search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Version 6.1.0.2, tag libreoffice-6.1.0.2
[LibreOffice.git] / stoc / source / security / access_controller.cxx
blob0ae4c8302c9a9ab46b99c71114a3b57c18b751c3
1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /*
3 * This file is part of the LibreOffice project.
4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 *
9 * This file incorporates work covered by the following license notice:
10 *
11 * Licensed to the Apache Software Foundation (ASF) under one or more
12 * contributor license agreements. See the NOTICE file distributed
13 * with this work for additional information regarding copyright
14 * ownership. The ASF licenses this file to you under the Apache
15 * License, Version 2.0 (the "License"); you may not use this file
16 * except in compliance with the License. You may obtain a copy of
17 * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 */
19
20
21 #include <vector>
22
23 #include <osl/diagnose.h>
24 #include <osl/mutex.hxx>
25 #include <osl/thread.hxx>
26
27 #include <rtl/ref.hxx>
28 #include <rtl/ustrbuf.hxx>
29
30 #include <uno/current_context.h>
31 #include <uno/lbnames.h>
32
33 #include <cppuhelper/implbase.hxx>
34 #include <cppuhelper/compbase.hxx>
35 #include <cppuhelper/implementationentry.hxx>
36 #include <cppuhelper/supportsservice.hxx>
37
38 #include <com/sun/star/uno/XCurrentContext.hpp>
39 #include <com/sun/star/uno/DeploymentException.hpp>
40 #include <com/sun/star/lang/DisposedException.hpp>
41 #include <com/sun/star/lang/XComponent.hpp>
42 #include <com/sun/star/lang/XServiceInfo.hpp>
43 #include <com/sun/star/lang/XInitialization.hpp>
44 #include <com/sun/star/security/XAccessController.hpp>
45 #include <com/sun/star/security/XPolicy.hpp>
46
47 #include "lru_cache.h"
48 #include "permissions.h"
49
50 #include <memory>
51
52 #define SERVICE_NAME "com.sun.star.security.AccessController"
53 #define USER_CREDS "access-control.user-credentials"
54
55
56 using namespace ::std;
57 using namespace ::osl;
58 using namespace ::cppu;
59 using namespace ::com::sun::star;
60 using namespace css::uno;
61 using namespace stoc_sec;
62
63 namespace {
64
65 // static stuff initialized when loading lib
66 static OUString s_envType = CPPU_CURRENT_LANGUAGE_BINDING_NAME;
67 const char s_acRestriction[] = "access-control.restriction";
68
69
70 /** ac context intersects permissions of two ac contexts
71 */
72 class acc_Intersection
73 : public WeakImplHelper< security::XAccessControlContext >
74 {
75 Reference< security::XAccessControlContext > m_x1, m_x2;
76
77 inline acc_Intersection(
78 Reference< security::XAccessControlContext > const & x1,
79 Reference< security::XAccessControlContext > const & x2 );
80
81 public:
82 static inline Reference< security::XAccessControlContext > create(
83 Reference< security::XAccessControlContext > const & x1,
84 Reference< security::XAccessControlContext > const & x2 );
85
86 // XAccessControlContext impl
87 virtual void SAL_CALL checkPermission(
88 Any const & perm ) override;
89 };
90
91 inline acc_Intersection::acc_Intersection(
92 Reference< security::XAccessControlContext > const & x1,
93 Reference< security::XAccessControlContext > const & x2 )
94 : m_x1( x1 )
95 , m_x2( x2 )
96 {}
97
98 inline Reference< security::XAccessControlContext > acc_Intersection::create(
99 Reference< security::XAccessControlContext > const & x1,
100 Reference< security::XAccessControlContext > const & x2 )
101 {
102 if (! x1.is())
103 return x2;
104 if (! x2.is())
105 return x1;
106 return new acc_Intersection( x1, x2 );
107 }
108
109 void acc_Intersection::checkPermission(
110 Any const & perm )
111 {
112 m_x1->checkPermission( perm );
113 m_x2->checkPermission( perm );
114 }
115
116 /** ac context unifies permissions of two ac contexts
117 */
118 class acc_Union
119 : public WeakImplHelper< security::XAccessControlContext >
120 {
121 Reference< security::XAccessControlContext > m_x1, m_x2;
122
123 inline acc_Union(
124 Reference< security::XAccessControlContext > const & x1,
125 Reference< security::XAccessControlContext > const & x2 );
126
127 public:
128 static inline Reference< security::XAccessControlContext > create(
129 Reference< security::XAccessControlContext > const & x1,
130 Reference< security::XAccessControlContext > const & x2 );
131
132 // XAccessControlContext impl
133 virtual void SAL_CALL checkPermission(
134 Any const & perm ) override;
135 };
136
137 inline acc_Union::acc_Union(
138 Reference< security::XAccessControlContext > const & x1,
139 Reference< security::XAccessControlContext > const & x2 )
140 : m_x1( x1 )
141 , m_x2( x2 )
142 {}
143
144 inline Reference< security::XAccessControlContext > acc_Union::create(
145 Reference< security::XAccessControlContext > const & x1,
146 Reference< security::XAccessControlContext > const & x2 )
147 {
148 if (! x1.is())
149 return Reference< security::XAccessControlContext >(); // unrestricted
150 if (! x2.is())
151 return Reference< security::XAccessControlContext >(); // unrestricted
152 return new acc_Union( x1, x2 );
153 }
154
155 void acc_Union::checkPermission(
156 Any const & perm )
157 {
158 try
159 {
160 m_x1->checkPermission( perm );
161 }
162 catch (security::AccessControlException &)
163 {
164 m_x2->checkPermission( perm );
165 }
166 }
167
168 /** ac context doing permission checks on static permissions
169 */
170 class acc_Policy
171 : public WeakImplHelper< security::XAccessControlContext >
172 {
173 PermissionCollection m_permissions;
174
175 public:
176 explicit acc_Policy(
177 PermissionCollection const & permissions )
178 : m_permissions( permissions )
179 {}
180
181 // XAccessControlContext impl
182 virtual void SAL_CALL checkPermission(
183 Any const & perm ) override;
184 };
185
186 void acc_Policy::checkPermission(
187 Any const & perm )
188 {
189 m_permissions.checkPermission( perm );
190 }
191
192 /** current context overriding dynamic ac restriction
193 */
194 class acc_CurrentContext
195 : public WeakImplHelper< XCurrentContext >
196 {
197 Reference< XCurrentContext > m_xDelegate;
198 Any m_restriction;
199
200 public:
201 inline acc_CurrentContext(
202 Reference< XCurrentContext > const & xDelegate,
203 Reference< security::XAccessControlContext > const & xRestriction );
204
205 // XCurrentContext impl
206 virtual Any SAL_CALL getValueByName( OUString const & name ) override;
207 };
208
209 inline acc_CurrentContext::acc_CurrentContext(
210 Reference< XCurrentContext > const & xDelegate,
211 Reference< security::XAccessControlContext > const & xRestriction )
212 : m_xDelegate( xDelegate )
213 {
214 if (xRestriction.is())
215 {
216 m_restriction <<= xRestriction;
217 }
218 // return empty any otherwise on getValueByName(), not null interface
219 }
220
221 Any acc_CurrentContext::getValueByName( OUString const & name )
222 {
223 if (name == s_acRestriction)
224 {
225 return m_restriction;
226 }
227 else if (m_xDelegate.is())
228 {
229 return m_xDelegate->getValueByName( name );
230 }
231 else
232 {
233 return Any();
234 }
235 }
236
237
238 inline Reference< security::XAccessControlContext > getDynamicRestriction(
239 Reference< XCurrentContext > const & xContext )
240 {
241 if (xContext.is())
242 {
243 Any acc(xContext->getValueByName(s_acRestriction));
244 if (typelib_TypeClass_INTERFACE == acc.pType->eTypeClass)
245 {
246 // avoid ref-counting
247 OUString const & typeName =
248 OUString::unacquired( &acc.pType->pTypeName );
249 if ( typeName == "com.sun.star.security.XAccessControlContext" )
250 {
251 return Reference< security::XAccessControlContext >(
252 *static_cast< security::XAccessControlContext ** >( acc.pData ) );
253 }
254 else // try to query
255 {
256 return Reference< security::XAccessControlContext >::query(
257 *static_cast< XInterface ** >( acc.pData ) );
258 }
259 }
260 }
261 return Reference< security::XAccessControlContext >();
262 }
263
264 class cc_reset
265 {
266 void * m_cc;
267 public:
268 explicit cc_reset( void * cc )
269 : m_cc( cc ) {}
270 ~cc_reset()
271 { ::uno_setCurrentContext( m_cc, s_envType.pData, nullptr ); }
272 };
273
274 struct MutexHolder
275 {
276 Mutex m_mutex;
277 };
278 typedef WeakComponentImplHelper<
279 security::XAccessController, lang::XServiceInfo, lang::XInitialization > t_helper;
280
281
282 class AccessController
283 : public MutexHolder
284 , public t_helper
285 {
286 Reference< XComponentContext > m_xComponentContext;
287
288 Reference< security::XPolicy > m_xPolicy;
289 Reference< security::XPolicy > const & getPolicy();
290
291 // mode
292 enum Mode { OFF, ON, DYNAMIC_ONLY, SINGLE_USER, SINGLE_DEFAULT_USER } m_mode;
293
294 PermissionCollection m_defaultPermissions;
295 // for single-user mode
296 PermissionCollection m_singleUserPermissions;
297 OUString m_singleUserId;
298 bool m_defaultPerm_init;
299 bool m_singleUser_init;
300 // for multi-user mode
301 lru_cache< OUString, PermissionCollection, OUStringHash, equal_to< OUString > >
302 m_user2permissions;
303
304 ThreadData m_rec;
305 typedef vector< pair< OUString, Any > > t_rec_vec;
306 inline void clearPostPoned();
307 void checkAndClearPostPoned();
308
309 PermissionCollection getEffectivePermissions(
310 Reference< XCurrentContext > const & xContext,
311 Any const & demanded_perm );
312
313 protected:
314 virtual void SAL_CALL disposing() override;
315
316 public:
317 explicit AccessController( Reference< XComponentContext > const & xComponentContext );
318
319 // XInitialization impl
320 virtual void SAL_CALL initialize(
321 Sequence< Any > const & arguments ) override;
322
323 // XAccessController impl
324 virtual void SAL_CALL checkPermission(
325 Any const & perm ) override;
326 virtual Any SAL_CALL doRestricted(
327 Reference< security::XAction > const & xAction,
328 Reference< security::XAccessControlContext > const & xRestriction ) override;
329 virtual Any SAL_CALL doPrivileged(
330 Reference< security::XAction > const & xAction,
331 Reference< security::XAccessControlContext > const & xRestriction ) override;
332 virtual Reference< security::XAccessControlContext > SAL_CALL getContext() override;
