search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Version 5.4.3.2, tag libreoffice-5.4.3.2
[LibreOffice.git] / stoc / source / security / access_controller.cxx
blob6772d2ba2a8ad43b8c1a2947f8f2aed9e5f867d4
1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /*
3 * This file is part of the LibreOffice project.
4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 *
9 * This file incorporates work covered by the following license notice:
10 *
11 * Licensed to the Apache Software Foundation (ASF) under one or more
12 * contributor license agreements. See the NOTICE file distributed
13 * with this work for additional information regarding copyright
14 * ownership. The ASF licenses this file to you under the Apache
15 * License, Version 2.0 (the "License"); you may not use this file
16 * except in compliance with the License. You may obtain a copy of
17 * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 */
19
20
21 #include <vector>
22
23 #include <osl/diagnose.h>
24 #include <osl/mutex.hxx>
25 #include <osl/thread.hxx>
26
27 #include <rtl/ref.hxx>
28 #include <rtl/ustrbuf.hxx>
29
30 #include <uno/current_context.h>
31 #include <uno/lbnames.h>
32
33 #include <cppuhelper/implbase.hxx>
34 #include <cppuhelper/compbase.hxx>
35 #include <cppuhelper/implementationentry.hxx>
36 #include <cppuhelper/supportsservice.hxx>
37
38 #include <com/sun/star/uno/XCurrentContext.hpp>
39 #include <com/sun/star/uno/DeploymentException.hpp>
40 #include <com/sun/star/lang/DisposedException.hpp>
41 #include <com/sun/star/lang/XComponent.hpp>
42 #include <com/sun/star/lang/XServiceInfo.hpp>
43 #include <com/sun/star/lang/XInitialization.hpp>
44 #include <com/sun/star/security/XAccessController.hpp>
45 #include <com/sun/star/security/XPolicy.hpp>
46
47 #include "lru_cache.h"
48 #include "permissions.h"
49
50 #include <memory>
51
52 #define SERVICE_NAME "com.sun.star.security.AccessController"
53 #define USER_CREDS "access-control.user-credentials"
54
55
56 using namespace ::std;
57 using namespace ::osl;
58 using namespace ::cppu;
59 using namespace ::com::sun::star;
60 using namespace css::uno;
61 using namespace stoc_sec;
62
63 namespace {
64
65 // static stuff initialized when loading lib
66 static OUString s_envType = CPPU_CURRENT_LANGUAGE_BINDING_NAME;
67 const char s_acRestriction[] = "access-control.restriction";
68
69
70 /** ac context intersects permissions of two ac contexts
71 */
72 class acc_Intersection
73 : public WeakImplHelper< security::XAccessControlContext >
74 {
75 Reference< security::XAccessControlContext > m_x1, m_x2;
76
77 inline acc_Intersection(
78 Reference< security::XAccessControlContext > const & x1,
79 Reference< security::XAccessControlContext > const & x2 );
80
81 public:
82 static inline Reference< security::XAccessControlContext > create(
83 Reference< security::XAccessControlContext > const & x1,
84 Reference< security::XAccessControlContext > const & x2 );
85
86 // XAccessControlContext impl
87 virtual void SAL_CALL checkPermission(
88 Any const & perm ) override;
89 };
90
91 inline acc_Intersection::acc_Intersection(
92 Reference< security::XAccessControlContext > const & x1,
93 Reference< security::XAccessControlContext > const & x2 )
94 : m_x1( x1 )
95 , m_x2( x2 )
96 {}
97
98 inline Reference< security::XAccessControlContext > acc_Intersection::create(
99 Reference< security::XAccessControlContext > const & x1,
100 Reference< security::XAccessControlContext > const & x2 )
101 {
102 if (! x1.is())
103 return x2;
104 if (! x2.is())
105 return x1;
106 return new acc_Intersection( x1, x2 );
107 }
108
109 void acc_Intersection::checkPermission(
110 Any const & perm )
111 {
112 m_x1->checkPermission( perm );
113 m_x2->checkPermission( perm );
114 }
115
116 /** ac context unifies permissions of two ac contexts
117 */
118 class acc_Union
119 : public WeakImplHelper< security::XAccessControlContext >
120 {
121 Reference< security::XAccessControlContext > m_x1, m_x2;
122
123 inline acc_Union(
124 Reference< security::XAccessControlContext > const & x1,
125 Reference< security::XAccessControlContext > const & x2 );
126
127 public:
128 static inline Reference< security::XAccessControlContext > create(
129 Reference< security::XAccessControlContext > const & x1,
130 Reference< security::XAccessControlContext > const & x2 );
131
132 // XAccessControlContext impl
133 virtual void SAL_CALL checkPermission(
134 Any const & perm ) override;
135 };
136
137 inline acc_Union::acc_Union(
138 Reference< security::XAccessControlContext > const & x1,
139 Reference< security::XAccessControlContext > const & x2 )
140 : m_x1( x1 )
141 , m_x2( x2 )
142 {}
143
144 inline Reference< security::XAccessControlContext > acc_Union::create(
145 Reference< security::XAccessControlContext > const & x1,
146 Reference< security::XAccessControlContext > const & x2 )
147 {
148 if (! x1.is())
149 return Reference< security::XAccessControlContext >(); // unrestricted
150 if (! x2.is())
151 return Reference< security::XAccessControlContext >(); // unrestricted
152 return new acc_Union( x1, x2 );
153 }
154
155 void acc_Union::checkPermission(
156 Any const & perm )
157 {
158 try
159 {
160 m_x1->checkPermission( perm );
161 }
162 catch (security::AccessControlException &)
163 {
164 m_x2->checkPermission( perm );
165 }
166 }
167
168 /** ac context doing permission checks on static permissions
169 */
170 class acc_Policy
171 : public WeakImplHelper< security::XAccessControlContext >
172 {
173 PermissionCollection m_permissions;
174
175 public:
176 explicit acc_Policy(
177 PermissionCollection const & permissions )
178 : m_permissions( permissions )
179 {}
180
181 // XAccessControlContext impl
182 virtual void SAL_CALL checkPermission(
183 Any const & perm ) override;
184 };
185
186 void acc_Policy::checkPermission(
187 Any const & perm )
188 {
189 m_permissions.checkPermission( perm );
190 }
191
192 /** current context overriding dynamic ac restriction
193 */
194 class acc_CurrentContext
195 : public WeakImplHelper< XCurrentContext >
196 {
197 Reference< XCurrentContext > m_xDelegate;
198 Any m_restriction;
199
200 public:
201 inline acc_CurrentContext(
202 Reference< XCurrentContext > const & xDelegate,
203 Reference< security::XAccessControlContext > const & xRestriction );
204
205 // XCurrentContext impl
206 virtual Any SAL_CALL getValueByName( OUString const & name ) override;
207 };
208
209 inline acc_CurrentContext::acc_CurrentContext(
210 Reference< XCurrentContext > const & xDelegate,
211 Reference< security::XAccessControlContext > const & xRestriction )
212 : m_xDelegate( xDelegate )
213 {
214 if (xRestriction.is())
215 {
216 m_restriction <<= xRestriction;
217 }
218 // return empty any otherwise on getValueByName(), not null interface
219 }
220
221 Any acc_CurrentContext::getValueByName( OUString const & name )
222 {
223 if (name == s_acRestriction)
224 {
225 return m_restriction;
226 }
227 else if (m_xDelegate.is())
228 {
229 return m_xDelegate->getValueByName( name );
230 }
231 else
232 {
233 return Any();
234 }
235 }
236
237
238 inline Reference< security::XAccessControlContext > getDynamicRestriction(
239 Reference< XCurrentContext > const & xContext )
240 {
241 if (xContext.is())
242 {
243 Any acc(xContext->getValueByName(s_acRestriction));
244 if (typelib_TypeClass_INTERFACE == acc.pType->eTypeClass)
245 {
246 // avoid ref-counting
247 OUString const & typeName =
248 OUString::unacquired( &acc.pType->pTypeName );
249 if ( typeName == "com.sun.star.security.XAccessControlContext" )
250 {
251 return Reference< security::XAccessControlContext >(
252 *static_cast< security::XAccessControlContext ** const >( acc.pData ) );
253 }
254 else // try to query
255 {
256 return Reference< security::XAccessControlContext >::query(
257 *static_cast< XInterface ** const >( acc.pData ) );
258 }
259 }
260 }
261 return Reference< security::XAccessControlContext >();
262 }
263
264 class cc_reset
265 {
266 void * m_cc;
267 public:
268 explicit cc_reset( void * cc )
269 : m_cc( cc ) {}
270 ~cc_reset()
271 { ::uno_setCurrentContext( m_cc, s_envType.pData, nullptr ); }
272 };
273
274 struct MutexHolder
275 {
276 Mutex m_mutex;
277 };
278 typedef WeakComponentImplHelper<
279 security::XAccessController, lang::XServiceInfo, lang::XInitialization > t_helper;
280
281
282 class AccessController
283 : public MutexHolder
284 , public t_helper
285 {
286 Reference< XComponentContext > m_xComponentContext;
287
288 Reference< security::XPolicy > m_xPolicy;
289 Reference< security::XPolicy > const & getPolicy();
290
291 // mode
292 enum Mode { OFF, ON, DYNAMIC_ONLY, SINGLE_USER, SINGLE_DEFAULT_USER } m_mode;
293
294 PermissionCollection m_defaultPermissions;
295 // for single-user mode
296 PermissionCollection m_singleUserPermissions;
297 OUString m_singleUserId;
298 bool m_defaultPerm_init;
299 bool m_singleUser_init;
300 // for multi-user mode
301 lru_cache< OUString, PermissionCollection, OUStringHash, equal_to< OUString > >
302 m_user2permissions;
303
304 ThreadData m_rec;
305 typedef vector< pair< OUString, Any > > t_rec_vec;
306 inline void clearPostPoned();
307 void checkAndClearPostPoned();
308
309 PermissionCollection getEffectivePermissions(
310 Reference< XCurrentContext > const & xContext,
311 Any const & demanded_perm );
312
313 protected:
314 virtual void SAL_CALL disposing() override;
315
316 public:
317 explicit AccessController( Reference< XComponentContext > const & xComponentContext );
318
319 // XInitialization impl
320 virtual void SAL_CALL initialize(
321 Sequence< Any > const & arguments ) override;
322
323 // XAccessController impl
324 virtual void SAL_CALL checkPermission(
325 Any const & perm ) override;
326 virtual Any SAL_CALL doRestricted(
327 Reference< security::XAction > const & xAction,
328 Reference< security::XAccessControlContext > const & xRestriction ) override;
329 virtual Any SAL_CALL doPrivileged(
330 Reference< security::XAction > const & xAction,
331 Reference< security::XAccessControlContext > const & xRestriction ) override;
332 virtual Reference< security::XAccessControlContext > SAL_CALL getContext() override;
333
334 // XServiceInfo impl
335 virtual OUString SAL_CALL getImplementationName() override;
336 virtual sal_Bool SAL_CALL supportsService( OUString const & serviceName ) override;
337 virtual Sequence< OUString > SAL_CALL getSupportedServiceNames() override;
338 };
339
340 AccessController::AccessController( Reference< XComponentContext > const & xComponentContext )
341 : t_helper( m_mutex )
342 , m_xComponentContext( xComponentContext )
343 , m_mode( ON ) // default
344 , m_defaultPerm_init( false )
345 , m_singleUser_init( false )
346 , m_rec( nullptr )
347 {
348 // The .../mode value had originally been set in
349 // cppu::add_access_control_entries (cppuhelper/source/servicefactory.cxx)
350 // to something other than "off" depending on various UNO_AC* bootstrap
351 // variables that are no longer supported, so this is mostly dead code now:
352 OUString mode;
353 if (m_xComponentContext->getValueByName( "/services/" SERVICE_NAME "/mode" ) >>= mode)
354 {
355 if ( mode == "off" )
356 {
357 m_mode = OFF;
358 }
359 else if ( mode == "on" )
360 {
361 m_mode = ON;
362 }
363 else if ( mode == "dynamic-only" )
364 {
365 m_mode = DYNAMIC_ONLY;
366 }
367 else if ( mode == "single-user" )
368 {
369 m_xComponentContext->getValueByName(
370 "/services/" SERVICE_NAME "/single-user-id" ) >>= m_singleUserId;
371 if (m_singleUserId.isEmpty())
372 {
373 throw RuntimeException(
374 "expected a user id in component context entry "
375 "\"/services/" SERVICE_NAME "/single-user-id\"!",
376 static_cast<OWeakObject *>(this) );
377 }
378 m_mode = SINGLE_USER;
379 }
380 else if ( mode == "single-default-user" )
381 {
382 m_mode = SINGLE_DEFAULT_USER;
383 }
384 }
385
386 // switch on caching for DYNAMIC_ONLY and ON (shareable multi-user process)
387 if (ON == m_mode || DYNAMIC_ONLY == m_mode)
388 {
389 sal_Int32 cacheSize = 0; // multi-user cache size
390 if (! (m_xComponentContext->getValueByName(
391 "/services/" SERVICE_NAME "/user-cache-size" ) >>= cacheSize))
392 {
393 cacheSize = 128; // reasonable default?
394 }
395 #ifdef __CACHE_DIAGNOSE
396 cacheSize = 2;
397 #endif
398 m_user2permissions.setSize( cacheSize );
399 }
400 }
401
402 void AccessController::disposing()
403 {
404 m_mode = OFF; // avoid checks from now on xxx todo review/ better DYNAMIC_ONLY?
405 m_xPolicy.clear();
406 m_xComponentContext.clear();
407 }
408
409 // XInitialization impl
410
411 void AccessController::initialize(
412 Sequence< Any > const & arguments )
413 {
414 // xxx todo: review for forking
415 // portal forking hack: re-initialize for another user-id
416 if (SINGLE_USER != m_mode) // only if in single-user mode
417 {
418 throw RuntimeException(
419 "invalid call: ac must be in \"single-user\" mode!", static_cast<OWeakObject *>(this) );
420 }
421 OUString userId;
422 arguments[ 0 ] >>= userId;
423 if ( userId.isEmpty() )
424 {
425 throw RuntimeException(
426 "expected a user-id as first argument!", static_cast<OWeakObject *>(this) );
427 }
428 // assured that no sync is necessary: no check happens at this forking time
429 m_singleUserId = userId;
430 m_singleUser_init = false;
431 }
432
433
434 Reference< security::XPolicy > const & AccessController::getPolicy()
435 {
436 // get policy singleton
437 if (! m_xPolicy.is())
438 {
439 Reference< security::XPolicy > xPolicy;
440 m_xComponentContext->getValueByName(
441 "/singletons/com.sun.star.security.thePolicy" ) >>= xPolicy;
442 if (xPolicy.is())
443 {
444 MutexGuard guard( m_mutex );
445 if (! m_xPolicy.is())
446 {
447 m_xPolicy = xPolicy;
448 }
449 }
450 else
451 {
452 throw SecurityException(
453 "cannot get policy singleton!", static_cast<OWeakObject *>(this) );
454 }
455 }
456 return m_xPolicy;
457 }
458
459 #ifdef __DIAGNOSE
460 static void dumpPermissions(
461 PermissionCollection const & collection, OUString const & userId = OUString() )
462 {
463 OUStringBuffer buf( 48 );
464 if (!userId.isEmpty())
465 {
466 buf.append( "> dumping permissions of user \"" );
467 buf.append( userId );
468 buf.append( "\":" );
469 }
470 else
471 {
472 buf.append( "> dumping default permissions:" );
473 }
474 SAL_INFO("stoc", buf.makeStringAndClear() );
475 Sequence< OUString > permissions( collection.toStrings() );
476 OUString const * p = permissions.getConstArray();
477 for ( sal_Int32 nPos = 0; nPos < permissions.getLength(); ++nPos )
478 {
479 SAL_INFO("stoc", p[ nPos ] );
480 }
481 SAL_INFO("stoc", "> permission dump done" );
482 }
483 #endif
484
485
486 inline void AccessController::clearPostPoned()
487 {
488 delete static_cast< t_rec_vec * >( m_rec.getData() );
489 m_rec.setData( nullptr );
490 }
491
492 void AccessController::checkAndClearPostPoned()
493 {
494 // check postponed permissions
495 std::unique_ptr< t_rec_vec > rec( static_cast< t_rec_vec * >( m_rec.getData() ) );
496 m_rec.setData( nullptr ); // takeover ownership
497 OSL_ASSERT( rec.get() );
498 if (rec.get())
499 {
500 t_rec_vec const & vec = *rec.get();
501 switch (m_mode)
502 {
503 case SINGLE_USER:
504 {
505 OSL_ASSERT( m_singleUser_init );
506 for (const auto & p : vec)
507 {
508 OSL_ASSERT( m_singleUserId.equals( p.first ) );
509 m_singleUserPermissions.checkPermission( p.second );
510 }
511 break;
512 }
513 case SINGLE_DEFAULT_USER:
514 {
515 OSL_ASSERT( m_defaultPerm_init );
516 for (const auto & p : vec)
517 {
518 OSL_ASSERT( p.first.isEmpty() ); // default-user
519 m_defaultPermissions.checkPermission( p.second );
520 }
521 break;
522 }
523 case ON:
524 {
525 for (const auto & p : vec)
526 {
527 PermissionCollection const * pPermissions;
528 // lookup policy for user
529 {
530 MutexGuard guard( m_mutex );
531 pPermissions = m_user2permissions.lookup( p.first );
532 }
533 OSL_ASSERT( pPermissions );
534 if (pPermissions)
535 {
536 pPermissions->checkPermission( p.second );
537 }
538 }
539 break;
540 }
541 default:
542 OSL_FAIL( "### this should never be called in this ac mode!" );
543 break;
544 }
545 }
546 }
547
548 /** this is the only function calling the policy singleton and thus has to take care
549 of recurring calls!
550
551 @param demanded_perm (if not empty) is the demanded permission of a checkPermission() call
552 which will be postponed for recurring calls
553 */
554 PermissionCollection AccessController::getEffectivePermissions(
555 Reference< XCurrentContext > const & xContext,
556 Any const & demanded_perm )
557 {
558 OUString userId;
559
560 switch (m_mode)
561 {
562 case SINGLE_USER:
563 {
564 if (m_singleUser_init)
565 return m_singleUserPermissions;
566 userId = m_singleUserId;
567 break;
568 }
569 case SINGLE_DEFAULT_USER:
570 {
571 if (m_defaultPerm_init)
572 return m_defaultPermissions;
573 break;
574 }
575 case ON:
576 {
577 if (xContext.is())
578 {
579 xContext->getValueByName( USER_CREDS ".id" ) >>= userId;
580 }
581 if ( userId.isEmpty() )
582 {
583 throw SecurityException(
584 "cannot determine current user in multi-user ac!", static_cast<OWeakObject *>(this) );
