PolicyStatement.cs source code in C# .NET

Source code for the .NET framework in C#

                        

Code:

/ 4.0 / 4.0 / untmp / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / clr / src / BCL / System / Security / Policy / PolicyStatement.cs / 1305376 / PolicyStatement.cs

                            using System.Diagnostics.Contracts; 
// ==++==
//
//   Copyright (c) Microsoft Corporation.  All rights reserved.
// 
// ==--==
//  PolicyStatement.cs 
// 
// [....]
// 
//  Represents the policy associated with some piece of evidence
//

namespace System.Security.Policy { 

    using System; 
    using System.Security; 
    using System.Security.Util;
    using Math = System.Math; 
    using System.Collections;
    using System.Collections.Generic;
    using System.Security.Permissions;
    using System.Text; 
    using System.Globalization;
[Serializable] 
    [Flags] 
[System.Runtime.InteropServices.ComVisible(true)]
    public enum PolicyStatementAttribute 
    {
        Nothing = 0x0,
        Exclusive = 0x01,
        LevelFinal = 0x02, 
        All = 0x03,
    } 
 
    [Serializable]
    [System.Runtime.InteropServices.ComVisible(true)] 
    sealed public class PolicyStatement : ISecurityPolicyEncodable, ISecurityEncodable
    {
        // The PermissionSet associated with this policy
        internal PermissionSet m_permSet; 

#if FEATURE_CAS_POLICY 
        // Evidence which was not verified but which was required to generate this policy statement. 
        // This is not serialized, since once we serialize we lose the ability to verify the evidence,
        // meaning that restoring this state is meaningless. 
        [NonSerialized]
        private List m_dependentEvidence;
#endif
 
        // The bitfield of inheritance properties associated with this policy
        internal PolicyStatementAttribute m_attributes; 
 
        internal PolicyStatement()
        { 
            m_permSet = null;
            m_attributes = PolicyStatementAttribute.Nothing;
        }
 
        public PolicyStatement( PermissionSet permSet )
            : this( permSet, PolicyStatementAttribute.Nothing ) 
        { 
        }
 
        public PolicyStatement( PermissionSet permSet, PolicyStatementAttribute attributes )
        {
            if (permSet == null)
            { 
                m_permSet = new PermissionSet( false );
            } 
            else 
            {
                m_permSet = permSet.Copy(); 
            }
            if (ValidProperties( attributes ))
            {
                m_attributes = attributes; 
            }
        } 
 
        private PolicyStatement( PermissionSet permSet, PolicyStatementAttribute attributes, bool copy )
        { 
            if (permSet != null)
            {
                if (copy)
                    m_permSet = permSet.Copy(); 
                else
                    m_permSet = permSet; 
            } 
            else
            { 
                m_permSet = new PermissionSet( false );
            }

            m_attributes = attributes; 
        }
 
        public PermissionSet PermissionSet 
        {
            get 
            {
                lock (this)
                {
                    return m_permSet.Copy(); 
                }
            } 
 
            set
            { 
                lock (this)
                {
                    if (value == null)
                    { 
                        m_permSet = new PermissionSet( false );
                    } 
                    else 
                    {
                        m_permSet = value.Copy(); 
                    }
                }
            }
        } 

        internal void SetPermissionSetNoCopy( PermissionSet permSet ) 
        { 
            m_permSet = permSet;
        } 

        internal PermissionSet GetPermissionSetNoCopy()
        {
            lock (this) 
            {
                return m_permSet; 
            } 
        }
 
        public PolicyStatementAttribute Attributes
        {
            get
            { 
                return m_attributes;
            } 
 
            set
            { 
                if (ValidProperties( value ))
                {
                    m_attributes = value;
                } 
            }
        } 
 
        public PolicyStatement Copy()
        { 
            PolicyStatement copy = new PolicyStatement(m_permSet, Attributes, true); // The PolicyStatement .ctor will copy the permission set
#if FEATURE_CAS_POLICY
            if (HasDependentEvidence)
            { 
                copy.m_dependentEvidence = new List(m_dependentEvidence);
            } 
#endif 

            return copy; 
        }

        public String AttributeString
        { 
            get
            { 
                StringBuilder sb = new StringBuilder(); 

                bool first = true; 

                if (GetFlag((int) PolicyStatementAttribute.Exclusive ))
                {
                    sb.Append( "Exclusive" ); 
                    first = false;
                } 
                if (GetFlag((int) PolicyStatementAttribute.LevelFinal )) 
                {
                    if (!first) 
                        sb.Append( " " );
                    sb.Append( "LevelFinal" );
                }
 
                return sb.ToString();
            } 
        } 

        private static bool ValidProperties( PolicyStatementAttribute attributes ) 
        {
            if ((attributes & ~(PolicyStatementAttribute.All)) == 0)
            {
                return true; 
            }
            else 
            { 
                throw new ArgumentException( Environment.GetResourceString( "Argument_InvalidFlag" ) );
            } 
        }

        private bool GetFlag( int flag )
        { 
            return (flag & (int)m_attributes) != 0;
        } 
 
#if FEATURE_CAS_POLICY
        ///  
        ///     Gets all of the delay evaluated evidence which needs to be verified before this policy can
        ///     be used.
        /// 
        internal IEnumerable DependentEvidence 
        {
            get 
            { 
                BCLDebug.Assert(HasDependentEvidence, "HasDependentEvidence");
                return m_dependentEvidence.AsReadOnly(); 
            }
        }

        ///  
        ///     Determine if this policy dependent upon the evaluation of any delay evaluated evidence
        ///  
        internal bool HasDependentEvidence 
        {
            get { return m_dependentEvidence != null && m_dependentEvidence.Count > 0; } 
        }

        /// 
        ///     Add evidence which this policy statement is depending upon being verified to be valid. 
        /// 
        internal void AddDependentEvidence(IDelayEvaluatedEvidence dependentEvidence) 
        { 
            BCLDebug.Assert(dependentEvidence != null, "dependentEvidence != null");
 
            if (m_dependentEvidence == null)
            {
                m_dependentEvidence = new List();
            } 

            m_dependentEvidence.Add(dependentEvidence); 
        } 
#endif
 
        /// 
        ///     Union a child policy statement into this policy statement
        /// 
        internal void InplaceUnion(PolicyStatement childPolicy) 
        {
            BCLDebug.Assert(childPolicy != null, "childPolicy != null"); 
 
            if (((Attributes & childPolicy.Attributes) & PolicyStatementAttribute.Exclusive) == PolicyStatementAttribute.Exclusive)
            { 
                throw new PolicyException(Environment.GetResourceString( "Policy_MultipleExclusive" ));
            }

#if FEATURE_CAS_POLICY 
            // If our code group generated a grant set based upon unverified evidence, or it generated a grant
            // set strictly less than that of a child group based upon unverified evidence, we need to keep 
            // track of any unverified evidence our child group has. 
            if (childPolicy.HasDependentEvidence)
            { 
                bool childEvidenceNeedsVerification = m_permSet.IsSubsetOf(childPolicy.GetPermissionSetNoCopy()) &&
                                                      !childPolicy.GetPermissionSetNoCopy().IsSubsetOf(m_permSet);

                if (HasDependentEvidence || childEvidenceNeedsVerification) 
                {
                    if (m_dependentEvidence == null) 
                    { 
                        m_dependentEvidence = new List();
                    } 

                    m_dependentEvidence.AddRange(childPolicy.DependentEvidence);
                }
            } 
#endif
 
            // We need to merge together our grant set and attributes.  The result of this merge is 
            // dependent upon if we're merging a child marked exclusive or not.  If the child is not
            // exclusive, we need to union in its grant set and or in its attributes. However, if the child 
            // is exclusive then it is the only code group which should have an effect on the resulting
            // grant set and therefore our grant should be ignored.
            if ((childPolicy.Attributes & PolicyStatementAttribute.Exclusive) == PolicyStatementAttribute.Exclusive)
            { 
                m_permSet = childPolicy.GetPermissionSetNoCopy();
                Attributes = childPolicy.Attributes; 
            } 
            else
            { 
                m_permSet.InplaceUnion(childPolicy.GetPermissionSetNoCopy());
                Attributes = Attributes | childPolicy.Attributes;
            }
        } 

