1 files changed, 136 insertions, 0 deletions
diff --git a/udkapi/com/sun/star/security/XAccessController.idl b/udkapi/com/sun/star/security/XAccessController.idl
new file mode 100644
index 000000000..ad792b000
--- /dev/null
+++ b/udkapi/com/sun/star/security/XAccessController.idl
@@ -0,0 +1,136 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ *   Licensed to the Apache Software Foundation (ASF) under one or more
+ *   contributor license agreements. See the NOTICE file distributed
+ *   with this work for additional information regarding copyright
+ *   ownership. The ASF licenses this file to you under the Apache
+ *   License, Version 2.0 (the "License"); you may not use this file
+ *   except in compliance with the License. You may obtain a copy of
+ *   the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+#ifndef __com_sun_star_security_XAccessController_idl__
+#define __com_sun_star_security_XAccessController_idl__
+
+#include <com/sun/star/uno/XInterface.idl>
+#include <com/sun/star/security/XAccessControlContext.idl>
+#include <com/sun/star/security/XAction.idl>
+#include <com/sun/star/security/AccessControlException.idl>
+
+
+
+module com {  module sun {  module star {  module security {
+
+
+/** Interface for checking permissions and invoking privileged or restricted
+    actions.
+
+    @since OOo 1.1.2
+*/
+published interface XAccessController : com::sun::star::uno::XInterface
+{
+    /** Determines whether the access request indicated by the specified
+        permission should be allowed or denied, based on the security policy
+        currently in effect.
+        The semantics are equivalent to the security permission classes of
+        the Java platform.
+        <p>
+        You can also pass a sequence of permissions (sequence< any >) to check
+        a set of permissions, e.g. for performance reasons.
+        This method quietly returns if the access request is permitted,
+        or throws a suitable AccessControlException otherwise.
+        </p>
+
+        @param perm
+               permission to be checked
+
+        @throws AccessControlException
+                thrown if access is denied
+
+        @see ::com::sun::star::security::AccessControlException
+        @see ::com::sun::star::security::AllPermission
+        @see ::com::sun::star::security::RuntimePermission
+        @see ::com::sun::star::io::FilePermission
+        @see ::com::sun::star::connection::SocketPermission
+    */
+    void checkPermission(
+        [in] any perm )
+        raises (AccessControlException);
+
+    /** Perform the specified action restricting permissions to the given
+        XAccessControlContext.
+        The action is performed with the intersection of the permissions of the currently installed
+        XAccessControlContext, the given XAccessControlContext and the security policy currently
+        in effect.  The latter includes static security, e.g. based on user credentials.
+        <p>
+        If the specified XAccessControlContext is null, then the action is performed
+        with unmodified permissions, i.e. the call makes no sense.
+        </p>
+
+        @param action
+               action object to be executed
+        @param restriction
+               access control context to restrict permission; null for no restriction
+        @return
+                result
+        @throws com::sun::star::uno::Exception
+                any UNO exception may be thrown
+    */
+    any doRestricted(
+        [in] XAction action,
+        [in] XAccessControlContext restriction )
+        raises (com::sun::star::uno::Exception);
+
+    /** Perform the specified action adding a set of permissions defined by the given
+        XAccessControlContext.
+        The action is performed with the union of the permissions of the currently installed
+        XAccessControlContext, the given XAccessControlContext and the security policy currently
+        in effect.  The latter includes static security, e.g. based on user credentials.
+        <p>
+        If the given XAccessControlContext is null, then the action is performed
+        <b>only</b> with the permissions of the security policy currently in effect.
+        </p>
+
+        @attention
+        Do carefully use this method only for well known use-cases to avoid exploits!
+        Script engines executing sandboxed scripts should generally deny calling this
+        method.
+
+        @param action
+               action object to be executed
+        @param restriction
+               access control context to restrict permission; null for no restriction
+        @return
+                result
+        @throws com::sun::star::uno::Exception
+                any UNO exception may be thrown
+    */
+    any doPrivileged(
+        [in] XAction action,
+        [in] XAccessControlContext restriction )
+        raises (com::sun::star::uno::Exception);
+
+    /** This method takes a "snapshot" of the current calling context
+        and returns it.
+        <p>
+        This context may then be checked at a later point, possibly in another thread.
+        </p>
+        @return
+                snapshot of context
+    */
+    XAccessControlContext getContext();
+};
+
+
+}; }; }; };
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */