Line data Source code
1 : /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 : /*
3 : * This file is part of the LibreOffice project.
4 : *
5 : * This Source Code Form is subject to the terms of the Mozilla Public
6 : * License, v. 2.0. If a copy of the MPL was not distributed with this
7 : * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 : *
9 : * This file incorporates work covered by the following license notice:
10 : *
11 : * Licensed to the Apache Software Foundation (ASF) under one or more
12 : * contributor license agreements. See the NOTICE file distributed
13 : * with this work for additional information regarding copyright
14 : * ownership. The ASF licenses this file to you under the Apache
15 : * License, Version 2.0 (the "License"); you may not use this file
16 : * except in compliance with the License. You may obtain a copy of
17 : * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 : */
19 :
20 :
21 : #include <vector>
22 :
23 : #include <osl/process.h>
24 : #include <osl/socket.hxx>
25 : #include <osl/mutex.hxx>
26 :
27 : #include <rtl/string.hxx>
28 : #include <rtl/ustrbuf.hxx>
29 :
30 : #include <com/sun/star/security/RuntimePermission.hpp>
31 : #include <com/sun/star/security/AllPermission.hpp>
32 : #include <com/sun/star/io/FilePermission.hpp>
33 : #include <com/sun/star/connection/SocketPermission.hpp>
34 : #include <com/sun/star/security/AccessControlException.hpp>
35 :
36 : #include "permissions.h"
37 :
38 : #define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) )
39 :
40 :
41 : using namespace ::std;
42 : using namespace ::osl;
43 : using namespace ::com::sun::star;
44 : using namespace ::com::sun::star::uno;
45 : using ::rtl::OUString;
46 : using ::rtl::OUStringBuffer;
47 :
48 : namespace stoc_sec
49 : {
50 :
51 : //--------------------------------------------------------------------------------------------------
52 0 : static inline sal_Int32 makeMask(
53 : OUString const & items, char const * const * strings ) SAL_THROW(())
54 : {
55 0 : sal_Int32 mask = 0;
56 :
57 0 : sal_Int32 n = 0;
58 0 : do
59 : {
60 0 : OUString item( items.getToken( 0, ',', n ).trim() );
61 0 : if ( item.isEmpty())
62 0 : continue;
63 0 : sal_Int32 nPos = 0;
64 0 : while (strings[ nPos ])
65 : {
66 0 : if (item.equalsAscii( strings[ nPos ] ))
67 : {
68 0 : mask |= (0x80000000 >> nPos);
69 0 : break;
70 : }
71 0 : ++nPos;
72 0 : }
73 : #if OSL_DEBUG_LEVEL > 0
74 : if (! strings[ nPos ])
75 : {
76 : OUStringBuffer buf( 48 );
77 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("### ignoring unknown socket action: ") );
78 : buf.append( item );
79 : ::rtl::OString str( ::rtl::OUStringToOString(
80 : buf.makeStringAndClear(), RTL_TEXTENCODING_ASCII_US ) );
81 : OSL_TRACE( "%s", str.getStr() );
82 : }
83 : #endif
84 : }
85 : while (n >= 0); // all items
86 0 : return mask;
87 : }
88 : //--------------------------------------------------------------------------------------------------
89 0 : static inline OUString makeStrings(
90 : sal_Int32 mask, char const * const * strings ) SAL_THROW(())
91 : {
92 0 : OUStringBuffer buf( 48 );
93 0 : while (mask)
94 : {
95 0 : if (0x80000000 & mask)
96 : {
97 0 : buf.appendAscii( *strings );
98 0 : if (mask << 1) // more items following
99 0 : buf.append( (sal_Unicode)',' );
100 : }
101 0 : mask = (mask << 1);
102 0 : ++strings;
103 : }
104 0 : return buf.makeStringAndClear();
105 : }
106 :
107 : //##################################################################################################
108 :
109 : //==================================================================================================
110 0 : class SocketPermission : public Permission
111 : {
112 : static char const * s_actions [];
113 : sal_Int32 m_actions;
114 :
115 : OUString m_host;
116 : sal_Int32 m_lowerPort;
117 : sal_Int32 m_upperPort;
118 : mutable OUString m_ip;
119 : mutable bool m_resolveErr;
120 : mutable bool m_resolvedHost;
121 : bool m_wildCardHost;
122 :
123 : inline bool resolveHost() const SAL_THROW(());
124 :
125 : public:
126 : SocketPermission(
