LibreOffice
LibreOffice 6.4 SDK API Reference
Public Member Functions | List of all members
XAccessController Interface Referencepublished

Interface for checking permissions and invoking privileged or restricted actions. More...

import"XAccessController.idl";

Inheritance diagram for XAccessController:
XInterface AccessController

Public Member Functions

void checkPermission ([in] any perm) raises (AccessControlException)
 Determines whether the access request indicated by the specified permission should be allowed or denied, based on the security policy currently in effect. More...
 
any doRestricted ([in] XAction action, [in] XAccessControlContext restriction) raises (com::sun::star::uno::Exception)
 Perform the specified action restricting permissions to the given XAccessControlContext. More...
 
any doPrivileged ([in] XAction action, [in] XAccessControlContext restriction) raises (com::sun::star::uno::Exception)
 Perform the specified action adding a set of permissions defined by the given XAccessControlContext. More...
 
XAccessControlContext getContext ()
 This method takes a "snapshot" of the current calling context and returns it. More...
 
- Public Member Functions inherited from XInterface
any queryInterface ([in] type aType)
 queries for a new interface to an existing UNO object. More...
 
void acquire ()
 increases the reference counter by one. More...
 
void release ()
 decreases the reference counter by one. More...
 

Detailed Description

Interface for checking permissions and invoking privileged or restricted actions.

Since
OOo 1.1.2

Member Function Documentation

◆ checkPermission()

void checkPermission ( [in] any  perm)
raises (AccessControlException
)

Determines whether the access request indicated by the specified permission should be allowed or denied, based on the security policy currently in effect.

The semantics are equivalent to the security permission classes of the Java platform.

You can also pass a sequence of permissions (sequence< any >) to check a set of permissions, e.g. for performance reasons. This method quietly returns if the access request is permitted, or throws a suitable AccessControlException otherwise.

Parameters
permpermission to be checked
Exceptions
AccessControlExceptionthrown if access is denied
See also
com::sun::star::security::AccessControlException
com::sun::star::security::AllPermission
com::sun::star::security::RuntimePermission
com::sun::star::io::FilePermission
com::sun::star::connection::SocketPermission

◆ doPrivileged()

any doPrivileged ( [in] XAction  action,
[in] XAccessControlContext  restriction 
)
raises (com::sun::star::uno::Exception
)

Perform the specified action adding a set of permissions defined by the given XAccessControlContext.

The action is performed with the union of the permissions of the currently installed XAccessControlContext, the given XAccessControlContext and the security policy currently in effect. The latter includes static security, e.g. based on user credentials.

If the given XAccessControlContext is null, then the action is performed only with the permissions of the security policy currently in effect.

Attention
Do carefully use this method only for well known use-cases to avoid exploits! Script engines executing sandboxed scripts should generally deny calling this method.
Parameters
actionaction object to be executed
restrictionaccess control context to restrict permission; null for no restriction
Returns
result
Exceptions
com::sun::star::uno::Exceptionany UNO exception may be thrown

◆ doRestricted()

any doRestricted ( [in] XAction  action,
[in] XAccessControlContext  restriction 
)
raises (com::sun::star::uno::Exception
)

Perform the specified action restricting permissions to the given XAccessControlContext.

The action is performed with the intersection of the permissions of the currently installed XAccessControlContext, the given XAccessControlContext and the security policy currently in effect. The latter includes static security, e.g. based on user credentials.

If the specified XAccessControlContext is null, then the action is performed with unmodified permissions, i.e. the call makes no sense.

Parameters
actionaction object to be executed
restrictionaccess control context to restrict permission; null for no restriction
Returns
result
Exceptions
com::sun::star::uno::Exceptionany UNO exception may be thrown

◆ getContext()

XAccessControlContext getContext ( )

This method takes a "snapshot" of the current calling context and returns it.

This context may then be checked at a later point, possibly in another thread.

Returns
snapshot of context

The documentation for this interface was generated from the following file: