diff options
Diffstat (limited to 'src/mscorlib/src/System/Security/Permissions')
21 files changed, 0 insertions, 6518 deletions
diff --git a/src/mscorlib/src/System/Security/Permissions/EnvironmentPermission.cs b/src/mscorlib/src/System/Security/Permissions/EnvironmentPermission.cs deleted file mode 100644 index 567fe513c0..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/EnvironmentPermission.cs +++ /dev/null @@ -1,347 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -namespace System.Security.Permissions { - using System.Security; - using System; - using SecurityElement = System.Security.SecurityElement; - using System.Security.Util; - using System.IO; - using System.Globalization; - using System.Diagnostics.Contracts; - - [Serializable] - [Flags] - [System.Runtime.InteropServices.ComVisible(true)] - public enum EnvironmentPermissionAccess - { - NoAccess = 0x00, - Read = 0x01, - Write = 0x02, - AllAccess = 0x03, - } - - [Serializable] - internal class EnvironmentStringExpressionSet : StringExpressionSet - { - public EnvironmentStringExpressionSet() - : base( true, null, false ) - { - } - - public EnvironmentStringExpressionSet( String str ) - : base( true, str, false ) - { - } - - protected override StringExpressionSet CreateNewEmpty() - { - return new EnvironmentStringExpressionSet(); - } - - protected override bool StringSubsetString( String left, String right, bool ignoreCase ) - { - return (ignoreCase?(String.Compare( left, right, StringComparison.OrdinalIgnoreCase) == 0): - (String.Compare( left, right, StringComparison.Ordinal) == 0)); - } - - protected override String ProcessWholeString( String str ) - { - return str; - } - - protected override String ProcessSingleString( String str ) - { - return str; - } - - public override string ToString() - { - // SafeCritical: we're not storing path information in the strings, so exposing them out is fine ... - // they're just the same strings that came in to the .ctor. - return base.UnsafeToString(); - } - } - -[System.Runtime.InteropServices.ComVisible(true)] - [Serializable] - sealed public class EnvironmentPermission : CodeAccessPermission, IUnrestrictedPermission, IBuiltInPermission - { - private StringExpressionSet m_read; - private StringExpressionSet m_write; - private bool m_unrestricted; - - public EnvironmentPermission(PermissionState state) - { - if (state == PermissionState.Unrestricted) - m_unrestricted = true; - else if (state == PermissionState.None) - m_unrestricted = false; - else - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPermissionState")); - } - - public EnvironmentPermission( EnvironmentPermissionAccess flag, String pathList ) - { - SetPathList( flag, pathList ); - } - - public void SetPathList( EnvironmentPermissionAccess flag, String pathList ) - { - VerifyFlag( flag ); - - m_unrestricted = false; - - if ((flag & EnvironmentPermissionAccess.Read) != 0) - m_read = null; - - if ((flag & EnvironmentPermissionAccess.Write) != 0) - m_write = null; - - AddPathList( flag, pathList ); - } - - public void AddPathList( EnvironmentPermissionAccess flag, String pathList ) - { - VerifyFlag( flag ); - - if (FlagIsSet( flag, EnvironmentPermissionAccess.Read )) - { - if (m_read == null) - m_read = new EnvironmentStringExpressionSet(); - m_read.AddExpressions( pathList ); - } - - if (FlagIsSet( flag, EnvironmentPermissionAccess.Write )) - { - if (m_write == null) - m_write = new EnvironmentStringExpressionSet(); - m_write.AddExpressions( pathList ); - } - - } - - public String GetPathList( EnvironmentPermissionAccess flag ) - { - VerifyFlag( flag ); - ExclusiveFlag( flag ); - - if (FlagIsSet( flag, EnvironmentPermissionAccess.Read )) - { - if (m_read == null) - { - return ""; - } - return m_read.ToString(); - } - - if (FlagIsSet( flag, EnvironmentPermissionAccess.Write )) - { - if (m_write == null) - { - return ""; - } - return m_write.ToString(); - } - - /* not reached */ - - return ""; - } - - - private void VerifyFlag( EnvironmentPermissionAccess flag ) - { - if ((flag & ~EnvironmentPermissionAccess.AllAccess) != 0) - throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)flag)); - Contract.EndContractBlock(); - } - - private void ExclusiveFlag( EnvironmentPermissionAccess flag ) - { - if (flag == EnvironmentPermissionAccess.NoAccess) - { - throw new ArgumentException( Environment.GetResourceString("Arg_EnumNotSingleFlag") ); - } - - if (((int)flag & ((int)flag-1)) != 0) - { - throw new ArgumentException( Environment.GetResourceString("Arg_EnumNotSingleFlag") ); - } - Contract.EndContractBlock(); - } - - - private bool FlagIsSet( EnvironmentPermissionAccess flag, EnvironmentPermissionAccess question ) - { - return (flag & question) != 0; - } - - private bool IsEmpty() - { - return (!m_unrestricted && - (this.m_read == null || this.m_read.IsEmpty()) && - (this.m_write == null || this.m_write.IsEmpty())); - } - - //------------------------------------------------------ - // - // CODEACCESSPERMISSION IMPLEMENTATION - // - //------------------------------------------------------ - - public bool IsUnrestricted() - { - return m_unrestricted; - } - - //------------------------------------------------------ - // - // IPERMISSION IMPLEMENTATION - // - //------------------------------------------------------ - - public override bool IsSubsetOf(IPermission target) - { - if (target == null) - { - return this.IsEmpty(); - } - - try - { - EnvironmentPermission operand = (EnvironmentPermission)target; - if (operand.IsUnrestricted()) - return true; - else if (this.IsUnrestricted()) - return false; - else - return ((this.m_read == null || this.m_read.IsSubsetOf( operand.m_read )) && - (this.m_write == null || this.m_write.IsSubsetOf( operand.m_write ))); - } - catch (InvalidCastException) - { - throw new - ArgumentException( - Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) - ); - } - } - - public override IPermission Intersect(IPermission target) - { - if (target == null) - { - return null; - } - else if (!VerifyType(target)) - { - throw new - ArgumentException( - Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) - ); - } - else if (this.IsUnrestricted()) - { - return target.Copy(); - } - - EnvironmentPermission operand = (EnvironmentPermission)target; - - if (operand.IsUnrestricted()) - { - return this.Copy(); - } - - StringExpressionSet intersectRead = this.m_read == null ? null : this.m_read.Intersect( operand.m_read ); - StringExpressionSet intersectWrite = this.m_write == null ? null : this.m_write.Intersect( operand.m_write ); - - if ((intersectRead == null || intersectRead.IsEmpty()) && - (intersectWrite == null || intersectWrite.IsEmpty())) - { - return null; - } - - EnvironmentPermission intersectPermission = new EnvironmentPermission(PermissionState.None); - intersectPermission.m_unrestricted = false; - intersectPermission.m_read = intersectRead; - intersectPermission.m_write = intersectWrite; - - return intersectPermission; - } - - public override IPermission Union(IPermission other) - { - if (other == null) - { - return this.Copy(); - } - else if (!VerifyType(other)) - { - throw new - ArgumentException( - Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) - ); - } - - EnvironmentPermission operand = (EnvironmentPermission)other; - - if (this.IsUnrestricted() || operand.IsUnrestricted()) - { - return new EnvironmentPermission( PermissionState.Unrestricted ); - } - - StringExpressionSet unionRead = this.m_read == null ? operand.m_read : this.m_read.Union( operand.m_read ); - StringExpressionSet unionWrite = this.m_write == null ? operand.m_write : this.m_write.Union( operand.m_write ); - - if ((unionRead == null || unionRead.IsEmpty()) && - (unionWrite == null || unionWrite.IsEmpty())) - { - return null; - } - - EnvironmentPermission unionPermission = new EnvironmentPermission(PermissionState.None); - unionPermission.m_unrestricted = false; - unionPermission.m_read = unionRead; - unionPermission.m_write = unionWrite; - - return unionPermission; - } - - public override IPermission Copy() - { - EnvironmentPermission copy = new EnvironmentPermission(PermissionState.None); - if (this.m_unrestricted) - { - copy.m_unrestricted = true; - } - else - { - copy.m_unrestricted = false; - if (this.m_read != null) - { - copy.m_read = this.m_read.Copy(); - } - if (this.m_write != null) - { - copy.m_write = this.m_write.Copy(); - } - - } - return copy; - } - - /// <internalonly/> - int IBuiltInPermission.GetTokenIndex() - { - return EnvironmentPermission.GetTokenIndex(); - } - - internal static int GetTokenIndex() - { - return BuiltInPermissionIndex.EnvironmentPermissionIndex; - } - } - -} diff --git a/src/mscorlib/src/System/Security/Permissions/FileDialogPermission.cs b/src/mscorlib/src/System/Security/Permissions/FileDialogPermission.cs deleted file mode 100644 index 98a7d54c68..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/FileDialogPermission.cs +++ /dev/null @@ -1,158 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -namespace System.Security.Permissions { - using System; - using System.Text; - using System.Security; - using System.Security.Util; - using System.IO; - using System.Runtime.Serialization; - using System.Reflection; - using System.Collections; - using System.Globalization; - using System.Diagnostics.Contracts; - -[Serializable] -[Flags] -[System.Runtime.InteropServices.ComVisible(true)] - public enum FileDialogPermissionAccess { - None = 0x00, - - Open = 0x01, - - Save = 0x02, - - OpenSave = Open | Save - - } - - [Serializable] -[System.Runtime.InteropServices.ComVisible(true)] - public sealed class FileDialogPermission : CodeAccessPermission, IUnrestrictedPermission, IBuiltInPermission { - FileDialogPermissionAccess access; - - public FileDialogPermission(PermissionState state) { - if (state == PermissionState.Unrestricted) { - SetUnrestricted(true); - } - else if (state == PermissionState.None) { - SetUnrestricted(false); - Reset(); - } - else { - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPermissionState")); - } - } - - public FileDialogPermission(FileDialogPermissionAccess access) { - VerifyAccess(access); - this.access = access; - } - - public FileDialogPermissionAccess Access { - get { - return access; - } - - set { - VerifyAccess(value); - access = value; - } - } - - public override IPermission Copy() { - return new FileDialogPermission(this.access); - } - - /// <internalonly/> - int IBuiltInPermission.GetTokenIndex() { - return FileDialogPermission.GetTokenIndex(); - } - - internal static int GetTokenIndex() { - return BuiltInPermissionIndex.FileDialogPermissionIndex; - } - - public override IPermission Intersect(IPermission target) { - if (target == null) { - return null; - } - else if (!VerifyType(target)) { - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - } - - FileDialogPermission operand = (FileDialogPermission)target; - - FileDialogPermissionAccess intersectAccess = access & operand.Access; - - if (intersectAccess == FileDialogPermissionAccess.None) - return null; - else - return new FileDialogPermission(intersectAccess); - } - - public override bool IsSubsetOf(IPermission target) { - if (target == null) { - // Only safe subset if this is empty - return access == FileDialogPermissionAccess.None; - } - - try { - FileDialogPermission operand = (FileDialogPermission)target; - if (operand.IsUnrestricted()) { - return true; - } - else if (this.IsUnrestricted()) { - return false; - } - else { - int open = (int)(access & FileDialogPermissionAccess.Open); - int save = (int)(access & FileDialogPermissionAccess.Save); - int openTarget = (int)(operand.Access & FileDialogPermissionAccess.Open); - int saveTarget = (int)(operand.Access & FileDialogPermissionAccess.Save); - - return open <= openTarget && save <= saveTarget; - } - } - catch (InvalidCastException) { - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - } - - } - - public bool IsUnrestricted() { - return access == FileDialogPermissionAccess.OpenSave; - } - - void Reset() { - access = FileDialogPermissionAccess.None; - } - - void SetUnrestricted( bool unrestricted ) { - if (unrestricted) { - access = FileDialogPermissionAccess.OpenSave; - } - } - - public override IPermission Union(IPermission target) { - if (target == null) { - return this.Copy(); - } - else if (!VerifyType(target)) { - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - } - - FileDialogPermission operand = (FileDialogPermission)target; - return new FileDialogPermission(access | operand.Access); - } - - static void VerifyAccess(FileDialogPermissionAccess access) { - if ((access & ~FileDialogPermissionAccess.OpenSave) != 0 ) { - throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)access)); - } - Contract.EndContractBlock(); - } - } -} diff --git a/src/mscorlib/src/System/Security/Permissions/FileIOPermission.cs b/src/mscorlib/src/System/Security/Permissions/FileIOPermission.cs deleted file mode 100644 index 34b9f1ef80..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/FileIOPermission.cs +++ /dev/null @@ -1,1216 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -namespace System.Security.Permissions -{ - using System; - using System.Runtime.CompilerServices; - using System.Runtime.InteropServices; - using System.Security.AccessControl; - using System.Security.Util; - using System.IO; - using System.Collections; - using System.Globalization; - using System.Runtime.Serialization; - using System.Runtime.Versioning; - using System.Diagnostics; - using System.Diagnostics.Contracts; - - [Serializable] - [Flags] - [System.Runtime.InteropServices.ComVisible(true)] - public enum FileIOPermissionAccess - { - NoAccess = 0x00, - Read = 0x01, - Write = 0x02, - Append = 0x04, - PathDiscovery = 0x08, - AllAccess = 0x0F, - } - - [System.Runtime.InteropServices.ComVisible(true)] - [Serializable] - sealed public class FileIOPermission : CodeAccessPermission, IUnrestrictedPermission, IBuiltInPermission - { - private FileIOAccess m_read; - private FileIOAccess m_write; - private FileIOAccess m_append; - private FileIOAccess m_pathDiscovery; - [OptionalField(VersionAdded = 2)] - private FileIOAccess m_viewAcl; - [OptionalField(VersionAdded = 2)] - private FileIOAccess m_changeAcl; - private bool m_unrestricted; - - public FileIOPermission(PermissionState state) - { - if (state == PermissionState.Unrestricted) - { - m_unrestricted = true; - } - else if (state == PermissionState.None) - { - m_unrestricted = false; - } - else - { - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPermissionState")); - } - } - - public FileIOPermission( FileIOPermissionAccess access, String path ) - { - VerifyAccess( access ); - - String[] pathList = new String[] { path }; - AddPathList( access, pathList, false, true, false ); - } - - public FileIOPermission( FileIOPermissionAccess access, String[] pathList ) - { - VerifyAccess( access ); - - AddPathList( access, pathList, false, true, false ); - } - - internal FileIOPermission( FileIOPermissionAccess access, String[] pathList, bool checkForDuplicates, bool needFullPath ) - { - VerifyAccess( access ); - - AddPathList( access, pathList, checkForDuplicates, needFullPath, true ); - } - - public void SetPathList( FileIOPermissionAccess access, String path ) - { - String[] pathList; - if(path == null) - pathList = new String[] {}; - else - pathList = new String[] { path }; - SetPathList( access, pathList, false ); - } - - public void SetPathList( FileIOPermissionAccess access, String[] pathList ) - { - SetPathList( access, pathList, true ); - } - - internal void SetPathList( FileIOPermissionAccess access, - String[] pathList, bool checkForDuplicates ) - { - SetPathList( access, AccessControlActions.None, pathList, checkForDuplicates ); - } - - internal void SetPathList( FileIOPermissionAccess access, AccessControlActions control, String[] pathList, bool checkForDuplicates ) - { - VerifyAccess( access ); - - if ((access & FileIOPermissionAccess.Read) != 0) - m_read = null; - - if ((access & FileIOPermissionAccess.Write) != 0) - m_write = null; - - if ((access & FileIOPermissionAccess.Append) != 0) - m_append = null; - - if ((access & FileIOPermissionAccess.PathDiscovery) != 0) - m_pathDiscovery = null; - - m_viewAcl = null; - m_changeAcl = null; - m_unrestricted = false; - - AddPathList( access, pathList, checkForDuplicates, true, true ); - } - - public void AddPathList( FileIOPermissionAccess access, String path ) - { - String[] pathList; - if(path == null) - pathList = new String[] {}; - else - pathList = new String[] { path }; - AddPathList( access, pathList, false, true, false ); - } - - public void AddPathList( FileIOPermissionAccess access, String[] pathList ) - { - AddPathList( access, pathList, true, true, true ); - } - - internal void AddPathList( FileIOPermissionAccess access, String[] pathListOrig, bool checkForDuplicates, bool needFullPath, bool copyPathList ) - { - AddPathList( access, AccessControlActions.None, pathListOrig, checkForDuplicates, needFullPath, copyPathList ); - } - - internal void AddPathList(FileIOPermissionAccess access, AccessControlActions control, String[] pathListOrig, bool checkForDuplicates, bool needFullPath, bool copyPathList) - { - if (pathListOrig == null) - { - throw new ArgumentNullException( "pathList" ); - } - if (pathListOrig.Length == 0) - { - throw new ArgumentException( Environment.GetResourceString("Argument_EmptyPath" )); - } - Contract.EndContractBlock(); - - VerifyAccess(access); - - if (m_unrestricted) - return; - - String[] pathList = pathListOrig; - if(copyPathList) - { - // Make a copy of pathList (in case its value changes after we check for illegal chars) - pathList = new String[pathListOrig.Length]; - Array.Copy(pathListOrig, pathList, pathListOrig.Length); - } - - ArrayList pathArrayList = StringExpressionSet.CreateListFromExpressions(pathList, needFullPath); - - // If we need the full path the standard illegal characters will be checked in StringExpressionSet. - CheckIllegalCharacters(pathList, onlyCheckExtras: needFullPath); - - // StringExpressionSet will do minor normalization, trimming spaces and replacing alternate - // directory separators. It will make an attemt to expand short file names and will check - // for standard colon placement. - // - // If needFullPath is true it will call NormalizePath- which performs short name expansion - // and does the normal validity checks. - - if ((access & FileIOPermissionAccess.Read) != 0) - { - if (m_read == null) - { - m_read = new FileIOAccess(); - } - m_read.AddExpressions( pathArrayList, checkForDuplicates); - } - - if ((access & FileIOPermissionAccess.Write) != 0) - { - if (m_write == null) - { - m_write = new FileIOAccess(); - } - m_write.AddExpressions( pathArrayList, checkForDuplicates); - } - - if ((access & FileIOPermissionAccess.Append) != 0) - { - if (m_append == null) - { - m_append = new FileIOAccess(); - } - m_append.AddExpressions( pathArrayList, checkForDuplicates); - } - - if ((access & FileIOPermissionAccess.PathDiscovery) != 0) - { - if (m_pathDiscovery == null) - { - m_pathDiscovery = new FileIOAccess( true ); - } - m_pathDiscovery.AddExpressions( pathArrayList, checkForDuplicates); - } - } - - public String[] GetPathList( FileIOPermissionAccess access ) - { - VerifyAccess( access ); - ExclusiveAccess( access ); - - if (AccessIsSet( access, FileIOPermissionAccess.Read )) - { - if (m_read == null) - { - return null; - } - return m_read.ToStringArray(); - } - - if (AccessIsSet( access, FileIOPermissionAccess.Write )) - { - if (m_write == null) - { - return null; - } - return m_write.ToStringArray(); - } - - if (AccessIsSet( access, FileIOPermissionAccess.Append )) - { - if (m_append == null) - { - return null; - } - return m_append.ToStringArray(); - } - - if (AccessIsSet( access, FileIOPermissionAccess.PathDiscovery )) - { - if (m_pathDiscovery == null) - { - return null; - } - return m_pathDiscovery.ToStringArray(); - } - - // not reached - - return null; - } - - public FileIOPermissionAccess AllLocalFiles - { - get - { - if (m_unrestricted) - return FileIOPermissionAccess.AllAccess; - - FileIOPermissionAccess access = FileIOPermissionAccess.NoAccess; - - if (m_read != null && m_read.AllLocalFiles) - { - access |= FileIOPermissionAccess.Read; - } - - if (m_write != null && m_write.AllLocalFiles) - { - access |= FileIOPermissionAccess.Write; - } - - if (m_append != null && m_append.AllLocalFiles) - { - access |= FileIOPermissionAccess.Append; - } - - if (m_pathDiscovery != null && m_pathDiscovery.AllLocalFiles) - { - access |= FileIOPermissionAccess.PathDiscovery; - } - - return access; - } - - set - { - if ((value & FileIOPermissionAccess.Read) != 0) - { - if (m_read == null) - m_read = new FileIOAccess(); - - m_read.AllLocalFiles = true; - } - else - { - if (m_read != null) - m_read.AllLocalFiles = false; - } - - if ((value & FileIOPermissionAccess.Write) != 0) - { - if (m_write == null) - m_write = new FileIOAccess(); - - m_write.AllLocalFiles = true; - } - else - { - if (m_write != null) - m_write.AllLocalFiles = false; - } - - if ((value & FileIOPermissionAccess.Append) != 0) - { - if (m_append == null) - m_append = new FileIOAccess(); - - m_append.AllLocalFiles = true; - } - else - { - if (m_append != null) - m_append.AllLocalFiles = false; - } - - if ((value & FileIOPermissionAccess.PathDiscovery) != 0) - { - if (m_pathDiscovery == null) - m_pathDiscovery = new FileIOAccess( true ); - - m_pathDiscovery.AllLocalFiles = true; - } - else - { - if (m_pathDiscovery != null) - m_pathDiscovery.AllLocalFiles = false; - } - - } - } - - public FileIOPermissionAccess AllFiles - { - get - { - if (m_unrestricted) - return FileIOPermissionAccess.AllAccess; - - FileIOPermissionAccess access = FileIOPermissionAccess.NoAccess; - - if (m_read != null && m_read.AllFiles) - { - access |= FileIOPermissionAccess.Read; - } - - if (m_write != null && m_write.AllFiles) - { - access |= FileIOPermissionAccess.Write; - } - - if (m_append != null && m_append.AllFiles) - { - access |= FileIOPermissionAccess.Append; - } - - if (m_pathDiscovery != null && m_pathDiscovery.AllFiles) - { - access |= FileIOPermissionAccess.PathDiscovery; - } - - return access; - } - - set - { - if (value == FileIOPermissionAccess.AllAccess) - { - m_unrestricted = true; - return; - } - - if ((value & FileIOPermissionAccess.Read) != 0) - { - if (m_read == null) - m_read = new FileIOAccess(); - - m_read.AllFiles = true; - } - else - { - if (m_read != null) - m_read.AllFiles = false; - } - - if ((value & FileIOPermissionAccess.Write) != 0) - { - if (m_write == null) - m_write = new FileIOAccess(); - - m_write.AllFiles = true; - } - else - { - if (m_write != null) - m_write.AllFiles = false; - } - - if ((value & FileIOPermissionAccess.Append) != 0) - { - if (m_append == null) - m_append = new FileIOAccess(); - - m_append.AllFiles = true; - } - else - { - if (m_append != null) - m_append.AllFiles = false; - } - - if ((value & FileIOPermissionAccess.PathDiscovery) != 0) - { - if (m_pathDiscovery == null) - m_pathDiscovery = new FileIOAccess( true ); - - m_pathDiscovery.AllFiles = true; - } - else - { - if (m_pathDiscovery != null) - m_pathDiscovery.AllFiles = false; - } - - } - } - - [Pure] - private static void VerifyAccess( FileIOPermissionAccess access ) - { - if ((access & ~FileIOPermissionAccess.AllAccess) != 0) - throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)access)); - } - - [Pure] - private static void ExclusiveAccess( FileIOPermissionAccess access ) - { - if (access == FileIOPermissionAccess.NoAccess) - { - throw new ArgumentException( Environment.GetResourceString("Arg_EnumNotSingleFlag") ); - } - - if (((int) access & ((int)access-1)) != 0) - { - throw new ArgumentException( Environment.GetResourceString("Arg_EnumNotSingleFlag") ); - } - } - - private static void CheckIllegalCharacters(String[] str, bool onlyCheckExtras) - { -#if !PLATFORM_UNIX - for (int i = 0; i < str.Length; ++i) - { - // FileIOPermission doesn't allow for normalizing across various volume names. This means "C:\" and - // "\\?