diff -r 947415ec7603 -r a7062f7f0b79 serviceapifw_plat/rtsecuritymanager_client_api/inc/rtsecmgrscriptsession.h --- a/serviceapifw_plat/rtsecuritymanager_client_api/inc/rtsecmgrscriptsession.h Fri Jul 03 15:51:30 2009 +0100 +++ b/serviceapifw_plat/rtsecuritymanager_client_api/inc/rtsecmgrscriptsession.h Thu Sep 10 12:58:32 2009 +0300 @@ -154,6 +154,7 @@ //typdef to model list of prompt data structure typedef RPointerArray RPromptDataList; +typedef RArray RResourceArray; /* * Prompt callback handler class. @@ -195,6 +196,22 @@ virtual TSecMgrPromptUIOption PromptOption() const =0; }; +struct TPermanentInfo + { + TPermGrant iAllowedBits; //permanent allowed caps + TPermGrant iDeniedBits; //permanent denied caps + RProviderArray iAllowedProviders; //permanent allowed providers + RProviderArray iDeniedProviders; //permanent denied providers + }; + +struct TSessionInfo + { + TCapabilityBitSet AllowedCaps; //caps allowed for this session (caps allowed for this session & perm allowed) + TCapabilityBitSet DeniedCaps; //caps denied for this sesion (caps denied for this session & perm denied) + RProviderArray AllowedProviders;//providers allowed for this session + RProviderArray DeniedProviders;//providers denied for this session + }; + /** * * Thin proxy to the client side sub-session handle. @@ -341,15 +358,42 @@ IMPORT_C TInt IsAllowed(const RCapabilityArray& aCapabilitiesToCheck,RCapabilityArray& aUnMatchedCapabilities); /** - * Definition of default prompt handler. - * - * @param aPromptDataList RPromptDataList list of prompt data used by - * prompt callback handler to show to the user - * - * @return KErrNone if prompting successful; In case of failure, one of - * system wide error codes - * - */ + * Performs access permission check + * + * This overloaded method evaluates access permission by comparing the expected capabilities + * to perform service invocation with the capabilities of the script. The + * capabilities of the script is computed as sum of : + * + * - default allowed capabilities as specified in security access policy + * - user-granted capabilities, allowed by user while prompting + * + * The capabilities allowed by the user could be of various durations, like + * session-based, blanket/permanent and the one valid for the current invocation only + * (one-shot) + * + * This overloaded version returns the list of capabilities that do not match after + * access permission check. This can be used by the client to display to the user the + * list of unmatched capabilities + * + * @param aCapabilitiesToCheck RCapabilityArray list of capabilities to be checked against + * script's capbilities + * @param aProviderUid TProviderUid The provider that is being loaded + * @param aResourceFilePath TFileName resource file containing the string to prompt. + * + * @return EAccessOk if the access permission check is successful; Else, EAccessNOk + */ + IMPORT_C TInt IsAllowed(const RCapabilityArray& aCapabilitiesToCheck, TProviderUid aProviderUid, TFileName aResourceFileName); + + /** + * Definition of default prompt handler. + * + * @param aPromptDataList RPromptDataList list of prompt data used by + * prompt callback handler to show to the user + * + * @return KErrNone if prompting successful; In case of failure, one of + * system wide error codes + * + */ TInt Prompt(RPromptDataList& aPromptDataList , TExecutableID aExecID = KAnonymousScript); /** @@ -425,6 +469,16 @@ { return iUIPromptOption; } + + /** + * Sets the application name to the value passed by the runtime. + * The name is displayed as part of the prompt for provider based prompting. + * If name is not set then the default name is used. + * + * @param aName TDesC& name of the application. + */ + IMPORT_C void SetApplicationNameL(const TDesC& aName); + private: /* @@ -504,8 +558,22 @@ * */ void Close(); - + + /* + * Function to add the security manager resource file to the CONE environment + */ void AddResourceFiles(); + + /* + * Function to add the provider's resource file from which the body of the prompt is populated. + * + * @param aResourceFileName TFileName The resource file to be added to the CONE environment + */ + TInt AddProviderResourceFile(TFileName aResourceFileName); + + /* + * Close all the resource files added to the CONE environment + */ void CloseResourceFiles(); private: @@ -517,9 +585,9 @@ */ struct { - TCapabilityBitSet AllowedCaps; //caps allowed for this session (caps allowed for this session & perm allowed) - TCapabilityBitSet DeniedCaps; //caps denied for this sesion (caps denied for this session & perm denied) - }_sessionInfo; + TSessionInfo* sessionInfo; //Information about what is allowed for this session (caps/providers allowed for this session & perm allowed) + TCapabilityBitSet DeniedCaps; //Information about what is denied for this session (caps/providers denied for this session & perm denied) + }_sessionData; /* * anonymous enumerations for selection index @@ -545,14 +613,14 @@ * permanently allowed capability bits * */ - TPermGrant iPermBits; //perm allowed caps, persistently stored for this script + TPermanentInfo* _permanentInfo; //perm allowed information, persistently stored for this script /* - * permanently denied capability bits + * Generic data about the script session * */ - TPermGrant iDeniedBits; //perm denied caps, persistently stored for this script - + HBufC* iSessionData; + /* * reference to prompt handler instance * @@ -574,7 +642,7 @@ * security manager resource file offset value * */ - TInt iResourceOffset; + RResourceArray iResourceOffsetArray; /* * Prompt UI option