Microsoft Information Protection (MIP) SDK for C++: Reference 1.15
Doxygen-generated documentation for MIP SDK written in C++
Loading...
Searching...
No Matches
common_types.h
Go to the documentation of this file.
1/*
2 *
3 * Copyright (c) Microsoft Corporation.
4 * All rights reserved.
5 *
6 * This code is licensed under the MIT License.
7 *
8 * Permission is hereby granted, free of charge, to any person obtaining a copy
9 * of this software and associated documentation files(the "Software"), to deal
10 * in the Software without restriction, including without limitation the rights
11 * to use, copy, modify, merge, publish, distribute, sublicense, and / or sell
12 * copies of the Software, and to permit persons to whom the Software is
13 * furnished to do so, subject to the following conditions :
14 *
15 * The above copyright notice and this permission notice shall be included in
16 * all copies or substantial portions of the Software.
17 *
18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.IN NO EVENT SHALL THE
21 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
24 * THE SOFTWARE.
25 *
26 */
27/**
28 * @brief A file Containing the common types used by the upe, file and protection modules.
29 *
30 * @file common_types.h
31 */
32
33#ifndef API_MIP_COMMON_TYPES_H_
34#define API_MIP_COMMON_TYPES_H_
35
36#include <cstring>
37#include <exception>
38#include <map>
39#include <memory>
40#include <string>
41#include <unordered_map>
42#include <vector>
43
44#include "mip/mip_namespace.h"
45
46/** @cond DOXYGEN_HIDE */
47#ifndef UNUSED
48#define UNUSED(x) (void)x
49#endif
50/** @endcond */
51
52MIP_NAMESPACE_BEGIN
53
54/**
55 * @brief Layout for watermarks.
56 */
57enum class WatermarkLayout : unsigned int {
58 HORIZONTAL = 0, /**< Watermark layout is horizontal */
59 DIAGONAL = 1, /**< Watermark layout is diagonal */
60};
61
62/**
63 * @brief Alignment for content marks (content header or content footer).
64 */
65enum class ContentMarkAlignment : unsigned int {
66 LEFT = 0, /**< Content marking is aligned to the left */
67 RIGHT = 1, /**< Content marking is aligned to the right */
68 CENTER = 2, /**< Content marking is centered */
69};
70
71/**
72 * @brief The assignment method of the label on the document. Whether the Assignment of the label was done
73 * automatically, standard or as a privileged operation (The equivalent to an administrator operation).
74 */
75enum class AssignmentMethod : unsigned int {
76 STANDARD = 0, /**< Label assignment method is standard */
77 PRIVILEGED = 1, /**< Label assignment method is privileged */
78 AUTO = 2, /**< Label assignment method is automatic */
79};
80
81/**
82* @brief defines what triggered the SetLabel event
83*/
84enum class ActionSource : unsigned int {
85 MANUAL, /**< Selected manually by user */
86 AUTOMATIC, /**< Set by policy conditions */
87 RECOMMENDED, /**< Set by user after label was recommended by policy conditions */
88 DEFAULT /**< Set by default in policy */
89};
90
91/**
92* @brief Defines what state of the data is the application acting upon
93*/
94enum class DataState : unsigned int {
95 REST, /**< Inactive data stored physically in databases/file/warehouses */
96 MOTION, /**< Data traversing a network or temporarily residing in computer memory to be read or updated */
97 USE, /**< Active data under constant change stored physically in databases/file/warehouses etc */
98};
99
100inline const std::string& GetFileContentFormat() {
101 static const std::string fileContentFormat = "file";
102 return fileContentFormat;
103}
104
105inline const std::string& GetEmailContentFormat() {
106 static const std::string emailContentFormat = "email";
107 return emailContentFormat;
108}
109
110/**
111 * @brief Label filter types, optional set of properties that can be used to filter labels or label behavior when
112 * calling list sensitivity labels or autoclassifying data.
113 */
114enum LabelFilterType : unsigned int {
115 None = 0, /**< Disable default labeling filtration */
116 CustomProtection = 1 << 0, /**< Filter labels that may result in custom protection*/
117 TemplateProtection = 1 << 1, /**< Filter labels that may result in template protection */
118 DoNotForwardProtection = 1 << 2, /**< Filter labels that may result in do not forward */
119 AdhocProtection = 1 << 3, /**< Filter labels that may result in adhoc protection */
120 HyokProtection = 1 << 4, /**< Filter labels that may result in hyok protection */
121 PredefinedTemplateProtection = 1 << 5, /**< Filter labels that may result in predefined template protection */
122 DoubleKeyProtection = 1 << 6, /**< Filter labels that may result in protection that requires double key, can be template, adhoc, dnf. This filter removes support for all double key labels*/
123 DoubleKeyUserDefinedProtection = 1 << 7, /**< Filter labels that may result in protection that requires double key adhoc and dnf. This filter removes support for double key adhoc labels. It is more selective than DoubleKeyProtection filter which removes all support*/
124 EncryptOnlyProtection = 1 << 8, /**< Filter labels that may result in encrypt only */
125 SensitiveInformationClassifier = 1 << 9, /**< Classifier based on Sensitive Information Detection (e.g. Credit card number or SSN) uses the Microsoft Classification Engine (MCE) */
126 MachineLearningClassifier = 1 << 10, /**< Classifier based on Machine Learning (e.g. Offensive Language) */
127 ExtendedSensitiveInformationClassifier = 1 << 11, /**< Classifier based on Sensitive Information Detection (e.g. Credit card number or SSN) does not use MCE */
128};
129
130/**
131 * @brief Name change within the cpp workspace to imply the filters has greater scope than
132 * just label behavior. Avoided changing name fully to prevent breaking on client operations.
133 */
135
137 return static_cast<FunctionalityFilterType>(static_cast<int>(firstFilter) | static_cast<int>(secondFilter));
138}
139
141 return static_cast<FunctionalityFilterType>(static_cast<int>(firstFilter) & static_cast<int>(secondFilter));
142}
143
145 return static_cast<FunctionalityFilterType>(~(static_cast<int>(filter)));
146}
147
148/**
149* @brief Defines new features by name
150*/
151enum class FeatureId : unsigned int {
152 EncryptOnly, /**< Check if server supports EncryptOnly feature */
153};
154
155/**
156* @brief various dynamic fields can be set into the text message of the application
157* Some known:
158* ${Item.Label}
159* ${Item.Name}
160* ${Item.Location}
161* ${User.Name}
162* ${User.PrincipalName}
163* ${Event.DateTime}
164* Others are still not defined:
165* The sdk will replace them with correct values using these control flags.
166*/
167enum class VariableTextMarkingType : unsigned int {
168 Default = 0, /**< Known markings are converted unknown marking are removed */
169 PassThrough = 1, /**< Known markings are converted unknown marking are passed through */
170 None = 2, /**< All markings are passed through */
171};
172
173/** @cond DOXYGEN_HIDE */
174
175/**
176* @brief behavior control on decrypting container types. (msg)
177*/
178enum class ContainerDecryptionOption : unsigned int {
179 Default = 0, /** default same as msg */
180 Msg = 1, /** decrypt top and secondary level, default for msg */
181 Top = 2, /**< Known markings are converted unknown marking are passed through */
182 All = 3, /**< Attempt to decrypt all, if failed keeps data encrypted. */
183};
184
185/**
186 * @brief Converts AssignmentMethod enum to a string description
187 *
188 * @param str an assignment method.
189 * @return a string description of the assignment method.
190 */
191inline std::string ContainerDecryptionOptionString(ContainerDecryptionOption option) {
192 static std::string kMethodArray[] = { "default", "msg", "top", "all" };
193 return kMethodArray[static_cast<int>(option)];
194}
195
196/** @endcond */
197
198/**
199 * @brief The type of classification the application should be running on the data to determine autolabeling status
200 */
201enum class Classifier : unsigned int {
202 SensitiveInformation = 0, // Classifier based on specific content (credit cards); Uses Microsoft Classification Engine
203 MachineLearning = 1, // Classifier based on Machine Learning recognition (offensive language)
204 ExtendedSensitiveInformation = 2, // Classifier based on specific content (credit cards); Does not use Microsoft Classification Engine
205};
206
207/**
208 * @brief The workload the application is working on, used primary to check for consent.
209 */
210enum class Workload : unsigned int {
211 Office = 0, // Office type workloads, which include File and Email content types.
212 Purview = 1, // Purview type workloads, which includes File, Email and SchematizedData content types.
213};
214
216{
217 std::unordered_map<std::string, std::string> uniqueIds;
218 std::vector<std::string> contentFormats;
219};
220typedef std::map<mip::Classifier, UniqueIdsAndContentFormats> ClassifierUniqueIdsAndContentFormats;
221
222/**
223 * @brief Converts AssignmentMethod enum to a string description
224 *
225 * @param method an assignment method.
226 * @return a string description of the assignment method.
227 */
228inline std::string GetAssignmentMethodString(AssignmentMethod method) {
229 static std::string kMethodArray[] = { "Standard", "Privileged", "Auto" };
230 return kMethodArray[static_cast<int>(method)];
231}
232
233/**
234* @brief Get the action source name.
235*
236* @param actionSource The action source.
237* @return a string representation of the action source.
238*/
239inline static std::string GetActionSourceString(ActionSource actionSource) {
240 static std::string kMethodArray[] = { "Manual", "Automatic", "Recommended", "Default" };
241 return kMethodArray[static_cast<int>(actionSource)];
242}
243
244/**
245* @brief Get the content state name.
246*
247* @param actionSource The state of the content being worked upon.
248* @return a string representation of the content state.
249*/
250inline static std::string GetDataStateString(DataState state) {
251 static std::string kMethodArray[] = { "Rest", "Motion", "Use" };
252 return kMethodArray[static_cast<int>(state)];
253}
254
255// Extension to use when creating sqlite table on disk
256inline const std::string& GetSqliteExtension() {
257 static const std::string sqliteExtension = ".sqlite3";
258 return sqliteExtension;
259}
260
261// Path to use when creating a table in memory
262inline const std::string& GetMemoryDatabasePath() {
263 static const std::string memoryPath = ":memory:";
264 return memoryPath;
265}
266
267/**
268 * @brief Abstraction for identity.
269 */
270class Identity {
271public:
272 /**
273 * @brief Default Identity constructor used when a user email address is not known.
274 */
276 /**
277 * @brief Identity copy constructor.
278 *
279 * @param Identity used to create the copy.
280 */
281 Identity(const Identity& other)
282 : mEmail(other.mEmail),
283 mName(other.mName) { }
284
285 /**
286 * @brief Identity constructor used when a user email address is known.
287 *
288 * @param email must be valid email address.
289 */
290 explicit Identity(const std::string& email) : mEmail(email) { }
291
292 /**
293 * @brief Identity constructor used when a user email address and user name is known.
294 *
295 * @param email must be valid email address.
296 * @param name user name.
297 */
298 explicit Identity(const std::string& email, const std::string& name) : mEmail(email), mName(name) { }
299
300 /**
301 * @brief Get the email.
302 *
303 * @return the email.
304 */
305 const std::string& GetEmail() const { return mEmail; }
306
307 /**
308 * @brief Get the user's friendly name. used for text marking.
309 *
310 * @return the friendly name.
311 */
312 const std::string& GetName() const { return mName; }
313
314private:
315 std::string mEmail;
316 std::string mName;
317};
318
319/**
320 * @brief Delegate for auth related operations.
321 */
323public:
324 /**
325 * @brief a class that contains all the information required from the calling application in order to
326 * generate an oauth2 token.
327 */
329 public:
330 /**
331 * @brief Construct a new OAuth2Challenge object
332 *
333 * @param authority the authority the token needs to be generated against.
334 * @param resource the resource the token is set to.
335 * @param scope the scope the token is set to.
336 */
338 const std::string& authority,
339 const std::string& resource,
340 const std::string& scope = std::string(),
341 const std::string& claims = std::string())
342 : mAuthority(authority),
343 mResource(resource),
344 mScope(scope),
345 mClaims(claims) {
346 }
347 /**
348 * @brief Get the authority string.
349 *
350 * @return the authority string.
351 */
352 const std::string& GetAuthority() const { return mAuthority; }
353 /**
354 * @brief Get the resource string
355 *
356 * @return the resource string.
357 */
358 const std::string& GetResource() const { return mResource; }
359 /**
360 * @brief Get the scope string
361 *
362 * @return the scope string.
363 */
364 const std::string& GetScope() const { return mScope; }
365 /**
366 * @brief Get the claims string
367 *
368 * @return the claims string.
369 */
370 const std::string& GetClaims() const { return mClaims; }
371 private:
372 std::string mAuthority;
373 std::string mResource;
374 std::string mScope;
375 std::string mClaims;
376 };
377
378 /**
379 * @brief A class containing access token info provided by an application
380 */
382 public:
383 /**
384 * @brief Construct a new OAuth2Token object
385 */
387
388 /**
389 * @brief Construct a new OAuth2Token object from JWT access token.
390 *
391 * @param accessToken JWT access token.
392 */
393 OAuth2Token(const std::string& accessToken) : mAccessToken(accessToken) {}
394
395 /**
396 * @brief Get the access token string.
397 *
398 * @return Access token string.
399 */
400 const std::string& GetAccessToken() const { return mAccessToken; }
401
402 /**
403 * @brief Set the access token string.
404 *
405 * @param accessToken Access token string.
406 */
407 void SetAccessToken(const std::string& accessToken) { mAccessToken = accessToken; }
408
409 /**
410 * @brief Get the error message, if any
411 *
412 * @return Error message.
413 */
414 const std::string& GetErrorMessage() const { return mErrorMessage; }
415
416 /**
417 * @brief Set the error message.
418 *
419 * @param errorMessage Error message.
420 */
421 void SetErrorMessage(const std::string& errorMessage) { mErrorMessage = errorMessage; }
422
423 private:
424 std::string mAccessToken;
425 std::string mErrorMessage;
426 };
427
428 /**
429 * @brief This method is called when an auth token is required for the policy engine with the given identity and the given challenge.
430 * The client should return whether acquiring token was successful. If successful, it should initialize the given token object.
431 *
432 * @param identity User for whom a token is requested
433 * @param challenge OAuth2 challenge
434 * @param token [Output] Base64-encoded OAuth2 token
435 *
436 * @return True if token successfully acquired, else false
437 *
438 * @note On failure, if token output parameter contains an error message, it will be included in the NoAuthTokenError
439 * exception that will later be raised to the application.
440 *
441 * @deprecated This method will soon be deprecated in favor of the one accepting a context parameter. If the new version
442 * has been implemented, there is no need to implement this version.
443 */
444 virtual bool AcquireOAuth2Token(
445 const Identity& identity,
446 const OAuth2Challenge& challenge,
447 OAuth2Token& token) { UNUSED(identity); UNUSED(challenge); UNUSED(token); return false; }
448
449 /**
450 * @brief This method is called when an auth token is required for the policy engine with the given identity and the given challenge.
451 * The client should return whether acquiring token was successful. If successful, it should initialize the given token object.
452 *
453 * @param identity User for whom a token is requested
454 * @param challenge OAuth2 challenge
455 * @param context Opaque context that was passed to the MIP API by the host application
456 * @param token [Output] Base64-encoded OAuth2 token
457 *
458 * @return True if token successfully acquired, else false
459 *
460 * @note On failure, if token output parameter contains an error message, it will be included in the NoAuthTokenError
461 * exception that will later be raised to the application.
462 */
463 virtual bool AcquireOAuth2Token(
464 const Identity& identity,
465 const OAuth2Challenge& challenge,
466 const std::shared_ptr<void>& context,
467 OAuth2Token& token) {
468 // Temporarily call into old 'AcquireOAuth2Token' method until it is fully deprecated (in case application
469 // hasn't yet implemented this new method)
470 UNUSED(context);
471 return AcquireOAuth2Token(identity, challenge, token);
472 }
473
474 /** @cond DOXYGEN_HIDE */
475 virtual ~AuthDelegate() { }
476protected:
477 AuthDelegate() { }
478 /** @endcond */
479};
480
481/**
482 * @brief A user's response when consent is requested to connect to a service endpoint.
483 */
484enum class Consent : unsigned int {
485 AcceptAlways, /**< Consent, and remember this decision */
486 Accept, /**< Consent, just one time */
487 Reject /**< Do not consent */
488};
489
490/**
491 * @brief Delegate for consent related operations.
492 *
493 * @note This delegate is implemented by a client application to know when a
494 * consent request notification should be displayed to the user.
495 */
497public:
498 /**
499 * @brief Called when SDK requires user consent to connect to a service
500 * endpoint.
501 *
502 * @param url The URL for which the SDK requires user consent
503 *
504 * @return a Consent enum with the user's decision.
505 *
506 * @note When the SDK requests user consent with this method, the client
507 * application should present the URL to the user. Client applications should
508 * provide some means of obtaining user consent and return the appropriate
509 * Consent enum that corresponds to the user's decision.
510 */
511 virtual Consent GetUserConsent(const std::string& url) = 0;
512
513 /** @cond DOXYGEN_HIDE */
514 virtual ~ConsentDelegate() { }
515protected:
516 ConsentDelegate() { }
517 /** @endcond */
518};
519
520/**
521 * @brief A struct that includes application specific information
522 */
524 std::string applicationId; /**< Application identifier as set in the AAD portal, (Should be a GUID without brackets). */
525 std::string applicationName; /**< Application name, (Should only contain valid ASCII character excluding ';') */
526 std::string applicationVersion;/**< The version of the application being used, (Should only contain valid ASCII character excluding ';') */
527};
528
529/**
530 * @brief Name of the setting to explicitly specify policy data.
531 *
532 * @return the custom settings key.
533 */
534inline constexpr const char* GetCustomSettingPolicyDataName() {
535 return "policy_data";
536}
537/**
538 * @brief Name of the setting to explicitly specify file path to export SCC policy data to.
539 *
540 * @return the custom settings key.
541 */
542inline constexpr const char* GetCustomSettingExportPolicyFileName() {
543 return "export_policy_file";
544}
545/**
546 * @brief Name of the setting to explicitly specify sensitivity data.
547 *
548 * @return the custom settings key.
549 */
550inline constexpr const char* GetCustomSettingSensitivityTypesDataName() {
551 return "sensitivity_types_data";
552}
553/**
554 * @brief Name of the setting to explicitly specify policy data file path.
555 *
556 * @return the custom settings key.
557 */
558inline constexpr const char* GetCustomSettingPolicyDataFile() {
559 return "policy_file";
560}
561/**
562 * @brief Name of the setting to explicitly specify sensitivity types data file path.
563 *
564 * @return the custom settings key.
565 */
566inline constexpr const char* GetCustomSettingSensitivityTypesDataFile() {
567 return "sensitivity_types_file";
568}
569/**
570 * @brief Name of the setting that allows to enable label by custom properties and custom properties by label features.
571 *
572 * @return the custom settings key.
573 */
575 return "label_custom_properties_sync_enabled";
576}
577/**
578 * @brief Name of the setting that enables overriding policy ttl in days be default it will be 30 days.
579 * Values should be set as string integers i < 0 means infinite time to live.
580 *
581 * @return the custom settings key.
582 */
583inline constexpr const char* GetCustomSettingPolicyTtlDays() {
584 return "PolicyTtlDays";
585}
586/**
587 * @brief Name of the setting that enables overriding sensitivity policy ttl in days be default it will be 30 days.
588 * Values should be set as string integers i < 0 means infinite time to live.
589 *
590 * @return the custom settings key.
591 */
592inline constexpr const char* GetCustomSettingSensitivityPolicyTtlDays() {
593 return "SensitivityPolicyTtlDays";
594}
595/** @cond DOXYGEN_HIDE */
596/**
597 * @brief enforce pfile protection on msg file type when using file api.
598 * EnforceMsgPfileProtection will overide enable_msg_file_type
599 * (enable_msg_file_type &= !EnforceMsgPfileProtection)
600 * @return the custom settings key.
601 */
602inline constexpr const char* GetEnforceMsgPfileProtection() {
603 return "EnforceMsgPfileProtection";
604}
605/**
606 * @brief enable msg file type when using file api, experimental.
607 * currently support remove protection, known gaps ole attachment, voice attachments.
608 * @return the custom settings key.
609 */
610inline constexpr const char* GetCustomSettingEnableMsgFileType() {
611 return "enable_msg_file_type";
612}
613/**
614 * @brief Container (msg) decryption option, "default" (decrypt top level and secondary), "top" (decrypt top only),
615 * "all" not yet supported, experimental feature.
616 * @return the custom container decryption option.
617 */
618inline constexpr const char* GetCustomSettingContainerDecryptionOption() {
619 return "container_decryption_option";
620}
621/**
622 * @brief enable PowerBI file type when using file api, experimental.
623 * @return the custom settings key.
624 */
625inline constexpr const char* GetCustomSettingEnablePowerBIFileType() {
626 return "enable_power_bi_file_type";
627}
628/**
629 * @brief keep pdf linearization during protection and unprotection.
630 * @return the custom settings key.
631 */
632inline constexpr const char* GetCustomSettingKeepPdfLinearization() {
633 return "keep_pdf_linearization";
634}
635inline constexpr const char* GetCustomSettingEnableDeprecatedRemoveActions() {
636 return "enable_deprecated_remove_actions";
637}
638inline constexpr const char* GetCustomSettingPrintDiscoveredInfoTypesToTrace() {
639 return "LogMatchedContentToTrace";
640}
641inline constexpr const char* GetCustomSettingTaskTimeoutMs() {
642 return "TaskTimeoutMs";
643}
644
645inline constexpr const char* GetCustomSettingLabelWithoutPolicy() {
646 return "label_without_policy";
647}
648
649inline constexpr const char* GetCustomSettingMaxFileSizeForProtection() {
650 return "max_file_size_for_protection";
651}
652
653inline constexpr const char* GetCustomSettingMaxPolicyXmlVersion() {
654 return "max_policy_xml_version";
655}
656
657/**
658 * @brief enable mipservice to specify delegated application information, for application using their service.