\C:\" won't be considered correctly. In addition there are many other aliases for the volume - // besides "C:" such as (in one concrete example) "\\?\Harddisk0Partition2\", "\\?\HarddiskVolume6\", - // "\\?\Volume{d1655348-0000-0000-0000-f01500000000}\", etc. - // - // We'll continue to explicitly block extended syntax here by disallowing wildcards no matter where - // they occur in the string (e.g. \\?\ isn't ok) - if (CheckExtraPathCharacters(str[i])) - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPathChars")); - - if (!onlyCheckExtras) - PathInternal.CheckInvalidPathChars(str[i]); - } -#else - // There are no "extras" on Unix - if (onlyCheckExtras) - return; - - for (int i = 0; i < str.Length; ++i) - { - PathInternal.CheckInvalidPathChars(str[i]); - } -#endif - } - -#if !PLATFORM_UNIX - /// <summary> - /// Check for ?,* and null, ignoring extended syntax. - /// </summary> - [MethodImpl(MethodImplOptions.AggressiveInlining)] - private unsafe static bool CheckExtraPathCharacters(string path) - { - char currentChar; - for (int i = 0; i < path.Length; i++) - { - currentChar = path[i]; - - // We also check for null here as StringExpressionSet will trim it out. (Ensuring we still throw as we always have.) - if (currentChar == '*' || currentChar == '?' || currentChar == '\0') return true; - } - return false; - } -#endif - - private static bool AccessIsSet( FileIOPermissionAccess access, FileIOPermissionAccess question ) - { - return (access & question) != 0; - } - - private bool IsEmpty() - { - return (!m_unrestricted && - (this.m_read == null || this.m_read.IsEmpty()) && - (this.m_write == null || this.m_write.IsEmpty()) && - (this.m_append == null || this.m_append.IsEmpty()) && - (this.m_pathDiscovery == null || this.m_pathDiscovery.IsEmpty()) && - (this.m_viewAcl == null || this.m_viewAcl.IsEmpty()) && - (this.m_changeAcl == null || this.m_changeAcl.IsEmpty())); - } - - //------------------------------------------------------ - // - // CODEACCESSPERMISSION IMPLEMENTATION - // - //------------------------------------------------------ - - public bool IsUnrestricted() - { - return m_unrestricted; - } - - //------------------------------------------------------ - // - // IPERMISSION IMPLEMENTATION - // - //------------------------------------------------------ - - public override bool IsSubsetOf(IPermission target) - { - if (target == null) - { - return this.IsEmpty(); - } - - FileIOPermission operand = target as FileIOPermission; - if (operand == null) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - - if (operand.IsUnrestricted()) - return true; - else if (this.IsUnrestricted()) - return false; - else - return ((this.m_read == null || this.m_read.IsSubsetOf( operand.m_read )) && - (this.m_write == null || this.m_write.IsSubsetOf( operand.m_write )) && - (this.m_append == null || this.m_append.IsSubsetOf( operand.m_append )) && - (this.m_pathDiscovery == null || this.m_pathDiscovery.IsSubsetOf( operand.m_pathDiscovery )) && - (this.m_viewAcl == null || this.m_viewAcl.IsSubsetOf( operand.m_viewAcl )) && - (this.m_changeAcl == null || this.m_changeAcl.IsSubsetOf( operand.m_changeAcl ))); - } - - public override IPermission Intersect(IPermission target) - { - if (target == null) - { - return null; - } - - FileIOPermission operand = target as FileIOPermission; - - if (operand == null) - { - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - } - else if (this.IsUnrestricted()) - { - return target.Copy(); - } - - if (operand.IsUnrestricted()) - { - return this.Copy(); - } - - FileIOAccess intersectRead = this.m_read == null ? null : this.m_read.Intersect( operand.m_read ); - FileIOAccess intersectWrite = this.m_write == null ? null : this.m_write.Intersect( operand.m_write ); - FileIOAccess intersectAppend = this.m_append == null ? null : this.m_append.Intersect( operand.m_append ); - FileIOAccess intersectPathDiscovery = this.m_pathDiscovery == null ? null : this.m_pathDiscovery.Intersect( operand.m_pathDiscovery ); - FileIOAccess intersectViewAcl = this.m_viewAcl == null ? null : this.m_viewAcl.Intersect( operand.m_viewAcl ); - FileIOAccess intersectChangeAcl = this.m_changeAcl == null ? null : this.m_changeAcl.Intersect( operand.m_changeAcl ); - - if ((intersectRead == null || intersectRead.IsEmpty()) && - (intersectWrite == null || intersectWrite.IsEmpty()) && - (intersectAppend == null || intersectAppend.IsEmpty()) && - (intersectPathDiscovery == null || intersectPathDiscovery.IsEmpty()) && - (intersectViewAcl == null || intersectViewAcl.IsEmpty()) && - (intersectChangeAcl == null || intersectChangeAcl.IsEmpty())) - { - return null; - } - - FileIOPermission intersectPermission = new FileIOPermission(PermissionState.None); - intersectPermission.m_unrestricted = false; - intersectPermission.m_read = intersectRead; - intersectPermission.m_write = intersectWrite; - intersectPermission.m_append = intersectAppend; - intersectPermission.m_pathDiscovery = intersectPathDiscovery; - intersectPermission.m_viewAcl = intersectViewAcl; - intersectPermission.m_changeAcl = intersectChangeAcl; - - return intersectPermission; - } - - public override IPermission Union(IPermission other) - { - if (other == null) - { - return this.Copy(); - } - - FileIOPermission operand = other as FileIOPermission; - - if (operand == null) - { - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - } - - if (this.IsUnrestricted() || operand.IsUnrestricted()) - { - return new FileIOPermission( PermissionState.Unrestricted ); - } - - FileIOAccess unionRead = this.m_read == null ? operand.m_read : this.m_read.Union( operand.m_read ); - FileIOAccess unionWrite = this.m_write == null ? operand.m_write : this.m_write.Union( operand.m_write ); - FileIOAccess unionAppend = this.m_append == null ? operand.m_append : this.m_append.Union( operand.m_append ); - FileIOAccess unionPathDiscovery = this.m_pathDiscovery == null ? operand.m_pathDiscovery : this.m_pathDiscovery.Union( operand.m_pathDiscovery ); - FileIOAccess unionViewAcl = this.m_viewAcl == null ? operand.m_viewAcl : this.m_viewAcl.Union( operand.m_viewAcl ); - FileIOAccess unionChangeAcl = this.m_changeAcl == null ? operand.m_changeAcl : this.m_changeAcl.Union( operand.m_changeAcl ); - - if ((unionRead == null || unionRead.IsEmpty()) && - (unionWrite == null || unionWrite.IsEmpty()) && - (unionAppend == null || unionAppend.IsEmpty()) && - (unionPathDiscovery == null || unionPathDiscovery.IsEmpty()) && - (unionViewAcl == null || unionViewAcl.IsEmpty()) && - (unionChangeAcl == null || unionChangeAcl.IsEmpty())) - { - return null; - } - - FileIOPermission unionPermission = new FileIOPermission(PermissionState.None); - unionPermission.m_unrestricted = false; - unionPermission.m_read = unionRead; - unionPermission.m_write = unionWrite; - unionPermission.m_append = unionAppend; - unionPermission.m_pathDiscovery = unionPathDiscovery; - unionPermission.m_viewAcl = unionViewAcl; - unionPermission.m_changeAcl = unionChangeAcl; - - return unionPermission; - } - - public override IPermission Copy() - { - FileIOPermission copy = new FileIOPermission(PermissionState.None); - if (this.m_unrestricted) - { - copy.m_unrestricted = true; - } - else - { - copy.m_unrestricted = false; - if (this.m_read != null) - { - copy.m_read = this.m_read.Copy(); - } - if (this.m_write != null) - { - copy.m_write = this.m_write.Copy(); - } - if (this.m_append != null) - { - copy.m_append = this.m_append.Copy(); - } - if (this.m_pathDiscovery != null) - { - copy.m_pathDiscovery = this.m_pathDiscovery.Copy(); - } - if (this.m_viewAcl != null) - { - copy.m_viewAcl = this.m_viewAcl.Copy(); - } - if (this.m_changeAcl != null) - { - copy.m_changeAcl = this.m_changeAcl.Copy(); - } - } - return copy; - } - - /// <internalonly/> - int IBuiltInPermission.GetTokenIndex() - { - return FileIOPermission.GetTokenIndex(); - } - - internal static int GetTokenIndex() - { - return BuiltInPermissionIndex.FileIOPermissionIndex; - } - - [System.Runtime.InteropServices.ComVisible(false)] - public override bool Equals(Object obj) - { - FileIOPermission perm = obj as FileIOPermission; - if(perm == null) - return false; - - if(m_unrestricted && perm.m_unrestricted) - return true; - if(m_unrestricted != perm.m_unrestricted) - return false; - - if(m_read == null) - { - if(perm.m_read != null && !perm.m_read.IsEmpty()) - return false; - } - else if(!m_read.Equals(perm.m_read)) - return false; - - if(m_write == null) - { - if(perm.m_write != null && !perm.m_write.IsEmpty()) - return false; - } - else if(!m_write.Equals(perm.m_write)) - return false; - - if(m_append == null) - { - if(perm.m_append != null && !perm.m_append.IsEmpty()) - return false; - } - else if(!m_append.Equals(perm.m_append)) - return false; - - if(m_pathDiscovery == null) - { - if(perm.m_pathDiscovery != null && !perm.m_pathDiscovery.IsEmpty()) - return false; - } - else if(!m_pathDiscovery.Equals(perm.m_pathDiscovery)) - return false; - - if(m_viewAcl == null) - { - if(perm.m_viewAcl != null && !perm.m_viewAcl.IsEmpty()) - return false; - } - else if(!m_viewAcl.Equals(perm.m_viewAcl)) - return false; - - if(m_changeAcl == null) - { - if(perm.m_changeAcl != null && !perm.m_changeAcl.IsEmpty()) - return false; - } - else if(!m_changeAcl.Equals(perm.m_changeAcl)) - return false; - - return true; - } - - [System.Runtime.InteropServices.ComVisible(false)] - public override int GetHashCode() - { - // This implementation is only to silence a compiler warning. - return base.GetHashCode(); - } - - /// <summary> - /// Call this method if you don't need a the FileIOPermission for anything other than calling Demand() once. - /// - /// This method tries to verify full access before allocating a FileIOPermission object. - /// If full access is there, then we still have to emulate the checks that creating the - /// FileIOPermission object would have performed. - /// - /// IMPORTANT: This method should only be used after calling GetFullPath on the path to verify - /// </summary> - internal static void QuickDemand(FileIOPermissionAccess access, string fullPath, bool checkForDuplicates = false, bool needFullPath = false) - { - EmulateFileIOPermissionChecks(fullPath); - } - - /// <summary> - /// Call this method if you don't need a the FileIOPermission for anything other than calling Demand() once. - /// - /// This method tries to verify full access before allocating a FileIOPermission object. - /// If full access is there, then we still have to emulate the checks that creating the - /// FileIOPermission object would have performed. - /// - /// IMPORTANT: This method should only be used after calling GetFullPath on the path to verify - /// - /// </summary> - internal static void QuickDemand(FileIOPermissionAccess access, string[] fullPathList, bool checkForDuplicates = false, bool needFullPath = true) - { - foreach (string fullPath in fullPathList) - { - EmulateFileIOPermissionChecks(fullPath); - } - } - - internal static void QuickDemand(PermissionState state) - { - // Should be a no-op without CAS - } - - /// <summary> - /// Perform the additional path checks that would normally happen when creating a FileIOPermission object. - /// </summary> - /// <param name="fullPath">A path that has already gone through GetFullPath or Normalize</param> - internal static void EmulateFileIOPermissionChecks(string fullPath) - { - // Callers should have already made checks for invalid path format via normalization. This method will only make the - // additional checks needed to throw the same exceptions that would normally throw when using FileIOPermission. - // These checks are done via CheckIllegalCharacters() and StringExpressionSet in AddPathList() above. - -#if !PLATFORM_UNIX - // Checking for colon / invalid characters on device paths blocks legitimate access to objects such as named pipes. - if (!PathInternal.IsDevice(fullPath)) - { - // GetFullPath already checks normal invalid path characters. We need to just check additional (wildcard) characters here. - // (By calling the standard helper we can allow extended paths \\?\ through when the support is enabled.) - if (PathInternal.HasWildCardCharacters(fullPath)) - { - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPathChars")); - } - - if (PathInternal.HasInvalidVolumeSeparator(fullPath)) - { - throw new NotSupportedException(Environment.GetResourceString("Argument_PathFormatNotSupported")); - } - } -#endif // !PLATFORM_UNIX - } - } - - [Serializable] - internal sealed class FileIOAccess - { -#if !FEATURE_CASE_SENSITIVE_FILESYSTEM - private bool m_ignoreCase = true; -#else - private bool m_ignoreCase = false; -#endif // !FEATURE_CASE_SENSITIVE_FILESYSTEM - - private StringExpressionSet m_set; - private bool m_allFiles; - private bool m_allLocalFiles; - private bool m_pathDiscovery; - - private const String m_strAllFiles = "*AllFiles*"; - private const String m_strAllLocalFiles = "*AllLocalFiles*"; - - public FileIOAccess() - { - m_set = new StringExpressionSet( m_ignoreCase, true ); - m_allFiles = false; - m_allLocalFiles = false; - m_pathDiscovery = false; - } - - public FileIOAccess( bool pathDiscovery ) - { - m_set = new StringExpressionSet( m_ignoreCase, true ); - m_allFiles = false; - m_allLocalFiles = false; - m_pathDiscovery = pathDiscovery; - } - - public FileIOAccess( String value ) - { - if (value == null) - { - m_set = new StringExpressionSet( m_ignoreCase, true ); - m_allFiles = false; - m_allLocalFiles = false; - } - else if (value.Length >= m_strAllFiles.Length && String.Compare( m_strAllFiles, value, StringComparison.Ordinal) == 0) - { - m_set = new StringExpressionSet( m_ignoreCase, true ); - m_allFiles = true; - m_allLocalFiles = false; - } - else if (value.Length >= m_strAllLocalFiles.Length && String.Compare( m_strAllLocalFiles, 0, value, 0, m_strAllLocalFiles.Length, StringComparison.Ordinal) == 0) - { - m_set = new StringExpressionSet( m_ignoreCase, value.Substring( m_strAllLocalFiles.Length ), true ); - m_allFiles = false; - m_allLocalFiles = true; - } - else - { - m_set = new StringExpressionSet( m_ignoreCase, value, true ); - m_allFiles = false; - m_allLocalFiles = false; - } - m_pathDiscovery = false; - } - - public FileIOAccess( bool allFiles, bool allLocalFiles, bool pathDiscovery ) - { - m_set = new StringExpressionSet( m_ignoreCase, true ); - m_allFiles = allFiles; - m_allLocalFiles = allLocalFiles; - m_pathDiscovery = pathDiscovery; - } - - public FileIOAccess( StringExpressionSet set, bool allFiles, bool allLocalFiles, bool pathDiscovery ) - { - m_set = set; - m_set.SetThrowOnRelative( true ); - m_allFiles = allFiles; - m_allLocalFiles = allLocalFiles; - m_pathDiscovery = pathDiscovery; - } - - private FileIOAccess( FileIOAccess operand ) - { - m_set = operand.m_set.Copy(); - m_allFiles = operand.m_allFiles; - m_allLocalFiles = operand.m_allLocalFiles; - m_pathDiscovery = operand.m_pathDiscovery; - } - - public void AddExpressions(ArrayList values, bool checkForDuplicates) - { - m_allFiles = false; - m_set.AddExpressions(values, checkForDuplicates); - } - - public bool AllFiles - { - get - { - return m_allFiles; - } - - set - { - m_allFiles = value; - } - } - - public bool AllLocalFiles - { - get - { - return m_allLocalFiles; - } - - set - { - m_allLocalFiles = value; - } - } - - public bool PathDiscovery - { - set - { - m_pathDiscovery = value; - } - } - - public bool IsEmpty() - { - return !m_allFiles && !m_allLocalFiles && (m_set == null || m_set.IsEmpty()); - } - - public FileIOAccess Copy() - { - return new FileIOAccess( this ); - } - - public FileIOAccess Union( FileIOAccess operand ) - { - if (operand == null) - { - return this.IsEmpty() ? null : this.Copy(); - } - - Debug.Assert( this.m_pathDiscovery == operand.m_pathDiscovery, "Path discovery settings must match" ); - - if (this.m_allFiles || operand.m_allFiles) - { - return new FileIOAccess( true, false, this.m_pathDiscovery ); - } - - return new FileIOAccess( this.m_set.Union( operand.m_set ), false, this.m_allLocalFiles || operand.m_allLocalFiles, this.m_pathDiscovery ); - } - - public FileIOAccess Intersect( FileIOAccess operand ) - { - if (operand == null) - { - return null; - } - - Debug.Assert( this.m_pathDiscovery == operand.m_pathDiscovery, "Path discovery settings must match" ); - - if (this.m_allFiles) - { - if (operand.m_allFiles) - { - return new FileIOAccess( true, false, this.m_pathDiscovery ); - } - else - { - return new FileIOAccess( operand.m_set.Copy(), false, operand.m_allLocalFiles, this.m_pathDiscovery ); - } - } - else if (operand.m_allFiles) - { - return new FileIOAccess( this.m_set.Copy(), false, this.m_allLocalFiles, this.m_pathDiscovery ); - } - - StringExpressionSet intersectionSet = new StringExpressionSet( m_ignoreCase, true ); - - if (this.m_allLocalFiles) - { - String[] expressions = operand.m_set.UnsafeToStringArray(); - - if (expressions != null) - { - for (int i = 0; i < expressions.Length; ++i) - { - String root = GetRoot( expressions[i] ); - if (root != null && IsLocalDrive( GetRoot( root ) ) ) - { - intersectionSet.AddExpressions( new String[] { expressions[i] }, true, false ); - } - } - } - } - - if (operand.m_allLocalFiles) - { - String[] expressions = this.m_set.UnsafeToStringArray(); - - if (expressions != null) - { - for (int i = 0; i < expressions.Length; ++i) - { - String root = GetRoot( expressions[i] ); - if (root != null && IsLocalDrive(GetRoot(root))) - { - intersectionSet.AddExpressions( new String[] { expressions[i] }, true, false ); - } - } - } - } - - String[] regularIntersection = this.m_set.Intersect( operand.m_set ).UnsafeToStringArray(); - - if (regularIntersection != null) - intersectionSet.AddExpressions( regularIntersection, !intersectionSet.IsEmpty(), false ); - - return new FileIOAccess( intersectionSet, false, this.m_allLocalFiles && operand.m_allLocalFiles, this.m_pathDiscovery ); - } - - public bool IsSubsetOf( FileIOAccess operand ) - { - if (operand == null) - { - return this.IsEmpty(); - } - - if (operand.m_allFiles) - { - return true; - } - - Debug.Assert( this.m_pathDiscovery == operand.m_pathDiscovery, "Path discovery settings must match" ); - - if (!((m_pathDiscovery && this.m_set.IsSubsetOfPathDiscovery( operand.m_set )) || this.m_set.IsSubsetOf( operand.m_set ))) - { - if (operand.m_allLocalFiles) - { - String[] expressions = m_set.UnsafeToStringArray(); - - for (int i = 0; i < expressions.Length; ++i) - { - String root = GetRoot( expressions[i] ); - if (root == null || !IsLocalDrive(GetRoot(root))) - { - return false; - } - } - } - else - { - return false; - } - } - - return true; - } - - private static String GetRoot( String path ) - { -#if !PLATFORM_UNIX - String str = path.Substring( 0, 3 ); - if (str.EndsWith( ":\\", StringComparison.Ordinal)) -#else - String str = path.Substring( 0, 1 ); - if(str == "/") -#endif // !PLATFORM_UNIX - { - return str; - } - else - { - return null; - } - } - - public override String ToString() - { - // SafeCritical: all string expression sets are constructed with the throwOnRelative bit set, so - // we're only exposing out the same paths that we took as input. - if (m_allFiles) - { - return m_strAllFiles; - } - else - { - if (m_allLocalFiles) - { - String retstr = m_strAllLocalFiles; - - String tempStr = m_set.UnsafeToString(); - - if (tempStr != null && tempStr.Length > 0) - retstr += ";" + tempStr; - - return retstr; - } - else - { - return m_set.UnsafeToString(); - } - } - } - - public String[] ToStringArray() - { - // SafeCritical: all string expression sets are constructed with the throwOnRelative bit set, so - // we're only exposing out the same paths that we took as input. - return m_set.UnsafeToStringArray(); - } - - [DllImport(JitHelpers.QCall, CharSet = CharSet.Unicode)] - [SuppressUnmanagedCodeSecurity] - internal static extern bool IsLocalDrive(String path); - - public override bool Equals(Object obj) - { - FileIOAccess operand = obj as FileIOAccess; - if(operand == null) - return (IsEmpty() && obj == null); - Debug.Assert( this.m_pathDiscovery == operand.m_pathDiscovery, "Path discovery settings must match" ); - if(m_pathDiscovery) - { - if(this.m_allFiles && operand.m_allFiles) - return true; - if(this.m_allLocalFiles == operand.m_allLocalFiles && - m_set.IsSubsetOf(operand.m_set) && - operand.m_set.IsSubsetOf(m_set)) // Watch Out: This calls StringExpressionSet.IsSubsetOf, unlike below - return true; - return false; - } - else - { - if(!this.IsSubsetOf(operand)) // Watch Out: This calls FileIOAccess.IsSubsetOf, unlike above - return false; - if(!operand.IsSubsetOf(this)) - return false; - return true; - } - } - - public override int GetHashCode() - { - // This implementation is only to silence a compiler warning. - return base.GetHashCode(); - } - } -} diff --git a/src/mscorlib/src/System/Security/Permissions/GACIdentityPermission.cs b/src/mscorlib/src/System/Security/Permissions/GACIdentityPermission.cs deleted file mode 100644 index f93f26daa9..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/GACIdentityPermission.cs +++ /dev/null @@ -1,103 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -namespace System.Security.Permissions -{ - using System; - using System.Globalization; - - [AttributeUsage(AttributeTargets.Method | AttributeTargets.Constructor | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Assembly, AllowMultiple = true, Inherited = false )] - [System.Runtime.InteropServices.ComVisible(true)] - [Serializable] -#pragma warning disable 618 - sealed public class GacIdentityPermissionAttribute : CodeAccessSecurityAttribute -#pragma warning restore 618 - { -#pragma warning disable 618 - public GacIdentityPermissionAttribute( SecurityAction action ) -#pragma warning restore 618 - : base( action ) - { - } - - public override IPermission CreatePermission() - { - return new GacIdentityPermission(); - } - } - - - [System.Runtime.InteropServices.ComVisible(true)] - [Serializable] - sealed public class GacIdentityPermission : CodeAccessPermission, IBuiltInPermission - { - //------------------------------------------------------ - // - // PUBLIC CONSTRUCTORS - // - //------------------------------------------------------ - - public GacIdentityPermission(PermissionState state) - { - if (state != PermissionState.Unrestricted && state != PermissionState.None) - { - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPermissionState")); - } - } - - public GacIdentityPermission() - { - } - - //------------------------------------------------------ - // - // IPERMISSION IMPLEMENTATION - // - //------------------------------------------------------ - - - public override IPermission Copy() - { - return new GacIdentityPermission(); - } - - public override bool IsSubsetOf(IPermission target) - { - if (target == null) - return false; - if (!(target is GacIdentityPermission)) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - return true; - } - - public override IPermission Intersect(IPermission target) - { - if (target == null) - return null; - if (!(target is GacIdentityPermission)) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - return this.Copy(); - } - - public override IPermission Union(IPermission target) - { - if (target == null) - return this.Copy(); - if (!(target is GacIdentityPermission)) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - return this.Copy(); - } - - /// <internalonly/> - int IBuiltInPermission.GetTokenIndex() - { - return GacIdentityPermission.GetTokenIndex(); - } - - internal static int GetTokenIndex() - { - return BuiltInPermissionIndex.GacIdentityPermissionIndex; - } - } -} diff --git a/src/mscorlib/src/System/Security/Permissions/HostProtectionPermission.cs b/src/mscorlib/src/System/Security/Permissions/HostProtectionPermission.cs deleted file mode 100644 index c4facbb67e..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/HostProtectionPermission.cs +++ /dev/null @@ -1,265 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -namespace System.Security.Permissions -{ - using System; - using System.IO; - using System.Security.Util; - using System.Text; - using System.Threading; - using System.Runtime.Remoting; - using System.Security; - using System.Runtime.Serialization; - using System.Reflection; - using System.Globalization; - using System.Diagnostics.Contracts; - - // Keep this enum in sync with tools\ngen\ngen.cpp and inc\mscoree.idl - -[Serializable] - [Flags] - [System.Runtime.InteropServices.ComVisible(true)] - public enum HostProtectionResource - { - None = 0x0, - //-------------------------------- - Synchronization = 0x1, - SharedState = 0x2, - ExternalProcessMgmt = 0x4, - SelfAffectingProcessMgmt = 0x8, - ExternalThreading = 0x10, - SelfAffectingThreading = 0x20, - SecurityInfrastructure = 0x40, - UI = 0x80, - MayLeakOnAbort = 0x100, - //--------------------------------- - All = 0x1ff, - } - - [AttributeUsage(AttributeTargets.Method | AttributeTargets.Constructor | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Assembly | AttributeTargets.Delegate, AllowMultiple = true, Inherited = false )] - [System.Runtime.InteropServices.ComVisible(true)] - [Serializable] - // This needs to be in the asmmeta to enable SecAnnotate to successfully resolve and run the security rules. It gets marked - // as internal by BCLRewriter so we are simply marking it as FriendAccessAllowed so it stays in the asmmeta. - [System.Runtime.CompilerServices.FriendAccessAllowedAttribute] -#pragma warning disable 618 - sealed public class HostProtectionAttribute : CodeAccessSecurityAttribute -#pragma warning restore 618 - { - private HostProtectionResource m_resources = HostProtectionResource.None; - - public HostProtectionAttribute() -#pragma warning disable 618 - : base( SecurityAction.LinkDemand ) -#pragma warning restore 618 - { - } - -#pragma warning disable 618 - public HostProtectionAttribute( SecurityAction action ) -#pragma warning restore 618 - : base( action ) - { -#pragma warning disable 618 - if (action != SecurityAction.LinkDemand) -#pragma warning restore 618 - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidFlag")); - Contract.EndContractBlock(); - } - - public HostProtectionResource Resources { - get { return m_resources; } - set { m_resources = value; } - } - - public bool Synchronization { - get { return (m_resources & HostProtectionResource.Synchronization) != 0; } - set { m_resources = (value ? m_resources | HostProtectionResource.Synchronization : m_resources & ~HostProtectionResource.Synchronization); } - } - - public bool SharedState { - get { return (m_resources & HostProtectionResource.SharedState) != 0; } - set { m_resources = (value ? m_resources | HostProtectionResource.SharedState : m_resources & ~HostProtectionResource.SharedState); } - } - - public bool ExternalProcessMgmt { - get { return (m_resources & HostProtectionResource.ExternalProcessMgmt) != 0; } - set { m_resources = (value ? m_resources | HostProtectionResource.ExternalProcessMgmt : m_resources & ~HostProtectionResource.ExternalProcessMgmt); } - } - - public bool SelfAffectingProcessMgmt { - get { return (m_resources & HostProtectionResource.SelfAffectingProcessMgmt) != 0; } - set { m_resources = (value ? m_resources | HostProtectionResource.SelfAffectingProcessMgmt : m_resources & ~HostProtectionResource.SelfAffectingProcessMgmt); } - } - - public bool ExternalThreading { - get { return (m_resources & HostProtectionResource.ExternalThreading) != 0; } - set { m_resources = (value ? m_resources | HostProtectionResource.ExternalThreading : m_resources & ~HostProtectionResource.ExternalThreading); } - } - - public bool SelfAffectingThreading { - get { return (m_resources & HostProtectionResource.SelfAffectingThreading) != 0; } - set { m_resources = (value ? m_resources | HostProtectionResource.SelfAffectingThreading : m_resources & ~HostProtectionResource.SelfAffectingThreading); } - } - -[System.Runtime.InteropServices.ComVisible(true)] - public bool SecurityInfrastructure { - get { return (m_resources & HostProtectionResource.SecurityInfrastructure) != 0; } - set { m_resources = (value ? m_resources | HostProtectionResource.SecurityInfrastructure : m_resources & ~HostProtectionResource.SecurityInfrastructure); } - } - - public bool UI { - get { return (m_resources & HostProtectionResource.UI) != 0; } - set { m_resources = (value ? m_resources | HostProtectionResource.UI : m_resources & ~HostProtectionResource.UI); } - } - - public bool MayLeakOnAbort { - get { return (m_resources & HostProtectionResource.MayLeakOnAbort) != 0; } - set { m_resources = (value ? m_resources | HostProtectionResource.MayLeakOnAbort : m_resources & ~HostProtectionResource.MayLeakOnAbort); } - } - - public override IPermission CreatePermission() - { - if (m_unrestricted) - { - return new HostProtectionPermission( PermissionState.Unrestricted ); - } - else - { - return new HostProtectionPermission( m_resources ); - } - } - } - - [Serializable] - sealed internal class HostProtectionPermission : CodeAccessPermission, IUnrestrictedPermission, IBuiltInPermission - { - //------------------------------------------------------ - // - // GLOBALS - // - //------------------------------------------------------ - - // This value is set by PermissionSet.FilterHostProtectionPermissions. It is only used for - // constructing a HostProtectionException object. Changing it will not affect HostProtection. - internal static volatile HostProtectionResource protectedResources = HostProtectionResource.None; - - //------------------------------------------------------ - // - // MEMBERS - // - //------------------------------------------------------ - private HostProtectionResource m_resources; - - //------------------------------------------------------ - // - // CONSTRUCTORS - // - //------------------------------------------------------ - public HostProtectionPermission(PermissionState state) - { - if (state == PermissionState.Unrestricted) - Resources = HostProtectionResource.All; - else if (state == PermissionState.None) - Resources = HostProtectionResource.None; - else - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPermissionState")); - } - - public HostProtectionPermission(HostProtectionResource resources) - { - Resources = resources; - } - - //------------------------------------------------------ - // - // IPermission interface implementation - // - //------------------------------------------------------ - public bool IsUnrestricted() - { - return Resources == HostProtectionResource.All; - } - - //------------------------------------------------------ - // - // Properties - // - //------------------------------------------------------ - public HostProtectionResource Resources - { - set - { - if(value < HostProtectionResource.None || value > HostProtectionResource.All) - throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)value)); - Contract.EndContractBlock(); - m_resources = value; - } - - get - { - return m_resources; - } - } - - //------------------------------------------------------ - // - // IPermission interface implementation - // - //------------------------------------------------------ - public override bool IsSubsetOf(IPermission target) - { - if (target == null) - return m_resources == HostProtectionResource.None; - if(this.GetType() != target.GetType()) - throw new ArgumentException( Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) ); - return ((uint)this.m_resources & (uint)((HostProtectionPermission)target).m_resources) == (uint)this.m_resources; - } - - public override IPermission Union(IPermission target) - { - if (target == null) - return(this.Copy()); - if(this.GetType() != target.GetType()) - throw new ArgumentException( Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) ); - HostProtectionResource newResources = (HostProtectionResource)((uint)this.m_resources | (uint)((HostProtectionPermission)target).m_resources); - return new HostProtectionPermission(newResources); - } - - public override IPermission Intersect(IPermission target) - { - if (target == null) - return null; - if(this.GetType() != target.GetType()) - throw new ArgumentException( Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) ); - HostProtectionResource newResources = (HostProtectionResource)((uint)this.m_resources & (uint)((HostProtectionPermission)target).m_resources); - if(newResources == HostProtectionResource.None) - return null; - return new HostProtectionPermission(newResources); - } - - public override IPermission Copy() - { - return new HostProtectionPermission(m_resources); - } - - //------------------------------------------------------ - // - // OBJECT OVERRIDES - // - //------------------------------------------------------ - - /// <internalonly/> - int IBuiltInPermission.GetTokenIndex() - { - return HostProtectionPermission.GetTokenIndex(); - } - - internal static int GetTokenIndex() - { - return BuiltInPermissionIndex.HostProtectionPermissionIndex; - } - } -} diff --git a/src/mscorlib/src/System/Security/Permissions/IBuiltInPermission.cs b/src/mscorlib/src/System/Security/Permissions/IBuiltInPermission.cs deleted file mode 100644 index 58b26bd9c4..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/IBuiltInPermission.cs +++ /dev/null @@ -1,63 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -namespace System.Security.Permissions -{ - internal interface IBuiltInPermission - { - int GetTokenIndex(); - } - - internal static class BuiltInPermissionIndex - { - internal const int NUM_BUILTIN_UNRESTRICTED = 10; - internal const int NUM_BUILTIN_NORMAL = 7; - - // Unrestricted permissions - - internal const int EnvironmentPermissionIndex = 0; - internal const int FileDialogPermissionIndex = 1; - internal const int FileIOPermissionIndex = 2; - internal const int IsolatedStorageFilePermissionIndex = 3; - internal const int ReflectionPermissionIndex = 4; - internal const int RegistryPermissionIndex = 5; - internal const int SecurityPermissionIndex = 6; - internal const int UIPermissionIndex = 7; - internal const int PrincipalPermissionIndex = 8; - internal const int HostProtectionPermissionIndex = 9; - - // Normal permissions - internal const int PublisherIdentityPermissionIndex = 0 + NUM_BUILTIN_UNRESTRICTED; - internal const int SiteIdentityPermissionIndex = 1 + NUM_BUILTIN_UNRESTRICTED; - internal const int StrongNameIdentityPermissionIndex = 2 + NUM_BUILTIN_UNRESTRICTED; - internal const int UrlIdentityPermissionIndex = 3 + NUM_BUILTIN_UNRESTRICTED; - internal const int ZoneIdentityPermissionIndex = 4 + NUM_BUILTIN_UNRESTRICTED; - internal const int GacIdentityPermissionIndex = 5 + NUM_BUILTIN_UNRESTRICTED; - internal const int KeyContainerPermissionIndex = 6 + NUM_BUILTIN_UNRESTRICTED; - } - - [Serializable] - internal enum BuiltInPermissionFlag - { - // Unrestricted permissions - - EnvironmentPermission = 0x1, - FileDialogPermission = 0x2, - FileIOPermission = 0x4, - IsolatedStorageFilePermission = 0x8, - ReflectionPermission = 0x10, - RegistryPermission = 0x20, - SecurityPermission = 0x40, - UIPermission = 0x80, - PrincipalPermission = 0x100, - - // Normal permissions - PublisherIdentityPermission = 0x200, - SiteIdentityPermission = 0x400, - StrongNameIdentityPermission = 0x800, - UrlIdentityPermission = 0x1000, - ZoneIdentityPermission = 0x2000, - KeyContainerPermission = 0x4000, - } -} diff --git a/src/mscorlib/src/System/Security/Permissions/IUnrestrictedPermission.cs b/src/mscorlib/src/System/Security/Permissions/IUnrestrictedPermission.cs deleted file mode 100644 index 782df8012c..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/IUnrestrictedPermission.cs +++ /dev/null @@ -1,13 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -namespace System.Security.Permissions { - - using System; -[System.Runtime.InteropServices.ComVisible(true)] - public interface IUnrestrictedPermission - { - bool IsUnrestricted(); - } -} diff --git a/src/mscorlib/src/System/Security/Permissions/IsolatedStorageFilePermission.cs b/src/mscorlib/src/System/Security/Permissions/IsolatedStorageFilePermission.cs deleted file mode 100644 index 42bc648c72..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/IsolatedStorageFilePermission.cs +++ /dev/null @@ -1,163 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -// -// -// Purpose : This permission is used to controls/administer access to -// IsolatedStorageFile -// - -namespace System.Security.Permissions { - - using System.Globalization; - - [Serializable] -[System.Runtime.InteropServices.ComVisible(true)] - sealed public class IsolatedStorageFilePermission : IsolatedStoragePermission, IBuiltInPermission - { - public IsolatedStorageFilePermission(PermissionState state) - : base(state) { } - - internal IsolatedStorageFilePermission(IsolatedStorageContainment UsageAllowed, - long ExpirationDays, bool PermanentData) - : base(UsageAllowed, ExpirationDays, PermanentData) { } - - //------------------------------------------------------ - // - // IPERMISSION IMPLEMENTATION - // - //------------------------------------------------------ - - public override IPermission Union(IPermission target) - { - if (target == null) - { - return this.Copy(); - } - else if (!VerifyType(target)) - { - throw new - ArgumentException( - Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) - ); - } - - IsolatedStorageFilePermission operand = (IsolatedStorageFilePermission)target; - - if (this.IsUnrestricted() || operand.IsUnrestricted()) - { - return new IsolatedStorageFilePermission( PermissionState.Unrestricted ); - } - else - { - IsolatedStorageFilePermission union; - union = new IsolatedStorageFilePermission( PermissionState.None ); - union.m_userQuota = max(m_userQuota,operand.m_userQuota); - union.m_machineQuota = max(m_machineQuota,operand.m_machineQuota); - union.m_expirationDays = max(m_expirationDays,operand.m_expirationDays); - union.m_permanentData = m_permanentData || operand.m_permanentData; - union.m_allowed = (IsolatedStorageContainment)max((long)m_allowed,(long)operand.m_allowed); - return union; - } - } - - public override bool IsSubsetOf(IPermission target) - { - if (target == null) - { - return ((m_userQuota == 0) && - (m_machineQuota == 0) && - (m_expirationDays == 0) && - (m_permanentData == false) && - (m_allowed == IsolatedStorageContainment.None)); - } - - try - { - IsolatedStorageFilePermission operand = (IsolatedStorageFilePermission)target; - - if (operand.IsUnrestricted()) - return true; - - return ((operand.m_userQuota >= m_userQuota) && - (operand.m_machineQuota >= m_machineQuota) && - (operand.m_expirationDays >= m_expirationDays) && - (operand.m_permanentData || !m_permanentData) && - (operand.m_allowed >= m_allowed)); - } - catch (InvalidCastException) - { - throw new - ArgumentException( - Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) - ); - } - - } - - public override IPermission Intersect(IPermission target) - { - if (target == null) - return null; - else if (!VerifyType(target)) - { - throw new - ArgumentException( - Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) - ); - } - - IsolatedStorageFilePermission operand = (IsolatedStorageFilePermission)target; - - if(operand.IsUnrestricted()) - return Copy(); - else if(IsUnrestricted()) - return target.Copy(); - - IsolatedStorageFilePermission intersection; - intersection = new IsolatedStorageFilePermission( PermissionState.None ); - intersection.m_userQuota = min(m_userQuota,operand.m_userQuota); - intersection.m_machineQuota = min(m_machineQuota,operand.m_machineQuota); - intersection.m_expirationDays = min(m_expirationDays,operand.m_expirationDays); - intersection.m_permanentData = m_permanentData && operand.m_permanentData; - intersection.m_allowed = (IsolatedStorageContainment)min((long)m_allowed,(long)operand.m_allowed); - - if ((intersection.m_userQuota == 0) && - (intersection.m_machineQuota == 0) && - (intersection.m_expirationDays == 0) && - (intersection.m_permanentData == false) && - (intersection.m_allowed == IsolatedStorageContainment.None)) - return null; - - return intersection; - } - - public override IPermission Copy() - { - IsolatedStorageFilePermission copy ; - copy = new IsolatedStorageFilePermission(PermissionState.Unrestricted); - if(!IsUnrestricted()){ - copy.m_userQuota = m_userQuota; - copy.m_machineQuota = m_machineQuota; - copy.m_expirationDays = m_expirationDays; - copy.m_permanentData = m_permanentData; - copy.m_allowed = m_allowed; - } - return copy; - } - - - /// <internalonly/> - int IBuiltInPermission.GetTokenIndex() - { - return IsolatedStorageFilePermission.GetTokenIndex(); - } - - internal static int GetTokenIndex() - { - return BuiltInPermissionIndex.IsolatedStorageFilePermissionIndex; - } - } -} - diff --git a/src/mscorlib/src/System/Security/Permissions/IsolatedStoragePermission.cs b/src/mscorlib/src/System/Security/Permissions/IsolatedStoragePermission.cs deleted file mode 100644 index 9f09a37098..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/IsolatedStoragePermission.cs +++ /dev/null @@ -1,183 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -// - -namespace System.Security.Permissions { - - using System; - using System.IO; - using System.Security; - using System.Security.Util; - using System.Globalization; - - [Serializable] -[System.Runtime.InteropServices.ComVisible(true)] - public enum IsolatedStorageContainment { - None = 0x00, - DomainIsolationByUser = 0x10, - ApplicationIsolationByUser = 0x15, - AssemblyIsolationByUser = 0x20, - DomainIsolationByMachine = 0x30, - AssemblyIsolationByMachine = 0x40, - ApplicationIsolationByMachine = 0x45, - DomainIsolationByRoamingUser = 0x50, - AssemblyIsolationByRoamingUser = 0x60, - ApplicationIsolationByRoamingUser = 0x65, - AdministerIsolatedStorageByUser = 0x70, - //AdministerIsolatedStorageByMachine = 0x80, - UnrestrictedIsolatedStorage = 0xF0 - }; - - - [Serializable] - [System.Runtime.InteropServices.ComVisible(true)] - abstract public class IsolatedStoragePermission - : CodeAccessPermission, IUnrestrictedPermission - { - - //------------------------------------------------------ - // - // PRIVATE STATE DATA - // - //------------------------------------------------------ - - /// <internalonly/> - internal long m_userQuota; - /// <internalonly/> - internal long m_machineQuota; - /// <internalonly/> - internal long m_expirationDays; - /// <internalonly/> - internal bool m_permanentData; - /// <internalonly/> - internal IsolatedStorageContainment m_allowed; - - //------------------------------------------------------ - // - // CONSTRUCTORS - // - //------------------------------------------------------ - - protected IsolatedStoragePermission(PermissionState state) - { - if (state == PermissionState.Unrestricted) - { - m_userQuota = Int64.MaxValue; - m_machineQuota = Int64.MaxValue; - m_expirationDays = Int64.MaxValue ; - m_permanentData = true; - m_allowed = IsolatedStorageContainment.UnrestrictedIsolatedStorage; - } - else if (state == PermissionState.None) - { - m_userQuota = 0; - m_machineQuota = 0; - m_expirationDays = 0; - m_permanentData = false; - m_allowed = IsolatedStorageContainment.None; - } - else - { - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPermissionState")); - } - } - - internal IsolatedStoragePermission(IsolatedStorageContainment UsageAllowed, - long ExpirationDays, bool PermanentData) - - { - m_userQuota = 0; // typical demand won't include quota - m_machineQuota = 0; // typical demand won't include quota - m_expirationDays = ExpirationDays; - m_permanentData = PermanentData; - m_allowed = UsageAllowed; - } - - internal IsolatedStoragePermission(IsolatedStorageContainment UsageAllowed, - long ExpirationDays, bool PermanentData, long UserQuota) - - { - m_machineQuota = 0; - m_userQuota = UserQuota; - m_expirationDays = ExpirationDays; - m_permanentData = PermanentData; - m_allowed = UsageAllowed; - } - - - //------------------------------------------------------ - // - // PUBLIC ACCESSOR METHODS - // - //------------------------------------------------------ - - // properties - public long UserQuota { - set{ - m_userQuota = value; - } - get{ - return m_userQuota; - } - } - -#if false - internal long MachineQuota { - set{ - m_machineQuota = value; - } - get{ - return m_machineQuota; - } - } - internal long ExpirationDays { - set{ - m_expirationDays = value; - } - get{ - return m_expirationDays; - } - } - internal bool PermanentData { - set{ - m_permanentData = value; - } - get{ - return m_permanentData; - } - } -#endif - - public IsolatedStorageContainment UsageAllowed { - set{ - m_allowed = value; - } - get{ - return m_allowed; - } - } - - - //------------------------------------------------------ - // - // CODEACCESSPERMISSION IMPLEMENTATION - // - //------------------------------------------------------ - - public bool IsUnrestricted() - { - return m_allowed == IsolatedStorageContainment.UnrestrictedIsolatedStorage; - } - - - //------------------------------------------------------ - // - // INTERNAL METHODS - // - //------------------------------------------------------ - internal static long min(long x,long y) {return x>y?y:x;} - internal static long max(long x,long y) {return x<y?y:x;} - } -} diff --git a/src/mscorlib/src/System/Security/Permissions/PermissionAttributes.cs b/src/mscorlib/src/System/Security/Permissions/PermissionAttributes.cs deleted file mode 100644 index b6ac8ece3c..