gecko-dev/caps/public/nsICapsManager.h

284 строки
11 KiB
C++

/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
#ifndef nsICapsManager_h___
#define nsICapsManager_h___
#include "nsISupports.h"
#include "nsIFactory.h"
#include "nsIPrincipal.h"
#include "nsCapsPublicEnums.h"
class nsITarget;
class nsICapsSecurityCallbacks;
#define NS_ALL_PRIVILEGES ((nsITarget*)NULL)
/**
* The nsICapsManager interface is used to construct and manage principals.
* Principals are either certificates, or codebase principals. To construct
* a principal, QueryInterface on nsIPluginManager and then call CreateCertPrincipal
* or CreateCodebasePrincipal on the returned nsICapsManager.
* Once a principal is obtained, it can be passed to the nsICapsManager's
* SetPermission operations.
*/
class nsICapsManager : public nsISupports {
public:
/**
* Intializes the principal object with the codebase URL.
*
* @param codebaseURL - the codebase URL
* @param prin - the return value is passed in this parameter.
*/
NS_IMETHOD
CreateCodebasePrincipal(const char *codebaseURL, nsIPrincipal** prin) = 0;
/**
* Initializes the Certificate principal with the certificate data. I am
* thinking Certificate data should contain all the data about the
* certificate, ie. the signer and the certificate chain.
*
* @param certChain - An array of pointers, with each pointer
* pointing to a certificate data.
* @param certChainLengths - An array of intergers. Each integer indicates
* the length of the cert that is in CertChain
* parametr.
* @param noOfCerts - the number of certifcates that are in the certChain array
* @param prin - the return value is passed in this parameter.
*/
NS_IMETHOD
CreateCertPrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, nsIPrincipal** prin) = 0;
/**
* Creates a CodeSourcePrincipal, which has both nsICodebasePrincipal
* and nsICertPrincipal
*
*
* @param certChain - An array of pointers, with each pointer
* pointing to a certificate data.
* @param certChainLengths - An array of intergers. Each integer indicates
* the length of the cert that is in CertChain
* parametr.
* @param noOfCerts - the number of certifcates that are in the certChain array
* @param codebaseURL - the codebase URL
* @param prin - the return value is passed in this parameter.
*/
NS_IMETHOD
CreateCodeSourcePrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, const char *codebaseURL, nsIPrincipal** prin) = 0;
/**
* Returns the permission for given principal and target
*
* @param prin - is either certificate principal or codebase principal
* @param target - is NS_ALL_PRIVILEGES.
* @param state - the return value is passed in this parameter.
*/
NS_IMETHOD
GetPermission(nsIPrincipal* prin, nsITarget* target, nsPermission *state) = 0;
/**
* Set the permission state for given principal and target. This wouldn't
* prompt the end user with UI.
*
* @param prin - is either certificate principal or codebase principal
* @param target - is NS_ALL_PRIVILEGES.
* @param state - is permisson state that should be set for the given prin
* and target parameters.
*/
NS_IMETHOD
SetPermission(nsIPrincipal* prin, nsITarget* target, nsPermission state) = 0;
/**
* Prompts the user if they want to grant permission for the given principal and
* for the given target.
*
* @param prin - is either certificate principal or codebase principal
* @param target - is NS_ALL_PRIVILEGES.
* @param result - is the permission user has given for the given principal and
* target
*/
NS_IMETHOD
AskPermission(nsIPrincipal* prin, nsITarget* target, nsPermission *result) = 0;
/*
* All of the following methods are used by JS (the code located
* in lib/libmocha area).
*/
/**
* Initializes the capabilities subsytem (ie setting the system principal, initializing
* privilege Manager, creating the capsManager factory etc
*
* @param result - is true if principal was successfully registered with the system
*/
NS_IMETHOD
Initialize(PRBool *result) = 0;
/**
* Initializes the capabilities frame walking code.
*
* @param aInterface - interface for calling frame walking code.
*/
NS_IMETHOD
InitializeFrameWalker(nsICapsSecurityCallbacks* aInterface) = 0;
/**
* Registers the given Principal with the system.
*
* @param prin - is either certificate principal or codebase principal
* @param result - is true if principal was successfully registered with the system
*/
NS_IMETHOD
RegisterPrincipal(nsIPrincipal* prin, PRBool *result) = 0;
/**
* Prompts the user if they want to grant permission for the principal located
* at the given stack depth for the given target.
*
* @param context - is the parameter JS needs to determinte the principal
* @param targetName - is the name of the target.
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
* principal
* @param result - is true if user has given permission for the given principal and
* target
*/
NS_IMETHOD
EnablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result) = 0;
/**
* Returns if the user granted permission for the principal located at the given
* stack depth for the given target.
*
* @param context - is the parameter JS needs to determinte the principal
* @param targetName - is the name of the target.
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
* principal
* @param result - is true if user has given permission for the given principal and
* target
*/
NS_IMETHOD
IsPrivilegeEnabled(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result) = 0;
/**
* Reverts the permission (granted/denied) user gave for the principal located
* at the given stack depth for the given target.
*
* @param context - is the parameter JS needs to determinte the principal
* @param targetName - is the name of the target.
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
* principal
* @param result - is true if user has given permission for the given principal and
* target
*/
NS_IMETHOD
RevertPrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result) = 0;
/**
* Disable permissions for the principal located at the given stack depth for the
* given target.
*
* @param context - is the parameter JS needs to determinte the principal
* @param targetName - is the name of the target.
* @param callerDepth - is the depth of JS stack frame, which JS uses to determinte the
* principal
* @param result - is true if user has given permission for the given principal and
* target
*/
NS_IMETHOD
DisablePrivilege(void* context, const char* targetName, PRInt32 callerDepth, PRBool *result) = 0;
/* XXX: Some of the arguments for the following interfaces may change.
* This is a first cut. I need to talk to joki. We should get rid of void* parameters.
*/
NS_IMETHOD
ComparePrincipalArray(void* prin1Array, void* prin2Array, nsSetComparisonType *result) = 0;
NS_IMETHOD
IntersectPrincipalArray(void* prin1Array, void* prin2Array, void* *result) = 0;
NS_IMETHOD
CanExtendTrust(void* fromPrinArray, void* toPrinArray, PRBool *result) = 0;
/* interfaces for nsIPrincipal object, may be we should move some of them to nsIprincipal */
NS_IMETHOD
NewPrincipal(nsPrincipalType type, void* key, PRUint32 key_len, void *zig, nsIPrincipal* *result) = 0;
NS_IMETHOD
IsCodebaseExact(nsIPrincipal* principal, PRBool *result) = 0;
NS_IMETHOD
CreateMixedPrincipalArray(void *zig, char* name, const char* codebase, void** result) = 0;
NS_IMETHOD
ToString(nsIPrincipal* principal, char* *result) = 0;
NS_IMETHOD
GetVendor(nsIPrincipal* principal, char* *result) = 0;
NS_IMETHOD
NewPrincipalArray(PRUint32 count, void* *result) = 0;
NS_IMETHOD
FreePrincipalArray(void *prinArray) = 0;
NS_IMETHOD
GetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal* *result) = 0;
NS_IMETHOD
SetPrincipalArrayElement(void *prinArrayArg, PRUint32 index, nsIPrincipal* principal) = 0;
NS_IMETHOD
GetPrincipalArraySize(void *prinArrayArg, PRUint32 *result) = 0;
/* The following interfaces will replace all of the following old calls.
*
* nsCapsGetPermission(struct nsPrivilege *privilege)
* nsCapsGetPrivilege(struct nsPrivilegeTable *annotation, struct nsTarget *target)
*
*/
NS_IMETHOD
IsAllowed(void *annotation, char* target, PRBool *result) = 0;
/* XXX: TODO: We need to set up the JS frame walking callbacks */
};
#define NS_ICAPSMANAGER_IID \
{ /* dc7d0bb0-25e1-11d2-8160-006008119d7a */ \
0xdc7d0bb0, \
0x25e1, \
0x11d2, \
{0x81, 0x60, 0x00, 0x60, 0x08, 0x11, 0x9d, 0x7a} \
}
#define NS_CCAPSMANAGER_CID \
{ /* fd347500-307f-11d2-97f0-00805f8a28d0 */ \
0xfd347500, \
0x307f, \
0x11d2, \
{0x97, 0xf0, 0x00, 0x80, 0x5f, 0x8a, 0x28, 0xd0} \
}
#endif // nsICapsManager_h___