1 {
2      File:       OSServices/CSIdentity.h
3 
4      Contains:   CSIdentity APIs
5 
6      Copyright:  (c) 2006-2011 Apple Inc. All rights reserved.
7 
8      Bugs?:      For bug reports, consult the following page on
9                  the World Wide Web:
10 
11                      http://bugs.freepascal.org
12 
13 }
14 {
15     Modified for use with Free Pascal
16     Version 308
17     Please report any bugs to <gpc@microbizz.nl>
18 }
19 
20 {$ifc not defined MACOSALLINCLUDE or not MACOSALLINCLUDE}
21 {$mode macpas}
22 {$modeswitch cblocks}
23 {$packenum 1}
24 {$macro on}
25 {$inline on}
26 {$calling mwpascal}
27 
28 unit CSIdentity;
29 interface
30 {$setc UNIVERSAL_INTERFACES_VERSION := $0400}
31 {$setc GAP_INTERFACES_VERSION := $0308}
32 
33 {$ifc not defined USE_CFSTR_CONSTANT_MACROS}
34     {$setc USE_CFSTR_CONSTANT_MACROS := TRUE}
35 {$endc}
36 
37 {$ifc defined CPUPOWERPC and defined CPUI386}
38 	{$error Conflicting initial definitions for CPUPOWERPC and CPUI386}
39 {$endc}
40 {$ifc defined FPC_BIG_ENDIAN and defined FPC_LITTLE_ENDIAN}
41 	{$error Conflicting initial definitions for FPC_BIG_ENDIAN and FPC_LITTLE_ENDIAN}
42 {$endc}
43 
44 {$ifc not defined __ppc__ and defined CPUPOWERPC32}
45 	{$setc __ppc__ := 1}
46 {$elsec}
47 	{$setc __ppc__ := 0}
48 {$endc}
49 {$ifc not defined __ppc64__ and defined CPUPOWERPC64}
50 	{$setc __ppc64__ := 1}
51 {$elsec}
52 	{$setc __ppc64__ := 0}
53 {$endc}
54 {$ifc not defined __i386__ and defined CPUI386}
55 	{$setc __i386__ := 1}
56 {$elsec}
57 	{$setc __i386__ := 0}
58 {$endc}
59 {$ifc not defined __x86_64__ and defined CPUX86_64}
60 	{$setc __x86_64__ := 1}
61 {$elsec}
62 	{$setc __x86_64__ := 0}
63 {$endc}
64 {$ifc not defined __arm__ and defined CPUARM}
65 	{$setc __arm__ := 1}
66 {$elsec}
67 	{$setc __arm__ := 0}
68 {$endc}
69 {$ifc not defined __arm64__ and defined CPUAARCH64}
70   {$setc __arm64__ := 1}
71 {$elsec}
72   {$setc __arm64__ := 0}
73 {$endc}
74 
75 {$ifc defined cpu64}
76   {$setc __LP64__ := 1}
77 {$elsec}
78   {$setc __LP64__ := 0}
79 {$endc}
80 
81 
82 {$ifc defined __ppc__ and __ppc__ and defined __i386__ and __i386__}
83 	{$error Conflicting definitions for __ppc__ and __i386__}
84 {$endc}
85 
86 {$ifc defined __ppc__ and __ppc__}
87 	{$setc TARGET_CPU_PPC := TRUE}
88 	{$setc TARGET_CPU_PPC64 := FALSE}
89 	{$setc TARGET_CPU_X86 := FALSE}
90 	{$setc TARGET_CPU_X86_64 := FALSE}
91 	{$setc TARGET_CPU_ARM := FALSE}
92 	{$setc TARGET_CPU_ARM64 := FALSE}
93 	{$setc TARGET_OS_MAC := TRUE}
94 	{$setc TARGET_OS_IPHONE := FALSE}
95 	{$setc TARGET_IPHONE_SIMULATOR := FALSE}
96 	{$setc TARGET_OS_EMBEDDED := FALSE}
97 {$elifc defined __ppc64__ and __ppc64__}
98 	{$setc TARGET_CPU_PPC := FALSE}
99 	{$setc TARGET_CPU_PPC64 := TRUE}
100 	{$setc TARGET_CPU_X86 := FALSE}
101 	{$setc TARGET_CPU_X86_64 := FALSE}
102 	{$setc TARGET_CPU_ARM := FALSE}
103 	{$setc TARGET_CPU_ARM64 := FALSE}
104 	{$setc TARGET_OS_MAC := TRUE}
105 	{$setc TARGET_OS_IPHONE := FALSE}
106 	{$setc TARGET_IPHONE_SIMULATOR := FALSE}
107 	{$setc TARGET_OS_EMBEDDED := FALSE}
108 {$elifc defined __i386__ and __i386__}
109 	{$setc TARGET_CPU_PPC := FALSE}
110 	{$setc TARGET_CPU_PPC64 := FALSE}
111 	{$setc TARGET_CPU_X86 := TRUE}
112 	{$setc TARGET_CPU_X86_64 := FALSE}
113 	{$setc TARGET_CPU_ARM := FALSE}
114 	{$setc TARGET_CPU_ARM64 := FALSE}
115 {$ifc defined iphonesim}
116  	{$setc TARGET_OS_MAC := FALSE}
117 	{$setc TARGET_OS_IPHONE := TRUE}
118 	{$setc TARGET_IPHONE_SIMULATOR := TRUE}
119 {$elsec}
120 	{$setc TARGET_OS_MAC := TRUE}
121 	{$setc TARGET_OS_IPHONE := FALSE}
122 	{$setc TARGET_IPHONE_SIMULATOR := FALSE}
123 {$endc}
124 	{$setc TARGET_OS_EMBEDDED := FALSE}
125 {$elifc defined __x86_64__ and __x86_64__}
126 	{$setc TARGET_CPU_PPC := FALSE}
127 	{$setc TARGET_CPU_PPC64 := FALSE}
128 	{$setc TARGET_CPU_X86 := FALSE}
129 	{$setc TARGET_CPU_X86_64 := TRUE}
130 	{$setc TARGET_CPU_ARM := FALSE}
131 	{$setc TARGET_CPU_ARM64 := FALSE}
132 {$ifc defined iphonesim}
133  	{$setc TARGET_OS_MAC := FALSE}
134 	{$setc TARGET_OS_IPHONE := TRUE}
135 	{$setc TARGET_IPHONE_SIMULATOR := TRUE}
136 {$elsec}
137 	{$setc TARGET_OS_MAC := TRUE}
138 	{$setc TARGET_OS_IPHONE := FALSE}
139 	{$setc TARGET_IPHONE_SIMULATOR := FALSE}
140 {$endc}
141 	{$setc TARGET_OS_EMBEDDED := FALSE}
142 {$elifc defined __arm__ and __arm__}
143 	{$setc TARGET_CPU_PPC := FALSE}
144 	{$setc TARGET_CPU_PPC64 := FALSE}
145 	{$setc TARGET_CPU_X86 := FALSE}
146 	{$setc TARGET_CPU_X86_64 := FALSE}
147 	{$setc TARGET_CPU_ARM := TRUE}
148 	{$setc TARGET_CPU_ARM64 := FALSE}
149 	{$setc TARGET_OS_MAC := FALSE}
150 	{$setc TARGET_OS_IPHONE := TRUE}
151 	{$setc TARGET_IPHONE_SIMULATOR := FALSE}
152 	{$setc TARGET_OS_EMBEDDED := TRUE}
153 {$elifc defined __arm64__ and __arm64__}
154 	{$setc TARGET_CPU_PPC := FALSE}
155 	{$setc TARGET_CPU_PPC64 := FALSE}
156 	{$setc TARGET_CPU_X86 := FALSE}
157 	{$setc TARGET_CPU_X86_64 := FALSE}
158 	{$setc TARGET_CPU_ARM := FALSE}
159 	{$setc TARGET_CPU_ARM64 := TRUE}
160 {$ifc defined ios}
161 	{$setc TARGET_OS_MAC := FALSE}
162 	{$setc TARGET_OS_IPHONE := TRUE}
163 	{$setc TARGET_OS_EMBEDDED := TRUE}
164 {$elsec}
165 	{$setc TARGET_OS_MAC := TRUE}
166 	{$setc TARGET_OS_IPHONE := FALSE}
167 	{$setc TARGET_OS_EMBEDDED := FALSE}
168 {$endc}
169 	{$setc TARGET_IPHONE_SIMULATOR := FALSE}
170 {$elsec}
171 	{$error __ppc__ nor __ppc64__ nor __i386__ nor __x86_64__ nor __arm__ nor __arm64__ is defined.}
172 {$endc}
173 
174 {$ifc defined __LP64__ and __LP64__ }
175   {$setc TARGET_CPU_64 := TRUE}
176 {$elsec}
177   {$setc TARGET_CPU_64 := FALSE}
178 {$endc}
179 
180 {$ifc defined FPC_BIG_ENDIAN}
181 	{$setc TARGET_RT_BIG_ENDIAN := TRUE}
182 	{$setc TARGET_RT_LITTLE_ENDIAN := FALSE}
183 {$elifc defined FPC_LITTLE_ENDIAN}
184 	{$setc TARGET_RT_BIG_ENDIAN := FALSE}
185 	{$setc TARGET_RT_LITTLE_ENDIAN := TRUE}
186 {$elsec}
187 	{$error Neither FPC_BIG_ENDIAN nor FPC_LITTLE_ENDIAN are defined.}
188 {$endc}
189 {$setc ACCESSOR_CALLS_ARE_FUNCTIONS := TRUE}
190 {$setc CALL_NOT_IN_CARBON := FALSE}
191 {$setc OLDROUTINENAMES := FALSE}
192 {$setc OPAQUE_TOOLBOX_STRUCTS := TRUE}
193 {$setc OPAQUE_UPP_TYPES := TRUE}
194 {$setc OTCARBONAPPLICATION := TRUE}
195 {$setc OTKERNEL := FALSE}
196 {$setc PM_USE_SESSION_APIS := TRUE}
197 {$setc TARGET_API_MAC_CARBON := TRUE}
198 {$setc TARGET_API_MAC_OS8 := FALSE}
199 {$setc TARGET_API_MAC_OSX := TRUE}
200 {$setc TARGET_CARBON := TRUE}
201 {$setc TARGET_CPU_68K := FALSE}
202 {$setc TARGET_CPU_MIPS := FALSE}
203 {$setc TARGET_CPU_SPARC := FALSE}
204 {$setc TARGET_OS_UNIX := FALSE}
205 {$setc TARGET_OS_WIN32 := FALSE}
206 {$setc TARGET_RT_MAC_68881 := FALSE}
207 {$setc TARGET_RT_MAC_CFM := FALSE}
208 {$setc TARGET_RT_MAC_MACHO := TRUE}
209 {$setc TYPED_FUNCTION_POINTERS := TRUE}
210 {$setc TYPE_BOOL := FALSE}
211 {$setc TYPE_EXTENDED := FALSE}
212 {$setc TYPE_LONGLONG := TRUE}
213 uses MacTypes,MacOSXPosix,CSIdentityAuthority,SecBase,CSIdentityBase,Authorization,CFBase,CFArray,CFData,CFError,CFRunLoop,CFUUID;
214 {$endc} {not MACOSALLINCLUDE}
215 
216 
217 
218 {$ALIGN MAC68K}
219 
220 
221 {
222     CSIdentity
223 
224     A CSIdentity object represents a user or group entity known to the system. An
225     identity object has the following required attributes: a class (user
226     or group), a unique identitfier (UUID), a full name, a Posix ID
227     (UID or GID), and a Posix name (a.k.a. "short" name). There are also a number
228     of optional attributes such as email address, image data, etc.
229 
230     Group identities have a membership which may include both users as well as
231     other groups. An identity can be tested for membership in a specific group.
232 
233     A CSIdentity object is a private copy of the identity information. It can be
234     modified in memory, but requires authorization to commit changes back to
235     the identity authority database. On Mac OS X version 10.5, only local identities
236     can be created, modified or deleted, and only by users with Administrator
237     credentials.
238 
239     Changes may be committed synchronously or asynchronously. All data validation
240     occurs at commit time.
241 
242     Two identities are CFEqual if they have the same class and UUID.
243 }
244 
245 
246 {
247  *  CSIdentityRef
248  *
249  *  Discussion:
250  *    A reference to an identity object. Can be either a user or group.
251  }
252 type
253 	CSIdentityRef = ^__CSIdentity; { an opaque type }
254 	__CSIdentity = record end;
255 
256 {
257  *  CSIdentityQueryRef
258  *
259  *  Discussion:
260  *    A reference to an identity query object, used to lookup
261  *    identities in an identity authority's database.
262  }
263 type
264 	CSIdentityQueryRef = ^__CSIdentityQuery; { an opaque type }
265 	__CSIdentityQuery = record end;
266 
267 {$ifc not TARGET_OS_IPHONE and not TARGET_IPHONE_SIMULATOR}
268 {
269     kCSIdentityGeneratePosixName
270     Passing this constant as the Posix name when creating an indentity
271     will generate a unique Posix name, based on the full name. The Posix
272     name is generated at commit time.
