bus/policy.h

   1 /* -*- mode: C; c-file-style: "gnu" -*- */
   2 /* policy.h  Bus security policy
   3  *
   4  * Copyright (C) 2003  Red Hat, Inc.
   5  *
   6  * Licensed under the Academic Free License version 1.2
   7  *
   8  * This program is free software; you can redistribute it and/or modify
   9  * it under the terms of the GNU General Public License as published by
  10  * the Free Software Foundation; either version 2 of the License, or
  11  * (at your option) any later version.
  12  *
  13  * This program is distributed in the hope that it will be useful,
  14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  * GNU General Public License for more details.
  17  *
  18  * You should have received a copy of the GNU General Public License
  19  * along with this program; if not, write to the Free Software
  20  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  21  *
  22  */
  23
  24 #ifndef BUS_POLICY_H
  25 #define BUS_POLICY_H
  26
  27 #include <dbus/dbus.h>
  28 #include <dbus/dbus-string.h>
  29 #include <dbus/dbus-sysdeps.h>
  30 #include "bus.h"
  31
  32 typedef enum
  33 {
  34   BUS_POLICY_RULE_SEND,
  35   BUS_POLICY_RULE_RECEIVE,
  36   BUS_POLICY_RULE_OWN,
  37   BUS_POLICY_RULE_USER,
  38   BUS_POLICY_RULE_GROUP
  39 } BusPolicyRuleType;
  40
  41 /** determines whether the rule affects a connection, or some global item */
  42 #define BUS_POLICY_RULE_IS_PER_CLIENT(rule) (!((rule)->type == BUS_POLICY_RULE_USER || \
  43                                                (rule)->type == BUS_POLICY_RULE_GROUP))
  44
  45 struct BusPolicyRule
  46 {
  47   int refcount;
  48
  49   BusPolicyRuleType type;
  50
  51   unsigned int allow : 1; /**< #TRUE if this allows, #FALSE if it denies */
  52
  53   union
  54   {
  55     struct
  56     {
  57       /* either can be NULL meaning "any" */
  58       char *message_name;
  59       char *destination;
  60     } send;
  61
  62     struct
  63     {
  64       /* either can be NULL meaning "any" */
  65       char *message_name;
  66       char *origin;
  67     } receive;
  68
  69     struct
  70     {
  71       /* can be NULL meaning "any" */
  72       char *service_name;
  73     } own;
  74
  75     struct
  76     {
  77       char *user;
  78       dbus_uid_t uid;
  79     } user;
  80
  81     struct
  82     {
  83       char *group;
  84       dbus_gid_t gid;
  85     } group;
  86
  87   } d;
  88 };
  89
  90 BusPolicyRule* bus_policy_rule_new   (BusPolicyRuleType type,
  91                                       dbus_bool_t       allow);
  92 void           bus_policy_rule_ref   (BusPolicyRule    *rule);
  93 void           bus_policy_rule_unref (BusPolicyRule    *rule);
  94
  95 BusPolicy*       bus_policy_new                   (void);
  96 void             bus_policy_ref                   (BusPolicy      *policy);
  97 void             bus_policy_unref                 (BusPolicy      *policy);
  98 BusClientPolicy* bus_policy_create_client_policy  (BusPolicy      *policy,
  99                                                    DBusConnection *connection);
 100 dbus_bool_t      bus_policy_allow_user            (BusPolicy      *policy,
 101                                                    unsigned long   uid);
 102 dbus_bool_t      bus_policy_append_default_rule   (BusPolicy      *policy,
 103                                                    BusPolicyRule  *rule);
 104 dbus_bool_t      bus_policy_append_mandatory_rule (BusPolicy      *policy,
 105                                                    BusPolicyRule  *rule);
 106 dbus_bool_t      bus_policy_append_user_rule      (BusPolicy      *policy,
 107                                                    dbus_uid_t      uid,
 108                                                    BusPolicyRule  *rule);
 109 dbus_bool_t      bus_policy_append_group_rule     (BusPolicy      *policy,
 110                                                    dbus_gid_t      gid,
 111                                                    BusPolicyRule  *rule);
 112
 113 BusClientPolicy* bus_client_policy_new               (void);
 114 void             bus_client_policy_ref               (BusClientPolicy  *policy);
 115 void             bus_client_policy_unref             (BusClientPolicy  *policy);
 116 dbus_bool_t      bus_client_policy_check_can_send    (BusClientPolicy  *policy,
 117                                                       BusRegistry      *registry,
 118                                                       DBusConnection   *receiver,
 119                                                       DBusMessage      *message);
 120 dbus_bool_t      bus_client_policy_check_can_receive (BusClientPolicy  *policy,
 121                                                       BusRegistry      *registry,
 122                                                       DBusConnection   *sender,
 123                                                       DBusMessage      *message);
 124 dbus_bool_t      bus_client_policy_check_can_own     (BusClientPolicy  *policy,
 125                                                       DBusConnection   *connection,
 126                                                       const DBusString *service_name);
 127 dbus_bool_t      bus_client_policy_append_rule       (BusClientPolicy  *policy,
 128                                                       BusPolicyRule    *rule);
 129 void             bus_client_policy_optimize          (BusClientPolicy  *policy);
 130
 131
 132 #endif /* BUS_POLICY_H */