PermissionSetTriple.cs source code in C# .NET

Source code for the .NET framework in C#

                        

Code:

/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / clr / src / BCL / System / Security / PermissionSetTriple.cs / 1305376 / PermissionSetTriple.cs

                            // ==++== 
//
//   Copyright (c) Microsoft Corporation.  All rights reserved.
//
// ==--== 
/*==============================================================================
** 
** Class: PermissionSetTriple 
**
** [....] 
**
** Purpose: Container class for holding an AppDomain's Grantset and Refused sets.
**          Also used for CompressedStacks which brings in the third PermissionSet.
**          Hence, the name PermissionSetTriple. 
**
=============================================================================*/ 
 
namespace System.Security
{ 
    using IEnumerator = System.Collections.IEnumerator;
    using System.Security;
    using System.Security.Permissions;
    using System.Runtime.InteropServices; 
    using System.Diagnostics.Contracts;
 
 
    [Serializable]
    sealed internal class PermissionSetTriple 
    {
        static private PermissionToken s_zoneToken;
        static private PermissionToken s_urlToken;
        internal PermissionSet AssertSet; 
        internal PermissionSet GrantSet;
        internal PermissionSet RefusedSet; 
        internal PermissionSetTriple() 
        {
            Reset(); 
        }
        internal PermissionSetTriple(PermissionSetTriple triple)
        {
            this.AssertSet = triple.AssertSet; 
            this.GrantSet = triple.GrantSet;
            this.RefusedSet = triple.RefusedSet; 
        } 
        internal void Reset()
        { 
            AssertSet = null;
            GrantSet = null;
            RefusedSet = null;
        } 
        internal bool IsEmpty()
        { 
            return (AssertSet == null && GrantSet == null && RefusedSet == null); 
        }
 
        private PermissionToken ZoneToken
        {
            [System.Security.SecurityCritical]  // auto-generated
            get 
            {
                if (s_zoneToken == null) 
                    s_zoneToken =  PermissionToken.GetToken(typeof(ZoneIdentityPermission)); 
                return s_zoneToken;
            } 
        }
        private PermissionToken UrlToken
        {
            [System.Security.SecurityCritical]  // auto-generated 
            get
            { 
                if (s_urlToken == null) 
                    s_urlToken =  PermissionToken.GetToken(typeof(UrlIdentityPermission));
                return s_urlToken; 
            }
        }
        [System.Security.SecurityCritical]  // auto-generated
        internal bool Update(PermissionSetTriple psTriple, out PermissionSetTriple retTriple) 
        {
            retTriple = null; 
            // Special case: unrestricted assert. Note: dcs.Assert.IsUnrestricted => dcs.Grant.IsUnrestricted 
            if (psTriple.AssertSet != null && psTriple.AssertSet.IsUnrestricted())
            { 
                return true; // stop construction
            }
            retTriple = UpdateAssert(psTriple.AssertSet);
            UpdateGrant(psTriple.GrantSet); 
            UpdateRefused(psTriple.RefusedSet);
            return false; 
        } 

        [System.Security.SecurityCritical]  // auto-generated 
        internal PermissionSetTriple UpdateAssert(PermissionSet in_a)
        {
            PermissionSetTriple retTriple = null;
            if (in_a != null) 
            {
                Contract.Assert((!in_a.IsUnrestricted()), "Cannot be unrestricted here"); 
                // if we're already asserting in_a, nothing to do 
                if (in_a.IsSubsetOf(AssertSet))
                    return null; 

                PermissionSet retPs;
                if (GrantSet != null)
                    retPs = in_a.Intersect(GrantSet); // Restrict the assert to what we've already been granted 
                else
                { 
                    GrantSet = new PermissionSet(true); 
                    retPs = in_a.Copy(); // Currently unrestricted Grant: assert the whole assert set
                } 
                bool bFailedToCompress;
                // removes anything that is already in the refused set from the assert set
                retPs = PermissionSet.RemoveRefusedPermissionSet(retPs, RefusedSet, out bFailedToCompress);
                if (!bFailedToCompress) 
                    bFailedToCompress = PermissionSet.IsIntersectingAssertedPermissions(retPs, AssertSet);
                if (bFailedToCompress) 
                { 
                    retTriple = new PermissionSetTriple(this);
                    this.Reset(); 
                    this.GrantSet = retTriple.GrantSet.Copy();
                }

                if (AssertSet == null) 
                    AssertSet = retPs;
                else 
                    AssertSet.InplaceUnion(retPs); 

            } 
            return retTriple;
        }
        [System.Security.SecurityCritical]  // auto-generated
        internal void UpdateGrant(PermissionSet in_g, out ZoneIdentityPermission z,out UrlIdentityPermission u) 
        {
            z = null; 
            u = null; 
            if (in_g != null)
            { 
                if (GrantSet == null)
                    GrantSet = in_g.Copy();
                else
                    GrantSet.InplaceIntersect(in_g); 

                z = (ZoneIdentityPermission)in_g.GetPermission(ZoneToken); 
                u = (UrlIdentityPermission)in_g.GetPermission(UrlToken); 
            }
        } 

