ContentFilter.idl

Go to the documentation of this file.

/**
 * @file     ContentFilter.idl
 * @brief    API for Content Filter
 * @version  5
 */

 #import <kerio/web/idl/SharedStructures.idl>
 #import <common.idl>
 #import <Users.idl>

module webadmin {

/**
 * HTTPS configuration
 */
struct HttpsConfig {
   boolean enabled;
   boolean isExclusionMode;
   OptionalIdReference ipAddressGroup;
   UserReferenceList userExceptions;
   boolean disclaimer;
};

/**
 * SafeSearch configuration
 */
struct SafeSearchConfig {
   boolean enabled;
   UserReferenceList userExceptions;
};

/**
 * Web Filter configuration
 */
struct UrlWhiteListEntry {
   string url;
   string description;
};

typedef sequence<UrlWhiteListEntry> UrlWhiteList;

enum UrlFilterStatus {
   UrlFilterNotLicensed,   /* Whole tab disabled (there is feature section in OUR license file (or Control run in trial)) */
   UrlFilterNotActivated,  /* licensed, but ticket not accepted (activated) by filter */
   UrlFilterActivating, /* licensed, but ticket activation in progress */
   UrlFilterActivated   /* licensed and ticket accepted (activated) by filter */
};

struct UrlFilterConfig {
   UrlWhiteList whiteList;
   UrlFilterStatus status;
   string activationErrorDescr;     //< optionally provide additional information about status of activation
   boolean enabled;
   boolean statisticsEnabled;
   boolean allowMiscategorizedReporting;
   boolean appidEnabled;
};

/**
 * List of applications
 */
enum ApplicationType {
   ApplicationWebFilterCategory,
   ApplicationProtocol
};

typedef sequence<ApplicationType> ApplicationTypeList;

struct ContentApplication {
  long id;
  boolean heuristic;
  string group;
  string subGroup;   /* obviously webfilter category name */
  string name;
  string description;
  ApplicationTypeList types; /* one application could be both WebFilter and application */
};

typedef sequence<ContentApplication> ContentApplicationList;

enum ContentConditionEntityType {
   ContentConditionEntityApplication,
   ContentConditionEntityFileName,
   ContentConditionEntityFileGroup,
   ContentConditionEntityUrl,
   ContentConditionEntityUrlGroup
};

enum ContentEntityUrlType {
   ContentEntityUrlWildcard,
   ContentEntityUrlRegex,
   ContentEntityUrlHostname
};

typedef sequence<long> ApplicationList;

struct ContentConditionEntity {
   ContentConditionEntityType type;

   /*@{ ContentConditionEntityApplication */
   ApplicationList applications;
   /*@}*/

   /*@{ ContentConditionEntityFileType & ContentEntityUrl */
   string value;
   /*@}*/

   /*@{ ContentEntityUrl */
   ContentEntityUrlType urlType;
   boolean matchSecured;
   /*@}*/

   /*@{ ContentConditionEntityUrlGroup */
   IdReference urlGroup;
   /*@}*/
   
};

typedef sequence<ContentConditionEntity> ContentConditionEntityList;

struct ContentCondition {
   RuleConditionType type;
   ContentConditionEntityList entities;
};

enum SourceConditonEntityType {
  SourceConditonEntityAddressGroup,
  SourceConditonEntityUsers,
  SourceConditonEntityGuests
};

struct SourceConditonEntity {
   SourceConditonEntityType type;

   /*@{ IP address group */
   IdReference ipAddressGroup;
   /*@}*/

   /*@{ users */
   UserConditionType userType; ///< @see Users.idl, used values: AuthenticatedUsers, SelectedUsers
   UserReference user; ///< @see UserManager
   /*@}*/
};

typedef sequence<SourceConditonEntity> SourceConditonEntityList;

struct SourceCondition {
   RuleConditionType type;
   SourceConditonEntityList entities;
};

struct DenialCondition {
   string denialText;
   kerio::web::OptionalString redirectUrl;
   boolean sendEmail;
};

struct ContentRule {
   kerio::web::KId id;

   /*@{ name */
   boolean enabled;
   string name;
   string description;
   string color;

   /*@{ action */
   RuleAction action;
   boolean logEnabled;
   boolean skipAvScan;
   boolean skipKeywords;
   boolean skipAuthentication;
   DenialCondition denialCondition;


   /*@{ Conditions */
   ContentCondition contentCondition;
   SourceCondition sourceCondition;
   IdReference validTimeRange;

};

typedef sequence<ContentRule> ContentRuleList;

interface ContentFilter {
   /**
    * @param list - list of rule and it's details
    * @throws kerio::web::ApiException \n
    *         -32001 Session expired. - "The user is not logged in." \n
    *          1004  Access denied.   - "Insufficient rights to perform the requested operation."
    */
   void get(out ContentRuleList list);

   /**
    * Stores the list of Content rules
    * @param errors - list of errors occured during method call
    * @param rules - list of rules and it's details
    * @throws kerio::web::ApiException \n
    *         -32001 Session expired. - "The user is not logged in." \n
    *          1004  Access denied.   - "Insufficient rights to perform the requested operation."
    */
   void set(out kerio::web::ErrorList errors, in ContentRuleList rules);

   /**
    * Return list of overlappped rules
    * @param collisions - list of collisions
    * @throws kerio::web::ApiException on error:
    *         -32001 Session expired. - "The user is not logged in."
    *          1004  Access denied.   - "Insufficient rights to perform the requested operation."
    */
   void getCollisions(out CollisionList list);
   
   /**
    * Returns the list of webfilter/application categories and applications
    * @param categories - list of webfilter/application categories and applications
    * @throws kerio::web::ApiException \n
    *         -32001 Session expired. - "The user is not logged in." \n
    *          1004  Access denied.   - "Insufficient rights to perform the requested operation." \n
    *          8000  Internal error.   - "Internal error." - unable to get page list of webfilter/application categories and applications
    */
   void getContentApplicationList(out ContentApplicationList categories);

   /**
    * Returns the list of filename groups
    * @param groups - list of filename groups
    * @throws kerio::web::ApiException \n
    *         -32001 Session expired. - "The user is not logged in." \n
    *          1004  Access denied.   - "Insufficient rights to perform the requested operation."
    *
    * @deprecated use FilenameGroups::get() instead
    */
   void getFilenameGroups(out FilenameGroupList groups);

   /**
    * Returns configuration of WebFilter
    * @param config - configuration values
    * @throws kerio::web::ApiException \n
    *         -32001 Session expired. - "The user is not logged in." \n
    *          1004  Access denied.   - "Insufficient rights to perform the requested operation."
    */
   void getUrlFilterConfig(out UrlFilterConfig config);

   /**
    * Stores configuration of WebFilter
    * @param config - configuration values
    * @throws kerio::web::ApiException \n
    *         -32001 Session expired. - "The user is not logged in." \n
    *          1004  Access denied.   - "Insufficient rights to perform the requested operation."
    */
   void setUrlFilterConfig(in UrlFilterConfig config);

   /**
    * Reports miscategorized url
    *
    * @param url - URL, that is miscategorized
    * @param categoryIds - up to 3 suggested categories. Can be empty, if new category is not known
    * @throws kerio::web::ApiException \n
    *         -32001 Session expired. - "The user is not logged in." \n
    *          1004  Access denied.   - "Insufficient rights to perform the requested operation."
    */
   void reportMiscategorizedUrl(in string url, in kerio::web::IntegerList categoryIds);

   /**
    * Returns current categorization of given url
    *
    * @param url - checked URL
    * @param categoryIds - list of categories, to which given URL belongs
    * @throws kerio::web::ApiException \n
    *         -32001 Session expired. - "The user is not logged in." \n
    *          1004  Access denied.   - "Insufficient rights to perform the requested operation."
    */
   void getUrlCategories(out kerio::web::IntegerList categoryIds, in string url);

   /**
    * Returns configuration of HTTPS Filtering
    * @param config - configuration values
    * @throws kerio::web::ApiException \n
    *         -32001 Session expired. - "The user is not logged in." \n
    *          1004  Access denied.   - "Insufficient rights to perform the requested operation."
    */
   void getHttpsConfig(out HttpsConfig config);

   /**
    * Stores configuration of HTTPS Filtering
    * @param config - configuration values
    * @throws kerio::web::ApiException \n
    *         -32001 Session expired. - "The user is not logged in." \n
    *          1004  Access denied.   - "Insufficient rights to perform the requested operation."
    */
   void setHttpsConfig(in HttpsConfig config);

   /**
    * Returns configuration of SafeSearch
    * @param config - configuration values
    * @throws kerio::web::ApiException \n
    *         -32001 Session expired. - "The user is not logged in." \n
    *          1004  Access denied.   - "Insufficient rights to perform the requested operation."
    */
   void getSafeSearchConfig(out SafeSearchConfig config);

   /**
    * Stores configuration of SafeSearch
    * @param config - configuration values
    * @throws kerio::web::ApiException \n
    *         -32001 Session expired. - "The user is not logged in." \n
    *          1004  Access denied.   - "Insufficient rights to perform the requested operation."
    */
   void setSafeSearchConfig(in SafeSearchConfig config);
   
   /**
    * Clears cache of generated certificates for HTTPS inspection.
    * @throws kerio::web::ApiException \n
    *         -32001 Session expired. - "The user is not logged in." \n
    *          1004  Access denied.   - "Insufficient rights to perform the requested operation."
    */
   void clearHttpsCertCache();
};
}; //webadmin