Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / clr / src / BCL / System / Security / PermissionSetTriple.cs / 1305376 / PermissionSetTriple.cs
// ==++==
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// ==--==
/*==============================================================================
**
** Class: PermissionSetTriple
**
** [....]
**
** Purpose: Container class for holding an AppDomain's Grantset and Refused sets.
** Also used for CompressedStacks which brings in the third PermissionSet.
** Hence, the name PermissionSetTriple.
**
=============================================================================*/
namespace System.Security
{
using IEnumerator = System.Collections.IEnumerator;
using System.Security;
using System.Security.Permissions;
using System.Runtime.InteropServices;
using System.Diagnostics.Contracts;
[Serializable]
sealed internal class PermissionSetTriple
{
static private PermissionToken s_zoneToken;
static private PermissionToken s_urlToken;
internal PermissionSet AssertSet;
internal PermissionSet GrantSet;
internal PermissionSet RefusedSet;
internal PermissionSetTriple()
{
Reset();
}
internal PermissionSetTriple(PermissionSetTriple triple)
{
this.AssertSet = triple.AssertSet;
this.GrantSet = triple.GrantSet;
this.RefusedSet = triple.RefusedSet;
}
internal void Reset()
{
AssertSet = null;
GrantSet = null;
RefusedSet = null;
}
internal bool IsEmpty()
{
return (AssertSet == null && GrantSet == null && RefusedSet == null);
}
private PermissionToken ZoneToken
{
[System.Security.SecurityCritical] // auto-generated
get
{
if (s_zoneToken == null)
s_zoneToken = PermissionToken.GetToken(typeof(ZoneIdentityPermission));
return s_zoneToken;
}
}
private PermissionToken UrlToken
{
[System.Security.SecurityCritical] // auto-generated
get
{
if (s_urlToken == null)
s_urlToken = PermissionToken.GetToken(typeof(UrlIdentityPermission));
return s_urlToken;
}
}
[System.Security.SecurityCritical] // auto-generated
internal bool Update(PermissionSetTriple psTriple, out PermissionSetTriple retTriple)
{
retTriple = null;
// Special case: unrestricted assert. Note: dcs.Assert.IsUnrestricted => dcs.Grant.IsUnrestricted
if (psTriple.AssertSet != null && psTriple.AssertSet.IsUnrestricted())
{
return true; // stop construction
}
retTriple = UpdateAssert(psTriple.AssertSet);
UpdateGrant(psTriple.GrantSet);
UpdateRefused(psTriple.RefusedSet);
return false;
}
[System.Security.SecurityCritical] // auto-generated
internal PermissionSetTriple UpdateAssert(PermissionSet in_a)
{
PermissionSetTriple retTriple = null;
if (in_a != null)
{
Contract.Assert((!in_a.IsUnrestricted()), "Cannot be unrestricted here");
// if we're already asserting in_a, nothing to do
if (in_a.IsSubsetOf(AssertSet))
return null;
PermissionSet retPs;
if (GrantSet != null)
retPs = in_a.Intersect(GrantSet); // Restrict the assert to what we've already been granted
else
{
GrantSet = new PermissionSet(true);
retPs = in_a.Copy(); // Currently unrestricted Grant: assert the whole assert set
}
bool bFailedToCompress;
// removes anything that is already in the refused set from the assert set
retPs = PermissionSet.RemoveRefusedPermissionSet(retPs, RefusedSet, out bFailedToCompress);
if (!bFailedToCompress)
bFailedToCompress = PermissionSet.IsIntersectingAssertedPermissions(retPs, AssertSet);
if (bFailedToCompress)
{
retTriple = new PermissionSetTriple(this);
this.Reset();
this.GrantSet = retTriple.GrantSet.Copy();
}
if (AssertSet == null)
AssertSet = retPs;
else
AssertSet.InplaceUnion(retPs);
}
return retTriple;
}
[System.Security.SecurityCritical] // auto-generated
internal void UpdateGrant(PermissionSet in_g, out ZoneIdentityPermission z,out UrlIdentityPermission u)
{
z = null;
u = null;
if (in_g != null)
{
if (GrantSet == null)
GrantSet = in_g.Copy();
else
GrantSet.InplaceIntersect(in_g);
z = (ZoneIdentityPermission)in_g.GetPermission(ZoneToken);
u = (UrlIdentityPermission)in_g.GetPermission(UrlToken);
}
}
[System.Security.SecurityCritical] // auto-generated
internal void UpdateGrant(PermissionSet in_g)
{
if (in_g != null)
{
if (GrantSet == null)
GrantSet = in_g.Copy();
else
GrantSet.InplaceIntersect(in_g);
}
}
internal void UpdateRefused(PermissionSet in_r)
{
if (in_r != null)
{
if (RefusedSet == null)
RefusedSet = in_r.Copy();
else
RefusedSet.InplaceUnion(in_r);
}
}
[System.Security.SecurityCritical] // auto-generated
static bool CheckAssert(PermissionSet pSet, CodeAccessPermission demand, PermissionToken permToken)
{
if (pSet != null)
{
pSet.CheckDecoded(demand, permToken);
CodeAccessPermission perm = (CodeAccessPermission)pSet.GetPermission(demand);
// If the assert set does contain the demanded permission, halt the stackwalk
try
{
if (pSet.IsUnrestricted() || demand.CheckAssert(perm))
{
return SecurityRuntime.StackHalt;
}
}
catch (ArgumentException)
{
}
}
return SecurityRuntime.StackContinue;
}
[System.Security.SecurityCritical] // auto-generated
static bool CheckAssert(PermissionSet assertPset, PermissionSet demandSet, out PermissionSet newDemandSet)
{
newDemandSet = null;
if (assertPset!= null)
{
assertPset.CheckDecoded(demandSet);
// If this frame asserts a superset of the demand set we're done
if (demandSet.CheckAssertion(assertPset))
return SecurityRuntime.StackHalt;
PermissionSet.RemoveAssertedPermissionSet(demandSet, assertPset, out newDemandSet);
}
return SecurityRuntime.StackContinue;
}
[System.Security.SecurityCritical] // auto-generated
internal bool CheckDemand(CodeAccessPermission demand, PermissionToken permToken, RuntimeMethodHandleInternal rmh)
{
if (CheckAssert(AssertSet, demand, permToken) == SecurityRuntime.StackHalt)
return SecurityRuntime.StackHalt;
CodeAccessSecurityEngine.CheckHelper(GrantSet, RefusedSet, demand, permToken, rmh, null, SecurityAction.Demand, true);
return SecurityRuntime.StackContinue;
}
[System.Security.SecurityCritical] // auto-generated
internal bool CheckSetDemand(PermissionSet demandSet , out PermissionSet alteredDemandset, RuntimeMethodHandleInternal rmh)
{
alteredDemandset = null;
if (CheckAssert(AssertSet, demandSet, out alteredDemandset) == SecurityRuntime.StackHalt)
return SecurityRuntime.StackHalt;
if (alteredDemandset != null)
demandSet = alteredDemandset; // note that this does not modify demandSet external to this function.
CodeAccessSecurityEngine.CheckSetHelper(GrantSet, RefusedSet, demandSet, rmh, null, SecurityAction.Demand, true);
return SecurityRuntime.StackContinue;
}
[System.Security.SecurityCritical] // auto-generated
internal bool CheckDemandNoThrow(CodeAccessPermission demand, PermissionToken permToken)
{
Contract.Assert(AssertSet == null, "AssertSet not null");
return CodeAccessSecurityEngine.CheckHelper(GrantSet, RefusedSet, demand, permToken, RuntimeMethodHandleInternal.EmptyHandle, null, SecurityAction.Demand, false);
}
[System.Security.SecurityCritical] // auto-generated
internal bool CheckSetDemandNoThrow(PermissionSet demandSet)
{
Contract.Assert(AssertSet == null, "AssertSet not null");
return CodeAccessSecurityEngine.CheckSetHelper(GrantSet, RefusedSet, demandSet, RuntimeMethodHandleInternal.EmptyHandle, null, SecurityAction.Demand, false);
}
///
/// Check to see if the triple satisfies a demand for the permission represented by the flag.
///
///
/// If the triple asserts for one of the bits in the flags, it is zeroed out.
///
/// set of flags to check (See PermissionType)
[System.Security.SecurityCritical] // auto-generated
internal bool CheckFlags(ref int flags)
{
if (AssertSet != null)
{
// remove any permissions which were asserted for
int assertFlags = SecurityManager.GetSpecialFlags(AssertSet, null);
if ((flags & assertFlags) != 0)
flags = flags & ~assertFlags;
}
return (SecurityManager.GetSpecialFlags(GrantSet, RefusedSet) & flags) == flags;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// ==++==
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// ==--==
/*==============================================================================
**
** Class: PermissionSetTriple
**
** [....]
**
** Purpose: Container class for holding an AppDomain's Grantset and Refused sets.
** Also used for CompressedStacks which brings in the third PermissionSet.
** Hence, the name PermissionSetTriple.
**
=============================================================================*/
namespace System.Security
{
using IEnumerator = System.Collections.IEnumerator;
using System.Security;
using System.Security.Permissions;
using System.Runtime.InteropServices;
using System.Diagnostics.Contracts;
[Serializable]
sealed internal class PermissionSetTriple
{
static private PermissionToken s_zoneToken;
static private PermissionToken s_urlToken;
internal PermissionSet AssertSet;
internal PermissionSet GrantSet;
internal PermissionSet RefusedSet;
internal PermissionSetTriple()
{
Reset();
}
internal PermissionSetTriple(PermissionSetTriple triple)
{
this.AssertSet = triple.AssertSet;
this.GrantSet = triple.GrantSet;
this.RefusedSet = triple.RefusedSet;
}
internal void Reset()
{
AssertSet = null;
GrantSet = null;
RefusedSet = null;
}
internal bool IsEmpty()
{
return (AssertSet == null && GrantSet == null && RefusedSet == null);
}
private PermissionToken ZoneToken
{
[System.Security.SecurityCritical] // auto-generated
get
{
if (s_zoneToken == null)
s_zoneToken = PermissionToken.GetToken(typeof(ZoneIdentityPermission));
return s_zoneToken;
}
}
private PermissionToken UrlToken
{
[System.Security.SecurityCritical] // auto-generated
get
{
if (s_urlToken == null)
s_urlToken = PermissionToken.GetToken(typeof(UrlIdentityPermission));
return s_urlToken;
}
}
[System.Security.SecurityCritical] // auto-generated
internal bool Update(PermissionSetTriple psTriple, out PermissionSetTriple retTriple)
{
retTriple = null;
// Special case: unrestricted assert. Note: dcs.Assert.IsUnrestricted => dcs.Grant.IsUnrestricted
if (psTriple.AssertSet != null && psTriple.AssertSet.IsUnrestricted())
{
return true; // stop construction
}
retTriple = UpdateAssert(psTriple.AssertSet);
UpdateGrant(psTriple.GrantSet);
UpdateRefused(psTriple.RefusedSet);
return false;
}
[System.Security.SecurityCritical] // auto-generated
internal PermissionSetTriple UpdateAssert(PermissionSet in_a)
{
PermissionSetTriple retTriple = null;
if (in_a != null)
{
Contract.Assert((!in_a.IsUnrestricted()), "Cannot be unrestricted here");
// if we're already asserting in_a, nothing to do
if (in_a.IsSubsetOf(AssertSet))
return null;
PermissionSet retPs;
if (GrantSet != null)
retPs = in_a.Intersect(GrantSet); // Restrict the assert to what we've already been granted
else
{
GrantSet = new PermissionSet(true);
retPs = in_a.Copy(); // Currently unrestricted Grant: assert the whole assert set
}
bool bFailedToCompress;
// removes anything that is already in the refused set from the assert set
retPs = PermissionSet.RemoveRefusedPermissionSet(retPs, RefusedSet, out bFailedToCompress);
if (!bFailedToCompress)
bFailedToCompress = PermissionSet.IsIntersectingAssertedPermissions(retPs, AssertSet);
if (bFailedToCompress)
{
retTriple = new PermissionSetTriple(this);
this.Reset();
this.GrantSet = retTriple.GrantSet.Copy();
}
if (AssertSet == null)
AssertSet = retPs;
else
AssertSet.InplaceUnion(retPs);
}
return retTriple;
}
[System.Security.SecurityCritical] // auto-generated
internal void UpdateGrant(PermissionSet in_g, out ZoneIdentityPermission z,out UrlIdentityPermission u)
{
z = null;
u = null;
if (in_g != null)
{
if (GrantSet == null)
GrantSet = in_g.Copy();
else
GrantSet.InplaceIntersect(in_g);
z = (ZoneIdentityPermission)in_g.GetPermission(ZoneToken);
u = (UrlIdentityPermission)in_g.GetPermission(UrlToken);
}
}
[System.Security.SecurityCritical] // auto-generated
internal void UpdateGrant(PermissionSet in_g)
{
if (in_g != null)
{
if (GrantSet == null)
GrantSet = in_g.Copy();
else
GrantSet.InplaceIntersect(in_g);
}
}
internal void UpdateRefused(PermissionSet in_r)
{
if (in_r != null)
{
if (RefusedSet == null)
RefusedSet = in_r.Copy();
else
RefusedSet.InplaceUnion(in_r);
}
}
[System.Security.SecurityCritical] // auto-generated
static bool CheckAssert(PermissionSet pSet, CodeAccessPermission demand, PermissionToken permToken)
{
if (pSet != null)
{
pSet.CheckDecoded(demand, permToken);
CodeAccessPermission perm = (CodeAccessPermission)pSet.GetPermission(demand);
// If the assert set does contain the demanded permission, halt the stackwalk
try
{
if (pSet.IsUnrestricted() || demand.CheckAssert(perm))
{
return SecurityRuntime.StackHalt;
}
}
catch (ArgumentException)
{
}
}
return SecurityRuntime.StackContinue;
}
[System.Security.SecurityCritical] // auto-generated
static bool CheckAssert(PermissionSet assertPset, PermissionSet demandSet, out PermissionSet newDemandSet)
{
newDemandSet = null;
if (assertPset!= null)
{
assertPset.CheckDecoded(demandSet);
// If this frame asserts a superset of the demand set we're done
if (demandSet.CheckAssertion(assertPset))
return SecurityRuntime.StackHalt;
PermissionSet.RemoveAssertedPermissionSet(demandSet, assertPset, out newDemandSet);
}
return SecurityRuntime.StackContinue;
}
[System.Security.SecurityCritical] // auto-generated
internal bool CheckDemand(CodeAccessPermission demand, PermissionToken permToken, RuntimeMethodHandleInternal rmh)
{
if (CheckAssert(AssertSet, demand, permToken) == SecurityRuntime.StackHalt)
return SecurityRuntime.StackHalt;
CodeAccessSecurityEngine.CheckHelper(GrantSet, RefusedSet, demand, permToken, rmh, null, SecurityAction.Demand, true);
return SecurityRuntime.StackContinue;
}
[System.Security.SecurityCritical] // auto-generated
internal bool CheckSetDemand(PermissionSet demandSet , out PermissionSet alteredDemandset, RuntimeMethodHandleInternal rmh)
{
alteredDemandset = null;
if (CheckAssert(AssertSet, demandSet, out alteredDemandset) == SecurityRuntime.StackHalt)
return SecurityRuntime.StackHalt;
if (alteredDemandset != null)
demandSet = alteredDemandset; // note that this does not modify demandSet external to this function.
CodeAccessSecurityEngine.CheckSetHelper(GrantSet, RefusedSet, demandSet, rmh, null, SecurityAction.Demand, true);
return SecurityRuntime.StackContinue;
}
[System.Security.SecurityCritical] // auto-generated
internal bool CheckDemandNoThrow(CodeAccessPermission demand, PermissionToken permToken)
{
Contract.Assert(AssertSet == null, "AssertSet not null");
return CodeAccessSecurityEngine.CheckHelper(GrantSet, RefusedSet, demand, permToken, RuntimeMethodHandleInternal.EmptyHandle, null, SecurityAction.Demand, false);
}
[System.Security.SecurityCritical] // auto-generated
internal bool CheckSetDemandNoThrow(PermissionSet demandSet)
{
Contract.Assert(AssertSet == null, "AssertSet not null");
return CodeAccessSecurityEngine.CheckSetHelper(GrantSet, RefusedSet, demandSet, RuntimeMethodHandleInternal.EmptyHandle, null, SecurityAction.Demand, false);
}
///
/// Check to see if the triple satisfies a demand for the permission represented by the flag.