        [System.Security.SecurityCritical]  // auto-generated
        internal void UpdateGrant(PermissionSet in_g)
        { 
            if (in_g != null)
            { 
                if (GrantSet == null) 
                    GrantSet = in_g.Copy();
                else 
                    GrantSet.InplaceIntersect(in_g);
            }
        }
        internal void UpdateRefused(PermissionSet in_r) 
        {
            if (in_r != null) 
            { 
                if (RefusedSet == null)
                    RefusedSet = in_r.Copy(); 
                else
                    RefusedSet.InplaceUnion(in_r);
            }
        } 

 
        [System.Security.SecurityCritical]  // auto-generated 
        static bool CheckAssert(PermissionSet pSet, CodeAccessPermission demand, PermissionToken permToken)
        { 
            if (pSet != null)
            {
                pSet.CheckDecoded(demand, permToken);
 
                CodeAccessPermission perm = (CodeAccessPermission)pSet.GetPermission(demand);
 
                // If the assert set does contain the demanded permission, halt the stackwalk 

                try 
                {
                    if (pSet.IsUnrestricted() || demand.CheckAssert(perm))
                    {
                        return SecurityRuntime.StackHalt; 
                    }
                } 
                catch (ArgumentException) 
                {
                } 
            }
            return SecurityRuntime.StackContinue;
        }
 
        [System.Security.SecurityCritical]  // auto-generated
        static bool CheckAssert(PermissionSet assertPset, PermissionSet demandSet, out PermissionSet newDemandSet) 
        { 
            newDemandSet = null;
            if (assertPset!= null) 
            {
                assertPset.CheckDecoded(demandSet);
                // If this frame asserts a superset of the demand set we're done
 
                if (demandSet.CheckAssertion(assertPset))
                    return SecurityRuntime.StackHalt; 
                PermissionSet.RemoveAssertedPermissionSet(demandSet, assertPset, out newDemandSet); 
            }
            return SecurityRuntime.StackContinue; 
        }


        [System.Security.SecurityCritical]  // auto-generated 
        internal bool CheckDemand(CodeAccessPermission demand, PermissionToken permToken, RuntimeMethodHandleInternal rmh)
        { 
            if (CheckAssert(AssertSet, demand, permToken) == SecurityRuntime.StackHalt) 
                return SecurityRuntime.StackHalt;
 
            CodeAccessSecurityEngine.CheckHelper(GrantSet, RefusedSet, demand, permToken, rmh, null, SecurityAction.Demand, true);

            return SecurityRuntime.StackContinue;
        } 
        [System.Security.SecurityCritical]  // auto-generated
        internal bool CheckSetDemand(PermissionSet demandSet , out PermissionSet alteredDemandset, RuntimeMethodHandleInternal rmh) 
        { 
            alteredDemandset = null;
 
            if (CheckAssert(AssertSet, demandSet, out alteredDemandset) == SecurityRuntime.StackHalt)
                return SecurityRuntime.StackHalt;
            if (alteredDemandset != null)
                demandSet = alteredDemandset; // note that this does not modify demandSet external to this function. 
            CodeAccessSecurityEngine.CheckSetHelper(GrantSet, RefusedSet, demandSet, rmh, null, SecurityAction.Demand, true);
 
            return SecurityRuntime.StackContinue; 

        } 

        [System.Security.SecurityCritical]  // auto-generated
        internal bool CheckDemandNoThrow(CodeAccessPermission demand, PermissionToken permToken)
        { 
            Contract.Assert(AssertSet == null, "AssertSet not null");
 
            return CodeAccessSecurityEngine.CheckHelper(GrantSet, RefusedSet, demand, permToken, RuntimeMethodHandleInternal.EmptyHandle, null, SecurityAction.Demand, false); 
        }
        [System.Security.SecurityCritical]  // auto-generated 
        internal bool CheckSetDemandNoThrow(PermissionSet demandSet)
        {
            Contract.Assert(AssertSet == null, "AssertSet not null");
 
            return CodeAccessSecurityEngine.CheckSetHelper(GrantSet, RefusedSet, demandSet, RuntimeMethodHandleInternal.EmptyHandle, null, SecurityAction.Demand, false);
        } 
        ///  
        ///     Check to see if the triple satisfies a demand for the permission represented by the flag.
        ///  
        /// 
        ///     If the triple asserts for one of the bits in the flags, it is zeroed out.
        /// 
        /// set of flags to check (See PermissionType) 
        [System.Security.SecurityCritical]  // auto-generated
        internal bool CheckFlags(ref int flags) 
        { 
            if (AssertSet != null)
            { 
                // remove any permissions which were asserted for
                int assertFlags = SecurityManager.GetSpecialFlags(AssertSet, null);
                if ((flags & assertFlags) != 0)
                    flags = flags & ~assertFlags; 
            }
 
            return (SecurityManager.GetSpecialFlags(GrantSet, RefusedSet) & flags) == flags; 
        }
    } 
}



// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
                        

Link Menu

Network programming in C#, Network Programming in VB.NET, Network Programming in .NET
This book is available now!
Buy at Amazon US or
Buy at Amazon UK