Line data Source code
1 : /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 : /*
3 : * This file is part of the LibreOffice project.
4 : *
5 : * This Source Code Form is subject to the terms of the Mozilla Public
6 : * License, v. 2.0. If a copy of the MPL was not distributed with this
7 : * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 : *
9 : * This file incorporates work covered by the following license notice:
10 : *
11 : * Licensed to the Apache Software Foundation (ASF) under one or more
12 : * contributor license agreements. See the NOTICE file distributed
13 : * with this work for additional information regarding copyright
14 : * ownership. The ASF licenses this file to you under the Apache
15 : * License, Version 2.0 (the "License"); you may not use this file
16 : * except in compliance with the License. You may obtain a copy of
17 : * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 : */
19 :
20 :
21 : #include <vector>
22 :
23 : #include <osl/process.h>
24 : #include <osl/socket.hxx>
25 : #include <osl/mutex.hxx>
26 :
27 : #include <rtl/string.hxx>
28 : #include <rtl/ustrbuf.hxx>
29 :
30 : #include <com/sun/star/security/RuntimePermission.hpp>
31 : #include <com/sun/star/security/AllPermission.hpp>
32 : #include <com/sun/star/io/FilePermission.hpp>
33 : #include <com/sun/star/connection/SocketPermission.hpp>
34 : #include <com/sun/star/security/AccessControlException.hpp>
35 :
36 : #include "permissions.h"
37 :
38 :
39 : using namespace ::std;
40 : using namespace ::osl;
41 : using namespace ::com::sun::star;
42 : using namespace ::com::sun::star::uno;
43 :
44 : namespace stoc_sec
45 : {
46 :
47 : //--------------------------------------------------------------------------------------------------
48 0 : static inline sal_Int32 makeMask(
49 : OUString const & items, char const * const * strings ) SAL_THROW(())
50 : {
51 0 : sal_Int32 mask = 0;
52 :
53 0 : sal_Int32 n = 0;
54 0 : do
55 : {
56 0 : OUString item( items.getToken( 0, ',', n ).trim() );
57 0 : if ( item.isEmpty())
58 0 : continue;
59 0 : sal_Int32 nPos = 0;
60 0 : while (strings[ nPos ])
61 : {
62 0 : if (item.equalsAscii( strings[ nPos ] ))
63 : {
64 0 : mask |= (0x80000000 >> nPos);
65 0 : break;
66 : }
67 0 : ++nPos;
68 0 : }
69 : #if OSL_DEBUG_LEVEL > 0
70 : if (! strings[ nPos ])
71 : {
72 : OUStringBuffer buf( 48 );
73 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("### ignoring unknown socket action: ") );
74 : buf.append( item );
75 : OString str( OUStringToOString(
76 : buf.makeStringAndClear(), RTL_TEXTENCODING_ASCII_US ) );
77 : OSL_TRACE( "%s", str.getStr() );
78 : }
79 : #endif
80 : }
81 0 : while (n >= 0); // all items
82 0 : return mask;
83 : }
84 : //--------------------------------------------------------------------------------------------------
85 0 : static inline OUString makeStrings(
86 : sal_Int32 mask, char const * const * strings ) SAL_THROW(())
87 : {
88 0 : OUStringBuffer buf( 48 );
89 0 : while (mask)
90 : {
91 0 : if (0x80000000 & mask)
92 : {
93 0 : buf.appendAscii( *strings );
94 0 : if (mask << 1) // more items following
95 0 : buf.append( (sal_Unicode)',' );
96 : }
97 0 : mask = (mask << 1);
98 0 : ++strings;
99 : }
100 0 : return buf.makeStringAndClear();
101 : }
102 :
103 : //##################################################################################################
104 :
105 : //==================================================================================================
106 0 : class SocketPermission : public Permission
107 : {
108 : static char const * s_actions [];
109 : sal_Int32 m_actions;
110 :
111 : OUString m_host;
112 : sal_Int32 m_lowerPort;
113 : sal_Int32 m_upperPort;
114 : mutable OUString m_ip;
115 : mutable bool m_resolveErr;
116 : mutable bool m_resolvedHost;
117 : bool m_wildCardHost;
118 :
119 : inline bool resolveHost() const SAL_THROW(());
120 :
121 : public:
122 : SocketPermission(
123 : connection::SocketPermission const & perm,
124 : ::rtl::Reference< Permission > const & next = ::rtl::Reference< Permission >() )
125 : SAL_THROW(());
126 : virtual bool implies( Permission const & perm ) const SAL_THROW(());
127 : virtual OUString toString() const SAL_THROW(());
128 : };
129 : //__________________________________________________________________________________________________
130 : char const * SocketPermission::s_actions [] = { "accept", "connect", "listen", "resolve", 0 };
131 : //__________________________________________________________________________________________________
132 0 : SocketPermission::SocketPermission(
133 : connection::SocketPermission const & perm,
134 : ::rtl::Reference< Permission > const & next )
135 : SAL_THROW(())
136 : : Permission( SOCKET, next )
137 0 : , m_actions( makeMask( perm.Actions, s_actions ) )
138 : , m_host( perm.Host )
139 : , m_lowerPort( 0 )
140 : , m_upperPort( 65535 )
141 : , m_resolveErr( false )
142 : , m_resolvedHost( false )
143 0 : , m_wildCardHost( !perm.Host.isEmpty() && '*' == perm.Host.pData->buffer[ 0 ] )
144 : {
145 0 : if (0xe0000000 & m_actions) // if any (except resolve) is given => resolve implied
146 0 : m_actions |= 0x10000000;
147 :
148 : // separate host from portrange
149 0 : sal_Int32 colon = m_host.indexOf( ':' );
150 0 : if (colon >= 0) // port [range] given
151 : {
152 0 : sal_Int32 minus = m_host.indexOf( '-', colon +1 );
153 0 : if (minus < 0)
154 : {
155 0 : m_lowerPort = m_upperPort = m_host.copy( colon +1 ).toInt32();
156 : }
157 0 : else if (minus == (colon +1)) // -N
158 : {
159 0 : m_upperPort = m_host.copy( minus +1 ).toInt32();
160 : }
161 0 : else if (minus == (m_host.getLength() -1)) // N-
162 : {
163 0 : m_lowerPort = m_host.copy( colon +1, m_host.getLength() -1 -colon -1 ).toInt32();
164 : }
165 : else // A-B
166 : {
167 0 : m_lowerPort = m_host.copy( colon +1, minus - colon -1 ).toInt32();
168 0 : m_upperPort = m_host.copy( minus +1, m_host.getLength() -minus -1 ).toInt32();
169 : }
170 0 : m_host = m_host.copy( 0, colon );
171 : }
172 0 : }
173 : //__________________________________________________________________________________________________
174 0 : inline bool SocketPermission::resolveHost() const SAL_THROW(())
175 : {
176 0 : if (m_resolveErr)
177 0 : return false;
178 :
179 0 : if (! m_resolvedHost)
180 : {
181 : // dns lookup
182 0 : SocketAddr addr;
183 0 : SocketAddr::resolveHostname( m_host, addr );
184 0 : OUString ip;
185 0 : m_resolveErr = (::osl_Socket_Ok != ::osl_getDottedInetAddrOfSocketAddr(
186 0 : addr.getHandle(), &ip.pData ));
187 0 : if (m_resolveErr)
188 0 : return false;
189 :
190 0 : MutexGuard guard( Mutex::getGlobalMutex() );
191 0 : if (! m_resolvedHost)
192 : {
193 0 : m_ip = ip;
194 0 : m_resolvedHost = true;
195 0 : }
196 : }
197 0 : return m_resolvedHost;
198 : }
199 : //__________________________________________________________________________________________________
200 0 : bool SocketPermission::implies( Permission const & perm ) const SAL_THROW(())
201 : {
202 : // check type
203 0 : if (SOCKET != perm.m_type)
204 0 : return false;
205 0 : SocketPermission const & demanded = static_cast< SocketPermission const & >( perm );
206 :
207 : // check actions
208 0 : if ((m_actions & demanded.m_actions) != demanded.m_actions)
209 0 : return false;
210 :
211 : // check ports
212 0 : if (demanded.m_lowerPort < m_lowerPort)
213 0 : return false;
214 0 : if (demanded.m_upperPort > m_upperPort)
215 0 : return false;
216 :
217 : // quick check host (DNS names: RFC 1034/1035)
218 0 : if (m_host.equalsIgnoreAsciiCase( demanded.m_host ))
219 0 : return true;
220 : // check for host wildcards
221 0 : if (m_wildCardHost)
222 : {
223 0 : OUString const & demanded_host = demanded.m_host;
224 0 : if (demanded_host.getLength() <= m_host.getLength())
225 0 : return false;
226 0 : sal_Int32 len = m_host.getLength() -1; // skip star
227 : return (0 == ::rtl_ustr_compareIgnoreAsciiCase_WithLength(
228 0 : demanded_host.getStr() + demanded_host.getLength() - len, len,
229 0 : m_host.pData->buffer + 1, len ));
230 : }
231 0 : if (demanded.m_wildCardHost)
232 0 : return false;
233 :
234 : // compare IP addresses
