}// GetRootCodeGroupNode
//-------------------------------------------------
// CreateChildren
//
// This function will create all the codegroup nodes
// for this policy level
//-------------------------------------------------
internal override void CreateChildren()
{
SuperCodeGroupArrayList al;
Security.ListifyCodeGroup(m_pl.RootCodeGroup.Copy(), null, out al);
// Now run through all the others and put them in too
for (int i = 0; i < al.Count; i++)
{
CNode parentNode;
// If this is the root codegroup, it has a different parent
if (i == 0)
{
parentNode = this;
}
else
{
parentNode = (CNode)(al[al[i].nParent].o);
}
CodeGroup cg = al[i].cg;
CNode childNode = new CSingleCodeGroup(ref m_pl, ref cg, ReadOnly);
int iCookie = CNodeManager.AddNode(ref childNode);
parentNode.AddChild(iCookie);
// Now set this codegroup's node
al[i].o = childNode;
}
} // CreateChildren
}// ListifyPolicyLevel
// NOTE: If any changes are made to this function, check UpdateAllCodegroups to see
// if the change applies there as well.
internal static void UpdateCodegroup(PolicyLevel pl, CSingleCodeGroup cg)
{
// We don't want to do this recursively, so first let's listify this policy level
SuperCodeGroupArrayList scal;
int nIndex = ListifyPolicyLevel(pl, cg, out scal);
// We need to find ourselves, remove ourselves from our parent, then add ourselves back in....
if (nIndex == -1)
{
nIndex = 0;
while (nIndex < scal.Count && !scal[nIndex].Equals(cg))
{
nIndex++;
}
}
if (nIndex == scal.Count)
{
// Ooops... we didn't find our codegroup
throw new Exception("Couldn't find codegroup");
}
// Now we need to change every codegroup in the entire branch of the tree
// until we hit the root code group
while (scal[nIndex].nParent != -1)
{
RefreshCodeGroup(scal[scal[nIndex].nParent].CodeGroupNode);
nIndex = scal[nIndex].nParent;
}
// And finally, set the new Root Codegroup
pl.RootCodeGroup = scal[nIndex].cg;
}// UpdateCodegroup
}// CCodeGroups
internal CSingleCodeGroup GetRootCodeGroupNode()
{
// We only have one child, and it should be the root codegroup
int nCookie = Child[0];
CSingleCodeGroup sgc = (CSingleCodeGroup)CNodeManager.GetNode(nCookie);
return(sgc);
}// GetRootCodeGroupNode
}// RemoveChildCodegroup
private static void RefreshCodeGroup(CSingleCodeGroup scgParent)
{
// In order to keep a proper order to the codegroups, to refresh a certain
// codegroup, we'll remove all child codegroups and add them all back in the
// proper order.
scgParent.MyCodeGroup.Children = new ArrayList();
for (int i = 0; i < scgParent.NumChildren; i++)
{
CSingleCodeGroup scg = (CSingleCodeGroup)CNodeManager.GetNode(scgParent.Child[i]);
scgParent.MyCodeGroup.AddChild(scg.MyCodeGroup);
}
}// RemoveChildCodegroup
internal SuperCodeGroup(int nParent, Object cg, int nChildNum)
{
this.nParent = nParent;
o = null;
m_nChildNum = nChildNum;
m_cg = cg as CodeGroup;
m_scg = cg as CSingleCodeGroup;
if (m_cg == null && m_scg == null)
{
throw new ArgumentException();
}
}// SuperCodegroup
}// UpdateCodegroup
internal static void RemoveChildCodegroup(CSingleCodeGroup scgParent, CSingleCodeGroup scgChildToRemove)
{
// Ok, we need to remove all these children, and then add all but this codegroup back
//
// Why, because the security manager is lame and can't do a proper 'equals'
// on codegroups, so we can't call RemoveChildCodegroup
scgParent.MyCodeGroup.Children = new ArrayList();
for (int i = 0; i < scgParent.NumChildren; i++)
{
CSingleCodeGroup scg = (CSingleCodeGroup)CNodeManager.GetNode(scgParent.Child[i]);
if (scg != scgChildToRemove)
{
scgParent.MyCodeGroup.AddChild(scg.MyCodeGroup);
}
}
}// RemoveChildCodegroup
}// CreateCodegroup
private CSingleCodeGroup FindExistingCodegroup(PolicyLevel pl, IMembershipCondition mc)
{
// If we have an existing one, it should be right under the root node