127 : connection::SocketPermission const & perm,
128 : ::rtl::Reference< Permission > const & next = ::rtl::Reference< Permission >() )
129 : SAL_THROW(());
130 : virtual bool implies( Permission const & perm ) const SAL_THROW(());
131 : virtual OUString toString() const SAL_THROW(());
132 : };
133 : //__________________________________________________________________________________________________
134 : char const * SocketPermission::s_actions [] = { "accept", "connect", "listen", "resolve", 0 };
135 : //__________________________________________________________________________________________________
136 0 : SocketPermission::SocketPermission(
137 : connection::SocketPermission const & perm,
138 : ::rtl::Reference< Permission > const & next )
139 : SAL_THROW(())
140 : : Permission( SOCKET, next )
141 0 : , m_actions( makeMask( perm.Actions, s_actions ) )
142 : , m_host( perm.Host )
143 : , m_lowerPort( 0 )
144 : , m_upperPort( 65535 )
145 : , m_resolveErr( false )
146 : , m_resolvedHost( false )
147 0 : , m_wildCardHost( !perm.Host.isEmpty() && '*' == perm.Host.pData->buffer[ 0 ] )
148 : {
149 0 : if (0xe0000000 & m_actions) // if any (except resolve) is given => resolve implied
150 0 : m_actions |= 0x10000000;
151 :
152 : // separate host from portrange
153 0 : sal_Int32 colon = m_host.indexOf( ':' );
154 0 : if (colon >= 0) // port [range] given
155 : {
156 0 : sal_Int32 minus = m_host.indexOf( '-', colon +1 );
157 0 : if (minus < 0)
158 : {
159 0 : m_lowerPort = m_upperPort = m_host.copy( colon +1 ).toInt32();
160 : }
161 0 : else if (minus == (colon +1)) // -N
162 : {
163 0 : m_upperPort = m_host.copy( minus +1 ).toInt32();
164 : }
165 0 : else if (minus == (m_host.getLength() -1)) // N-
166 : {
167 0 : m_lowerPort = m_host.copy( colon +1, m_host.getLength() -1 -colon -1 ).toInt32();
168 : }
169 : else // A-B
170 : {
171 0 : m_lowerPort = m_host.copy( colon +1, minus - colon -1 ).toInt32();
172 0 : m_upperPort = m_host.copy( minus +1, m_host.getLength() -minus -1 ).toInt32();
173 : }
174 0 : m_host = m_host.copy( 0, colon );
175 : }
176 0 : }
177 : //__________________________________________________________________________________________________
178 0 : inline bool SocketPermission::resolveHost() const SAL_THROW(())
179 : {
180 0 : if (m_resolveErr)
181 0 : return false;
182 :
183 0 : if (! m_resolvedHost)
184 : {
185 : // dns lookup
186 0 : SocketAddr addr;
187 0 : SocketAddr::resolveHostname( m_host, addr );
188 0 : OUString ip;
189 : m_resolveErr = (::osl_Socket_Ok != ::osl_getDottedInetAddrOfSocketAddr(
190 0 : addr.getHandle(), &ip.pData ));
191 0 : if (m_resolveErr)
192 0 : return false;
193 :
194 0 : MutexGuard guard( Mutex::getGlobalMutex() );
195 0 : if (! m_resolvedHost)
196 : {
197 0 : m_ip = ip;
198 0 : m_resolvedHost = true;
199 0 : }
200 : }
201 0 : return m_resolvedHost;
202 : }
203 : //__________________________________________________________________________________________________
204 0 : bool SocketPermission::implies( Permission const & perm ) const SAL_THROW(())
205 : {
206 : // check type
207 0 : if (SOCKET != perm.m_type)
208 0 : return false;
209 0 : SocketPermission const & demanded = static_cast< SocketPermission const & >( perm );
210 :
211 : // check actions
212 0 : if ((m_actions & demanded.m_actions) != demanded.m_actions)
213 0 : return false;
214 :
215 : // check ports
216 0 : if (demanded.m_lowerPort < m_lowerPort)
217 0 : return false;
218 0 : if (demanded.m_upperPort > m_upperPort)
219 0 : return false;
220 :
221 : // quick check host (DNS names: RFC 1034/1035)
222 0 : if (m_host.equalsIgnoreAsciiCase( demanded.m_host ))
223 0 : return true;
224 : // check for host wildcards
225 0 : if (m_wildCardHost)
226 : {
227 0 : OUString const & demanded_host = demanded.m_host;
228 0 : if (demanded_host.getLength() <= m_host.getLength())
229 0 : return false;
230 0 : sal_Int32 len = m_host.getLength() -1; // skip star
231 : return (0 == ::rtl_ustr_compareIgnoreAsciiCase_WithLength(
232 0 : demanded_host.getStr() + demanded_host.getLength() - len, len,
233 0 : m_host.pData->buffer + 1, len ));
234 : }