#if FEATURE_CAS_POLICY 
 
        [System.Security.SecuritySafeCritical]  // auto-generated
        public SecurityElement ToXml() 
        {
            return ToXml( null );
        }
 
        [System.Security.SecuritySafeCritical]  // auto-generated
        public void FromXml( SecurityElement et ) 
        { 
            FromXml( et, null );
        } 

        [System.Security.SecuritySafeCritical]  // auto-generated
        public SecurityElement ToXml( PolicyLevel level )
        { 
            return ToXml( level, false );
        } 
 
        internal SecurityElement ToXml( PolicyLevel level, bool useInternal )
        { 
            SecurityElement e = new SecurityElement( "PolicyStatement" );
            e.AddAttribute( "version", "1" );
            if (m_attributes != PolicyStatementAttribute.Nothing)
                e.AddAttribute( "Attributes", XMLUtil.BitFieldEnumToString( typeof( PolicyStatementAttribute ), m_attributes ) ); 

            lock (this) 
            { 
                if (m_permSet != null)
                { 
                    if (m_permSet is NamedPermissionSet)
                    {
                        // If the named permission set exists in the parent level of this
                        // policy struct, then just save the name of the permission set. 
                        // Otherwise, serialize it like normal.
 
                        NamedPermissionSet namedPermSet = (NamedPermissionSet)m_permSet; 
                        if (level != null && level.GetNamedPermissionSet( namedPermSet.Name ) != null)
                        { 
                            e.AddAttribute( "PermissionSetName", namedPermSet.Name );
                        }
                        else
                        { 
                            if (useInternal)
                                e.AddChild( namedPermSet.InternalToXml() ); 
                            else 
                                e.AddChild( namedPermSet.ToXml() );
                        } 
                    }
                    else
                    {
                        if (useInternal) 
                            e.AddChild( m_permSet.InternalToXml() );
                        else 
                            e.AddChild( m_permSet.ToXml() ); 
                    }
                } 
            }

            return e;
        } 

        [System.Security.SecuritySafeCritical]  // auto-generated 
        public void FromXml( SecurityElement et, PolicyLevel level ) 
        {
            FromXml( et, level, false ); 
        }

        [System.Security.SecurityCritical]  // auto-generated
        internal void FromXml( SecurityElement et, PolicyLevel level, bool allowInternalOnly ) 
        {
            if (et == null) 
                throw new ArgumentNullException( "et" ); 

            if (!et.Tag.Equals( "PolicyStatement" )) 
                throw new ArgumentException( String.Format( CultureInfo.CurrentCulture, Environment.GetResourceString( "Argument_InvalidXMLElement" ),  "PolicyStatement", this.GetType().FullName ) );
            Contract.EndContractBlock();

            m_attributes = (PolicyStatementAttribute) 0; 

            String strAttributes = et.Attribute( "Attributes" ); 
 
            if (strAttributes != null)
                m_attributes = (PolicyStatementAttribute)Enum.Parse( typeof( PolicyStatementAttribute ), strAttributes ); 

            lock (this)
            {
                m_permSet = null; 

                if (level != null) 
                { 
                    String permSetName = et.Attribute( "PermissionSetName" );
 
                    if (permSetName != null)
                    {
                        m_permSet = level.GetNamedPermissionSetInternal( permSetName );
 
                        if (m_permSet == null)
                            m_permSet = new PermissionSet( PermissionState.None ); 
                    } 
                }
 

                if (m_permSet == null)
                {
                    // There is no provided level, it is not a named permission set, or 
                    // the named permission set doesn't exist in the provided level,
                    // so just create the class through reflection and decode normally. 
 
                    SecurityElement e = et.SearchForChildByTag( "PermissionSet" );
 
                    if (e != null)
                    {
                        String className = e.Attribute( "class" );
 
                        if (className != null && (className.Equals( "NamedPermissionSet" ) ||
                                                  className.Equals( "System.Security.NamedPermissionSet" ))) 
                            m_permSet = new NamedPermissionSet( "DefaultName", PermissionState.None ); 
                        else
                            m_permSet = new PermissionSet( PermissionState.None ); 

