UPS policy files are resource files that specify whether application requests to access services are silently accepted or denied or whether they require the user to be prompted. Each service has a policy file. The policy file lists policies for various applications.
Before you start writing a UPS policy file, you must configure the UPS. For more information, see Configuring UPS.
The resource header file, ups/policies.rh, defines the structures and constants required by User Prompt Service policy files.
Device creators can customise the circumstances under which prompts are generated by configuring policies. Policies are made up of details about the service being requested as well as information about whether to accept or deny silently or to ask the user. They are defined in policy lists. Each service has one policy list defining any number of policies.
In cases where the policy specifies that a user prompt is required, ECOM plug-ins called Policy Evaluators and Dialog Creators, written by device creators.
Writing policy files include the following:
Naming and location of policy files
UPS policy files must be named ups_<systemserversid>_<serviceuid>.rsc. They are stored in z:\private\10283558\policies or the equivalent directory on the system drive.
The systemserversid and the serviceuid components of the policy file name are 8-digit, zero-padded hexadecimal numbers.
Policy resource
The policy resource is made up of a header, followed by any number of policies. Policies need to be ordered from most specific to least specific.
RESOURCE POLICIES mypolicies { header = POLICY_HEADER { // header definition }; policies = { POLICY { // definition of policy 1 }, POLICY { // definition of policy 2 } // etc }; }
The following shows an example header:
header = POLICY_HEADER { // The major version number of THIS policy file. // When policy files are upgraded or eclipsed the UPS deletes all decision // records for the system server server SID and service ID where the major // version in the decision record is not equal to the major version // number in the policy file. majorversion = 0; // The minor version number of THIS policy file. minorversion = 0; // Built-in (protected SID and loaded from Z drive) client applications // do not require authorisation from the UPS if the client has the correct // capabilities. authorisationpolicy = ECheckPostManufacture; //dialogcreator and policyevaluator UIDs dialogcreator = 0x10283694; policyevaluator = 0x10283698; };
The following is an example of a policy file:
#include <ups/policies.rh> // Identifies this as a UPS policy file UID2 KUidUpsPolicyResourceFile // Uniquely defines this policy file. The UID should be reserved using the Symbian Signed protected UID allocator. UID3 0x01100001 RESOURCE POLICIES testpolicies { header = POLICY_HEADER { // Built-in (protected SID and loaded from Z drive) client applications // do not require authorisation from the UPS if the client has the correct // capabilities. authorisationpolicy = ECheckPostManufacture; dialogcreator = 0x10283694; policyevaluator = 0x10283698; }; policies = { POLICY { // Silently accept this SID (By specifying only KYes in options field) sid_list = {0x01000030}; destination = "*"; options = KYes; }, POLICY { // Silently accept these SIDs for a specific destination sid_list = {0x01000031,0x01000032}; destination = "*WLAN*"; options = KYes; }, POLICY { // For protected SIDs enable the Always and Never options // if the client has the correct capability. sid_classes = KProtectedSids; systemserversecurity = ESystemServerSecurityPassed; destination = "*"; options = KYes|KNo|KAlways|KNever; policyevaluator = 0x01000020; dialogcreator = 0x01000021; }, POLICY { // Unprotected SIDs may only get one-shot permissions sid_classes = KUnprotectedSids; destination = "*"; options = KYes|KNo; flags = 42; // Flags specific to policy evaluator 0x10283698 } }; }