333
334 // XServiceInfo impl
335 virtual OUString SAL_CALL getImplementationName() override;
336 virtual sal_Bool SAL_CALL supportsService( OUString const & serviceName ) override;
337 virtual Sequence< OUString > SAL_CALL getSupportedServiceNames() override;
338 };
339
340 AccessController::AccessController( Reference< XComponentContext > const & xComponentContext )
341 : t_helper( m_mutex )
342 , m_xComponentContext( xComponentContext )
343 , m_mode( ON ) // default
344 , m_defaultPerm_init( false )
345 , m_singleUser_init( false )
346 , m_rec( nullptr )
347 {
348 // The .../mode value had originally been set in
349 // cppu::add_access_control_entries (cppuhelper/source/servicefactory.cxx)
350 // to something other than "off" depending on various UNO_AC* bootstrap
351 // variables that are no longer supported, so this is mostly dead code now:
352 OUString mode;
353 if (m_xComponentContext->getValueByName( "/services/" SERVICE_NAME "/mode" ) >>= mode)
354 {
355 if ( mode == "off" )
356 {
357 m_mode = OFF;
358 }
359 else if ( mode == "on" )
360 {
361 m_mode = ON;
362 }
363 else if ( mode == "dynamic-only" )
364 {
365 m_mode = DYNAMIC_ONLY;
366 }
367 else if ( mode == "single-user" )
368 {
369 m_xComponentContext->getValueByName(
370 "/services/" SERVICE_NAME "/single-user-id" ) >>= m_singleUserId;
371 if (m_singleUserId.isEmpty())
372 {
373 throw RuntimeException(
374 "expected a user id in component context entry "
375 "\"/services/" SERVICE_NAME "/single-user-id\"!",
376 static_cast<OWeakObject *>(this) );
377 }
378 m_mode = SINGLE_USER;
379 }
380 else if ( mode == "single-default-user" )
381 {
382 m_mode = SINGLE_DEFAULT_USER;
383 }
384 }
385
386 // switch on caching for DYNAMIC_ONLY and ON (shareable multi-user process)
387 if (ON == m_mode || DYNAMIC_ONLY == m_mode)
388 {
389 sal_Int32 cacheSize = 0; // multi-user cache size
390 if (! (m_xComponentContext->getValueByName(
391 "/services/" SERVICE_NAME "/user-cache-size" ) >>= cacheSize))
392 {
393 cacheSize = 128; // reasonable default?
394 }
395 #ifdef __CACHE_DIAGNOSE
396 cacheSize = 2;
397 #endif
398 m_user2permissions.setSize( cacheSize );
399 }
400 }
401
402 void AccessController::disposing()
403 {
404 m_mode = OFF; // avoid checks from now on xxx todo review/ better DYNAMIC_ONLY?
405 m_xPolicy.clear();
406 m_xComponentContext.clear();
407 }
408
409 // XInitialization impl
410
411 void AccessController::initialize(
412 Sequence< Any > const & arguments )
413 {
414 // xxx todo: review for forking
415 // portal forking hack: re-initialize for another user-id
416 if (SINGLE_USER != m_mode) // only if in single-user mode
417 {
418 throw RuntimeException(
419 "invalid call: ac must be in \"single-user\" mode!", static_cast<OWeakObject *>(this) );
420 }
421 OUString userId;
422 arguments[ 0 ] >>= userId;
423 if ( userId.isEmpty() )
424 {
425 throw RuntimeException(
426 "expected a user-id as first argument!", static_cast<OWeakObject *>(this) );
427 }
428 // assured that no sync is necessary: no check happens at this forking time
429 m_singleUserId = userId;
430 m_singleUser_init = false;
431 }
432
433
434 Reference< security::XPolicy > const & AccessController::getPolicy()
435 {
436 // get policy singleton
437 if (! m_xPolicy.is())
438 {
439 Reference< security::XPolicy > xPolicy;
440 m_xComponentContext->getValueByName(