273 }
274 {
275  *  kCSIdentityGeneratePosixName
276  *
277  *  Availability:
278  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
279  *    CarbonLib:        not available
280  *    Non-Carbon CFM:   not available
281  }
282 var kCSIdentityGeneratePosixName: CFStringRef; external name '_kCSIdentityGeneratePosixName'; (* attribute const *)
283 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
284 {$endc} {!TARGET_OS_IPHONE && !TARGET_IPHONE_SIMULATOR}
285 
286 {
287  *  CSIdentityClass
288  *
289  *  Discussion:
290  *    Enum specifying an identity class
291  }
292 const
293 {
294    * The class value for user identities
295    }
296 	kCSIdentityClassUser = 1;
297 
298   {
299    * The class value for group identities
300    }
301 	kCSIdentityClassGroup = 2;
302 
303 type
304 	CSIdentityClass = CFIndex;
305 
306 {
307  *  CSIdentityFlags
308  *
309  *  Discussion:
310  *    Flags used when creating new identities
311  }
312 const
313 {
314    * Use this flag to set no optional attributes for a new identity
315    }
316 	kCSIdentityFlagNone = 0;
317 
318   {
319    * This flag causes the identity to be "hidden," that is, excluded
320    * from most user-visible identity lists. Hidden identities include
321    * administrative users and groups such as root, www, and mysql.
322    * System service access control groups should be created with the
323    * hidden flag.
324    }
325 	kCSIdentityFlagHidden = 1;
326 
327 type
328 	CSIdentityFlags = CFOptionFlags;
329 {
330  *  CSIdentityGetTypeID()
331  *
332  *  Summary:
333  *    Returns the CSIdentity type identifier
334  *
335  *  Mac OS X threading:
336  *    Thread safe since version 10.5
337  *
338  *  Result:
339  *    The CFTypeID of the CSIdentity Core Foundation type
340  *
341  *  Availability:
342  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
343  *    CarbonLib:        not available
344  *    Non-Carbon CFM:   not available
345  }
CSIdentityGetTypeIDnull346 function CSIdentityGetTypeID: CFTypeID; external name '_CSIdentityGetTypeID';
347 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_5_0) *)
348 
349 
350 {
351  *
352  *  Creating Identities
353  *
354  }
355 {$ifc not TARGET_OS_IPHONE and not TARGET_IPHONE_SIMULATOR}
356 {
357  *  CSIdentityCreate()
358  *
359  *  Summary:
360  *    Creates a new identity
361  *
362  *  Discussion:
363  *    The new identity is allocated but is not committed to the
364  *    identity authority's database. It will become persistent and
365  *    available to other clients after being committed using
366  *    CSIdentityCommit or CSIdentityCommitAsynchronously.
367  *
368  *  Mac OS X threading:
369  *    Thread safe since version 10.5
370  *
371  *  Parameters:
372  *
373  *    allocator:
374  *      The allocator to use when creating the object. NULL is
375  *      equivalent to specifying kCFAllocatorDefault.
376  *
377  *    identityClass:
378  *      The type of identity to be created. Specifying
379  *      kCSIdentityClassUser creates a user, while
380  *      kCSIdentityClassGroup creates a group.
381  *
382  *    fullName:
383  *      The primary name of the new identity.
384  *
385  *    posixName:
386  *      The POSIX name of the new identity. Specify
387  *      kCSIdentityGeneratePosixName to have a name generated
388  *      autmatically from the full name.
389  *
390  *    flags:
391  *      A CSIdentityFlags mask defining attributes of the new identity
392  *
393  *    authority:
394  *      The identity authority to host the identity. Caller must have
395  *      write access to the identity authority or commit will fail.
396  *      Currently, only local identities may be created, so callers
397  *      must specify the local identity authority for this argument.
398  *
399  *  Result:
400  *    The CSIdentityRef of the newly created identity object. Returns
401  *    NULL only if allocation fails.
402  *
403  *  Availability:
404  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
405  *    CarbonLib:        not available
406  *    Non-Carbon CFM:   not available
407  }
CSIdentityCreatenull408 function CSIdentityCreate( allocator: CFAllocatorRef; identityClass: CSIdentityClass; fullName: CFStringRef; posixName: CFStringRef; flags: CSIdentityFlags; authority: CSIdentityAuthorityRef ): CSIdentityRef; external name '_CSIdentityCreate';
409 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
410 {$endc} {!TARGET_OS_IPHONE && !TARGET_IPHONE_SIMULATOR}
411 
412 {$ifc not TARGET_OS_IPHONE and not TARGET_IPHONE_SIMULATOR}
413 {
414  *  CSIdentityCreateCopy()
415  *
416  *  Summary:
417  *    Creates a copy of an identity
418  *
419  *  Mac OS X threading:
420  *    Thread safe since version 10.5
421  *
422  *  Parameters:
423  *
424  *    allocator:
425  *      The allocator to use for the new identity. NULL is equivalent
426  *      to specifying kCFAllocatorDefault.
427  *
428  *    identity:
429  *      The identity to copy
430  *
431  *  Result:
432  *    The CSIdentityRef of the newly created identity object
433  *
434  *  Availability:
435  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
436  *    CarbonLib:        not available
437  *    Non-Carbon CFM:   not available
438  }
CSIdentityCreateCopynull439 function CSIdentityCreateCopy( allocator: CFAllocatorRef; identity: CSIdentityRef ): CSIdentityRef; external name '_CSIdentityCreateCopy';
440 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_5_0) *)
441 {$endc} {!TARGET_OS_IPHONE && !TARGET_IPHONE_SIMULATOR}
442 
443 {
444  *
445  *  Getting Identity Attributes
446  *
447  }
448 {
449  *  CSIdentityGetClass()
450  *
451  *  Summary:
452  *    Returns an identity's class
453  *
454  *  Mac OS X threading:
455  *    Thread safe since version 10.5
456  *
457  *  Parameters:
458  *
459  *    identity:
460  *      The identity object to access
461  *
462  *  Result:
463  *    The CSIdentityClass of an identity
464  *
465  *  Availability:
466  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
467  *    CarbonLib:        not available
468  *    Non-Carbon CFM:   not available
469  }
CSIdentityGetClassnull470 function CSIdentityGetClass( identity: CSIdentityRef ): CSIdentityClass; external name '_CSIdentityGetClass';
471 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_5_0) *)
472 
473 
474 {
475  *  CSIdentityGetAuthority()
476  *
477  *  Summary:
478  *    Returns the identity authority of an identity
479  *
480  *  Mac OS X threading:
481  *    Thread safe since version 10.5
482  *
483  *  Parameters:
484  *
485  *    identity:
486  *      The identity object to access
487  *
488  *  Result:
489  *    A CSIdentityAuthorityRef object
490  *
491  *  Availability:
492  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
493  *    CarbonLib:        not available
494  *    Non-Carbon CFM:   not available
495  }
CSIdentityGetAuthoritynull496 function CSIdentityGetAuthority( identity: CSIdentityRef ): CSIdentityAuthorityRef; external name '_CSIdentityGetAuthority';
497 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_5_0) *)
498 
499 
500 {$ifc not TARGET_OS_IPHONE and not TARGET_IPHONE_SIMULATOR}
501 {
502  *  CSIdentityGetUUID()
503  *
504  *  Summary:
505  *    Returns an identity's UUID.
506  *
507  *  Mac OS X threading:
508  *    Thread safe since version 10.5
509  *
510  *  Parameters:
511  *
512  *    identity:
513  *      The identity object to access
514  *
515  *  Result:
516  *    A CFUUID object containing identity's UUID. Will never return
517  *    NULL.
518  *
519  *  Availability:
520  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
521  *    CarbonLib:        not available
522  *    Non-Carbon CFM:   not available
523  }
CSIdentityGetUUIDnull524 function CSIdentityGetUUID( identity: CSIdentityRef ): CFUUIDRef; external name '_CSIdentityGetUUID';
525 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
526 {$endc} {!TARGET_OS_IPHONE && !TARGET_IPHONE_SIMULATOR}
527 
528 {
529  *  CSIdentityGetFullName()
530  *
531  *  Summary:
532  *    Retrieve the full name of an identity
533  *
534  *  Discussion:
535  *    The full name is the name that is displayed in the user interface.
536  *
537  *  Mac OS X threading:
538  *    Thread safe since version 10.5
539  *
540  *  Parameters:
541  *
542  *    identity:
543  *      The identity object to access
544  *
545  *  Result:
546  *    Returns an identity's full name as a CFStringRef. This attribute
547  *    is always non-NULL. The identity object may release its reference
548  *    to the return value when the identity is modified.
549  *
550  *  Availability:
551  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
552  *    CarbonLib:        not available
553  *    Non-Carbon CFM:   not available
554  }
CSIdentityGetFullNamenull555 function CSIdentityGetFullName( identity: CSIdentityRef ): CFStringRef; external name '_CSIdentityGetFullName';
556 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_5_0) *)
557 
558 {$ifc not TARGET_OS_IPHONE and not TARGET_IPHONE_SIMULATOR}
559 {
560  *  CSIdentityGetPosixID()
561  *
562  *  Summary:
563  *    Retrieve POSIX ID of an identity.
564  *
565  *  Mac OS X threading:
566  *    Thread safe since version 10.5
567  *
568  *  Parameters:
569  *
570  *    identity:
571  *      The identity to access
572  *
573  *  Result:
574  *    Returns an identity's POSIX identifier (a UID or GID).
575  *
576  *  Availability:
577  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
578  *    CarbonLib:        not available
579  *    Non-Carbon CFM:   not available
580  }
CSIdentityGetPosixIDnull581 function CSIdentityGetPosixID( identity: CSIdentityRef ): id_t; external name '_CSIdentityGetPosixID';
582 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
583 {$endc} {!TARGET_OS_IPHONE && !TARGET_IPHONE_SIMULATOR}
584 
585 {
586  *  CSIdentityGetPosixName()
587  *
588  *  Summary:
589  *    Retrieve the POSIX name (short name) of an identity.
590  *
591  *  Discussion:
592  *    The POSIX name cannot be changed after an identity has been
593  *    created.
594  *
595  *  Mac OS X threading:
596  *    Thread safe since version 10.5
597  *
598  *  Parameters:
599  *
600  *    identity:
601  *      The identity object to access.
602  *
603  *  Result:
604  *    Returns an identity's POSIX name. This attribute is always
605  *    non-NULL. The identity object may release its reference to the
606  *    return value when the identity is modified.
607  *
608  *  Availability:
609  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
610  *    CarbonLib:        not available
611  *    Non-Carbon CFM:   not available
612  }
CSIdentityGetPosixNamenull613 function CSIdentityGetPosixName( identity: CSIdentityRef ): CFStringRef; external name '_CSIdentityGetPosixName';
614 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_5_0) *)
615 
616 
617 {$ifc not TARGET_OS_IPHONE and not TARGET_IPHONE_SIMULATOR}
618 {
619  *  CSIdentityGetEmailAddress()
620  *
621  *  Summary:
622  *    Retrieve the email address of a user identity
623  *
624  *  Mac OS X threading:
625  *    Thread safe since version 10.5
626  *
627  *  Parameters:
628  *
629  *    identity:
630  *      The identity to access
631  *
632  *  Result:
633  *    Returns the email address of the identity or NULL if there is no
634  *    email address. The identity object may release its reference to
635  *    the return value when the identity is modified.
636  *
637  *  Availability:
638  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
639  *    CarbonLib:        not available
640  *    Non-Carbon CFM:   not available
641  }
CSIdentityGetEmailAddressnull642 function CSIdentityGetEmailAddress( identity: CSIdentityRef ): CFStringRef; external name '_CSIdentityGetEmailAddress';
643 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
644 
645 
646 {
647  *  CSIdentityGetImageURL()
648  *
649  *  Summary:
650  *    Retrieve the URL to an identity's image file
651  *
652  *  Mac OS X threading:
653  *    Thread safe since version 10.5
654  *
655  *  Parameters:
656  *
657  *    identity:
658  *      The identity to access
659  *
660  *  Result:
661  *    Returns a CFURLRef that contains the location of the user's image
662  *    file, or NULL if there is no image URL. The identity object may
663  *    release its reference to the return value when the identity is
664  *    modified.
665  *
666  *  Availability:
667  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
668  *    CarbonLib:        not available
669  *    Non-Carbon CFM:   not available
670  }
CSIdentityGetImageURLnull671 function CSIdentityGetImageURL( identity: CSIdentityRef ): CFURLRef; external name '_CSIdentityGetImageURL';
672 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
673 
674 
675 {
676  *  CSIdentityGetImageData()
677  *
678  *  Summary:
679  *    Retrieve the image associated with a user identity
680  *
681  *  Mac OS X threading:
682  *    Thread safe since version 10.5
683  *
684  *  Parameters:
685  *
686  *    identity:
687  *      The identity to access
688  *
689  *  Result:
690  *    Returns the identity's image data as a CFDataRef or NULL if there
691  *    is no image data. The identity object may release its reference
692  *    to the return value when the identity is modified.
693  *
694  *  Availability:
695  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
696  *    CarbonLib:        not available
697  *    Non-Carbon CFM:   not available
698  }
CSIdentityGetImageDatanull699 function CSIdentityGetImageData( identity: CSIdentityRef ): CFDataRef; external name '_CSIdentityGetImageData';
700 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
701 
702 
703 {
704  *  CSIdentityGetImageDataType()
705  *
706  *  Summary:
707  *    Retrieve the uniform type identifier (UTI) of an identity's image
708  *
709  *  Mac OS X threading:
710  *    Thread safe since version 10.5
711  *
712  *  Parameters:
713  *
714  *    identity:
715  *      The identity to access
716  *
717  *  Result:
718  *    Returns a UTI as a CFStringRef for this identity's image data or
719  *    NULL if there is no image data. The identity object may release
720  *    its reference to the return value when the identity is modified.
721  *
722  *  Availability:
723  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
724  *    CarbonLib:        not available
725  *    Non-Carbon CFM:   not available
726  }
CSIdentityGetImageDataTypenull727 function CSIdentityGetImageDataType( identity: CSIdentityRef ): CFStringRef; external name '_CSIdentityGetImageDataType';
728 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
729 
730 
731 {
732  *  CSIdentityGetAliases()
733  *
734  *  Summary:
735  *    Retrieve the aliases of an identity.
736  *
737  *  Discussion:
738  *    Aliases are alternate names for identities. As with all identity
739  *    names, aliases must be unique within the entire namespace of of
740  *    the identity authority.
741  *
742  *  Mac OS X threading:
743  *    Thread safe since version 10.5
744  *
745  *  Parameters:
746  *
747  *    identity:
748  *      The identity to access
749  *
750  *  Result:
751  *    Returns an array containing the identity's name aliases as
752  *    CFStringRefs. The array may be empty. The identity object may
753  *    release its reference to the return value when the identity is
754  *    modified.
755  *
756  *  Availability:
757  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
758  *    CarbonLib:        not available
759  *    Non-Carbon CFM:   not available
760  }
CSIdentityGetAliasesnull761 function CSIdentityGetAliases( identity: CSIdentityRef ): CFArrayRef; external name '_CSIdentityGetAliases';
762 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
763 
764 
765 {
766  *  CSIdentityIsMemberOfGroup()
767  *
768  *  Summary:
769  *    Check if an identity is a memeber of a group
770  *
771  *  Mac OS X threading:
772  *    Thread safe since version 10.5
773  *
774  *  Parameters:
775  *
776  *    identity:
777  *      The identity whose membership is in question
778  *
779  *    group:
780  *      The group identity whose membership is to be checked
781  *
782  *  Result:
783  *    Returns true if the identity is a member (directly or indirectly)
784  *    of the specified group
785  *
786  *  Availability:
787  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
788  *    CarbonLib:        not available
789  *    Non-Carbon CFM:   not available
790  }
CSIdentityIsMemberOfGroupnull791 function CSIdentityIsMemberOfGroup( identity: CSIdentityRef; group: CSIdentityRef ): Boolean; external name '_CSIdentityIsMemberOfGroup';
792 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
793 
794 
795 {
796  *  CSIdentityIsHidden()
797  *
798  *  Summary:
799  *    Determine if a identity's hidden attribute is enabled
800  *
801  *  Mac OS X threading:
802  *    Thread safe since version 10.5
803  *
804  *  Parameters:
805  *
806  *    identity:
807  *      The identity object to access
808  *
809  *  Result:
810  *    Returns true if the identity was created with the hidden attribute
811  *
812  *  Availability:
813  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
814  *    CarbonLib:        not available
815  *    Non-Carbon CFM:   not available
816  }
CSIdentityIsHiddennull817 function CSIdentityIsHidden( identity: CSIdentityRef ): Boolean; external name '_CSIdentityIsHidden';
818 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
819 {$endc} {!TARGET_OS_IPHONE && !TARGET_IPHONE_SIMULATOR}
820 
821 {
822  *  CSIdentityCreatePersistentReference()
823  *
824  *  Summary:
825  *    Create an opaque, persistent data reference to an identity
826  *
827  *  Discussion:
828  *    A persistent identity reference is an opaque data object from
829  *    which an identity object may queried the future (see
830  *    CSIdentityQueryCreateForPersistentReference). A persistent
831  *    reference is suitable for storage in an external data store, for
832  *    example, as an entry in an application-specific access control
833  *    list associated with a shared resource. Use of a persistent
834  *    identity reference is preferred over a pure UUID-based identity
835  *    reference because the peristent reference contains additional
836  *    information needed to optimize the identity query and to improve
837  *    the user experience when working in a distributed identity
838  *    environment (LDAP, Active Directory, etc.).
839  *
840  *  Mac OS X threading:
841  *    Thread safe since version 10.5
842  *
843  *  Parameters:
844  *
845  *    allocator:
846  *      The allocator for the data
847  *
848  *    identity:
849  *      The identity to reference
850  *
851  *  Result:
852  *    Returns a new persistent reference for the identity
853  *
854  *  Availability:
855  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
856  *    CarbonLib:        not available
857  *    Non-Carbon CFM:   not available
858  }
CSIdentityCreatePersistentReferencenull859 function CSIdentityCreatePersistentReference( allocator: CFAllocatorRef; identity: CSIdentityRef ): CFDataRef; external name '_CSIdentityCreatePersistentReference';
860 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_5_0) *)
861 
862 
863 {
864  *
865  *  Methods which apply only to users
866  *
867  }
868 
869 {$ifc not TARGET_OS_IPHONE and not TARGET_IPHONE_SIMULATOR}
870 {
871  *  CSIdentityIsEnabled()
872  *
873  *  Summary:
874  *    Determine if a user is enabled
875  *
876  *  Discussion:
877  *    A user that is not enabled cannot authenticate. This setting may
878  *    be used to temporarily allow a user's access to all services and
879  *    resources.
880  *
881  *  Mac OS X threading:
882  *    Thread safe since version 10.5
883  *
884  *  Parameters:
885  *
886  *    user:
887  *      The user identity to access
888  *
889  *  Result:
890  *    Returns true if the user is enabled. A user that is not enabled
891  *    cannot authenticate.
892  *
893  *  Availability:
894  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
895  *    CarbonLib:        not available
896  *    Non-Carbon CFM:   not available
897  }
CSIdentityIsEnablednull898 function CSIdentityIsEnabled( user: CSIdentityRef ): Boolean; external name '_CSIdentityIsEnabled';
899 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
900 
901 
902 {
903  *  CSIdentityAuthenticateUsingPassword()
904  *
905  *  Summary:
906  *    Attempt to autenticate a password for a user identity
907  *
908  *  Mac OS X threading:
909  *    Thread safe since version 10.5
910  *
911  *  Parameters:
912  *
913  *    user:
914  *      The user identity to access
915  *
916  *    password:
917  *      The password to authenticate
918  *
919  *  Result:
920  *    Returns true if the passord is correct for the specified user
921  *
922  *  Availability:
923  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
924  *    CarbonLib:        not available
925  *    Non-Carbon CFM:   not available
926  }
CSIdentityAuthenticateUsingPasswordnull927 function CSIdentityAuthenticateUsingPassword( user: CSIdentityRef; password: CFStringRef ): Boolean; external name '_CSIdentityAuthenticateUsingPassword';
928 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
929 
930 
931 {
932  *  CSIdentityGetCertificate()
933  *
934  *  Summary:
935  *    Get a user's authentication certificate
936  *
937  *  Discussion:
938  *    The authentication certificate can be used in PKI-based protocols
939  *    to authenticate users.
940  *
941  *  Mac OS X threading:
942  *    Thread safe since version 10.5
943  *
944  *  Parameters:
945  *
946  *    user:
947  *      The user identity to access
948  *
949  *  Result:
950  *    The identity's certificate, or NULL if there is no certificate.
951  *    The identity object may release its reference to the return value
952  *    when the identity is modified.
953  *
954  *  Availability:
955  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
956  *    CarbonLib:        not available
957  *    Non-Carbon CFM:   not available
958  }
CSIdentityGetCertificatenull959 function CSIdentityGetCertificate( user: CSIdentityRef ): SecCertificateRef; external name '_CSIdentityGetCertificate';
960 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
961 
962 
963 {
964  *
965  *  Methods which apply only to groups
966  *
967  }
968 
969 {
970  *  CSIdentityCreateGroupMembershipQuery()
971  *
972  *  Summary:
973  *    Creates a query to find a group's members
974  *
975  *  Discussion:
976  *    Using a query to lookup group membership allows the caller to
977  *    execute the query synchronously or asynchronously.
978  *
979  *  Mac OS X threading:
980  *    Thread safe since version 10.5
981  *
982  *  Parameters:
983  *
984  *    allocator:
985  *      The allocator to use for the query
986  *
987  *    group:
988  *      The group identity whose members are to be queried
989  *
990  *  Result:
991  *    The CSIdentityQueryRef of the newly created object. The query is
992  *    ready to be executed.
993  *
994  *  Availability:
995  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
996  *    CarbonLib:        not available
997  *    Non-Carbon CFM:   not available
998  }
CSIdentityCreateGroupMembershipQuerynull999 function CSIdentityCreateGroupMembershipQuery( allocator: CFAllocatorRef; group: CSIdentityRef ): CSIdentityQueryRef; external name '_CSIdentityCreateGroupMembershipQuery';
1000 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
1001 
1002 
1003 {
1004  *
1005  *  Methods that modify identities
1006  *
1007  }
1008 
1009 {
1010  *  CSIdentitySetFullName()
1011  *
1012  *  Summary:
1013  *    Sets an identity's full name.
1014  *
1015  *  Discussion:
1016  *    This change must be committed.
1017  *
1018  *  Mac OS X threading:
1019  *    Thread safe since version 10.5
1020  *
1021  *  Parameters:
1022  *
1023  *    identity:
1024  *      The identity object to access
1025  *
1026  *    fullName:
1027  *      The new full name of the identity
1028  *
1029  *  Availability:
1030  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
1031  *    CarbonLib:        not available
1032  *    Non-Carbon CFM:   not available
1033  }
1034 procedure CSIdentitySetFullName( identity: CSIdentityRef; fullName: CFStringRef ); external name '_CSIdentitySetFullName';
1035 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
1036 
1037 
1038 {
1039  *  CSIdentitySetEmailAddress()
1040  *
1041  *  Summary:
1042  *    Set an identity's email address
1043  *
1044  *  Discussion:
1045  *    This change must be committed.
1046  *
1047  *  Mac OS X threading:
1048  *    Thread safe since version 10.5
1049  *
1050  *  Parameters:
1051  *
1052  *    identity:
1053  *      The user identity to access
1054  *
1055  *    emailAddress:
1056  *      The user's new email address value. Pass NULL to remove an
1057  *      email address.
1058  *
1059  *  Availability:
1060  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
1061  *    CarbonLib:        not available
1062  *    Non-Carbon CFM:   not available
1063  }
1064 procedure CSIdentitySetEmailAddress( identity: CSIdentityRef; emailAddress: CFStringRef { can be NULL } ); external name '_CSIdentitySetEmailAddress';
1065 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
1066 
1067 
1068 {
1069  *  CSIdentitySetImageURL()
1070  *
1071  *  Summary:
1072  *    Set the URL of an identity's external image storage
1073  *
1074  *  Discussion:
1075  *    This change must be committed.
1076  *
1077  *  Mac OS X threading:
1078  *    Thread safe since version 10.5
1079  *
1080  *  Parameters:
1081  *
1082  *    identity:
1083  *      The identity to access
1084  *
1085  *    url:
1086  *      The URL file of the image. For local identities, this must be a
1087  *      file URL. Pass NULL to remove the image URL from the identity.
1088  *
1089  *  Availability:
1090  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
1091  *    CarbonLib:        not available
1092  *    Non-Carbon CFM:   not available
1093  }
1094 procedure CSIdentitySetImageURL( identity: CSIdentityRef; url: CFURLRef { can be NULL } ); external name '_CSIdentitySetImageURL';
1095 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
1096 
1097 
1098 {
1099  *  CSIdentitySetImageData()
1100  *
1101  *  Summary:
1102  *    Set the internally-stored image data and data type for an identity
1103  *
1104  *  Discussion:
1105  *    This change must be committed.
1106  *
1107  *  Mac OS X threading:
1108  *    Thread safe since version 10.5
1109  *
1110  *  Parameters:
1111  *
1112  *    identity:
1113  *      The identity to access
1114  *
1115  *    imageData:
1116  *      The image data. Pass NULL to remove image data.
1117  *
1118  *    imageDataType:
1119  *      The uniform type identitier (UTI) of the image data. Currently,
1120  *      kUTTypeJPEG ("public.jpeg") is the only type supported.
1121  *
1122  *  Availability:
1123  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
1124  *    CarbonLib:        not available
1125  *    Non-Carbon CFM:   not available
1126  }
1127 procedure CSIdentitySetImageData( identity: CSIdentityRef; imageData: CFDataRef { can be NULL }; imageDataType: CFStringRef { can be NULL } ); external name '_CSIdentitySetImageData';
1128 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
1129 
1130 
1131 {
1132  *  CSIdentityAddAlias()
1133  *
1134  *  Summary:
1135  *    Add a name alias to an identity
1136  *
1137  *  Discussion:
1138  *    This change must be committed.
1139  *
1140  *  Mac OS X threading:
1141  *    Thread safe since version 10.5
1142  *
1143  *  Parameters:
1144  *
1145  *    identity:
1146  *      The identity to access
1147  *
1148  *    alias:
1149  *      The alias to add
1150  *
1151  *  Availability:
1152  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
1153  *    CarbonLib:        not available
1154  *    Non-Carbon CFM:   not available
1155  }
1156 procedure CSIdentityAddAlias( identity: CSIdentityRef; alias: CFStringRef ); external name '_CSIdentityAddAlias';
1157 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
1158 
1159 
1160 {
1161  *  CSIdentityRemoveAlias()
1162  *
1163  *  Summary:
1164  *    Remove an alias name from an identity
1165  *
1166  *  Discussion:
1167  *    This change must be committed.
1168  *
1169  *  Mac OS X threading:
1170  *    Thread safe since version 10.5
1171  *
1172  *  Parameters:
1173  *
1174  *    identity:
1175  *      The identity to access
1176  *
1177  *    alias:
1178  *      The alias name to remove
1179  *
1180  *  Availability:
1181  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
1182  *    CarbonLib:        not available
1183  *    Non-Carbon CFM:   not available
1184  }
1185 procedure CSIdentityRemoveAlias( identity: CSIdentityRef; alias: CFStringRef ); external name '_CSIdentityRemoveAlias';
1186 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
1187 
1188 
1189 {
1190  *
1191  *  Methods that modify group membership
1192  *
1193  }
1194 
1195 {
1196  *  CSIdentityAddMember()
1197  *
1198  *  Summary:
1199  *    Add an identity to a group
1200  *
1201  *  Discussion:
1202  *    This change to the group must be committed.