585 }
586
587 // lookup policy for user
588 MutexGuard guard( m_mutex );
589 PermissionCollection const * pPermissions = m_user2permissions.lookup( userId );
590 if (pPermissions)
591 return *pPermissions;
592 break;
593 }
594 default:
595 OSL_FAIL( "### this should never be called in this ac mode!" );
596 return PermissionCollection();
597 }
598
599 // call on policy
600 // iff this is a recurring call for the default user, then grant all permissions
601 t_rec_vec * rec = static_cast< t_rec_vec * >( m_rec.getData() );
602 if (rec) // tls entry exists => this is recursive call
603 {
604 if (demanded_perm.hasValue())
605 {
606 // enqueue
607 rec->push_back( pair< OUString, Any >( userId, demanded_perm ) );
608 }
609 #ifdef __DIAGNOSE
610 OUStringBuffer buf( 48 );
611 buf.append( "> info: recurring call of user \"" );
612 buf.append( userId );
613 buf.append( "\"" );
614 OString str(
615 OUStringToOString( buf.makeStringAndClear(), RTL_TEXTENCODING_ASCII_US ) );
616 SAL_INFO("stoc",( "%s", str.getStr() );
617 #endif
618 return PermissionCollection( new AllPermission() );
619 }
620 else // no tls
621 {
622 rec = new t_rec_vec;
623 m_rec.setData( rec );
624 }
625
626 try // calls on API
627 {
628 // init default permissions
629 if (! m_defaultPerm_init)
630 {
631 PermissionCollection defaultPermissions(
632 getPolicy()->getDefaultPermissions() );
633 // assign
634 MutexGuard guard( m_mutex );
635 if (! m_defaultPerm_init)
636 {
637 m_defaultPermissions = defaultPermissions;
638 m_defaultPerm_init = true;
639 }
640 #ifdef __DIAGNOSE
641 dumpPermissions( m_defaultPermissions );
642 #endif
643 }
644
645 PermissionCollection ret;
646
647 // init user permissions
648 switch (m_mode)
649 {
650 case SINGLE_USER:
651 {
652 ret = PermissionCollection(
653 getPolicy()->getPermissions( userId ), m_defaultPermissions );
654 {
655 // assign
656 MutexGuard guard( m_mutex );
657 if (m_singleUser_init)
658 {
659 ret = m_singleUserPermissions;
660 }
661 else
662 {
663 m_singleUserPermissions = ret;
664 m_singleUser_init = true;
665 }
666 }
667 #ifdef __DIAGNOSE
668 dumpPermissions( ret, userId );
669 #endif
670 break;
671 }
672 case SINGLE_DEFAULT_USER:
673 {
674 ret = m_defaultPermissions;
675 break;
676 }
677 case ON:
678 {
679 ret = PermissionCollection(
680 getPolicy()->getPermissions( userId ), m_defaultPermissions );
681 {
682 // cache
683 MutexGuard guard( m_mutex );
684 m_user2permissions.set( userId, ret );
685 }
686 #ifdef __DIAGNOSE
687 dumpPermissions( ret, userId );
688 #endif
689 break;
690 }
691 default:
692 break;
693 }
694
695 // check postponed
696 checkAndClearPostPoned();
697 return ret;
698 }
699 catch (const security::AccessControlException & exc) // wrapped into DeploymentException
700 {
701 clearPostPoned(); // safety: exception could have happened before checking postponed?
702 throw DeploymentException( "deployment error (AccessControlException occurred): " + exc.Message, exc.Context );
703 }
704 catch (RuntimeException &)
705 {
706 // don't check postponed, just cleanup
707 clearPostPoned();
708 delete static_cast< t_rec_vec * >( m_rec.getData() );
709 m_rec.setData( nullptr );
710 throw;
711 }
712 catch (Exception &)
713 {
714 // check postponed permissions first
715 // => AccessControlExceptions are errors, user exceptions not!
716 checkAndClearPostPoned();
717 throw;
718 }
719 catch (...)