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/PermissionAttributes.cs +++ /dev/null @@ -1,880 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -namespace System.Security.Permissions -{ - - using System.Security.Util; - using System.IO; - using System.Security.Policy; - using System.Text; - using System.Threading; - using System.Runtime.InteropServices; - using System.Runtime.Remoting; - using System.Runtime.Serialization; -#if FEATURE_X509 - using System.Security.Cryptography.X509Certificates; -#endif - using System.Runtime.Versioning; - using System.Diagnostics.Contracts; - - [Serializable] - [System.Runtime.InteropServices.ComVisible(true)] - // The csharp compiler requires these types to be public, but they are not used elsewhere. - [Obsolete("SecurityAction is no longer accessible to application code.")] - public enum SecurityAction - { - // Demand permission of all caller - Demand = 2, - - // Assert permission so callers don't need - Assert = 3, - - // Deny permissions so checks will fail - [Obsolete("Deny is obsolete and will be removed in a future release of the .NET Framework. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")] - Deny = 4, - - // Reduce permissions so check will fail - PermitOnly = 5, - - // Demand permission of caller - LinkDemand = 6, - - // Demand permission of a subclass - InheritanceDemand = 7, - - // Request minimum permissions to run - [Obsolete("Assembly level declarative security is obsolete and is no longer enforced by the CLR by default. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")] - RequestMinimum = 8, - - // Request optional additional permissions - [Obsolete("Assembly level declarative security is obsolete and is no longer enforced by the CLR by default. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")] - RequestOptional = 9, - - // Refuse to be granted these permissions - [Obsolete("Assembly level declarative security is obsolete and is no longer enforced by the CLR by default. See http://go.microsoft.com/fwlink/?LinkID=155570 for more information.")] - RequestRefuse = 10, - } - - [Serializable] - [AttributeUsage(AttributeTargets.Method | AttributeTargets.Constructor | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Assembly, AllowMultiple = true, Inherited = false )] - [System.Runtime.InteropServices.ComVisible(true)] - // The csharp compiler requires these types to be public, but they are not used elsewhere. - [Obsolete("SecurityAttribute is no longer accessible to application code.")] - public abstract class SecurityAttribute : System.Attribute - { - /// <internalonly/> - internal SecurityAction m_action; - /// <internalonly/> - internal bool m_unrestricted; - - protected SecurityAttribute( SecurityAction action ) - { - m_action = action; - } - - public SecurityAction Action - { - get { return m_action; } - set { m_action = value; } - } - - public bool Unrestricted - { - get { return m_unrestricted; } - set { m_unrestricted = value; } - } - - abstract public IPermission CreatePermission(); - - internal static unsafe IntPtr FindSecurityAttributeTypeHandle(String typeName) - { - PermissionSet.s_fullTrust.Assert(); - Type t = Type.GetType(typeName, false, false); - if(t == null) - return IntPtr.Zero; - IntPtr typeHandle = t.TypeHandle.Value; - return typeHandle; - } - } - - [Serializable] - [AttributeUsage(AttributeTargets.Method | AttributeTargets.Constructor | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Assembly, AllowMultiple = true, Inherited = false )] - [System.Runtime.InteropServices.ComVisible(true)] - // The csharp compiler requires these types to be public, but they are not used elsewhere. - [Obsolete("CodeAccessSecurityAttribute is no longer accessible to application code.")] - public abstract class CodeAccessSecurityAttribute : SecurityAttribute - { - protected CodeAccessSecurityAttribute( SecurityAction action ) - : base( action ) - { - } - } - - [AttributeUsage(AttributeTargets.Method | AttributeTargets.Constructor | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Assembly, AllowMultiple = true, Inherited = false )] -[System.Runtime.InteropServices.ComVisible(true)] - [Serializable] -#pragma warning disable 618 - sealed public class EnvironmentPermissionAttribute : CodeAccessSecurityAttribute -#pragma warning restore 618 - { - private String m_read = null; - private String m_write = null; - -#pragma warning disable 618 - public EnvironmentPermissionAttribute( SecurityAction action ) -#pragma warning restore 618 - : base( action ) - { - } - - public String Read { - get { return m_read; } - set { m_read = value; } - } - - public String Write { - get { return m_write; } - set { m_write = value; } - } - - public String All { - get { throw new NotSupportedException( Environment.GetResourceString( "NotSupported_GetMethod" ) ); } - set { m_write = value; m_read = value; } - } - - public override IPermission CreatePermission() - { - if (m_unrestricted) - { - return new EnvironmentPermission(PermissionState.Unrestricted); - } - else - { - EnvironmentPermission perm = new EnvironmentPermission(PermissionState.None); - if (m_read != null) - perm.SetPathList( EnvironmentPermissionAccess.Read, m_read ); - if (m_write != null) - perm.SetPathList( EnvironmentPermissionAccess.Write, m_write ); - return perm; - } - } - } - - [AttributeUsage(AttributeTargets.Method | AttributeTargets.Constructor | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Assembly, AllowMultiple = true, Inherited = false )] -[System.Runtime.InteropServices.ComVisible(true)] - [Serializable] -#pragma warning disable 618 - sealed public class FileDialogPermissionAttribute : CodeAccessSecurityAttribute -#pragma warning restore 618 - { - private FileDialogPermissionAccess m_access; - -#pragma warning disable 618 - public FileDialogPermissionAttribute( SecurityAction action ) -#pragma warning restore 618 - : base( action ) - { - } - - public bool Open - { - get { return (m_access & FileDialogPermissionAccess.Open) != 0; } - set { m_access = value ? m_access | FileDialogPermissionAccess.Open : m_access & ~FileDialogPermissionAccess.Open; } - } - - public bool Save - { - get { return (m_access & FileDialogPermissionAccess.Save) != 0; } - set { m_access = value ? m_access | FileDialogPermissionAccess.Save : m_access & ~FileDialogPermissionAccess.Save; } - } - - public override IPermission CreatePermission() - { - if (m_unrestricted) - { - return new FileDialogPermission( PermissionState.Unrestricted ); - } - else - { - return new FileDialogPermission( m_access ); - } - } - } - - - [AttributeUsage(AttributeTargets.Method | AttributeTargets.Constructor | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Assembly, AllowMultiple = true, Inherited = false )] -[System.Runtime.InteropServices.ComVisible(true)] - [Serializable] -#pragma warning disable 618 - sealed public class FileIOPermissionAttribute : CodeAccessSecurityAttribute -#pragma warning restore 618 - { - private String m_read = null; - private String m_write = null; - private String m_append = null; - private String m_pathDiscovery = null; - private String m_viewAccess = null; - private String m_changeAccess = null; - [OptionalField(VersionAdded = 2)] private FileIOPermissionAccess m_allLocalFiles = FileIOPermissionAccess.NoAccess; - [OptionalField(VersionAdded = 2)] private FileIOPermissionAccess m_allFiles = FileIOPermissionAccess.NoAccess; - -#pragma warning disable 618 - public FileIOPermissionAttribute( SecurityAction action ) -#pragma warning restore 618 - : base( action ) - { - } - - public String Read { - get { return m_read; } - set { m_read = value; } - } - - public String Write { - get { return m_write; } - set { m_write = value; } - } - - public String Append { - get { return m_append; } - set { m_append = value; } - } - - public String PathDiscovery { - get { return m_pathDiscovery; } - set { m_pathDiscovery = value; } - } - - public String ViewAccessControl { - get { return m_viewAccess; } - set { m_viewAccess = value; } - } - - public String ChangeAccessControl { - get { return m_changeAccess; } - set { m_changeAccess = value; } - } - - [Obsolete("Please use the ViewAndModify property instead.")] - public String All { - set { m_read = value; m_write = value; m_append = value; m_pathDiscovery = value; } - get { throw new NotSupportedException( Environment.GetResourceString( "NotSupported_GetMethod" ) ); } - } - - // Read, Write, Append, PathDiscovery, but no ACL-related permissions - public String ViewAndModify { - get { throw new NotSupportedException( Environment.GetResourceString( "NotSupported_GetMethod" ) ); } - set { m_read = value; m_write = value; m_append = value; m_pathDiscovery = value; } - } - - public FileIOPermissionAccess AllFiles { - get { return m_allFiles; } - set { m_allFiles = value; } - } - - public FileIOPermissionAccess AllLocalFiles { - get { return m_allLocalFiles; } - set { m_allLocalFiles = value; } - } - - public override IPermission CreatePermission() - { - if (m_unrestricted) - { - return new FileIOPermission(PermissionState.Unrestricted); - } - else - { - FileIOPermission perm = new FileIOPermission(PermissionState.None); - if (m_read != null) - perm.SetPathList( FileIOPermissionAccess.Read, m_read ); - if (m_write != null) - perm.SetPathList( FileIOPermissionAccess.Write, m_write ); - if (m_append != null) - perm.SetPathList( FileIOPermissionAccess.Append, m_append ); - if (m_pathDiscovery != null) - perm.SetPathList( FileIOPermissionAccess.PathDiscovery, m_pathDiscovery ); - - perm.AllFiles = m_allFiles; - perm.AllLocalFiles = m_allLocalFiles; - return perm; - } - } - } - - [AttributeUsage(AttributeTargets.Method | AttributeTargets.Constructor | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Assembly, AllowMultiple = true, Inherited = false )] - [Serializable] -[System.Runtime.InteropServices.ComVisible(true)] -#pragma warning disable 618 - public sealed class KeyContainerPermissionAttribute : CodeAccessSecurityAttribute { -#pragma warning restore 618 - KeyContainerPermissionFlags m_flags = KeyContainerPermissionFlags.NoFlags; - private string m_keyStore; - private string m_providerName; - private int m_providerType = -1; - private string m_keyContainerName; - private int m_keySpec = -1; - -#pragma warning disable 618 - public KeyContainerPermissionAttribute(SecurityAction action) : base(action) {} -#pragma warning restore 618 - - public string KeyStore { - get { return m_keyStore; } - set { m_keyStore = value; } - } - - public string ProviderName { - get { return m_providerName; } - set { m_providerName = value; } - } - - public int ProviderType { - get { return m_providerType; } - set { m_providerType = value; } - } - - public string KeyContainerName { - get { return m_keyContainerName; } - set { m_keyContainerName = value; } - } - - public int KeySpec { - get { return m_keySpec; } - set { m_keySpec = value; } - } - - public KeyContainerPermissionFlags Flags { - get { return m_flags; } - set { m_flags = value; } - } - - public override IPermission CreatePermission() { - if (m_unrestricted) { - return new KeyContainerPermission(PermissionState.Unrestricted); - } else { - if (KeyContainerPermissionAccessEntry.IsUnrestrictedEntry(m_keyStore, m_providerName, m_providerType, m_keyContainerName, m_keySpec)) - return new KeyContainerPermission(m_flags); - - // create a KeyContainerPermission with a single access entry. - KeyContainerPermission cp = new KeyContainerPermission(KeyContainerPermissionFlags.NoFlags); - KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(m_keyStore, m_providerName, m_providerType, m_keyContainerName, m_keySpec, m_flags); - cp.AccessEntries.Add(accessEntry); - return cp; - } - } - } - - [AttributeUsage(AttributeTargets.Method | AttributeTargets.Constructor | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Assembly, AllowMultiple = true, Inherited = false )] -[System.Runtime.InteropServices.ComVisible(true)] - [Serializable] -#pragma warning disable 618 - sealed public class ReflectionPermissionAttribute : CodeAccessSecurityAttribute -#pragma warning restore 618 - { - private ReflectionPermissionFlag m_flag = ReflectionPermissionFlag.NoFlags; - -#pragma warning disable 618 - public ReflectionPermissionAttribute( SecurityAction action ) -#pragma warning restore 618 - : base( action ) - { - } - - public ReflectionPermissionFlag Flags { - get { return m_flag; } - set { m_flag = value; } - } - - [Obsolete("This API has been deprecated. http://go.microsoft.com/fwlink/?linkid=14202")] - public bool TypeInformation { -#pragma warning disable 618 - get { return (m_flag & ReflectionPermissionFlag.TypeInformation) != 0; } - set { m_flag = value ? m_flag | ReflectionPermissionFlag.TypeInformation : m_flag & ~ReflectionPermissionFlag.TypeInformation; } -#pragma warning restore 618 - } - - public bool MemberAccess { - get { return (m_flag & ReflectionPermissionFlag.MemberAccess) != 0; } - set { m_flag = value ? m_flag | ReflectionPermissionFlag.MemberAccess : m_flag & ~ReflectionPermissionFlag.MemberAccess; } - } - - [Obsolete("This permission is no longer used by the CLR.")] - public bool ReflectionEmit { -#pragma warning disable 618 - get { return (m_flag & ReflectionPermissionFlag.ReflectionEmit) != 0; } - set { m_flag = value ? m_flag | ReflectionPermissionFlag.ReflectionEmit : m_flag & ~ReflectionPermissionFlag.ReflectionEmit; } -#pragma warning restore 618 - } - - public bool RestrictedMemberAccess - { - get { return (m_flag & ReflectionPermissionFlag.RestrictedMemberAccess) != 0; } - set { m_flag = value ? m_flag | ReflectionPermissionFlag.RestrictedMemberAccess : m_flag & ~ReflectionPermissionFlag.RestrictedMemberAccess; } - } - - public override IPermission CreatePermission() - { - if (m_unrestricted) - { - return new ReflectionPermission( PermissionState.Unrestricted ); - } - else - { - return new ReflectionPermission( m_flag ); - } - } - } - - [AttributeUsage(AttributeTargets.Method | AttributeTargets.Constructor | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Assembly, AllowMultiple = true, Inherited = false )] -[System.Runtime.InteropServices.ComVisible(true)] - [Serializable] -#pragma warning disable 618 - sealed public class RegistryPermissionAttribute : CodeAccessSecurityAttribute -#pragma warning restore 618 - { - private String m_read = null; - private String m_write = null; - private String m_create = null; - private String m_viewAcl = null; - private String m_changeAcl = null; - -#pragma warning disable 618 - public RegistryPermissionAttribute( SecurityAction action ) -#pragma warning restore 618 - : base( action ) - { - } - - public String Read { - get { return m_read; } - set { m_read = value; } - } - - public String Write { - get { return m_write; } - set { m_write = value; } - } - - public String Create { - get { return m_create; } - set { m_create = value; } - } - - public String ViewAccessControl { - get { return m_viewAcl; } - set { m_viewAcl = value; } - } - - public String ChangeAccessControl { - get { return m_changeAcl; } - set { m_changeAcl = value; } - } - - // Read, Write, & Create, but no ACL's - public String ViewAndModify { - get { throw new NotSupportedException( Environment.GetResourceString( "NotSupported_GetMethod" ) ); } - set { m_read = value; m_write = value; m_create = value; } - } - - [Obsolete("Please use the ViewAndModify property instead.")] - public String All { - get { throw new NotSupportedException( Environment.GetResourceString( "NotSupported_GetMethod" ) ); } - set { m_read = value; m_write = value; m_create = value; } - } - - public override IPermission CreatePermission() - { - if (m_unrestricted) - { - return new RegistryPermission( PermissionState.Unrestricted ); - } - else - { - RegistryPermission perm = new RegistryPermission(PermissionState.None); - if (m_read != null) - perm.SetPathList( RegistryPermissionAccess.Read, m_read ); - if (m_write != null) - perm.SetPathList( RegistryPermissionAccess.Write, m_write ); - if (m_create != null) - perm.SetPathList( RegistryPermissionAccess.Create, m_create ); - return perm; - } - } - } - - [AttributeUsage(AttributeTargets.Method | AttributeTargets.Constructor | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Assembly, AllowMultiple = true, Inherited = false )] - [System.Runtime.InteropServices.ComVisible(true)] - [Serializable] - // The csharp compiler requires these types to be public, but they are not used elsewhere. - [Obsolete("SecurityPermissionAttribute is no longer accessible to application code.")] - sealed public class SecurityPermissionAttribute : CodeAccessSecurityAttribute - { - private SecurityPermissionFlag m_flag = SecurityPermissionFlag.NoFlags; - - public SecurityPermissionAttribute( SecurityAction action ) - : base( action ) - { - } - - public SecurityPermissionFlag Flags { - get { return m_flag; } - set { m_flag = value; } - } - - public bool Assertion { - get { return (m_flag & SecurityPermissionFlag.Assertion) != 0; } - set { m_flag = value ? m_flag | SecurityPermissionFlag.Assertion : m_flag & ~SecurityPermissionFlag.Assertion; } - } - - public bool UnmanagedCode { - get { return (m_flag & SecurityPermissionFlag.UnmanagedCode) != 0; } - set { m_flag = value ? m_flag | SecurityPermissionFlag.UnmanagedCode : m_flag & ~SecurityPermissionFlag.UnmanagedCode; } - } - - public bool SkipVerification { - get { return (m_flag & SecurityPermissionFlag.SkipVerification) != 0; } - set { m_flag = value ? m_flag | SecurityPermissionFlag.SkipVerification : m_flag & ~SecurityPermissionFlag.SkipVerification; } - } - - public bool Execution { - get { return (m_flag & SecurityPermissionFlag.Execution) != 0; } - set { m_flag = value ? m_flag | SecurityPermissionFlag.Execution : m_flag & ~SecurityPermissionFlag.Execution; } - } - - public bool ControlThread { - get { return (m_flag & SecurityPermissionFlag.ControlThread) != 0; } - set { m_flag = value ? m_flag | SecurityPermissionFlag.ControlThread : m_flag & ~SecurityPermissionFlag.ControlThread; } - } - - public bool ControlEvidence { - get { return (m_flag & SecurityPermissionFlag.ControlEvidence) != 0; } - set { m_flag = value ? m_flag | SecurityPermissionFlag.ControlEvidence : m_flag & ~SecurityPermissionFlag.ControlEvidence; } - } - - public bool ControlPolicy { - get { return (m_flag & SecurityPermissionFlag.ControlPolicy) != 0; } - set { m_flag = value ? m_flag | SecurityPermissionFlag.ControlPolicy : m_flag & ~SecurityPermissionFlag.ControlPolicy; } - } - - public bool SerializationFormatter { - get { return (m_flag & SecurityPermissionFlag.SerializationFormatter) != 0; } - set { m_flag = value ? m_flag | SecurityPermissionFlag.SerializationFormatter : m_flag & ~SecurityPermissionFlag.SerializationFormatter; } - } - - public bool ControlDomainPolicy { - get { return (m_flag & SecurityPermissionFlag.ControlDomainPolicy) != 0; } - set { m_flag = value ? m_flag | SecurityPermissionFlag.ControlDomainPolicy : m_flag & ~SecurityPermissionFlag.ControlDomainPolicy; } - } - - public bool ControlPrincipal { - get { return (m_flag & SecurityPermissionFlag.ControlPrincipal) != 0; } - set { m_flag = value ? m_flag | SecurityPermissionFlag.ControlPrincipal : m_flag & ~SecurityPermissionFlag.ControlPrincipal; } - } - - public bool ControlAppDomain { - get { return (m_flag & SecurityPermissionFlag.ControlAppDomain) != 0; } - set { m_flag = value ? m_flag | SecurityPermissionFlag.ControlAppDomain : m_flag & ~SecurityPermissionFlag.ControlAppDomain; } - } - - public bool RemotingConfiguration { - get { return (m_flag & SecurityPermissionFlag.RemotingConfiguration) != 0; } - set { m_flag = value ? m_flag | SecurityPermissionFlag.RemotingConfiguration : m_flag & ~SecurityPermissionFlag.RemotingConfiguration; } - } - - [System.Runtime.InteropServices.ComVisible(true)] - public bool Infrastructure { - get { return (m_flag & SecurityPermissionFlag.Infrastructure) != 0; } - set { m_flag = value ? m_flag | SecurityPermissionFlag.Infrastructure : m_flag & ~SecurityPermissionFlag.Infrastructure; } - } - - public bool BindingRedirects { - get { return (m_flag & SecurityPermissionFlag.BindingRedirects) != 0; } - set { m_flag = value ? m_flag | SecurityPermissionFlag.BindingRedirects : m_flag & ~SecurityPermissionFlag.BindingRedirects; } - } - - public override IPermission CreatePermission() - { - if (m_unrestricted) - { - return new SecurityPermission( PermissionState.Unrestricted ); - } - else - { - return new SecurityPermission( m_flag ); - } - } - } - - [AttributeUsage(AttributeTargets.Method | AttributeTargets.Constructor | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Assembly, AllowMultiple = true, Inherited = false )] -[System.Runtime.InteropServices.ComVisible(true)] - [Serializable] -#pragma warning disable 618 - sealed public class UIPermissionAttribute : CodeAccessSecurityAttribute -#pragma warning restore 618 - { - private UIPermissionWindow m_windowFlag = UIPermissionWindow.NoWindows; - private UIPermissionClipboard m_clipboardFlag = UIPermissionClipboard.NoClipboard; - -#pragma warning disable 618 - public UIPermissionAttribute( SecurityAction action ) -#pragma warning restore 618 - : base( action ) - { - } - - public UIPermissionWindow Window { - get { return m_windowFlag; } - set { m_windowFlag = value; } - } - - public UIPermissionClipboard Clipboard { - get { return m_clipboardFlag; } - set { m_clipboardFlag = value; } - } - - public override IPermission CreatePermission() - { - if (m_unrestricted) - { - return new UIPermission( PermissionState.Unrestricted ); - } - else - { - return new UIPermission( m_windowFlag, m_clipboardFlag ); - } - } - } - - [AttributeUsage(AttributeTargets.Method | AttributeTargets.Constructor | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Assembly, AllowMultiple = true, Inherited = false )] -[System.Runtime.InteropServices.ComVisible(true)] - [Serializable] -#pragma warning disable 618 - sealed public class ZoneIdentityPermissionAttribute : CodeAccessSecurityAttribute -#pragma warning restore 618 - { - private SecurityZone m_flag = SecurityZone.NoZone; - -#pragma warning disable 618 - public ZoneIdentityPermissionAttribute( SecurityAction action ) -#pragma warning restore 618 - : base( action ) - { - } - - public SecurityZone Zone { - get { return m_flag; } - set { m_flag = value; } - } - - public override IPermission CreatePermission() - { - if (m_unrestricted) - { - return new ZoneIdentityPermission(PermissionState.Unrestricted); - } - else - { - return new ZoneIdentityPermission( m_flag ); - } - } - } - - [AttributeUsage(AttributeTargets.Method | AttributeTargets.Constructor | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Assembly, AllowMultiple = true, Inherited = false )] -[System.Runtime.InteropServices.ComVisible(true)] - [Serializable] -#pragma warning disable 618 - sealed public class StrongNameIdentityPermissionAttribute : CodeAccessSecurityAttribute -#pragma warning restore 618 - { - private String m_name = null; - private String m_version = null; - private String m_blob = null; - -#pragma warning disable 618 - public StrongNameIdentityPermissionAttribute( SecurityAction action ) -#pragma warning restore 618 - : base( action ) - { - } - - public String Name - { - get { return m_name; } - set { m_name = value; } - } - - public String Version - { - get { return m_version; } - set { m_version = value; } - } - - public String PublicKey - { - get { return m_blob; } - set { m_blob = value; } - } - - public override IPermission CreatePermission() - { - if (m_unrestricted) - { - return new StrongNameIdentityPermission( PermissionState.Unrestricted ); - } - else - { - if (m_blob == null && m_name == null && m_version == null) - return new StrongNameIdentityPermission( PermissionState.None ); - - if (m_blob == null) - throw new ArgumentException( Environment.GetResourceString("ArgumentNull_Key")); - - StrongNamePublicKeyBlob blob = new StrongNamePublicKeyBlob( m_blob ); - - if (m_version == null || m_version.Equals(String.Empty)) - return new StrongNameIdentityPermission( blob, m_name, null ); - else - return new StrongNameIdentityPermission( blob, m_name, new Version( m_version ) ); - } - } - } - - - [AttributeUsage(AttributeTargets.Method | AttributeTargets.Constructor | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Assembly, AllowMultiple = true, Inherited = false )] -[System.Runtime.InteropServices.ComVisible(true)] - [Serializable] -#pragma warning disable 618 - sealed public class SiteIdentityPermissionAttribute : CodeAccessSecurityAttribute -#pragma warning restore 618 - { - private String m_site = null; - -#pragma warning disable 618 - public SiteIdentityPermissionAttribute( SecurityAction action ) -#pragma warning restore 618 - : base( action ) - { - } - - public String Site { - get { return m_site; } - set { m_site = value; } - } - - public override IPermission CreatePermission() - { - if (m_unrestricted) - { - return new SiteIdentityPermission( PermissionState.Unrestricted ); - } - else - { - if (m_site == null) - return new SiteIdentityPermission( PermissionState.None ); - - return new SiteIdentityPermission( m_site ); - } - } - } - - [AttributeUsage(AttributeTargets.Method | AttributeTargets.Constructor | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Assembly, AllowMultiple = true, Inherited = false )] -[System.Runtime.InteropServices.ComVisible(true)] -#pragma warning disable 618 - [Serializable] sealed public class UrlIdentityPermissionAttribute : CodeAccessSecurityAttribute -#pragma warning restore 618 - { - private String m_url = null; - -#pragma warning disable 618 - public UrlIdentityPermissionAttribute( SecurityAction action ) -#pragma warning restore 618 - : base( action ) - { - } - - public String Url { - get { return m_url; } - set { m_url = value; } - } - - public override IPermission CreatePermission() - { - if (m_unrestricted) - { - return new UrlIdentityPermission( PermissionState.Unrestricted ); - } - else - { - if (m_url == null) - return new UrlIdentityPermission( PermissionState.None ); - - return new UrlIdentityPermission( m_url ); - } - } - } - - [AttributeUsage(AttributeTargets.Method | AttributeTargets.Constructor | AttributeTargets.Class | AttributeTargets.Struct | AttributeTargets.Assembly, AllowMultiple = true, Inherited = false )] -[System.Runtime.InteropServices.ComVisible(true)] - [Serializable] -#pragma warning disable 618 - sealed public class PermissionSetAttribute : CodeAccessSecurityAttribute -#pragma warning restore 618 - { - private String m_file; - private String m_name; - private bool m_unicode; - private String m_xml; - private String m_hex; - -#pragma warning disable 618 - public PermissionSetAttribute( SecurityAction action ) -#pragma warning restore 618 - : base( action ) - { - m_unicode = false; - } - - public String File { - get { return m_file; } - set { m_file = value; } - } - - public bool UnicodeEncoded { - get { return m_unicode; } - set { m_unicode = value; } - } - - public String Name { - get { return m_name; } - set { m_name = value; } - } - - public String XML { - get { return m_xml; } - set { m_xml = value; } - } - - public String Hex { - get { return m_hex; } - set { m_hex = value; } - } - - public override IPermission CreatePermission() - { - return null; - } - - public PermissionSet CreatePermissionSet() - { - if (m_unrestricted) - return new PermissionSet( PermissionState.Unrestricted ); - else if (m_name != null) - return NamedPermissionSet.GetBuiltInSet( m_name ); - else - return new PermissionSet( PermissionState.None ); - } - } -} diff --git a/src/mscorlib/src/System/Security/Permissions/PermissionState.cs b/src/mscorlib/src/System/Security/Permissions/PermissionState.cs deleted file mode 100644 index ea0f1a0ac2..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/PermissionState.cs +++ /dev/null @@ -1,21 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -// -// The Runtime policy manager. Maintains a set of IdentityMapper objects that map -// inbound evidence to groups. Resolves an identity into a set of permissions -// - -namespace System.Security.Permissions { - - using System; - [Serializable] -[System.Runtime.InteropServices.ComVisible(true)] - public enum PermissionState - { - Unrestricted = 1, - None = 0, - } - -} diff --git a/src/mscorlib/src/System/Security/Permissions/ReflectionPermission.cs b/src/mscorlib/src/System/Security/Permissions/ReflectionPermission.cs deleted file mode 100644 index 1c9dd7696c..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/ReflectionPermission.cs +++ /dev/null @@ -1,274 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -namespace System.Security.Permissions -{ - using System; - using System.IO; - using System.Security.Util; - using System.Text; - using System.Runtime.InteropServices; - using System.Runtime.Remoting; - using System.Security; - using System.Reflection; - using System.Globalization; - using System.Diagnostics.Contracts; - - [ComVisible(true)] - [Flags] - [Serializable] - public enum ReflectionPermissionFlag - { - NoFlags = 0x00, - [Obsolete("This API has been deprecated. http://go.microsoft.com/fwlink/?linkid=14202")] - TypeInformation = 0x01, - MemberAccess = 0x02, - [Obsolete("This permission is no longer used by the CLR.")] - ReflectionEmit = 0x04, - [ComVisible(false)] - RestrictedMemberAccess = 0x08, - [Obsolete("This permission has been deprecated. Use PermissionState.Unrestricted to get full access.")] - AllFlags = 0x07 - } - - [ComVisible(true)] - [Serializable] - sealed public class ReflectionPermission - : CodeAccessPermission, IUnrestrictedPermission, IBuiltInPermission - { - // ReflectionPermissionFlag.AllFlags doesn't contain the new value RestrictedMemberAccess, - // but we cannot change its value now because that will break apps that have that old value baked in. - // We should use this const that truely contains "all" flags instead of ReflectionPermissionFlag.AllFlags. -#pragma warning disable 618 - internal const ReflectionPermissionFlag AllFlagsAndMore = ReflectionPermissionFlag.AllFlags | ReflectionPermissionFlag.RestrictedMemberAccess; -#pragma warning restore 618 - - private ReflectionPermissionFlag m_flags; - - // - // Public Constructors - // - - public ReflectionPermission(PermissionState state) - { - if (state == PermissionState.Unrestricted) - { - SetUnrestricted( true ); - } - else if (state == PermissionState.None) - { - SetUnrestricted( false ); - } - else - { - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPermissionState")); - } - } - - // Parameters: - // - public ReflectionPermission(ReflectionPermissionFlag flag) - { - VerifyAccess(flag); - - SetUnrestricted(false); - m_flags = flag; - } - - //------------------------------------------------------ - // - // PRIVATE AND PROTECTED MODIFIERS - // - //------------------------------------------------------ - - - private void SetUnrestricted(bool unrestricted) - { - if (unrestricted) - { - m_flags = ReflectionPermission.AllFlagsAndMore; - } - else - { - Reset(); - } - } - - - private void Reset() - { - m_flags = ReflectionPermissionFlag.NoFlags; - } - - - public ReflectionPermissionFlag Flags - { - set - { - VerifyAccess(value); - - m_flags = value; - } - - get - { - return m_flags; - } - } - - - #if ZERO // Do not remove this code, useful for debugging - public override String ToString() - { - StringBuilder sb = new StringBuilder(); - sb.Append("ReflectionPermission("); - if (IsUnrestricted()) - { - sb.Append("Unrestricted"); - } - else - { - if (GetFlag(ReflectionPermissionFlag.TypeInformation)) - sb.Append("TypeInformation; "); - if (GetFlag(ReflectionPermissionFlag.MemberAccess)) - sb.Append("MemberAccess; "); -#pragma warning disable 618 - if (GetFlag(ReflectionPermissionFlag.ReflectionEmit)) - sb.Append("ReflectionEmit; "); -#pragma warning restore 618 - } - - sb.Append(")"); - return sb.ToString(); - } - #endif - - - // - // CodeAccessPermission implementation - // - - public bool IsUnrestricted() - { - return m_flags == ReflectionPermission.AllFlagsAndMore; - } - - // - // IPermission implementation - // - - public override IPermission Union(IPermission other) - { - if (other == null) - { - return this.Copy(); - } - else if (!VerifyType(other)) - { - throw new - ArgumentException( - Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) - ); - } - - ReflectionPermission operand = (ReflectionPermission)other; - - if (this.IsUnrestricted() || operand.IsUnrestricted()) - { - return new ReflectionPermission( PermissionState.Unrestricted ); - } - else - { - ReflectionPermissionFlag flag_union = (ReflectionPermissionFlag)(m_flags | operand.m_flags); - return(new ReflectionPermission(flag_union)); - } - } - - - - public override bool IsSubsetOf(IPermission target) - { - if (target == null) - { - return m_flags == ReflectionPermissionFlag.NoFlags; - } - - try - { - ReflectionPermission operand = (ReflectionPermission)target; - if (operand.IsUnrestricted()) - return true; - else if (this.IsUnrestricted()) - return false; - else - return (((int)this.m_flags) & ~((int)operand.m_flags)) == 0; - } - catch (InvalidCastException) - { - throw new - ArgumentException( - Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) - ); - } - - } - - public override IPermission Intersect(IPermission target) - { - if (target == null) - return null; - else if (!VerifyType(target)) - { - throw new - ArgumentException( - Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) - ); - } - - ReflectionPermission operand = (ReflectionPermission)target; - - ReflectionPermissionFlag newFlags = operand.m_flags & this.m_flags; - - if (newFlags == ReflectionPermissionFlag.NoFlags) - return null; - else - return new ReflectionPermission( newFlags ); - } - - public override IPermission Copy() - { - if (this.IsUnrestricted()) - { - return new ReflectionPermission(PermissionState.Unrestricted); - } - else - { - return new ReflectionPermission((ReflectionPermissionFlag)m_flags); - } - } - - - // - // IEncodable Interface - - private - void VerifyAccess(ReflectionPermissionFlag type) - { - if ((type & ~ReflectionPermission.AllFlagsAndMore) != 0) - throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)type)); - Contract.EndContractBlock(); - } - - /// <internalonly/> - int IBuiltInPermission.GetTokenIndex() - { - return ReflectionPermission.GetTokenIndex(); - } - - internal static int GetTokenIndex() - { - return BuiltInPermissionIndex.ReflectionPermissionIndex; - } - } -} diff --git a/src/mscorlib/src/System/Security/Permissions/RegistryPermission.cs b/src/mscorlib/src/System/Security/Permissions/RegistryPermission.cs deleted file mode 100644 index c0c51e94a2..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/RegistryPermission.cs +++ /dev/null @@ -1,363 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -namespace System.Security.Permissions -{ - using System; - using SecurityElement = System.Security.SecurityElement; - using System.Security.AccessControl; - using System.Security.Util; - using System.IO; - using System.Globalization; - using System.Runtime.Serialization; - -[Serializable] - [Flags] -[System.Runtime.InteropServices.ComVisible(true)] - public enum RegistryPermissionAccess - { - NoAccess = 0x00, - Read = 0x01, - Write = 0x02, - Create = 0x04, - AllAccess = 0x07, - } - -[System.Runtime.InteropServices.ComVisible(true)] - [Serializable] - sealed public class RegistryPermission : CodeAccessPermission, IUnrestrictedPermission, IBuiltInPermission - { - private StringExpressionSet m_read; - private StringExpressionSet m_write; - private StringExpressionSet m_create; - [OptionalField(VersionAdded = 2)] - private StringExpressionSet m_viewAcl; - [OptionalField(VersionAdded = 2)] - private StringExpressionSet m_changeAcl; - private bool m_unrestricted; - - - public RegistryPermission(PermissionState state) - { - if (state == PermissionState.Unrestricted) - { - m_unrestricted = true; - } - else if (state == PermissionState.None) - { - m_unrestricted = false; - } - else - { - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPermissionState")); - } - } - - public RegistryPermission( RegistryPermissionAccess access, String pathList ) - { - SetPathList( access, pathList ); - } - - public void SetPathList( RegistryPermissionAccess access, String pathList ) - { - VerifyAccess( access ); - - m_unrestricted = false; - - if ((access & RegistryPermissionAccess.Read) != 0) - m_read = null; - - if ((access & RegistryPermissionAccess.Write) != 0) - m_write = null; - - if ((access & RegistryPermissionAccess.Create) != 0) - m_create = null; - - AddPathList( access, pathList ); - } - - public void AddPathList( RegistryPermissionAccess access, String pathList ) - { - AddPathList( access, AccessControlActions.None, pathList ); - } - - public void AddPathList( RegistryPermissionAccess access, AccessControlActions control, String pathList ) - { - VerifyAccess( access ); - - if ((access & RegistryPermissionAccess.Read) != 0) - { - if (m_read == null) - m_read = new StringExpressionSet(); - m_read.AddExpressions( pathList ); - } - - if ((access & RegistryPermissionAccess.Write) != 0) - { - if (m_write == null) - m_write = new StringExpressionSet(); - m_write.AddExpressions( pathList ); - } - - if ((access & RegistryPermissionAccess.Create) != 0) - { - if (m_create == null) - m_create = new StringExpressionSet(); - m_create.AddExpressions( pathList ); - } - } - - public String GetPathList( RegistryPermissionAccess access ) - { - // SafeCritical: these are registry paths, which means we're not leaking file system information here - VerifyAccess( access ); - ExclusiveAccess( access ); - - if ((access & RegistryPermissionAccess.Read) != 0) - { - if (m_read == null) - { - return ""; - } - return m_read.UnsafeToString(); - } - - if ((access & RegistryPermissionAccess.Write) != 0) - { - if (m_write == null) - { - return ""; - } - return m_write.UnsafeToString(); - } - - if ((access & RegistryPermissionAccess.Create) != 0) - { - if (m_create == null) - { - return ""; - } - return m_create.UnsafeToString(); - } - - /* not reached */ - - return ""; - } - - private void VerifyAccess( RegistryPermissionAccess access ) - { - if ((access & ~RegistryPermissionAccess.AllAccess) != 0) - throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)access)); - } - - private void ExclusiveAccess( RegistryPermissionAccess access ) - { - if (access == RegistryPermissionAccess.NoAccess) - { - throw new ArgumentException( Environment.GetResourceString("Arg_EnumNotSingleFlag") ); - } - - if (((int) access & ((int)access-1)) != 0) - { - throw new ArgumentException( Environment.GetResourceString("Arg_EnumNotSingleFlag") ); - } - } - - private bool IsEmpty() - { - return (!m_unrestricted && - (this.m_read == null || this.m_read.IsEmpty()) && - (this.m_write == null || this.m_write.IsEmpty()) && - (this.m_create == null || this.m_create.IsEmpty()) && - (this.m_viewAcl == null || this.m_viewAcl.IsEmpty()) && - (this.m_changeAcl == null || this.m_changeAcl.IsEmpty())); - } - - //------------------------------------------------------ - // - // CODEACCESSPERMISSION IMPLEMENTATION - // - //------------------------------------------------------ - - public bool IsUnrestricted() - { - return m_unrestricted; - } - - //------------------------------------------------------ - // - // IPERMISSION IMPLEMENTATION - // - //------------------------------------------------------ - - public override bool IsSubsetOf(IPermission target) - { - if (target == null) - { - return this.IsEmpty(); - } - - RegistryPermission operand = target as RegistryPermission; - if (operand == null) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - - if (operand.IsUnrestricted()) - return true; - else if (this.IsUnrestricted()) - return false; - else - return ((this.m_read == null || this.m_read.IsSubsetOf( operand.m_read )) && - (this.m_write == null || this.m_write.IsSubsetOf( operand.m_write )) && - (this.m_create == null || this.m_create.IsSubsetOf( operand.m_create )) && - (this.m_viewAcl == null || this.m_viewAcl.IsSubsetOf( operand.m_viewAcl )) && - (this.m_changeAcl == null || this.m_changeAcl.IsSubsetOf( operand.m_changeAcl ))); - } - - public override IPermission Intersect(IPermission target) - { - if (target == null) - { - return null; - } - else if (!VerifyType(target)) - { - throw new - ArgumentException( - Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) - ); - } - else if (this.IsUnrestricted()) - { - return target.Copy(); - } - - RegistryPermission operand = (RegistryPermission)target; - if (operand.IsUnrestricted()) - { - return this.Copy(); - } - - - StringExpressionSet intersectRead = this.m_read == null ? null : this.m_read.Intersect( operand.m_read ); - StringExpressionSet intersectWrite = this.m_write == null ? null : this.m_write.Intersect( operand.m_write ); - StringExpressionSet intersectCreate = this.m_create == null ? null : this.m_create.Intersect( operand.m_create ); - StringExpressionSet intersectViewAcl = this.m_viewAcl == null ? null : this.m_viewAcl.Intersect( operand.m_viewAcl ); - StringExpressionSet intersectChangeAcl = this.m_changeAcl == null ? null : this.m_changeAcl.Intersect( operand.m_changeAcl ); - - if ((intersectRead == null || intersectRead.IsEmpty()) && - (intersectWrite == null || intersectWrite.IsEmpty()) && - (intersectCreate == null || intersectCreate.IsEmpty()) && - (intersectViewAcl == null || intersectViewAcl.IsEmpty()) && - (intersectChangeAcl == null || intersectChangeAcl.IsEmpty())) - { - return null; - } - - RegistryPermission intersectPermission = new RegistryPermission(PermissionState.None); - intersectPermission.m_unrestricted = false; - intersectPermission.m_read = intersectRead; - intersectPermission.m_write = intersectWrite; - intersectPermission.m_create = intersectCreate; - intersectPermission.m_viewAcl = intersectViewAcl; - intersectPermission.m_changeAcl = intersectChangeAcl; - - return intersectPermission; - } - - public override IPermission Union(IPermission other) - { - if (other == null) - { - return this.Copy(); - } - else if (!VerifyType(other)) - { - throw new - ArgumentException( - Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) - ); - } - - RegistryPermission operand = (RegistryPermission)other; - - if (this.IsUnrestricted() || operand.IsUnrestricted()) - { - return new RegistryPermission( PermissionState.Unrestricted ); - } - - StringExpressionSet unionRead = this.m_read == null ? operand.m_read : this.m_read.Union( operand.m_read ); - StringExpressionSet unionWrite = this.m_write == null ? operand.m_write : this.m_write.Union( operand.m_write ); - StringExpressionSet unionCreate = this.m_create == null ? operand.m_create : this.m_create.Union( operand.m_create ); - StringExpressionSet unionViewAcl = this.m_viewAcl == null ? operand.m_viewAcl : this.m_viewAcl.Union( operand.m_viewAcl ); - StringExpressionSet unionChangeAcl = this.m_changeAcl == null ? operand.m_changeAcl : this.m_changeAcl.Union( operand.m_changeAcl ); - - if ((unionRead == null || unionRead.IsEmpty()) && - (unionWrite == null || unionWrite.IsEmpty()) && - (unionCreate == null || unionCreate.IsEmpty()) && - (unionViewAcl == null || unionViewAcl.IsEmpty()) && - (unionChangeAcl == null || unionChangeAcl.IsEmpty())) - { - return null; - } - - RegistryPermission unionPermission = new RegistryPermission(PermissionState.None); - unionPermission.m_unrestricted = false; - unionPermission.m_read = unionRead; - unionPermission.m_write = unionWrite; - unionPermission.m_create = unionCreate; - unionPermission.m_viewAcl = unionViewAcl; - unionPermission.m_changeAcl = unionChangeAcl; - - return unionPermission; - } - - - public override IPermission Copy() - { - RegistryPermission copy = new RegistryPermission(PermissionState.None); - if (this.m_unrestricted) - { - copy.m_unrestricted = true; - } - else - { - copy.m_unrestricted = false; - if (this.m_read != null) - { - copy.m_read = this.m_read.Copy(); - } - if (this.m_write != null) - { - copy.m_write = this.m_write.Copy(); - } - if (this.m_create != null) - { - copy.m_create = this.m_create.Copy(); - } - if (this.m_viewAcl != null) - { - copy.m_viewAcl = this.m_viewAcl.Copy(); - } - if (this.m_changeAcl != null) - { - copy.m_changeAcl = this.m_changeAcl.Copy(); - } - } - return copy; - } - - /// <internalonly/> - int IBuiltInPermission.GetTokenIndex() - { - return RegistryPermission.GetTokenIndex(); - } - - internal static int GetTokenIndex() - { - return BuiltInPermissionIndex.RegistryPermissionIndex; - } - - } -} diff --git a/src/mscorlib/src/System/Security/Permissions/SecurityPermission.cs b/src/mscorlib/src/System/Security/Permissions/SecurityPermission.cs deleted file mode 100644 index cf3002989d..