2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 * @file access-control.h
18 * @author Maciej Karpiuk (m.karpiuk2@samsung.com)
20 * @brief DB access control layer.
25 #include <ckm/ckm-type.h>
26 #include <ckm/ckm-raw-buffer.h>
28 #include <permission.h>
29 #include <generic-socket-manager.h>
37 * return true if client uid is from the system services uid space
39 bool isSystemService(const uid_t uid) const;
40 bool isSystemService(const CKM::Credentials &cred) const;
43 * check if given data can be saved by current accessor
44 * @return CKM_API_SUCCESS if access is allowed, otherwise negative error code
46 int canSave(const CKM::Credentials &accessorCred,
47 const ClientId &owner) const;
50 * check if given row can be read (for internal use)
51 * @return CKM_API_SUCCESS if access is allowed, otherwise negative error code
53 int canRead(const CKM::Credentials &accessorCred,
54 const PermissionMask &existingPermission) const;
57 * check if given row can be exported (data provided to the client)
58 * @return CKM_API_SUCCESS if access is allowed, otherwise negative error code
60 int canExport(const CKM::Credentials &accessorCred,
62 const PermissionMask &existingPermission) const;
65 * check if given accessor can delete owner's items.
66 * @return CKM_API_SUCCESS if access is allowed, otherwise negative error code
68 int canDelete(const CKM::Credentials &accessorCred,
69 const PermissionMask &existingPermission) const;
72 bool isCCMode() const;