udkapi/com/sun/star/security/XAccessController.idl

   1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
   2 /*
   3  * This file is part of the LibreOffice project.
   4  *
   5  * This Source Code Form is subject to the terms of the Mozilla Public
   6  * License, v. 2.0. If a copy of the MPL was not distributed with this
   7  * file, You can obtain one at http://mozilla.org/MPL/2.0/.
   8  *
   9  * This file incorporates work covered by the following license notice:
  10  *
  11  *   Licensed to the Apache Software Foundation (ASF) under one or more
  12  *   contributor license agreements. See the NOTICE file distributed
  13  *   with this work for additional information regarding copyright
  14  *   ownership. The ASF licenses this file to you under the Apache
  15  *   License, Version 2.0 (the "License"); you may not use this file
  16  *   except in compliance with the License. You may obtain a copy of
  17  *   the License at http://www.apache.org/licenses/LICENSE-2.0 .
  18  */
  19 #ifndef __com_sun_star_security_XAccessController_idl__
  20 #define __com_sun_star_security_XAccessController_idl__
  21
  22 #include <com/sun/star/uno/XInterface.idl>
  23 #include <com/sun/star/security/XAccessControlContext.idl>
  24 #include <com/sun/star/security/XAction.idl>
  25 #include <com/sun/star/security/AccessControlException.idl>
  26
  27
  28
  29 module com {  module sun {  module star {  module security {
  30
  31
  32 /** Interface for checking permissions and invoking privileged or restricted
  33     actions.
  34
  35     @since OOo 1.1.2
  36 */
  37 published interface XAccessController : com::sun::star::uno::XInterface
  38 {
  39     /** Determines whether the access request indicated by the specified
  40         permission should be allowed or denied, based on the security policy
  41         currently in effect.
  42         The semantics are equivalent to the security permission classes of
  43         the Java platform.
  44         <p>
  45         You can also pass a sequence of permissions (sequence< any >) to check
  46         a set of permissions, e.g. for performance reasons.
  47         This method quietly returns if the access request is permitted,
  48         or throws a suitable AccessControlException otherwise.
  49         </p>
  50
  51         @param perm
  52                permission to be checked
  53
  54         @throws AccessControlException
  55                 thrown if access is denied
  56
  57         @see ::com::sun::star::security::AccessControlException
  58         @see ::com::sun::star::security::AllPermission
  59         @see ::com::sun::star::security::RuntimePermission
  60         @see ::com::sun::star::io::FilePermission
  61         @see ::com::sun::star::connection::SocketPermission
  62     */
  63     void checkPermission(
  64         [in] any perm )
  65         raises (AccessControlException);
  66
  67     /** Perform the specified action restricting permissions to the given
  68         XAccessControlContext.
  69         The action is performed with the intersection of the permissions of the currently installed
  70         XAccessControlContext, the given XAccessControlContext and the security policy currently
  71         in effect.  The latter includes static security, e.g. based on user credentials.
  72         <p>
  73         If the specified XAccessControlContext is null, then the action is performed
  74         with unmodified permissions, i.e. the call makes no sense.
  75         </p>
  76
  77         @param action
  78                action object to be executed
  79         @param restriction
  80                access control context to restrict permission; null for no restriction
  81         @return
  82                 result
  83         @throws com::sun::star::uno::Exception
  84                 any UNO exception may be thrown
  85     */
  86     any doRestricted(
  87         [in] XAction action,
  88         [in] XAccessControlContext restriction )
  89         raises (com::sun::star::uno::Exception);
  90
  91     /** Perform the specified action adding a set of permissions defined by the given
  92         XAccessControlContext.
  93         The action is performed with the union of the permissions of the currently installed
  94         XAccessControlContext, the given XAccessControlContext and the security policy currently
  95         in effect.  The latter includes static security, e.g. based on user credentials.
  96         <p>
  97         If the given XAccessControlContext is null, then the action is performed
  98         <b>only</b> with the permissions of the security policy currently in effect.
  99         </p>
 100
 101         @attention
 102         Do carefully use this method only for well known use-cases to avoid exploits!
 103         Script engines executing sandboxed scripts should generally deny calling this
 104         method.
 105
 106         @param action
 107                action object to be executed
 108         @param restriction
 109                access control context to restrict permission; null for no restriction
 110         @return
 111                 result
 112         @throws com::sun::star::uno::Exception
 113                 any UNO exception may be thrown
 114     */
 115     any doPrivileged(
 116         [in] XAction action,
 117         [in] XAccessControlContext restriction )
 118         raises (com::sun::star::uno::Exception);
 119
 120     /** This method takes a "snapshot" of the current calling context
 121         and returns it.
 122         <p>
 123         This context may then be checked at a later point, possibly in another thread.
 124         </p>
 125         @return
 126                 snapshot of context
 127     */
 128     XAccessControlContext getContext();
 129 };
 130
 131
 132 }; }; }; };
 133
 134 #endif
 135
 136 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */