Cradicle Explorer
darling-security
/ securityd / src / tokenacl.h
tokenacl.h
 1  /*
 2   * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
 3   * 
 4   * @APPLE_LICENSE_HEADER_START@
 5   * 
 6   * This file contains Original Code and/or Modifications of Original Code
 7   * as defined in and that are subject to the Apple Public Source License
 8   * Version 2.0 (the 'License'). You may not use this file except in
 9   * compliance with the License. Please obtain a copy of the License at
10   * http://www.opensource.apple.com/apsl/ and read it before using this
11   * file.
12   * 
13   * The Original Code and all software distributed under the License are
14   * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15   * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16   * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17   * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18   * Please see the License for the specific language governing rights and
19   * limitations under the License.
20   * 
21   * @APPLE_LICENSE_HEADER_END@
22   */
23  #ifndef _H_TOKENACL
24  #define _H_TOKENACL
25  
26  
27  //
28  // tokenacl - Token-based ACL implementation
29  //
30  #include "acls.h"
31  #include <security_cdsa_utilities/acl_preauth.h>
32  
33  class Token;
34  class TokenDatabase;
35  
36  
37  //
38  // The Token version of a SecurityServerAcl.
39  //
40  class TokenAcl : public virtual SecurityServerAcl {
41  public:
42  	TokenAcl();
43  	
44  	typedef unsigned int ResetGeneration;
45  
46  public:
47  	// implement SecurityServerAcl
48  	void getOwner(AclOwnerPrototype &owner);
49  	void getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls);
50      void changeAcl(const AclEdit &edit, const AccessCredentials *cred,
51  		Database *relatedDatabase);
52  	void changeOwner(const AclOwnerPrototype &newOwner, const AccessCredentials *cred,
53  		Database *relatedDatabase);
54  
55  	void instantiateAcl();
56  	void changedAcl();
57  
58  public:
59  	// required from our MDC
60  	virtual Token &token() = 0;
61  	virtual GenericHandle tokenHandle() const = 0;
62  	
63  protected:
64  	void invalidateAcl()	{ mLastReset = 0; }
65  	void pinChange(unsigned int pin, CSSM_ACL_HANDLE handle, TokenDatabase &database);
66  	
67  private:
68  	ResetGeneration mLastReset;
69  };
70  
71  
72  #endif //_H_TOKENACL