1203  *
1204  *  Mac OS X threading:
1205  *    Thread safe since version 10.5
1206  *
1207  *  Parameters:
1208  *
1209  *    group:
1210  *      The group identity to access
1211  *
1212  *    member:
1213  *      The identity to add to the group. Can be a user or group
1214  *      identity.
1215  *
1216  *  Availability:
1217  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
1218  *    CarbonLib:        not available
1219  *    Non-Carbon CFM:   not available
1220  }
1221 procedure CSIdentityAddMember( group: CSIdentityRef; member: CSIdentityRef ); external name '_CSIdentityAddMember';
1222 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
1223 
1224 
1225 {
1226  *  CSIdentityRemoveMember()
1227  *
1228  *  Summary:
1229  *    Remove a member from a group
1230  *
1231  *  Discussion:
1232  *    This change to the group must be committed.
1233  *
1234  *  Mac OS X threading:
1235  *    Thread safe since version 10.5
1236  *
1237  *  Parameters:
1238  *
1239  *    group:
1240  *      The group identity to access
1241  *
1242  *    member:
1243  *      The member identity to remove
1244  *
1245  *  Availability:
1246  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
1247  *    CarbonLib:        not available
1248  *    Non-Carbon CFM:   not available
1249  }
1250 procedure CSIdentityRemoveMember( group: CSIdentityRef; member: CSIdentityRef ); external name '_CSIdentityRemoveMember';
1251 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
1252 
1253 
1254 {
1255 
1256 
1257     Methods that modfify user credentials
1258 
1259 
1260 }
1261 
1262 {
1263  *  CSIdentitySetIsEnabled()
1264  *
1265  *  Summary:
1266  *    Enable or disable a user
1267  *
1268  *  Discussion:
1269  *    A disabled user account cannot authenticate. Credentials
1270  *    (password and certificate) are not affected. This change must be
1271  *    committed.
1272  *
1273  *  Mac OS X threading:
1274  *    Thread safe since version 10.5
1275  *
1276  *  Parameters:
1277  *
1278  *    user:
1279  *      The identity object to access
1280  *
1281  *    isEnabled:
1282  *      The new value of the isEnabled attribute
1283  *
1284  *  Availability:
1285  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
1286  *    CarbonLib:        not available
1287  *    Non-Carbon CFM:   not available
1288  }
1289 procedure CSIdentitySetIsEnabled( user: CSIdentityRef; isEnabled: Boolean ); external name '_CSIdentitySetIsEnabled';
1290 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
1291 
1292 
1293 {
1294  *  CSIdentitySetPassword()
1295  *
1296  *  Summary:
1297  *    Set a user password
1298  *
1299  *  Discussion:
1300  *    Setting the password to NULL removes the current password and
1301  *    disables password authentication for the user. Setting the
1302  *    password to a zero-length string allows authentication with a
1303  *    blank password. This change must be committed.
1304  *
1305  *  Mac OS X threading:
1306  *    Thread safe since version 10.5
1307  *
1308  *  Parameters:
1309  *
1310  *    user:
1311  *      The user identity to access
1312  *
1313  *    password:
1314  *      The new password, or NULL to remove the current password and
1315  *      disable password-based authentication
1316  *
1317  *  Availability:
1318  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
1319  *    CarbonLib:        not available
1320  *    Non-Carbon CFM:   not available
1321  }
1322 procedure CSIdentitySetPassword( user: CSIdentityRef; password: CFStringRef { can be NULL } ); external name '_CSIdentitySetPassword';
1323 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
1324 
1325 
1326 {
1327  *  CSIdentitySetCertificate()
1328  *
1329  *  Summary:
1330  *    Set a user's authentication certificate
1331  *
1332  *  Discussion:
1333  *    The subject name in the certificate will function as an alias for
1334  *    the identity. As with all identity names, the subject name must
1335  *    be unique within the entire name space of the identity authority.
1336  *    This change must be submitted.
1337  *
1338  *  Mac OS X threading:
1339  *    Thread safe since version 10.5
1340  *
1341  *  Parameters:
1342  *
1343  *    user:
1344  *      The user identity to access
1345  *
1346  *    certificate:
1347  *      The user's certificate, or NULL to remove the current
1348  *      certificate
1349  *
1350  *  Availability:
1351  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
1352  *    CarbonLib:        not available
1353  *    Non-Carbon CFM:   not available
1354  }
1355 procedure CSIdentitySetCertificate( user: CSIdentityRef; certificate: SecCertificateRef { can be NULL } ); external name '_CSIdentitySetCertificate';
1356 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
1357 
1358 
1359 {
1360  *
1361  *  Permanent Deletion
1362  *
1363  }
1364 {
1365  *  CSIdentityDelete()
1366  *
1367  *  Summary:
1368  *    Permanently delete an identity from the identity database
1369  *
1370  *  Discussion:
1371  *    Sets an identity to deleted state. This change must be committed.
1372  *
1373  *  Mac OS X threading:
1374  *    Thread safe since version 10.5
1375  *
1376  *  Parameters:
1377  *
1378  *    identity:
1379  *      The identity to delete
1380  *
1381  *  Availability:
1382  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
1383  *    CarbonLib:        not available
1384  *    Non-Carbon CFM:   not available
1385  }
1386 procedure CSIdentityDelete( identity: CSIdentityRef ); external name '_CSIdentityDelete';
1387 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
1388 {$endc} {!TARGET_OS_IPHONE && !TARGET_IPHONE_SIMULATOR}
1389 
1390 {
1391  *
1392  *
1393  *  Committing changes
1394  *
1395  }
1396 
1397 {$ifc not TARGET_OS_IPHONE and not TARGET_IPHONE_SIMULATOR}
1398 {
1399  *  CSIdentityCommit()
1400  *
1401  *  Summary:
1402  *    Synchronously commit all pending changes to the identity
1403  *    authority database
1404  *
1405  *  Mac OS X threading:
1406  *    Thread safe since version 10.5
1407  *
1408  *  Parameters:
1409  *
1410  *    identity:
1411  *      The identity to commit
1412  *
1413  *    authorization:
1414  *      The authorization object holding credentials necessary to allow
1415  *      modification to the identity database. As a convenience,
1416  *      callers may pass NULL for the authorization, and the
1417  *      implmentation will attempt to acquire the necessary credentials
1418  *      from Authorization Services.
1419  *
1420  *    error:
1421  *      Optional pointer to a CFErrorRef which will be set if this
1422  *      function returns false. When this occurs, the caller is
1423  *      responsible for releasing the error.