CSingleCodeGroup scgParent = Security.GetRootCodeGroupNode(pl);
for (int i = 0; i < scgParent.NumChildren; i++)
{
CSingleCodeGroup scg = (CSingleCodeGroup)CNodeManager.GetNode(scgParent.Child[i]);
// See if we have a matching membership condition and the description
// says it's one the wizard created
if (scg.MyCodeGroup.MembershipCondition.ToString().Equals(mc.ToString()) && scg.MyCodeGroup.Description.Equals(CResourceStore.GetString("GeneratedCodegroup")))
{
return(scg);
}
}
// We weren't able to find one
return(null);
}// FindExistingCodegroup
}// doAcceptPaste
internal override int Paste(IDataObject ido)
{
// We have two different things we have to do. We need to remove this CodeGroup
// from it's current parent and parent it to this codegroup
CDO cdo = (CDO)ido;
CSingleCodeGroup scg = (CSingleCodeGroup)cdo.Node;
AddCodeGroup(scg.m_cg.Copy(), !(scg.m_pl == m_pl), scg.m_pl);
// If we're moving codegroups between policy levels, don't remove
// the codegroup. If we're moving the codegroup within the same policy
// level, then remove it
if (scg.m_pl == m_pl)
{
scg.RemoveThisCodegroup();
SecurityPolicyChanged();
}
Showing();
// Now expand with our new things...
//CNodeManager.CNamespace.Expand(HScopeItem);
return(HRESULT.S_OK);
}// Paste
}// AddCodeGroup
protected CSingleCodeGroup AddCodeGroup(CodeGroup ucg, bool fPrepTree, PolicyLevel polSrc)
{
if (fPrepTree)
{
// Check for codegroups with multiple names, and permission sets that
// may not exist in this policy level
Security.PrepCodeGroupTree(ucg, polSrc, m_pl);
}
m_cg.AddChild(ucg);
// Now add this codegroup (and its children) to the policy tree
CNode nodeFirst = null;
ArrayList al = new ArrayList();
// The ArrayList is laid out as follows...
// A parent CNode is placed in the ArrayList first, and then
// CodeGroups follow that should be wrapped in a CNode and be children
// to the first 'parent' CNode.
// So the ArrayList could look like this
//
// Node1 -> CG1 -> CG2 -> CG3 -> Node2 -> CG4 -> CG5 -> Node3 -> .....
//
// So CG1, CG2, and CG3 should all be nodes that are children of Node1.
// CG4 and CG5 should be nodes that are children of Node2, and so on.
al.Add(this);
al.Add(ucg);
while (al.Count > 0)
{
// First item should be a node
CNode nodeParent = (CNode)al[0];
// Remove the parent node
al.RemoveAt(0);
// Now we should have (possibly) multiple codegroups
while (al.Count > 0 && !(al[0] is CNode))
{
CodeGroup cg = (CodeGroup)al[0];
CNode nodeChild = new CSingleCodeGroup(ref m_pl, ref cg, ReadOnly);
if (nodeFirst == null)
{
nodeFirst = nodeChild;
}
int nCookie = CNodeManager.AddNode(ref nodeChild);
// Inform the parent that it has a new child
nodeParent.AddChild(nCookie);
// And place this new node in the tree
nodeParent.InsertSpecificChild(nCookie);
// If this codegroup has any children, we'll need to worry about that too
bool fHaveChildren = false;
// Iterate through this guy's children
IEnumerator enumCodeGroups = cg.Children.GetEnumerator();
while (enumCodeGroups.MoveNext())
{
if (!fHaveChildren)
{
// Put this new 'parent node' in the array list
al.Add(nodeChild);
fHaveChildren = true;
}
// And then add all its children
CodeGroup cgChild = (CodeGroup)enumCodeGroups.Current;
al.Add(cgChild);
}
// Remove this child codegroup
al.RemoveAt(0);
}
}
SecurityPolicyChanged();
return((CSingleCodeGroup)nodeFirst);
}// AddCodeGroup
}// RemoveThisCodegroup
private void RemoveChildCodegroup(CSingleCodeGroup cg)
{
Security.RemoveChildCodegroup(this, cg);
SecurityPolicyChanged();
}// RemoveChildCodegroup
}// AddMenuItems
internal override void MenuCommand(int nCommandID)
{
if (nCommandID == COMMANDS.CREATE_CODEGROUP)
{
CNewCodeGroupWizard wiz = new CNewCodeGroupWizard(m_pl);
wiz.LaunchWizard(Cookie);
// Ok, let's see what goodies we have...
String sPermSetName = null;
if (wiz.CreatedPermissionSet != null)
{
sPermSetName = AddPermissionSet(wiz.CreatedPermissionSet).DisplayName;
SecurityPolicyChanged();
}
if (wiz.CreatedCodeGroup != null)
{
try
{
CodeGroup cg = wiz.CreatedCodeGroup;
if (sPermSetName != null)
{
PermissionSet ps = m_pl.GetNamedPermissionSet(sPermSetName);
PolicyStatement pols = cg.PolicyStatement;
pols.PermissionSet = ps;
cg.PolicyStatement = pols;
}
CSingleCodeGroup node = AddCodeGroup(wiz.CreatedCodeGroup);
// Put the focus on the newly created codegroup
CNodeManager.SelectScopeItem(node.HScopeItem);
}
catch (Exception)
{
MessageBox(CResourceStore.GetString("CSingleCodeGroup:ErrorCreatingCodegroup"),
CResourceStore.GetString("CSingleCodeGroup:ErrorCreatingCodegroupTitle"),
MB.ICONEXCLAMATION);
}
}
}
else if (nCommandID == COMMANDS.DUPLICATE_CODEGROUP)
{
CNode node;
CodeGroup newcg = m_cg.Copy();
// Change this code group's name
String sBaseName = newcg.Name;
newcg.Name = String.Format(CResourceStore.GetString("CSingleCodeGroup:PrependtoDupCodegroups"), newcg.Name);
int nCounter = 1;
// make sure it's not already used
while (Security.isCodeGroupNameUsed(m_pl.RootCodeGroup, newcg.Name))
{
nCounter++;
newcg.Name = String.Format(CResourceStore.GetString("CSingleCodeGroup:NumPrependtoDupCodegroups"), nCounter.ToString(), sBaseName);
}
CNode newCodeGroup = null;
// If we are the root codegroup, then we'll add this as a child
if (Security.GetRootCodeGroupNode(m_pl) == this)
{
newCodeGroup = AddCodeGroup(newcg);
node = this;
}
else
{
node = CNodeManager.GetNodeByHScope(ParentHScopeItem);
newCodeGroup = ((CSingleCodeGroup)node).AddCodeGroup(newcg);
}
// Select the new item
CNodeManager.SelectScopeItem(newCodeGroup.HScopeItem);
}
}// MenuCommand
internal CSingleCodeGroupTaskPad(CSingleCodeGroup node, CodeGroup cg) : base(node)
{
m_cg = cg;
m_fReadOnly = node.ReadOnly;
}// CSingleCodeGroupTaskPad
}// TryToCreateFullTrust
private CodeGroup CreateCodegroup(PermissionSet pSet, bool fHighjackExisting)
{
// Now create our codegroup
// Figure out what membership condition to use
IMembershipCondition mc = null;
// If the assembly didn't have a publisher certificate or a strong name,
// then we must trust it by hash
int nTrustBy = m_fHasCertOrSName?Page3.HowToTrust:TrustBy.HASH;
if ((nTrustBy & TrustBy.SNAME) > 0)
{
// Let's get the strong name stuff together
StrongName sn = GetStrongName();
StrongNamePublicKeyBlob snpkb = sn.PublicKey;
Version v = null;
String sName = null;
if ((nTrustBy & TrustBy.SNAMEVER) > 0)
{
v = sn.Version;
}
if ((nTrustBy & TrustBy.SNAMENAME) > 0)
{
sName = sn.Name;
}
mc = new StrongNameMembershipCondition(snpkb, sName, v);
}
else if ((nTrustBy & TrustBy.PUBCERT) > 0)
{
// We're using the publisher certificate stuff
mc = new PublisherMembershipCondition(GetCertificate());
}
else // We'll trust by hash
{
Hash h = GetHash();
mc = new HashMembershipCondition(SHA1.Create(), h.SHA1);
}
// Figure out the policy level that we should put this in....
