1*cdf0e10cSrcweir/************************************************************************* 2*cdf0e10cSrcweir * 3*cdf0e10cSrcweir * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4*cdf0e10cSrcweir * 5*cdf0e10cSrcweir * Copyright 2000, 2010 Oracle and/or its affiliates. 6*cdf0e10cSrcweir * 7*cdf0e10cSrcweir * OpenOffice.org - a multi-platform office productivity suite 8*cdf0e10cSrcweir * 9*cdf0e10cSrcweir * This file is part of OpenOffice.org. 10*cdf0e10cSrcweir * 11*cdf0e10cSrcweir * OpenOffice.org is free software: you can redistribute it and/or modify 12*cdf0e10cSrcweir * it under the terms of the GNU Lesser General Public License version 3 13*cdf0e10cSrcweir * only, as published by the Free Software Foundation. 14*cdf0e10cSrcweir * 15*cdf0e10cSrcweir * OpenOffice.org is distributed in the hope that it will be useful, 16*cdf0e10cSrcweir * but WITHOUT ANY WARRANTY; without even the implied warranty of 17*cdf0e10cSrcweir * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18*cdf0e10cSrcweir * GNU Lesser General Public License version 3 for more details 19*cdf0e10cSrcweir * (a copy is included in the LICENSE file that accompanied this code). 20*cdf0e10cSrcweir * 21*cdf0e10cSrcweir * You should have received a copy of the GNU Lesser General Public License 22*cdf0e10cSrcweir * version 3 along with OpenOffice.org. If not, see 23*cdf0e10cSrcweir * <http://www.openoffice.org/license.html> 24*cdf0e10cSrcweir * for a copy of the LGPLv3 License. 25*cdf0e10cSrcweir * 26*cdf0e10cSrcweir ************************************************************************/ 27*cdf0e10cSrcweir#ifndef __com_sun_star_security_XAccessController_idl__ 28*cdf0e10cSrcweir#define __com_sun_star_security_XAccessController_idl__ 29*cdf0e10cSrcweir 30*cdf0e10cSrcweir#ifndef __com_sun_star_uno_XInterface_idl__ 31*cdf0e10cSrcweir#include <com/sun/star/uno/XInterface.idl> 32*cdf0e10cSrcweir#endif 33*cdf0e10cSrcweir#ifndef __com_sun_star_security_XAccessControlContext_idl__ 34*cdf0e10cSrcweir#include <com/sun/star/security/XAccessControlContext.idl> 35*cdf0e10cSrcweir#endif 36*cdf0e10cSrcweir 37*cdf0e10cSrcweir#ifndef __com_sun_star_security_XAction_idl__ 38*cdf0e10cSrcweir#include <com/sun/star/security/XAction.idl> 39*cdf0e10cSrcweir#endif 40*cdf0e10cSrcweir 41*cdf0e10cSrcweir#ifndef __com_sun_star_security_AccessControlException_idl__ 42*cdf0e10cSrcweir#include <com/sun/star/security/AccessControlException.idl> 43*cdf0e10cSrcweir#endif 44*cdf0e10cSrcweir 45*cdf0e10cSrcweir 46*cdf0e10cSrcweir//============================================================================= 47*cdf0e10cSrcweir 48*cdf0e10cSrcweirmodule com { module sun { module star { module security { 49*cdf0e10cSrcweir 50*cdf0e10cSrcweir//============================================================================= 51*cdf0e10cSrcweir 52*cdf0e10cSrcweir/** Interface for checking permissions and invoking privileged or restricted 53*cdf0e10cSrcweir actions. 54*cdf0e10cSrcweir 55*cdf0e10cSrcweir @since OOo 1.1.2 56*cdf0e10cSrcweir*/ 57*cdf0e10cSrcweirpublished interface XAccessController : com::sun::star::uno::XInterface 58*cdf0e10cSrcweir{ 59*cdf0e10cSrcweir /** Determines whether the access request indicated by the specified 60*cdf0e10cSrcweir permission should be allowed or denied, based on the security policy 61*cdf0e10cSrcweir currently in effect. 62*cdf0e10cSrcweir The semantics are equivalent to the security permission classes of 63*cdf0e10cSrcweir the Java platform. 64*cdf0e10cSrcweir <p> 65*cdf0e10cSrcweir You can also pass a sequence of permissions (sequence< any >) to check 66*cdf0e10cSrcweir a set of permissions, e.g. for performance reasons. 67*cdf0e10cSrcweir This method quietly returns if the access request is permitted, 68*cdf0e10cSrcweir or throws a suitable AccessControlException otherwise. 