441 "/singletons/com.sun.star.security.thePolicy" ) >>= xPolicy;
442 if (!xPolicy.is())
443 {
444 throw SecurityException(
445 "cannot get policy singleton!", static_cast<OWeakObject *>(this) );
446 }
447
448 MutexGuard guard( m_mutex );
449 if (! m_xPolicy.is())
450 {
451 m_xPolicy = xPolicy;
452 }
453 }
454 return m_xPolicy;
455 }
456
457 #ifdef __DIAGNOSE
458 static void dumpPermissions(
459 PermissionCollection const & collection, OUString const & userId = OUString() )
460 {
461 OUStringBuffer buf( 48 );
462 if (!userId.isEmpty())
463 {
464 buf.append( "> dumping permissions of user \"" );
465 buf.append( userId );
466 buf.append( "\":" );
467 }
468 else
469 {
470 buf.append( "> dumping default permissions:" );
471 }
472 SAL_INFO("stoc", buf.makeStringAndClear() );
473 Sequence< OUString > permissions( collection.toStrings() );
474 OUString const * p = permissions.getConstArray();
475 for ( sal_Int32 nPos = 0; nPos < permissions.getLength(); ++nPos )
476 {
477 SAL_INFO("stoc", p[ nPos ] );
478 }
479 SAL_INFO("stoc", "> permission dump done" );
480 }
481 #endif
482
483
484 inline void AccessController::clearPostPoned()
485 {
486 delete static_cast< t_rec_vec * >( m_rec.getData() );
487 m_rec.setData( nullptr );
488 }
489
490 void AccessController::checkAndClearPostPoned()
491 {
492 // check postponed permissions
493 std::unique_ptr< t_rec_vec > rec( static_cast< t_rec_vec * >( m_rec.getData() ) );
494 m_rec.setData( nullptr ); // takeover ownership
495 OSL_ASSERT( rec.get() );
496 if (rec.get())
497 {
498 t_rec_vec const & vec = *rec.get();
499 switch (m_mode)
500 {
501 case SINGLE_USER:
502 {
503 OSL_ASSERT( m_singleUser_init );
504 for (const auto & p : vec)
505 {
506 OSL_ASSERT( m_singleUserId == p.first );
507 m_singleUserPermissions.checkPermission( p.second );
508 }
509 break;
510 }
511 case SINGLE_DEFAULT_USER:
512 {
513 OSL_ASSERT( m_defaultPerm_init );
514 for (const auto & p : vec)
515 {
516 OSL_ASSERT( p.first.isEmpty() ); // default-user
517 m_defaultPermissions.checkPermission( p.second );
518 }
519 break;
520 }
521 case ON:
522 {
523 for (const auto & p : vec)
524 {
525 PermissionCollection const * pPermissions;
526 // lookup policy for user
527 {
528 MutexGuard guard( m_mutex );
529 pPermissions = m_user2permissions.lookup( p.first );
530 }
531 OSL_ASSERT( pPermissions );
532 if (pPermissions)
533 {
534 pPermissions->checkPermission( p.second );
535 }
536 }
537 break;
538 }
539 default:
540 OSL_FAIL( "### this should never be called in this ac mode!" );
541 break;
542 }
543 }
544 }
545
546 /** this is the only function calling the policy singleton and thus has to take care
547 of recurring calls!
548
549 @param demanded_perm (if not empty) is the demanded permission of a checkPermission() call
550 which will be postponed for recurring calls
551 */
552 PermissionCollection AccessController::getEffectivePermissions(
553 Reference< XCurrentContext > const & xContext,
554 Any const & demanded_perm )
555 {
556 OUString userId;
557
558 switch (m_mode)
559 {
560 case SINGLE_USER:
561 {
562 if (m_singleUser_init)
563 return m_singleUserPermissions;
564 userId = m_singleUserId;
565 break;
566 }
567 case SINGLE_DEFAULT_USER:
568 {
569 if (m_defaultPerm_init)
570 return m_defaultPermissions;
571 break;
572 }
573 case ON:
574 {
575 if (xContext.is())
576 {
