public override CodeGroup ResolveMatchingCodeGroups(Evidence evidence)
{
if (null == evidence)
{
throw new ArgumentNullException("evidence");
}
if (!MembershipCondition.Check(evidence))
{
return(null);
}
FileCodeGroup matchRoot = new FileCodeGroup(MembershipCondition, m_access);
foreach (CodeGroup child in Children)
{
CodeGroup childMatchingCodeGroup = child.ResolveMatchingCodeGroups(evidence);
if (childMatchingCodeGroup != null)
{
matchRoot.AddChild(childMatchingCodeGroup);
}
}
return(matchRoot);
}
// Resolve code groups that match specific evidence.
public override CodeGroup ResolveMatchingCodeGroups(Evidence evidence)
{
FileCodeGroup newGroup;
CodeGroup child;
// Validate the parameter.
if (evidence == null)
{
throw new ArgumentNullException("evidence");
}
// Check the membership condition.
if (!MembershipCondition.Check(evidence))
{
return(null);
}
// Clone this group, except for the children.
newGroup = new FileCodeGroup(MembershipCondition, access);
newGroup.Name = Name;
newGroup.Description = Description;
// Resolve and add the children.
foreach (CodeGroup group in Children)
{
child = group.ResolveMatchingCodeGroups(evidence);
if (child != null)
{
newGroup.AddChild(child);
}
}
// Return the result.
return(newGroup);
}
public static void FileCodeGroupCallMethods()
{
FileCodeGroup fcg = new FileCodeGroup(new GacMembershipCondition(), new FileIOPermissionAccess());
CodeGroup cg = fcg.Copy();
bool equals = fcg.Equals(new object());
int hash = fcg.GetHashCode();
PolicyStatement ps = fcg.Resolve(new Evidence());
cg = fcg.ResolveMatchingCodeGroups(new Evidence());
}
public void Constructor_PathDiscovery ()
{
FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.PathDiscovery);
Assert.IsNotNull (cg.MembershipCondition, "MembershipCondition");
Assert.IsNull (cg.PolicyStatement, "PolicyStatement");
// documented as always null
Assert.IsNull (cg.AttributeString, "AttributeString");
Assert.IsNotNull (cg.PermissionSetName, "PermissionSetName");
}
public override CodeGroup Copy ()
{
FileCodeGroup copy = new FileCodeGroup (MembershipCondition, m_access);
copy.Name = this.Name;
copy.Description = this.Description;
foreach (CodeGroup child in Children) {
copy.AddChild (child.Copy ()); // deep copy
}
return copy;
}
/// <summary>生成当前代码组的深层副本。</summary>
/// <returns>当前代码组(包括其成员条件和子代码组)的等效副本。</returns>
public override CodeGroup Copy()
{
FileCodeGroup fileCodeGroup = new FileCodeGroup(this.MembershipCondition, this.m_access);
fileCodeGroup.Name = this.Name;
fileCodeGroup.Description = this.Description;
foreach (CodeGroup child in (IEnumerable)this.Children)
{
fileCodeGroup.AddChild(child);
}
return((CodeGroup)fileCodeGroup);
}
/// <summary>Makes a deep copy of the current code group.</summary>
/// <returns>An equivalent copy of the current code group, including its membership conditions and child code groups.</returns>
// Token: 0x0600293D RID: 10557 RVA: 0x00098400 File Offset: 0x00096600
public override CodeGroup Copy()
{
FileCodeGroup fileCodeGroup = new FileCodeGroup(base.MembershipCondition, this.m_access);
fileCodeGroup.Name = base.Name;
fileCodeGroup.Description = base.Description;
foreach (object obj in base.Children)
{
fileCodeGroup.AddChild((CodeGroup)obj);
}
return(fileCodeGroup);
}
public override CodeGroup Copy()
{
FileCodeGroup copy = new FileCodeGroup(MembershipCondition, m_access);
copy.Name = this.Name;
copy.Description = this.Description;
foreach (CodeGroup child in Children)
{
copy.AddChild(child.Copy()); // deep copy
}
return(copy);
}
public override CodeGroup Copy()
{
FileCodeGroup group = new FileCodeGroup(base.MembershipCondition, this.m_access) {
Name = base.Name,
Description = base.Description
};
IEnumerator enumerator = base.Children.GetEnumerator();
while (enumerator.MoveNext())
{
group.AddChild((CodeGroup) enumerator.Current);
}
return group;
}
public override bool Equals(Object o)
{
FileCodeGroup that = (o as FileCodeGroup);
if (that != null && base.Equals(that))
{
if (this.m_access == that.m_access)
{
return(true);
}
}
return(false);
}
public override CodeGroup Copy()
{
FileCodeGroup group = new FileCodeGroup(this.MembershipCondition, this.m_access);
group.Name = this.Name;
group.Description = this.Description;
IEnumerator enumerator = this.Children.GetEnumerator();
while (enumerator.MoveNext())
{
group.AddChild((CodeGroup)enumerator.Current);
}
return(group);
}
// Make a copy of this code group.
public override CodeGroup Copy()
{
FileCodeGroup group;
group = new FileCodeGroup(MembershipCondition, access);
group.Name = Name;
group.Description = Description;
IList children = Children;
if(children != null)
{
foreach(CodeGroup child in children)
{
group.AddChild(child);
}
}
return group;
}
// Compare two code groups for equality.
public override bool Equals(Object obj)
{
FileCodeGroup cg = (obj as FileCodeGroup);
if (cg != null)
{
if (!base.Equals(cg))
{
return(false);
}
return(cg.access == access);
}
else
{
return(false);
}
}
// Make a copy of this code group.
public override CodeGroup Copy()
{
FileCodeGroup group;
group = new FileCodeGroup(MembershipCondition, access);
group.Name = Name;
group.Description = Description;
IList children = Children;
if (children != null)
{
foreach (CodeGroup child in children)
{
group.AddChild(child);
}
}
return(group);
}
/// <summary>Resolves matching code groups.</summary>
/// <returns>A <see cref="T:System.Security.Policy.CodeGroup" /> that is the root of the tree of matching code groups.</returns>
/// <param name="evidence">The evidence for the assembly. </param>
/// <exception cref="T:System.ArgumentNullException">The <paramref name="evidence" /> parameter is null. </exception>
public override CodeGroup ResolveMatchingCodeGroups(Evidence evidence)
{
if (evidence == null)
{
throw new ArgumentNullException("evidence");
}
if (!base.MembershipCondition.Check(evidence))
{
return(null);
}
FileCodeGroup fileCodeGroup = new FileCodeGroup(base.MembershipCondition, this.m_access);
foreach (object obj in base.Children)
{
CodeGroup codeGroup = (CodeGroup)obj;
CodeGroup codeGroup2 = codeGroup.ResolveMatchingCodeGroups(evidence);
if (codeGroup2 != null)
{
fileCodeGroup.AddChild(codeGroup2);
}
}
return(fileCodeGroup);
}
public override CodeGroup ResolveMatchingCodeGroups(Evidence evidence)
{
if (null == evidence)
throw new ArgumentNullException("evidence");
if (!MembershipCondition.Check (evidence))
return null;
FileCodeGroup matchRoot = new FileCodeGroup (MembershipCondition, m_access);
foreach (CodeGroup child in Children) {
CodeGroup childMatchingCodeGroup = child.ResolveMatchingCodeGroups (evidence);
if (childMatchingCodeGroup != null)
matchRoot.AddChild (childMatchingCodeGroup);
}
return matchRoot;
}
private CodeGroup CreateDefaultMachinePolicy()
{
UnionCodeGroup group = new UnionCodeGroup();
group.FromXml(CreateCodeGroupElement("UnionCodeGroup", "Nothing", new AllMembershipCondition().ToXml()), this);
group.Name = Environment.GetResourceString("Policy_AllCode_Name");
group.Description = Environment.GetResourceString("Policy_AllCode_DescriptionNothing");
UnionCodeGroup group2 = new UnionCodeGroup();
group2.FromXml(CreateCodeGroupElement("UnionCodeGroup", "FullTrust", new ZoneMembershipCondition(SecurityZone.MyComputer).ToXml()), this);
group2.Name = Environment.GetResourceString("Policy_MyComputer_Name");
group2.Description = Environment.GetResourceString("Policy_MyComputer_Description");
StrongNamePublicKeyBlob blob = new StrongNamePublicKeyBlob("002400000480000094000000060200000024000052534131000400000100010007D1FA57C4AED9F0A32E84AA0FAEFD0DE9E8FD6AEC8F87FB03766C834C99921EB23BE79AD9D5DCC1DD9AD236132102900B723CF980957FC4E177108FC607774F29E8320E92EA05ECE4E821C0A5EFE8F1645C4C0C93C1AB99285D622CAA652C1DFAD63D745D6F2DE5F17E5EAF0FC4963D261C8A12436518206DC093344D5AD293");
UnionCodeGroup group3 = new UnionCodeGroup();
group3.FromXml(CreateCodeGroupElement("UnionCodeGroup", "FullTrust", new StrongNameMembershipCondition(blob, null, null).ToXml()), this);
group3.Name = Environment.GetResourceString("Policy_Microsoft_Name");
group3.Description = Environment.GetResourceString("Policy_Microsoft_Description");
group2.AddChildInternal(group3);
blob = new StrongNamePublicKeyBlob("00000000000000000400000000000000");
UnionCodeGroup group4 = new UnionCodeGroup();
group4.FromXml(CreateCodeGroupElement("UnionCodeGroup", "FullTrust", new StrongNameMembershipCondition(blob, null, null).ToXml()), this);
group4.Name = Environment.GetResourceString("Policy_Ecma_Name");
group4.Description = Environment.GetResourceString("Policy_Ecma_Description");
group2.AddChildInternal(group4);
group.AddChildInternal(group2);
CodeGroup group5 = new UnionCodeGroup();
group5.FromXml(CreateCodeGroupElement("UnionCodeGroup", "LocalIntranet", new ZoneMembershipCondition(SecurityZone.Intranet).ToXml()), this);
group5.Name = Environment.GetResourceString("Policy_Intranet_Name");
group5.Description = Environment.GetResourceString("Policy_Intranet_Description");
CodeGroup group6 = new NetCodeGroup(new AllMembershipCondition()) {
Name = Environment.GetResourceString("Policy_IntranetNet_Name"),
Description = Environment.GetResourceString("Policy_IntranetNet_Description")
};
group5.AddChildInternal(group6);
CodeGroup group7 = new FileCodeGroup(new AllMembershipCondition(), FileIOPermissionAccess.PathDiscovery | FileIOPermissionAccess.Read) {
Name = Environment.GetResourceString("Policy_IntranetFile_Name"),
Description = Environment.GetResourceString("Policy_IntranetFile_Description")
};
group5.AddChildInternal(group7);
group.AddChildInternal(group5);
CodeGroup group8 = new UnionCodeGroup();
group8.FromXml(CreateCodeGroupElement("UnionCodeGroup", "Internet", new ZoneMembershipCondition(SecurityZone.Internet).ToXml()), this);
group8.Name = Environment.GetResourceString("Policy_Internet_Name");
group8.Description = Environment.GetResourceString("Policy_Internet_Description");
CodeGroup group9 = new NetCodeGroup(new AllMembershipCondition()) {
Name = Environment.GetResourceString("Policy_InternetNet_Name"),
Description = Environment.GetResourceString("Policy_InternetNet_Description")
};
group8.AddChildInternal(group9);
group.AddChildInternal(group8);
CodeGroup group10 = new UnionCodeGroup();
group10.FromXml(CreateCodeGroupElement("UnionCodeGroup", "Nothing", new ZoneMembershipCondition(SecurityZone.Untrusted).ToXml()), this);
group10.Name = Environment.GetResourceString("Policy_Untrusted_Name");
group10.Description = Environment.GetResourceString("Policy_Untrusted_Description");
group.AddChildInternal(group10);
CodeGroup group11 = new UnionCodeGroup();
group11.FromXml(CreateCodeGroupElement("UnionCodeGroup", "Internet", new ZoneMembershipCondition(SecurityZone.Trusted).ToXml()), this);
group11.Name = Environment.GetResourceString("Policy_Trusted_Name");
group11.Description = Environment.GetResourceString("Policy_Trusted_Description");
CodeGroup group12 = new NetCodeGroup(new AllMembershipCondition()) {
Name = Environment.GetResourceString("Policy_TrustedNet_Name"),
Description = Environment.GetResourceString("Policy_TrustedNet_Description")
};
group11.AddChildInternal(group12);
group.AddChildInternal(group11);
return group;
}
public override bool Equals(object o)
{
FileCodeGroup group = o as FileCodeGroup;
return(((group != null) && base.Equals(group)) && (this.m_access == group.m_access));
}
internal void SetDefaultCodeGroups()
{
// NOTE: if you are going to add references to any permission set
// that references permissions outside of mscorlib, DO NOT
// CALL GetNamedPermissionSetInternal(). You need to use
// CreateCodeGroupElement() and AddChildInternal().
// NOTE: any changes to this will require that you recontemplate
// the quick cache data found in PolicyLevelData.
// Before we call GetNamedPermissionSetInternal, make sure that we are "loaded"
m_loaded = true;
UnionCodeGroup root = new UnionCodeGroup();
root.FromXml( CreateCodeGroupElement( "UnionCodeGroup", "Nothing", new AllMembershipCondition().ToXml() ), this );
root.Name = Environment.GetResourceString( "Policy_AllCode_Name" );
root.Description = Environment.GetResourceString( "Policy_AllCode_DescriptionNothing" );
UnionCodeGroup myComputerCodeGroup = new UnionCodeGroup();
myComputerCodeGroup.FromXml( CreateCodeGroupElement( "UnionCodeGroup", "FullTrust", new ZoneMembershipCondition( SecurityZone.MyComputer ).ToXml() ), this );
myComputerCodeGroup.Name = Environment.GetResourceString( "Policy_MyComputer_Name" );
myComputerCodeGroup.Description = Environment.GetResourceString( "Policy_MyComputer_Description" );
// This code give trust to anything StrongName signed by Microsoft.
StrongNamePublicKeyBlob blob = new StrongNamePublicKeyBlob( AssemblyRef.MicrosoftPublicKeyFull );
UnionCodeGroup microsoft = new UnionCodeGroup();
microsoft.FromXml( CreateCodeGroupElement( "UnionCodeGroup", "FullTrust", new StrongNameMembershipCondition( blob, null, null ).ToXml() ), this );
microsoft.Name = Environment.GetResourceString( "Policy_Microsoft_Name" );
microsoft.Description = Environment.GetResourceString( "Policy_Microsoft_Description" );
myComputerCodeGroup.AddChildInternal( microsoft );
// This code give trust to anything StrongName signed using the ECMA
// public key (core system assemblies).
blob = new StrongNamePublicKeyBlob( AssemblyRef.EcmaPublicKeyFull );
UnionCodeGroup ecma = new UnionCodeGroup();
ecma.FromXml( CreateCodeGroupElement( "UnionCodeGroup", "FullTrust", new StrongNameMembershipCondition( blob, null, null ).ToXml() ), this );
ecma.Name = Environment.GetResourceString( "Policy_Ecma_Name" );
ecma.Description = Environment.GetResourceString( "Policy_Ecma_Description" );
myComputerCodeGroup.AddChildInternal( ecma );
root.AddChildInternal(myComputerCodeGroup);
// do the rest of the zones
CodeGroup intranet = new UnionCodeGroup();
intranet.FromXml( CreateCodeGroupElement( "UnionCodeGroup", "LocalIntranet", new ZoneMembershipCondition( SecurityZone.Intranet ).ToXml() ), this );
intranet.Name = Environment.GetResourceString( "Policy_Intranet_Name" );
intranet.Description = Environment.GetResourceString( "Policy_Intranet_Description" );
CodeGroup intranetNetCode = new NetCodeGroup( new AllMembershipCondition() );
intranetNetCode.Name = Environment.GetResourceString( "Policy_IntranetNet_Name" );
intranetNetCode.Description = Environment.GetResourceString( "Policy_IntranetNet_Description" );
intranet.AddChildInternal( intranetNetCode );
CodeGroup intranetFileCode = new FileCodeGroup( new AllMembershipCondition(), FileIOPermissionAccess.Read | FileIOPermissionAccess.PathDiscovery );
intranetFileCode.Name = Environment.GetResourceString( "Policy_IntranetFile_Name" );
intranetFileCode.Description = Environment.GetResourceString( "Policy_IntranetFile_Description" );
intranet.AddChildInternal( intranetFileCode );
root.AddChildInternal( intranet );
CodeGroup internet = new UnionCodeGroup();
internet.FromXml( CreateCodeGroupElement( "UnionCodeGroup", "Nothing", new ZoneMembershipCondition( SecurityZone.Internet ).ToXml() ), this );
internet.Name = Environment.GetResourceString( "Policy_Internet_Name" );
internet.Description = Environment.GetResourceString( "Policy_Internet_Description" );
root.AddChildInternal( internet );
CodeGroup untrusted = new UnionCodeGroup();
untrusted.FromXml( CreateCodeGroupElement( "UnionCodeGroup", "Nothing", new ZoneMembershipCondition( SecurityZone.Untrusted ).ToXml() ), this );
untrusted.Name = Environment.GetResourceString( "Policy_Untrusted_Name" );
untrusted.Description = Environment.GetResourceString( "Policy_Untrusted_Description" );
root.AddChildInternal( untrusted );
CodeGroup trusted = new UnionCodeGroup();
trusted.FromXml( CreateCodeGroupElement( "UnionCodeGroup", "Internet", new ZoneMembershipCondition( SecurityZone.Trusted ).ToXml() ), this );
trusted.Name = Environment.GetResourceString( "Policy_Trusted_Name" );
trusted.Description = Environment.GetResourceString( "Policy_Trusted_Description" );
CodeGroup trustedNet = new NetCodeGroup( new AllMembershipCondition() );
trustedNet.Name = Environment.GetResourceString( "Policy_TrustedNet_Name" );
trustedNet.Description = Environment.GetResourceString( "Policy_TrustedNet_Description" );
trusted.AddChildInternal( trustedNet );
root.AddChildInternal( trusted );
m_rootCodeGroup = root;
}
public void ToXml ()
{
FileIOPermissionAccess access = FileIOPermissionAccess.Read | FileIOPermissionAccess.Write;
FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), access);
string s = cg.ToXml ().ToString ();
Assert.IsTrue (s.IndexOf ("Access=\"Read, Write\"") > 0, "Access='Read, Write'");
}
public void MergeLogic ()
{
FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
Assert.AreEqual ("Union", cg.MergeLogic, "MergeLogic");
}
// Get a sandbox permission set that the CLR considers safe to grant an application with the given
// evidence. Note that this API is not a policy API, but rather a host helper API so that a host can
// determine if an application's requested permission set is reasonable. This is esentially just a
// hard coded mapping of Zone -> Sandbox and is not configurable in any way.
public static PermissionSet GetStandardSandbox(Evidence evidence)
{
if (evidence == null)
throw new ArgumentNullException("evidence");
Contract.EndContractBlock();
//
// The top-level switch for grant set is based upon Zone
// MyComputer -> FullTrust
// Intranet -> LocalIntranet
// Trusted -> Internet
// Internet -> Internet
// All else -> Nothing
//
// Both the Internet and LocalIntranet zones can have permission set extensions applied to them
// if there is Activation.
//
Zone zone = evidence.GetHostEvidence<Zone>();
if (zone == null)
{
return new PermissionSet(PermissionState.None);
}
#if FEATURE_CAS_POLICY
else if (zone.SecurityZone == SecurityZone.MyComputer)
{
return new PermissionSet(PermissionState.Unrestricted);
}
else if (zone.SecurityZone == SecurityZone.Intranet)
{
PermissionSet intranetGrantSet = BuiltInPermissionSets.LocalIntranet;
// We also need to add in same site web and file IO permission
PolicyStatement webPolicy =
new NetCodeGroup(new AllMembershipCondition()).Resolve(evidence);
PolicyStatement filePolicy =
new FileCodeGroup(new AllMembershipCondition(), FileIOPermissionAccess.Read | FileIOPermissionAccess.PathDiscovery).Resolve(evidence);
if (webPolicy != null)
{
intranetGrantSet.InplaceUnion(webPolicy.PermissionSet);
}
if (filePolicy != null)
{
intranetGrantSet.InplaceUnion(filePolicy.PermissionSet);
}
return intranetGrantSet;
}
else if (zone.SecurityZone == SecurityZone.Internet ||
zone.SecurityZone == SecurityZone.Trusted)
{
PermissionSet internetGrantSet = BuiltInPermissionSets.Internet;
// We also need to add in same site web permission
PolicyStatement webPolicy =
new NetCodeGroup(new AllMembershipCondition()).Resolve(evidence);
if (webPolicy != null)
{
internetGrantSet.InplaceUnion(webPolicy.PermissionSet);
}
return internetGrantSet;
}
#endif // FEATURE_CAS_POLICY
else
{
return new PermissionSet(PermissionState.None);
}
}
public void ResolveMatchingCodeGroups_NoMatch ()
{
FileCodeGroup cg = new FileCodeGroup (new ZoneMembershipCondition (SecurityZone.Untrusted), FileIOPermissionAccess.AllAccess);
Assert.IsNull (cg.ResolveMatchingCodeGroups (new Evidence ()));
}
public void Resolve_AllMembershipCondition_AllAccess ()
{
FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
PolicyStatement result = cg.Resolve (new Evidence ());
Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, "Attributes");
Assert.AreEqual (String.Empty, result.AttributeString, "AttributeString");
Assert.IsFalse (result.PermissionSet.IsUnrestricted (), "IsUnrestricted");
Assert.AreEqual (0, result.PermissionSet.Count, "Count");
}
public void ResolveMatchingCodeGroups_TwoLevel ()
{
FileCodeGroup level1 = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
CodeGroup level2 = level1.Copy ();
level1.AddChild (level2);
CodeGroup match = level1.ResolveMatchingCodeGroups (new Evidence ());
Assert.IsNotNull (match, "Match");
Assert.IsTrue (match.Equals (level1, false), "Equals(false)");
Assert.IsTrue (match.Equals (level1, true), "Equals(true)");
FileCodeGroup level2b = new FileCodeGroup (new ZoneMembershipCondition (SecurityZone.Untrusted), FileIOPermissionAccess.AllAccess);
level1.AddChild (level2b);
CodeGroup match2 = level1.ResolveMatchingCodeGroups (new Evidence ());
Assert.IsNotNull (match2, "Match2");
Assert.IsTrue (match2.Equals (level1, false), "Equals(false)");
Assert.IsTrue (!match2.Equals (level1, true), "Equals(true)");
}
public void ResolveMatchingCodeGroups_ThreeLevel ()
{
FileCodeGroup level1 = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
CodeGroup level2 = level1.Copy ();
level1.AddChild (level2);
FileCodeGroup level3 = new FileCodeGroup (new ZoneMembershipCondition (SecurityZone.Untrusted), FileIOPermissionAccess.AllAccess);
level2.AddChild (level3);
CodeGroup match = level1.ResolveMatchingCodeGroups (new Evidence ());
Assert.IsNotNull (match, "Match");
Assert.IsTrue (match.Equals (level1, false), "Equals(false)");
// Equals (true) isn't a deep compare (just one level)
Assert.IsTrue (match.Equals (level1, true), "Equals(true)");
}
public void Resolve_ZoneMembershipCondition_Untrusted ()
{
IMembershipCondition mc = new ZoneMembershipCondition (SecurityZone.Untrusted);
PermissionSet pset = new PermissionSet (PermissionState.None);
FileCodeGroup cg = new FileCodeGroup (mc, FileIOPermissionAccess.AllAccess);
Evidence e = new Evidence ();
e.AddHost (new Zone (SecurityZone.Untrusted));
PolicyStatement result = cg.Resolve (e);
Assert.AreEqual (PolicyStatementAttribute.Nothing, result.Attributes, "Untrusted-Attributes");
Assert.AreEqual (String.Empty, result.AttributeString, "Untrusted-AttributeString");
Assert.IsFalse (result.PermissionSet.IsUnrestricted (), "Untrusted-IsUnrestricted");
Assert.AreEqual (0, result.PermissionSet.Count, "Untrusted-Count");
e = new Evidence ();
e.AddHost (new Zone (SecurityZone.Internet));
Assert.IsNull (cg.Resolve (e), "Internet");
e = new Evidence ();
e.AddHost (new Zone (SecurityZone.Intranet));
Assert.IsNull (cg.Resolve (e), "Intranet");
e = new Evidence ();
e.AddHost (new Zone (SecurityZone.MyComputer));
Assert.IsNull (cg.Resolve (e), "MyComputer");
e = new Evidence ();
e.AddHost (new Zone (SecurityZone.NoZone));
Assert.IsNull (cg.Resolve (e), "NoZone");
e = new Evidence ();
e.AddHost (new Zone (SecurityZone.Trusted));
Assert.IsNull (cg.Resolve (e), "Trusted");
}
public void ToFromXmlRoundtrip ()
{
FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
cg.Name = "SomeName";
cg.Description = "Some Description";
Assert.IsTrue (cg.Equals (cg), "Equals (itself)");
SecurityElement se = cg.ToXml ();
FileCodeGroup cg2 = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.NoAccess);
cg2.Name = "SomeOtherName";
cg2.Description = "Some Other Description";
Assert.IsFalse (cg.Equals (cg2), "Equals (another)");
cg2.FromXml (se);
Assert.IsTrue (cg.Equals (cg2), "Equals (FromXml)");
}
public void Copy ()
{
FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
FileCodeGroup cg2 = (FileCodeGroup) cg.Copy ();
Assert.AreEqual (cg.AttributeString, cg2.AttributeString, "AttributeString");
Assert.AreEqual (cg.Children.Count, cg2.Children.Count, "Children");
Assert.AreEqual (cg.Description, cg2.Description, "Description");
Assert.AreEqual (cg.MergeLogic, cg2.MergeLogic, "MergeLogic");
Assert.AreEqual (cg.Name, cg2.Name, "Name");
Assert.AreEqual (cg.PermissionSetName, cg2.PermissionSetName, "PermissionSetName");
Assert.AreEqual (cg.ToXml ().ToString (), cg2.ToXml ().ToString (), "ToXml");
}
[System.Security.SecurityCritical] // auto-generated
private CodeGroup CreateDefaultMachinePolicy() {
UnionCodeGroup root = new UnionCodeGroup();
root.FromXml(CreateCodeGroupElement("UnionCodeGroup", "Nothing", new AllMembershipCondition().ToXml()), this);
root.Name = Environment.GetResourceString("Policy_AllCode_Name");
root.Description = Environment.GetResourceString("Policy_AllCode_DescriptionNothing");
UnionCodeGroup myComputerCodeGroup = new UnionCodeGroup();
myComputerCodeGroup.FromXml(CreateCodeGroupElement("UnionCodeGroup", "FullTrust", new ZoneMembershipCondition(SecurityZone.MyComputer).ToXml()), this);
myComputerCodeGroup.Name = Environment.GetResourceString("Policy_MyComputer_Name");
myComputerCodeGroup.Description = Environment.GetResourceString("Policy_MyComputer_Description");
// This code give trust to anything StrongName signed by Microsoft.
StrongNamePublicKeyBlob blob = new StrongNamePublicKeyBlob(AssemblyRef.MicrosoftPublicKeyFull);
UnionCodeGroup microsoft = new UnionCodeGroup();
microsoft.FromXml(CreateCodeGroupElement("UnionCodeGroup", "FullTrust", new StrongNameMembershipCondition(blob, null, null).ToXml()), this);
microsoft.Name = Environment.GetResourceString("Policy_Microsoft_Name");
microsoft.Description = Environment.GetResourceString("Policy_Microsoft_Description");
myComputerCodeGroup.AddChildInternal(microsoft);
// This code give trust to anything StrongName signed using the ECMA
// public key (core system assemblies).
blob = new StrongNamePublicKeyBlob(AssemblyRef.EcmaPublicKeyFull);
UnionCodeGroup ecma = new UnionCodeGroup();
ecma.FromXml(CreateCodeGroupElement("UnionCodeGroup", "FullTrust", new StrongNameMembershipCondition(blob, null, null).ToXml()), this);
ecma.Name = Environment.GetResourceString("Policy_Ecma_Name");
ecma.Description = Environment.GetResourceString("Policy_Ecma_Description");
myComputerCodeGroup.AddChildInternal(ecma);
root.AddChildInternal(myComputerCodeGroup);
// do the rest of the zones
CodeGroup intranet = new UnionCodeGroup();
intranet.FromXml(CreateCodeGroupElement("UnionCodeGroup", "LocalIntranet", new ZoneMembershipCondition(SecurityZone.Intranet).ToXml()), this);
intranet.Name = Environment.GetResourceString("Policy_Intranet_Name");
intranet.Description = Environment.GetResourceString("Policy_Intranet_Description");
CodeGroup intranetNetCode = new NetCodeGroup(new AllMembershipCondition());
intranetNetCode.Name = Environment.GetResourceString("Policy_IntranetNet_Name");
intranetNetCode.Description = Environment.GetResourceString("Policy_IntranetNet_Description");
intranet.AddChildInternal(intranetNetCode);
CodeGroup intranetFileCode = new FileCodeGroup(new AllMembershipCondition(), FileIOPermissionAccess.Read | FileIOPermissionAccess.PathDiscovery);
intranetFileCode.Name = Environment.GetResourceString("Policy_IntranetFile_Name");
intranetFileCode.Description = Environment.GetResourceString("Policy_IntranetFile_Description");
intranet.AddChildInternal(intranetFileCode);
root.AddChildInternal(intranet);
CodeGroup internet = new UnionCodeGroup();
internet.FromXml(CreateCodeGroupElement("UnionCodeGroup", "Internet", new ZoneMembershipCondition(SecurityZone.Internet).ToXml()), this);
internet.Name = Environment.GetResourceString("Policy_Internet_Name");
internet.Description = Environment.GetResourceString("Policy_Internet_Description");
CodeGroup internetNet = new NetCodeGroup(new AllMembershipCondition());
internetNet.Name = Environment.GetResourceString("Policy_InternetNet_Name");
internetNet.Description = Environment.GetResourceString("Policy_InternetNet_Description");
internet.AddChildInternal(internetNet);
root.AddChildInternal(internet);
CodeGroup untrusted = new UnionCodeGroup();
untrusted.FromXml(CreateCodeGroupElement("UnionCodeGroup", "Nothing", new ZoneMembershipCondition(SecurityZone.Untrusted).ToXml()), this);
untrusted.Name = Environment.GetResourceString("Policy_Untrusted_Name");
untrusted.Description = Environment.GetResourceString("Policy_Untrusted_Description");
root.AddChildInternal(untrusted);
CodeGroup trusted = new UnionCodeGroup();
trusted.FromXml(CreateCodeGroupElement("UnionCodeGroup", "Internet", new ZoneMembershipCondition(SecurityZone.Trusted).ToXml()), this);
trusted.Name = Environment.GetResourceString("Policy_Trusted_Name");
trusted.Description = Environment.GetResourceString("Policy_Trusted_Description");
CodeGroup trustedNet = new NetCodeGroup(new AllMembershipCondition());
trustedNet.Name = Environment.GetResourceString("Policy_TrustedNet_Name");
trustedNet.Description = Environment.GetResourceString("Policy_TrustedNet_Description");
trusted.AddChildInternal(trustedNet);
root.AddChildInternal(trusted);
return root;
}
public static PermissionSet GetStandardSandbox(Evidence evidence)
{
if (evidence == null)
{
throw new ArgumentNullException("evidence");
}
Zone hostEvidence = evidence.GetHostEvidence<Zone>();
if (hostEvidence == null)
{
return new PermissionSet(PermissionState.None);
}
if (hostEvidence.SecurityZone == SecurityZone.MyComputer)
{
return new PermissionSet(PermissionState.Unrestricted);
}
if (hostEvidence.SecurityZone == SecurityZone.Intranet)
{
PermissionSet localIntranet = BuiltInPermissionSets.LocalIntranet;
PolicyStatement statement = new NetCodeGroup(new AllMembershipCondition()).Resolve(evidence);
PolicyStatement statement2 = new FileCodeGroup(new AllMembershipCondition(), FileIOPermissionAccess.PathDiscovery | FileIOPermissionAccess.Read).Resolve(evidence);
if (statement != null)
{
localIntranet.InplaceUnion(statement.PermissionSet);
}
if (statement2 != null)
{
localIntranet.InplaceUnion(statement2.PermissionSet);
}
return localIntranet;
}
if ((hostEvidence.SecurityZone != SecurityZone.Internet) && (hostEvidence.SecurityZone != SecurityZone.Trusted))
{
return new PermissionSet(PermissionState.None);
}
PermissionSet internet = BuiltInPermissionSets.Internet;
PolicyStatement statement3 = new NetCodeGroup(new AllMembershipCondition()).Resolve(evidence);
if (statement3 != null)
{
internet.InplaceUnion(statement3.PermissionSet);
}
return internet;
}
public void CopyWithChildren ()
{
FileCodeGroup cgChild = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
cg.AddChild (cgChild);
FileCodeGroup cg2 = (FileCodeGroup) cg.Copy ();
Assert.AreEqual (cg.Children.Count, cg2.Children.Count, "Children");
Assert.AreEqual (cg.ToXml ().ToString (), cg2.ToXml ().ToString (), "ToXml");
}
public void ResolveMatchingCodeGroups_OneLevel ()
{
FileCodeGroup level1 = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
CodeGroup match = level1.ResolveMatchingCodeGroups (new Evidence ());
Assert.IsNotNull (match, "Match");
Assert.IsTrue (match.Equals (level1, false), "Equals(false)");
Assert.IsTrue (match.Equals (level1, true), "Equals(true)");
}
public void ResolveMatchingCodeGroups_Null ()
{
FileCodeGroup cg = new FileCodeGroup (new AllMembershipCondition (), FileIOPermissionAccess.AllAccess);
cg.ResolveMatchingCodeGroups (null);
}
public void Constructor_MembershipConditionNullFileIOPermissionAccess ()
{
FileCodeGroup cg = new FileCodeGroup (null, FileIOPermissionAccess.AllAccess);
}
/// <summary>Determines whether the specified code group is equivalent to the current code group.</summary>
/// <param name="o">The code group to compare with the current code group. </param>
/// <returns>
/// <see langword="true" /> if the specified code group is equivalent to the current code group; otherwise, <see langword="false" />.</returns>
// Token: 0x06002943 RID: 10563 RVA: 0x00098504 File Offset: 0x00096704
public override bool Equals(object o)
{
FileCodeGroup fileCodeGroup = o as FileCodeGroup;
return(fileCodeGroup != null && base.Equals(fileCodeGroup) && this.m_access == fileCodeGroup.m_access);
}
// Resolve code groups that match specific evidence.
public override CodeGroup ResolveMatchingCodeGroups(Evidence evidence)
{
FileCodeGroup newGroup;
CodeGroup child;
// Validate the parameter.
if(evidence == null)
{
throw new ArgumentNullException("evidence");
}
// Check the membership condition.
if(!MembershipCondition.Check(evidence))
{
return null;
}
// Clone this group, except for the children.
newGroup = new FileCodeGroup(MembershipCondition, access);
newGroup.Name = Name;
newGroup.Description = Description;
// Resolve and add the children.
foreach(CodeGroup group in Children)
{
child = group.ResolveMatchingCodeGroups(evidence);
if(child != null)
{
newGroup.AddChild(child);
}
}
// Return the result.
return newGroup;
}
