public void FromXml_PolicyLevel()
{
UrlMembershipCondition umc = new UrlMembershipCondition("http://www.go-mono.com");
SecurityElement se = umc.ToXml();
// is it accepted for all policy levels ?
IEnumerator e = SecurityManager.PolicyHierarchy();
while (e.MoveNext())
{
PolicyLevel pl = e.Current as PolicyLevel;
UrlMembershipCondition spl = new UrlMembershipCondition("*");
spl.FromXml(se, pl);
Assert.IsTrue(spl.Equals(umc), "FromXml(PolicyLevel='" + pl.Label + "')");
}
// yes!
}
public void ToXml_PolicyLevel()
{
UrlMembershipCondition umc = new UrlMembershipCondition("http://www.example.com");
SecurityElement se = umc.ToXml();
string s = umc.ToXml().ToString();
// is it accepted for all policy levels ?
IEnumerator e = SecurityManager.PolicyHierarchy();
while (e.MoveNext())
{
PolicyLevel pl = e.Current as PolicyLevel;
UrlMembershipCondition spl = new UrlMembershipCondition("*");
spl.FromXml(se, pl);
Assert.AreEqual(s, spl.ToXml(pl).ToString(), "ToXml(PolicyLevel='" + pl.Label + "')");
}
// yes!
}
/// <summary>
/// Configures FullTrust for the entire installdirectory
/// </summary>
private void ConfigureCodeAccessSecurity()
{
PolicyLevel machinePolicyLevel = GetPolicyLevel();
if (null == GetCodeGroup(machinePolicyLevel))
{
// Create a new FullTrust permission set
PermissionSet permissionSet = new NamedPermissionSet(this.namedPermissionSet);
IMembershipCondition membershipCondition =
new UrlMembershipCondition(InstallDirectory);
// Create the code group
PolicyStatement policyStatement = new PolicyStatement(permissionSet);
CodeGroup codeGroup = new UnionCodeGroup(membershipCondition, policyStatement);
codeGroup.Description = this.codeGroupDescription;
codeGroup.Name = this.codeGroupName;
// Add the code group
machinePolicyLevel.RootCodeGroup.AddChild(codeGroup);
// Save changes
SecurityManager.SavePolicy();
}
}
public void Url_WellKnownProtocol()
{
UrlMembershipCondition umc = new UrlMembershipCondition("http://www.example.com");
Assert.AreEqual("http://www.example.com", umc.Url, "http-Url");
Assert.AreEqual("Url - http://www.example.com", umc.ToString(), "http-ToString");
umc = new UrlMembershipCondition("https://www.example.com");
Assert.AreEqual("https://www.example.com", umc.Url, "https-Url");
Assert.AreEqual("Url - https://www.example.com", umc.ToString(), "https-ToString");
umc = new UrlMembershipCondition("ftp://www.example.com");
Assert.AreEqual("ftp://www.example.com", umc.Url, "ftp-Url");
Assert.AreEqual("Url - ftp://www.example.com", umc.ToString(), "ftp-ToString");
umc = new UrlMembershipCondition("file://www.example.com");
Assert.AreEqual("file://www.example.com", umc.Url, "file-Url");
Assert.AreEqual("Url - file://www.example.com", umc.ToString(), "file-ToString");
}
internal static PermissionSet AddPermissionForUri(PermissionSet originalPermSet, Uri srcUri)
{
PermissionSet result = originalPermSet;
if (srcUri != null)
{
Evidence evidence = new Evidence();
evidence.AddHost(new Url(BindUriHelper.UriToString(srcUri)));
IMembershipCondition membershipCondition = new UrlMembershipCondition(BindUriHelper.UriToString(srcUri));
CodeGroup codeGroup = srcUri.IsFile ? new FileCodeGroup(membershipCondition, FileIOPermissionAccess.Read | FileIOPermissionAccess.PathDiscovery) : new NetCodeGroup(membershipCondition);
PolicyStatement policyStatement = codeGroup.Resolve(evidence);
if (!policyStatement.PermissionSet.IsEmpty())
{
result = originalPermSet.Union(policyStatement.PermissionSet);
}
}
return(result);
}
internal static PermissionSet AddPermissionForUri(PermissionSet originalPermSet, Uri srcUri)
{
PermissionSet newPermSet = originalPermSet;
if (srcUri != null)
{
Evidence evidence = new Evidence();
evidence.AddHost(new Url(BindUriHelper.UriToString(srcUri))); // important: the parameter must be a UrL object not a UrI object
IMembershipCondition membership = new UrlMembershipCondition(BindUriHelper.UriToString(srcUri));
CodeGroup group = (srcUri.IsFile) ?
(CodeGroup) new FileCodeGroup(membership, FileIOPermissionAccess.Read | FileIOPermissionAccess.PathDiscovery)
:(CodeGroup) new NetCodeGroup(membership);
PolicyStatement policy = group.Resolve(evidence);
if (!policy.PermissionSet.IsEmpty())
{
newPermSet = originalPermSet.Union(policy.PermissionSet);
}
}
return(newPermSet);
}
public void Check()
{
UrlMembershipCondition umc = new UrlMembershipCondition("http://www.example.com");
Evidence e = null;
Assert.IsFalse(umc.Check(e), "Check(null)");
e = new Evidence();
Assert.IsFalse(umc.Check(e), "Check(empty)");
e.AddHost(new Zone(SecurityZone.MyComputer));
Assert.IsFalse(umc.Check(e), "Check(zone)");
Url u = new Url("http://www.example.com");
e.AddAssembly(u);
Assert.IsFalse(umc.Check(e), "Check(url-assembly)");
e.AddHost(u);
Assert.IsTrue(umc.Check(e), "Check(url-host)");
}
public void Url_WellKnownProtocol()
{
UrlMembershipCondition umc = new UrlMembershipCondition("http://www.go-mono.com");
#if NET_2_0
Assert.AreEqual("http://www.go-mono.com", umc.Url, "http-Url");
Assert.AreEqual("Url - http://www.go-mono.com", umc.ToString(), "http-ToString");
#else
Assert.AreEqual("http://www.go-mono.com/", umc.Url, "http-Url");
Assert.AreEqual("Url - http://www.go-mono.com/", umc.ToString(), "http-ToString");
#endif
umc = new UrlMembershipCondition("https://www.go-mono.com");
#if NET_2_0
Assert.AreEqual("https://www.go-mono.com", umc.Url, "https-Url");
Assert.AreEqual("Url - https://www.go-mono.com", umc.ToString(), "https-ToString");
#else
Assert.AreEqual("https://www.go-mono.com/", umc.Url, "https-Url");
Assert.AreEqual("Url - https://www.go-mono.com/", umc.ToString(), "https-ToString");
#endif
umc = new UrlMembershipCondition("ftp://www.go-mono.com");
#if NET_2_0
Assert.AreEqual("ftp://www.go-mono.com", umc.Url, "ftp-Url");
Assert.AreEqual("Url - ftp://www.go-mono.com", umc.ToString(), "ftp-ToString");
#else
Assert.AreEqual("ftp://www.go-mono.com/", umc.Url, "ftp-Url");
Assert.AreEqual("Url - ftp://www.go-mono.com/", umc.ToString(), "ftp-ToString");
#endif
umc = new UrlMembershipCondition("file://www.go-mono.com");
#if NET_2_0
Assert.AreEqual("file://www.go-mono.com", umc.Url, "file-Url");
Assert.AreEqual("Url - file://www.go-mono.com", umc.ToString(), "file-ToString");
#else
Assert.AreEqual("file://WWW.GO-MONO.COM", umc.Url, "file-Url");
Assert.AreEqual("Url - file://WWW.GO-MONO.COM", umc.ToString(), "file-ToString");
#endif
}
// </snippet6>
public static void CreateNetCodeGroup()
{
IMembershipCondition membership =
new UrlMembershipCondition(@"http://www.contoso.com/*");
NetCodeGroup codeGroup = new NetCodeGroup(membership);
// Display default settings.
DisplayConnectionAccessRules(codeGroup);
// Delete default settings.
codeGroup.ResetConnectAccess();
// Create an object that represents access to the ftp scheme and default port.
CodeConnectAccess a1 = new CodeConnectAccess(Uri.UriSchemeFtp, CodeConnectAccess.DefaultPort);
// Create an object that represents access to the HTTPS scheme and default port.
CodeConnectAccess a2 = new CodeConnectAccess(Uri.UriSchemeHttps, CodeConnectAccess.DefaultPort);
// Create an object that represents access to the origin scheme and port.
CodeConnectAccess a3 = CodeConnectAccess.CreateOriginSchemeAccess(CodeConnectAccess.OriginPort);
codeGroup.AddConnectAccess(Uri.UriSchemeHttp, a1);
codeGroup.AddConnectAccess(Uri.UriSchemeHttp, a2);
codeGroup.AddConnectAccess(Uri.UriSchemeHttp, a3);
Console.WriteLine("New NetCodeGroup settings:");
DisplayConnectionAccessRules(codeGroup);
}
public void Url_AllGoMonoUrl()
{
UrlMembershipCondition umc = new UrlMembershipCondition("http://www.example.com/*");
Assert.AreEqual("http://www.example.com/*", umc.Url, "Url");
Assert.AreEqual("Url - http://www.example.com/*", umc.ToString(), "ToString");
UrlMembershipCondition umc2 = (UrlMembershipCondition)umc.Copy();
Assert.AreEqual(umc.Url, umc2.Url, "Copy.Url");
Assert.AreEqual(umc.GetHashCode(), umc2.GetHashCode(), "Copy.GetHashCode");
SecurityElement se = umc2.ToXml();
UrlMembershipCondition umc3 = new UrlMembershipCondition("*");
umc3.FromXml(se);
Assert.AreEqual(umc.Url, umc3.Url, "ToXml/FromXml");
Assert.IsTrue(umc.Equals(umc2), "Equals");
UrlMembershipCondition umc4 = new UrlMembershipCondition("http://www.example.com/");
Assert.IsTrue(umc.Equals(umc4), "Equals-*");
}
private static void SetupPolicy(string path, string name)
{
//Get a reference to the User level "All Code" group.
PolicyLevel polLevel = GetPolicy(_user);
if (polLevel != null)
{
UnionCodeGroup allCodeCG =
(UnionCodeGroup)polLevel.RootCodeGroup;
//Create a new code group with the FullTrust permission
//set and a URL as evidence of membership.
PermissionSet permSet = polLevel.GetNamedPermissionSet(_fullTrust);
UrlMembershipCondition urlMemCond = new UrlMembershipCondition(path);
UnionCodeGroup cg =
new UnionCodeGroup(urlMemCond, new PolicyStatement(permSet));
cg.Name = name;
allCodeCG.AddChild(cg);
//Save the policy
SecurityManager.SavePolicy();
}
}
public void UrlMembershipCondition_GoMonoWebUrl()
{
UrlMembershipCondition umc = new UrlMembershipCondition("http://www.example.com/");
Assert.AreEqual("http://www.example.com/", umc.Url, "Url");
Assert.AreEqual("Url - http://www.example.com/", umc.ToString(), "ToString");
UrlMembershipCondition umc2 = (UrlMembershipCondition)umc.Copy();
Assert.AreEqual(umc.Url, umc2.Url, "Copy.Url");
Assert.AreEqual(umc.GetHashCode(), umc2.GetHashCode(), "Copy.GetHashCode");
SecurityElement se = umc2.ToXml();
UrlMembershipCondition umc3 = new UrlMembershipCondition("*");
umc3.FromXml(se);
Assert.AreEqual(umc.Url, umc3.Url, "ToXml/FromXml");
Assert.IsTrue(umc.Equals(umc2), "Equals");
UrlMembershipCondition umc4 = new UrlMembershipCondition("http://www.example.com");
// note that a last slash is added to Url - so it's equal
Assert.IsTrue(umc.Equals(umc4), "Equals-AutoAddedLastSlash");
}
public void EqualsNull()
{
UrlMembershipCondition umc = new UrlMembershipCondition("http://www.example.com");
Assert.IsFalse(umc.Equals(null), "EqualsNull");
}
public void UrlMembershipCondition_FullUrlWithPort()
{
UrlMembershipCondition umc = new UrlMembershipCondition("http://www.example.com:8080/index.html");
}
public void UrlMembershipCondition_FileUrl()
{
UrlMembershipCondition umc = new UrlMembershipCondition("file://mono/index.html");
}
public void UrlMembershipCondition_Empty()
{
UrlMembershipCondition umc = new UrlMembershipCondition(String.Empty);
}
public void UrlMembershipCondition_Null()
{
UrlMembershipCondition umc = new UrlMembershipCondition(null);
}
public void FromXml_Null()
{
UrlMembershipCondition umc = new UrlMembershipCondition("http://www.example.com");
umc.FromXml(null);
}
public override void Install(System.Collections.IDictionary stateSaver)
{
try
{
PolicyLevel enterprise;
PolicyLevel machine;
PolicyLevel user;
string assemblyLocation = this.Context.Parameters["assemblyLocation"];
string groupName = this.Context.Parameters["groupName"];
IEnumerator enumerator = SecurityManager.PolicyHierarchy();
// 1st one is enterprise
enumerator.MoveNext();
enterprise = (PolicyLevel)enumerator.Current;
// 2nd one is machine
enumerator.MoveNext();
machine = (PolicyLevel)enumerator.Current;
// 3rd one is user
enumerator.MoveNext();
user = (PolicyLevel)enumerator.Current;
PermissionSet permissionSet = user.GetNamedPermissionSet("FullTrust");
PolicyStatement statement = new PolicyStatement(permissionSet, PolicyStatementAttribute.Nothing);
UrlMembershipCondition condition = new UrlMembershipCondition(assemblyLocation);
CodeGroup codeGroup = new UnionCodeGroup(condition, statement);
codeGroup.Name = groupName;
// see if the code group already exists, and if so, remove it
CodeGroup existingCodeGroup = null;
foreach (CodeGroup group in user.RootCodeGroup.Children)
{
if (group.Name == codeGroup.Name)
{
existingCodeGroup = group;
break;
}
}
if (existingCodeGroup != null)
{
user.RootCodeGroup.RemoveChild(existingCodeGroup);
}
SecurityManager.SavePolicy();
// add the code group
user.RootCodeGroup.AddChild(codeGroup);
SecurityManager.SavePolicy();
}
catch (Exception ex)
{
throw new InstallException("Cannot set the security policy.", ex);
}
// Call the base implementation.
base.Install(stateSaver);
}
public void Url_Empty()
{
UrlMembershipCondition umc = new UrlMembershipCondition("ftp://www.example.com");
umc.Url = String.Empty;
}
public void Url_Null()
{
UrlMembershipCondition umc = new UrlMembershipCondition("ftp://www.example.com");
umc.Url = null;
}
public void Url_InvalidSite()
{
UrlMembershipCondition umc = new UrlMembershipCondition("http://www.go-mono.*");
}
