*cdf0e10cSrcweir virtual Sequence< Any > SAL_CALL getPermissions( 116*cdf0e10cSrcweir OUString const & userId ) 117*cdf0e10cSrcweir throw (RuntimeException); 118*cdf0e10cSrcweir virtual Sequence< Any > SAL_CALL getDefaultPermissions() 119*cdf0e10cSrcweir throw (RuntimeException); 120*cdf0e10cSrcweir virtual void SAL_CALL refresh() 121*cdf0e10cSrcweir throw (RuntimeException); 122*cdf0e10cSrcweir 123*cdf0e10cSrcweir // XServiceInfo impl 124*cdf0e10cSrcweir virtual OUString SAL_CALL getImplementationName() 125*cdf0e10cSrcweir throw (RuntimeException); 126*cdf0e10cSrcweir virtual sal_Bool SAL_CALL supportsService( OUString const & serviceName ) 127*cdf0e10cSrcweir throw (RuntimeException); 128*cdf0e10cSrcweir virtual Sequence< OUString > SAL_CALL getSupportedServiceNames() 129*cdf0e10cSrcweir throw (RuntimeException); 130*cdf0e10cSrcweir }; 131*cdf0e10cSrcweir //__________________________________________________________________________________________________ 132*cdf0e10cSrcweir FilePolicy::FilePolicy( Reference< XComponentContext > const & xComponentContext ) 133*cdf0e10cSrcweir SAL_THROW( () ) 134*cdf0e10cSrcweir : t_helper( m_mutex ) 135*cdf0e10cSrcweir , m_xComponentContext( xComponentContext ) 136*cdf0e10cSrcweir , m_ac( xComponentContext ) 137*cdf0e10cSrcweir , m_init( false ) 138*cdf0e10cSrcweir { 139*cdf0e10cSrcweir g_moduleCount.modCnt.acquire( &g_moduleCount.modCnt ); 140*cdf0e10cSrcweir } 141*cdf0e10cSrcweir //__________________________________________________________________________________________________ 142*cdf0e10cSrcweir FilePolicy::~FilePolicy() 143*cdf0e10cSrcweir SAL_THROW( () ) 144*cdf0e10cSrcweir { 145*cdf0e10cSrcweir g_moduleCount.modCnt.release( &g_moduleCount.modCnt ); 146*cdf0e10cSrcweir } 147*cdf0e10cSrcweir //__________________________________________________________________________________________________ 148*cdf0e10cSrcweir void FilePolicy::disposing() 149*cdf0e10cSrcweir { 150*cdf0e10cSrcweir m_userPermissions.clear(); 151*cdf0e10cSrcweir m_defaultPermissions = Sequence< Any >(); 152*cdf0e10cSrcweir m_xComponentContext.clear(); 153*cdf0e10cSrcweir } 154*cdf0e10cSrcweir 155*cdf0e10cSrcweir //__________________________________________________________________________________________________ 156*cdf0e10cSrcweir Sequence< Any > FilePolicy::getPermissions( 157*cdf0e10cSrcweir OUString const & userId ) 158*cdf0e10cSrcweir throw (RuntimeException) 159*cdf0e10cSrcweir { 160*cdf0e10cSrcweir if (! m_init) 161*cdf0e10cSrcweir { 162*cdf0e10cSrcweir refresh(); 163*cdf0e10cSrcweir m_init = true; 164*cdf0e10cSrcweir } 165*cdf0e10cSrcweir 166*cdf0e10cSrcweir MutexGuard guard( m_mutex ); 167*cdf0e10cSrcweir t_permissions::iterator iFind( m_userPermissions.find( userId ) ); 168*cdf0e10cSrcweir if (m_userPermissions.end() == iFind) 169*cdf0e10cSrcweir { 170*cdf0e10cSrcweir return Sequence< Any >(); 171*cdf0e10cSrcweir } 172*cdf0e10cSrcweir else 173*cdf0e10cSrcweir { 174*cdf0e10cSrcweir return iFind->second; 175*cdf0e10cSrcweir } 176*cdf0e10cSrcweir } 177*cdf0e10cSrcweir //__________________________________________________________________________________________________ 178*cdf0e10cSrcweir Sequence< Any > FilePolicy::getDefaultPermissions() 179*cdf0e10cSrcweir throw (RuntimeException) 180*cdf0e10cSrcweir { 181*cdf0e10cSrcweir if (! m_init) 182*cdf0e10cSrcweir { 183*cdf0e10cSrcweir refresh(); 184*cdf0e10cSrcweir m_init = true; 185*cdf0e10cSrcweir } 186*cdf0e10cSrcweir 187*cdf0e10cSrcweir MutexGuard guard( m_mutex ); 188*cdf0e10cSrcweir return m_defaultPermissions; 189*cdf0e10cSrcweir } 190*cdf0e10cSrcweir 191*cdf0e10cSrcweir //================================================================================================== 192*cdf0e10cSrcweir class PolicyReader 193*cdf0e10cSrcweir { 194*cdf0e10cSrcweir OUString m_fileName; 195*cdf0e10cSrcweir oslFileHandle m_file; 196*cdf0e10cSrcweir 197*cdf0e10cSrcweir sal_Int32 m_linepos; 198*cdf0e10cSrcweir ByteSequence m_line; 199*cdf0e10cSrcweir sal_Int32 m_pos; 200*cdf0e10cSrcweir sal_Unicode m_back; 201*cdf0e10cSrcweir 202*cdf0e10cSrcweir sal_Unicode get() 203*cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 204*cdf0e10cSrcweir inline void back( sal_Unicode c ) SAL_THROW( () ) 205*cdf0e10cSrcweir { m_back = c; } 206*cdf0e10cSrcweir 207*cdf0e10cSrcweir inline bool isWhiteSpace( sal_Unicode c ) SAL_THROW( () ) 208*cdf0e10cSrcweir { return (' ' == c || '\t' == c || '\n' == c || '\r' == c); } 209*cdf0e10cSrcweir void skipWhiteSpace() 210*cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 211*cdf0e10cSrcweir 212*cdf0e10cSrcweir inline bool isCharToken( sal_Unicode c ) SAL_THROW( () ) 213*cdf0e10cSrcweir { return (';' == c || ',' == c || '{' == c || '}' == c); } 214*cdf0e10cSrcweir 215*cdf0e10cSrcweir public: 216*cdf0e10cSrcweir PolicyReader( OUString const & file, AccessControl & ac ) 217*cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 218*cdf0e10cSrcweir ~PolicyReader() 219*cdf0e10cSrcweir SAL_THROW( () ); 220*cdf0e10cSrcweir 221*cdf0e10cSrcweir void error( OUString const & msg ) 222*cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 223*cdf0e10cSrcweir 224*cdf0e10cSrcweir OUString getToken() 225*cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 226*cdf0e10cSrcweir OUString assureToken() 227*cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 228*cdf0e10cSrcweir OUString getQuotedToken() 229*cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 230*cdf0e10cSrcweir OUString assureQuotedToken() 231*cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 232*cdf0e10cSrcweir void assureToken( sal_Unicode token ) 233*cdf0e10cSrcweir SAL_THROW( (RuntimeException) ); 234*cdf0e10cSrcweir }; 235*cdf0e10cSrcweir //__________________________________________________________________________________________________ 236*cdf0e10cSrcweir void PolicyReader::assureToken( sal_Unicode token ) 237*cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 238*cdf0e10cSrcweir { 239*cdf0e10cSrcweir skipWhiteSpace(); 240*cdf0e10cSrcweir sal_Unicode c = get(); 241*cdf0e10cSrcweir if (c == token) 242*cdf0e10cSrcweir return; 243*cdf0e10cSrcweir OUStringBuffer buf( 16 ); 244*cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("expected >") ); 245*cdf0e10cSrcweir buf.append( c ); 246*cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("<!") ); 247*cdf0e10cSrcweir error( buf.makeStringAndClear() ); 248*cdf0e10cSrcweir } 249*cdf0e10cSrcweir //__________________________________________________________________________________________________ 250*cdf0e10cSrcweir OUString PolicyReader::assureQuotedToken() 251*cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 