udkapi/com/sun/star/security/XAccessController.idl

   1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
   2 /*
   3  * This file is part of the LibreOffice project.
   4  *
   5  * This Source Code Form is subject to the terms of the Mozilla Public
   6  * License, v. 2.0. If a copy of the MPL was not distributed with this
   7  * file, You can obtain one at http://mozilla.org/MPL/2.0/.
   8  *
   9  * This file incorporates work covered by the following license notice:
  10  *
  11  *   Licensed to the Apache Software Foundation (ASF) under one or more
  12  *   contributor license agreements. See the NOTICE file distributed
  13  *   with this work for additional information regarding copyright
  14  *   ownership. The ASF licenses this file to you under the Apache
  15  *   License, Version 2.0 (the "License"); you may not use this file
  16  *   except in compliance with the License. You may obtain a copy of
  17  *   the License at http://www.apache.org/licenses/LICENSE-2.0 .
  18  */
  19
  20
  21
  22 module com {  module sun {  module star {  module security {
  23
  24
  25 /** Interface for checking permissions and invoking privileged or restricted
  26     actions.
  27
  28     @since OOo 1.1.2
  29 */
  30 published interface XAccessController : com::sun::star::uno::XInterface
  31 {
  32     /** Determines whether the access request indicated by the specified
  33         permission should be allowed or denied, based on the security policy
  34         currently in effect.
  35         The semantics are equivalent to the security permission classes of
  36         the Java platform.
  37         <p>
  38         You can also pass a sequence of permissions (sequence< any >) to check
  39         a set of permissions, e.g. for performance reasons.
  40         This method quietly returns if the access request is permitted,
  41         or throws a suitable AccessControlException otherwise.
  42         </p>
  43
  44         @param perm
  45                permission to be checked
  46
  47         @throws AccessControlException
  48                 thrown if access is denied
  49
  50         @see ::com::sun::star::security::AccessControlException
  51         @see ::com::sun::star::security::AllPermission
  52         @see ::com::sun::star::security::RuntimePermission
  53         @see ::com::sun::star::io::FilePermission
  54         @see ::com::sun::star::connection::SocketPermission
  55     */
  56     void checkPermission(
  57         [in] any perm )
  58         raises (AccessControlException);
  59
  60     /** Perform the specified action restricting permissions to the given
  61         XAccessControlContext.
  62         The action is performed with the intersection of the permissions of the currently installed
  63         XAccessControlContext, the given XAccessControlContext and the security policy currently
  64         in effect.  The latter includes static security, e.g. based on user credentials.
  65         <p>
  66         If the specified XAccessControlContext is null, then the action is performed
  67         with unmodified permissions, i.e. the call makes no sense.
  68         </p>
  69
  70         @param action
  71                action object to be executed
  72         @param restriction
  73                access control context to restrict permission; null for no restriction
  74         @return
  75                 result
  76         @throws com::sun::star::uno::Exception
  77                 any UNO exception may be thrown
  78     */
  79     any doRestricted(
  80         [in] XAction action,
  81         [in] XAccessControlContext restriction )
  82         raises (com::sun::star::uno::Exception);
  83
  84     /** Perform the specified action adding a set of permissions defined by the given
  85         XAccessControlContext.
  86         The action is performed with the union of the permissions of the currently installed
  87         XAccessControlContext, the given XAccessControlContext and the security policy currently
  88         in effect.  The latter includes static security, e.g. based on user credentials.
  89         <p>
  90         If the given XAccessControlContext is null, then the action is performed
  91         <b>only</b> with the permissions of the security policy currently in effect.
  92         </p>
  93
  94         @attention
  95         Do carefully use this method only for well known use-cases to avoid exploits!
  96         Script engines executing sandboxed scripts should generally deny calling this
  97         method.
  98
  99         @param action
 100                action object to be executed
 101         @param restriction
 102                access control context to restrict permission; null for no restriction
 103         @return
 104                 result
 105         @throws com::sun::star::uno::Exception
 106                 any UNO exception may be thrown
 107     */
 108     any doPrivileged(
 109         [in] XAction action,
 110         [in] XAccessControlContext restriction )
 111         raises (com::sun::star::uno::Exception);
 112
 113     /** This method takes a "snapshot" of the current calling context
 114         and returns it.
 115         <p>
 116         This context may then be checked at a later point, possibly in another thread.
 117         </p>
 118         @return
 119                 snapshot of context
 120     */
 121     XAccessControlContext getContext();
 122 };
 123
 124
 125 }; }; }; };
 126
 127 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */