1 PACKAGE dbms_macols_session AS
2
3 -- Audit action codes
4 G_MAC_OLS_UPGRADE_AUDIT_CODE CONSTANT PLS_INTEGER := 10010;
5
6 /**
7 * Is OLS policy is protected by MAC OLS under DV
8 *
9 * @param policy_name OLS Policy Name
10 */
11 FUNCTION is_mac_policy(policy_name VARCHAR2) RETURN NUMBER;
12
13 /**
14 * Is the max_session_label of the mac OLS policy set
15 *
16 * @param policy_name OLS Policy Name
17 */
18 FUNCTION is_mac_label_set(policy_name VARCHAR2) RETURN NUMBER;
19
20 /**
21 * Can the label be set under MAC OLS for this policy beyond max session label
22 *
23 * @param policy_name OLS Policy Name
24 * @param label OLS Label for the policy
25 */
26 FUNCTION can_set_label(policy_name VARCHAR2,label VARCHAR2) RETURN NUMBER;
27
28 /**
29 * Set the MAC OLS session context variable for the attribute specified
30 *
31 * @param policy_name OLS Policy Name
32 * @param label OLS Label for the policy
33 * @param attribute session context attribute
34 */
35 PROCEDURE set_policy_label_context(policy_name VARCHAR2,label VARCHAR2,attribute VARCHAR2);
36
37 /**
38 * Audit invalid attempt to set/change the label for this policy
39 * beyond max session label and raise the appropriate exception
40 * This procedure is invoked by sa_session.set_label,
41 * sa_session.set_access_profile, sa_session.restore_default_labels
42 * in two cases: a. the label to set is beyond the max session label;
43 * b. the max_session_label is NULL.
44 *
45 * @param policy_name OLS Policy Name
46 * @param label OLS Label for the policy
47 * @param proc_name Name of the procedure/function invoking this procedure.
48 */
49 PROCEDURE label_audit_raise(policy_name VARCHAR2 ,
50 label VARCHAR2,
51 proc_name VARCHAR2) ;
52
53 /**
54 * MAC OLS processing to merge default session label for the policy
55 * with the labels of any factors associated to the policy after the
56 * SA_SESSION restore_default_labels method is called
57 *
58 * @param policy_name OLS Policy Name
59 * @param x_session_label resulting session label after the merge
60 * @param x_mac_label resulting MAX session label after the merge
61 */
62 PROCEDURE restore_default_labels(policy_name IN VARCHAR2
63 , x_session_label OUT VARCHAR2
64 , x_mac_label OUT VARCHAR2) ;
65
66 /**
67 * MAC OLS processing to merge default session label for the policy
68 * with the exist MAX session label after the
69 * SA_SESSION set_access_profile method is called
70 *
71 * @param policy_name OLS Policy Name
72 * @param user_name OLS Policy User Name
73 * @param p_max_session_label existing MAX session label for the policy
74 * @param x_new_max_session_label new MAX session label for the policy
75 */
76 FUNCTION set_access_profile(policy_name VARCHAR2 ,
77 user_name VARCHAR2,
78 p_max_session_label IN VARCHAR2,
79 x_new_session_label OUT VARCHAR2) RETURN NUMBER ;
80
81 END;