235 0 : if (! resolveHost())
236 0 : return false;
237 0 : if (! demanded.resolveHost())
238 0 : return false;
239 0 : return (sal_False != m_ip.equals( demanded.m_ip ));
240 : }
241 : //__________________________________________________________________________________________________
242 0 : OUString SocketPermission::toString() const SAL_THROW(())
243 : {
244 0 : OUStringBuffer buf( 48 );
245 : // host
246 : buf.appendAscii(
247 0 : RTL_CONSTASCII_STRINGPARAM("com.sun.star.connection.SocketPermission (host=\"") );
248 0 : buf.append( m_host );
249 0 : if (m_resolvedHost)
250 : {
251 0 : buf.append( (sal_Unicode)'[' );
252 0 : buf.append( m_ip );
253 0 : buf.append( (sal_Unicode)']' );
254 : }
255 : // port
256 0 : if (0 != m_lowerPort || 65535 != m_upperPort)
257 : {
258 0 : buf.append( (sal_Unicode)':' );
259 0 : if (m_lowerPort > 0)
260 0 : buf.append( m_lowerPort );
261 0 : if (m_upperPort > m_lowerPort)
262 : {
263 0 : buf.append( (sal_Unicode)'-' );
264 0 : if (m_upperPort < 65535)
265 0 : buf.append( m_upperPort );
266 : }
267 : }
268 : // actions
269 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\", actions=\"") );
270 0 : buf.append( makeStrings( m_actions, s_actions ) );
271 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\")") );
272 0 : return buf.makeStringAndClear();
273 : }
274 :
275 : //##################################################################################################
276 :
277 : //==================================================================================================
278 0 : class FilePermission : public Permission
279 : {
280 : static char const * s_actions [];
281 : sal_Int32 m_actions;
282 :
283 : OUString m_url;
284 : bool m_allFiles;
285 :
286 : public:
287 : FilePermission(
288 : io::FilePermission const & perm,
289 : ::rtl::Reference< Permission > const & next = ::rtl::Reference< Permission >() )
290 : SAL_THROW(());
291 : virtual bool implies( Permission const & perm ) const SAL_THROW(());
292 : virtual OUString toString() const SAL_THROW(());
293 : };
294 : //__________________________________________________________________________________________________
295 : char const * FilePermission::s_actions [] = { "read", "write", "execute", "delete", 0 };
296 : //--------------------------------------------------------------------------------------------------
297 0 : static OUString const & getWorkingDir() SAL_THROW(())
298 : {
299 : static OUString * s_workingDir = 0;
300 0 : if (! s_workingDir)
301 : {
302 0 : OUString workingDir;
303 0 : ::osl_getProcessWorkingDir( &workingDir.pData );
304 :
305 0 : MutexGuard guard( Mutex::getGlobalMutex() );
306 0 : if (! s_workingDir)
307 : {
308 0 : static OUString s_dir( workingDir );
309 0 : s_workingDir = &s_dir;
310 0 : }
311 : }
312 0 : return *s_workingDir;
313 : }
314 : //__________________________________________________________________________________________________
315 0 : FilePermission::FilePermission(
316 : io::FilePermission const & perm,
317 : ::rtl::Reference< Permission > const & next )
318 : SAL_THROW(())
319 : : Permission( FILE, next )
320 0 : , m_actions( makeMask( perm.Actions, s_actions ) )
321 : , m_url( perm.URL )
322 0 : , m_allFiles( sal_False != perm.URL.equalsAsciiL(RTL_CONSTASCII_STRINGPARAM("<<ALL FILES>>")) )
323 : {
324 0 : if (! m_allFiles)
325 : {
326 0 : if ( m_url == "*" )
327 : {
328 0 : OUStringBuffer buf( 64 );
329 0 : buf.append( getWorkingDir() );
330 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("/*") );
331 0 : m_url = buf.makeStringAndClear();
332 : }
333 0 : else if ( m_url == "-" )
334 : {
335 0 : OUStringBuffer buf( 64 );
336 0 : buf.append( getWorkingDir() );
337 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("/-") );
338 0 : m_url = buf.makeStringAndClear();
339 : }
340 0 : else if (!m_url.startsWith("file:///"))
341 : {
342 : // relative path
343 0 : OUString out;
344 : oslFileError rc = ::osl_getAbsoluteFileURL(
345 0 : getWorkingDir().pData, perm.URL.pData, &out.pData );
346 0 : m_url = (osl_File_E_None == rc ? out : perm.URL); // fallback