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/SecurityPermission.cs +++ /dev/null @@ -1,270 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -namespace System.Security.Permissions -{ - using System; - using System.IO; - using System.Security.Util; - using System.Text; - using System.Threading; - using System.Runtime.Remoting; - using System.Security; - using System.Runtime.Serialization; - using System.Reflection; - using System.Globalization; - using System.Diagnostics.Contracts; - - [Serializable] - [Flags] - [System.Runtime.InteropServices.ComVisible(true)] - // The csharp compiler requires these types to be public, but they are not used elsewhere. - [Obsolete("SecurityPermissionFlag is no longer accessible to application code.")] - public enum SecurityPermissionFlag - { - NoFlags = 0x00, - /* The following enum value is used in the EE (ASSERT_PERMISSION in security.cpp) - * Should this value change, make corresponding changes there - */ - Assertion = 0x01, - UnmanagedCode = 0x02, // Update vm\Security.h if you change this ! - SkipVerification = 0x04, // Update vm\Security.h if you change this ! - Execution = 0x08, - ControlThread = 0x10, - ControlEvidence = 0x20, - ControlPolicy = 0x40, - SerializationFormatter = 0x80, - ControlDomainPolicy = 0x100, - ControlPrincipal = 0x200, - ControlAppDomain = 0x400, - RemotingConfiguration = 0x800, - Infrastructure = 0x1000, - BindingRedirects = 0x2000, - AllFlags = 0x3fff, - } - -[System.Runtime.InteropServices.ComVisible(true)] - [Serializable] - sealed public class SecurityPermission - : CodeAccessPermission, IUnrestrictedPermission, IBuiltInPermission - { -#pragma warning disable 618 - private SecurityPermissionFlag m_flags; -#pragma warning restore 618 - - // - // Public Constructors - // - - public SecurityPermission(PermissionState state) - { - if (state == PermissionState.Unrestricted) - { - SetUnrestricted( true ); - } - else if (state == PermissionState.None) - { - SetUnrestricted( false ); - Reset(); - } - else - { - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPermissionState")); - } - } - - - // SecurityPermission - // -#pragma warning disable 618 - public SecurityPermission(SecurityPermissionFlag flag) -#pragma warning restore 618 - { - VerifyAccess(flag); - - SetUnrestricted(false); - m_flags = flag; - } - - - //------------------------------------------------------ - // - // PRIVATE AND PROTECTED MODIFIERS - // - //------------------------------------------------------ - - - private void SetUnrestricted(bool unrestricted) - { - if (unrestricted) - { -#pragma warning disable 618 - m_flags = SecurityPermissionFlag.AllFlags; -#pragma warning restore 618 - } - } - - private void Reset() - { -#pragma warning disable 618 - m_flags = SecurityPermissionFlag.NoFlags; -#pragma warning restore 618 - } - - -#pragma warning disable 618 - public SecurityPermissionFlag Flags -#pragma warning restore 618 - { - set - { - VerifyAccess(value); - - m_flags = value; - } - - get - { - return m_flags; - } - } - - // - // CodeAccessPermission methods - // - - /* - * IPermission interface implementation - */ - - public override bool IsSubsetOf(IPermission target) - { - if (target == null) - { - return m_flags == 0; - } - - SecurityPermission operand = target as SecurityPermission; - if (operand != null) - { - return (((int)this.m_flags) & ~((int)operand.m_flags)) == 0; - } - else - { - throw new - ArgumentException( - Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) - ); - } - - } - - public override IPermission Union(IPermission target) { - if (target == null) return(this.Copy()); - if (!VerifyType(target)) { - throw new - ArgumentException( - Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) - ); - } - SecurityPermission sp_target = (SecurityPermission) target; - if (sp_target.IsUnrestricted() || IsUnrestricted()) { - return(new SecurityPermission(PermissionState.Unrestricted)); - } -#pragma warning disable 618 - SecurityPermissionFlag flag_union = (SecurityPermissionFlag)(m_flags | sp_target.m_flags); -#pragma warning restore 618 - return(new SecurityPermission(flag_union)); - } - - public override IPermission Intersect(IPermission target) - { - if (target == null) - return null; - else if (!VerifyType(target)) - { - throw new - ArgumentException( - Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) - ); - } - - SecurityPermission operand = (SecurityPermission)target; -#pragma warning disable 618 - SecurityPermissionFlag isectFlags = SecurityPermissionFlag.NoFlags; -#pragma warning restore 618 - - if (operand.IsUnrestricted()) - { - if (this.IsUnrestricted()) - return new SecurityPermission(PermissionState.Unrestricted); - else -#pragma warning disable 618 - isectFlags = (SecurityPermissionFlag)this.m_flags; -#pragma warning restore 618 - } - else if (this.IsUnrestricted()) - { -#pragma warning disable 618 - isectFlags = (SecurityPermissionFlag)operand.m_flags; -#pragma warning restore 618 - } - else - { -#pragma warning disable 618 - isectFlags = (SecurityPermissionFlag)m_flags & (SecurityPermissionFlag)operand.m_flags; -#pragma warning restore 618 - } - - if (isectFlags == 0) - return null; - else - return new SecurityPermission(isectFlags); - } - - public override IPermission Copy() - { - if (IsUnrestricted()) - return new SecurityPermission(PermissionState.Unrestricted); - else -#pragma warning disable 618 - return new SecurityPermission((SecurityPermissionFlag)m_flags); -#pragma warning restore 618 - } - - public bool IsUnrestricted() - { -#pragma warning disable 618 - return m_flags == SecurityPermissionFlag.AllFlags; -#pragma warning restore 618 - } - - private -#pragma warning disable 618 - void VerifyAccess(SecurityPermissionFlag type) -#pragma warning restore 618 - { -#pragma warning disable 618 - if ((type & ~SecurityPermissionFlag.AllFlags) != 0) -#pragma warning restore 618 - throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)type)); - Contract.EndContractBlock(); - } - - // - // Object Overrides - // - - /// <internalonly/> - int IBuiltInPermission.GetTokenIndex() - { - return SecurityPermission.GetTokenIndex(); - } - - internal static int GetTokenIndex() - { - return BuiltInPermissionIndex.SecurityPermissionIndex; - } - } -} diff --git a/src/mscorlib/src/System/Security/Permissions/SiteIdentityPermission.cs b/src/mscorlib/src/System/Security/Permissions/SiteIdentityPermission.cs deleted file mode 100644 index ff38d515a1..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/SiteIdentityPermission.cs +++ /dev/null @@ -1,251 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -namespace System.Security.Permissions -{ - using System; - using SiteString = System.Security.Util.SiteString; - using System.Text; - using System.Collections; - using System.Collections.Generic; - using System.Globalization; - using System.Runtime.Serialization; - - [System.Runtime.InteropServices.ComVisible(true)] -#if FEATURE_SERIALIZATION - [Serializable] -#endif - sealed public class SiteIdentityPermission : CodeAccessPermission, IBuiltInPermission - { - //------------------------------------------------------ - // - // PRIVATE STATE DATA - // - //------------------------------------------------------ - [OptionalField(VersionAdded = 2)] - private bool m_unrestricted; - [OptionalField(VersionAdded = 2)] - private SiteString[] m_sites; - - //------------------------------------------------------ - // - // PUBLIC CONSTRUCTORS - // - //------------------------------------------------------ - - - public SiteIdentityPermission(PermissionState state) - { - if (state == PermissionState.Unrestricted) - { - m_unrestricted = true; - } - else if (state == PermissionState.None) - { - m_unrestricted = false; - } - else - { - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPermissionState")); - } - } - - public SiteIdentityPermission( String site ) - { - Site = site; - } - - //------------------------------------------------------ - // - // PUBLIC ACCESSOR METHODS - // - //------------------------------------------------------ - - public String Site - { - set - { - m_unrestricted = false; - m_sites = new SiteString[1]; - m_sites[0] = new SiteString( value ); - } - - get - { - if(m_sites == null) - return ""; - if(m_sites.Length == 1) - return m_sites[0].ToString(); - throw new NotSupportedException(Environment.GetResourceString("NotSupported_AmbiguousIdentity")); - } - } - - //------------------------------------------------------ - // - // PRIVATE AND PROTECTED HELPERS FOR ACCESSORS AND CONSTRUCTORS - // - //------------------------------------------------------ - - //------------------------------------------------------ - // - // CODEACCESSPERMISSION IMPLEMENTATION - // - //------------------------------------------------------ - - //------------------------------------------------------ - // - // IPERMISSION IMPLEMENTATION - // - //------------------------------------------------------ - public override IPermission Copy() - { - SiteIdentityPermission perm = new SiteIdentityPermission( PermissionState.None ); - perm.m_unrestricted = this.m_unrestricted; - if (this.m_sites != null) - { - perm.m_sites = new SiteString[this.m_sites.Length]; - int n; - for(n = 0; n < this.m_sites.Length; n++) - perm.m_sites[n] = (SiteString)this.m_sites[n].Copy(); - } - return perm; - } - - public override bool IsSubsetOf(IPermission target) - { - if (target == null) - { - if(m_unrestricted) - return false; - if(m_sites == null) - return true; - if(m_sites.Length == 0) - return true; - return false; - } - SiteIdentityPermission that = target as SiteIdentityPermission; - if(that == null) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - if(that.m_unrestricted) - return true; - if(m_unrestricted) - return false; - if(this.m_sites != null) - { - foreach(SiteString ssThis in this.m_sites) - { - bool bOK = false; - if(that.m_sites != null) - { - foreach(SiteString ssThat in that.m_sites) - { - if(ssThis.IsSubsetOf(ssThat)) - { - bOK = true; - break; - } - } - } - if(!bOK) - return false; - } - } - return true; - } - - public override IPermission Intersect(IPermission target) - { - if (target == null) - return null; - SiteIdentityPermission that = target as SiteIdentityPermission; - if(that == null) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - if(this.m_unrestricted && that.m_unrestricted) - { - SiteIdentityPermission res = new SiteIdentityPermission(PermissionState.None); - res.m_unrestricted = true; - return res; - } - if(this.m_unrestricted) - return that.Copy(); - if(that.m_unrestricted) - return this.Copy(); - if(this.m_sites == null || that.m_sites == null || this.m_sites.Length == 0 || that.m_sites.Length == 0) - return null; - List<SiteString> alSites = new List<SiteString>(); - foreach(SiteString ssThis in this.m_sites) - { - foreach(SiteString ssThat in that.m_sites) - { - SiteString ssInt = (SiteString)ssThis.Intersect(ssThat); - if(ssInt != null) - alSites.Add(ssInt); - } - } - if(alSites.Count == 0) - return null; - SiteIdentityPermission result = new SiteIdentityPermission(PermissionState.None); - result.m_sites = alSites.ToArray(); - return result; - } - - public override IPermission Union(IPermission target) - { - if (target == null) - { - if((this.m_sites == null || this.m_sites.Length == 0) && !this.m_unrestricted) - return null; - return this.Copy(); - } - SiteIdentityPermission that = target as SiteIdentityPermission; - if(that == null) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - if(this.m_unrestricted || that.m_unrestricted) - { - SiteIdentityPermission res = new SiteIdentityPermission(PermissionState.None); - res.m_unrestricted = true; - return res; - } - if (this.m_sites == null || this.m_sites.Length == 0) - { - if(that.m_sites == null || that.m_sites.Length == 0) - return null; - return that.Copy(); - } - if(that.m_sites == null || that.m_sites.Length == 0) - return this.Copy(); - List<SiteString> alSites = new List<SiteString>(); - foreach(SiteString ssThis in this.m_sites) - alSites.Add(ssThis); - foreach(SiteString ssThat in that.m_sites) - { - bool bDupe = false; - foreach(SiteString ss in alSites) - { - if(ssThat.Equals(ss)) - { - bDupe = true; - break; - } - } - if(!bDupe) - alSites.Add(ssThat); - } - SiteIdentityPermission result = new SiteIdentityPermission(PermissionState.None); - result.m_sites = alSites.ToArray(); - return result; - } - - /// <internalonly/> - int IBuiltInPermission.GetTokenIndex() - { - return SiteIdentityPermission.GetTokenIndex(); - } - - internal static int GetTokenIndex() - { - return BuiltInPermissionIndex.SiteIdentityPermissionIndex; - } - } -} diff --git a/src/mscorlib/src/System/Security/Permissions/StrongNameIdentityPermission.cs b/src/mscorlib/src/System/Security/Permissions/StrongNameIdentityPermission.cs deleted file mode 100644 index f09d84de34..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/StrongNameIdentityPermission.cs +++ /dev/null @@ -1,401 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -namespace System.Security.Permissions -{ - using System; - using System.Security.Util; - using System.IO; - using String = System.String; - using Version = System.Version; - using System.Security.Policy; - using System.Collections; - using System.Collections.Generic; - using System.Globalization; - using System.Diagnostics.Contracts; - - // The only difference between this class and System.Security.Policy.StrongName is that this one - // allows m_name to be null. We should merge this class with System.Security.Policy.StrongName - [Serializable] - sealed internal class StrongName2 - { - public StrongNamePublicKeyBlob m_publicKeyBlob; - public String m_name; - public Version m_version; - - public StrongName2(StrongNamePublicKeyBlob publicKeyBlob, String name, Version version) - { - m_publicKeyBlob = publicKeyBlob; - m_name = name; - m_version = version; - } - - public StrongName2 Copy() - { - return new StrongName2(m_publicKeyBlob, m_name, m_version); - } - - public bool IsSubsetOf(StrongName2 target) - { - // This StrongName2 is a subset of the target if it's public key blob is null no matter what - if (this.m_publicKeyBlob == null) - return true; - - // Subsets are always false if the public key blobs do not match - if (!this.m_publicKeyBlob.Equals( target.m_publicKeyBlob )) - return false; - - // We use null in strings to represent the "Anything" state. - // Therefore, the logic to detect an individual subset is: - // - // 1. If the this string is null ("Anything" is a subset of any other). - // 2. If the this string and target string are the same (equality is sufficient for a subset). - // - // The logic is reversed here to discover things that are not subsets. - if (this.m_name != null) - { - if (target.m_name == null || !System.Security.Policy.StrongName.CompareNames( target.m_name, this.m_name )) - return false; - } - - if ((Object) this.m_version != null) - { - if ((Object) target.m_version == null || - target.m_version.CompareTo( this.m_version ) != 0) - { - return false; - } - } - - return true; - } - - public StrongName2 Intersect(StrongName2 target) - { - if (target.IsSubsetOf( this )) - return target.Copy(); - else if (this.IsSubsetOf( target )) - return this.Copy(); - else - return null; - } - - public bool Equals(StrongName2 target) - { - if (!target.IsSubsetOf(this)) - return false; - if (!this.IsSubsetOf(target)) - return false; - return true; - } - } - - - -[System.Runtime.InteropServices.ComVisible(true)] - [Serializable] - sealed public class StrongNameIdentityPermission : CodeAccessPermission, IBuiltInPermission - { - //------------------------------------------------------ - // - // PRIVATE STATE DATA - // - //------------------------------------------------------ - - private bool m_unrestricted; - private StrongName2[] m_strongNames; - - //------------------------------------------------------ - // - // PUBLIC CONSTRUCTORS - // - //------------------------------------------------------ - - - public StrongNameIdentityPermission(PermissionState state) - { - if (state == PermissionState.Unrestricted) - { - m_unrestricted = true; - } - else if (state == PermissionState.None) - { - m_unrestricted = false; - } - else - { - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPermissionState")); - } - } - - public StrongNameIdentityPermission( StrongNamePublicKeyBlob blob, String name, Version version ) - { - if (blob == null) - throw new ArgumentNullException( nameof(blob) ); - if (name != null && name.Equals( "" )) - throw new ArgumentException( Environment.GetResourceString( "Argument_EmptyStrongName" ) ); - Contract.EndContractBlock(); - m_unrestricted = false; - m_strongNames = new StrongName2[1]; - m_strongNames[0] = new StrongName2(blob, name, version); - } - - - //------------------------------------------------------ - // - // PUBLIC ACCESSOR METHODS - // - //------------------------------------------------------ - - public StrongNamePublicKeyBlob PublicKey - { - set - { - if (value == null) - throw new ArgumentNullException( nameof(PublicKey) ); - Contract.EndContractBlock(); - m_unrestricted = false; - if(m_strongNames != null && m_strongNames.Length == 1) - m_strongNames[0].m_publicKeyBlob = value; - else - { - m_strongNames = new StrongName2[1]; - m_strongNames[0] = new StrongName2(value, "", new Version()); - } - } - - get - { - if(m_strongNames == null || m_strongNames.Length == 0) - return null; - if(m_strongNames.Length > 1) - throw new NotSupportedException(Environment.GetResourceString("NotSupported_AmbiguousIdentity")); - return m_strongNames[0].m_publicKeyBlob; - } - } - - public String Name - { - set - { - if (value != null && value.Length == 0) - throw new ArgumentException( Environment.GetResourceString("Argument_EmptyName" )); - Contract.EndContractBlock(); - m_unrestricted = false; - if(m_strongNames != null && m_strongNames.Length == 1) - m_strongNames[0].m_name = value; - else - { - m_strongNames = new StrongName2[1]; - m_strongNames[0] = new StrongName2(null, value, new Version()); - } - } - - get - { - if(m_strongNames == null || m_strongNames.Length == 0) - return ""; - if(m_strongNames.Length > 1) - throw new NotSupportedException(Environment.GetResourceString("NotSupported_AmbiguousIdentity")); - return m_strongNames[0].m_name; - } - } - - public Version Version - { - set - { - m_unrestricted = false; - if(m_strongNames != null && m_strongNames.Length == 1) - m_strongNames[0].m_version = value; - else - { - m_strongNames = new StrongName2[1]; - m_strongNames[0] = new StrongName2(null, "", value); - } - } - - get - { - if(m_strongNames == null || m_strongNames.Length == 0) - return new Version(); - if(m_strongNames.Length > 1) - throw new NotSupportedException(Environment.GetResourceString("NotSupported_AmbiguousIdentity")); - return m_strongNames[0].m_version; - } - } - - //------------------------------------------------------ - // - // PRIVATE AND PROTECTED HELPERS FOR ACCESSORS AND CONSTRUCTORS - // - //------------------------------------------------------ - - //------------------------------------------------------ - // - // CODEACCESSPERMISSION IMPLEMENTATION - // - //------------------------------------------------------ - - //------------------------------------------------------ - // - // IPERMISSION IMPLEMENTATION - // - //------------------------------------------------------ - - - public override IPermission Copy() - { - StrongNameIdentityPermission perm = new StrongNameIdentityPermission(PermissionState.None); - perm.m_unrestricted = this.m_unrestricted; - if(this.m_strongNames != null) - { - perm.m_strongNames = new StrongName2[this.m_strongNames.Length]; - int n; - for(n = 0; n < this.m_strongNames.Length; n++) - perm.m_strongNames[n] = this.m_strongNames[n].Copy(); - } - return perm; - } - - public override bool IsSubsetOf(IPermission target) - { - if (target == null) - { - if(m_unrestricted) - return false; - if(m_strongNames == null) - return true; - if(m_strongNames.Length == 0) - return true; - return false; - } - StrongNameIdentityPermission that = target as StrongNameIdentityPermission; - if(that == null) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - if(that.m_unrestricted) - return true; - if(m_unrestricted) - return false; - if(this.m_strongNames != null) - { - foreach(StrongName2 snThis in m_strongNames) - { - bool bOK = false; - if(that.m_strongNames != null) - { - foreach(StrongName2 snThat in that.m_strongNames) - { - if(snThis.IsSubsetOf(snThat)) - { - bOK = true; - break; - } - } - } - if(!bOK) - return false; - } - } - return true; - } - - - - public override IPermission Intersect(IPermission target) - { - if (target == null) - return null; - StrongNameIdentityPermission that = target as StrongNameIdentityPermission; - if(that == null) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - if(this.m_unrestricted && that.m_unrestricted) - { - StrongNameIdentityPermission res = new StrongNameIdentityPermission(PermissionState.None); - res.m_unrestricted = true; - return res; - } - if(this.m_unrestricted) - return that.Copy(); - if(that.m_unrestricted) - return this.Copy(); - if(this.m_strongNames == null || that.m_strongNames == null || this.m_strongNames.Length == 0 || that.m_strongNames.Length == 0) - return null; - List<StrongName2> alStrongNames = new List<StrongName2>(); - foreach(StrongName2 snThis in this.m_strongNames) - { - foreach(StrongName2 snThat in that.m_strongNames) - { - StrongName2 snInt = (StrongName2)snThis.Intersect(snThat); - if(snInt != null) - alStrongNames.Add(snInt); - } - } - if(alStrongNames.Count == 0) - return null; - StrongNameIdentityPermission result = new StrongNameIdentityPermission(PermissionState.None); - result.m_strongNames = alStrongNames.ToArray(); - return result; - } - - public override IPermission Union(IPermission target) - { - if (target == null) - { - if((this.m_strongNames == null || this.m_strongNames.Length == 0) && !this.m_unrestricted) - return null; - return this.Copy(); - } - StrongNameIdentityPermission that = target as StrongNameIdentityPermission; - if(that == null) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - if(this.m_unrestricted || that.m_unrestricted) - { - StrongNameIdentityPermission res = new StrongNameIdentityPermission(PermissionState.None); - res.m_unrestricted = true; - return res; - } - if (this.m_strongNames == null || this.m_strongNames.Length == 0) - { - if(that.m_strongNames == null || that.m_strongNames.Length == 0) - return null; - return that.Copy(); - } - if(that.m_strongNames == null || that.m_strongNames.Length == 0) - return this.Copy(); - List<StrongName2> alStrongNames = new List<StrongName2>(); - foreach(StrongName2 snThis in this.m_strongNames) - alStrongNames.Add(snThis); - foreach(StrongName2 snThat in that.m_strongNames) - { - bool bDupe = false; - foreach(StrongName2 sn in alStrongNames) - { - if(snThat.Equals(sn)) - { - bDupe = true; - break; - } - } - if(!bDupe) - alStrongNames.Add(snThat); - } - StrongNameIdentityPermission result = new StrongNameIdentityPermission(PermissionState.None); - result.m_strongNames = alStrongNames.ToArray(); - return result; - } - - /// <internalonly/> - int IBuiltInPermission.GetTokenIndex() - { - return StrongNameIdentityPermission.GetTokenIndex(); - } - - internal static int GetTokenIndex() - { - return BuiltInPermissionIndex.StrongNameIdentityPermissionIndex; - } - - } -} diff --git a/src/mscorlib/src/System/Security/Permissions/StrongNamePublicKeyBlob.cs b/src/mscorlib/src/System/Security/Permissions/StrongNamePublicKeyBlob.cs deleted file mode 100644 index 823eaba938..