///
///
/// If the triple asserts for one of the bits in the flags, it is zeroed out.
///
/// set of flags to check (See PermissionType)
[System.Security.SecurityCritical] // auto-generated
internal bool CheckFlags(ref int flags)
{
if (AssertSet != null)
{
// remove any permissions which were asserted for
int assertFlags = SecurityManager.GetSpecialFlags(AssertSet, null);
if ((flags & assertFlags) != 0)
flags = flags & ~assertFlags;
}
return (SecurityManager.GetSpecialFlags(GrantSet, RefusedSet) & flags) == flags;
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- InstanceData.cs
- SimpleWebHandlerParser.cs
- DataContext.cs
- AdRotatorDesigner.cs
- SHA384CryptoServiceProvider.cs
- File.cs
- SizeAnimationUsingKeyFrames.cs
- SystemFonts.cs
- SQLDouble.cs
- ResourceReader.cs
- X509Certificate2.cs
- _OverlappedAsyncResult.cs
- ToolStripItemRenderEventArgs.cs
- StyleHelper.cs
- LocalizableAttribute.cs
- Missing.cs
- InstanceOwnerQueryResult.cs
- EventSinkHelperWriter.cs
- Visual.cs
- IDReferencePropertyAttribute.cs
- OdbcDataReader.cs
- GroupQuery.cs
- SiblingIterators.cs
- DataSourceCache.cs
- TextServicesHost.cs
- DataGridBoolColumn.cs
- LicenseManager.cs
- WindowsHyperlink.cs
- BitmapEffectDrawing.cs
- SqlError.cs
- TraceSection.cs
- CollectionViewProxy.cs
- DictionaryContent.cs
- SmiRequestExecutor.cs
- SqlDataSourceQueryEditor.cs
- IntSecurity.cs
- _SslStream.cs
- Itemizer.cs
- AnnotationStore.cs
- QuadraticBezierSegment.cs
- Transform3DGroup.cs
- _CacheStreams.cs
- ConnectionManagementElement.cs
- InputLangChangeEvent.cs
- OleStrCAMarshaler.cs
- PeerChannelFactory.cs
- SoapObjectInfo.cs
- DataGridCaption.cs
- Identifier.cs
- FloaterBaseParaClient.cs
- WebPartVerb.cs
- RuleEngine.cs
- ShutDownListener.cs
- XPathSingletonIterator.cs
- FontStyleConverter.cs
- AuthenticationSection.cs
- Utils.cs
- CopyOfAction.cs
- XmlSchemas.cs
- Point4DConverter.cs
- SizeConverter.cs
- FunctionDefinition.cs
- DataGridViewCellParsingEventArgs.cs
- AdRotator.cs
- BrowserCapabilitiesFactoryBase.cs
- ClipboardData.cs
- OleDbRowUpdatedEvent.cs
- Membership.cs
- PhysicalOps.cs
- PersonalizationState.cs
- EdmType.cs
- RSAOAEPKeyExchangeFormatter.cs
- CompiledQuery.cs
- ListView.cs
- DbProviderConfigurationHandler.cs
- WebBrowserBase.cs
- ResourceProviderFactory.cs
- HostedTransportConfigurationManager.cs
- DataFormats.cs
- TranslateTransform3D.cs
- invalidudtexception.cs
- DragSelectionMessageFilter.cs
- smtppermission.cs
- AutomationEventArgs.cs
- IApplicationTrustManager.cs
- MatrixTransform.cs
- VariableAction.cs
- PageThemeParser.cs
- ClipboardData.cs
- WinEventWrap.cs
- CodeExpressionStatement.cs
- EventSinkActivityDesigner.cs
- UriExt.cs
- EditBehavior.cs
- ConnectionAcceptor.cs
- ObjectDataSourceStatusEventArgs.cs
- Tokenizer.cs
- CodeMemberField.cs
- ADMembershipUser.cs
- SystemPens.cs