Resources | developer.brewmp.com Resources | developer.brewmp.com

Developer

resources

Example - privileged service class

There are several ways to specify privileges for a service:

  • Make the class specified in the servedclassid a privileged class
  • Make the service class a privileged class
  • Specify privileges in the required_privs field of the Service declaration

Making the class specified in a servedclassid a privileged class

To make a ClassID privileged, set the privileged field in the Class declaration in the CIF to TRUE, as shown below:

include "AEECLSID_ExService.bid"        -- contains the definition of
                                        -- AEECLSID_ExSerivice
include "AEECLSID_ExampleService.bid"   -- contains the definition of
                                        -- AEECLSID_ExampleService
include "ExService.h"                   -- contains the definition of
                                        -- ExService_New

Service {
   serviceid = AEECLSID_ExampleService,
   iid = AEEIID_IExampleService,
   serverid = 0, -- service is in kernel
   servedclassid = AEECLSID_ExService,
   required_privs = {0}
};
-- Every class must be bound to its New function
Class {
   classid = AEECLSID_ExService,
   newfunc = ExService_New,
   privileged = TRUE,
};

For an application to instantiate a service that is a privileged class, as shown above, the application's CIF needs to include the ClassID in the privs field of the Applet declaration. The CIF must also include the BID file that defines this ClassID. For example:

include "AEECLSID_ExampleApp.bid"  -- contains the definition of
                                   -- AEECLSID_ExampleApp
include "AEECLSID_ExService.bid"   -- contains the definition of AEECLSID_ExService
include "ExampleApp.h"             -- contains the definition of ExampleApp_New

Applet {
   appletid = AEECLSID_ExampleApp,
   resbaseid = 20, -- Applet base resource id
   applethostid = 0,
   type = 0,
   privs = { AEECLSID_ExService },
   newfunc = ExampleApp_New
};

Making a service class a privileged class

If the required_privs field is omitted from the Service declaration in the CIF, the service class is privileged by default, as shown below:

include "AEECLSID_ExService.bid"        -- contains the definition of
                                        -- AEECLSID_ExSerivice
include "AEECLSID_ExampleService.bid"   -- contains the definition of
                                        -- AEECLSID_ExampleService
include "ExService.h"                   -- contains the definition of
                                        -- ExService_New

Service {
   serviceid = AEECLSID_ExampleService,
   iid = AEEIID_IExampleService,
   serverid = 0, -- service is in kernel
   servedclassid = AEECLSID_ExService,
   -- omit required_privs field
};

-- Every class must be bound to its New function
Class {
   classid = AEECLSID_ExService,
   newfunc = ExService_New,
};

For an application to instantiate a service class that is privileged by default, the application's CIF must include the serviceid in the privs fields of its Applet declaration, as follows:

include "AEECLSID_ExampleApp.bid"       -- contains the definition of
                                        -- AEECLSID_ExampleApp
include "AEECLSID_ExampleService.bid"   -- contains the definition of
                                        -- AEECLSID_ExampleService
include "ExampleApp.h"                  -- contains the definition of
                                        -- ExampleApp_New

Applet {
   appletid = AEECLSID_ExampleApp,
   resbaseid = 20, -- Applet base resource id
   applethostid = 0,
   type = 0,
   privs = { AEECLSID_ExampleService },
   newfunc = ExampleApp_New
};

Specifying privileges in the required_privs field of the Service declaration

When a service requires specific privileges to access the service, its CIF needs to include the .bid file that defines the privilege, and also needs to list the privilege, or privileges, in the required_privs field in the Service primitive, as follows:

include "AEECLSID_ExService.bid"         -- contains the definition of
                                         -- AEECLSID_ExService
include "AEECLSID_ExampleService.bid"    -- contains the definition of
                                         -- AEECLSID_ExampleService
include "AEEPRIVID_ExampleService.bid"   -- contains the definition of
                                         -- AEEPRVID_ExampleService
include "ExService.h"                    -- contains the definition of
                                         -- ExService_New

 
-- Service declaration that defines the remote service: where it lives, and
-- what interface it uses.

Service {
   serviceid = AEECLSID_ExampleService,
   iid = AEEIID_IExampleService,
   serverid = 0, -- service is in kernel
   servedclassid = AEECLSID_ExService,
   required_privs = { AEEPRIVID_ExampleService }
};
 
-- Every class must be bound to its New function
Class {
   classid = AEECLSID_ExService,
   newfunc = ExService_New
};

For an application to instantiate a service that requires specific privileges, as shown above, the application's CIF needs to include the .bid file that defines the privilege, and needs to specify one of the privileges required by ExampleService in the privs field in its Applet primitive, as follows:

include "AEECLSID_ExampleApp.bid"      -- contains the definition of
                                       -- AEECLSID_ExampleApp
include "AEEPRIVID_ExampleService.bid" -- contains the definition of
                                       -- AEEPRIVID_ExampleService
include "ExampleApp.h"                 -- contains the definition of
                                       -- ExampleApp_New
 
Applet {
   appletid       =  AEECLSID_ExampleApp,
   resbaseid      =  20, -- Applet base resource id
   applethostid   =  0,
   type           =  0,
   privs          = { AEEPRIVID_ExampleService },
   newfunc = ExampleApp_New
};

For more information on the primitives used in CIF files, see the Resource File and Markup Reference.