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/StrongNamePublicKeyBlob.cs +++ /dev/null @@ -1,94 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -namespace System.Security.Permissions -{ - using System; - using System.Security.Util; - using System.Diagnostics.Contracts; - - [System.Runtime.InteropServices.ComVisible(true)] - [Serializable] sealed public class StrongNamePublicKeyBlob - { - internal byte[] PublicKey; - - internal StrongNamePublicKeyBlob() - { - } - - public StrongNamePublicKeyBlob( byte[] publicKey ) - { - if (publicKey == null) - throw new ArgumentNullException( nameof(PublicKey) ); - Contract.EndContractBlock(); - - this.PublicKey = new byte[publicKey.Length]; - Array.Copy( publicKey, 0, this.PublicKey, 0, publicKey.Length ); - } - - internal StrongNamePublicKeyBlob( String publicKey ) - { - this.PublicKey = Hex.DecodeHexString( publicKey ); - } - - private static bool CompareArrays( byte[] first, byte[] second ) - { - if (first.Length != second.Length) - { - return false; - } - - int count = first.Length; - for (int i = 0; i < count; ++i) - { - if (first[i] != second[i]) - return false; - } - - return true; - } - - - internal bool Equals( StrongNamePublicKeyBlob blob ) - { - if (blob == null) - return false; - else - return CompareArrays( this.PublicKey, blob.PublicKey ); - } - - public override bool Equals( Object obj ) - { - if (obj == null || !(obj is StrongNamePublicKeyBlob)) - return false; - - return this.Equals( (StrongNamePublicKeyBlob)obj ); - } - - static private int GetByteArrayHashCode( byte[] baData ) - { - if (baData == null) - return 0; - - int accumulator = 0; - - for (int i = 0; i < baData.Length; ++i) - { - accumulator = (accumulator << 8) ^ (int)baData[i] ^ (accumulator >> 24); - } - - return accumulator; - } - - public override int GetHashCode() - { - return GetByteArrayHashCode( PublicKey ); - } - - public override String ToString() - { - return Hex.EncodeHexString( PublicKey ); - } - } -} diff --git a/src/mscorlib/src/System/Security/Permissions/UIPermission.cs b/src/mscorlib/src/System/Security/Permissions/UIPermission.cs deleted file mode 100644 index 4abe801e41..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/UIPermission.cs +++ /dev/null @@ -1,327 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -namespace System.Security.Permissions -{ - using System; - using System.Security; - using System.Security.Util; - using System.IO; - using System.Runtime.Serialization; - using System.Reflection; - using System.Collections; - using System.Globalization; - using System.Diagnostics.Contracts; - - [Serializable] -[System.Runtime.InteropServices.ComVisible(true)] - public enum UIPermissionWindow - { - // No window use allowed at all. - NoWindows = 0x0, - - // Only allow safe subwindow use (for embedded components). - SafeSubWindows = 0x01, - - // Safe top-level window use only (see specification for details). - SafeTopLevelWindows = 0x02, - - // All windows and all event may be used. - AllWindows = 0x03, - - } - - [Serializable] -[System.Runtime.InteropServices.ComVisible(true)] - public enum UIPermissionClipboard - { - // No clipboard access is allowed. - NoClipboard = 0x0, - - // Paste from the same app domain only. - OwnClipboard = 0x1, - - // Any clipboard access is allowed. - AllClipboard = 0x2, - - } - - -[System.Runtime.InteropServices.ComVisible(true)] - [Serializable] - sealed public class UIPermission - : CodeAccessPermission, IUnrestrictedPermission, IBuiltInPermission - { - //------------------------------------------------------ - // - // PRIVATE STATE DATA - // - //------------------------------------------------------ - - private UIPermissionWindow m_windowFlag; - private UIPermissionClipboard m_clipboardFlag; - - //------------------------------------------------------ - // - // PUBLIC CONSTRUCTORS - // - //------------------------------------------------------ - - public UIPermission(PermissionState state) - { - if (state == PermissionState.Unrestricted) - { - SetUnrestricted( true ); - } - else if (state == PermissionState.None) - { - SetUnrestricted( false ); - Reset(); - } - else - { - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPermissionState")); - } - } - - public UIPermission(UIPermissionWindow windowFlag, UIPermissionClipboard clipboardFlag ) - { - VerifyWindowFlag( windowFlag ); - VerifyClipboardFlag( clipboardFlag ); - - m_windowFlag = windowFlag; - m_clipboardFlag = clipboardFlag; - } - - public UIPermission(UIPermissionWindow windowFlag ) - { - VerifyWindowFlag( windowFlag ); - - m_windowFlag = windowFlag; - } - - public UIPermission(UIPermissionClipboard clipboardFlag ) - { - VerifyClipboardFlag( clipboardFlag ); - - m_clipboardFlag = clipboardFlag; - } - - - //------------------------------------------------------ - // - // PUBLIC ACCESSOR METHODS - // - //------------------------------------------------------ - - public UIPermissionWindow Window - { - set - { - VerifyWindowFlag(value); - - m_windowFlag = value; - } - - get - { - return m_windowFlag; - } - } - - public UIPermissionClipboard Clipboard - { - set - { - VerifyClipboardFlag(value); - - m_clipboardFlag = value; - } - - get - { - return m_clipboardFlag; - } - } - - //------------------------------------------------------ - // - // PRIVATE AND PROTECTED HELPERS FOR ACCESSORS AND CONSTRUCTORS - // - //------------------------------------------------------ - - private static void VerifyWindowFlag(UIPermissionWindow flag) - { - if (flag < UIPermissionWindow.NoWindows || flag > UIPermissionWindow.AllWindows) - { - throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)flag)); - } - Contract.EndContractBlock(); - } - - private static void VerifyClipboardFlag(UIPermissionClipboard flag) - { - if (flag < UIPermissionClipboard.NoClipboard || flag > UIPermissionClipboard.AllClipboard) - { - throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)flag)); - } - Contract.EndContractBlock(); - } - - private void Reset() - { - m_windowFlag = UIPermissionWindow.NoWindows; - m_clipboardFlag = UIPermissionClipboard.NoClipboard; - } - - private void SetUnrestricted( bool unrestricted ) - { - if (unrestricted) - { - m_windowFlag = UIPermissionWindow.AllWindows; - m_clipboardFlag = UIPermissionClipboard.AllClipboard; - } - } - -#if false - //------------------------------------------------------ - // - // OBJECT METHOD OVERRIDES - // - //------------------------------------------------------ - public String ToString() - { - #if _DEBUG - StringBuilder sb = new StringBuilder(); - sb.Append("UIPermission("); - if (IsUnrestricted()) - { - sb.Append("Unrestricted"); - } - else - { - sb.Append(m_stateNameTableWindow[m_windowFlag]); - sb.Append(", "); - sb.Append(m_stateNameTableClipboard[m_clipboardFlag]); - } - - sb.Append(")"); - return sb.ToString(); - #else - return super.ToString(); - #endif - } -#endif - - //------------------------------------------------------ - // - // CODEACCESSPERMISSION IMPLEMENTATION - // - //------------------------------------------------------ - - public bool IsUnrestricted() - { - return m_windowFlag == UIPermissionWindow.AllWindows && m_clipboardFlag == UIPermissionClipboard.AllClipboard; - } - - //------------------------------------------------------ - // - // IPERMISSION IMPLEMENTATION - // - //------------------------------------------------------ - - public override bool IsSubsetOf(IPermission target) - { - if (target == null) - { - // Only safe subset if this is empty - return m_windowFlag == UIPermissionWindow.NoWindows && m_clipboardFlag == UIPermissionClipboard.NoClipboard; - } - - try - { - UIPermission operand = (UIPermission)target; - if (operand.IsUnrestricted()) - return true; - else if (this.IsUnrestricted()) - return false; - else - return this.m_windowFlag <= operand.m_windowFlag && this.m_clipboardFlag <= operand.m_clipboardFlag; - } - catch (InvalidCastException) - { - throw new - ArgumentException( - Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) - ); - } - - } - - public override IPermission Intersect(IPermission target) - { - if (target == null) - { - return null; - } - else if (!VerifyType(target)) - { - throw new - ArgumentException( - Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) - ); - } - - UIPermission operand = (UIPermission)target; - UIPermissionWindow isectWindowFlags = m_windowFlag < operand.m_windowFlag ? m_windowFlag : operand.m_windowFlag; - UIPermissionClipboard isectClipboardFlags = m_clipboardFlag < operand.m_clipboardFlag ? m_clipboardFlag : operand.m_clipboardFlag; - if (isectWindowFlags == UIPermissionWindow.NoWindows && isectClipboardFlags == UIPermissionClipboard.NoClipboard) - return null; - else - return new UIPermission(isectWindowFlags, isectClipboardFlags); - } - - public override IPermission Union(IPermission target) - { - if (target == null) - { - return this.Copy(); - } - else if (!VerifyType(target)) - { - throw new - ArgumentException( - Environment.GetResourceString("Argument_WrongType", this.GetType().FullName) - ); - } - - UIPermission operand = (UIPermission)target; - UIPermissionWindow isectWindowFlags = m_windowFlag > operand.m_windowFlag ? m_windowFlag : operand.m_windowFlag; - UIPermissionClipboard isectClipboardFlags = m_clipboardFlag > operand.m_clipboardFlag ? m_clipboardFlag : operand.m_clipboardFlag; - if (isectWindowFlags == UIPermissionWindow.NoWindows && isectClipboardFlags == UIPermissionClipboard.NoClipboard) - return null; - else - return new UIPermission(isectWindowFlags, isectClipboardFlags); - } - - public override IPermission Copy() - { - return new UIPermission(this.m_windowFlag, this.m_clipboardFlag); - } - - /// <internalonly/> - int IBuiltInPermission.GetTokenIndex() - { - return UIPermission.GetTokenIndex(); - } - - internal static int GetTokenIndex() - { - return BuiltInPermissionIndex.UIPermissionIndex; - } - - } - - -} diff --git a/src/mscorlib/src/System/Security/Permissions/URLIdentityPermission.cs b/src/mscorlib/src/System/Security/Permissions/URLIdentityPermission.cs deleted file mode 100644 index 0883bf8979..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/URLIdentityPermission.cs +++ /dev/null @@ -1,284 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -namespace System.Security.Permissions -{ - using System; - using System.Security.Util; - using System.IO; - using System.Text; - using System.Collections; - using System.Collections.Generic; - using System.Globalization; - using System.Runtime.Serialization; - using System.Diagnostics.Contracts; - - [System.Runtime.InteropServices.ComVisible(true)] -#if FEATURE_SERIALIZATION - [Serializable] -#endif - sealed public class UrlIdentityPermission : CodeAccessPermission, IBuiltInPermission - { - //------------------------------------------------------ - // - // PRIVATE STATE DATA - // - //------------------------------------------------------ - - [OptionalField(VersionAdded = 2)] - private bool m_unrestricted; - [OptionalField(VersionAdded = 2)] - private URLString[] m_urls; - - //------------------------------------------------------ - // - // PUBLIC CONSTRUCTORS - // - //------------------------------------------------------ - - - public UrlIdentityPermission(PermissionState state) - { - if (state == PermissionState.Unrestricted) - { - m_unrestricted = true; - } - else if (state == PermissionState.None) - { - m_unrestricted = false; - } - else - { - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPermissionState")); - } - } - - public UrlIdentityPermission( String site ) - { - if (site == null) - throw new ArgumentNullException( nameof(site) ); - Contract.EndContractBlock(); - Url = site; - } - - internal UrlIdentityPermission( URLString site ) - { - m_unrestricted = false; - m_urls = new URLString[1]; - m_urls[0] = site; - } - - // Internal function to append all the urls in m_urls to the input originList - internal void AppendOrigin(ArrayList originList) - { - if (m_urls == null) - originList.Add(""); - else - { - int n; - for(n = 0; n < this.m_urls.Length; n++) - originList.Add(m_urls[n].ToString()); - } - } - - //------------------------------------------------------ - // - // PUBLIC ACCESSOR METHODS - // - //------------------------------------------------------ - - public String Url - { - set - { - m_unrestricted = false; - if(value == null || value.Length == 0) - m_urls = null; - else - { - m_urls = new URLString[1]; - m_urls[0] = new URLString( value ); - } - } - - get - { - if(m_urls == null) - return ""; - if(m_urls.Length == 1) - return m_urls[0].ToString(); - throw new NotSupportedException(Environment.GetResourceString("NotSupported_AmbiguousIdentity")); - } - } - - //------------------------------------------------------ - // - // PRIVATE AND PROTECTED HELPERS FOR ACCESSORS AND CONSTRUCTORS - // - //------------------------------------------------------ - - //------------------------------------------------------ - // - // CODEACCESSPERMISSION IMPLEMENTATION - // - //------------------------------------------------------ - - //------------------------------------------------------ - // - // IPERMISSION IMPLEMENTATION - // - //------------------------------------------------------ - - - public override IPermission Copy() - { - UrlIdentityPermission perm = new UrlIdentityPermission( PermissionState.None ); - perm.m_unrestricted = this.m_unrestricted; - if (this.m_urls != null) - { - perm.m_urls = new URLString[this.m_urls.Length]; - int n; - for(n = 0; n < this.m_urls.Length; n++) - perm.m_urls[n] = (URLString)this.m_urls[n].Copy(); - } - return perm; - } - - public override bool IsSubsetOf(IPermission target) - { - if (target == null) - { - if(m_unrestricted) - return false; - if(m_urls == null) - return true; - if(m_urls.Length == 0) - return true; - return false; - } - UrlIdentityPermission that = target as UrlIdentityPermission; - if(that == null) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - if(that.m_unrestricted) - return true; - if(m_unrestricted) - return false; - if(this.m_urls != null) - { - foreach(URLString usThis in this.m_urls) - { - bool bOK = false; - if(that.m_urls != null) - { - foreach(URLString usThat in that.m_urls) - { - if(usThis.IsSubsetOf(usThat)) - { - bOK = true; - break; - } - } - } - if(!bOK) - return false; - } - } - return true; - } - - public override IPermission Intersect(IPermission target) - { - if (target == null) - return null; - UrlIdentityPermission that = target as UrlIdentityPermission; - if(that == null) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - if(this.m_unrestricted && that.m_unrestricted) - { - UrlIdentityPermission res = new UrlIdentityPermission(PermissionState.None); - res.m_unrestricted = true; - return res; - } - if(this.m_unrestricted) - return that.Copy(); - if(that.m_unrestricted) - return this.Copy(); - if(this.m_urls == null || that.m_urls == null || this.m_urls.Length == 0 || that.m_urls.Length == 0) - return null; - List<URLString> alUrls = new List<URLString>(); - foreach(URLString usThis in this.m_urls) - { - foreach(URLString usThat in that.m_urls) - { - URLString usInt = (URLString)usThis.Intersect(usThat); - if(usInt != null) - alUrls.Add(usInt); - } - } - if(alUrls.Count == 0) - return null; - UrlIdentityPermission result = new UrlIdentityPermission(PermissionState.None); - result.m_urls = alUrls.ToArray(); - return result; - } - - public override IPermission Union(IPermission target) - { - if (target == null) - { - if((this.m_urls == null || this.m_urls.Length == 0) && !this.m_unrestricted) - return null; - return this.Copy(); - } - UrlIdentityPermission that = target as UrlIdentityPermission; - if(that == null) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - if(this.m_unrestricted || that.m_unrestricted) - { - UrlIdentityPermission res = new UrlIdentityPermission(PermissionState.None); - res.m_unrestricted = true; - return res; - } - if (this.m_urls == null || this.m_urls.Length == 0) - { - if(that.m_urls == null || that.m_urls.Length == 0) - return null; - return that.Copy(); - } - if(that.m_urls == null || that.m_urls.Length == 0) - return this.Copy(); - List<URLString> alUrls = new List<URLString>(); - foreach(URLString usThis in this.m_urls) - alUrls.Add(usThis); - foreach(URLString usThat in that.m_urls) - { - bool bDupe = false; - foreach(URLString us in alUrls) - { - if(usThat.Equals(us)) - { - bDupe = true; - break; - } - } - if(!bDupe) - alUrls.Add(usThat); - } - UrlIdentityPermission result = new UrlIdentityPermission(PermissionState.None); - result.m_urls = alUrls.ToArray(); - return result; - } - - /// <internalonly/> - int IBuiltInPermission.GetTokenIndex() - { - return UrlIdentityPermission.GetTokenIndex(); - } - - internal static int GetTokenIndex() - { - return BuiltInPermissionIndex.UrlIdentityPermissionIndex; - } - } -} diff --git a/src/mscorlib/src/System/Security/Permissions/ZoneIdentityPermission.cs b/src/mscorlib/src/System/Security/Permissions/ZoneIdentityPermission.cs deleted file mode 100644 index 9023c7eece..