public PermissionSet Intersect(PermissionSet other) { if (other == null || other.FastIsEmpty() || this.FastIsEmpty()) { return null; } int thisMax = this.m_permSet == null ? -1 : this.m_permSet.GetMaxUsedIndex(); int otherMax = other.m_permSet == null ? -1 : other.m_permSet.GetMaxUsedIndex(); int minMax = thisMax < otherMax ? thisMax : otherMax; if (this.IsUnrestricted() && minMax < otherMax) { minMax = otherMax; this.CheckSet(); } if (other.IsUnrestricted() && minMax < thisMax) { minMax = thisMax; other.CheckSet(); } PermissionSet pset = new PermissionSet( false ); if (minMax > -1) { pset.m_permSet = new TokenBasedSet(); } for (int i = 0; i <= minMax; ++i) { Object thisObj = this.m_permSet.GetItem( i ); IPermission thisPerm = thisObj as IPermission; #if FEATURE_CAS_POLICY ISecurityElementFactory thisElem = thisObj as ISecurityElementFactory; #endif // FEATURE_CAS_POLICY Object otherObj = other.m_permSet.GetItem( i ); IPermission otherPerm = otherObj as IPermission; #if FEATURE_CAS_POLICY ISecurityElementFactory otherElem = otherObj as ISecurityElementFactory; #endif // FEATURE_CAS_POLICY if (thisObj == null && otherObj == null) continue; #if FEATURE_CAS_POLICY if (thisElem != null && otherElem != null) { bool copyOther = true; bool copyThis = true; SecurityElement newElem = new SecurityElement( s_str_PermissionIntersection ); newElem.AddAttribute( "class", otherElem.Attribute( "class" ) ); if (this.IsUnrestricted()) { SecurityElement newElemUU = new SecurityElement( s_str_PermissionUnrestrictedUnion ); newElemUU.AddAttribute( "class", thisElem.Attribute( "class" ) ); SafeChildAdd( newElemUU, thisElem, true ); copyThis = false; thisElem = newElemUU; } if (other.IsUnrestricted()) { SecurityElement newElemUU = new SecurityElement( s_str_PermissionUnrestrictedUnion ); newElemUU.AddAttribute( "class", otherElem.Attribute( "class" ) ); SafeChildAdd( newElemUU, otherElem, true ); copyOther = false; otherElem = newElemUU; } SafeChildAdd( newElem, otherElem, copyOther ); SafeChildAdd( newElem, thisElem, copyThis ); pset.m_permSet.SetItem( i, newElem ); } else #endif // FEATURE_CAS_POLICY if (thisObj == null) { if (this.m_Unrestricted) { #if FEATURE_CAS_POLICY if (otherElem != null) { SecurityElement newElem = new SecurityElement( s_str_PermissionUnrestrictedIntersection ); newElem.AddAttribute( "class", otherElem.Attribute( "class" ) ); SafeChildAdd( newElem, otherElem, true ); pset.m_permSet.SetItem( i, newElem ); Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } else #endif // FEATURE_CAS_POLICY if (otherPerm != null) { PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i ); if ((token.m_type & PermissionTokenType.IUnrestricted) != 0) { pset.m_permSet.SetItem( i, otherPerm.Copy() ); Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } } } } else if (otherObj == null) { if (other.m_Unrestricted) { #if FEATURE_CAS_POLICY if (thisElem != null) { SecurityElement newElem = new SecurityElement( s_str_PermissionUnrestrictedIntersection ); newElem.AddAttribute( "class", thisElem.Attribute( "class" ) ); SafeChildAdd( newElem, thisElem, true ); pset.m_permSet.SetItem( i, newElem ); Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } else #endif // FEATURE_CAS_POLICY if (thisPerm != null) { PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i ); if ((token.m_type & PermissionTokenType.IUnrestricted) != 0) { pset.m_permSet.SetItem( i, thisPerm.Copy() ); Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } } } } else { #if FEATURE_CAS_POLICY if (thisElem != null) thisPerm = this.CreatePermission(thisElem, i); if (otherElem != null) otherPerm = other.CreatePermission(otherElem, i); #endif // FEATURE_CAS_POLICY IPermission intersectPerm; if (thisPerm == null) intersectPerm = otherPerm; else if(otherPerm == null) intersectPerm = thisPerm; else intersectPerm = thisPerm.Intersect( otherPerm ); pset.m_permSet.SetItem( i, intersectPerm ); Contract.Assert( intersectPerm == null || PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } } pset.m_Unrestricted = this.m_Unrestricted && other.m_Unrestricted; if (pset.FastIsEmpty()) return null; else return pset; }
internal bool IsSubsetOfHelper(PermissionSet target, IsSubsetOfType type, out IPermission firstPermThatFailed, bool ignoreNonCas) { #if _DEBUG if (debug) DEBUG_WRITE("IsSubsetOf\n" + "Other:\n" + (target == null ? "<null>" : target.ToString()) + "\nMe:\n" + ToString()); #endif firstPermThatFailed = null; if (target == null || target.FastIsEmpty()) { if(this.IsEmpty()) return true; else { firstPermThatFailed = GetFirstPerm(); return false; } } else if (this.IsUnrestricted() && !target.IsUnrestricted()) return false; else if (this.m_permSet == null) return true; else { target.CheckSet(); for (int i = m_permSet.GetStartingIndex(); i <= this.m_permSet.GetMaxUsedIndex(); ++i) { IPermission thisPerm = this.GetPermission(i); if (thisPerm == null || thisPerm.IsSubsetOf(null)) continue; IPermission targetPerm = target.GetPermission(i); #if _DEBUG PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i ); Contract.Assert(targetPerm == null || (token.m_type & PermissionTokenType.DontKnow) == 0, "Token not properly initialized"); #endif if (target.m_Unrestricted) continue; // targetPerm can be null here, but that is fine since it thisPerm is a subset // of empty/null then we can continue in the loop. CodeAccessPermission cap = thisPerm as CodeAccessPermission; if(cap == null) { if (!ignoreNonCas && !thisPerm.IsSubsetOf( targetPerm )) { firstPermThatFailed = thisPerm; return false; } } else { firstPermThatFailed = thisPerm; switch(type) { case IsSubsetOfType.Normal: if (!thisPerm.IsSubsetOf( targetPerm )) return false; break; case IsSubsetOfType.CheckDemand: if (!cap.CheckDemand( (CodeAccessPermission)targetPerm )) return false; break; case IsSubsetOfType.CheckPermitOnly: if (!cap.CheckPermitOnly( (CodeAccessPermission)targetPerm )) return false; break; case IsSubsetOfType.CheckAssertion: if (!cap.CheckAssert( (CodeAccessPermission)targetPerm )) return false; break; } firstPermThatFailed = null; } } } return true; }
internal void InplaceIntersect( PermissionSet other ) { Exception savedException = null; m_CheckedForNonCas = false; if (this == other) return; if (other == null || other.FastIsEmpty()) { // If the other is empty or null, make this empty. Reset(); return; } if (this.FastIsEmpty()) return; int maxMax = this.m_permSet == null ? -1 : this.m_permSet.GetMaxUsedIndex(); int otherMax = other.m_permSet == null ? -1 : other.m_permSet.GetMaxUsedIndex(); if (this.IsUnrestricted() && maxMax < otherMax) { maxMax = otherMax; this.CheckSet(); } if (other.IsUnrestricted()) { other.CheckSet(); } for (int i = 0; i <= maxMax; ++i) { Object thisObj = this.m_permSet.GetItem( i ); IPermission thisPerm = thisObj as IPermission; #if FEATURE_CAS_POLICY ISecurityElementFactory thisElem = thisObj as ISecurityElementFactory; #endif // FEATURE_CAS_POLICY Object otherObj = other.m_permSet.GetItem( i ); IPermission otherPerm = otherObj as IPermission; #if FEATURE_CAS_POLICY ISecurityElementFactory otherElem = otherObj as ISecurityElementFactory; #endif // FEATURE_CAS_POLICY if (thisObj == null && otherObj == null) continue; #if FEATURE_CAS_POLICY if (thisElem != null && otherElem != null) { // If we already have an intersection node, just add another child if (thisElem.GetTag().Equals( s_str_PermissionIntersection ) || thisElem.GetTag().Equals( s_str_PermissionUnrestrictedIntersection )) { Contract.Assert( thisElem is SecurityElement, "SecurityElement expected" ); SafeChildAdd( (SecurityElement)thisElem, otherElem, true ); } // If either set is unrestricted, intersect the nodes unrestricted else { bool copyOther = true; if (this.IsUnrestricted()) { SecurityElement newElemUU = new SecurityElement( s_str_PermissionUnrestrictedUnion ); newElemUU.AddAttribute( "class", thisElem.Attribute( "class" ) ); SafeChildAdd( newElemUU, thisElem, false ); thisElem = newElemUU; } if (other.IsUnrestricted()) { SecurityElement newElemUU = new SecurityElement( s_str_PermissionUnrestrictedUnion ); newElemUU.AddAttribute( "class", otherElem.Attribute( "class" ) ); SafeChildAdd( newElemUU, otherElem, true ); otherElem = newElemUU; copyOther = false; } SecurityElement newElem = new SecurityElement( s_str_PermissionIntersection ); newElem.AddAttribute( "class", thisElem.Attribute( "class" ) ); SafeChildAdd( newElem, thisElem, false ); SafeChildAdd( newElem, otherElem, copyOther ); this.m_permSet.SetItem( i, newElem ); } } else #endif // FEATURE_CAS_POLICY if (thisObj == null) { // There is no object in <this>, so intersection is empty except for IUnrestrictedPermissions if (this.IsUnrestricted()) { #if FEATURE_CAS_POLICY if (otherElem != null) { SecurityElement newElem = new SecurityElement( s_str_PermissionUnrestrictedIntersection ); newElem.AddAttribute( "class", otherElem.Attribute( "class" ) ); SafeChildAdd( newElem, otherElem, true ); this.m_permSet.SetItem( i, newElem ); Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } else #endif // FEATURE_CAS_POLICY { PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i ); if ((token.m_type & PermissionTokenType.IUnrestricted) != 0) { this.m_permSet.SetItem( i, otherPerm.Copy() ); Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } } } } else if (otherObj == null) { if (other.IsUnrestricted()) { #if FEATURE_CAS_POLICY if (thisElem != null) { SecurityElement newElem = new SecurityElement( s_str_PermissionUnrestrictedIntersection ); newElem.AddAttribute( "class", thisElem.Attribute( "class" ) ); SafeChildAdd( newElem, thisElem, false ); this.m_permSet.SetItem( i, newElem ); } else #endif // FEATURE_CAS_POLICY { PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i ); if ((token.m_type & PermissionTokenType.IUnrestricted) == 0) this.m_permSet.SetItem( i, null ); } } else { this.m_permSet.SetItem( i, null ); } } else { #if FEATURE_CAS_POLICY if (thisElem != null) thisPerm = this.CreatePermission(thisElem, i); if (otherElem != null) otherPerm = other.CreatePermission(otherElem, i); #endif // FEATURE_CAS_POLICY try { IPermission intersectPerm; if (thisPerm == null) intersectPerm = otherPerm; else if(otherPerm == null) intersectPerm = thisPerm; else intersectPerm = thisPerm.Intersect( otherPerm ); this.m_permSet.SetItem( i, intersectPerm ); } catch (Exception e) { if (savedException == null) savedException = e; } } } this.m_Unrestricted = this.m_Unrestricted && other.m_Unrestricted; if (savedException != null) throw savedException; }
public PermissionSet Union(PermissionSet other) { if ((other == null) || other.FastIsEmpty()) { return this.Copy(); } if (this.FastIsEmpty()) { return other.Copy(); } int num = -1; PermissionSet set = new PermissionSet { m_Unrestricted = this.m_Unrestricted || other.m_Unrestricted }; if (!set.m_Unrestricted) { this.CheckSet(); other.CheckSet(); num = (this.m_permSet.GetMaxUsedIndex() > other.m_permSet.GetMaxUsedIndex()) ? this.m_permSet.GetMaxUsedIndex() : other.m_permSet.GetMaxUsedIndex(); set.m_permSet = new TokenBasedSet(); for (int i = 0; i <= num; i++) { object item = this.m_permSet.GetItem(i); IPermission permission = item as IPermission; ISecurityElementFactory child = item as ISecurityElementFactory; object obj3 = other.m_permSet.GetItem(i); IPermission target = obj3 as IPermission; ISecurityElementFactory factory2 = obj3 as ISecurityElementFactory; if ((item != null) || (obj3 != null)) { if ((child != null) && (factory2 != null)) { SecurityElement element; if (this.IsUnrestricted() || other.IsUnrestricted()) { element = new SecurityElement("PermissionUnrestrictedUnion"); } else { element = new SecurityElement("PermissionUnion"); } element.AddAttribute("class", child.Attribute("class")); SafeChildAdd(element, child, true); SafeChildAdd(element, factory2, true); set.m_permSet.SetItem(i, element); } else if (item == null) { if (factory2 != null) { set.m_permSet.SetItem(i, factory2.Copy()); } else if (target != null) { PermissionToken token = (PermissionToken) PermissionToken.s_tokenSet.GetItem(i); if (((token.m_type & PermissionTokenType.IUnrestricted) == 0) || !set.m_Unrestricted) { set.m_permSet.SetItem(i, target.Copy()); } } } else if (obj3 == null) { if (child != null) { set.m_permSet.SetItem(i, child.Copy()); } else if (permission != null) { PermissionToken token2 = (PermissionToken) PermissionToken.s_tokenSet.GetItem(i); if (((token2.m_type & PermissionTokenType.IUnrestricted) == 0) || !set.m_Unrestricted) { set.m_permSet.SetItem(i, permission.Copy()); } } } else { IPermission permission3; if (child != null) { permission = this.CreatePermission(child, i); } if (factory2 != null) { target = other.CreatePermission(factory2, i); } if (permission == null) { permission3 = target; } else if (target == null) { permission3 = permission; } else { permission3 = permission.Union(target); } set.m_permSet.SetItem(i, permission3); } } } } return set; }
public PermissionSet Union(PermissionSet other) { // if other is null or empty, return a clone of myself if (other == null || other.FastIsEmpty()) { return this.Copy(); } if (this.FastIsEmpty()) { return other.Copy(); } int maxMax = -1; PermissionSet pset = new PermissionSet(); pset.m_Unrestricted = this.m_Unrestricted || other.m_Unrestricted; if (pset.m_Unrestricted) { // if the result of Union is unrestricted permset, just return return pset; } // degenerate case where we look at both this.m_permSet and other.m_permSet this.CheckSet(); other.CheckSet(); maxMax = this.m_permSet.GetMaxUsedIndex() > other.m_permSet.GetMaxUsedIndex() ? this.m_permSet.GetMaxUsedIndex() : other.m_permSet.GetMaxUsedIndex(); pset.m_permSet = new TokenBasedSet(); for (int i = 0; i <= maxMax; ++i) { Object thisObj = this.m_permSet.GetItem( i ); IPermission thisPerm = thisObj as IPermission; #if FEATURE_CAS_POLICY ISecurityElementFactory thisElem = thisObj as ISecurityElementFactory; #endif // FEATURE_CAS_POLICY Object otherObj = other.m_permSet.GetItem( i ); IPermission otherPerm = otherObj as IPermission; #if FEATURE_CAS_POLICY ISecurityElementFactory otherElem = otherObj as ISecurityElementFactory; #endif // FEATURE_CAS_POLICY if (thisObj == null && otherObj == null) continue; #if FEATURE_CAS_POLICY if (thisElem != null && otherElem != null) { SecurityElement newElem; if (this.IsUnrestricted() || other.IsUnrestricted()) newElem = new SecurityElement( s_str_PermissionUnrestrictedUnion ); else newElem = new SecurityElement( s_str_PermissionUnion ); newElem.AddAttribute( "class", thisElem.Attribute( "class" ) ); SafeChildAdd( newElem, thisElem, true ); SafeChildAdd( newElem, otherElem, true ); pset.m_permSet.SetItem( i, newElem ); } else #endif // FEATURE_CAS_POLICY if (thisObj == null) { #if FEATURE_CAS_POLICY if (otherElem != null) { pset.m_permSet.SetItem( i, otherElem.Copy() ); Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } else #endif // FEATURE_CAS_POLICY if (otherPerm != null) { PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i ); if (((token.m_type & PermissionTokenType.IUnrestricted) == 0) || !pset.m_Unrestricted) { pset.m_permSet.SetItem( i, otherPerm.Copy() ); Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } } } else if (otherObj == null) { #if FEATURE_CAS_POLICY if (thisElem != null) { pset.m_permSet.SetItem( i, thisElem.Copy() ); } else #endif // FEATURE_CAS_POLICY if (thisPerm != null) { PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i ); if (((token.m_type & PermissionTokenType.IUnrestricted) == 0) || !pset.m_Unrestricted) { pset.m_permSet.SetItem( i, thisPerm.Copy() ); Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } } } else { #if FEATURE_CAS_POLICY if (thisElem != null) thisPerm = this.CreatePermission(thisElem, i); if (otherElem != null) otherPerm = other.CreatePermission(otherElem, i); #endif // FEATURE_CAS_POLICY IPermission unionPerm; if(thisPerm == null) unionPerm = otherPerm; else if(otherPerm == null) unionPerm = thisPerm; else unionPerm = thisPerm.Union( otherPerm ); pset.m_permSet.SetItem( i, unionPerm ); Contract.Assert( unionPerm == null || PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } } return pset; }
public PermissionSet Intersect(PermissionSet other) { if (((other == null) || other.FastIsEmpty()) || this.FastIsEmpty()) { return null; } int num = (this.m_permSet == null) ? -1 : this.m_permSet.GetMaxUsedIndex(); int num2 = (other.m_permSet == null) ? -1 : other.m_permSet.GetMaxUsedIndex(); int num3 = (num < num2) ? num : num2; if (this.IsUnrestricted() && (num3 < num2)) { num3 = num2; this.CheckSet(); } if (other.IsUnrestricted() && (num3 < num)) { num3 = num; other.CheckSet(); } PermissionSet set = new PermissionSet(false); if (num3 > -1) { set.m_permSet = new TokenBasedSet(); } for (int i = 0; i <= num3; i++) { object item = this.m_permSet.GetItem(i); IPermission permission = item as IPermission; ISecurityElementFactory child = item as ISecurityElementFactory; object obj3 = other.m_permSet.GetItem(i); IPermission target = obj3 as IPermission; ISecurityElementFactory factory2 = obj3 as ISecurityElementFactory; if ((item != null) || (obj3 != null)) { if ((child != null) && (factory2 != null)) { bool copy = true; bool flag2 = true; SecurityElement parent = new SecurityElement("PermissionIntersection"); parent.AddAttribute("class", factory2.Attribute("class")); if (this.IsUnrestricted()) { SecurityElement element2 = new SecurityElement("PermissionUnrestrictedUnion"); element2.AddAttribute("class", child.Attribute("class")); SafeChildAdd(element2, child, true); flag2 = false; child = element2; } if (other.IsUnrestricted()) { SecurityElement element3 = new SecurityElement("PermissionUnrestrictedUnion"); element3.AddAttribute("class", factory2.Attribute("class")); SafeChildAdd(element3, factory2, true); copy = false; factory2 = element3; } SafeChildAdd(parent, factory2, copy); SafeChildAdd(parent, child, flag2); set.m_permSet.SetItem(i, parent); } else if (item == null) { if (this.m_Unrestricted) { if (factory2 != null) { SecurityElement element4 = new SecurityElement("PermissionUnrestrictedIntersection"); element4.AddAttribute("class", factory2.Attribute("class")); SafeChildAdd(element4, factory2, true); set.m_permSet.SetItem(i, element4); } else if (target != null) { PermissionToken token = (PermissionToken) PermissionToken.s_tokenSet.GetItem(i); if ((token.m_type & PermissionTokenType.IUnrestricted) != 0) { set.m_permSet.SetItem(i, target.Copy()); } } } } else if (obj3 == null) { if (other.m_Unrestricted) { if (child != null) { SecurityElement element5 = new SecurityElement("PermissionUnrestrictedIntersection"); element5.AddAttribute("class", child.Attribute("class")); SafeChildAdd(element5, child, true); set.m_permSet.SetItem(i, element5); } else if (permission != null) { PermissionToken token2 = (PermissionToken) PermissionToken.s_tokenSet.GetItem(i); if ((token2.m_type & PermissionTokenType.IUnrestricted) != 0) { set.m_permSet.SetItem(i, permission.Copy()); } } } } else { IPermission permission3; if (child != null) { permission = this.CreatePermission(child, i); } if (factory2 != null) { target = other.CreatePermission(factory2, i); } if (permission == null) { permission3 = target; } else if (target == null) { permission3 = permission; } else { permission3 = permission.Intersect(target); } set.m_permSet.SetItem(i, permission3); } } } set.m_Unrestricted = this.m_Unrestricted && other.m_Unrestricted; if (set.FastIsEmpty()) { return null; } return set; }
internal bool IsSubsetOfHelper(PermissionSet target, IsSubsetOfType type, out IPermission firstPermThatFailed, bool ignoreNonCas) { firstPermThatFailed = null; if ((target == null) || target.FastIsEmpty()) { if (this.IsEmpty()) { return true; } firstPermThatFailed = this.GetFirstPerm(); return false; } if (this.IsUnrestricted() && !target.IsUnrestricted()) { return false; } if (this.m_permSet != null) { target.CheckSet(); for (int i = this.m_permSet.GetStartingIndex(); i <= this.m_permSet.GetMaxUsedIndex(); i++) { IPermission permission = this.GetPermission(i); if ((permission != null) && !permission.IsSubsetOf(null)) { IPermission permission2 = target.GetPermission(i); if (!target.m_Unrestricted) { CodeAccessPermission permission3 = permission as CodeAccessPermission; if (permission3 == null) { if (!ignoreNonCas && !permission.IsSubsetOf(permission2)) { firstPermThatFailed = permission; return false; } continue; } firstPermThatFailed = permission; switch (type) { case IsSubsetOfType.Normal: if (permission.IsSubsetOf(permission2)) { break; } return false; case IsSubsetOfType.CheckDemand: if (permission3.CheckDemand((CodeAccessPermission) permission2)) { break; } return false; case IsSubsetOfType.CheckPermitOnly: if (permission3.CheckPermitOnly((CodeAccessPermission) permission2)) { break; } return false; case IsSubsetOfType.CheckAssertion: if (permission3.CheckAssert((CodeAccessPermission) permission2)) { break; } return false; } firstPermThatFailed = null; } } } } return true; }
