securityd/src/AuthorizationDBPlist.h

   1 /*
   2  *  Copyright (c) 2003-2004,2007 Apple Inc. All Rights Reserved.
   3  *
   4  *  @APPLE_LICENSE_HEADER_START@
   5  *
   6  *  This file contains Original Code and/or Modifications of Original Code
   7  *  as defined in and that are subject to the Apple Public Source License
   8  *  Version 2.0 (the 'License'). You may not use this file except in
   9  *  compliance with the License. Please obtain a copy of the License at
  10  *  http://www.opensource.apple.com/apsl/ and read it before using this
  11  *  file.
  12  *
  13  *  The Original Code and all software distributed under the License are
  14  *  distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  *  EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  *  INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  *  FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  *  Please see the License for the specific language governing rights and
  19  *  limitations under the License.
  20  *
  21  *  @APPLE_LICENSE_HEADER_END@
  22  *
  23  *  AuthorizationDBPlist.h
  24  *  Security
  25  *
  26  */
  27 #ifndef _H_AUTHORIZATIONDBPLIST
  28 #define _H_AUTHORIZATIONDBPLIST  1
  29
  30 #include <CoreFoundation/CoreFoundation.h>
  31 #include <security_utilities/cfutilities.h>
  32
  33 #include <security_cdsa_utilities/AuthorizationData.h>
  34 #include "AuthorizationRule.h"
  35
  36 class AuthorizationDBPlist; // @@@ the ordering sucks here, maybe engine should include all these and other should only include it
  37
  38 namespace Authorization
  39 {
  40
  41 class AuthorizationDBPlist /* : public AuthorizationDB */
  42 {
  43 public:
  44         AuthorizationDBPlist(const char *configFile);
  45
  46         void sync(CFAbsoluteTime now);
  47         bool validateRule(string inRightName, CFDictionaryRef inRightDefinition) const;
  48         CFDictionaryRef getRuleDefinition(string &key);
  49
  50         bool existRule(string &ruleName) const;
  51         Rule getRule(const AuthItemRef &inRight) const;
  52
  53         void setRule(const char *inRightName, CFDictionaryRef inRuleDefinition);
  54         void removeRule(const char *inRightName);
  55
  56 protected:
  57         void load();
  58         void save();
  59
  60 private:
  61         string mFileName;
  62
  63 private:
  64         enum { kTypeRight, kTypeRule };
  65         void parseConfig(CFDictionaryRef config);
  66         static void parseRule(const void *key, const void *value, void *context);
  67         void addRight(CFStringRef key, CFDictionaryRef definition);
  68
  69         CFAbsoluteTime mLastChecked;
  70         struct timespec mRulesFileMtimespec;
  71
  72         map<string,Rule> mRules;
  73         CFRef<CFDictionaryRef> mConfig;
  74         CFRef<CFMutableDictionaryRef> mConfigRights;
  75         CFRef<CFMutableDictionaryRef> mConfigRules;
  76
  77     mutable Mutex mLock; // rule map lock
  78         mutable Mutex mReadWriteLock; // file operation lock
  79 };
  80
  81 }; /* namespace Authorization */
  82
  83 #endif /* ! _H_AUTHORIZATIONDBPLIST */