1424  *
1425  *  Result:
1426  *    Returns true if successful, false if an error occurred
1427  *
1428  *  Availability:
1429  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
1430  *    CarbonLib:        not available
1431  *    Non-Carbon CFM:   not available
1432  }
CSIdentityCommitnull1433 function CSIdentityCommit( identity: CSIdentityRef; authorization: AuthorizationRef { can be NULL }; error: CFErrorRefPtr { can be NULL } ): Boolean; external name '_CSIdentityCommit';
1434 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
1435 
1436 {$endc} {!TARGET_OS_IPHONE && !TARGET_IPHONE_SIMULATOR}
1437 
1438 
1439 {
1440  *  Status values
1441  *
1442  }
1443 const
1444 {
1445    * The identity has been committed to the authority database
1446    }
1447 	kCSIdentityCommitCompleted = 1;
1448 
1449 
1450 type
1451 	CSIdentityStatusUpdatedCallback = procedure( identity: CSIdentityRef; status: CFIndex; error: CFErrorRef; info: UnivPtr );
1452 
1453 {
1454  *  CSIdentityClientContext
1455  *
1456  *  Discussion:
1457  *    Structure containing the user-defined data and callbacks used
1458  *    during asynchronous commits
1459  }
1460 type
1461 	CSIdentityClientContext = record
1462 {
1463    * The version number of the client structure type.  The current
1464    * version number is 0.
1465    }
1466 		version: CFIndex;
1467 
1468   {
1469    * An arbitrary pointer to client-defined data, which can be
1470    * associated with the client and is passed to the callbacks.
1471    }
1472 		info: UnivPtr;
1473 
1474   {
1475    * The callback used to add a retain for the on the client object for
1476    * the life of the asynchronous operation, and may be used for
1477    * temporary references the identity needs to take. This callback
1478    * returns the actual info pointer to be passed to the statusUpdated
1479    * callback. May be NULL.
1480    }
1481 		retain: CFAllocatorRetainCallBack;
1482 
1483   {
1484    * The callback used to remove a retain previously acquired for the
1485    * client object. May be NULL.
1486    }
1487 		release: CFAllocatorReleaseCallBack;
1488 
1489   {
1490    * The callback used to create a descriptive string representation of
1491    * the client object for debugging purposes. This is used by the
1492    * CFCopyDescription() function. May be NULL.
1493    }
1494 		copyDescription: CFAllocatorCopyDescriptionCallBack;
1495 
1496   {
1497    * The client callback invoked when the status of an asnchronous
1498    * operation changes
1499    }
1500 		statusUpdated: CSIdentityStatusUpdatedCallback;
1501 	end;
1502 
1503 
1504 {$ifc not TARGET_OS_IPHONE and not TARGET_IPHONE_SIMULATOR}
1505 {
1506  *  CSIdentityCommitAsynchronously()
1507  *
1508  *  Summary:
1509  *    Asychronously commit all pending changes to the identity
1510  *    authority's database
1511  *
1512  *  Mac OS X threading:
1513  *    Thread safe since version 10.5
1514  *
1515  *  Parameters:
1516  *
1517  *    identity:
1518  *      The identity to commit
1519  *
1520  *    clientContext:
1521  *      The client structure specifying context and callbacks for the
1522  *      asynchronous operation
1523  *
1524  *    runLoop:
1525  *      The run loop on which to schedule the statusUpdated callback
1526  *
1527  *    runLoopMode:
1528  *      The run loop mode in which the callback can be scheduled
1529  *
1530  *    authorization:
1531  *      The authorization object holding credentials necessary to allow
1532  *      modification to the identity database. As a convenience,
1533  *      callers may pass NULL for the authorization, and the
1534  *      implmentation will attempt to acquire the necessary credentials
1535  *      from Authorization Services. Modifying the local system
1536  *      identity database requires Admin credentials.
1537  *
1538  *  Result:
1539  *    Returns true if the commit operation is started, indicated that
1540  *    an statusUpdated callback will follow. Returns false if the
1541  *    identity has no uncommitted changes or a commit is already in
1542  *    progress
1543  *
1544  *  Availability:
1545  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
1546  *    CarbonLib:        not available
1547  *    Non-Carbon CFM:   not available
1548  }
CSIdentityCommitAsynchronouslynull1549 function CSIdentityCommitAsynchronously( identity: CSIdentityRef; const (*var*) clientContext: CSIdentityClientContext; runLoop: CFRunLoopRef; runLoopMode: CFStringRef; authorization: AuthorizationRef { can be NULL } ): Boolean; external name '_CSIdentityCommitAsynchronously';
1550 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
1551 {$endc} {!TARGET_OS_IPHONE && !TARGET_IPHONE_SIMULATOR}
1552 
1553 
1554 {$ifc not TARGET_OS_IPHONE and not TARGET_IPHONE_SIMULATOR}
1555 {
1556  *  CSIdentityIsCommitting()
1557  *
1558  *  Summary:
1559  *    Determine if a commit operation is in progress
1560  *
1561  *  Mac OS X threading:
1562  *    Thread safe since version 10.5
1563  *
1564  *  Parameters:
1565  *
1566  *    identity:
1567  *      The identity to access
1568  *
1569  *  Result:
1570  *    Returns true if a commit operation is in progress
1571  *
1572  *  Availability:
1573  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
1574  *    CarbonLib:        not available
1575  *    Non-Carbon CFM:   not available
1576  }
CSIdentityIsCommittingnull1577 function CSIdentityIsCommitting( identity: CSIdentityRef ): Boolean; external name '_CSIdentityIsCommitting';
1578 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
1579 
1580 
1581 {
1582  *  CSIdentityRemoveClient()
1583  *
1584  *  Summary:
1585  *    Invalidate an identity's client structure to stop client callbacks
1586  *
1587  *  Discussion:
1588  *    After returning, this function guarantees that client callbacks
1589  *    will never be invoked again. Use this function when releasing an
1590  *    identity which may have an outstanding asynchronous request. This
1591  *    function does not cancel an outstanding commit operation because
1592  *    a commit cannot be interrupted.
1593  *
1594  *  Mac OS X threading:
1595  *    Thread safe since version 10.5
1596  *
1597  *  Parameters:
1598  *
1599  *    identity:
1600  *      The identity to access
1601  *
1602  *  Availability:
1603  *    Mac OS X:         in version 10.5 and later in CoreServices.framework
1604  *    CarbonLib:        not available
1605  *    Non-Carbon CFM:   not available
1606  }
1607 procedure CSIdentityRemoveClient( identity: CSIdentityRef ); external name '_CSIdentityRemoveClient';
1608 (* __OSX_AVAILABLE_STARTING(__MAC_10_5,__IPHONE_NA) *)
1609 {$endc} {!TARGET_OS_IPHONE && !TARGET_IPHONE_SIMULATOR}
1610 
1611 {$ifc not defined MACOSALLINCLUDE or not MACOSALLINCLUDE}
1612 
1613 end.
1614 {$endc} {not MACOSALLINCLUDE}
1615