## <summary>D-Bus service providing high-level OBEX client and server side functionality.</summary>

########################################
## <summary>
##  Transition to obex.
## </summary>
## <param name="domain">
## <summary>
##  Domain allowed to transition.
## </summary>
## </param>
#
interface(`obex_domtrans',`
    gen_require(`
        type obex_t, obex_exec_t;
    ')

    corecmd_search_bin($1)
    domtrans_pattern($1, obex_exec_t, obex_t)
')

########################################
## <summary>
##  Send and receive messages from
##  obex over dbus.
## </summary>
## <param name="domain">
##  <summary>
##  Domain allowed access.
##  </summary>
## </param>
#
interface(`obex_dbus_chat',`
    gen_require(`
        type obex_t;
        class dbus send_msg;
    ')

    allow $1 obex_t:dbus send_msg;
    allow obex_t $1:dbus send_msg;
')

#######################################
## <summary>
##	Role access for obex domains
##	that executes via dbus-session
## </summary>
## <param name="user_role">
##	<summary>
##	The role associated with the user domain.
##	</summary>
## </param>
## <param name="user_domain">
##	<summary>
##	The type of the user domain.
##	</summary>
## </param>
## <param name="domain_prefix">
##	<summary>
##	User domain prefix to be used.
##	</summary>
## </param>
#
template(`obex_role',`
	gen_require(`
			attribute_role obex_roles;
	        type obex_t, obex_exec_t;
	')

    ########################################
    #    
    # Declarations
    #

	roleattribute $1 obex_roles;
	#role $1 types obex_t;

    ########################################
    #    
    # Policy
    #         

	allow $2 obex_t:process signal_perms;
	ps_process_pattern($2, obex_t)

	dbus_session_domain($3, obex_exec_t, obex_t)

	obex_dbus_chat($2)
')