Code:
/ DotNET / DotNET / 8.0 / untmp / WIN_WINDOWS / lh_tools_devdiv_wpf / Windows / wcp / TrustUi / MS / Internal / documents / RightsManagementUser.cs / 1 / RightsManagementUser.cs
//------------------------------------------------------------------------------ // //// Copyright (C) Microsoft Corporation. All rights reserved. // // // Description: // This class represents a RM user. // // History: // 09/28/05 - [....] created // //----------------------------------------------------------------------------- using System; using System.Security; using System.Security.Permissions; using System.Security.RightsManagement; using System.Windows.TrustUI; using MS.Internal.Permissions; namespace MS.Internal.Documents { ////// This class represents a user in the Rights Management system. /// ////// Class responsibilities: /// 1) This class suppresses the RightsManagementPermission by asserting /// for it and marking the respective methods SecurityCritical. /// 2) This class has factory methods to construct itself. /// /// ContentUser is used pervasively. The design was chosen to consolidate /// the asserts needed by RightsManagementProvider and simply require /// callers to be audited for not leaking the information. /// internal class RightsManagementUser : ContentUser { #region Constructors //----------------------------------------------------- // Constructors //----------------------------------------------------- ////// Creates a RightsManagementUser object. /// /// The name of the user /// The authentication type of the /// user ////// This calls the base class ContentUser's constructor, so it /// effectively demands RightsManagementPermission. /// private RightsManagementUser(string name, AuthenticationType authenticationType) : base(name, authenticationType) { } #endregion Constructors #region Public Methods //-------------------------------------------------------------------------- // Public Methods //------------------------------------------------------------------------- ////// Compute hash code. /// ///We are breaking encapsulation by caching the hash code. /// This is OK as long as no properties on the object can change, which /// is the case. We did this for performance reasons, as an assert is /// expensive and GetHashCode() is called somewhat frequently. /// ////// Critical /// 1) Asserts for RightsManagementPermission and returns a value from /// a call made under the assert. /// TreatAsSafe /// 1) We do not consider the hash code a critical value. /// [SecurityCritical, SecurityTreatAsSafe] public override int GetHashCode() { if (_hashCode == 0) { _rmPermission.Assert(); //BlessedAssert try { _hashCode = base.GetHashCode(); } finally { RightsManagementPermission.RevertAssert(); } } return _hashCode; } ////// Test for equality. /// ////// Critical /// 1) Asserts for RightsManagementPermission and returns a value from /// a call made under the assert. /// TreatAsSafe /// 1) We do not consider testing for equality a critical operation. /// [SecurityCritical, SecurityTreatAsSafe] public override bool Equals(object obj) { _rmPermission.Assert(); //BlessedAssert try { return base.Equals(obj); } finally { RightsManagementPermission.RevertAssert(); } } #endregion Public Methods #region Internal Methods //-------------------------------------------------------------------------- // Internal Methods //-------------------------------------------------------------------------- ////// Creates a RightsManagementUser object with the given name and /// authentication type. /// /// The user name /// The user authentication type /// ///A RightsManagementUser with the specified properties /// ////// Critical /// 1) Asserts for RightsManagementPermission and returns a value from /// a call made under the assert. /// [SecurityCritical] internal static RightsManagementUser CreateUser( string name, AuthenticationType authenticationType) { _rmPermission.Assert(); //BlessedAssert try { return new RightsManagementUser(name, authenticationType); } finally { RightsManagementPermission.RevertAssert(); } } ////// Creates a RightsManagementUser object from the given ContentUser /// object. /// /// The ContentUser to copy ///A RightsManagementUser that has the same properties as the /// user passed in as an argument ////// Critical /// 1) Asserts for RightsManagementPermission and returns a value from /// a call made under the assert. /// [SecurityCritical] internal static RightsManagementUser CreateUser(ContentUser user) { _rmPermission.Assert(); //BlessedAssert try { return new RightsManagementUser( user.Name, user.AuthenticationType); } finally { RightsManagementPermission.RevertAssert(); } } #endregion Internal Methods #region Internal Properties //------------------------------------------------------------------------- // Internal Properties //-------------------------------------------------------------------------- ////// Returns the authentication type of the user. /// ////// Critical /// 1) Asserts for RightsManagementPermission and returns a value from /// a call made under the assert. /// internal new AuthenticationType AuthenticationType { [SecurityCritical] get { _rmPermission.Assert(); //BlessedAssert try { return base.AuthenticationType; } finally { RightsManagementPermission.RevertAssert(); } } } ////// Fully qualified e-mail address of the user. /// ////// Critical /// 1) Asserts for RightsManagementPermission and returns a value from /// a call made under the assert. /// internal new string Name { [SecurityCritical] get { string name = string.Empty; // Determine if the current RightsManagementUser represents the AnyoneUser. if (AnyoneRightsManagementUser.Equals(this)) { // Since this is the AnyoneUser return the localized representation for the name. name = SR.Get(SRID.RMPublishingAnyoneUserDisplay); } else { _rmPermission.Assert(); //BlessedAssert try { // Since this is not the AnyoneUser, use name from the RightsManagementUser. name = base.Name; } finally { RightsManagementPermission.RevertAssert(); } } return name; } } ////// Returns an instance of the User class that identifyes "Anyone" persona. /// This user has authentication type "Internal" and Name "Anyone". /// If this such user was granted rights dutring publishing; server will issue Use License /// to anyone who requests one, but it will be attached to the requesting user. /// ////// Critical /// 1) Asserts for RightsManagementPermission and returns a value from /// a call made under the assert. /// TreatAsSafe /// 1) The AnyoneUser object is a known constant. Also, accessing any /// fields on the returned object will require an assert. /// internal new static ContentUser AnyoneUser { [SecurityCritical, SecurityTreatAsSafe] get { _rmPermission.Assert(); //BlessedAssert try { return ContentUser.AnyoneUser; } finally { RightsManagementPermission.RevertAssert(); } } } ////// Returns an instance of the RightsManagementUser class corresponding /// to ContentUser.AnyoneUser. /// ////// Critical /// 1) Calls critical method CreateUser /// 2) Sets critical for set variable _anyoneUserInstance /// TreatAsSafe /// 1) The user created contains no critical data, since it simply /// represents the Anyone user which is a known constant. /// 2) _anyoneUserInstance is set to the appropriate value, a user /// object created from the AnyoneUser. /// internal static RightsManagementUser AnyoneRightsManagementUser { [SecurityCritical, SecurityTreatAsSafe] get { if (_anyoneUserInstance.Value == null) { _anyoneUserInstance.Value = CreateUser(AnyoneUser); } return _anyoneUserInstance.Value; } } #endregion Internal Properties #region Private Fields //------------------------------------------------------------------------- // Private Fields //------------------------------------------------------------------------- ////// Critical /// 1) Creation of the permission is critical as the code will be /// asserting for it and we do not want it replaced without review. /// TreatAsSafe /// 1) Future reviewers, this value should only ever represent /// RightsManagementPermission. It should not be changed without /// reviewing all uses of it in the class. (This is safe because it�s /// being reviewed.) /// [SecurityCritical, SecurityTreatAsSafe] private static RightsManagementPermission _rmPermission = new RightsManagementPermission(); ////// The Anyone user as a RightsManagementUser. /// ////// Critical for set /// 1) We make security decisions (e.g. determining whether a user is /// the Anyone user) using this variable. /// private static SecurityCriticalDataForSet_anyoneUserInstance; private int _hashCode; #endregion Private Fields } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- DesignerActionGlyph.cs
- ControlAdapter.cs
- LinqDataView.cs
- StyleSheetRefUrlEditor.cs
- RTTrackingProfile.cs
- LogSwitch.cs
- MessageDecoder.cs
- TextComposition.cs
- remotingproxy.cs
- GridViewDesigner.cs
- HttpException.cs
- HttpApplication.cs
- TemplateControlBuildProvider.cs
- PageRequestManager.cs
- UserNameSecurityTokenProvider.cs
- KnownAssemblyEntry.cs
- WindowsAuthenticationModule.cs
- Light.cs
- HttpListenerException.cs
- RowUpdatedEventArgs.cs
- SerializationInfo.cs
- ListBindingHelper.cs
- ScrollBarAutomationPeer.cs
- SetStateEventArgs.cs
- VisualCollection.cs
- _ReceiveMessageOverlappedAsyncResult.cs
- HostProtectionPermission.cs
- IgnoreSection.cs
- arabicshape.cs
- glyphs.cs
- RelatedPropertyManager.cs
- PeerCollaboration.cs
- TableCellAutomationPeer.cs
- X509Certificate.cs
- MimeWriter.cs
- SafeNativeMethods.cs
- Block.cs
- securestring.cs
- ContentValidator.cs
- smtppermission.cs
- ImpersonationContext.cs
- ToolTipService.cs
- ComboBoxItem.cs
- Item.cs
- Tuple.cs
- SafeBitVector32.cs
- DateTimeUtil.cs
- MethodToken.cs
- EdmMember.cs
- BufferAllocator.cs
- FontUnitConverter.cs
- FixUpCollection.cs
- MediaSystem.cs
- StackSpiller.Temps.cs
- InputLangChangeRequestEvent.cs
- UserControlCodeDomTreeGenerator.cs
- CdpEqualityComparer.cs
- Terminate.cs
- HttpListener.cs
- BinaryMethodMessage.cs
- PropertyMapper.cs
- RootNamespaceAttribute.cs
- TypeDescriptionProvider.cs
- SystemException.cs
- XmlIlTypeHelper.cs
- CompositeFontInfo.cs
- LockCookie.cs
- FixedNode.cs
- Maps.cs
- ConstructorNeedsTagAttribute.cs
- DrawingContextDrawingContextWalker.cs
- MouseWheelEventArgs.cs
- ListView.cs
- SHA384Managed.cs
- LayoutEvent.cs
- InitializationEventAttribute.cs
- HelpInfo.cs
- HitTestDrawingContextWalker.cs
- ErrorProvider.cs
- ObjectDataSourceMethodEventArgs.cs
- MeshGeometry3D.cs
- COM2Properties.cs
- StrongNamePublicKeyBlob.cs
- SchemaImporter.cs
- InstanceKeyView.cs
- CompressionTransform.cs
- NeedSkipTokenVisitor.cs
- CompositionTarget.cs
- InvalidFilterCriteriaException.cs
- XmlSchemaCollection.cs
- StickyNoteAnnotations.cs
- PasswordRecovery.cs
- OleDbWrapper.cs
- PageContentCollection.cs
- SettingsPropertyWrongTypeException.cs
- graph.cs
- ModelItemCollectionImpl.cs
- DataGridViewTextBoxCell.cs
- AnnotationResourceChangedEventArgs.cs
- XdrBuilder.cs