summaryrefslogtreecommitdiffstats
path: root/udkapi/com/sun/star/security
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-15 05:54:39 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-15 05:54:39 +0000
commit267c6f2ac71f92999e969232431ba04678e7437e (patch)
tree358c9467650e1d0a1d7227a21dac2e3d08b622b2 /udkapi/com/sun/star/security
parentInitial commit. (diff)
downloadlibreoffice-267c6f2ac71f92999e969232431ba04678e7437e.tar.xz
libreoffice-267c6f2ac71f92999e969232431ba04678e7437e.zip
Adding upstream version 4:24.2.0.upstream/4%24.2.0
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'udkapi/com/sun/star/security')
-rw-r--r--udkapi/com/sun/star/security/AccessControlException.idl45
-rw-r--r--udkapi/com/sun/star/security/AccessController.idl43
-rw-r--r--udkapi/com/sun/star/security/AllPermission.idl43
-rw-r--r--udkapi/com/sun/star/security/Policy.idl32
-rw-r--r--udkapi/com/sun/star/security/RuntimePermission.idl39
-rw-r--r--udkapi/com/sun/star/security/XAccessControlContext.idl71
-rw-r--r--udkapi/com/sun/star/security/XAccessController.idl127
-rw-r--r--udkapi/com/sun/star/security/XAction.idl45
-rw-r--r--udkapi/com/sun/star/security/XPolicy.idl57
9 files changed, 502 insertions, 0 deletions
diff --git a/udkapi/com/sun/star/security/AccessControlException.idl b/udkapi/com/sun/star/security/AccessControlException.idl
new file mode 100644
index 0000000000..84b5e29be0
--- /dev/null
+++ b/udkapi/com/sun/star/security/AccessControlException.idl
@@ -0,0 +1,45 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed
+ * with this work for additional information regarding copyright
+ * ownership. The ASF licenses this file to you under the Apache
+ * License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+
+
+module com { module sun { module star { module security {
+
+
+/** Exception notifying a lacking permission to access data or execute code
+ thus it is thrown if permission ought to be denied.
+
+ @since OOo 1.1.2
+*/
+published exception AccessControlException : com::sun::star::uno::SecurityException
+{
+ /** lacking permission.
+
+ @attention
+ If it is the case, that XAccessController::checkPermission() was called
+ passing a sequence< any >, i.e. a sequence of permissions are demanded,
+ then this any holds the sequence of lacking permissions in the same
+ order as they were passed to XAccessController::checkPermission().
+ */
+ any LackingPermission;
+};
+
+
+}; }; }; };
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/udkapi/com/sun/star/security/AccessController.idl b/udkapi/com/sun/star/security/AccessController.idl
new file mode 100644
index 0000000000..d5dd2f1054
--- /dev/null
+++ b/udkapi/com/sun/star/security/AccessController.idl
@@ -0,0 +1,43 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed
+ * with this work for additional information regarding copyright
+ * ownership. The ASF licenses this file to you under the Apache
+ * License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+
+
+
+module com { module sun { module star { module security {
+
+/** This meta service supports the XAccessController interface for checking
+ security permissions.
+
+ @attention
+ The specific service implementation of this meta service has to take care
+ of bootstrapping problems, i.e. recurring calls during initialization
+ have to be resolved. This happens when the implementation calls other
+ service implementations.
+
+ Also, it obviously has also to be ensured that the object is process-local
+ to assure that permission checks are not corrupted via insecure inter-process
+ communication.
+
+ @since OOo 1.1.2
+*/
+published service AccessController : XAccessController;
+
+}; }; }; };
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/udkapi/com/sun/star/security/AllPermission.idl b/udkapi/com/sun/star/security/AllPermission.idl
new file mode 100644
index 0000000000..7c916c69f0
--- /dev/null
+++ b/udkapi/com/sun/star/security/AllPermission.idl
@@ -0,0 +1,43 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed
+ * with this work for additional information regarding copyright
+ * ownership. The ASF licenses this file to you under the Apache
+ * License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+
+module com { module sun { module star { module security {
+
+
+/** The AllPermission is a permission that implies all other permissions.
+
+ @attention
+ Granting AllPermission should be done with extreme care, as it implies all
+ other permissions. Thus, it grants code the ability to run with security
+ disabled. Extreme caution should be taken before granting such a
+ permission to code. This permission should be used only during testing,
+ or in extremely rare cases where an application is completely trusted and
+ adding the necessary permissions to the policy is prohibitively cumbersome.
+
+ @since OOo 1.1.2
+*/
+published struct AllPermission
+{
+ byte dummy;
+};
+
+
+}; }; }; };
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/udkapi/com/sun/star/security/Policy.idl b/udkapi/com/sun/star/security/Policy.idl
new file mode 100644
index 0000000000..ac0f5ecd61
--- /dev/null
+++ b/udkapi/com/sun/star/security/Policy.idl
@@ -0,0 +1,32 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed
+ * with this work for additional information regarding copyright
+ * ownership. The ASF licenses this file to you under the Apache
+ * License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+
+
+module com { module sun { module star { module security {
+
+/** Service for getting sets of permissions reading from some persistent
+ storage.
+
+ @since OOo 1.1.2
+*/
+published service Policy : XPolicy;
+
+}; }; }; };
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/udkapi/com/sun/star/security/RuntimePermission.idl b/udkapi/com/sun/star/security/RuntimePermission.idl
new file mode 100644
index 0000000000..e918a038ec
--- /dev/null
+++ b/udkapi/com/sun/star/security/RuntimePermission.idl
@@ -0,0 +1,39 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed
+ * with this work for additional information regarding copyright
+ * ownership. The ASF licenses this file to you under the Apache
+ * License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+
+module com { module sun { module star { module security {
+
+
+/** This permission grants runtime access to some named functionality.
+ A RuntimePermission contains a name (also referred to as a "target name")
+ but no actions list; you either have the named permission or you don't.
+
+ @since OOo 1.1.2
+*/
+published struct RuntimePermission
+{
+ /** name of permission
+ */
+ string Name;
+};
+
+
+}; }; }; };
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/udkapi/com/sun/star/security/XAccessControlContext.idl b/udkapi/com/sun/star/security/XAccessControlContext.idl
new file mode 100644
index 0000000000..b6ed5b8688
--- /dev/null
+++ b/udkapi/com/sun/star/security/XAccessControlContext.idl
@@ -0,0 +1,71 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed
+ * with this work for additional information regarding copyright
+ * ownership. The ASF licenses this file to you under the Apache
+ * License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+
+
+
+module com { module sun { module star { module security {
+
+
+/** An XAccessControlContext is used to make system resource access decisions
+ based on the context it encapsulates.
+ <p>
+ More specifically, it encapsulates a context and has methods to check
+ permissions equivalent to XAccessController interface,
+ with one difference:
+ The XAccessControlContext makes access decisions
+ based on the context it encapsulates, rather than
+ that of the current execution thread.
+ </p>
+
+ @since OOo 1.1.2
+*/
+published interface XAccessControlContext : com::sun::star::uno::XInterface
+{
+ /** Determines whether the access request indicated by the specified
+ permission should be allowed or denied, based on this context.
+ The semantics are equivalent to the security permission classes of
+ the Java platform.
+ <p>
+ You can also pass a sequence of permissions (sequence< any >) to check
+ a set of permissions, e.g. for performance reasons.
+ This method quietly returns if the access request is permitted,
+ or throws a suitable AccessControlException otherwise.
+ </p>
+
+ @param perm
+ permission to be checked
+
+ @throws AccessControlException
+ thrown if access is denied
+
+ @see ::com::sun::star::security::AccessControlException
+ @see ::com::sun::star::security::AllPermission
+ @see ::com::sun::star::security::RuntimePermission
+ @see ::com::sun::star::io::FilePermission
+ @see ::com::sun::star::connection::SocketPermission
+ */
+ void checkPermission(
+ [in] any perm )
+ raises (AccessControlException);
+};
+
+
+}; }; }; };
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/udkapi/com/sun/star/security/XAccessController.idl b/udkapi/com/sun/star/security/XAccessController.idl
new file mode 100644
index 0000000000..50c1a38af5
--- /dev/null
+++ b/udkapi/com/sun/star/security/XAccessController.idl
@@ -0,0 +1,127 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed
+ * with this work for additional information regarding copyright
+ * ownership. The ASF licenses this file to you under the Apache
+ * License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+
+
+
+module com { module sun { module star { module security {
+
+
+/** Interface for checking permissions and invoking privileged or restricted
+ actions.
+
+ @since OOo 1.1.2
+*/
+published interface XAccessController : com::sun::star::uno::XInterface
+{
+ /** Determines whether the access request indicated by the specified
+ permission should be allowed or denied, based on the security policy
+ currently in effect.
+ The semantics are equivalent to the security permission classes of
+ the Java platform.
+ <p>
+ You can also pass a sequence of permissions (sequence< any >) to check
+ a set of permissions, e.g. for performance reasons.
+ This method quietly returns if the access request is permitted,
+ or throws a suitable AccessControlException otherwise.
+ </p>
+
+ @param perm
+ permission to be checked
+
+ @throws AccessControlException
+ thrown if access is denied
+
+ @see ::com::sun::star::security::AccessControlException
+ @see ::com::sun::star::security::AllPermission
+ @see ::com::sun::star::security::RuntimePermission
+ @see ::com::sun::star::io::FilePermission
+ @see ::com::sun::star::connection::SocketPermission
+ */
+ void checkPermission(
+ [in] any perm )
+ raises (AccessControlException);
+
+ /** Perform the specified action restricting permissions to the given
+ XAccessControlContext.
+ The action is performed with the intersection of the permissions of the currently installed
+ XAccessControlContext, the given XAccessControlContext and the security policy currently
+ in effect. The latter includes static security, e.g. based on user credentials.
+ <p>
+ If the specified XAccessControlContext is null, then the action is performed
+ with unmodified permissions, i.e. the call makes no sense.
+ </p>
+
+ @param action
+ action object to be executed
+ @param restriction
+ access control context to restrict permission; null for no restriction
+ @return
+ result
+ @throws com::sun::star::uno::Exception
+ any UNO exception may be thrown
+ */
+ any doRestricted(
+ [in] XAction action,
+ [in] XAccessControlContext restriction )
+ raises (com::sun::star::uno::Exception);
+
+ /** Perform the specified action adding a set of permissions defined by the given
+ XAccessControlContext.
+ The action is performed with the union of the permissions of the currently installed
+ XAccessControlContext, the given XAccessControlContext and the security policy currently
+ in effect. The latter includes static security, e.g. based on user credentials.
+ <p>
+ If the given XAccessControlContext is null, then the action is performed
+ <b>only</b> with the permissions of the security policy currently in effect.
+ </p>
+
+ @attention
+ Do carefully use this method only for well known use-cases to avoid exploits!
+ Script engines executing sandboxed scripts should generally deny calling this
+ method.
+
+ @param action
+ action object to be executed
+ @param restriction
+ access control context to restrict permission; null for no restriction
+ @return
+ result
+ @throws com::sun::star::uno::Exception
+ any UNO exception may be thrown
+ */
+ any doPrivileged(
+ [in] XAction action,
+ [in] XAccessControlContext restriction )
+ raises (com::sun::star::uno::Exception);
+
+ /** This method takes a "snapshot" of the current calling context
+ and returns it.
+ <p>
+ This context may then be checked at a later point, possibly in another thread.
+ </p>
+ @return
+ snapshot of context
+ */
+ XAccessControlContext getContext();
+};
+
+
+}; }; }; };
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/udkapi/com/sun/star/security/XAction.idl b/udkapi/com/sun/star/security/XAction.idl
new file mode 100644
index 0000000000..259950be8e
--- /dev/null
+++ b/udkapi/com/sun/star/security/XAction.idl
@@ -0,0 +1,45 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed
+ * with this work for additional information regarding copyright
+ * ownership. The ASF licenses this file to you under the Apache
+ * License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+
+
+
+module com { module sun { module star { module security {
+
+
+/** Interface for running an action.
+
+ @since OOo 1.1.2
+*/
+published interface XAction : com::sun::star::uno::XInterface
+{
+ /** Action to be done.
+
+ @return
+ result
+ @throws com::sun::star::uno::Exception
+ any UNO exception may be thrown
+ */
+ any run()
+ raises (com::sun::star::uno::Exception);
+};
+
+
+}; }; }; };
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/udkapi/com/sun/star/security/XPolicy.idl b/udkapi/com/sun/star/security/XPolicy.idl
new file mode 100644
index 0000000000..4d42e7fea2
--- /dev/null
+++ b/udkapi/com/sun/star/security/XPolicy.idl
@@ -0,0 +1,57 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed
+ * with this work for additional information regarding copyright
+ * ownership. The ASF licenses this file to you under the Apache
+ * License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+
+
+module com { module sun { module star { module security {
+
+/** Interface for getting sets of permissions of a specified user or
+ the default permissions if no user is given.
+
+ @see com::sun::star::security::Policy
+
+ @since OOo 1.1.2
+*/
+published interface XPolicy : com::sun::star::uno::XInterface
+{
+ /** Gets the permissions of the specified user excluding the default permissions
+ granted to all users.
+
+ @param userId
+ user id
+ @return
+ permissions of the specified user
+ */
+ sequence< any > getPermissions(
+ [in] string userId );
+
+ /** Gets the default permissions granted to all users.
+
+ @return
+ default permissions
+ */
+ sequence< any > getDefaultPermissions();
+
+ /** Refreshes the policy configuration.
+ */
+ void refresh();
+};
+
+}; }; }; };
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */