summaryrefslogtreecommitdiffstats
path: root/kjsembed/jssecuritypolicy.h
diff options
context:
space:
mode:
authortoma <toma@283d02a7-25f6-0310-bc7c-ecb5cbfe19da>2009-11-25 17:56:58 +0000
committertoma <toma@283d02a7-25f6-0310-bc7c-ecb5cbfe19da>2009-11-25 17:56:58 +0000
commit90825e2392b2d70e43c7a25b8a3752299a933894 (patch)
treee33aa27f02b74604afbfd0ea4f1cfca8833d882a /kjsembed/jssecuritypolicy.h
downloadtdebindings-90825e2392b2d70e43c7a25b8a3752299a933894.tar.gz
tdebindings-90825e2392b2d70e43c7a25b8a3752299a933894.zip
Copy the KDE 3.5 branch to branches/trinity for new KDE 3.5 features.
BUG:215923 git-svn-id: svn://anonsvn.kde.org/home/kde/branches/trinity/kdebindings@1054174 283d02a7-25f6-0310-bc7c-ecb5cbfe19da
Diffstat (limited to 'kjsembed/jssecuritypolicy.h')
-rw-r--r--kjsembed/jssecuritypolicy.h153
1 files changed, 153 insertions, 0 deletions
diff --git a/kjsembed/jssecuritypolicy.h b/kjsembed/jssecuritypolicy.h
new file mode 100644
index 00000000..0709b214
--- /dev/null
+++ b/kjsembed/jssecuritypolicy.h
@@ -0,0 +1,153 @@
+// -*- c++ -*-
+
+/*
+ * Copyright (C) 2001-2003, Richard J. Moore <rich@kde.org>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Library General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Library General Public License for more details.
+ *
+ * You should have received a copy of the GNU Library General Public License
+ * along with this library; see the file COPYING.LIB. If not, write to
+ * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ * Boston, MA 02110-1301, USA.
+ */
+
+#ifndef KJSEMBEDSECURITYPOLICY_H
+#define KJSEMBEDSECURITYPOLICY_H
+#include "global.h"
+#include <kjsembed/jsobjectproxy.h>
+
+namespace KJSEmbed {
+
+class JSObjectProxy;
+
+/**
+ * Implements the default security policy.
+ * This class defines the interface for security policies, and provides
+ * a default implementation that should be sufficient for most situations.
+ * <h3>Security Checks</h3>
+ * A SecurityPolicy must define tests for the following situations:
+ * <ul>
+ * <li>Does this request come from the correct @ref KJS::Interpreter ?
+ * <li>Is the script allowed to access the specified QObject ?
+ * <li>Is the script allowed to access the specified property ?
+ * </ul>
+ * The various isAllowed() methods are called automatically by @ref JSObjectProxy
+ * when a script attempts to perform a controlled operation.
+ *
+ * <h3>Default Policy</h3>
+ * The security policy applied by default is as follows:
+ * <ul>
+ * <li>Only the interpreter specified when the initial binding was
+ * defined may access the proxy.
+ * <li>Scripts may only access QObjects that are children of the root
+ * object. The root object is specified when the embedding application
+ * creates the initial binding, and is automatically inherited by any
+ * sub-proxies that may be created by the script.
+ * <li>Scripts may access any properties of the objects they can access.
+ * </ul>
+ * Applications tjat want a custom policy should define a SecurityPolicy
+ * that re-implement the various isAllowed() methods, then use
+ * @ref JSObjectProxy::setSecurityPolicy() to apply the policy to a proxy.
+ *
+ * @see KJSEmbed::JSObjectProxy
+ * @author Richard Moore, rich@kde.org
+ * $Id$
+ */
+class KJSEMBED_EXPORT JSSecurityPolicy
+{
+public:
+ JSSecurityPolicy( uint capabilities = 0 );
+ virtual ~JSSecurityPolicy();
+
+ /**
+ * Defines a set of flags that indicate if access to a given API
+ * should be allowed.
+ */
+ enum Capabilities {
+ CapabilityTree = 0x0001,
+ CapabilityGetProperties = 0x0002,
+ CapabilitySetProperties = 0x0004,
+ CapabilitySlots = 0x0008,
+ CapabilityFactory = 0x0010,
+ CapabilityTopLevel = 0x0020,
+ CapabilityCustom = 0x4000,
+
+ CapabilityNone = 0x0000,
+ CapabilityReadOnly = CapabilityTree | CapabilityGetProperties,
+ CapabilityReadWrite = CapabilityReadOnly | CapabilitySetProperties | CapabilitySlots,
+ CapabilityAll = 0xffff
+ };
+
+ /**
+ * Returns true if any of the specified capabilities are allowed.
+ */
+ bool hasCapability( uint cap ) const { return (cap & caps) ? true : false; }
+
+ /**
+ * Specifies that the passed capabilities are allowed.
+ */
+ void setCapability( uint cap ) { caps = caps | cap; }
+
+ /**
+ * Specifies that the passed capabilities are disallowed.
+ */
+ void clearCapability( uint cap ) { caps = caps | (CapabilityAll & cap); }
+
+ /**
+ * Returns true if the specified interpreter may access the proxy.
+ */
+ virtual bool isInterpreterAllowed( const JSObjectProxy *prx, const KJS::Interpreter *interp ) const;
+
+ /**
+ * Returns true if scripts are allowed to see the specified QObject.
+ */
+ virtual bool isObjectAllowed( const JSObjectProxy *prx, const QObject *obj ) const;
+
+ /**
+ * Returns true if scripts are allowed to see the specified property.
+ */
+ virtual bool isPropertyAllowed( const JSObjectProxy *prx, const QObject *obj, const char *prop ) const;
+
+ /**
+ * Returns true if scripts are allowed to create the specified child object.
+ */
+ virtual bool isCreateAllowed( const JSObjectProxy *prx, const QObject *parent,
+ const QString &clazz, const QString &name ) const;
+
+ /**
+ * Returns the default SecurityPolicy.
+ */
+ static JSSecurityPolicy *defaultPolicy();
+
+ /**
+ * Sets the default SecurityPolicy.
+ */
+ static void setDefaultPolicy( JSSecurityPolicy *pol );
+
+ /**
+ * Sets the default SecurityPolicy.
+ */
+ static void setDefaultPolicy( uint capabilities );
+
+ /**
+ * Deletes the default SecurityPolicy.
+ */
+ static void deleteDefaultPolicy();
+
+private:
+ static JSSecurityPolicy *policy;
+ uint caps;
+ class JSSecurityPolicyPrivate *d;
+};
+
+} // namespace KJSEmbed
+
+#endif // KJSEMBEDSECURITYPOLICY_H