String sPolicyLevel = Page1.isForHomeUser?"Machine":"User";
PolicyLevel pl = Security.GetPolicyLevelFromLabel(sPolicyLevel);
// See if a codegroup for this already exists... and if it does, we'll just
// modify that.
CSingleCodeGroup scg = null;
CodeGroup cg = null;
if (fHighjackExisting)
{
scg = FindExistingCodegroup(pl, mc);
if (scg != null)
{
cg = scg.MyCodeGroup;
// Cool. We were able to find a codegroup to use. We'll
// need to strip off all the File and Net child codegroups
IEnumerator enumChildCodeGroups = cg.Children.GetEnumerator();
while (enumChildCodeGroups.MoveNext())
{
CodeGroup cgChild = (CodeGroup)enumChildCodeGroups.Current;
if (cgChild is NetCodeGroup || cgChild is FileCodeGroup)
{
// Ok to use CodeGroup.RemoveChild here we want to toast all
// File and Net codegroups... we don't care if the security system
// gets confused about which are which (if they don't have names)
cg.RemoveChild(cgChild);
}
}
}
}
// Create the codegroup... we're going to make this a level final
// codegroup, so if policy gets changes such that a lower-level policy
// level tries to deny permissions to this codegroup it will be unsuccessful.
PolicyStatement policystatement = new PolicyStatement(pSet, PolicyStatementAttribute.LevelFinal);
if (cg == null)
{
cg = new UnionCodeGroup(mc, policystatement);
String sCGName = Security.FindAGoodCodeGroupName(pl, "Wizard_");
cg.Name = sCGName;
cg.Description = CResourceStore.GetString("GeneratedCodegroup");
}
else
{
cg.PolicyStatement = policystatement;
}
// If this is a internet or intranet permission set, we also need to add some codegroups
if (pSet is NamedPermissionSet)
{
NamedPermissionSet nps = (NamedPermissionSet)pSet;
if (nps.Name.Equals("LocalIntranet"))
{
CodeGroup cgChild = new NetCodeGroup(new AllMembershipCondition());
cgChild.Name = Security.FindAGoodCodeGroupName(pl, "NetCodeGroup_");
cgChild.Description = CResourceStore.GetString("GeneratedCodegroup");
cg.AddChild(cgChild);
cgChild = new FileCodeGroup(new AllMembershipCondition(), FileIOPermissionAccess.Read | FileIOPermissionAccess.PathDiscovery);
cgChild.Name = Security.FindAGoodCodeGroupName(pl, "FileCodeGroup_");
cgChild.Description = CResourceStore.GetString("GeneratedCodegroup");
cg.AddChild(cgChild);
}
else if (nps.Name.Equals("Internet"))
{
CodeGroup cgChild = new NetCodeGroup(new AllMembershipCondition());
cgChild.Name = Security.FindAGoodCodeGroupName(pl, "NetCodeGroup_");
cgChild.Description = CResourceStore.GetString("GeneratedCodegroup");
cg.AddChild(cgChild);
}
}
// Add this codegroup to the root codegroup of the policy
// If there was already an existing one, just replace that...
if (scg != null)
{
Security.UpdateCodegroup(pl, scg);
}
else
{
pl.RootCodeGroup.AddChild(cg);
}
return(cg);
}// CreateCodegroup
