signon  8.58
accesscontrolmanagerhelper.h
Go to the documentation of this file.
1 /* -*- Mode: C++; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /*
3  * This file is part of signon
4  *
5  * Copyright (C) 2009-2010 Nokia Corporation.
6  * Copyright (C) 2011 Intel Corporation.
7  * Copyright (C) 2013 Canonical Ltd.
8  *
9  * Contact: Aurel Popirtac <ext-Aurel.Popirtac@nokia.com>
10  * Contact: Alberto Mardegan <alberto.mardegan@canonical.com>
11  * Contact: Elena Reshetova <elena.reshetova@intel.com>
12  *
13  * This library is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU Lesser General Public License
15  * version 2.1 as published by the Free Software Foundation.
16  *
17  * This library is distributed in the hope that it will be useful, but
18  * WITHOUT ANY WARRANTY; without even the implied warranty of
19  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20  * Lesser General Public License for more details.
21  *
22  * You should have received a copy of the GNU Lesser General Public
23  * License along with this library; if not, write to the Free Software
24  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
25  * 02110-1301 USA
26  */
27 
34 #ifndef ACCESSCONTROLMANAGERHELPER_H
35 #define ACCESSCONTROLMANAGERHELPER_H
36 
37 #include <QDBusConnection>
38 #include <QDBusContext>
39 #include <QDBusMessage>
40 
41 #include "signonauthsession.h"
42 #include "SignOn/abstract-access-control-manager.h"
43 
44 namespace SignonDaemonNS {
45 
52 {
53 public:
64  };
65 
66  AccessControlManagerHelper(SignOn::AbstractAccessControlManager *acManager);
68 
73  static pid_t pidOfPeer(const QDBusContext &peerContext);
74  static pid_t pidOfPeer(const QDBusConnection &peerConnection,
75  const QDBusMessage &peerMessage);
76 
77  /* creating an instance of a class */
79 
87  bool isPeerAllowedToUseIdentity(const QDBusConnection &peerConnection,
88  const QDBusMessage &peerMessage,
89  const quint32 identityId);
90 
101  IdentityOwnership isPeerOwnerOfIdentity(const QDBusConnection &peerConnection,
102  const QDBusMessage &peerMessage,
103  const quint32 identityId);
104 
114  bool isPeerAllowedToUseAuthSession(const QDBusConnection &peerConnection,
115  const QDBusMessage &peerMessage,
116  const SignonAuthSession &authSession)
117  {
118  return isPeerAllowedToUseIdentity(peerConnection, peerMessage,
119  authSession.id());
120  }
121 
131  bool isPeerAllowedToUseAuthSession(const QDBusConnection &peerConnection,
132  const QDBusMessage &peerMessage,
133  const quint32 ownerIdentityId)
134  {
135  return isPeerAllowedToUseIdentity(peerConnection, peerMessage,
136  ownerIdentityId);
137  }
138 
144  bool isPeerKeychainWidget(const QDBusConnection &peerConnection,
145  const QDBusMessage &peerMessage);
146 
154  QString appIdOfPeer(const QDBusConnection &peerConnection,
155  const QDBusMessage &peerMessage);
156 
167  bool isPeerAllowedToAccess(const QDBusConnection &peerConnection,
168  const QDBusMessage &peerMessage,
169  const QString securityContext);
170 
181  bool peerHasOneOfAccesses(const QDBusConnection &peerConnection,
182  const QDBusMessage &peerMessage,
183  const QStringList secContexts);
184 
185  SignOn::AccessReply *
186  requestAccessToIdentity(const QDBusConnection &peerConnection,
187  const QDBusMessage &peerMessage,
188  quint32 id);
189 
190 private:
191  SignOn::AbstractAccessControlManager *m_acManager;
192  static AccessControlManagerHelper* m_pInstance;
193 };
194 
195 } // namespace SignonDaemonNS
196 
197 #endif // ACCESSCONTROLMANAGER_H
bool peerHasOneOfAccesses(const QDBusConnection &peerConnection, const QDBusMessage &peerMessage, const QStringList secContexts)
Checks if a client process is allowed to access at least one object from the list with a certain secu...
QString appIdOfPeer(const QDBusConnection &peerConnection, const QDBusMessage &peerMessage)
Looks up for the application identifier of a specific client process.
Daemon side representation of authentication session.
static AccessControlManagerHelper * instance()
bool isPeerKeychainWidget(const QDBusConnection &peerConnection, const QDBusMessage &peerMessage)
AccessControlManagerHelper(SignOn::AbstractAccessControlManager *acManager)
SignOn::AccessReply * requestAccessToIdentity(const QDBusConnection &peerConnection, const QDBusMessage &peerMessage, quint32 id)
static pid_t pidOfPeer(const QDBusContext &peerContext)
bool isPeerAllowedToUseAuthSession(const QDBusConnection &peerConnection, const QDBusMessage &peerMessage, const SignonAuthSession &authSession)
Checks if a specific process is allowed to use the SignonAuthSession functionality.
IdentityOwnership
Specifies the owner relationship of an application over a specific identity, or the lack of ownership...
bool isPeerAllowedToUseAuthSession(const QDBusConnection &peerConnection, const QDBusMessage &peerMessage, const quint32 ownerIdentityId)
Checks if a specific process is allowed to use the SignonAuthSession functionality.
IdentityOwnership isPeerOwnerOfIdentity(const QDBusConnection &peerConnection, const QDBusMessage &peerMessage, const quint32 identityId)
Checks if a specific process is the owner of a SignonIdentity, thus having full control over it...
bool isPeerAllowedToAccess(const QDBusConnection &peerConnection, const QDBusMessage &peerMessage, const QString securityContext)
Checks if a client process is allowed to access objects with a certain security context.
Contains helper functions related to Access Control.
bool isPeerAllowedToUseIdentity(const QDBusConnection &peerConnection, const QDBusMessage &peerMessage, const quint32 identityId)
Checks if a client process is allowed to use a specific SignonIdentity.