// -*- c++ -*- /* * Copyright (C) 2001-2003, Richard J. Moore * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Library General Public * License as published by the Free Software Foundation; either * version 2 of the License, or (at your option) any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Library General Public License for more details. * * You should have received a copy of the GNU Library General Public License * along with this library; see the file COPYING.LIB. If not, write to * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, * Boston, MA 02110-1301, USA. */ #ifndef KJSEMBEDSECURITYPOLICY_H #define KJSEMBEDSECURITYPOLICY_H #include "global.h" #include namespace KJSEmbed { class JSObjectProxy; /** * Implements the default security policy. * This class defines the interface for security policies, and provides * a default implementation that should be sufficient for most situations. *

Security Checks

* A SecurityPolicy must define tests for the following situations: * * The various isAllowed() methods are called automatically by @ref JSObjectProxy * when a script attempts to perform a controlled operation. * *

Default Policy

* The security policy applied by default is as follows: * * Applications tjat want a custom policy should define a SecurityPolicy * that re-implement the various isAllowed() methods, then use * @ref JSObjectProxy::setSecurityPolicy() to apply the policy to a proxy. * * @see KJSEmbed::JSObjectProxy * @author Richard Moore, rich@kde.org * $Id$ */ class KJSEMBED_EXPORT JSSecurityPolicy { public: JSSecurityPolicy( uint capabilities = 0 ); virtual ~JSSecurityPolicy(); /** * Defines a set of flags that indicate if access to a given API * should be allowed. */ enum Capabilities { CapabilityTree = 0x0001, CapabilityGetProperties = 0x0002, CapabilitySetProperties = 0x0004, CapabilitySlots = 0x0008, CapabilityFactory = 0x0010, CapabilityTopLevel = 0x0020, CapabilityCustom = 0x4000, CapabilityNone = 0x0000, CapabilityReadOnly = CapabilityTree | CapabilityGetProperties, CapabilityReadWrite = CapabilityReadOnly | CapabilitySetProperties | CapabilitySlots, CapabilityAll = 0xffff }; /** * Returns true if any of the specified capabilities are allowed. */ bool hasCapability( uint cap ) const { return (cap & caps) ? true : false; } /** * Specifies that the passed capabilities are allowed. */ void setCapability( uint cap ) { caps = caps | cap; } /** * Specifies that the passed capabilities are disallowed. */ void clearCapability( uint cap ) { caps = caps | (CapabilityAll & cap); } /** * Returns true if the specified interpreter may access the proxy. */ virtual bool isInterpreterAllowed( const JSObjectProxy *prx, const KJS::Interpreter *interp ) const; /** * Returns true if scripts are allowed to see the specified TQObject. */ virtual bool isObjectAllowed( const JSObjectProxy *prx, const TQObject *obj ) const; /** * Returns true if scripts are allowed to see the specified property. */ virtual bool isPropertyAllowed( const JSObjectProxy *prx, const TQObject *obj, const char *prop ) const; /** * Returns true if scripts are allowed to create the specified child object. */ virtual bool isCreateAllowed( const JSObjectProxy *prx, const TQObject *parent, const TQString &clazz, const TQString &name ) const; /** * Returns the default SecurityPolicy. */ static JSSecurityPolicy *defaultPolicy(); /** * Sets the default SecurityPolicy. */ static void setDefaultPolicy( JSSecurityPolicy *pol ); /** * Sets the default SecurityPolicy. */ static void setDefaultPolicy( uint capabilities ); /** * Deletes the default SecurityPolicy. */ static void deleteDefaultPolicy(); private: static JSSecurityPolicy *policy; uint caps; class JSSecurityPolicyPrivate *d; }; } // namespace KJSEmbed #endif // KJSEMBEDSECURITYPOLICY_H