internal void InplaceIntersect(PermissionSet other) { Exception exception = null; this.m_CheckedForNonCas = false; if (this != other) { if ((other == null) || other.FastIsEmpty()) { this.Reset(); } else if (!this.FastIsEmpty()) { int num = (this.m_permSet == null) ? -1 : this.m_permSet.GetMaxUsedIndex(); int num2 = (other.m_permSet == null) ? -1 : other.m_permSet.GetMaxUsedIndex(); if (this.IsUnrestricted() && (num < num2)) { num = num2; this.CheckSet(); } if (other.IsUnrestricted()) { other.CheckSet(); } for (int i = 0; i <= num; i++) { object item = this.m_permSet.GetItem(i); IPermission permission = item as IPermission; ISecurityElementFactory child = item as ISecurityElementFactory; object obj3 = other.m_permSet.GetItem(i); IPermission target = obj3 as IPermission; ISecurityElementFactory factory2 = obj3 as ISecurityElementFactory; if ((item != null) || (obj3 != null)) { if ((child != null) && (factory2 != null)) { if (child.GetTag().Equals("PermissionIntersection") || child.GetTag().Equals("PermissionUnrestrictedIntersection")) { SafeChildAdd((SecurityElement) child, factory2, true); } else { bool copy = true; if (this.IsUnrestricted()) { SecurityElement element = new SecurityElement("PermissionUnrestrictedUnion"); element.AddAttribute("class", child.Attribute("class")); SafeChildAdd(element, child, false); child = element; } if (other.IsUnrestricted()) { SecurityElement element2 = new SecurityElement("PermissionUnrestrictedUnion"); element2.AddAttribute("class", factory2.Attribute("class")); SafeChildAdd(element2, factory2, true); factory2 = element2; copy = false; } SecurityElement parent = new SecurityElement("PermissionIntersection"); parent.AddAttribute("class", child.Attribute("class")); SafeChildAdd(parent, child, false); SafeChildAdd(parent, factory2, copy); this.m_permSet.SetItem(i, parent); } } else if (item == null) { if (this.IsUnrestricted()) { if (factory2 != null) { SecurityElement element4 = new SecurityElement("PermissionUnrestrictedIntersection"); element4.AddAttribute("class", factory2.Attribute("class")); SafeChildAdd(element4, factory2, true); this.m_permSet.SetItem(i, element4); } else { PermissionToken token = (PermissionToken) PermissionToken.s_tokenSet.GetItem(i); if ((token.m_type & PermissionTokenType.IUnrestricted) != 0) { this.m_permSet.SetItem(i, target.Copy()); } } } } else if (obj3 == null) { if (other.IsUnrestricted()) { if (child != null) { SecurityElement element5 = new SecurityElement("PermissionUnrestrictedIntersection"); element5.AddAttribute("class", child.Attribute("class")); SafeChildAdd(element5, child, false); this.m_permSet.SetItem(i, element5); } else { PermissionToken token2 = (PermissionToken) PermissionToken.s_tokenSet.GetItem(i); if ((token2.m_type & PermissionTokenType.IUnrestricted) == 0) { this.m_permSet.SetItem(i, null); } } } else { this.m_permSet.SetItem(i, null); } } else { if (child != null) { permission = this.CreatePermission(child, i); } if (factory2 != null) { target = other.CreatePermission(factory2, i); } try { IPermission permission3; if (permission == null) { permission3 = target; } else if (target == null) { permission3 = permission; } else { permission3 = permission.Intersect(target); } this.m_permSet.SetItem(i, permission3); } catch (Exception exception2) { if (exception == null) { exception = exception2; } } } } } this.m_Unrestricted = this.m_Unrestricted && other.m_Unrestricted; if (exception != null) { throw exception; } } } }
public PermissionSet Union(PermissionSet other) { // if other is null or empty, return a clone of myself if (other == null || other.FastIsEmpty()) { return this.Copy(); } if (this.FastIsEmpty()) { return other.Copy(); } int maxMax = -1; PermissionSet pset = new PermissionSet(); pset.m_Unrestricted = this.m_Unrestricted || other.m_Unrestricted; if (pset.m_Unrestricted) { if (CodeAccessSecurityEngine.DoesFullTrustMeanFullTrust()) { // FullTrustMeansFullTrust is on...so if the result of Union is unrestricted permset, just return return pset; } if (this.m_canUnrestrictedOverride && other.m_canUnrestrictedOverride) { // Only unrestricted override-able permissions in both this and other ...again, we can return just an unrestricted pset return pset; } if (other.m_canUnrestrictedOverride) { // Only unrestricted override-able permissions in other...cannot null pset.m_permSet, but don't look at other.m_permSet // just copy over this.m_permSet pset.m_permSet = (this.m_permSet != null)? new TokenBasedSet(this.m_permSet): null; return pset; } } // degenerate case where we look at both this.m_permSet and other.m_permSet this.CheckSet(); other.CheckSet(); maxMax = this.m_permSet.GetMaxUsedIndex() > other.m_permSet.GetMaxUsedIndex() ? this.m_permSet.GetMaxUsedIndex() : other.m_permSet.GetMaxUsedIndex(); pset.m_permSet = new TokenBasedSet(); for (int i = 0; i <= maxMax; ++i) { Object thisObj = this.m_permSet.GetItem( i ); IPermission thisPerm = thisObj as IPermission; ISecurityElementFactory thisElem = thisObj as ISecurityElementFactory; Object otherObj = other.m_permSet.GetItem( i ); IPermission otherPerm = otherObj as IPermission; ISecurityElementFactory otherElem = otherObj as ISecurityElementFactory; if (thisObj == null && otherObj == null) continue; if (thisElem != null && otherElem != null) { SecurityElement newElem; if (this.IsUnrestricted() || other.IsUnrestricted()) newElem = new SecurityElement( s_str_PermissionUnrestrictedUnion ); else newElem = new SecurityElement( s_str_PermissionUnion ); newElem.AddAttribute( "class", thisElem.Attribute( "class" ) ); SafeChildAdd( newElem, thisElem, true ); SafeChildAdd( newElem, otherElem, true ); pset.m_permSet.SetItem( i, newElem ); } else if (thisObj == null) { if (otherElem != null) { pset.m_permSet.SetItem( i, otherElem.Copy() ); BCLDebug.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } else if (otherPerm != null) { PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i ); if (((token.m_type & PermissionTokenType.IUnrestricted) == 0) || !pset.m_Unrestricted) { pset.m_permSet.SetItem( i, otherPerm.Copy() ); BCLDebug.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } } } else if (otherObj == null) { if (thisElem != null) { pset.m_permSet.SetItem( i, thisElem.Copy() ); } else if (thisPerm != null) { PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i ); if (((token.m_type & PermissionTokenType.IUnrestricted) == 0) || !pset.m_Unrestricted) { pset.m_permSet.SetItem( i, thisPerm.Copy() ); BCLDebug.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } } } else { if (thisElem != null) thisPerm = this.CreatePermission(thisElem, i); if (otherElem != null) otherPerm = other.CreatePermission(otherElem, i); IPermission unionPerm; if(thisPerm == null) unionPerm = otherPerm; else if(otherPerm == null) unionPerm = thisPerm; else unionPerm = thisPerm.Union( otherPerm ); pset.m_permSet.SetItem( i, unionPerm ); BCLDebug.Assert( unionPerm == null || PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } } return pset; }
public PermissionSet Union(PermissionSet other) { // if other is null or empty, return a clone of myself if (other == null || other.FastIsEmpty()) { return this.Copy(); } if (this.FastIsEmpty()) { return other.Copy(); } int maxMax = -1; PermissionSet pset = new PermissionSet(); pset.m_Unrestricted = this.m_Unrestricted || other.m_Unrestricted; if (pset.m_Unrestricted) { // if the result of Union is unrestricted permset, just return return pset; } // degenerate case where we look at both this.m_permSet and other.m_permSet this.CheckSet(); other.CheckSet(); maxMax = this.m_permSet.GetMaxUsedIndex() > other.m_permSet.GetMaxUsedIndex() ? this.m_permSet.GetMaxUsedIndex() : other.m_permSet.GetMaxUsedIndex(); pset.m_permSet = new TokenBasedSet(); for (int i = 0; i <= maxMax; ++i) { Object thisObj = this.m_permSet.GetItem( i ); IPermission thisPerm = thisObj as IPermission; Object otherObj = other.m_permSet.GetItem( i ); IPermission otherPerm = otherObj as IPermission; if (thisObj == null && otherObj == null) continue; if (thisObj == null) { if (otherPerm != null) { PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i ); if (((token.m_type & PermissionTokenType.IUnrestricted) == 0) || !pset.m_Unrestricted) { pset.m_permSet.SetItem( i, otherPerm.Copy() ); Debug.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } } } else if (otherObj == null) { if (thisPerm != null) { PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i ); if (((token.m_type & PermissionTokenType.IUnrestricted) == 0) || !pset.m_Unrestricted) { pset.m_permSet.SetItem( i, thisPerm.Copy() ); Debug.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } } } else { IPermission unionPerm; if(thisPerm == null) unionPerm = otherPerm; else if(otherPerm == null) unionPerm = thisPerm; else unionPerm = thisPerm.Union( otherPerm ); pset.m_permSet.SetItem( i, unionPerm ); Debug.Assert( unionPerm == null || PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } } return pset; }
public PermissionSet Intersect(PermissionSet other) { if (other == null || other.FastIsEmpty() || this.FastIsEmpty()) { return null; } int thisMax = this.m_permSet == null ? -1 : this.m_permSet.GetMaxUsedIndex(); int otherMax = other.m_permSet == null ? -1 : other.m_permSet.GetMaxUsedIndex(); int minMax = thisMax < otherMax ? thisMax : otherMax; if (this.IsUnrestricted() && minMax < otherMax) { minMax = otherMax; this.CheckSet(); } if (other.IsUnrestricted() && minMax < thisMax) { minMax = thisMax; other.CheckSet(); } PermissionSet pset = new PermissionSet( false ); if (minMax > -1) { pset.m_permSet = new TokenBasedSet(); } for (int i = 0; i <= minMax; ++i) { Object thisObj = this.m_permSet.GetItem( i ); IPermission thisPerm = thisObj as IPermission; Object otherObj = other.m_permSet.GetItem( i ); IPermission otherPerm = otherObj as IPermission; if (thisObj == null && otherObj == null) continue; if (thisObj == null) { if (this.m_Unrestricted) { if (otherPerm != null) { PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i ); if ((token.m_type & PermissionTokenType.IUnrestricted) != 0) { pset.m_permSet.SetItem( i, otherPerm.Copy() ); Debug.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } } } } else if (otherObj == null) { if (other.m_Unrestricted) { if (thisPerm != null) { PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i ); if ((token.m_type & PermissionTokenType.IUnrestricted) != 0) { pset.m_permSet.SetItem( i, thisPerm.Copy() ); Debug.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } } } } else { IPermission intersectPerm; if (thisPerm == null) intersectPerm = otherPerm; else if(otherPerm == null) intersectPerm = thisPerm; else intersectPerm = thisPerm.Intersect( otherPerm ); pset.m_permSet.SetItem( i, intersectPerm ); Debug.Assert( intersectPerm == null || PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } } pset.m_Unrestricted = this.m_Unrestricted && other.m_Unrestricted; if (pset.FastIsEmpty()) return null; else return pset; }
internal void InplaceIntersect( PermissionSet other ) { Exception savedException = null; m_CheckedForNonCas = false; if (this == other) return; if (other == null || other.FastIsEmpty()) { // If the other is empty or null, make this empty. Reset(); return; } if (this.FastIsEmpty()) return; int maxMax = this.m_permSet == null ? -1 : this.m_permSet.GetMaxUsedIndex(); int otherMax = other.m_permSet == null ? -1 : other.m_permSet.GetMaxUsedIndex(); if (this.IsUnrestricted() && maxMax < otherMax) { maxMax = otherMax; this.CheckSet(); } if (other.IsUnrestricted()) { other.CheckSet(); } for (int i = 0; i <= maxMax; ++i) { Object thisObj = this.m_permSet.GetItem( i ); IPermission thisPerm = thisObj as IPermission; Object otherObj = other.m_permSet.GetItem( i ); IPermission otherPerm = otherObj as IPermission; if (thisObj == null && otherObj == null) continue; if (thisObj == null) { // There is no object in <this>, so intersection is empty except for IUnrestrictedPermissions if (this.IsUnrestricted()) { { PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i ); if ((token.m_type & PermissionTokenType.IUnrestricted) != 0) { this.m_permSet.SetItem( i, otherPerm.Copy() ); Debug.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" ); } } } } else if (otherObj == null) { if (other.IsUnrestricted()) { { PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i ); if ((token.m_type & PermissionTokenType.IUnrestricted) == 0) this.m_permSet.SetItem( i, null ); } } else { this.m_permSet.SetItem( i, null ); } } else { try { IPermission intersectPerm; if (thisPerm == null) intersectPerm = otherPerm; else if(otherPerm == null) intersectPerm = thisPerm; else intersectPerm = thisPerm.Intersect( otherPerm ); this.m_permSet.SetItem( i, intersectPerm ); } catch (Exception e) { if (savedException == null) savedException = e; } } } this.m_Unrestricted = this.m_Unrestricted && other.m_Unrestricted; if (savedException != null) throw savedException; }