Main Page Namespace List Class Hierarchy Compound List File List Namespace Members Compound Members

KJSEmbed::JSSecurityPolicy Class Reference

Implements the default security policy. More...

#include <securitypolicy.h>

List of all members.

Public Types

enum Capabilities {
  CapabilityTree = 1, CapabilityGetProperties = 2, CapabilitySetProperties = 4, CapabilitySlots = 8,
  CapabilityFactory = 16, CapabilityTopLevel = 32, CapabilityCustom = 1024, CapabilityNone = 0,
  CapabilityReadOnly = CapabilityTree | CapabilityGetProperties, CapabilityReadWrite = CapabilityReadOnly | CapabilitySetProperties | CapabilitySlots, CapabilityAll = -1
}

Public Methods

JSSecurityPolicy (uint capabilities=0)

virtual ~JSSecurityPolicy ()

bool hasCapability (uint cap) const

void setCapability (uint f)

void clearCapability (uint f)

virtual bool isInterpreterAllowed (const JSObjectProxy *prx, const KJS::Interpreter *interp) const

virtual bool isObjectAllowed (const JSObjectProxy *prx, const QObject *obj) const

virtual bool isPropertyAllowed (const JSObjectProxy *prx, const QObject *obj, const char *prop) const

virtual bool isCreateAllowed (const JSObjectProxy *prx, const QObject *parent, const QString &clazz, const QString &name) const

Static Public Methods

JSSecurityPolicy * defaultPolicy ()

void setDefaultPolicy (JSSecurityPolicy *pol)

void setDefaultPolicy (uint capabilities)

void deleteDefaultPolicy ()

Detailed Description

Implements the default security policy.

This class defines the interface for security policies, and provides a default implementation that should be sufficient for most situations.

Security Checks

A SecurityPolicy must define tests for the following situations:

Does this request come from the correct KJS::Interpreter ?
Is the script allowed to access the specified QObject ?
Is the script allowed to access the specified property ?

The various isAllowed() methods are called automatically by JSObjectProxy when a script attempts to perform a controlled operation.

Default Policy

The security policy applied by default is as follows:

Only the interpreter specified when the initial binding was defined may access the proxy.
Scripts may only access QObjects that are children of the root object. The root object is specified when the embedding application creates the initial binding, and is automatically inherited by any sub-proxies that may be created by the script.
Scripts may access any properties of the objects they can access.

Applications tjat want a custom policy should define a SecurityPolicy that re-implement the various isAllowed() methods, then use JSObjectProxy::setSecurityPolicy() to apply the policy to a proxy.

See also:: KJSEmbed::JSObjectProxy

Author:: Richard Moore, rich@kde.org

Id:: securitypolicy.h,v 1.3 2003/01/31 23:52:29 rich Exp

Member Enumeration Documentation

enum Capabilities

Defines a set of flags that indicate if access to a given API should be allowed.

Member Function Documentation

bool hasCapability ( uint cap ) const [inline]

Returns true if any of the specified capabilities are allowed.

void setCapability ( uint f ) [inline]

Specifies that the passed capabilities are allowed.

void clearCapability ( uint f ) [inline]

Specifies that the passed capabilities are disallowed.

virtual bool isInterpreterAllowed ( const JSObjectProxy * prx,

const KJS::Interpreter * interp

) const [virtual]

Returns true if the specified interpreter may access the proxy.

virtual bool isObjectAllowed ( const JSObjectProxy * prx,

const QObject * obj

) const [virtual]

Returns true if scripts are allowed to see the specified QObject.

virtual bool isPropertyAllowed ( const JSObjectProxy * prx,

const QObject * obj,

const char * prop

) const [virtual]

Returns true if scripts are allowed to see the specified property.

virtual bool isCreateAllowed ( const JSObjectProxy * prx,

const QObject * parent,

const QString & clazz,

const QString & name

) const [virtual]

Returns true if scripts are allowed to create the specified child object.

JSSecurityPolicy* defaultPolicy ( ) [static]

Returns the default SecurityPolicy.

void setDefaultPolicy ( JSSecurityPolicy * pol ) [static]

Sets the default SecurityPolicy.

void setDefaultPolicy ( uint capabilities ) [static]

Sets the default SecurityPolicy.

void deleteDefaultPolicy ( ) [static]

Deletes the default SecurityPolicy.

The documentation for this class was generated from the following file:

securitypolicy.h

Generated at Sat Feb 1 03:23:36 2003 for KJSEmbed by

Public Types
enum	Capabilities { CapabilityTree = 1, CapabilityGetProperties = 2, CapabilitySetProperties = 4, CapabilitySlots = 8, CapabilityFactory = 16, CapabilityTopLevel = 32, CapabilityCustom = 1024, CapabilityNone = 0, CapabilityReadOnly = CapabilityTree \| CapabilityGetProperties, CapabilityReadWrite = CapabilityReadOnly \| CapabilitySetProperties \| CapabilitySlots, CapabilityAll = -1 }
Public Methods
	JSSecurityPolicy (uint capabilities=0)
virtual	~JSSecurityPolicy ()
bool	hasCapability (uint cap) const
void	setCapability (uint f)
void	clearCapability (uint f)
virtual bool	isInterpreterAllowed (const JSObjectProxy prx, const KJS::Interpreter interp) const
virtual bool	isObjectAllowed (const JSObjectProxy prx, const QObject obj) const
virtual bool	isPropertyAllowed (const JSObjectProxy prx, const QObject obj, const char *prop) const
virtual bool	isCreateAllowed (const JSObjectProxy prx, const QObject parent, const QString &clazz, const QString &name) const
Static Public Methods
JSSecurityPolicy *	defaultPolicy ()
void	setDefaultPolicy (JSSecurityPolicy *pol)
void	setDefaultPolicy (uint capabilities)
void	deleteDefaultPolicy ()