577 xContext->getValueByName( USER_CREDS ".id" ) >>= userId;
578 }
579 if ( userId.isEmpty() )
580 {
581 throw SecurityException(
582 "cannot determine current user in multi-user ac!", static_cast<OWeakObject *>(this) );
583 }
584
585 // lookup policy for user
586 MutexGuard guard( m_mutex );
587 PermissionCollection const * pPermissions = m_user2permissions.lookup( userId );
588 if (pPermissions)
589 return *pPermissions;
590 break;
591 }
592 default:
593 OSL_FAIL( "### this should never be called in this ac mode!" );
594 return PermissionCollection();
595 }
596
597 // call on policy
598 // iff this is a recurring call for the default user, then grant all permissions
599 t_rec_vec * rec = static_cast< t_rec_vec * >( m_rec.getData() );
600 if (rec) // tls entry exists => this is recursive call
601 {
602 if (demanded_perm.hasValue())
603 {
604 // enqueue
605 rec->push_back( pair< OUString, Any >( userId, demanded_perm ) );
606 }
607 #ifdef __DIAGNOSE
608 SAL_INFO("stoc", "> info: recurring call of user: " << userId );
609 #endif
610 return PermissionCollection( new AllPermission() );
611 }
612 else // no tls
613 {
614 rec = new t_rec_vec;
615 m_rec.setData( rec );
616 }
617
618 try // calls on API
619 {
620 // init default permissions
621 if (! m_defaultPerm_init)
622 {
623 PermissionCollection defaultPermissions(
624 getPolicy()->getDefaultPermissions() );
625 // assign
626 MutexGuard guard( m_mutex );
627 if (! m_defaultPerm_init)
628 {
629 m_defaultPermissions = defaultPermissions;
630 m_defaultPerm_init = true;
631 }
632 #ifdef __DIAGNOSE
633 dumpPermissions( m_defaultPermissions );
634 #endif
635 }
636
637 PermissionCollection ret;
638
639 // init user permissions
640 switch (m_mode)
641 {
642 case SINGLE_USER:
643 {
644 ret = PermissionCollection(
645 getPolicy()->getPermissions( userId ), m_defaultPermissions );
646 {
647 // assign
648 MutexGuard guard( m_mutex );
649 if (m_singleUser_init)
650 {
651 ret = m_singleUserPermissions;
652 }
653 else
654 {
655 m_singleUserPermissions = ret;
656 m_singleUser_init = true;
657 }
658 }
659 #ifdef __DIAGNOSE
660 dumpPermissions( ret, userId );
661 #endif
662 break;
663 }
664 case SINGLE_DEFAULT_USER:
665 {
666 ret = m_defaultPermissions;
667 break;
668 }
669 case ON:
670 {
671 ret = PermissionCollection(
672 getPolicy()->getPermissions( userId ), m_defaultPermissions );
673 {
674 // cache
675 MutexGuard guard( m_mutex );
676 m_user2permissions.set( userId, ret );
677 }
678 #ifdef __DIAGNOSE
679 dumpPermissions( ret, userId );
680 #endif
681 break;
682 }
683 default:
684 break;
685 }
686
687 // check postponed
688 checkAndClearPostPoned();
689 return ret;
690 }
691 catch (const security::AccessControlException & exc) // wrapped into DeploymentException
692 {
693 clearPostPoned(); // safety: exception could have happened before checking postponed?
694 throw DeploymentException( "deployment error (AccessControlException occurred): " + exc.Message, exc.Context );
695 }
696 catch (RuntimeException &)
697 {
698 // don't check postponed, just cleanup
699 clearPostPoned();
700 delete static_cast< t_rec_vec * >( m_rec.getData() );
701 m_rec.setData( nullptr );
702 throw;
703 }
704 catch (Exception &)
705 {
706 // check postponed permissions first
707 // => AccessControlExceptions are errors, user exceptions not!
708 checkAndClearPostPoned();
709 throw;
710 }
711 catch (...)
