/// <summary>Resolves matching code groups.</summary> /// <param name="evidence">The evidence for the assembly. </param> /// <returns>The complete set of code groups that were matched by the evidence.</returns> /// <exception cref="T:System.ArgumentNullException">The <paramref name="evidence" /> parameter is <see langword="null" />. </exception> // Token: 0x06002A5B RID: 10843 RVA: 0x0009D938 File Offset: 0x0009BB38 public override CodeGroup ResolveMatchingCodeGroups(Evidence evidence) { if (evidence == null) { throw new ArgumentNullException("evidence"); } if (base.MembershipCondition.Check(evidence)) { CodeGroup codeGroup = this.Copy(); codeGroup.Children = new ArrayList(); foreach (object obj in base.Children) { CodeGroup codeGroup2 = ((CodeGroup)obj).ResolveMatchingCodeGroups(evidence); if (codeGroup2 != null) { codeGroup.AddChild(codeGroup2); } } return(codeGroup); } return(null); }
// Resolve code groups that match specific evidence. public override CodeGroup ResolveMatchingCodeGroups(Evidence evidence) { if (evidence == null) { throw new ArgumentNullException("evidence"); } if (!MembershipCondition.Check(evidence)) { return(null); } CodeGroup groups = Copy(); CodeGroup childGroup; foreach (CodeGroup group in Children) { childGroup = group.ResolveMatchingCodeGroups(evidence); if (childGroup != null) { groups.AddChild(childGroup); } } return(groups); }
/// <summary>解析匹配的代码组。</summary> /// <returns>证据匹配的完整代码组集。</returns> /// <param name="evidence">程序集的证据。</param> /// <exception cref="T:System.ArgumentNullException"> /// <paramref name="evidence" /> 参数为 null。</exception> public override CodeGroup ResolveMatchingCodeGroups(Evidence evidence) { if (evidence == null) { throw new ArgumentNullException("evidence"); } if (!this.MembershipCondition.Check(evidence)) { return((CodeGroup)null); } CodeGroup codeGroup = this.Copy(); codeGroup.Children = (IList) new ArrayList(); foreach (CodeGroup child in (IEnumerable)this.Children) { CodeGroup group = child.ResolveMatchingCodeGroups(evidence); if (group != null) { codeGroup.AddChild(group); } } return(codeGroup); }
public override CodeGroup ResolveMatchingCodeGroups(Evidence evidence) { if (evidence == null) { throw new ArgumentNullException("evidence"); } Contract.EndContractBlock(); if (this.MembershipCondition.Check(evidence)) { CodeGroup retGroup = this.Copy(); retGroup.Children = new ArrayList(); IEnumerator enumerator = this.Children.GetEnumerator(); while (enumerator.MoveNext()) { CodeGroup matchingGroups = ((CodeGroup)enumerator.Current).ResolveMatchingCodeGroups(evidence); // If the child has a policy, we are done. if (matchingGroups != null) { retGroup.AddChild(matchingGroups); break; } } return(retGroup); } else { return(null); } }
// Hardcode defaults in case // (a) the specified policy file doesn't exists; and // (b) no corresponding default policy file exists internal void CreateDefaultLevel (PolicyLevelType type) { PolicyStatement psu = new PolicyStatement (DefaultPolicies.FullTrust); switch (type) { case PolicyLevelType.Machine: // by default all stuff is in the machine policy... PolicyStatement psn = new PolicyStatement (DefaultPolicies.Nothing); root_code_group = new UnionCodeGroup (new AllMembershipCondition (), psn); root_code_group.Name = "All_Code"; UnionCodeGroup myComputerZone = new UnionCodeGroup (new ZoneMembershipCondition (SecurityZone.MyComputer), psu); myComputerZone.Name = "My_Computer_Zone"; // TODO: strongname code group for ECMA and MS keys root_code_group.AddChild (myComputerZone); UnionCodeGroup localIntranetZone = new UnionCodeGroup (new ZoneMembershipCondition (SecurityZone.Intranet), new PolicyStatement (DefaultPolicies.LocalIntranet)); localIntranetZone.Name = "LocalIntranet_Zone"; // TODO: same site / same directory root_code_group.AddChild (localIntranetZone); PolicyStatement psi = new PolicyStatement (DefaultPolicies.Internet); UnionCodeGroup internetZone = new UnionCodeGroup (new ZoneMembershipCondition (SecurityZone.Internet), psi); internetZone.Name = "Internet_Zone"; // TODO: same site root_code_group.AddChild (internetZone); UnionCodeGroup restrictedZone = new UnionCodeGroup (new ZoneMembershipCondition (SecurityZone.Untrusted), psn); restrictedZone.Name = "Restricted_Zone"; root_code_group.AddChild (restrictedZone); UnionCodeGroup trustedZone = new UnionCodeGroup (new ZoneMembershipCondition (SecurityZone.Trusted), psi); trustedZone.Name = "Trusted_Zone"; // TODO: same site root_code_group.AddChild (trustedZone); break; case PolicyLevelType.User: case PolicyLevelType.Enterprise: case PolicyLevelType.AppDomain: // while the other policies don't restrict anything root_code_group = new UnionCodeGroup (new AllMembershipCondition (), psu); root_code_group.Name = "All_Code"; break; } }
static void MakePluginCodeGroup(PolicyLevel level, CodeGroup root, String url) { // Create a membership condition for our path IMembershipCondition membership = new UrlMembershipCondition(url); // Get the internet permissiion set PermissionSet permissions = level.GetNamedPermissionSet("Internet"); permissions.GetType(); // Again, no nulls allowed // Create a policy statement from the permissions and condition PolicyStatement statement = new PolicyStatement(permissions, PolicyStatementAttribute.Exclusive | PolicyStatementAttribute.LevelFinal); // New code group UnionCodeGroup group = new UnionCodeGroup(membership, statement); group.Description=String.Format( "Code group that restricts permissions on "+ "assemblies in {0}, to support secure loading of plugins. "+ "This group was added by application: {1}", url, Assembly.GetEntryAssembly().CodeBase); group.Name = GenerateCodeGroupName(url); root.AddChild(group); SecurityManager.SavePolicyLevel(level); }