720 {
721 // don't check postponed, just cleanup
722 clearPostPoned();
723 throw;
724 }
725 }
726
727 // XAccessController impl
728
729 void AccessController::checkPermission(
730 Any const & perm )
731 {
732 if (rBHelper.bDisposed)
733 {
734 throw lang::DisposedException(
735 "checkPermission() call on disposed AccessController!", static_cast<OWeakObject *>(this) );
736 }
737
738 if (OFF == m_mode)
739 return;
740
741 // first dynamic check of ac contexts
742 Reference< XCurrentContext > xContext;
743 ::uno_getCurrentContext( reinterpret_cast<void **>(&xContext), s_envType.pData, nullptr );
744 Reference< security::XAccessControlContext > xACC( getDynamicRestriction( xContext ) );
745 if (xACC.is())
746 {
747 xACC->checkPermission( perm );
748 }
749
750 if (DYNAMIC_ONLY == m_mode)
751 return;
752
753 // then static check
754 getEffectivePermissions( xContext, perm ).checkPermission( perm );
755 }
756
757 Any AccessController::doRestricted(
758 Reference< security::XAction > const & xAction,
759 Reference< security::XAccessControlContext > const & xRestriction )
760 {
761 if (rBHelper.bDisposed)
762 {
763 throw lang::DisposedException(
764 "doRestricted() call on disposed AccessController!", static_cast<OWeakObject *>(this) );
765 }
766
767 if (OFF == m_mode) // optimize this way, because no dynamic check will be performed
768 return xAction->run();
769
770 if (xRestriction.is())
771 {
772 Reference< XCurrentContext > xContext;
773 ::uno_getCurrentContext( reinterpret_cast<void **>(&xContext), s_envType.pData, nullptr );
774
775 // override restriction
776 Reference< XCurrentContext > xNewContext(
777 new acc_CurrentContext( xContext, acc_Intersection::create(
778 xRestriction, getDynamicRestriction( xContext ) ) ) );
779 ::uno_setCurrentContext( xNewContext.get(), s_envType.pData, nullptr );
780 cc_reset reset( xContext.get() );
781 return xAction->run();
782 }
783 else
784 {
785 return xAction->run();
786 }
787 }
788
789 Any AccessController::doPrivileged(
790 Reference< security::XAction > const & xAction,
791 Reference< security::XAccessControlContext > const & xRestriction )
792 {
793 if (rBHelper.bDisposed)
794 {
795 throw lang::DisposedException(
796 "doPrivileged() call on disposed AccessController!", static_cast<OWeakObject *>(this) );
797 }
798
799 if (OFF == m_mode) // no dynamic check will be performed
800 {
801 return xAction->run();
802 }
803
804 Reference< XCurrentContext > xContext;
805 ::uno_getCurrentContext( reinterpret_cast<void **>(&xContext), s_envType.pData, nullptr );
806
807 Reference< security::XAccessControlContext > xOldRestr(
808 getDynamicRestriction( xContext ) );
809
810 if (xOldRestr.is()) // previous restriction
811 {
812 // override restriction
813 Reference< XCurrentContext > xNewContext(
814 new acc_CurrentContext( xContext, acc_Union::create( xRestriction, xOldRestr ) ) );
815 ::uno_setCurrentContext( xNewContext.get(), s_envType.pData, nullptr );
816 cc_reset reset( xContext.get() );
817 return xAction->run();
818 }
819 else // no previous restriction => never current restriction
820 {
821 return xAction->run();
822 }
823 }
824
825 Reference< security::XAccessControlContext > AccessController::getContext()
826 {
827 if (rBHelper.bDisposed)
828 {
829 throw lang::DisposedException(
830 "getContext() call on disposed AccessController!", static_cast<OWeakObject *>(this) );
831 }
832
833 if (OFF == m_mode) // optimize this way, because no dynamic check will be performed
834 {
835 return new acc_Policy( PermissionCollection( new AllPermission() ) );
836 }
837
838 Reference< XCurrentContext > xContext;
839 ::uno_getCurrentContext( reinterpret_cast<void **>(&xContext), s_envType.pData, nullptr );
840
841 return acc_Intersection::create(
842 getDynamicRestriction( xContext ),
843 new acc_Policy( getEffectivePermissions( xContext, Any() ) ) );
844 }
845
846 // XServiceInfo impl
847
848 OUString AccessController::getImplementationName()
849 {
850 return OUString("com.sun.star.security.comp.stoc.AccessController");
851 }
852
853 sal_Bool AccessController::supportsService( OUString const & serviceName )
854 {
855 return cppu::supportsService(this, serviceName);
856 }
857
858 Sequence< OUString > AccessController::getSupportedServiceNames()
859 {
860 Sequence<OUString> aSNS { SERVICE_NAME };
861 return aSNS;
862 }
863
864 }
865
866 extern "C" SAL_DLLPUBLIC_EXPORT css::uno::XInterface * SAL_CALL
867 com_sun_star_security_comp_stoc_AccessController_get_implementation(
868 css::uno::XComponentContext *context,
869 css::uno::Sequence<css::uno::Any> const &)
870 {
871 return cppu::acquire(new AccessController(context));
872 }
873
874 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
FREE OFFICE SUITE