235 0 : if (demanded.m_wildCardHost)
236 0 : return false;
237 :
238 : // compare IP addresses
239 0 : if (! resolveHost())
240 0 : return false;
241 0 : if (! demanded.resolveHost())
242 0 : return false;
243 0 : return (sal_False != m_ip.equals( demanded.m_ip ));
244 : }
245 : //__________________________________________________________________________________________________
246 0 : OUString SocketPermission::toString() const SAL_THROW(())
247 : {
248 0 : OUStringBuffer buf( 48 );
249 : // host
250 : buf.appendAscii(
251 0 : RTL_CONSTASCII_STRINGPARAM("com.sun.star.connection.SocketPermission (host=\"") );
252 0 : buf.append( m_host );
253 0 : if (m_resolvedHost)
254 : {
255 0 : buf.append( (sal_Unicode)'[' );
256 0 : buf.append( m_ip );
257 0 : buf.append( (sal_Unicode)']' );
258 : }
259 : // port
260 0 : if (0 != m_lowerPort || 65535 != m_upperPort)
261 : {
262 0 : buf.append( (sal_Unicode)':' );
263 0 : if (m_lowerPort > 0)
264 0 : buf.append( m_lowerPort );
265 0 : if (m_upperPort > m_lowerPort)
266 : {
267 0 : buf.append( (sal_Unicode)'-' );
268 0 : if (m_upperPort < 65535)
269 0 : buf.append( m_upperPort );
270 : }
271 : }
272 : // actions
273 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\", actions=\"") );
274 0 : buf.append( makeStrings( m_actions, s_actions ) );
275 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\")") );
276 0 : return buf.makeStringAndClear();
277 : }
278 :
279 : //##################################################################################################
280 :
281 : //==================================================================================================
282 0 : class FilePermission : public Permission
283 : {
284 : static char const * s_actions [];
285 : sal_Int32 m_actions;
286 :
287 : OUString m_url;
288 : bool m_allFiles;
289 :
290 : public:
291 : FilePermission(
292 : io::FilePermission const & perm,
293 : ::rtl::Reference< Permission > const & next = ::rtl::Reference< Permission >() )
294 : SAL_THROW(());
295 : virtual bool implies( Permission const & perm ) const SAL_THROW(());
296 : virtual OUString toString() const SAL_THROW(());
297 : };
298 : //__________________________________________________________________________________________________
299 : char const * FilePermission::s_actions [] = { "read", "write", "execute", "delete", 0 };
300 : //--------------------------------------------------------------------------------------------------
301 0 : static OUString const & getWorkingDir() SAL_THROW(())
302 : {
303 : static OUString * s_workingDir = 0;
304 0 : if (! s_workingDir)
305 : {
306 0 : OUString workingDir;
307 0 : ::osl_getProcessWorkingDir( &workingDir.pData );
308 :
309 0 : MutexGuard guard( Mutex::getGlobalMutex() );
310 0 : if (! s_workingDir)
311 : {
312 0 : static OUString s_dir( workingDir );
313 0 : s_workingDir = &s_dir;
314 0 : }
315 : }
316 0 : return *s_workingDir;
317 : }
318 : //__________________________________________________________________________________________________
319 0 : FilePermission::FilePermission(
320 : io::FilePermission const & perm,
321 : ::rtl::Reference< Permission > const & next )
322 : SAL_THROW(())
323 : : Permission( FILE, next )
324 0 : , m_actions( makeMask( perm.Actions, s_actions ) )
325 : , m_url( perm.URL )
326 0 : , m_allFiles( sal_False != perm.URL.equalsAsciiL(RTL_CONSTASCII_STRINGPARAM("<<ALL FILES>>")) )
327 : {
328 0 : if (! m_allFiles)
329 : {
330 0 : if ( m_url == "*" )
331 : {
332 0 : OUStringBuffer buf( 64 );
333 0 : buf.append( getWorkingDir() );
334 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("/*") );
335 0 : m_url = buf.makeStringAndClear();
336 : }
337 0 : else if ( m_url == "-" )
338 : {
339 0 : OUStringBuffer buf( 64 );
340 0 : buf.append( getWorkingDir() );
341 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("/-") );
342 0 : m_url = buf.makeStringAndClear();
343 : }
344 0 : else if (0 != m_url.compareToAscii( RTL_CONSTASCII_STRINGPARAM("file:///") ))
345 : {
346 : // relative path
347 0 : OUString out;
348 : oslFileError rc = ::osl_getAbsoluteFileURL(
