1 /************************************************************** 2 * 3 * Licensed to the Apache Software Foundation (ASF) under one 4 * or more contributor license agreements. See the NOTICE file 5 * distributed with this work for additional information 6 * regarding copyright ownership. The ASF licenses this file 7 * to you under the Apache License, Version 2.0 (the 8 * "License"); you may not use this file except in compliance 9 * with the License. You may obtain a copy of the License at 10 * 11 * http://www.apache.org/licenses/LICENSE-2.0 12 * 13 * Unless required by applicable law or agreed to in writing, 14 * software distributed under the License is distributed on an 15 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 * KIND, either express or implied. See the License for the 17 * specific language governing permissions and limitations 18 * under the License. 19 * 20 *************************************************************/ 21 22 23 #ifndef INCLUDED_unotools_SECURITYOPTIONS_HXX 24 #define INCLUDED_unotools_SECURITYOPTIONS_HXX 25 26 //_________________________________________________________________________________________________________________ 27 // includes 28 //_________________________________________________________________________________________________________________ 29 30 #include "unotools/unotoolsdllapi.h" 31 #include <sal/types.h> 32 #include <osl/mutex.hxx> 33 #include <com/sun/star/uno/Sequence.h> 34 #include <rtl/ustring.hxx> 35 #include <unotools/options.hxx> 36 37 //_________________________________________________________________________________________________________________ 38 // forward declarations 39 //_________________________________________________________________________________________________________________ 40 41 /*-************************************************************************************************************//** 42 @short forward declaration to our private date container implementation 43 @descr We use these class as internal member to support small memory requirements. 44 You can create the container if it is neccessary. The class which use these mechanism 45 is faster and smaller then a complete implementation! 46 *//*-*************************************************************************************************************/ 47 48 class SvtSecurityOptions_Impl; 49 50 //_________________________________________________________________________________________________________________ 51 // declarations 52 //_________________________________________________________________________________________________________________ 53 54 /*-************************************************************************************************************//** 55 @descr These values present modes to handle StarOffice basic scripts. 56 see GetBasicMode/SetBasicMode() for further informations 57 *//*-*************************************************************************************************************/ 58 59 enum EBasicSecurityMode 60 { 61 eNEVER_EXECUTE = 0, 62 eFROM_LIST = 1, 63 eALWAYS_EXECUTE = 2 64 }; 65 66 /*-************************************************************************************************************//** 67 @short collect informations about security features 68 @descr - 69 70 @implements - 71 @base - 72 73 @ATTENTION This class is partially threadsafe. 74 75 @devstatus ready to use 76 *//*-*************************************************************************************************************/ 77 78 class UNOTOOLS_DLLPUBLIC SvtSecurityOptions: public utl::detail::Options 79 { 80 //------------------------------------------------------------------------------------------------------------- 81 // public types 82 //------------------------------------------------------------------------------------------------------------- 83 public: 84 85 enum EOption 86 { 87 E_SECUREURLS, 88 E_BASICMODE, // xmlsec05 depricated 89 E_EXECUTEPLUGINS, // xmlsec05 depricated 90 E_WARNING, // xmlsec05 depricated 91 E_CONFIRMATION, // xmlsec05 depricated 92 E_DOCWARN_SAVEORSEND, 93 E_DOCWARN_SIGNING, 94 E_DOCWARN_PRINT, 95 E_DOCWARN_CREATEPDF, 96 E_DOCWARN_REMOVEPERSONALINFO, 97 E_DOCWARN_RECOMMENDPASSWORD, 98 E_MACRO_SECLEVEL, 99 E_MACRO_TRUSTEDAUTHORS, 100 E_MACRO_DISABLE, 101 E_CTRLCLICK_HYPERLINK 102 }; 103 104 enum MacroAction 105 { 106 MA_DONTRUN = 0, 107 MA_CONFIRM, 108 MA_RUN 109 }; 110 111 typedef ::com::sun::star::uno::Sequence< ::rtl::OUString > Certificate; 112 113 /* 114 // MT: Doesn't work for sequence... 115 struct Certificate 116 { 117 ::rtl::OUString SubjectName; 118 ::rtl::OUString SerialNumber; 119 ::rtl::OUString RawData; 120 }; 121 */ 122 123 //------------------------------------------------------------------------------------------------------------- 124 // public methods 125 //------------------------------------------------------------------------------------------------------------- 126 127 public: 128 129 //--------------------------------------------------------------------------------------------------------- 130 // constructor / destructor 131 //--------------------------------------------------------------------------------------------------------- 132 133 /*-****************************************************************************************************//** 134 @short standard constructor and destructor 135 @descr This will initialize an instance with default values. 136 We implement these class with a refcount mechanism! Every instance of this class increase it 137 at create and decrease it at delete time - but all instances use the same data container! 138 He is implemented as a static member ... 139 140 @seealso member m_nRefCount 141 @seealso member m_pDataContainer 142 143 @param - 144 @return - 145 146 @onerror - 147 *//*-*****************************************************************************************************/ 148 149 SvtSecurityOptions(); 150 virtual ~SvtSecurityOptions(); 151 152 //--------------------------------------------------------------------------------------------------------- 153 // interface 154 //--------------------------------------------------------------------------------------------------------- 155 156 /*-****************************************************************************************************//** 157 @short returns readonly state 158 @descr It can be called to get information about the readonly state of a provided item. 159 @seealso - 160 161 @param "eOption", specify, which item is queried 162 @return <TRUE/> if item is readonly; <FALSE/> otherwhise 163 164 @onerror No error should occurre! 