--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/authorisation/userpromptservice/policies/inc/policies.rh Thu Sep 10 14:01:51 2009 +0300
@@ -0,0 +1,312 @@
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of the License "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+* Resource header for User Prompt Service Policy files.
+*
+*/
+
+
+/**
+ @file policies.rh
+ @publishedPartner
+ @released
+*/
+
+#ifndef POLICIES_RH
+#define POLICIES_RH
+
+#include <ups/ups.hrh>
+
+/**
+This resource header file defines the structures and constants required by User
+Prompt Service policy files.
+
+A policy file is specific to an single service provided by a specific system
+server and determines whether clients requesting that service from the system
+server should be silently accepted/denied or require the user to be prompted.
+
+A policy file consists of an arbitrary number of policies. The User Prompt
+Service searches through the file in order attempting to match.
+
+* The secure id of the client application.
+* The destination field (e.g. a phone number) provided by the system server.
+* If the policy only applies if the security check implemented by the system
+ server passed/failed.
+
+The first matching policy is the policy that is used so policies must be
+ordered from most specific to least specific.
+
+The policies for a given service are defined by a single policy file and must
+be named as follows ups_SystemServerSid_ServiceUid.rsc
+
+Where the UID or SID is an 8 digit hexadecimal number.
+
+A policy file has the following structure
+
+UID2 KUidUpsPolicyResourceFile // Identifies this as a UPS policy file
+UID3 0xXXXXXXXX // Uniquely defines this policy file.
+ // The UID should be reserved using the
+ // Symbian Signed protected UID allocator.
+
+RESOURCE POLICIES mypolicies
+ {
+ header = POLICY_HEADER
+ {
+ // header definition
+ };
+policies =
+ {
+ POLICY
+ {
+ // definition of policy 1
+ },
+ POLICY
+ {
+ // definition of policy 2
+ }
+ // etc
+ };
+}
+*/
+
+/**
+Defines whether a dialog should be displayed and if so, the
+set of options that should be presented in the dialog.
+
+If just KYes or just KNo is defined then a prompt won't be displayed
+and the request will be silently accepted/denied.
+*/
+
+#define KYes 0x0001
+#define KNo 0x0002
+#define KSession 0x0004 // Implicitly "yes", name kept for compatibility
+#define KSessionYes 0x0004 // New name, same value/meaning as old Session option
+#define KAlways 0x0008
+#define KNever 0x0010
+#define KSessionNo 0x0020
+
+/** Secure ID (SID) classes defined by Symbian Signed.
+
+SID classes partition the UID range into 16 classes based on the most
+significant nybble of the UID number.
+E.g. V9 protected UID allocates are always allocated from Class 2
+
+Typically, policies would be based on the protected range (classes 0 - 7)
+or the unprotected range (classes 8 - F). This is Software Install only
+allows the installation of executables with protected SIDs if the package
+is signed. Consequently, the identity of an application may only accurately
+be verified via the SIS registry if the application has a protected SID.
+
+See also - Symbian Signed UID FAQ
+*/
+#define KSidClass0 0x00000001
+#define KSidClass1 0x00000002
+#define KSidClass2 0x00000004
+#define KSidClass3 0x00000008
+#define KSidClass4 0x00000010
+#define KSidClass5 0x00000020
+#define KSidClass6 0x00000040
+#define KSidClass7 0x00000080
+#define KSidClass8 0x00000100
+#define KSidClass9 0x00000200
+#define KSidClassA 0x00000400
+#define KSidClassB 0x00000800
+#define KSidClassC 0x00001000
+#define KSidClassD 0x00002000
+#define KSidClassE 0x00004000
+#define KSidClassF 0x00008000
+
+// Commonly used SID class definitions
+#define KProtectedSids KSidClass0|KSidClass1|KSidClass2|KSidClass3|KSidClass4|KSidClass5|KSidClass6|KSidClass7
+#define KUnprotectedSids KSidClass8|KSidClass9|KSidClassA|KSidClassB|KSidClassC|KSidClassD|KSidClassE|KSidClassF
+#define KAllSids 0x0000FFFF
+
+
+/**
+Specifies whether authorisation from the User Prompt Service is required for
+requests from clients that passed the system server's security check.
+
+Note that protected SID checks are based on the SID of the application excutable
+issuing the request, not the UID of the package owning that executable.
+
+If a policy file is not defined for a system server or service then a default
+value of ECheckNever will be used because this is compatible with the existing
+platform security behavior.
+*/
+ENUM TAuthorisationPolicy
+ {
+ /**
+ Ignore the system server (platsec) checks, and always ask the UPS what to do.
+ */
+ EAlwaysCheck = 0,
+
+ /**
+ For application executables with a protected SID, launched from the
+ Z drive, where the system server checks have passed, allow the request.
+ Otherwise call the UPS which may still choose to allow the request.
+
+ For all other executables, ignore the system server (platsec) checks, and
+ always ask the UPS what to do.
+ */
+ ECheckPostManufacture = 1,
+
+ /**
+ For application executables with a protected SID (regardless of drive), where
+ the system server checks have passed, allow the request.
+ Otherwise call the UPS which may still choose to allow the request.
+
+ For all other executables, ignore the system server (platsec) checks, and
+ always ask the UPS what to do.
+ */
+ ECheckUnprotectedSids = 2,
+
+ /**
+ If the system server checks passed, allow the request.
+ If they failed, call the UPS which may still choose to allow the request.
+ */
+ ECheckIfFailed = 3,
+
+ /**
+ If the system server checks passed, allow the request.
+ If the system server checks failed, reject the request.
+
+ Never query the UPS - just use existing security check result implemented
+ by system server.
+ */
+ ENeverCheck = 4
+ }
+
+STRUCT POLICY_HEADER
+ {
+ // The major version number of THIS policy file.
+ // When policy files are upgraded or eclipsed the UPS deletes all decision
+ // records for the system server server SID and service ID where the major
+ // version in the decision record is not equal to the major version
+ // number in the policy file.
+ WORD majorversion = 0;
+
+ // The minor version number of THIS policy file.
+ WORD minorversion = 0;
+
+ // Determines whether a system server must request authorisation from the
+ // User Prompt Service even if the client application passed the system
+ // server's security check.
+ BYTE authorisationpolicy = ECheckPostManufacture;
+
+ // Defines the implementation UID of the default policy evaluator.
+ // This MUST be defined and non-zero.
+ LONG policyevaluator = 0;
+
+ // Defines the implementation UID of the default dialog creator.
+ // This MUST be defined and non-zero.
+ LONG dialogcreator = 0;
+ }
+
+/**
+Allows policies to be matched according to whether the client process
+passed security check defined by the system server.
+Typically, this corresponds to whether the client has the correct capabilities
+for the requested service. However, system servers are free to use features
+other than capabilities in their security check.
+
+E.g. If the client has the correct capabilities for the requested service then
+the "Always" and "Never" options will be enabled in the policy; otherwise, a
+different policy will be matched where the prompt is limited to one-shot
+permissions ("Yes" and "No").
+
+*/
+ENUM TSystemServerSecurity
+ {
+ /**
+ The policy applies regardless of whether the client process passed the
+ system server's security check.
+ */
+ ESystemServerSecurityPassedOrFailed = 0,
+ /**
+ The policy only applies if the client process failed the system server's
+ security check.
+ */
+ ESystemServerSecurityFailed = 1,
+ /**
+ The policy only applies if the client process passed the system server's
+ security check.
+ */
+ ESystemServerSecurityPassed = 2
+ }
+
+// Defines a single policy
+STRUCT POLICY
+ {
+ // A bitmask that defines the set of SID classes that this policy applies to.
+ // Typically, this field is used if a policy applies
+ // All clients with a protected SID - KProtectedSids
+ // All clients with an unprotected SID - KUnprotectedSids
+ // All clients - KAllSids
+ LONG sid_classes = KAllSids;
+
+ // An array of LONGs that defines a set of specific client application SIDs
+ // that this policy applies to.
+ // If this field is populated then the sid_classes field will be ignored.
+ LONG sid_list[];
+
+ // By default policies apply regardless of whether the client process
+ // requesting the service passed or failed the system server's security
+ // check. i.e. whether the client process has the correct capabilities.
+ BYTE systemserversecurity = ESystemServerSecurityPassedOrFailed;
+
+ // A wildcard string to match against destination supplied by system server
+ // Wildcard rules are defined by TDesC::MatchF
+ LTEXT destination = "*";
+
+ // A bit field that controls which buttons may be displayed.
+ // KYes, KNo, KSessionYes, KSessionNo, KAlways, KNever
+ LONG options = KYes|KNo;
+
+ // If non-zero, this field overrides the implementation UID
+ // of the default policy evaluator for this policy.
+ LONG policyevaluator = 0;
+
+ // If non-zero, this field overrides the implementation UID
+ // of the default dialog creator.
+ LONG dialogcreator = 0;
+
+ // Flags specific to the policy evaluator
+ WORD flags = 0;
+
+ // Reserved for future use, do not use
+ WORD reservedWord = 0;
+
+ // Reserved for future use, do not use
+ LLINK reservedLink = 0;
+ }
+
+// Defines a set of policies and the implementations UIDs of the default
+// policy evaluator and dialog creator plug-ins.
+STRUCT POLICIES
+ {
+ // Version of the UPS policy format.
+ // Policy files MUST NOT change this value.
+ WORD version = 1;
+
+ // reserved for future use, do not use
+ LLINK reserved = 0;
+
+ // A POLICY_HEADER structure
+ STRUCT header;
+
+ // An array of POLICY structures
+ STRUCT policies[];
+ }
+
+#endif