349 0 : getWorkingDir().pData, perm.URL.pData, &out.pData );
350 0 : m_url = (osl_File_E_None == rc ? out : perm.URL); // fallback
351 : }
352 : #ifdef SAL_W32
353 : // correct win drive letters
354 : if (9 < m_url.getLength() && '|' == m_url[ 9 ]) // file:///X|
355 : {
356 : static OUString s_colon = OUSTR(":");
357 : // common case in API is a ':' (sal), so convert '|' to ':'
358 : m_url = m_url.replaceAt( 9, 1, s_colon );
359 : }
360 : #endif
361 : }
362 0 : }
363 : //__________________________________________________________________________________________________
364 0 : bool FilePermission::implies( Permission const & perm ) const SAL_THROW(())
365 : {
366 : // check type
367 0 : if (FILE != perm.m_type)
368 0 : return false;
369 0 : FilePermission const & demanded = static_cast< FilePermission const & >( perm );
370 :
371 : // check actions
372 0 : if ((m_actions & demanded.m_actions) != demanded.m_actions)
373 0 : return false;
374 :
375 : // check url
376 0 : if (m_allFiles)
377 0 : return true;
378 0 : if (demanded.m_allFiles)
379 0 : return false;
380 :
381 : #ifdef SAL_W32
382 : if (m_url.equalsIgnoreAsciiCase( demanded.m_url ))
383 : return true;
384 : #else
385 0 : if (m_url.equals( demanded.m_url ))
386 0 : return true;
387 : #endif
388 0 : if (m_url.getLength() > demanded.m_url.getLength())
389 0 : return false;
390 : // check /- wildcard: all files and recursive in that path
391 0 : if (1 < m_url.getLength() &&
392 0 : 0 == ::rtl_ustr_ascii_compare_WithLength( m_url.getStr() + m_url.getLength() - 2, 2, "/-" ))
393 : {
394 : // demanded url must start with granted path (including path trailing path sep)
395 0 : sal_Int32 len = m_url.getLength() -1;
396 : #ifdef SAL_W32
397 : return (0 == ::rtl_ustr_compareIgnoreAsciiCase_WithLength(
398 : demanded.m_url.pData->buffer, len, m_url.pData->buffer, len ));
399 : #else
400 : return (0 == ::rtl_ustr_reverseCompare_WithLength(
401 0 : demanded.m_url.pData->buffer, len, m_url.pData->buffer, len ));
402 : #endif
403 : }
404 : // check /* wildcard: all files in that path (not recursive!)
405 0 : if (1 < m_url.getLength() &&
406 0 : 0 == ::rtl_ustr_ascii_compare_WithLength( m_url.getStr() + m_url.getLength() - 2, 2, "/*" ))
407 : {
408 : // demanded url must start with granted path (including path trailing path sep)
409 0 : sal_Int32 len = m_url.getLength() -1;
410 : #ifdef SAL_W32
411 : return ((0 == ::rtl_ustr_compareIgnoreAsciiCase_WithLength(
412 : demanded.m_url.pData->buffer, len, m_url.pData->buffer, len )) &&
413 : (0 > demanded.m_url.indexOf( '/', len ))); // in addition, no deeper paths
414 : #else
415 : return ((0 == ::rtl_ustr_reverseCompare_WithLength(
416 0 : demanded.m_url.pData->buffer, len, m_url.pData->buffer, len )) &&
417 0 : (0 > demanded.m_url.indexOf( '/', len ))); // in addition, no deeper paths
418 : #endif
419 : }
420 0 : return false;
421 : }
422 : //__________________________________________________________________________________________________
423 0 : OUString FilePermission::toString() const SAL_THROW(())
424 : {
425 0 : OUStringBuffer buf( 48 );
426 : // url
427 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("com.sun.star.io.FilePermission (url=\"") );
428 0 : buf.append( m_url );
429 : // actions
430 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\", actions=\"") );
431 0 : buf.append( makeStrings( m_actions, s_actions ) );
432 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\")") );
433 0 : return buf.makeStringAndClear();
434 : }
435 :
436 : //##################################################################################################
437 :
438 : //==================================================================================================
439 0 : class RuntimePermission : public Permission
440 : {
441 : OUString m_name;
442 :
443 : public:
444 0 : inline RuntimePermission(
445 : security::RuntimePermission const & perm,
446 : ::rtl::Reference< Permission > const & next = ::rtl::Reference< Permission >() )
447 : SAL_THROW(())
448 : : Permission( RUNTIME, next )
449 0 : , m_name( perm.Name )
450 0 : {}