347 : }
348 : #ifdef SAL_W32
349 : // correct win drive letters
350 : if (9 < m_url.getLength() && '|' == m_url[ 9 ]) // file:///X|
351 : {
352 : static OUString s_colon = ":";
353 : // common case in API is a ':' (sal), so convert '|' to ':'
354 : m_url = m_url.replaceAt( 9, 1, s_colon );
355 : }
356 : #endif
357 : }
358 0 : }
359 : //__________________________________________________________________________________________________
360 0 : bool FilePermission::implies( Permission const & perm ) const SAL_THROW(())
361 : {
362 : // check type
363 0 : if (FILE != perm.m_type)
364 0 : return false;
365 0 : FilePermission const & demanded = static_cast< FilePermission const & >( perm );
366 :
367 : // check actions
368 0 : if ((m_actions & demanded.m_actions) != demanded.m_actions)
369 0 : return false;
370 :
371 : // check url
372 0 : if (m_allFiles)
373 0 : return true;
374 0 : if (demanded.m_allFiles)
375 0 : return false;
376 :
377 : #ifdef SAL_W32
378 : if (m_url.equalsIgnoreAsciiCase( demanded.m_url ))
379 : return true;
380 : #else
381 0 : if (m_url.equals( demanded.m_url ))
382 0 : return true;
383 : #endif
384 0 : if (m_url.getLength() > demanded.m_url.getLength())
385 0 : return false;
386 : // check /- wildcard: all files and recursive in that path
387 0 : if (1 < m_url.getLength() &&
388 0 : 0 == ::rtl_ustr_ascii_compare_WithLength( m_url.getStr() + m_url.getLength() - 2, 2, "/-" ))
389 : {
390 : // demanded url must start with granted path (including path trailing path sep)
391 0 : sal_Int32 len = m_url.getLength() -1;
392 : #ifdef SAL_W32
393 : return (0 == ::rtl_ustr_compareIgnoreAsciiCase_WithLength(
394 : demanded.m_url.pData->buffer, len, m_url.pData->buffer, len ));
395 : #else
396 : return (0 == ::rtl_ustr_reverseCompare_WithLength(
397 0 : demanded.m_url.pData->buffer, len, m_url.pData->buffer, len ));
398 : #endif
399 : }
400 : // check /* wildcard: all files in that path (not recursive!)
401 0 : if (1 < m_url.getLength() &&
402 0 : 0 == ::rtl_ustr_ascii_compare_WithLength( m_url.getStr() + m_url.getLength() - 2, 2, "/*" ))
403 : {
404 : // demanded url must start with granted path (including path trailing path sep)
405 0 : sal_Int32 len = m_url.getLength() -1;
406 : #ifdef SAL_W32
407 : return ((0 == ::rtl_ustr_compareIgnoreAsciiCase_WithLength(
408 : demanded.m_url.pData->buffer, len, m_url.pData->buffer, len )) &&
409 : (0 > demanded.m_url.indexOf( '/', len ))); // in addition, no deeper paths
410 : #else
411 : return ((0 == ::rtl_ustr_reverseCompare_WithLength(
412 0 : demanded.m_url.pData->buffer, len, m_url.pData->buffer, len )) &&
413 0 : (0 > demanded.m_url.indexOf( '/', len ))); // in addition, no deeper paths
414 : #endif
415 : }
416 0 : return false;
417 : }
418 : //__________________________________________________________________________________________________
419 0 : OUString FilePermission::toString() const SAL_THROW(())
420 : {
421 0 : OUStringBuffer buf( 48 );
422 : // url
423 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("com.sun.star.io.FilePermission (url=\"") );
424 0 : buf.append( m_url );
425 : // actions
426 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\", actions=\"") );
427 0 : buf.append( makeStrings( m_actions, s_actions ) );
428 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\")") );
429 0 : return buf.makeStringAndClear();
430 : }
431 :
432 : //##################################################################################################
433 :
434 : //==================================================================================================
435 0 : class RuntimePermission : public Permission
436 : {
437 : OUString m_name;
438 :
439 : public:
440 0 : inline RuntimePermission(
441 : security::RuntimePermission const & perm,
442 : ::rtl::Reference< Permission > const & next = ::rtl::Reference< Permission >() )
443 : SAL_THROW(())
444 : : Permission( RUNTIME, next )
445 0 : , m_name( perm.Name )
446 0 : {}
447 : virtual bool implies( Permission const & perm ) const SAL_THROW(());
448 : virtual OUString toString() const SAL_THROW(());
449 : };
450 : //__________________________________________________________________________________________________
451 0 : bool RuntimePermission::implies( Permission const & perm ) const SAL_THROW(())
452 : {
453 : // check type
454 0 : if (RUNTIME != perm.m_type)
455 0 : return false;
456 0 : RuntimePermission const & demanded = static_cast< RuntimePermission const & >( perm );
457 :
458 : // check name
459 0 : return (sal_False != m_name.equals( demanded.m_name ));
460 : }
461 : //__________________________________________________________________________________________________
462 0 : OUString RuntimePermission::toString() const SAL_THROW(())
463 : {
464 0 : OUStringBuffer buf( 48 );
465 : buf.appendAscii(
466 0 : RTL_CONSTASCII_STRINGPARAM("com.sun.star.security.RuntimePermission (name=\"") );
467 0 : buf.append( m_name );
468 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("\")") );
469 0 : return buf.makeStringAndClear();
470 : }
471 :
472 : //##################################################################################################
473 :
474 : //__________________________________________________________________________________________________
475 0 : bool AllPermission::implies( Permission const & ) const SAL_THROW(())
476 : {
477 0 : return true;
478 : }
479 : //__________________________________________________________________________________________________
480 0 : OUString AllPermission::toString() const SAL_THROW(())
481 : {
482 0 : return OUString("com.sun.star.security.AllPermission");
483 : }
484 :
485 : //##################################################################################################
486 :
487 : //__________________________________________________________________________________________________
488 0 : PermissionCollection::PermissionCollection(
489 : Sequence< Any > const & permissions, PermissionCollection const & addition )
490 : SAL_THROW( (RuntimeException) )
491 0 : : m_head( addition.m_head )
492 : {
493 0 : Any const * perms = permissions.getConstArray();
494 0 : for ( sal_Int32 nPos = permissions.getLength(); nPos--; )
495 : {
496 0 : Any const & perm = perms[ nPos ];
497 0 : Type const & perm_type = perm.getValueType();
498 :
499 : // supported permission types
500 0 : if (perm_type.equals( ::getCppuType( (io::FilePermission const *)0 ) ))
501 : {
502 0 : m_head = new FilePermission(
503 0 : *reinterpret_cast< io::FilePermission const * >( perm.pData ), m_head );
504 : }
505 0 : else if (perm_type.equals( ::getCppuType( (connection::SocketPermission const *)0 ) ))
506 : {
507 0 : m_head = new SocketPermission(
508 0 : *reinterpret_cast< connection::SocketPermission const * >( perm.pData ), m_head );
509 : }
510 0 : else if (perm_type.equals( ::getCppuType( (security::RuntimePermission const *)0 ) ))
511 : {
512 0 : m_head = new RuntimePermission(
513 0 : *reinterpret_cast< security::RuntimePermission const * >( perm.pData ), m_head );
514 : }
515 0 : else if (perm_type.equals( ::getCppuType( (security::AllPermission const *)0 ) ))
516 : {
517 0 : m_head = new AllPermission( m_head );
518 : }
519 : else
520 : {
521 0 : OUStringBuffer buf( 48 );
522 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM(
523 0 : "checking for unsupported permission type: ") );
524 0 : buf.append( perm_type.getTypeName() );
525 : throw RuntimeException(
526 0 : buf.makeStringAndClear(), Reference< XInterface >() );
527 : }
528 : }
529 0 : }
530 : #ifdef __DIAGNOSE
531 : //__________________________________________________________________________________________________
532 : Sequence< OUString > PermissionCollection::toStrings() const SAL_THROW(())
533 : {
534 : vector< OUString > strings;
535 : strings.reserve( 8 );
536 : for ( Permission * perm = m_head.get(); perm; perm = perm->m_next.get() )
537 : {
538 : strings.push_back( perm->toString() );
539 : }
540 : return Sequence< OUString >(
541 : strings.empty() ? 0 : &strings[ 0 ], strings.size() );
542 : }
543 : #endif
544 : //__________________________________________________________________________________________________
545 0 : inline static bool __implies(
546 : ::rtl::Reference< Permission > const & head, Permission const & demanded ) SAL_THROW(())
547 : {
548 0 : for ( Permission * perm = head.get(); perm; perm = perm->m_next.get() )
549 : {
550 0 : if (perm->implies( demanded ))
551 0 : return true;
552 : }
553 0 : return false;
554 : }
555 :
556 : #ifdef __DIAGNOSE
557 : //--------------------------------------------------------------------------------------------------
558 : static void demanded_diag(
559 : Permission const & perm )
560 : SAL_THROW(())
561 : {
562 : OUStringBuffer buf( 48 );
563 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("demanding ") );
564 : buf.append( perm.toString() );
565 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM(" => ok.") );
566 : OString str(
567 : OUStringToOString( buf.makeStringAndClear(), RTL_TEXTENCODING_ASCII_US ) );
568 : OSL_TRACE( "%s", str.getStr() );
569 : }
570 : #endif
571 : //--------------------------------------------------------------------------------------------------
572 0 : static void throwAccessControlException(
573 : Permission const & perm, Any const & demanded_perm )
574 : SAL_THROW( (security::AccessControlException) )
575 : {
576 0 : OUStringBuffer buf( 48 );
577 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("access denied: ") );
578 0 : buf.append( perm.toString() );
579 : throw security::AccessControlException(
580 0 : buf.makeStringAndClear(), Reference< XInterface >(), demanded_perm );
581 : }
582 : //==================================================================================================
583 0 : void PermissionCollection::checkPermission( Any const & perm ) const
584 : SAL_THROW( (RuntimeException) )
585 : {
586 0 : Type const & demanded_type = perm.getValueType();
587 :
588 : // supported permission types
589 : // stack object of SimpleReferenceObject are ok, as long as they are not
590 : // assigned to a ::rtl::Reference<> (=> delete this)
591 0 : if (demanded_type.equals( ::getCppuType( (io::FilePermission const *)0 ) ))
592 : {
593 : FilePermission demanded(
594 0 : *reinterpret_cast< io::FilePermission const * >( perm.pData ) );
595 0 : if (__implies( m_head, demanded ))
596 : {
597 : #ifdef __DIAGNOSE
598 : demanded_diag( demanded );
599 : #endif
600 0 : return;
601 : }
602 0 : throwAccessControlException( demanded, perm );
603 : }
604 0 : else if (demanded_type.equals( ::getCppuType( (connection::SocketPermission const *)0 ) ))
605 : {
606 : SocketPermission demanded(
607 0 : *reinterpret_cast< connection::SocketPermission const * >( perm.pData ) );
608 0 : if (__implies( m_head, demanded ))
609 : {
610 : #ifdef __DIAGNOSE
611 : demanded_diag( demanded );
612 : #endif
613 0 : return;
614 : }
615 0 : throwAccessControlException( demanded, perm );
616 : }
617 0 : else if (demanded_type.equals( ::getCppuType( (security::RuntimePermission const *)0 ) ))
618 : {
619 : RuntimePermission demanded(
620 0 : *reinterpret_cast< security::RuntimePermission const * >( perm.pData ) );
621 0 : if (__implies( m_head, demanded ))
622 : {
623 : #ifdef __DIAGNOSE
624 : demanded_diag( demanded );
625 : #endif
626 0 : return;
627 : }
628 0 : throwAccessControlException( demanded, perm );
629 : }
630 0 : else if (demanded_type.equals( ::getCppuType( (security::AllPermission const *)0 ) ))
631 : {
632 0 : AllPermission demanded;
633 0 : if (__implies( m_head, demanded ))
634 : {
635 : #ifdef __DIAGNOSE
636 : demanded_diag( demanded );
637 : #endif
638 0 : return;
639 : }
640 0 : throwAccessControlException( demanded, perm );
641 : }
642 : else
643 : {
644 0 : OUStringBuffer buf( 48 );
645 0 : buf.appendAscii( RTL_CONSTASCII_STRINGPARAM("checking for unsupported permission type: ") );
646 0 : buf.append( demanded_type.getTypeName() );
647 : throw RuntimeException(
648 0 : buf.makeStringAndClear(), Reference< XInterface >() );
649 : }
650 : }
651 :
652 : }
653 :
654 : /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
|