// Used to merge two distinct TokenBasedSets (used currently only in PermissionSet Deserialization)
internal TokenBasedSet SpecialUnion(TokenBasedSet other)
{
// This gets called from PermissionSet.OnDeserialized and it's possible that the TokenBasedSets have
// not been subjected to VTS callbacks yet
OnDeserializedInternal();
TokenBasedSet unionSet = new TokenBasedSet();
int maxMax;
if (other != null)
{
other.OnDeserializedInternal();
maxMax = this.GetMaxUsedIndex() > other.GetMaxUsedIndex() ? this.GetMaxUsedIndex() : other.GetMaxUsedIndex();
}
else
{
maxMax = this.GetMaxUsedIndex();
}
for (int i = 0; i <= maxMax; ++i)
{
Object thisObj = this.GetItem(i);
IPermission thisPerm = thisObj as IPermission;
Object otherObj = (other != null)?other.GetItem(i):null;
IPermission otherPerm = otherObj as IPermission;
if (thisObj == null && otherObj == null)
{
continue;
}
if (thisObj == null)
{
PermissionToken token = PermissionToken.GetToken(otherPerm);
if (token == null)
{
throw new SerializationException(Environment.GetResourceString("Serialization_InsufficientState"));
}
unionSet.SetItem(token.m_index, otherPerm);
}
else if (otherObj == null)
{
PermissionToken token = PermissionToken.GetToken(thisPerm);
if (token == null)
{
throw new SerializationException(Environment.GetResourceString("Serialization_InsufficientState"));
}
unionSet.SetItem(token.m_index, thisPerm);
}
else
{
Debug.Assert((thisObj == null || otherObj == null), "Permission cannot be in both TokenBasedSets");
}
}
return(unionSet);
}
internal TokenBasedSet SpecialUnion(TokenBasedSet other)
{
int maxUsedIndex;
this.OnDeserializedInternal();
TokenBasedSet set = new TokenBasedSet();
if (other != null)
{
other.OnDeserializedInternal();
maxUsedIndex = (this.GetMaxUsedIndex() > other.GetMaxUsedIndex()) ? this.GetMaxUsedIndex() : other.GetMaxUsedIndex();
}
else
{
maxUsedIndex = this.GetMaxUsedIndex();
}
for (int i = 0; i <= maxUsedIndex; i++)
{
object item = this.GetItem(i);
IPermission perm = item as IPermission;
ISecurityElementFactory factory = item as ISecurityElementFactory;
object obj3 = (other != null) ? other.GetItem(i) : null;
IPermission permission2 = obj3 as IPermission;
ISecurityElementFactory factory2 = obj3 as ISecurityElementFactory;
if ((item != null) || (obj3 != null))
{
if (item == null)
{
if (factory2 != null)
{
permission2 = PermissionSet.CreatePerm(factory2, false);
}
PermissionToken token = PermissionToken.GetToken(permission2);
if (token == null)
{
throw new SerializationException(Environment.GetResourceString("Serialization_InsufficientState"));
}
set.SetItem(token.m_index, permission2);
}
else if (obj3 == null)
{
if (factory != null)
{
perm = PermissionSet.CreatePerm(factory, false);
}
PermissionToken token2 = PermissionToken.GetToken(perm);
if (token2 == null)
{
throw new SerializationException(Environment.GetResourceString("Serialization_InsufficientState"));
}
set.SetItem(token2.m_index, perm);
}
}
}
return(set);
}
private void AppendStackHelper( TokenBasedSet thisSet, TokenBasedSet permSet, bool unrestrictedThisSet, bool unrestrictedPermSet, bool unrestricted )
{
int maxThis = thisSet.GetMaxUsedIndex();
int maxPerm = permSet.GetMaxUsedIndex();
int maxIndex = maxThis > maxPerm ? maxThis : maxPerm;
for (int i = 0; i <= maxIndex; i++)
{
PermissionList plist = (PermissionList)thisSet.GetItem(i);
PermissionList appendList = (PermissionList)permSet.GetItem(i);
if (plist != null)
{
if (appendList != null)
{
// This call will not add the permission if the list is
// empty, or if the last element is a normal check with
// a null Permission. Let the method take care of it...
plist.AppendStack(appendList.Copy());
}
else
{
// Nothing on the compressed stack for this index,
// so terminate current list.
if (!unrestrictedPermSet)
{
thisSet.SetItem( i, plist.Copy() );
}
}
}
else if (unrestrictedThisSet && appendList != null)
{
thisSet.SetItem(i, appendList.Copy());
}
}
}
private void AppendTokenBasedSets( TokenBasedSet thisSet, TokenBasedSet permSet, int type, bool unrestricted )
{
int thisMaxIndex = thisSet.GetMaxUsedIndex();
int permMaxIndex = permSet == null ? 0 : permSet.GetMaxUsedIndex();
int maxIndex = thisMaxIndex > permMaxIndex ? thisMaxIndex : permMaxIndex;
// Loop over the relevant indexes...
for (int i = 0; i <= maxIndex; i++)
{
PermissionList plist = (PermissionList)thisSet.GetItem(i);
CodeAccessPermission cap = permSet == null ? null : (CodeAccessPermission)permSet.GetItem(i);
if (plist == null)
{
if (this.m_unrestricted)
{
switch (type)
{
case PermissionList.MatchChecked:
case PermissionList.MatchPermitOnly:
plist = new PermissionList();
plist.AppendPermission(cap, type);
thisSet.SetItem( i, plist );
break;
case PermissionList.MatchDeny:
case PermissionList.MatchAssert:
if (cap != null)
{
plist = new PermissionList();
plist.AppendPermission(cap, type);
thisSet.SetItem( i, plist );
}
break;
default:
throw new ArgumentException(Environment.GetResourceString( "Argument_InvalidPermissionListType" ));
}
}
}
else
{
// A list already exists. All lists should have at least
// one element in them.
// Normally, only append if the permission is not null.
// However, if the type is Checked, then make sure the
// list is terminated with a permission, null or not.
switch (type)
{
case PermissionList.MatchChecked:
case PermissionList.MatchPermitOnly:
plist.AppendPermissionAndCompress(cap, type);
break;
case PermissionList.MatchDeny:
case PermissionList.MatchAssert:
if (cap != null)
plist.AppendPermissionAndCompress(cap, type);
break;
default:
throw new ArgumentException(Environment.GetResourceString( "Argument_InvalidPermissionListType" ));
}
}
}
}
public static TokenBasedSet CopyTokenBasedSet( TokenBasedSet set )
{
if (set == null || set.GetCount() == 0)
return null;
int maxIndex = set.GetMaxUsedIndex();
TokenBasedSet copySet = new TokenBasedSet( maxIndex + 1, 4 );
for (int i = 0; i <= maxIndex; ++i)
{
Object obj = set.GetItem( i );
if (obj == null)
copySet.SetItem( i, null );
else if (obj is IPermission)
copySet.SetItem( i, ((IPermission)obj).Copy() );
else if (obj is PermissionList)
copySet.SetItem( i, ((PermissionList)obj).Copy() );
else
{
BCLDebug.Assert( false, "CopyTokenBasedSet can only be used for IPermission and PermissionList based TokenBasedSets" );
copySet.SetItem( i, obj );
}
}
return copySet;
}
private static bool CheckTokenBasedSets( TokenBasedSet thisSet, TokenBasedSet permSet, bool unrestricted, PermissionListSetState state, out Exception exception, bool bNeedAlteredSet, out TokenBasedSet alteredSet )
{
alteredSet = null;
// If the set is empty, there is no reason to walk the
// stack.
if (permSet == null || permSet.IsEmpty())
{
if (bNeedAlteredSet)
alteredSet = new TokenBasedSet( 1, 4 );
exception = null;
return false;
}
int permMaxIndex = permSet.GetMaxUsedIndex();
// Make a quick check to see if permSet definitely contains permissions that this set doesn't
if (permMaxIndex > thisSet.GetMaxUsedIndex())
{
// The only way we don't want to throw an exception is
// if we are unrestricted. Then, if we don't want to throw
// an exception we may want to terminate the stack walk
// based on an unrestricted assert.