451 : virtual bool implies( Permission const & perm ) const SAL_THROW(());
452 : virtual OUString toString() const SAL_THROW(());
453 : };
454 : //__________________________________________________________________________________________________
455 0 : bool RuntimePermission::implies( Permission const & perm ) const SAL_THROW(())
456 : {
457 : // check type
458 0 : if (RUNTIME != perm.m_type)
459 0 : return false;
460 0 : RuntimePermission const & demanded = static_cast< RuntimePermission const & >( perm );
461 :
462 : // check name
463 0 : return (sal_False != m_name.equals( demanded.m_name ));
464 : }
465 : //__________________________________________________________________________________________________
466 0 : OUString RuntimePermission::toString() const SAL_THROW(())
467 : {
468 0 : OUStringBuffer buf( 48 );
469 : buf.appendAscii(
470 0 : RTL_CONSTASCII_STRINGPARAM("com.sun.star.security.RuntimePermission (name=\"") );
471 0 : buf.append( m_name );
472 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\")") );
473 0 : return buf.makeStringAndClear();
474 : }
475 :
476 : //##################################################################################################
477 :
478 : //__________________________________________________________________________________________________
479 0 : bool AllPermission::implies( Permission const & ) const SAL_THROW(())
480 : {
481 0 : return true;
482 : }
483 : //__________________________________________________________________________________________________
484 0 : OUString AllPermission::toString() const SAL_THROW(())
485 : {
486 0 : return OUSTR("com.sun.star.security.AllPermission");
487 : }
488 :
489 : //##################################################################################################
490 :
491 : //__________________________________________________________________________________________________
492 0 : PermissionCollection::PermissionCollection(
493 : Sequence< Any > const & permissions, PermissionCollection const & addition )
494 : SAL_THROW( (RuntimeException) )
495 0 : : m_head( addition.m_head )
496 : {
497 0 : Any const * perms = permissions.getConstArray();
498 0 : for ( sal_Int32 nPos = permissions.getLength(); nPos--; )
499 : {
500 0 : Any const & perm = perms[ nPos ];
501 0 : Type const & perm_type = perm.getValueType();
502 :
503 : // supported permission types
504 0 : if (perm_type.equals( ::getCppuType( (io::FilePermission const *)0 ) ))
505 : {
506 : m_head = new FilePermission(
507 0 : *reinterpret_cast< io::FilePermission const * >( perm.pData ), m_head );
508 : }
509 0 : else if (perm_type.equals( ::getCppuType( (connection::SocketPermission const *)0 ) ))
510 : {
511 : m_head = new SocketPermission(
512 0 : *reinterpret_cast< connection::SocketPermission const * >( perm.pData ), m_head );
513 : }
514 0 : else if (perm_type.equals( ::getCppuType( (security::RuntimePermission const *)0 ) ))
515 : {
516 : m_head = new RuntimePermission(
517 0 : *reinterpret_cast< security::RuntimePermission const * >( perm.pData ), m_head );
518 : }
519 0 : else if (perm_type.equals( ::getCppuType( (security::AllPermission const *)0 ) ))
520 : {
521 0 : m_head = new AllPermission( m_head );
522 : }
523 : else
524 : {
525 0 : OUStringBuffer buf( 48 );
526 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM(
527 0 : "checking for unsupported permission type: ") );
528 0 : buf.append( perm_type.getTypeName() );
529 : throw RuntimeException(
530 0 : buf.makeStringAndClear(), Reference< XInterface >() );
531 : }
532 : }
533 0 : }
534 : #ifdef __DIAGNOSE
535 : //__________________________________________________________________________________________________
536 : Sequence< OUString > PermissionCollection::toStrings() const SAL_THROW(())
537 : {
538 : vector< OUString > strings;
539 : strings.reserve( 8 );
540 : for ( Permission * perm = m_head.get(); perm; perm = perm->m_next.get() )
541 : {
542 : strings.push_back( perm->toString() );
543 : }
544 : return Sequence< OUString >(
545 : strings.empty() ? 0 : &strings[ 0 ], strings.size() );
546 : }
547 : #endif
