Main Page | Namespace List | Class Hierarchy | Compound List | File List | Namespace Members | Compound Members | File Members

KJSEmbed::JSSecurityPolicy Class Reference

Implements the default security policy. More...

#include <jssecuritypolicy.h>

List of all members.

Public Types

enum  Capabilities {
  CapabilityTree = 0x0001, CapabilityGetProperties = 0x0002, CapabilitySetProperties = 0x0004, CapabilitySlots = 0x0008,
  CapabilityFactory = 0x0010, CapabilityTopLevel = 0x0020, CapabilityCustom = 0x4000, CapabilityNone = 0x0000,
  CapabilityReadOnly = CapabilityTree | CapabilityGetProperties, CapabilityReadWrite = CapabilityReadOnly | CapabilitySetProperties | CapabilitySlots, CapabilityAll = 0xffff

Public Member Functions

 JSSecurityPolicy (uint capabilities=0)
virtual ~JSSecurityPolicy ()
bool hasCapability (uint cap) const
void setCapability (uint cap)
void clearCapability (uint cap)
virtual bool isInterpreterAllowed (const JSObjectProxy *prx, const KJS::Interpreter *interp) const
virtual bool isObjectAllowed (const JSObjectProxy *prx, const QObject *obj) const
virtual bool isPropertyAllowed (const JSObjectProxy *prx, const QObject *obj, const char *prop) const
virtual bool isCreateAllowed (const JSObjectProxy *prx, const QObject *parent, const QString &clazz, const QString &name) const

Static Public Member Functions

JSSecurityPolicydefaultPolicy ()
void setDefaultPolicy (JSSecurityPolicy *pol)
void setDefaultPolicy (uint capabilities)
void deleteDefaultPolicy ()

Detailed Description

Implements the default security policy.

This class defines the interface for security policies, and provides a default implementation that should be sufficient for most situations.

Security Checks

A SecurityPolicy must define tests for the following situations:

The various isAllowed() methods are called automatically by JSObjectProxy when a script attempts to perform a controlled operation.

Default Policy

The security policy applied by default is as follows:

Applications tjat want a custom policy should define a SecurityPolicy that re-implement the various isAllowed() methods, then use JSObjectProxy::setSecurityPolicy() to apply the policy to a proxy.

See also:
Richard Moore,
jssecuritypolicy.h,v 1.2 2003/10/30 22:57:56 rich Exp

Member Enumeration Documentation

enum KJSEmbed::JSSecurityPolicy::Capabilities

Defines a set of flags that indicate if access to a given API should be allowed.

Enumeration values:

Constructor & Destructor Documentation

KJSEmbed::JSSecurityPolicy::JSSecurityPolicy uint  capabilities = 0  ) 

virtual KJSEmbed::JSSecurityPolicy::~JSSecurityPolicy  )  [virtual]

Member Function Documentation

void KJSEmbed::JSSecurityPolicy::clearCapability uint  cap  )  [inline]

Specifies that the passed capabilities are disallowed.

JSSecurityPolicy* KJSEmbed::JSSecurityPolicy::defaultPolicy  )  [static]

Returns the default SecurityPolicy.

void KJSEmbed::JSSecurityPolicy::deleteDefaultPolicy  )  [static]

Deletes the default SecurityPolicy.

bool KJSEmbed::JSSecurityPolicy::hasCapability uint  cap  )  const [inline]

Returns true if any of the specified capabilities are allowed.

virtual bool KJSEmbed::JSSecurityPolicy::isCreateAllowed const JSObjectProxy prx,
const QObject *  parent,
const QString &  clazz,
const QString &  name
const [virtual]

Returns true if scripts are allowed to create the specified child object.

virtual bool KJSEmbed::JSSecurityPolicy::isInterpreterAllowed const JSObjectProxy prx,
const KJS::Interpreter *  interp
const [virtual]

Returns true if the specified interpreter may access the proxy.

virtual bool KJSEmbed::JSSecurityPolicy::isObjectAllowed const JSObjectProxy prx,
const QObject *  obj
const [virtual]

Returns true if scripts are allowed to see the specified QObject.

virtual bool KJSEmbed::JSSecurityPolicy::isPropertyAllowed const JSObjectProxy prx,
const QObject *  obj,
const char *  prop
const [virtual]

Returns true if scripts are allowed to see the specified property.

void KJSEmbed::JSSecurityPolicy::setCapability uint  cap  )  [inline]

Specifies that the passed capabilities are allowed.

void KJSEmbed::JSSecurityPolicy::setDefaultPolicy uint  capabilities  )  [static]

Sets the default SecurityPolicy.

void KJSEmbed::JSSecurityPolicy::setDefaultPolicy JSSecurityPolicy pol  )  [static]

Sets the default SecurityPolicy.

The documentation for this class was generated from the following file:
Generated on Sat May 29 03:13:07 2004 for KJSEmbed by doxygen 1.3.2