if (unrestricted)
{
if (((state & PermissionListSetState.UnrestrictedAssert) != 0))
{
if (bNeedAlteredSet)
alteredSet = new TokenBasedSet( 1, 4 );
exception = null;
return false;
}
else
{
exception = null;
return true;
}
}
else
{
exception = new SecurityException(Environment.GetResourceString("Security_GenericNoType") );
return false;
}
}
bool continueStackWalk = false;
// We know that checking to <permMaxIndex> is sufficient because of above check
for (int i = 0; i <= permMaxIndex; i++)
{
Object obj = permSet.GetItem(i);
if (obj != null)
{
CodeAccessPermission cap = (CodeAccessPermission)obj;
PermissionList permList = (PermissionList)thisSet.GetItem(i);
if (permList != null)
{
bool tempContinue = permList.CheckDemandInternal(cap, out exception);
if (exception != null)
return false;
if (tempContinue)
{
// If we are supposed to continue the stack walk but there is an unrestricted
// deny, then we should fail.
if (((state & PermissionListSetState.UnrestrictedDeny) != 0) && (cap is IUnrestrictedPermission))
{
exception = new SecurityException(String.Format( Environment.GetResourceString("Security_Generic"), cap.GetType().AssemblyQualifiedName ) );
return false;
}
continueStackWalk = true;
}
else if (((state & PermissionListSetState.UnrestrictedAssert) == 0) && (cap is IUnrestrictedPermission))
{
// We only want to build the altered set if we don't have an
// unrestricted assert because we know if we have an unrestricted
// assert and we don't throw an exception that the stackwalk should
// include no unrestricted permissions.
if (bNeedAlteredSet)
{
if (alteredSet == null)
alteredSet = CopyTokenBasedSet( permSet );
alteredSet.SetItem( i, null );
}
}
}
else
{
if (!unrestricted)
{
exception = new SecurityException(String.Format( Environment.GetResourceString("Security_Generic"), cap.GetType().AssemblyQualifiedName ) );
return false;
}
}
}
}
exception = null;
return continueStackWalk;
}
public PermissionListSet(PermissionListSet permListSet)
{
if (permListSet == null)
{
Reset();
return;
}
m_unrestrictedPermSet = new TokenBasedSet(permListSet.m_unrestrictedPermSet);
// Now deep copy all permission lists in set.
// Note that this DOES deep copy permissions in the list.
for (int i = 0; i <= m_unrestrictedPermSet.GetMaxUsedIndex(); i++)
{
PermissionList plist = (PermissionList)m_unrestrictedPermSet.GetItem(i);
if (plist != null)
{
m_unrestrictedPermSet.SetItem(i, plist.Copy());
}
}
m_normalPermSet = new TokenBasedSet(permListSet.m_normalPermSet);
// Now deep copy all permission lists in set.
// Note that this DOES deep copy permissions in the list.
for (int i = 0; i <= m_normalPermSet.GetMaxUsedIndex(); i++)
{
PermissionList plist = (PermissionList)m_normalPermSet.GetItem(i);
if (plist != null)
{
m_normalPermSet.SetItem(i, plist.Copy());
}
}
m_unrestricted = permListSet.m_unrestricted;
m_state = permListSet.m_state;
}
// Used to merge two distinct TokenBasedSets (used currently only in PermissionSet Deserialization)
internal TokenBasedSet SpecialUnion(TokenBasedSet other)
{
// This gets called from PermissionSet.OnDeserialized and it's possible that the TokenBasedSets have
// not been subjected to VTS callbacks yet
OnDeserializedInternal();
TokenBasedSet unionSet = new TokenBasedSet();
int maxMax;
if (other != null)
{
other.OnDeserializedInternal();
maxMax = this.GetMaxUsedIndex() > other.GetMaxUsedIndex() ? this.GetMaxUsedIndex() : other.GetMaxUsedIndex();
}
else
maxMax = this.GetMaxUsedIndex();
for (int i = 0; i <= maxMax; ++i)
{
Object thisObj = this.GetItem( i );
IPermission thisPerm = thisObj as IPermission;
#if FEATURE_CAS_POLICY
ISecurityElementFactory thisElem = thisObj as ISecurityElementFactory;
#endif // FEATURE_CAS_POLICY
Object otherObj = (other != null)?other.GetItem( i ):null;
IPermission otherPerm = otherObj as IPermission;
#if FEATURE_CAS_POLICY
ISecurityElementFactory otherElem = otherObj as ISecurityElementFactory;
#endif // FEATURE_CAS_POLICY
if (thisObj == null && otherObj == null)
continue;
if (thisObj == null)
{
#if FEATURE_CAS_POLICY
if (otherElem != null)
{
otherPerm = PermissionSet.CreatePerm(otherElem, false);
}
#endif // FEATURE_CAS_POLICY
PermissionToken token = PermissionToken.GetToken(otherPerm);
if (token == null)
{
throw new SerializationException(Environment.GetResourceString("Serialization_InsufficientState"));
}
unionSet.SetItem(token.m_index, otherPerm);
}
else if (otherObj == null)
{
#if FEATURE_CAS_POLICY
if (thisElem != null)
{
thisPerm = PermissionSet.CreatePerm(thisElem, false);
}
#endif // FEATURE_CAS_POLICY
PermissionToken token = PermissionToken.GetToken(thisPerm);
if (token == null)
{
throw new SerializationException(Environment.GetResourceString("Serialization_InsufficientState"));
}
unionSet.SetItem( token.m_index, thisPerm);
}
else
{
Contract.Assert( (thisObj == null || otherObj == null), "Permission cannot be in both TokenBasedSets" );
}
}
return unionSet;
}
public PermissionSet(PermissionSet permSet)
: this()
{
if (permSet == null)
{
Reset();
return;
}
m_Unrestricted = permSet.m_Unrestricted;
m_CheckedForNonCas = permSet.m_CheckedForNonCas;
m_ContainsCas = permSet.m_ContainsCas;
m_ContainsNonCas = permSet.m_ContainsNonCas;
m_ignoreTypeLoadFailures = permSet.m_ignoreTypeLoadFailures;
if (permSet.m_permSet != null)
{
m_permSet = new TokenBasedSet(permSet.m_permSet);
// now deep copy all permissions in set
for (int i = m_permSet.GetStartingIndex(); i <= m_permSet.GetMaxUsedIndex(); i++)
{
Object obj = m_permSet.GetItem(i);
IPermission perm = obj as IPermission;
#if FEATURE_CAS_POLICY
ISecurityElementFactory elem = obj as ISecurityElementFactory;
#endif // FEATURE_CAS_POLICY
if (perm != null)
{
m_permSet.SetItem(i, perm.Copy());
}
#if FEATURE_CAS_POLICY
else if (elem != null)
{
m_permSet.SetItem(i, elem.Copy());
}
#endif // FEATURE_CAS_POLICY
}
}
}
private bool EndConditionReached()
{
return(m_set == null || (m_currentIndex > m_set.GetMaxUsedIndex()));
}
// Used to merge two distinct TokenBasedSets (used currently only in PermissionSet Deserialization)
internal TokenBasedSet SpecialUnion(TokenBasedSet other, ref bool canUnrestrictedOverride)
{
// This gets called from PermissionSet.OnDeserialized and it's possible that the TokenBasedSets have
// not been subjected to VTS callbacks yet
OnDeserializedInternal();
TokenBasedSet unionSet = new TokenBasedSet();
int maxMax;
if (other != null)
{
other.OnDeserializedInternal();
maxMax = this.GetMaxUsedIndex() > other.GetMaxUsedIndex() ? this.GetMaxUsedIndex() : other.GetMaxUsedIndex();
}
else
{
maxMax = this.GetMaxUsedIndex();
}
for (int i = 0; i <= maxMax; ++i)
{
Object thisObj = this.GetItem(i);
IPermission thisPerm = thisObj as IPermission;
ISecurityElementFactory thisElem = thisObj as ISecurityElementFactory;
Object otherObj = (other != null)?other.GetItem(i):null;
IPermission otherPerm = otherObj as IPermission;
ISecurityElementFactory otherElem = otherObj as ISecurityElementFactory;
if (thisObj == null && otherObj == null)
{
continue;
}
if (thisObj == null)
{
if (otherElem != null)
{
otherPerm = PermissionSet.CreatePerm(otherElem, false);
}
PermissionToken token = PermissionToken.GetToken(otherPerm);
if (token == null)
{
throw new SerializationException(Environment.GetResourceString("Serialization_InsufficientState"));
}
unionSet.SetItem(token.m_index, otherPerm);
if (!CodeAccessPermission.CanUnrestrictedOverride(otherPerm))
{
canUnrestrictedOverride = false;
}
}
else if (otherObj == null)
{
if (thisElem != null)
{
thisPerm = PermissionSet.CreatePerm(thisElem, false);
}
PermissionToken token = PermissionToken.GetToken(thisPerm);
if (token == null)
{
throw new SerializationException(Environment.GetResourceString("Serialization_InsufficientState"));
}
unionSet.SetItem(token.m_index, thisPerm);
if (!CodeAccessPermission.CanUnrestrictedOverride(thisPerm))
{
canUnrestrictedOverride = false;
}
}
else
{
BCLDebug.Assert((thisObj == null || otherObj == null), "Permission cannot be in both TokenBasedSets");
}
}
return(unionSet);
}
/// <include file='doc\PermissionSet.uex' path='docs/doc[@for="PermissionSet.PermissionSet1"]/*' />
public PermissionSet(PermissionSet permSet)
: this()
{
if (permSet == null)
{
Reset();
return;
}
m_Unrestricted = permSet.m_Unrestricted;
m_CheckedForNonCas = permSet.m_CheckedForNonCas;
m_ContainsCas = permSet.m_ContainsCas;
m_ContainsNonCas = permSet.m_ContainsNonCas;
if (permSet.m_normalPermSet != null)
{
m_normalPermSet = new TokenBasedSet(permSet.m_normalPermSet);
// now deep copy all permissions in set
for (int i = 0; i <= m_normalPermSet.GetMaxUsedIndex(); i++)
{
IPermission perm = (IPermission)m_normalPermSet.GetItem(i);
if (perm != null)
{
m_normalPermSet.SetItem(i, perm.Copy());
}
}
}
if (permSet.m_unrestrictedPermSet != null)
{
m_unrestrictedPermSet = new TokenBasedSet(permSet.m_unrestrictedPermSet);
// now deep copy all permissions in set
for (int i = 0; i <= m_unrestrictedPermSet.GetMaxUsedIndex(); i++)
{
IPermission perm = (IPermission)m_unrestrictedPermSet.GetItem(i);
if (perm != null)
{
m_unrestrictedPermSet.SetItem(i, perm.Copy());
}
}
}
if (permSet.m_toBeLoaded != null)
{
this.m_toBeLoaded = new SecurityElement();
IEnumerator enumerator = permSet.m_toBeLoaded.m_lChildren.GetEnumerator();
while (enumerator.MoveNext())
{
this.m_toBeLoaded.AddChild( (SecurityElement)enumerator.Current );
}
}
}
public PermissionSet(PermissionSet permSet)
: this()
{
if (permSet == null)
{
Reset();
return;
}
m_Unrestricted = permSet.m_Unrestricted;
m_CheckedForNonCas = permSet.m_CheckedForNonCas;
m_ContainsCas = permSet.m_ContainsCas;
m_ContainsNonCas = permSet.m_ContainsNonCas;
m_ignoreTypeLoadFailures = permSet.m_ignoreTypeLoadFailures;
if (permSet.m_permSet != null)
{
m_permSet = new TokenBasedSet(permSet.m_permSet);
// now deep copy all permissions in set
for (int i = m_permSet.GetStartingIndex(); i <= m_permSet.GetMaxUsedIndex(); i++)
{
Object obj = m_permSet.GetItem(i);
IPermission perm = obj as IPermission;
if (perm != null)
{
m_permSet.SetItem(i, perm.Copy());
}
}
}
}
internal TokenBasedSet SpecialUnion(TokenBasedSet other)
{
int maxUsedIndex;
this.OnDeserializedInternal();
TokenBasedSet set = new TokenBasedSet();
if (other != null)
{
other.OnDeserializedInternal();
maxUsedIndex = (this.GetMaxUsedIndex() > other.GetMaxUsedIndex()) ? this.GetMaxUsedIndex() : other.GetMaxUsedIndex();
}
else
{
maxUsedIndex = this.GetMaxUsedIndex();
}
for (int i = 0; i <= maxUsedIndex; i++)
{
object item = this.GetItem(i);
IPermission perm = item as IPermission;
ISecurityElementFactory factory = item as ISecurityElementFactory;
object obj3 = (other != null) ? other.GetItem(i) : null;
IPermission permission2 = obj3 as IPermission;
ISecurityElementFactory factory2 = obj3 as ISecurityElementFactory;
if ((item != null) || (obj3 != null))
{
if (item == null)
{
if (factory2 != null)
{
permission2 = PermissionSet.CreatePerm(factory2, false);
}
PermissionToken token = PermissionToken.GetToken(permission2);
if (token == null)
{
throw new SerializationException(Environment.GetResourceString("Serialization_InsufficientState"));
}
set.SetItem(token.m_index, permission2);
}
else if (obj3 == null)
{
if (factory != null)
{
perm = PermissionSet.CreatePerm(factory, false);
}
PermissionToken token2 = PermissionToken.GetToken(perm);
if (token2 == null)
{
throw new SerializationException(Environment.GetResourceString("Serialization_InsufficientState"));
}
set.SetItem(token2.m_index, perm);
}
}
}
return set;
}
// Used to merge two distinct TokenBasedSets (used currently only in PermissionSet Deserialization)
internal TokenBasedSet SpecialUnion(TokenBasedSet other, ref bool canUnrestrictedOverride)
{
// This gets called from PermissionSet.OnDeserialized and it's possible that the TokenBasedSets have
// not been subjected to VTS callbacks yet
OnDeserializedInternal();
TokenBasedSet unionSet = new TokenBasedSet();
int maxMax;
if (other != null)
{
other.OnDeserializedInternal();
maxMax = this.GetMaxUsedIndex() > other.GetMaxUsedIndex() ? this.GetMaxUsedIndex() : other.GetMaxUsedIndex();
}
else
maxMax = this.GetMaxUsedIndex();
for (int i = 0; i <= maxMax; ++i)
{
Object thisObj = this.GetItem( i );
IPermission thisPerm = thisObj as IPermission;
ISecurityElementFactory thisElem = thisObj as ISecurityElementFactory;
Object otherObj = (other != null)?other.GetItem( i ):null;
IPermission otherPerm = otherObj as IPermission;
ISecurityElementFactory otherElem = otherObj as ISecurityElementFactory;
if (thisObj == null && otherObj == null)
continue;
if (thisObj == null)
{
if (otherElem != null)
{
otherPerm = PermissionSet.CreatePerm(otherElem, false);
}
PermissionToken token = PermissionToken.GetToken(otherPerm);
if (token == null)
{
throw new SerializationException(Environment.GetResourceString("Serialization_InsufficientState"));
}
unionSet.SetItem(token.m_index, otherPerm);
if (!CodeAccessPermission.CanUnrestrictedOverride(otherPerm))
canUnrestrictedOverride = false;
}
else if (otherObj == null)
{
if (thisElem != null)
{
thisPerm = PermissionSet.CreatePerm(thisElem, false);
}
PermissionToken token = PermissionToken.GetToken(thisPerm);
if (token == null)
{
throw new SerializationException(Environment.GetResourceString("Serialization_InsufficientState"));
}
unionSet.SetItem( token.m_index, thisPerm);
if (!CodeAccessPermission.CanUnrestrictedOverride(thisPerm))
canUnrestrictedOverride = false;
}
else
{
BCLDebug.Assert( (thisObj == null || otherObj == null), "Permission cannot be in both TokenBasedSets" );
}
}
return unionSet;
}
