signon
8.58
|
00001 /* -*- Mode: C++; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ 00002 /* 00003 * This file is part of signon 00004 * 00005 * Copyright (C) 2009-2010 Nokia Corporation. 00006 * 00007 * Contact: Aurel Popirtac <mailto:ext-Aurel.Popirtac@nokia.com> 00008 * Contact: Alberto Mardegan <alberto.mardegan@canonical.com> 00009 * 00010 * This library is free software; you can redistribute it and/or 00011 * modify it under the terms of the GNU Lesser General Public License 00012 * version 2.1 as published by the Free Software Foundation. 00013 * 00014 * This library is distributed in the hope that it will be useful, but 00015 * WITHOUT ANY WARRANTY; without even the implied warranty of 00016 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 00017 * Lesser General Public License for more details. 00018 * 00019 * You should have received a copy of the GNU Lesser General Public 00020 * License along with this library; if not, write to the Free Software 00021 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 00022 * 02110-1301 USA 00023 */ 00024 00031 #ifndef CREDENTIALS_ACCESS_MANAGER_H 00032 #define CREDENTIALS_ACCESS_MANAGER_H 00033 00034 #include "accesscontrolmanagerhelper.h" 00035 #include "credentialsdb.h" 00036 #include "signonui_interface.h" 00037 00038 #include <QObject> 00039 #include <QPointer> 00040 #include <QFlags> 00041 #include <QStringList> 00042 #include <QVariantMap> 00043 00044 #include "SignOn/AbstractAccessControlManager" 00045 #include "SignOn/AbstractCryptoManager" 00046 #include "SignOn/AbstractKeyAuthorizer" 00047 #include "SignOn/AbstractKeyManager" 00048 #include "SignOn/AbstractSecretsStorage" 00049 #include "SignOn/KeyHandler" 00050 00058 #define SIGNON_SECURE_STORAGE_NOT_AVAILABLE (QEvent::User + 1001) 00059 00066 #define SIGNON_SECURE_STORAGE_AVAILABLE (QEvent::User + 1002) 00067 00072 namespace SignonDaemonNS { 00073 00077 typedef QPointer<QObject> EventSender; 00078 00091 class SecureStorageEvent: public QEvent 00092 { 00093 public: 00094 SecureStorageEvent(QEvent::Type type): QEvent(type), m_sender(0) {} 00095 00096 EventSender m_sender; 00097 }; 00098 00104 struct CAMConfiguration 00105 { 00110 CAMConfiguration(); 00111 00116 void serialize(QIODevice *device); 00117 00121 QString metadataDBPath() const; 00122 00126 QString cryptoManagerName() const; 00127 00131 QString accessControlManagerName() const; 00132 00133 bool useEncryption() const; 00134 00138 QString secretsStorageName() const; 00139 00140 void setStoragePath(const QString &storagePath); 00141 00142 void addSetting(const QString &key, const QVariant &value) { 00143 m_settings.insert(key, value); 00144 } 00145 00146 QString m_storagePath; 00147 QString m_dbName; 00148 QString m_secretsDbName; 00149 QByteArray m_encryptionPassphrase; 00152 QVariantMap m_settings; 00153 }; 00154 00158 enum CredentialsAccessError { 00159 NoError = 0, 00160 NotInitialized, 00161 AlreadyInitialized, 00162 AccessCodeHandlerInitFailed, 00163 AccessCodeNotReady, 00164 FailedToFetchAccessCode, 00165 AccessCodeInvalid, 00166 EncryptionInUse, 00167 CredentialsDbSetupFailed, 00168 CredentialsDbMountFailed, 00169 CredentialsDbUnmountFailed, 00170 CredentialsDbDeletionFailed, 00171 CredentialsDbAlreadyDeployed, 