252*cdf0e10cSrcweir { 253*cdf0e10cSrcweir OUString token( getQuotedToken() ); 254*cdf0e10cSrcweir if (! token.getLength()) 255*cdf0e10cSrcweir error( OUSTR("unexpected end of file!") ); 256*cdf0e10cSrcweir return token; 257*cdf0e10cSrcweir } 258*cdf0e10cSrcweir //__________________________________________________________________________________________________ 259*cdf0e10cSrcweir OUString PolicyReader::getQuotedToken() 260*cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 261*cdf0e10cSrcweir { 262*cdf0e10cSrcweir skipWhiteSpace(); 263*cdf0e10cSrcweir OUStringBuffer buf( 32 ); 264*cdf0e10cSrcweir sal_Unicode c = get(); 265*cdf0e10cSrcweir if ('\"' != c) 266*cdf0e10cSrcweir error( OUSTR("expected quoting >\"< character!") ); 267*cdf0e10cSrcweir c = get(); 268*cdf0e10cSrcweir while ('\0' != c && '\"' != c) 269*cdf0e10cSrcweir { 270*cdf0e10cSrcweir buf.append( c ); 271*cdf0e10cSrcweir c = get(); 272*cdf0e10cSrcweir } 273*cdf0e10cSrcweir return buf.makeStringAndClear(); 274*cdf0e10cSrcweir } 275*cdf0e10cSrcweir //__________________________________________________________________________________________________ 276*cdf0e10cSrcweir OUString PolicyReader::assureToken() 277*cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 278*cdf0e10cSrcweir { 279*cdf0e10cSrcweir OUString token( getToken() ); 280*cdf0e10cSrcweir if (! token.getLength()) 281*cdf0e10cSrcweir error( OUSTR("unexpected end of file!") ); 282*cdf0e10cSrcweir return token; 283*cdf0e10cSrcweir } 284*cdf0e10cSrcweir //__________________________________________________________________________________________________ 285*cdf0e10cSrcweir OUString PolicyReader::getToken() 286*cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 287*cdf0e10cSrcweir { 288*cdf0e10cSrcweir skipWhiteSpace(); 289*cdf0e10cSrcweir sal_Unicode c = get(); 290*cdf0e10cSrcweir if (isCharToken( c )) 291*cdf0e10cSrcweir return OUString( &c, 1 ); 292*cdf0e10cSrcweir OUStringBuffer buf( 32 ); 293*cdf0e10cSrcweir while ('\0' != c && !isCharToken( c ) && !isWhiteSpace( c )) 294*cdf0e10cSrcweir { 295*cdf0e10cSrcweir buf.append( c ); 296*cdf0e10cSrcweir c = get(); 297*cdf0e10cSrcweir } 298*cdf0e10cSrcweir back( c ); 299*cdf0e10cSrcweir return buf.makeStringAndClear(); 300*cdf0e10cSrcweir } 301*cdf0e10cSrcweir //__________________________________________________________________________________________________ 302*cdf0e10cSrcweir void PolicyReader::skipWhiteSpace() 303*cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 304*cdf0e10cSrcweir { 305*cdf0e10cSrcweir sal_Unicode c; 306*cdf0e10cSrcweir do 307*cdf0e10cSrcweir { 308*cdf0e10cSrcweir c = get(); 309*cdf0e10cSrcweir } 310*cdf0e10cSrcweir while (isWhiteSpace( c )); // seeking next non-whitespace char 311*cdf0e10cSrcweir 312*cdf0e10cSrcweir if ('/' == c) // C/C++ like comment 313*cdf0e10cSrcweir { 314*cdf0e10cSrcweir c = get(); 315*cdf0e10cSrcweir if ('/' == c) // C++ like comment 316*cdf0e10cSrcweir { 317*cdf0e10cSrcweir do 318*cdf0e10cSrcweir { 319*cdf0e10cSrcweir c = get(); 320*cdf0e10cSrcweir } 321*cdf0e10cSrcweir while ('\n' != c && '\0' != c); // seek eol/eof 322*cdf0e10cSrcweir skipWhiteSpace(); // cont skip on next line 323*cdf0e10cSrcweir } 324*cdf0e10cSrcweir else if ('*' == c) // C like comment 325*cdf0e10cSrcweir { 326*cdf0e10cSrcweir bool fini = true; 327*cdf0e10cSrcweir do 328*cdf0e10cSrcweir { 329*cdf0e10cSrcweir c = get(); 330*cdf0e10cSrcweir if ('*' == c) 331*cdf0e10cSrcweir { 332*cdf0e10cSrcweir c = get(); 333*cdf0e10cSrcweir fini = ('/' == c || '\0' == c); 334*cdf0e10cSrcweir } 335*cdf0e10cSrcweir else 336*cdf0e10cSrcweir { 337*cdf0e10cSrcweir fini = ('\0' == c); 338*cdf0e10cSrcweir } 339*cdf0e10cSrcweir } 340*cdf0e10cSrcweir while (! fini); 341*cdf0e10cSrcweir skipWhiteSpace(); // cont skip on next line 342*cdf0e10cSrcweir } 343*cdf0e10cSrcweir else 344*cdf0e10cSrcweir { 345*cdf0e10cSrcweir error( OUSTR("expected C/C++ like comment!") ); 346*cdf0e10cSrcweir } 347*cdf0e10cSrcweir } 348*cdf0e10cSrcweir else if ('#' == c) // script like comment 349*cdf0e10cSrcweir { 350*cdf0e10cSrcweir do 351*cdf0e10cSrcweir { 352*cdf0e10cSrcweir c = get(); 353*cdf0e10cSrcweir } 354*cdf0e10cSrcweir while ('\n' != c && '\0' != c); // seek eol/eof 355*cdf0e10cSrcweir skipWhiteSpace(); // cont skip on next line 356*cdf0e10cSrcweir } 357*cdf0e10cSrcweir 358*cdf0e10cSrcweir else // is token char 359*cdf0e10cSrcweir { 360*cdf0e10cSrcweir back( c ); 361*cdf0e10cSrcweir } 362*cdf0e10cSrcweir } 363*cdf0e10cSrcweir //__________________________________________________________________________________________________ 364*cdf0e10cSrcweir sal_Unicode PolicyReader::get() 365*cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 366*cdf0e10cSrcweir { 367*cdf0e10cSrcweir if ('\0' != m_back) // one char push back possible 368*cdf0e10cSrcweir { 369*cdf0e10cSrcweir sal_Unicode c = m_back; 370*cdf0e10cSrcweir m_back = '\0'; 371*cdf0e10cSrcweir return c; 372*cdf0e10cSrcweir } 373*cdf0e10cSrcweir else if (m_pos == m_line.getLength()) // provide newline as whitespace 374*cdf0e10cSrcweir { 375*cdf0e10cSrcweir ++m_pos; 376*cdf0e10cSrcweir return '\n'; 377*cdf0e10cSrcweir } 378*cdf0e10cSrcweir else if (m_pos > m_line.getLength()) // read new line 379*cdf0e10cSrcweir { 380*cdf0e10cSrcweir sal_Bool eof; 381*cdf0e10cSrcweir oslFileError rc = ::osl_isEndOfFile( m_file, &eof ); 382*cdf0e10cSrcweir if (osl_File_E_None != rc) 383*cdf0e10cSrcweir error( OUSTR("checking eof failed!") ); 384*cdf0e10cSrcweir if (eof) 385*cdf0e10cSrcweir return '\0'; 386*cdf0e10cSrcweir 387*cdf0e10cSrcweir rc = ::osl_readLine( m_file, reinterpret_cast< sal_Sequence ** >( &m_line ) ); 388*cdf0e10cSrcweir if (osl_File_E_None != rc) 389*cdf0e10cSrcweir error( OUSTR("read line failed!") ); 390*cdf0e10cSrcweir ++m_linepos; 391*cdf0e10cSrcweir if (! m_line.getLength()) // empty line read 392*cdf0e10cSrcweir { 393*cdf0e10cSrcweir m_pos = 1; // read new line next time 394*cdf0e10cSrcweir return '\n'; 395*cdf0e10cSrcweir } 396*cdf0e10cSrcweir m_pos = 0; 397*cdf0e10cSrcweir } 398*cdf0e10cSrcweir return (m_line.getConstArray()[ m_pos++ ]); 399*cdf0e10cSrcweir } 400*cdf0e10cSrcweir //__________________________________________________________________________________________________ 401*cdf0e10cSrcweir void PolicyReader::error( OUString const & msg ) 402*cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 403*cdf0e10cSrcweir { 404*cdf0e10cSrcweir OUStringBuffer buf( 32 ); 405*cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("error processing file \"") ); 406*cdf0e10cSrcweir buf.append( m_fileName ); 407*cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\" [line ") ); 408*cdf0e10cSrcweir