659 * Current supported format for delegation {"id":"<valid-guid>", "name":"<ascii chars>", "version":"1.0.0.0"}
660 * @return the custom settings key.
661 */
662inline constexpr const char* GetCustomSettingDelegateApplicationInfo() {
663 return "delegate_application_info";
664}
665
666/**
667 * @brief Configures whether co-auth metadata versioning is respected for Office file types.
668 * By default, co-auth support is enabled via the Security & Compliance Center configuration.
669 * Use this setting to disable co-auth metadata versioning even if it is enabled via policy.
670 * To disable co-auth metadata, set this custom setting to false.
671 */
672inline constexpr const char* GetCustomSettingEnableCoAuthMetadata() {
673 return "co_auth_metadata";
674}
675
676/**
677 * @brief if set enable list senstivity labels to return all labels regardless of content formats, primarily useed for
678 * mip service where per call filtration is controlled by graph api.
679 * @return the custom settings key.
680 */
681inline constexpr const char* GetCustomSettingLabelsForAllContentFormats() {
682 return "labels_for_all_content_formats";
683}
684
685/** @endcond */
686
687/** @cond DOXYGEN_HIDE */
688class CaseInsensitiveComparator {
689public:
690 bool operator() (const std::string& lhs, const std::string& rhs) const {
691 if (lhs.size() != rhs.size())
692 return lhs.size() < rhs.size();
693
694#ifdef _WIN32
695 return _strnicmp(lhs.c_str(), rhs.c_str(), lhs.size()) < 0;
696#else
697 return strncasecmp(lhs.c_str(), rhs.c_str(), lhs.size()) < 0;
698#endif // WIN32
699 }
700};
701/** @endcond */
702
703/**
704 * @brief Storage type for the caches
705 */
706enum class CacheStorageType : unsigned int {
707 InMemory = 0, /**< In Memory storage */
708 OnDisk = 1, /**< On Disk storage */
709 OnDiskEncrypted = 2 /**< On Disk storage with internal encryption (if supported by the platform) */
710};
711
712/**
713 * @brief Describes PFile extensions behavior
714 */
716 Default = 0, /**< Extensions will become as SDK default behavior */
717 PFileSuffix = 1, /**< Extensions will become <EXT>.PFILE */
718 PPrefix = 2, /**< Extensions will become P<EXT> */
719};
720
721/**
722 * @brief Azure cloud identifier
723 */
724enum class Cloud {
725 Unknown = 0, /**< Cloud not specified or URL not recognized as an Azure cloud */
726 Custom = 1, /**< Custom cloud: endpoint base URL manually specified by application */
727 Test = 2, /**< Test cloud */
728 Commercial = 3, /**< Global commercial cloud */
729 Germany = 4, /**< Germany sovereign cloud */
730 US_DoD = 5, /**< US sovereign cloud (DoD) */
731 US_GCC = 6, /**< US sovereign cloud (GCC) */
732 US_GCC_High = 7, /**< US sovereign cloud (GCC-High) */
733 US_Sec = 8, /**< US sovereign cloud (Sec) */
734 US_Nat = 9, /**< US sovereign cloud (Nat) */
735 China_01 = 10, /**< China sovereign cloud */
736};
737
738/**
739 * @brief Diagnostic region identifier
740 */
741enum class DataBoundary {
742 Default = 0, /**< Region is not specified */
743 North_America = 1, /**< North America region */
744 European_Union = 2, /**< European Union region */
745 Europe_MiddleEast_Africa = 3, /**< Europe, Middle East & Africa region */
746 Asia = 4, /**< Asia region */
747};
748
749/**
750 * @brief Class used to cancel async operation.
751 */
753public:
754 /**
755 * @brief Calling cancel will result in a attempt to cancel the task, in case of success the
756 * appropriate onFailure callback will be called with mip::OperationCancelledError.
757 * This feature is dependent on the task dispatcher delegate (@see mip::TaskDispatcherDelegate),
758 *
759 * @return false if cancel signal cannot be dispatched, true otherwise.
760 *
761 * @note Do not hold a strong reference to an AsyncControl object in a task completion block.
762 */
763 virtual bool Cancel() = 0;
764 /** @cond DOXYGEN_HIDE */
765 virtual ~AsyncControl() = default;
766 /** @endcond */
767};
768
769MIP_NAMESPACE_END
770
771#endif // API_MIP_COMMON_TYPES_H_
Class used to cancel async operation.
virtual bool Cancel()=0
Calling cancel will result in a attempt to cancel the task, in case of success the appropriate onFail...
a class that contains all the information required from the calling application in order to generate ...
const std::string & GetScope() const
Get the scope string.
const std::string & GetResource() const
Get the resource string.
const std::string & GetClaims() const
Get the claims string.
OAuth2Challenge(const std::string &authority, const std::string &resource, const std::string &scope=std::string(), const std::string &claims=std::string())
Construct a new OAuth2Challenge object.
const std::string & GetAuthority() const
Get the authority string.
A class containing access token info provided by an application.
void SetAccessToken(const std::string &accessToken)
Set the access token string.
OAuth2Token(const std::string &accessToken)
Construct a new OAuth2Token object from JWT access token.
OAuth2Token()
Construct a new OAuth2Token object.
void SetErrorMessage(const std::string &errorMessage)
Set the error message.
const std::string & GetAccessToken() const
Get the access token string.
const std::string & GetErrorMessage() const
Get the error message, if any.
Delegate for auth related operations.
virtual bool AcquireOAuth2Token(const Identity &identity, const OAuth2Challenge &challenge, const std::shared_ptr< void > &context, OAuth2Token &token)
This method is called when an auth token is required for the policy engine with the given identity an...
virtual bool AcquireOAuth2Token(const Identity &identity, const OAuth2Challenge &challenge, OAuth2Token &token)
This method is called when an auth token is required for the policy engine with the given identity an...
Delegate for consent related operations.
virtual Consent GetUserConsent(const std::string &url)=0
Called when SDK requires user consent to connect to a service endpoint.
Abstraction for identity.
Identity(const std::string &email, const std::string &name)
Identity constructor used when a user email address and user name is known.
Identity()
Default Identity constructor used when a user email address is not known.
const std::string & GetEmail() const
Get the email.
Identity(const Identity &other)
Identity copy constructor.
const std::string & GetName() const
Get the user's friendly name.
Identity(const std::string &email)
Identity constructor used when a user email address is known.
const std::string & GetSqliteExtension()
constexpr const char * GetCustomSettingSensitivityTypesDataName()
Name of the setting to explicitly specify sensitivity data.
FeatureId
Defines new features by name.
@ EncryptOnly
Check if server supports EncryptOnly feature.
PFileExtensionBehavior
Describes PFile extensions behavior.
@ PPrefix
Extensions will become P<EXT>
@ PFileSuffix
Extensions will become <EXT>.PFILE.
Cloud
Azure cloud identifier.
@ US_GCC_High
US sovereign cloud (GCC-High)
@ US_Sec
US sovereign cloud (Sec)
@ Test
Test cloud.
@ US_GCC
US sovereign cloud (GCC)
@ US_Nat
US sovereign cloud (Nat)
@ China_01
China sovereign cloud.
@ Unknown
Cloud not specified or URL not recognized as an Azure cloud.
@ US_DoD
US sovereign cloud (DoD)
@ Custom
Custom cloud: endpoint base URL manually specified by application.
@ Commercial
Global commercial cloud.
@ Germany
Germany sovereign cloud.
AssignmentMethod
The assignment method of the label on the document.
@ STANDARD
Label assignment method is standard.
@ PRIVILEGED
Label assignment method is privileged.
@ AUTO
Label assignment method is automatic.
CacheStorageType
Storage type for the caches.
@ InMemory
In Memory storage.
@ OnDisk
On Disk storage.
@ OnDiskEncrypted
On Disk storage with internal encryption (if supported by the platform)
constexpr const char * GetCustomSettingPolicyDataName()
Name of the setting to explicitly specify policy data.
FunctionalityFilterType operator&(FunctionalityFilterType firstFilter, FunctionalityFilterType secondFilter)
constexpr const char * GetCustomSettingSensitivityPolicyTtlDays()
Name of the setting that enables overriding sensitivity policy ttl in days be default it will be 30 d...
const std::string & GetFileContentFormat()
FunctionalityFilterType operator|(FunctionalityFilterType firstFilter, FunctionalityFilterType secondFilter)
VariableTextMarkingType
various dynamic fields can be set into the text message of the application Some known: ${Item....
@ Default
Known markings are converted unknown marking are removed.
@ PassThrough
Known markings are converted unknown marking are passed through.
DataState
Defines what state of the data is the application acting upon.
@ REST
Inactive data stored physically in databases/file/warehouses.
@ USE
Active data under constant change stored physically in databases/file/warehouses etc.
@ MOTION
Data traversing a network or temporarily residing in computer memory to be read or updated.
ContentMarkAlignment
Alignment for content marks (content header or content footer).
@ RIGHT
Content marking is aligned to the right.
@ LEFT
Content marking is aligned to the left.
@ CENTER
Content marking is centered.
Consent
A user's response when consent is requested to connect to a service endpoint.
@ AcceptAlways
Consent, and remember this decision.
@ Accept
Consent, just one time.
@ Reject
Do not consent.
FunctionalityFilterType operator~(FunctionalityFilterType filter)
const std::string & GetMemoryDatabasePath()
Workload
The workload the application is working on, used primary to check for consent.
static std::string GetDataStateString(DataState state)
Get the content state name.
LabelFilterType
Label filter types, optional set of properties that can be used to filter labels or label behavior wh...
@ DoubleKeyUserDefinedProtection
Filter labels that may result in protection that requires double key adhoc and dnf.
@ CustomProtection
Filter labels that may result in custom protection.
@ TemplateProtection
Filter labels that may result in template protection.
@ EncryptOnlyProtection
Filter labels that may result in encrypt only.
@ DoNotForwardProtection
Filter labels that may result in do not forward.
@ HyokProtection
Filter labels that may result in hyok protection.
@ MachineLearningClassifier
Classifier based on Machine Learning (e.g.
@ AdhocProtection
Filter labels that may result in adhoc protection.
@ None
Disable default labeling filtration.
@ DoubleKeyProtection
Filter labels that may result in protection that requires double key, can be template,...
@ ExtendedSensitiveInformationClassifier
Classifier based on Sensitive Information Detection (e.g.
@ SensitiveInformationClassifier
Classifier based on Sensitive Information Detection (e.g.
@ PredefinedTemplateProtection
Filter labels that may result in predefined template protection.
constexpr const char * GetCustomSettingPolicyDataFile()
Name of the setting to explicitly specify policy data file path.
static std::string GetActionSourceString(ActionSource actionSource)
Get the action source name.
Classifier
The type of classification the application should be running on the data to determine autolabeling st...
@ ExtendedSensitiveInformation
@ SensitiveInformation
constexpr const char * GetCustomSettingPolicyTtlDays()
Name of the setting that enables overriding policy ttl in days be default it will be 30 days.
constexpr const char * GetCustomSettingSensitivityTypesDataFile()
Name of the setting to explicitly specify sensitivity types data file path.
DataBoundary
Diagnostic region identifier.
@ Asia
Asia region.
@ European_Union
European Union region.
@ North_America
North America region.
@ Europe_MiddleEast_Africa
Europe, Middle East & Africa region.
std::string GetAssignmentMethodString(AssignmentMethod method)
Converts AssignmentMethod enum to a string description.
std::map< mip::Classifier, UniqueIdsAndContentFormats > ClassifierUniqueIdsAndContentFormats
ActionSource
defines what triggered the SetLabel event
@ AUTOMATIC
Set by policy conditions.
@ RECOMMENDED
Set by user after label was recommended by policy conditions.
@ DEFAULT
Set by default in policy.
@ MANUAL
Selected manually by user.
WatermarkLayout
Layout for watermarks.
@ HORIZONTAL
Watermark layout is horizontal.
@ DIAGONAL
Watermark layout is diagonal.
LabelFilterType FunctionalityFilterType
Name change within the cpp workspace to imply the filters has greater scope than just label behavior.
constexpr const char * GetCustomSettingLabelCustomPropertiesSyncEnabled()
Name of the setting that allows to enable label by custom properties and custom properties by label f...
const std::string & GetEmailContentFormat()
constexpr const char * GetCustomSettingExportPolicyFileName()
Name of the setting to explicitly specify file path to export SCC policy data to.
@ All
Any and all Pii is represented.
@ Msg
Msg style file inspector, rpmsg / msg based.
MIP namespace macros.
A struct that includes application specific information.
std::string applicationName
Application name, (Should only contain valid ASCII character excluding ';')
std::string applicationVersion
The version of the application being used, (Should only contain valid ASCII character excluding ';')
std::string applicationId
Application identifier as set in the AAD portal, (Should be a GUID without brackets).
std::unordered_map< std::string, std::string > uniqueIds
std::vector< std::string > contentFormats