                        try
                        {
                            m_permSet.FromXml( e, allowInternalOnly, true ); 
                        }
                        catch 
                        { 
                            // ignore any exceptions from the decode process.
                            // Note: we go ahead and use the permission set anyway.  This should be safe since 
                            // the decode process should never give permission beyond what a proper decode would have
                            // given.
                        }
                    } 
                    else
                    { 
                        throw new ArgumentException( Environment.GetResourceString( "Argument_InvalidXML" ) ); 
                    }
                } 

                if (m_permSet == null)
                    m_permSet = new PermissionSet( PermissionState.None );
            } 
        }
 
 
        [System.Security.SecurityCritical]  // auto-generated
        internal void FromXml( SecurityDocument doc, int position, PolicyLevel level, bool allowInternalOnly ) 
        {
            if (doc == null)
                throw new ArgumentNullException( "doc" );
            Contract.EndContractBlock(); 

            if (!doc.GetTagForElement( position ).Equals( "PolicyStatement" )) 
                throw new ArgumentException( String.Format( CultureInfo.CurrentCulture, Environment.GetResourceString( "Argument_InvalidXMLElement" ),  "PolicyStatement", this.GetType().FullName ) ); 

            m_attributes = (PolicyStatementAttribute) 0; 

            String strAttributes = doc.GetAttributeForElement( position, "Attributes" );

            if (strAttributes != null) 
                m_attributes = (PolicyStatementAttribute)Enum.Parse( typeof( PolicyStatementAttribute ), strAttributes );
 
            lock (this) 
            {
                m_permSet = null; 

                if (level != null)
                {
                    String permSetName = doc.GetAttributeForElement( position, "PermissionSetName" ); 

                    if (permSetName != null) 
                    { 
                        m_permSet = level.GetNamedPermissionSetInternal( permSetName );
 
                        if (m_permSet == null)
                            m_permSet = new PermissionSet( PermissionState.None );
                    }
                } 

 
                if (m_permSet == null) 
                {
                    // There is no provided level, it is not a named permission set, or 
                    // the named permission set doesn't exist in the provided level,
                    // so just create the class through reflection and decode normally.

                    ArrayList childPositions = doc.GetChildrenPositionForElement( position ); 
                    int positionPermissionSet = -1;
 
                    for (int i = 0; i < childPositions.Count; ++i) 
                    {
                        if (doc.GetTagForElement( (int)childPositions[i] ).Equals( "PermissionSet" )) 
                        {
                            positionPermissionSet = (int)childPositions[i];
                        }
                    } 

                    if (positionPermissionSet != -1) 
                    { 
                        String className = doc.GetAttributeForElement( positionPermissionSet, "class" );
 
                        if (className != null && (className.Equals( "NamedPermissionSet" ) ||
                                                  className.Equals( "System.Security.NamedPermissionSet" )))
                            m_permSet = new NamedPermissionSet( "DefaultName", PermissionState.None );
                        else 
                            m_permSet = new PermissionSet( PermissionState.None );
 
                        m_permSet.FromXml( doc, positionPermissionSet, allowInternalOnly ); 
                    }
                    else 
                    {
                        throw new ArgumentException( Environment.GetResourceString( "Argument_InvalidXML" ) );
                    }
                } 

                if (m_permSet == null) 
                    m_permSet = new PermissionSet( PermissionState.None ); 
            }
        } 
#endif // FEATURE_CAS_POLICY


        [System.Runtime.InteropServices.ComVisible(false)] 
        public override bool Equals( Object obj )
        { 
            PolicyStatement other = obj as PolicyStatement; 

            if (other == null) 
                return false;

            if (this.m_attributes != other.m_attributes)
                return false; 

            if (!Object.Equals( this.m_permSet, other.m_permSet )) 
                return false; 

            return true; 
        }

        [System.Runtime.InteropServices.ComVisible(false)]
        public override int GetHashCode() 
        {
            int accumulator = (int)this.m_attributes; 
 
            if (m_permSet != null)
                accumulator = accumulator ^ m_permSet.GetHashCode(); 

            return accumulator;
        }
 
    }
} 
 

// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// Copyright (c) Microsoft Corporation. All rights reserved.
                        

Link Menu

Network programming in C#, Network Programming in VB.NET, Network Programming in .NET
This book is available now!
Buy at Amazon US or
Buy at Amazon UK