712 {
713 // don't check postponed, just cleanup
714 clearPostPoned();
715 throw;
716 }
717 }
718
719 // XAccessController impl
720
721 void AccessController::checkPermission(
722 Any const & perm )
723 {
724 if (rBHelper.bDisposed)
725 {
726 throw lang::DisposedException(
727 "checkPermission() call on disposed AccessController!", static_cast<OWeakObject *>(this) );
728 }
729
730 if (OFF == m_mode)
731 return;
732
733 // first dynamic check of ac contexts
734 Reference< XCurrentContext > xContext;
735 ::uno_getCurrentContext( reinterpret_cast<void **>(&xContext), s_envType.pData, nullptr );
736 Reference< security::XAccessControlContext > xACC( getDynamicRestriction( xContext ) );
737 if (xACC.is())
738 {
739 xACC->checkPermission( perm );
740 }
741
742 if (DYNAMIC_ONLY == m_mode)
743 return;
744
745 // then static check
746 getEffectivePermissions( xContext, perm ).checkPermission( perm );
747 }
748
749 Any AccessController::doRestricted(
750 Reference< security::XAction > const & xAction,
751 Reference< security::XAccessControlContext > const & xRestriction )
752 {
753 if (rBHelper.bDisposed)
754 {
755 throw lang::DisposedException(
756 "doRestricted() call on disposed AccessController!", static_cast<OWeakObject *>(this) );
757 }
758
759 if (OFF == m_mode) // optimize this way, because no dynamic check will be performed
760 return xAction->run();
761
762 if (xRestriction.is())
763 {
764 Reference< XCurrentContext > xContext;
765 ::uno_getCurrentContext( reinterpret_cast<void **>(&xContext), s_envType.pData, nullptr );
766
767 // override restriction
768 Reference< XCurrentContext > xNewContext(
769 new acc_CurrentContext( xContext, acc_Intersection::create(
770 xRestriction, getDynamicRestriction( xContext ) ) ) );
771 ::uno_setCurrentContext( xNewContext.get(), s_envType.pData, nullptr );
772 cc_reset reset( xContext.get() );
773 return xAction->run();
774 }
775 else
776 {
777 return xAction->run();
778 }
779 }
780
781 Any AccessController::doPrivileged(
782 Reference< security::XAction > const & xAction,
783 Reference< security::XAccessControlContext > const & xRestriction )
784 {
785 if (rBHelper.bDisposed)
786 {
787 throw lang::DisposedException(
788 "doPrivileged() call on disposed AccessController!", static_cast<OWeakObject *>(this) );
789 }
790
791 if (OFF == m_mode) // no dynamic check will be performed
792 {
793 return xAction->run();
794 }
795
796 Reference< XCurrentContext > xContext;
797 ::uno_getCurrentContext( reinterpret_cast<void **>(&xContext), s_envType.pData, nullptr );
798
799 Reference< security::XAccessControlContext > xOldRestr(
800 getDynamicRestriction( xContext ) );
801
802 if (xOldRestr.is()) // previous restriction
803 {
804 // override restriction
805 Reference< XCurrentContext > xNewContext(
806 new acc_CurrentContext( xContext, acc_Union::create( xRestriction, xOldRestr ) ) );
807 ::uno_setCurrentContext( xNewContext.get(), s_envType.pData, nullptr );
808 cc_reset reset( xContext.get() );
809 return xAction->run();
810 }
811 else // no previous restriction => never current restriction
812 {
813 return xAction->run();
814 }
815 }
816
817 Reference< security::XAccessControlContext > AccessController::getContext()
818 {
819 if (rBHelper.bDisposed)
820 {
821 throw lang::DisposedException(
822 "getContext() call on disposed AccessController!", static_cast<OWeakObject *>(this) );
823 }
824
825 if (OFF == m_mode) // optimize this way, because no dynamic check will be performed
826 {
827 return new acc_Policy( PermissionCollection( new AllPermission() ) );
828 }
829
830 Reference< XCurrentContext > xContext;
831 ::uno_getCurrentContext( reinterpret_cast<void **>(&xContext), s_envType.pData, nullptr );
832
833 return acc_Intersection::create(
834 getDynamicRestriction( xContext ),
835 new acc_Policy( getEffectivePermissions( xContext, Any() ) ) );
836 }
837
838 // XServiceInfo impl
839
840 OUString AccessController::getImplementationName()
841 {
842 return OUString("com.sun.star.security.comp.stoc.AccessController");
843 }
844
845 sal_Bool AccessController::supportsService( OUString const & serviceName )
846 {
847 return cppu::supportsService(this, serviceName);
848 }
849
850 Sequence< OUString > AccessController::getSupportedServiceNames()
851 {
852 Sequence<OUString> aSNS { SERVICE_NAME };
853 return aSNS;
854 }
855
856 }
857
858 extern "C" SAL_DLLPUBLIC_EXPORT css::uno::XInterface *
859 com_sun_star_security_comp_stoc_AccessController_get_implementation(
860 css::uno::XComponentContext *context,
861 css::uno::Sequence<css::uno::Any> const &)
862 {
863 return cppu::acquire(new AccessController(context));
864 }
865
866 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
FREE OFFICE SUITE