buf.append( m_linepos ); 409*cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM(", column ") ); 410*cdf0e10cSrcweir buf.append( m_pos ); 411*cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("] ") ); 412*cdf0e10cSrcweir buf.append( msg ); 413*cdf0e10cSrcweir throw RuntimeException( buf.makeStringAndClear(), Reference< XInterface >() ); 414*cdf0e10cSrcweir } 415*cdf0e10cSrcweir //__________________________________________________________________________________________________ 416*cdf0e10cSrcweir PolicyReader::PolicyReader( OUString const & fileName, AccessControl & ac ) 417*cdf0e10cSrcweir SAL_THROW( (RuntimeException) ) 418*cdf0e10cSrcweir : m_fileName( fileName ) 419*cdf0e10cSrcweir , m_linepos( 0 ) 420*cdf0e10cSrcweir , m_pos( 1 ) // force readline 421*cdf0e10cSrcweir , m_back( '\0' ) 422*cdf0e10cSrcweir { 423*cdf0e10cSrcweir ac.checkFilePermission( m_fileName, OUSTR("read") ); 424*cdf0e10cSrcweir if (osl_File_E_None != ::osl_openFile( m_fileName.pData, &m_file, osl_File_OpenFlag_Read )) 425*cdf0e10cSrcweir { 426*cdf0e10cSrcweir OUStringBuffer buf( 32 ); 427*cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("cannot open file \"") ); 428*cdf0e10cSrcweir buf.append( m_fileName ); 429*cdf0e10cSrcweir buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\"!") ); 430*cdf0e10cSrcweir throw RuntimeException( buf.makeStringAndClear(), Reference< XInterface >() ); 431*cdf0e10cSrcweir } 432*cdf0e10cSrcweir } 433*cdf0e10cSrcweir //__________________________________________________________________________________________________ 434*cdf0e10cSrcweir PolicyReader::~PolicyReader() 435*cdf0e10cSrcweir SAL_THROW( () ) 436*cdf0e10cSrcweir { 437*cdf0e10cSrcweir if ( ::osl_closeFile( m_file ) != osl_File_E_None ) { 438*cdf0e10cSrcweir OSL_ASSERT( false ); 439*cdf0e10cSrcweir } 440*cdf0e10cSrcweir } 441*cdf0e10cSrcweir 442*cdf0e10cSrcweir static OUString s_grant = OUSTR("grant"); 443*cdf0e10cSrcweir static OUString s_user = OUSTR("user"); 444*cdf0e10cSrcweir static OUString s_permission = OUSTR("permission"); 445*cdf0e10cSrcweir static OUString s_openBrace = OUSTR("{"); 446*cdf0e10cSrcweir static OUString s_closingBrace = OUSTR("}"); 447*cdf0e10cSrcweir 448*cdf0e10cSrcweir static OUString s_filePermission = OUSTR("com.sun.star.io.FilePermission"); 449*cdf0e10cSrcweir static OUString s_socketPermission = OUSTR("com.sun.star.connection.SocketPermission"); 450*cdf0e10cSrcweir static OUString s_runtimePermission = OUSTR("com.sun.star.security.RuntimePermission"); 451*cdf0e10cSrcweir static OUString s_allPermission = OUSTR("com.sun.star.security.AllPermission"); 452*cdf0e10cSrcweir 453*cdf0e10cSrcweir //__________________________________________________________________________________________________ 454*cdf0e10cSrcweir void FilePolicy::refresh() 455*cdf0e10cSrcweir throw (RuntimeException) 456*cdf0e10cSrcweir { 457*cdf0e10cSrcweir // read out file 458*cdf0e10cSrcweir OUString fileName; 459*cdf0e10cSrcweir m_xComponentContext->getValueByName( 460*cdf0e10cSrcweir OUSTR("/implementations/" IMPL_NAME "/file-name") ) >>= fileName; 461*cdf0e10cSrcweir if (! fileName.getLength()) 462*cdf0e10cSrcweir { 463*cdf0e10cSrcweir throw RuntimeException( 464*cdf0e10cSrcweir OUSTR("name of policy file unknown!"), 465*cdf0e10cSrcweir (OWeakObject *)this ); 466*cdf0e10cSrcweir } 467*cdf0e10cSrcweir 468*cdf0e10cSrcweir PolicyReader reader( fileName, m_ac ); 469*cdf0e10cSrcweir 470*cdf0e10cSrcweir // fill these two 471*cdf0e10cSrcweir Sequence< Any > defaultPermissions; 472*cdf0e10cSrcweir t_permissions userPermissions; 473*cdf0e10cSrcweir 474*cdf0e10cSrcweir OUString token( reader.getToken() ); 475*cdf0e10cSrcweir while (token.getLength()) 476*cdf0e10cSrcweir { 477*cdf0e10cSrcweir if (! token.equals( s_grant )) 478*cdf0e10cSrcweir reader.error( OUSTR("expected >grant< token!") ); 479*cdf0e10cSrcweir OUString userId; 480*cdf0e10cSrcweir token = reader.assureToken(); 481*cdf0e10cSrcweir if (token.equals( s_user )) // next token is user-id 482*cdf0e10cSrcweir { 483*cdf0e10cSrcweir userId = reader.assureQuotedToken(); 484*cdf0e10cSrcweir token = reader.assureToken(); 485*cdf0e10cSrcweir } 486*cdf0e10cSrcweir if (! token.equals( s_openBrace )) 487*cdf0e10cSrcweir reader.error( OUSTR("expected opening brace >{<!") ); 488*cdf0e10cSrcweir token = reader.assureToken(); 489*cdf0e10cSrcweir // permissions list 490*cdf0e10cSrcweir while (! token.equals( s_closingBrace )) 491*cdf0e10cSrcweir { 492*cdf0e10cSrcweir if (! token.equals( s_permission )) 493*cdf0e10cSrcweir reader.error( OUSTR("expected >permission< or closing brace >}<!") ); 494*cdf0e10cSrcweir 495*cdf0e10cSrcweir token = reader.assureToken(); // permission type 496*cdf0e10cSrcweir Any perm; 497*cdf0e10cSrcweir if (token.equals( s_filePermission )) // FilePermission 498*cdf0e10cSrcweir { 499*cdf0e10cSrcweir OUString url( reader.assureQuotedToken() ); 500*cdf0e10cSrcweir reader.assureToken( ',' ); 501*cdf0e10cSrcweir OUString actions( reader.assureQuotedToken() ); 502*cdf0e10cSrcweir perm <<= io::FilePermission( url, actions ); 503*cdf0e10cSrcweir } 504*cdf0e10cSrcweir else if (token.equals( s_socketPermission )) // SocketPermission 505*cdf0e10cSrcweir { 506*cdf0e10cSrcweir OUString host( reader.assureQuotedToken() ); 507*cdf0e10cSrcweir reader.assureToken( ',' ); 508*cdf0e10cSrcweir OUString actions( reader.assureQuotedToken() ); 509*cdf0e10cSrcweir perm <<= connection::SocketPermission( host, actions ); 510*cdf0e10cSrcweir } 511*cdf0e10cSrcweir else if (token.equals( s_runtimePermission )) // RuntimePermission 512*cdf0e10cSrcweir { 513*cdf0e10cSrcweir OUString name( reader.assureQuotedToken() ); 514*cdf0e10cSrcweir perm <<= security::RuntimePermission( name ); 515*cdf0e10cSrcweir } 516*cdf0e10cSrcweir else if (token.equals( s_allPermission )) // AllPermission 517*cdf0e10cSrcweir { 518*cdf0e10cSrcweir perm <<= security::AllPermission(); 519*cdf0e10cSrcweir } 520*cdf0e10cSrcweir else 521*cdf0e10cSrcweir { 522*cdf0e10cSrcweir reader.error( OUSTR("expected permission type!") ); 523*cdf0e10cSrcweir } 524*cdf0e10cSrcweir 525*cdf0e10cSrcweir reader.assureToken( ';' ); 526*cdf0e10cSrcweir 527*cdf0e10cSrcweir // insert 528*cdf0e10cSrcweir if (userId.getLength()) 529*cdf0e10cSrcweir { 530*cdf0e10cSrcweir Sequence< Any > perms( userPermissions[ userId ] ); 531*cdf0e10cSrcweir sal_Int32 len = perms.getLength(); 532*cdf0e10cSrcweir perms.realloc( len +1 ); 533*cdf0e10cSrcweir perms[ len ] = perm; 534*cdf0e10cSrcweir userPermissions[ userId ] = perms; 535*cdf0e10cSrcweir } 536*cdf0e10cSrcweir else 537*cdf0e10cSrcweir { 538*cdf0e10cSrcweir sal_Int32 len = defaultPermissions.getLength(); 539*cdf0e10cSrcweir defaultPermissions.realloc( len +1 ); 540*cdf0e10cSrcweir defaultPermissions[ len ] = perm; 541*cdf0e10cSrcweir } 542*cdf0e10cSrcweir 543*cdf0e10cSrcweir token = reader.assureToken(); // next permissions token 544*cdf0e10cSrcweir } 545*cdf0e10cSrcweir 546*cdf0e10cSrcweir reader.assureToken( ';' ); // semi 547*cdf0e10cSrcweir token = reader.getToken(); // next grant token 548*cdf0e10cSrcweir } 549*cdf0e10cSrcweir 550*cdf0e10cSrcweir // assign new ones 551*cdf0e10cSrcweir MutexGuard guard( m_mutex ); 552*cdf0e10cSrcweir m_defaultPermissions = defaultPermissions; 553*cdf0e10cSrcweir m_userPermissions = userPermissions; 554*cdf0e10cSrcweir } 555*cdf0e10cSrcweir 556*cdf0e10cSrcweir //__________________________________________________________________________________________________ 557*cdf0e10cSrcweir OUString FilePolicy::getImplementationName() 558*cdf0e10cSrcweir throw (RuntimeException) 559*cdf0e10cSrcweir { 560*cdf0e10cSrcweir return s_implName; 561*cdf0e10cSrcweir } 562*cdf0e10cSrcweir //__________________________________________________________________________________________________ 563*cdf0e10cSrcweir sal_Bool FilePolicy::supportsService( OUString const & serviceName ) 564*cdf0e10cSrcweir throw (RuntimeException) 565*cdf0e10cSrcweir { 566*cdf0e10cSrcweir OUString const * pNames = s_serviceNames.getConstArray(); 567*cdf0e10cSrcweir for ( sal_Int32 nPos = s_serviceNames.getLength(); nPos--; ) 568*cdf0e10cSrcweir { 569*cdf0e10cSrcweir if (serviceName.equals( pNames[ nPos ] )) 570*cdf0e10cSrcweir { 571*cdf0e10cSrcweir return sal_True; 572*cdf0e10cSrcweir } 573*cdf0e10cSrcweir } 574*cdf0e10cSrcweir return sal_False; 575*cdf0e10cSrcweir } 576*cdf0e10cSrcweir //__________________________________________________________________________________________________ 577*cdf0e10cSrcweir Sequence< OUString > FilePolicy::getSupportedServiceNames() 578*cdf0e10cSrcweir throw (RuntimeException) 579*cdf0e10cSrcweir { 580*cdf0e10cSrcweir return s_serviceNames; 581*cdf0e10cSrcweir } 582*cdf0e10cSrcweir } 583*cdf0e10cSrcweir //################################################################################################## 584*cdf0e10cSrcweir namespace stoc_bootstrap 585*cdf0e10cSrcweir { 586*cdf0e10cSrcweir //-------------------------------------------------------------------------------------------------- 587*cdf0e10cSrcweir Reference< XInterface > SAL_CALL filepolicy_create( 588*cdf0e10cSrcweir Reference< XComponentContext > const & xComponentContext ) 589*cdf0e10cSrcweir SAL_THROW( (Exception) ) 590*cdf0e10cSrcweir { 591*cdf0e10cSrcweir return (OWeakObject *)new stoc_sec::FilePolicy( xComponentContext ); 592*cdf0e10cSrcweir } 593*cdf0e10cSrcweir //-------------------------------------------------------------------------------------------------- 594*cdf0e10cSrcweir Sequence< OUString > filepolicy_getSupportedServiceNames() SAL_THROW( () ) 595*cdf0e10cSrcweir { 596*cdf0e10cSrcweir return stoc_sec::s_serviceNames; 597*cdf0e10cSrcweir } 598*cdf0e10cSrcweir //-------------------------------------------------------------------------------------------------- 599*cdf0e10cSrcweir OUString filepolicy_getImplementationName() SAL_THROW( () ) 600*cdf0e10cSrcweir { 601*cdf0e10cSrcweir return stoc_sec::s_implName; 602*cdf0e10cSrcweir } 603*cdf0e10cSrcweir } 604