| private DoesFullTrustMeanFullTrust ( ) : bool | ||
| return | bool | |
internal static bool CanUnrestrictedOverride(IPermission ip)
{
if (CodeAccessSecurityEngine.DoesFullTrustMeanFullTrust())
{
return(true);
}
if (ip is IUnrestrictedPermission)
{
return(true);
}
return(false);
}
//-----------------------------------------------------------+
// R E V E R T
//-----------------------------------------------------------+
internal void RevertAssert()
{
if (m_assertions != null)
{
m_assertions = null;
DecrementAssertCount();
}
if (m_DeclarativeAssertions != null)
{
m_AssertFT = (CodeAccessSecurityEngine.DoesFullTrustMeanFullTrust() && m_DeclarativeAssertions.IsUnrestricted());;
}
else
{
m_AssertFT = false;
}
}
internal PermissionSet CodeGroupResolve(Evidence evidence, bool systemPolicy)
{
PermissionSet grant = null;
PolicyStatement policy;
PolicyLevel currentLevel = null;
IEnumerator levelEnumerator = PolicyLevels.GetEnumerator();
char[] serializedEvidence = MakeEvidenceArray(evidence, false);
int count = evidence.Count;
bool legacyIgnoreSystemPolicy = (AppDomain.CurrentDomain.GetData("IgnoreSystemPolicy") != null);
bool testApplicationLevels = false;
while (levelEnumerator.MoveNext())
{
currentLevel = (PolicyLevel)levelEnumerator.Current;
if (systemPolicy)
{
if (currentLevel.Type == PolicyLevelType.AppDomain)
{
continue;
}
}
else if (legacyIgnoreSystemPolicy && currentLevel.Type != PolicyLevelType.AppDomain)
{
continue;
}
policy = currentLevel.Resolve(evidence, count, serializedEvidence);
// If the grant is "AllPossible", the intersection is just the other permission set.
// Otherwise, do an inplace intersection (since we know we can alter the grant set since
// it is a copy of the first policy statement's permission set).
if (grant == null)
{
grant = policy.PermissionSet;
}
else
{
grant.InplaceIntersect(policy.GetPermissionSetNoCopy());
}
if (grant == null || grant.FastIsEmpty())
{
break;
}
else if ((policy.Attributes & PolicyStatementAttribute.LevelFinal) == PolicyStatementAttribute.LevelFinal)
{
if (currentLevel.Type != PolicyLevelType.AppDomain)
{
testApplicationLevels = true;
}
break;
}
}
if (grant != null && testApplicationLevels)
{
PolicyLevel appDomainLevel = null;
for (int i = PolicyLevels.Count - 1; i >= 0; --i)
{
currentLevel = (PolicyLevel)PolicyLevels[i];
if (currentLevel.Type == PolicyLevelType.AppDomain)
{
appDomainLevel = currentLevel;
break;
}
}
if (appDomainLevel != null)
{
policy = appDomainLevel.Resolve(evidence, count, serializedEvidence);
grant.InplaceIntersect(policy.GetPermissionSetNoCopy());
}
}
if (grant == null)
{
grant = new PermissionSet(PermissionState.None);
}
// Each piece of evidence can possibly create an identity permission that we
// need to add to our grant set. Therefore, for all pieces of evidence that
// implement the IIdentityPermissionFactory interface, ask it for its
// adjoining identity permission and add it to the grant.
if (!CodeAccessSecurityEngine.DoesFullTrustMeanFullTrust() || !grant.IsUnrestricted())
{
IEnumerator enumerator = evidence.GetHostEnumerator();
while (enumerator.MoveNext())
{
Object obj = enumerator.Current;
IIdentityPermissionFactory factory = obj as IIdentityPermissionFactory;
if (factory != null)
{
IPermission perm = factory.CreateIdentityPermission(evidence);
if (perm != null)
{
grant.AddPermission(perm);
}
}
}
}
grant.IgnoreTypeLoadFailures = true;
return(grant);
}
internal PermissionToken BuiltInGetToken(int index, IPermission perm, Type cls)
{
PermissionToken token = m_builtIn[index];
if (token == null)
{
lock (this)
{
token = m_builtIn[index];
if (token == null)
{
PermissionTokenType permType = PermissionTokenType.DontKnow;
if (perm != null)
{
if (CodeAccessSecurityEngine.DoesFullTrustMeanFullTrust() || perm is IUnrestrictedPermission)
{
permType = PermissionTokenType.IUnrestricted;
}
else
{
permType = PermissionTokenType.Normal;
}
}
else if (cls != null)
{
if (CodeAccessSecurityEngine.DoesFullTrustMeanFullTrust() || cls.GetInterface("System.Security.Permissions.IUnrestrictedPermission") != null)
{
permType = PermissionTokenType.IUnrestricted;
}
else
{
permType = PermissionTokenType.Normal;
}
}
token = new PermissionToken(index, permType | PermissionTokenType.BuiltIn, null);
m_builtIn[index] = token;
PermissionToken.s_tokenSet.SetItem(token.m_index, token);
}
}
}
if ((token.m_type & PermissionTokenType.DontKnow) != 0)
{
token.m_type = PermissionTokenType.BuiltIn;
if (perm != null)
{
if (CodeAccessSecurityEngine.DoesFullTrustMeanFullTrust() || perm is IUnrestrictedPermission)
{
token.m_type |= PermissionTokenType.IUnrestricted;
}
else
{
token.m_type |= PermissionTokenType.Normal;
}
}
else if (cls != null)
{
if (CodeAccessSecurityEngine.DoesFullTrustMeanFullTrust() || cls.GetInterface("System.Security.Permissions.IUnrestrictedPermission") != null)
{
token.m_type |= PermissionTokenType.IUnrestricted;
}
else
{
token.m_type |= PermissionTokenType.Normal;
}
}
else
{
token.m_type |= PermissionTokenType.DontKnow;
}
}
return(token);
}
internal void SetAssert(PermissionSet permSet)
{
m_assertions = permSet.Copy();
m_AssertFT = m_AssertFT || (CodeAccessSecurityEngine.DoesFullTrustMeanFullTrust() && m_assertions.IsUnrestricted());
IncrementAssertCount();
}