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/ZoneIdentityPermission.cs +++ /dev/null @@ -1,208 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -// -// - -namespace System.Security.Permissions -{ - using System; - using System.Globalization; - using System.Runtime.Serialization; - using System.Collections; - using System.Collections.Generic; - using System.Diagnostics.Contracts; - - [System.Runtime.InteropServices.ComVisible(true)] -#if FEATURE_SERIALIZATION - [Serializable] -#endif - sealed public class ZoneIdentityPermission : CodeAccessPermission, IBuiltInPermission - { - //------------------------------------------------------ - // - // PRIVATE STATE DATA - // - //------------------------------------------------------ - - // Zone Enum Flag - // ----- ----- ----- - // NoZone -1 0x00 - // MyComputer 0 0x01 (1 << 0) - // Intranet 1 0x02 (1 << 1) - // Trusted 2 0x04 (1 << 2) - // Internet 3 0x08 (1 << 3) - // Untrusted 4 0x10 (1 << 4) - - private const uint AllZones = 0x1f; - [OptionalField(VersionAdded = 2)] - private uint m_zones; - - //------------------------------------------------------ - // - // PUBLIC CONSTRUCTORS - // - //------------------------------------------------------ - - public ZoneIdentityPermission(PermissionState state) - { - if (state == PermissionState.Unrestricted) - { - m_zones = AllZones; - } - else if (state == PermissionState.None) - { - m_zones = 0; - } - else - { - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPermissionState")); - } - } - - public ZoneIdentityPermission( SecurityZone zone ) - { - this.SecurityZone = zone; - } - - internal ZoneIdentityPermission( uint zones ) - { - m_zones = (zones & AllZones); - } - - // Internal function to append all the Zone in this permission to the input ArrayList - internal void AppendZones(ArrayList zoneList) - { - int nEnum = 0; - uint nFlag; - for(nFlag = 1; nFlag < AllZones; nFlag <<= 1) - { - if((m_zones & nFlag) != 0) - { - zoneList.Add((SecurityZone)nEnum); - } - nEnum++; - } - } - - //------------------------------------------------------ - // - // PUBLIC ACCESSOR METHODS - // - //------------------------------------------------------ - - public SecurityZone SecurityZone - { - set - { - VerifyZone( value ); - if(value == SecurityZone.NoZone) - m_zones = 0; - else - m_zones = (uint)1 << (int)value; - } - - get - { - SecurityZone z = SecurityZone.NoZone; - int nEnum = 0; - uint nFlag; - for(nFlag = 1; nFlag < AllZones; nFlag <<= 1) - { - if((m_zones & nFlag) != 0) - { - if(z == SecurityZone.NoZone) - z = (SecurityZone)nEnum; - else - return SecurityZone.NoZone; - } - nEnum++; - } - return z; - } - } - - //------------------------------------------------------ - // - // PRIVATE AND PROTECTED HELPERS FOR ACCESSORS AND CONSTRUCTORS - // - //------------------------------------------------------ - - private static void VerifyZone( SecurityZone zone ) - { - if (zone < SecurityZone.NoZone || zone > SecurityZone.Untrusted) - { - throw new ArgumentException( Environment.GetResourceString("Argument_IllegalZone") ); - } - Contract.EndContractBlock(); - } - - - //------------------------------------------------------ - // - // CODEACCESSPERMISSION IMPLEMENTATION - // - //------------------------------------------------------ - - //------------------------------------------------------ - // - // IPERMISSION IMPLEMENTATION - // - //------------------------------------------------------ - - - public override IPermission Copy() - { - return new ZoneIdentityPermission(this.m_zones); - } - - public override bool IsSubsetOf(IPermission target) - { - if (target == null) - return this.m_zones == 0; - - ZoneIdentityPermission that = target as ZoneIdentityPermission; - if (that == null) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - return (this.m_zones & that.m_zones) == this.m_zones; - } - - public override IPermission Intersect(IPermission target) - { - if (target == null) - return null; - - ZoneIdentityPermission that = target as ZoneIdentityPermission; - if (that == null) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - uint newZones = this.m_zones & that.m_zones; - if(newZones == 0) - return null; - return new ZoneIdentityPermission(newZones); - } - - public override IPermission Union(IPermission target) - { - if (target == null) - return this.m_zones != 0 ? this.Copy() : null; - - ZoneIdentityPermission that = target as ZoneIdentityPermission; - if (that == null) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - return new ZoneIdentityPermission(this.m_zones | that.m_zones); - } - - /// <internalonly/> - int IBuiltInPermission.GetTokenIndex() - { - return ZoneIdentityPermission.GetTokenIndex(); - } - - internal static int GetTokenIndex() - { - return BuiltInPermissionIndex.ZoneIdentityPermissionIndex; - } - - } -} diff --git a/src/mscorlib/src/System/Security/Permissions/keycontainerpermission.cs b/src/mscorlib/src/System/Security/Permissions/keycontainerpermission.cs deleted file mode 100644 index d4f1c273c6..0000000000 --- a/src/mscorlib/src/System/Security/Permissions/keycontainerpermission.cs +++ /dev/null @@ -1,634 +0,0 @@ -// Licensed to the .NET Foundation under one or more agreements. -// The .NET Foundation licenses this file to you under the MIT license. -// See the LICENSE file in the project root for more information. - -namespace System.Security.Permissions { - using System; - using System.Collections; - using System.Collections.Generic; -#if FEATURE_CRYPTO - using System.Security.Cryptography; -#endif - using System.Security.Util; - using System.Globalization; - using System.Diagnostics; - using System.Diagnostics.Contracts; - -[Serializable] - [Flags] - [System.Runtime.InteropServices.ComVisible(true)] - public enum KeyContainerPermissionFlags { - NoFlags = 0x0000, - - Create = 0x0001, - Open = 0x0002, - Delete = 0x0004, - - Import = 0x0010, - Export = 0x0020, - - Sign = 0x0100, - Decrypt = 0x0200, - - ViewAcl = 0x1000, - ChangeAcl = 0x2000, - - AllFlags = 0x3337 - } - - [Serializable] - [System.Runtime.InteropServices.ComVisible(true)] - public sealed class KeyContainerPermissionAccessEntry { - private string m_keyStore; - private string m_providerName; - private int m_providerType; - private string m_keyContainerName; - private int m_keySpec; - private KeyContainerPermissionFlags m_flags; - - internal KeyContainerPermissionAccessEntry(KeyContainerPermissionAccessEntry accessEntry) : - this (accessEntry.KeyStore, accessEntry.ProviderName, accessEntry.ProviderType, accessEntry.KeyContainerName, - accessEntry.KeySpec, accessEntry.Flags) { - } - - public KeyContainerPermissionAccessEntry(string keyContainerName, KeyContainerPermissionFlags flags) : - this (null, null, -1, keyContainerName, -1, flags) { - } - -#if FEATURE_CRYPTO - public KeyContainerPermissionAccessEntry(CspParameters parameters, KeyContainerPermissionFlags flags) : - this((parameters.Flags & CspProviderFlags.UseMachineKeyStore) == CspProviderFlags.UseMachineKeyStore ? "Machine" : "User", - parameters.ProviderName, - parameters.ProviderType, - parameters.KeyContainerName, - parameters.KeyNumber, - flags) { - } -#endif - - public KeyContainerPermissionAccessEntry(string keyStore, string providerName, int providerType, - string keyContainerName, int keySpec, KeyContainerPermissionFlags flags) { - m_providerName = (providerName == null ? "*" : providerName); - m_providerType = providerType; - m_keyContainerName = (keyContainerName == null ? "*" : keyContainerName); - m_keySpec = keySpec; - KeyStore = keyStore; - Flags = flags; - } - - public string KeyStore { - get { - return m_keyStore; - } - set { - // Unrestricted entries are invalid; they should not be allowed. - if (IsUnrestrictedEntry(value, this.ProviderName, this.ProviderType, this.KeyContainerName, this.KeySpec)) - throw new ArgumentException(Environment.GetResourceString("Arg_InvalidAccessEntry")); - - if (value == null) { - m_keyStore = "*"; - } else { - if (value != "User" && value != "Machine" && value != "*") - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidKeyStore", value), nameof(value)); - m_keyStore = value; - } - } - } - - public string ProviderName { - get { - return m_providerName; - } - set { - // Unrestricted entries are invalid; they should not be allowed. - if (IsUnrestrictedEntry(this.KeyStore, value, this.ProviderType, this.KeyContainerName, this.KeySpec)) - throw new ArgumentException(Environment.GetResourceString("Arg_InvalidAccessEntry")); - - if (value == null) - m_providerName = "*"; - else - m_providerName = value; - } - } - - public int ProviderType { - get { - return m_providerType; - } - set { - // Unrestricted entries are invalid; they should not be allowed. - if (IsUnrestrictedEntry(this.KeyStore, this.ProviderName, value, this.KeyContainerName, this.KeySpec)) - throw new ArgumentException(Environment.GetResourceString("Arg_InvalidAccessEntry")); - - m_providerType = value; - } - } - - public string KeyContainerName { - get { - return m_keyContainerName; - } - set { - // Unrestricted entries are invalid; they should not be allowed. - if (IsUnrestrictedEntry(this.KeyStore, this.ProviderName, this.ProviderType, value, this.KeySpec)) - throw new ArgumentException(Environment.GetResourceString("Arg_InvalidAccessEntry")); - - if (value == null) - m_keyContainerName = "*"; - else - m_keyContainerName = value; - } - } - - public int KeySpec { - get { - return m_keySpec; - } - set { - // Unrestricted entries are invalid; they should not be allowed. - if (IsUnrestrictedEntry(this.KeyStore, this.ProviderName, this.ProviderType, this.KeyContainerName, value)) - throw new ArgumentException(Environment.GetResourceString("Arg_InvalidAccessEntry")); - - m_keySpec = value; - } - } - - public KeyContainerPermissionFlags Flags { - get { - return m_flags; - } - set { - KeyContainerPermission.VerifyFlags(value); - m_flags = value; - } - } - - public override bool Equals (Object o) { - KeyContainerPermissionAccessEntry accessEntry = o as KeyContainerPermissionAccessEntry; - if (accessEntry == null) - return false; - - if (accessEntry.m_keyStore != m_keyStore) return false; - if (accessEntry.m_providerName != m_providerName) return false; - if (accessEntry.m_providerType != m_providerType) return false; - if (accessEntry.m_keyContainerName != m_keyContainerName) return false; - if (accessEntry.m_keySpec != m_keySpec) return false; - - return true; - } - - public override int GetHashCode () { - int hash = 0; - - hash |= (this.m_keyStore.GetHashCode() & 0x000000FF) << 24; - hash |= (this.m_providerName.GetHashCode() & 0x000000FF) << 16; - hash |= (this.m_providerType & 0x0000000F) << 12; - hash |= (this.m_keyContainerName.GetHashCode() & 0x000000FF) << 4; - hash |= (this.m_keySpec & 0x0000000F); - - return hash; - } - - internal bool IsSubsetOf (KeyContainerPermissionAccessEntry target) { - if (target.m_keyStore != "*" && this.m_keyStore != target.m_keyStore) - return false; - if (target.m_providerName != "*" && this.m_providerName != target.m_providerName) - return false; - if (target.m_providerType != -1 && this.m_providerType != target.m_providerType) - return false; - if (target.m_keyContainerName != "*" && this.m_keyContainerName != target.m_keyContainerName) - return false; - if (target.m_keySpec != -1 && this.m_keySpec != target.m_keySpec) - return false; - - return true; - } - - internal static bool IsUnrestrictedEntry (string keyStore, string providerName, int providerType, - string keyContainerName, int keySpec) { - if (keyStore != "*" && keyStore != null) return false; - if (providerName != "*" && providerName != null) return false; - if (providerType != -1) return false; - if (keyContainerName != "*" && keyContainerName != null) return false; - if (keySpec != -1) return false; - - return true; - } - } - - [Serializable] - [System.Runtime.InteropServices.ComVisible(true)] - public sealed class KeyContainerPermissionAccessEntryCollection : ICollection { - private ArrayList m_list; - private KeyContainerPermissionFlags m_globalFlags; - - private KeyContainerPermissionAccessEntryCollection () {} - internal KeyContainerPermissionAccessEntryCollection (KeyContainerPermissionFlags globalFlags) { - m_list = new ArrayList(); - m_globalFlags = globalFlags; - } - - public KeyContainerPermissionAccessEntry this[int index] { - get { - if (index < 0) - throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_EnumNotStarted")); - if (index >= Count) - throw new ArgumentOutOfRangeException(nameof(index), Environment.GetResourceString("ArgumentOutOfRange_Index")); - Contract.EndContractBlock(); - - return (KeyContainerPermissionAccessEntry)m_list[index]; - } - } - - public int Count { - get { - return m_list.Count; - } - } - - public int Add (KeyContainerPermissionAccessEntry accessEntry) { - if (accessEntry == null) - throw new ArgumentNullException(nameof(accessEntry)); - Contract.EndContractBlock(); - - int index = m_list.IndexOf(accessEntry); - if (index == -1) { - if (accessEntry.Flags != m_globalFlags) { - return m_list.Add(accessEntry); - } - else - return -1; - } else { - // We pick up the intersection of the 2 flags. This is the secure choice - // so we are opting for it. - ((KeyContainerPermissionAccessEntry)m_list[index]).Flags &= accessEntry.Flags; - return index; - } - } - - public void Clear () { - m_list.Clear(); - } - - public int IndexOf (KeyContainerPermissionAccessEntry accessEntry) { - return m_list.IndexOf(accessEntry); - } - - public void Remove (KeyContainerPermissionAccessEntry accessEntry) { - if (accessEntry == null) - throw new ArgumentNullException(nameof(accessEntry)); - Contract.EndContractBlock(); - m_list.Remove(accessEntry); - } - - public KeyContainerPermissionAccessEntryEnumerator GetEnumerator () { - return new KeyContainerPermissionAccessEntryEnumerator(this); - } - - /// <internalonly/> - IEnumerator IEnumerable.GetEnumerator () { - return new KeyContainerPermissionAccessEntryEnumerator(this); - } - - /// <internalonly/> - void ICollection.CopyTo (Array array, int index) { - if (array == null) - throw new ArgumentNullException(nameof(array)); - if (array.Rank != 1) - throw new ArgumentException(Environment.GetResourceString("Arg_RankMultiDimNotSupported")); - if (index < 0 || index >= array.Length) - throw new ArgumentOutOfRangeException(nameof(index), Environment.GetResourceString("ArgumentOutOfRange_Index")); - if (index + this.Count > array.Length) - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidOffLen")); - Contract.EndContractBlock(); - - for (int i=0; i < this.Count; i++) { - array.SetValue(this[i], index); - index++; - } - } - - public void CopyTo (KeyContainerPermissionAccessEntry[] array, int index) { - ((ICollection)this).CopyTo(array, index); - } - - public bool IsSynchronized { - get { - return false; - } - } - - public Object SyncRoot { - get { - return this; - } - } - } - - [Serializable] - [System.Runtime.InteropServices.ComVisible(true)] - public sealed class KeyContainerPermissionAccessEntryEnumerator : IEnumerator { - private KeyContainerPermissionAccessEntryCollection m_entries; - private int m_current; - - private KeyContainerPermissionAccessEntryEnumerator () {} - internal KeyContainerPermissionAccessEntryEnumerator (KeyContainerPermissionAccessEntryCollection entries) { - m_entries = entries; - m_current = -1; - } - - public KeyContainerPermissionAccessEntry Current { - get { - return m_entries[m_current]; - } - } - - /// <internalonly/> - Object IEnumerator.Current { - get { - return (Object) m_entries[m_current]; - } - } - - public bool MoveNext() { - if (m_current == ((int) m_entries.Count - 1)) - return false; - m_current++; - return true; - } - - public void Reset() { - m_current = -1; - } - } - - [Serializable] - [System.Runtime.InteropServices.ComVisible(true)] - public sealed class KeyContainerPermission : CodeAccessPermission, IUnrestrictedPermission, IBuiltInPermission { - private KeyContainerPermissionFlags m_flags; - private KeyContainerPermissionAccessEntryCollection m_accessEntries; - - public KeyContainerPermission (PermissionState state) { - if (state == PermissionState.Unrestricted) - m_flags = KeyContainerPermissionFlags.AllFlags; - else if (state == PermissionState.None) - m_flags = KeyContainerPermissionFlags.NoFlags; - else - throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPermissionState")); - m_accessEntries = new KeyContainerPermissionAccessEntryCollection(m_flags); - } - - public KeyContainerPermission (KeyContainerPermissionFlags flags) { - VerifyFlags(flags); - m_flags = flags; - m_accessEntries = new KeyContainerPermissionAccessEntryCollection(m_flags); - } - - public KeyContainerPermission (KeyContainerPermissionFlags flags, KeyContainerPermissionAccessEntry[] accessList) { - if (accessList == null) - throw new ArgumentNullException(nameof(accessList)); - Contract.EndContractBlock(); - - VerifyFlags(flags); - m_flags = flags; - m_accessEntries = new KeyContainerPermissionAccessEntryCollection(m_flags); - for (int index = 0; index < accessList.Length; index++) { - m_accessEntries.Add(accessList[index]); - } - } - - public KeyContainerPermissionFlags Flags { - get { - return m_flags; - } - } - - public KeyContainerPermissionAccessEntryCollection AccessEntries { - get { - return m_accessEntries; - } - } - - public bool IsUnrestricted () { - if (m_flags != KeyContainerPermissionFlags.AllFlags) - return false; - - foreach (KeyContainerPermissionAccessEntry accessEntry in AccessEntries) { - if ((accessEntry.Flags & KeyContainerPermissionFlags.AllFlags) != KeyContainerPermissionFlags.AllFlags) - return false; - } - - return true; - } - - private bool IsEmpty () { - if (this.Flags == KeyContainerPermissionFlags.NoFlags) { - foreach (KeyContainerPermissionAccessEntry accessEntry in AccessEntries) { - if (accessEntry.Flags != KeyContainerPermissionFlags.NoFlags) - return false; - } - return true; - } - return false; - } - - // - // IPermission implementation - // - - public override bool IsSubsetOf (IPermission target) { - if (target == null) - return IsEmpty(); - - if (!VerifyType(target)) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - - KeyContainerPermission operand = (KeyContainerPermission) target; - - // since there are containers that are neither in the access list of the source, nor in the - // access list of the target, the source flags must be a subset of the target flags. - if ((this.m_flags & operand.m_flags) != this.m_flags) - return false; - - // Any entry in the source should have "applicable" flags in the destination that actually - // are less restrictive than the flags in the source. - - foreach (KeyContainerPermissionAccessEntry accessEntry in AccessEntries) { - KeyContainerPermissionFlags targetFlags = GetApplicableFlags(accessEntry, operand); - if ((accessEntry.Flags & targetFlags) != accessEntry.Flags) - return false; - } - - // Any entry in the target should have "applicable" flags in the source that actually - // are more restrictive than the flags in the target. - - foreach (KeyContainerPermissionAccessEntry accessEntry in operand.AccessEntries) { - KeyContainerPermissionFlags sourceFlags = GetApplicableFlags(accessEntry, this); - if ((sourceFlags & accessEntry.Flags) != sourceFlags) - return false; - } - - return true; - } - - public override IPermission Intersect (IPermission target) { - if (target == null) - return null; - - if (!VerifyType(target)) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - - KeyContainerPermission operand = (KeyContainerPermission) target; - if (this.IsEmpty() || operand.IsEmpty()) - return null; - - KeyContainerPermissionFlags flags_intersect = operand.m_flags & this.m_flags; - KeyContainerPermission cp = new KeyContainerPermission(flags_intersect); - foreach (KeyContainerPermissionAccessEntry accessEntry in AccessEntries) { - cp.AddAccessEntryAndIntersect(accessEntry, operand); - } - foreach (KeyContainerPermissionAccessEntry accessEntry in operand.AccessEntries) { - cp.AddAccessEntryAndIntersect(accessEntry, this); - } - return cp.IsEmpty() ? null : cp; - } - - public override IPermission Union (IPermission target) { - if (target == null) - return this.Copy(); - - if (!VerifyType(target)) - throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)); - - KeyContainerPermission operand = (KeyContainerPermission) target; - if (this.IsUnrestricted() || operand.IsUnrestricted()) - return new KeyContainerPermission(PermissionState.Unrestricted); - - KeyContainerPermissionFlags flags_union = (KeyContainerPermissionFlags) (m_flags | operand.m_flags); - KeyContainerPermission cp = new KeyContainerPermission(flags_union); - foreach (KeyContainerPermissionAccessEntry accessEntry in AccessEntries) { - cp.AddAccessEntryAndUnion(accessEntry, operand); - } - foreach (KeyContainerPermissionAccessEntry accessEntry in operand.AccessEntries) { - cp.AddAccessEntryAndUnion(accessEntry, this); - } - return cp.IsEmpty() ? null : cp; - } - - public override IPermission Copy () { - if (this.IsEmpty()) - return null; - - KeyContainerPermission cp = new KeyContainerPermission((KeyContainerPermissionFlags)m_flags); - foreach (KeyContainerPermissionAccessEntry accessEntry in AccessEntries) { - cp.AccessEntries.Add(accessEntry); - } - return cp; - } - - /// <internalonly/> - int IBuiltInPermission.GetTokenIndex () { - return KeyContainerPermission.GetTokenIndex(); - } - - // - // private methods - // - - private void AddAccessEntries(SecurityElement securityElement) { - if (securityElement.InternalChildren != null && securityElement.InternalChildren.Count != 0) { - IEnumerator elemEnumerator = securityElement.Children.GetEnumerator(); - while (elemEnumerator.MoveNext()) { - SecurityElement current = (SecurityElement) elemEnumerator.Current; - if (current != null) { - if (String.Equals(current.Tag, "AccessEntry")) { - int iMax = current.m_lAttributes.Count; - Debug.Assert(iMax % 2 == 0, "Odd number of strings means the attr/value pairs were not added correctly"); - string keyStore = null; - string providerName = null; - int providerType = -1; - string keyContainerName = null; - int keySpec = -1; - KeyContainerPermissionFlags flags = KeyContainerPermissionFlags.NoFlags; - for (int i = 0; i < iMax; i += 2) { - String strAttrName = (String) current.m_lAttributes[i]; - String strAttrValue = (String) current.m_lAttributes[i+1]; - if (String.Equals(strAttrName, "KeyStore")) - keyStore = strAttrValue; - if (String.Equals(strAttrName, "ProviderName")) - providerName = strAttrValue; - else if (String.Equals(strAttrName, "ProviderType")) - providerType = Convert.ToInt32(strAttrValue, null); - else if (String.Equals(strAttrName, "KeyContainerName")) - keyContainerName = strAttrValue; - else if (String.Equals(strAttrName, "KeySpec")) - keySpec = Convert.ToInt32(strAttrValue, null); - else if (String.Equals(strAttrName, "Flags")) { - flags = (KeyContainerPermissionFlags) Enum.Parse(typeof(KeyContainerPermissionFlags), strAttrValue); - } - } - KeyContainerPermissionAccessEntry accessEntry = new KeyContainerPermissionAccessEntry(keyStore, providerName, providerType, keyContainerName, keySpec, flags); - AccessEntries.Add(accessEntry); - } - } - } - } - } - - private void AddAccessEntryAndUnion (KeyContainerPermissionAccessEntry accessEntry, KeyContainerPermission target) { - KeyContainerPermissionAccessEntry newAccessEntry = new KeyContainerPermissionAccessEntry(accessEntry); - newAccessEntry.Flags |= GetApplicableFlags(accessEntry, target); - AccessEntries.Add(newAccessEntry); - } - - private void AddAccessEntryAndIntersect (KeyContainerPermissionAccessEntry accessEntry, KeyContainerPermission target) { - KeyContainerPermissionAccessEntry newAccessEntry = new KeyContainerPermissionAccessEntry(accessEntry); - newAccessEntry.Flags &= GetApplicableFlags(accessEntry, target); - AccessEntries.Add(newAccessEntry); - } - - // - // private/internal static methods. - // - - internal static void VerifyFlags (KeyContainerPermissionFlags flags) { - if ((flags & ~KeyContainerPermissionFlags.AllFlags) != 0) - throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)flags)); - Contract.EndContractBlock(); - } - - private static KeyContainerPermissionFlags GetApplicableFlags (KeyContainerPermissionAccessEntry accessEntry, KeyContainerPermission target) { - KeyContainerPermissionFlags flags = KeyContainerPermissionFlags.NoFlags; - bool applyDefaultFlags = true; - - // If the entry exists in the target, return the flag of the target entry. - int index = target.AccessEntries.IndexOf(accessEntry); - if (index != -1) { - flags = ((KeyContainerPermissionAccessEntry)target.AccessEntries[index]).Flags; - return flags; - } - - // Intersect the flags in all the target entries that apply to the current access entry, - foreach (KeyContainerPermissionAccessEntry targetAccessEntry in target.AccessEntries) { - if (accessEntry.IsSubsetOf(targetAccessEntry)) { - if (applyDefaultFlags == false) { - flags &= targetAccessEntry.Flags; - } else { - flags = targetAccessEntry.Flags; - applyDefaultFlags = false; - } - } - } - - // If no target entry applies to the current entry, the default global flag applies. - if (applyDefaultFlags) - flags = target.Flags; - - return flags; - } - - private static int GetTokenIndex() { - return BuiltInPermissionIndex.KeyContainerPermissionIndex; - } - } -} |