internal static IPermission CheckPermissionSet(Assembly a, PermissionSet ps, bool noncas) { if (ps.IsEmpty()) { return(null); } foreach (object obj in ps) { IPermission permission = (IPermission)obj; if (!noncas && permission is CodeAccessPermission) { if (!SecurityManager.IsGranted(a, permission)) { return(permission); } } else { try { permission.Demand(); } catch (SecurityException) { return(permission); } } } return(null); }
public static bool IsGranted(this IPermission permission) { try { permission.Demand(); return(true); } catch (SecurityException) { return(false); } }
internal static IPermission CheckPermissionSet(AppDomain ad, PermissionSet ps) { if (ps == null || ps.IsEmpty()) { return(null); } PermissionSet grantedPermissionSet = ad.GrantedPermissionSet; if (grantedPermissionSet == null) { return(null); } if (grantedPermissionSet.IsUnrestricted()) { return(null); } if (ps.IsUnrestricted()) { return(new SecurityPermission(SecurityPermissionFlag.NoFlags)); } foreach (object obj in ps) { IPermission permission = (IPermission)obj; if (permission is CodeAccessPermission) { CodeAccessPermission codeAccessPermission = (CodeAccessPermission)grantedPermissionSet.GetPermission(permission.GetType()); if (codeAccessPermission == null) { if ((!grantedPermissionSet.IsUnrestricted() || !(permission is IUnrestrictedPermission)) && !permission.IsSubsetOf(null)) { return(permission); } } else if (!permission.IsSubsetOf(codeAccessPermission)) { return(permission); } } else { try { permission.Demand(); } catch (SecurityException) { return(permission); } } } return(null); }
/// <summary> /// check whether the given permission is granted /// </summary> /// <param name="p"></param> /// <returns></returns> internal static bool IsPermissionGranted(IPermission p) { try { p.Demand(); // permission is granted return(true); } catch (SecurityException) { // permission is not granted return(false); } }
public virtual void Demand() #endif { #if UNITY_DISABLE_CORECLR #if !DISABLE_SECURITY // Note: SecurityEnabled only applies to CAS permissions // so we're not checking for it (yet) if (IsEmpty()) { return; } int n = list.Count; if ((_ignored == null) || (_ignored.Length != n)) { _ignored = new bool [n]; } bool call_cas_only = this.IsUnrestricted(); // non CAS permissions (e.g. PrincipalPermission) do not requires a stack walk for (int i = 0; i < n; i++) { IPermission p = (IPermission)list [i]; Type t = p.GetType(); if (t.IsSubclassOf(typeof(CodeAccessPermission))) { _ignored [i] = false; call_cas_only = true; } else { _ignored [i] = true; p.Demand(); } } // don't start the stack walk if // - the permission set only contains non CAS permissions; or // - security isn't enabled (applis only to CAS!) if (call_cas_only && SecurityManager.SecurityEnabled) { CasOnlyDemand(_declsec ? 5 : 3); } #endif #endif }