KJSEmbed::JSSecurityPolicy Class Reference

Implements the default security policy. More...

#include <jssecuritypolicy.h>

List of all members.

Public Types
enum	Capabilities {   CapabilityTree = 0x0001, CapabilityGetProperties = 0x0002, CapabilitySetProperties = 0x0004, CapabilitySlots = 0x0008,   CapabilityFactory = 0x0010, CapabilityTopLevel = 0x0020, CapabilityCustom = 0x4000, CapabilityNone = 0x0000,   CapabilityReadOnly = CapabilityTree | CapabilityGetProperties, CapabilityReadWrite = CapabilityReadOnly | CapabilitySetProperties | CapabilitySlots, CapabilityAll = 0xffff }
Public Member Functions
	JSSecurityPolicy (uint capabilities=0)
virtual	~JSSecurityPolicy ()
bool	hasCapability (uint cap) const
void	setCapability (uint cap)
void	clearCapability (uint cap)
virtual bool	isInterpreterAllowed (const JSObjectProxy *prx, const KJS::Interpreter *interp) const
virtual bool	isObjectAllowed (const JSObjectProxy *prx, const QObject *obj) const
virtual bool	isPropertyAllowed (const JSObjectProxy *prx, const QObject *obj, const char *prop) const
virtual bool	isCreateAllowed (const JSObjectProxy *prx, const QObject *parent, const QString &clazz, const QString &name) const
Static Public Member Functions
JSSecurityPolicy *	defaultPolicy ()
void	setDefaultPolicy (JSSecurityPolicy *pol)
void	setDefaultPolicy (uint capabilities)
void	deleteDefaultPolicy ()

---

Detailed Description

Implements the default security policy.

This class defines the interface for security policies, and provides a default implementation that should be sufficient for most situations.

Security Checks

A SecurityPolicy must define tests for the following situations:

• Does this request come from the correct ?
• Is the script allowed to access the specified QObject ?
• Is the script allowed to access the specified property ?

The various isAllowed() methods are called automatically by JSObjectProxy when a script attempts to perform a controlled operation.

Default Policy

The security policy applied by default is as follows:

• Only the interpreter specified when the initial binding was defined may access the proxy.
• Scripts may only access QObjects that are children of the root object. The root object is specified when the embedding application creates the initial binding, and is automatically inherited by any sub-proxies that may be created by the script.
• Scripts may access any properties of the objects they can access.

Applications tjat want a custom policy should define a SecurityPolicy that re-implement the various isAllowed() methods, then use JSObjectProxy::setSecurityPolicy() to apply the policy to a proxy.

See also:

KJSEmbed::JSObjectProxy

Author:

Richard Moore, rich@kde.org

Id

jssecuritypolicy.h,v 1.2 2003/10/30 22:57:56 rich Exp

---

Member Enumeration Documentation

enum KJSEmbed::JSSecurityPolicy::Capabilities

Defines a set of flags that indicate if access to a given API should be allowed. Enumeration values: CapabilityTree  CapabilityGetProperties  CapabilitySetProperties  CapabilitySlots  CapabilityFactory  CapabilityTopLevel  CapabilityCustom  CapabilityNone  CapabilityReadOnly  CapabilityReadWrite  CapabilityAll

---

Constructor & Destructor Documentation

KJSEmbed::JSSecurityPolicy::JSSecurityPolicy (  uint  capabilities = 0  )

virtual KJSEmbed::JSSecurityPolicy::~JSSecurityPolicy (   )  [virtual]

---

Member Function Documentation

void KJSEmbed::JSSecurityPolicy::clearCapability (  uint  cap  )  [inline]

Specifies that the passed capabilities are disallowed.

JSSecurityPolicy* KJSEmbed::JSSecurityPolicy::defaultPolicy (   )  [static]

Returns the default SecurityPolicy.

void KJSEmbed::JSSecurityPolicy::deleteDefaultPolicy (   )  [static]

Deletes the default SecurityPolicy.

bool KJSEmbed::JSSecurityPolicy::hasCapability (  uint  cap  )  const [inline]

Returns true if any of the specified capabilities are allowed.

virtual bool KJSEmbed::JSSecurityPolicy::isCreateAllowed (  const JSObjectProxy *  prx, const QObject *  parent, const QString &  clazz, const QString &  name )  const [virtual]

Returns true if scripts are allowed to create the specified child object.

virtual bool KJSEmbed::JSSecurityPolicy::isInterpreterAllowed (  const JSObjectProxy *  prx, const KJS::Interpreter *  interp )  const [virtual]

Returns true if the specified interpreter may access the proxy.

virtual bool KJSEmbed::JSSecurityPolicy::isObjectAllowed (  const JSObjectProxy *  prx, const QObject *  obj )  const [virtual]

Returns true if scripts are allowed to see the specified QObject.

virtual bool KJSEmbed::JSSecurityPolicy::isPropertyAllowed (  const JSObjectProxy *  prx, const QObject *  obj, const char *  prop )  const [virtual]

Returns true if scripts are allowed to see the specified property.

void KJSEmbed::JSSecurityPolicy::setCapability (  uint  cap  )  [inline]

Specifies that the passed capabilities are allowed.

void KJSEmbed::JSSecurityPolicy::setDefaultPolicy (  uint  capabilities  )  [static]

Sets the default SecurityPolicy.

void KJSEmbed::JSSecurityPolicy::setDefaultPolicy (  JSSecurityPolicy *  pol  )  [static]

Sets the default SecurityPolicy.

---

The documentation for this class was generated from the following file:

• jssecuritypolicy.h

---