00172 CredentialsDbAlreadyMounted, 00173 CredentialsDbNotMounted, 00174 CredentialsDbConnectionError, 00175 CredentialsDbSqlError, 00176 UnknownError 00177 }; 00178 00193 class CredentialsAccessManager: public QObject 00194 { 00195 Q_OBJECT 00196 00214 enum KeySwapAuthorizingMech { 00215 Disabled = 0, 00216 AuthorizedKeyRemovedFirst, 00217 UnauthorizedKeyRemovedFirst 00218 }; 00219 00225 enum StorageUiCleanupFlag { 00226 NoFlags = 0, 00227 DisableCoreKeyAuthorization 00231 }; 00232 Q_DECLARE_FLAGS(StorageUiCleanupFlags, StorageUiCleanupFlag) 00233 00234 public: 00240 CredentialsAccessManager(const CAMConfiguration &configuration, 00241 QObject *parent = 0); 00242 00249 ~CredentialsAccessManager(); 00250 00254 static CredentialsAccessManager *instance(); 00255 00262 bool init(); 00263 00269 void finalize(); 00270 00275 void addKeyManager(SignOn::AbstractKeyManager *keyManager); 00276 00283 bool initExtension(QObject *object); 00284 00285 QStringList backupFiles() const; 00286 00297 bool openCredentialsSystem(); 00298 00308 bool closeCredentialsSystem(); 00309 00320 bool deleteCredentialsSystem(); 00321 00326 bool credentialsSystemOpened() const { return m_systemOpened; } 00327 00336 bool isCredentialsSystemReady() const; 00337 00341 CredentialsDB *credentialsDB() const; 00342 00346 const CAMConfiguration &configuration() const { return m_CAMConfiguration; } 00347 00352 CredentialsAccessError lastError() const { return m_error; } 00353 00358 bool keysAvailable() const; 00359 00360 Q_SIGNALS: 00364 void credentialsSystemReady(); 00365 00366 private Q_SLOTS: 00367 void onKeyInserted(const SignOn::Key key); 00368 void onLastAuthorizedKeyRemoved(const SignOn::Key key); 00369 void onKeyRemoved(const SignOn::Key key); 00370 void onKeyAuthorizationQueried(const SignOn::Key, int); 00371 void onEncryptedFSMounted(); 00372 void onEncryptedFSUnmounting(); 00373 00374 protected: 00375 void customEvent(QEvent *event); 00376 00377 private: 00378 bool createStorageDir(); 00379 bool openSecretsDB(); 00380 bool isSecretsDBOpen(); 00381 bool closeSecretsDB(); 00382 bool openMetaDataDB(); 00383 void closeMetaDataDB(); 00384 void replyToSecureStorageEventNotifiers(); 00385 00386 private: 00387 static CredentialsAccessManager *m_pInstance; 00388 00389 bool m_isInitialized; 00390 bool m_systemOpened; 00391 /* Flag indicating whether the system is ready or not. 00392 * Currently the system is ready when all of the key managers have 00393 * successfully reported all of the inserted keys. 00394 */ 00395 mutable CredentialsAccessError m_error; 00396 QList<SignOn::AbstractKeyManager *> keyManagers; 00397 00398 CredentialsDB *m_pCredentialsDB; 00399 SignOn::AbstractCryptoManager *m_cryptoManager; 00400 SignOn::KeyHandler *m_keyHandler; 00401 SignOn::AbstractKeyAuthorizer *m_keyAuthorizer; 00402 SignOn::AbstractSecretsStorage *m_secretsStorage; 00403 CAMConfiguration m_CAMConfiguration; 00404 SignOn::AbstractAccessControlManager *m_acManager; 00405 AccessControlManagerHelper *m_acManagerHelper; 00406 00407 /* List of all the senders of a SecureStorageEvent. */ 00408 QList<EventSender> m_secureStorageEventNotifiers; 00409 }; 00410 00411 } //namespace SignonDaemonNS 00412 00413 #endif // CREDENTIALS_ACCESS_MANAGER_H