165 *//*-*****************************************************************************************************/ 166 167 sal_Bool IsReadOnly( EOption eOption ) const ; 168 169 /*-****************************************************************************************************//** 170 @short interface methods to get and set value of config key "org.openoffice.Office.Common/Security/Scripting/SecureURL" 171 @descr These value displays the list of all trustworthy URLs. 172 zB.: file:/ => All scripts from the local file system including a LAN; 173 private:explorer => Scripts from the Explorer; 174 private:help => Scripts in the help system; 175 private:newmenu => Scripts that are executed by the commands File-New and AutoPilot; 176 private:schedule => Scripts of the scheduler; 177 private:searchfolder => Scripts of the searchfolder; 178 private:user => Scripts that are entered in the URL field. 179 @seealso - 180 181 @param "seqURLList", new values to set it in configuration. 182 @return The values which represent current state of internal variable. 183 184 @onerror No error should occurre! 185 *//*-*****************************************************************************************************/ 186 187 ::com::sun::star::uno::Sequence< ::rtl::OUString > GetSecureURLs( ) const ; 188 void SetSecureURLs( const ::com::sun::star::uno::Sequence< ::rtl::OUString >& seqURLList ) ; 189 190 /*-****************************************************************************************************//** 191 @short interface methods to get and set value of config key "org.openoffice.Office.Common/Security/Scripting/StarOfficeBasic" 192 @descr These value determines how StarOffice Basic scripts should be handled. 193 It exist 3 different modes: 194 0 = never execute 195 1 = from list 196 2 = always execute 197 198 @ATTENTION These methods don't check for valid or invalid values! 199 Our configuration server can do it ... but these implementation don't get any notifications 200 about wrong commits ...! 201 => If you set an invalid value - nothing will be changed. The information will lost. 202 203 @seealso enum EBasicSecurityMode 204 205 @param "eMode" to set new mode ... Value must defined as an enum of type EBasicSecurityMode! 206 @return An enum value, which present current mode. 207 208 @onerror No error should occurre! 209 *//*-*****************************************************************************************************/ 210 211 sal_Int32 GetMacroSecurityLevel ( ) const ; 212 void SetMacroSecurityLevel ( sal_Int32 _nLevel ) ; 213 214 sal_Bool IsMacroDisabled ( ) const ; 215 216 /*-****************************************************************************************************//** 217 @short special method to check an URL and his referer corresponding to ouer internal security cessation 218 @descr Give us an URL and his referer and we will say you if these url can be scripted or not! 219 220 @seealso - 221 222 @param "sURL" reference to URL for checking 223 @param "sReferer" reference to referer which whish to run script by given URL 224 @return sal_True if URL is secure or security is obsolete(!) or sal_False otherwise. 225 226 @onerror No error should occurre! 227 *//*-*****************************************************************************************************/ 228 229 sal_Bool IsSecureURL( const ::rtl::OUString& sURL , 230 const ::rtl::OUString& sReferer ) const ; 231 232 ::com::sun::star::uno::Sequence< Certificate > GetTrustedAuthors ( ) const ; 233 void SetTrustedAuthors ( const ::com::sun::star::uno::Sequence< Certificate >& rAuthors ) ; 234 sal_Bool IsTrustedAuthorsEnabled ( ) ; 235 236 // for bool options only! 237 bool IsOptionSet ( EOption eOption ) const ; 238 bool SetOption ( EOption eOption, bool bValue ) ; 239 bool IsOptionEnabled ( EOption eOption ) const ; 240 241 // xmlsec05 depricated methods 242 sal_Bool IsExecutePlugins() const; 243 void SetExecutePlugins( sal_Bool bSet ); 244 EBasicSecurityMode GetBasicMode( ) const ; 245 void SetBasicMode( EBasicSecurityMode eMode ) ; 246 sal_Bool IsWarningEnabled() const; 247 void SetWarningEnabled( sal_Bool bSet ); 248 sal_Bool IsConfirmationEnabled() const; 249 void SetConfirmationEnabled( sal_Bool bSet ); 250 251 //------------------------------------------------------------------------------------------------------------- 252 // private methods 253 //------------------------------------------------------------------------------------------------------------- 254 255 private: 256 257 /*-****************************************************************************************************//** 258 @short return a reference to a static mutex 259 @descr These class is partially threadsafe (for de-/initialization only). 260 All access methods are'nt safe! 261 We create a static mutex only for one ime and use at different times. 262 263 @seealso - 264 265 @param - 266 @return A reference to a static mutex member. 267 268 @onerror - 269 *//*-*****************************************************************************************************/ 270 271 UNOTOOLS_DLLPRIVATE static ::osl::Mutex& GetInitMutex(); 272 273 //------------------------------------------------------------------------------------------------------------- 274 // private member 275 //------------------------------------------------------------------------------------------------------------- 276 277 private: 278 279 /*Attention 280 281 Don't initialize these static member in these header! 282 a) Double dfined symbols will be detected ... 283 b) and unresolved externals exist at linking time. 284 Do it in your source only. 285 */ 286 287 static SvtSecurityOptions_Impl* m_pDataContainer ; /// impl. data container as dynamic pointer for smaller memory requirements! 288 static sal_Int32 m_nRefCount ; /// internal ref count mechanism 289 290 }; // class SvtSecurityOptions 291 292 #endif // #ifndef INCLUDED_unotools_SECURITYOPTIONS_HXX 293