69*cdf0e10cSrcweir </p> 70*cdf0e10cSrcweir 71*cdf0e10cSrcweir @param perm 72*cdf0e10cSrcweir permission to be checked 73*cdf0e10cSrcweir 74*cdf0e10cSrcweir @throws AccessControlException 75*cdf0e10cSrcweir thrown if access is denied 76*cdf0e10cSrcweir 77*cdf0e10cSrcweir @see ::com::sun::star::security::AccessControlException 78*cdf0e10cSrcweir @see ::com::sun::star::security::AllPermission 79*cdf0e10cSrcweir @see ::com::sun::star::security::RuntimePermission 80*cdf0e10cSrcweir @see ::com::sun::star::io::FilePermission 81*cdf0e10cSrcweir @see ::com::sun::star::connection::SocketPermission 82*cdf0e10cSrcweir */ 83*cdf0e10cSrcweir void checkPermission( 84*cdf0e10cSrcweir [in] any perm ) 85*cdf0e10cSrcweir raises (AccessControlException); 86*cdf0e10cSrcweir 87*cdf0e10cSrcweir /** Perform the specified action restricting permissions to the given 88*cdf0e10cSrcweir XAccessControlContext. 89*cdf0e10cSrcweir The action is performed with the intersection of the permissions of the currently installed 90*cdf0e10cSrcweir XAccessControlContext, the given XAccessControlContext and the security policy currently 91*cdf0e10cSrcweir in effect. The latter includes static security, e.g. based on user credentials. 92*cdf0e10cSrcweir <p> 93*cdf0e10cSrcweir If the specified XAccessControlContext is null, then the action is performed 94*cdf0e10cSrcweir with unmodified permissions, i.e. the call makes no sense. 95*cdf0e10cSrcweir </p> 96*cdf0e10cSrcweir 97*cdf0e10cSrcweir @param action 98*cdf0e10cSrcweir action object to be executed 99*cdf0e10cSrcweir @param restriction 100*cdf0e10cSrcweir access control context to restrict permission; null for no restriction 101*cdf0e10cSrcweir @return 102*cdf0e10cSrcweir result 103*cdf0e10cSrcweir @throws com::sun::star::uno::Exception 104*cdf0e10cSrcweir any UNO exception may be thrown 105*cdf0e10cSrcweir */ 106*cdf0e10cSrcweir any doRestricted( 107*cdf0e10cSrcweir [in] XAction action, 108*cdf0e10cSrcweir [in] XAccessControlContext restriction ) 109*cdf0e10cSrcweir raises (com::sun::star::uno::Exception); 110*cdf0e10cSrcweir 111*cdf0e10cSrcweir /** Perform the specified action adding a set of permissions defined by the given 112*cdf0e10cSrcweir XAccessControlContext. 113*cdf0e10cSrcweir The action is performed with the union of the permissions of the currently installed 114*cdf0e10cSrcweir XAccessControlContext, the given XAccessControlContext and the security policy currently 115*cdf0e10cSrcweir in effect. The latter includes static security, e.g. based on user credentials. 116*cdf0e10cSrcweir <p> 117*cdf0e10cSrcweir If the given XAccessControlContext is null, then the action is performed 118*cdf0e10cSrcweir <b>only</b> with the permissions of the security policy currently in effect. 119*cdf0e10cSrcweir </p> 120*cdf0e10cSrcweir 121*cdf0e10cSrcweir @attention 122*cdf0e10cSrcweir Do carefully use this method only for well known use-cases to avoid exploits! 123*cdf0e10cSrcweir Script engines executing sandboxed scripts should generally deny calling this 124*cdf0e10cSrcweir method. 125*cdf0e10cSrcweir 126*cdf0e10cSrcweir @param action 127*cdf0e10cSrcweir action object to be executed 128*cdf0e10cSrcweir @param restriction 129*cdf0e10cSrcweir access control context to restrict permission; null for no restriction 130*cdf0e10cSrcweir @return 131*cdf0e10cSrcweir result 132*cdf0e10cSrcweir @throws com::sun::star::uno::Exception 133*cdf0e10cSrcweir any UNO exception may be thrown 134*cdf0e10cSrcweir */ 135*cdf0e10cSrcweir any doPrivileged( 136*cdf0e10cSrcweir [in] XAction action, 137*cdf0e10cSrcweir [in] XAccessControlContext restriction ) 138*cdf0e10cSrcweir raises (com::sun::star::uno::Exception); 139*cdf0e10cSrcweir 140*cdf0e10cSrcweir /** This method takes a "snapshot" of the current calling context 141*cdf0e10cSrcweir and returns it. 142*cdf0e10cSrcweir <p> 143*cdf0e10cSrcweir This context may then be checked at a later point, possibly in another thread. 144*cdf0e10cSrcweir </p> 145*cdf0e10cSrcweir @return 146*cdf0e10cSrcweir snapshot of context 147*cdf0e10cSrcweir */ 148*cdf0e10cSrcweir XAccessControlContext getContext(); 149*cdf0e10cSrcweir}; 150*cdf0e10cSrcweir 151*cdf0e10cSrcweir//============================================================================= 152*cdf0e10cSrcweir 153*cdf0e10cSrcweir}; }; }; }; 154*cdf0e10cSrcweir 155*cdf0e10cSrcweir#endif 156