548 : //__________________________________________________________________________________________________
549 0 : inline static bool __implies(
550 : ::rtl::Reference< Permission > const & head, Permission const & demanded ) SAL_THROW(())
551 : {
552 0 : for ( Permission * perm = head.get(); perm; perm = perm->m_next.get() )
553 : {
554 0 : if (perm->implies( demanded ))
555 0 : return true;
556 : }
557 0 : return false;
558 : }
559 :
560 : #ifdef __DIAGNOSE
561 : //--------------------------------------------------------------------------------------------------
562 : static void demanded_diag(
563 : Permission const & perm )
564 : SAL_THROW(())
565 : {
566 : OUStringBuffer buf( 48 );
567 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("demanding ") );
568 : buf.append( perm.toString() );
569 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM(" => ok.") );
570 : ::rtl::OString str(
571 : ::rtl::OUStringToOString( buf.makeStringAndClear(), RTL_TEXTENCODING_ASCII_US ) );
572 : OSL_TRACE( "%s", str.getStr() );
573 : }
574 : #endif
575 : //--------------------------------------------------------------------------------------------------
576 0 : static void throwAccessControlException(
577 : Permission const & perm, Any const & demanded_perm )
578 : SAL_THROW( (security::AccessControlException) )
579 : {
580 0 : OUStringBuffer buf( 48 );
581 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("access denied: ") );
582 0 : buf.append( perm.toString() );
583 : throw security::AccessControlException(
584 0 : buf.makeStringAndClear(), Reference< XInterface >(), demanded_perm );
585 : }
586 : //==================================================================================================
587 0 : void PermissionCollection::checkPermission( Any const & perm ) const
588 : SAL_THROW( (RuntimeException) )
589 : {
590 0 : Type const & demanded_type = perm.getValueType();
591 :
592 : // supported permission types
593 : // stack object of SimpleReferenceObject are ok, as long as they are not
594 : // assigned to a ::rtl::Reference<> (=> delete this)
595 0 : if (demanded_type.equals( ::getCppuType( (io::FilePermission const *)0 ) ))
596 : {
597 : FilePermission demanded(
598 0 : *reinterpret_cast< io::FilePermission const * >( perm.pData ) );
599 0 : if (__implies( m_head, demanded ))
600 : {
601 : #ifdef __DIAGNOSE
602 : demanded_diag( demanded );
603 : #endif
604 : return;
605 : }
606 0 : throwAccessControlException( demanded, perm );
607 : }
608 0 : else if (demanded_type.equals( ::getCppuType( (connection::SocketPermission const *)0 ) ))
609 : {
610 : SocketPermission demanded(
611 0 : *reinterpret_cast< connection::SocketPermission const * >( perm.pData ) );
612 0 : if (__implies( m_head, demanded ))
613 : {
614 : #ifdef __DIAGNOSE
615 : demanded_diag( demanded );
616 : #endif
617 : return;
618 : }
619 0 : throwAccessControlException( demanded, perm );
620 : }
621 0 : else if (demanded_type.equals( ::getCppuType( (security::RuntimePermission const *)0 ) ))
622 : {
623 : RuntimePermission demanded(
624 0 : *reinterpret_cast< security::RuntimePermission const * >( perm.pData ) );
625 0 : if (__implies( m_head, demanded ))
626 : {
627 : #ifdef __DIAGNOSE
628 : demanded_diag( demanded );
629 : #endif
630 : return;
631 : }
632 0 : throwAccessControlException( demanded, perm );
633 : }
634 0 : else if (demanded_type.equals( ::getCppuType( (security::AllPermission const *)0 ) ))
635 : {
636 0 : AllPermission demanded;
637 0 : if (__implies( m_head, demanded ))
638 : {
639 : #ifdef __DIAGNOSE
640 : demanded_diag( demanded );
641 : #endif
642 : return;
643 : }
644 0 : throwAccessControlException( demanded, perm );
645 : }
646 : else
647 : {
648 0 : OUStringBuffer buf( 48 );
649 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("checking for unsupported permission type: ") );
650 0 : buf.append( demanded_type.getTypeName() );
651 : throw RuntimeException(
652 0 : buf.makeStringAndClear(), Reference< XInterface >() );
653 : }
654 : }
655 :
656 : }
657 :
658 : /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
|
