public void FromXml()
{
NamedPermissionSet nps = new NamedPermissionSet(name, PermissionState.None);
SecurityElement se = nps.ToXml();
Assert.IsNotNull(se, "ToXml()");
NamedPermissionSet nps2 = (NamedPermissionSet)nps.Copy();
nps2.FromXml(se);
Assert.AreEqual(name, nps2.Name, "FromXml-Copy.Name");
// strangely it's empty when converted from XML (but null when created)
Assert.AreEqual("", nps2.Description, "FromXml-Copy.Description");
Assert.IsTrue(!nps2.IsUnrestricted(), "FromXml-Copy.IsUnrestricted");
se.AddAttribute("Description", sentinel);
nps2.FromXml(se);
Assert.AreEqual(name, nps2.Name, "FromXml-Add1.Name");
Assert.AreEqual(sentinel, nps2.Description, "FromXml-Add1.Description");
Assert.IsTrue(!nps2.IsUnrestricted(), "FromXml-Add1.IsUnrestricted");
se.AddAttribute("Unrestricted", "true");
nps2.FromXml(se);
Assert.AreEqual(name, nps2.Name, "FromXml-Add2.Name");
Assert.AreEqual(sentinel, nps2.Description, "FromXml-Add2.Description");
Assert.IsTrue(nps2.IsUnrestricted(), "FromXml-Add2.IsUnrestricted");
}
}// ImportCodegroup
private NamedPermissionSet ImportPermissionSet()
{
// We're importing a permission set
NamedPermissionSet nps = null;
try
{
SecurityElement se = SecurityXMLStuff.GetSecurityElementFromXMLFile(PermissionSetFilename);
if (se == null)
{
throw new Exception("Invalid XML");
}
nps = new NamedPermissionSet("Hi");
nps.FromXml(se);
if (nps.Name == null || nps.Name.Length == 0)
{
nps.Name = Security.FindAGoodPermissionSetName(m_pl, "CustomPermissionSet");
}
return(nps);
}
catch (Exception)
{
MessageBox(CResourceStore.GetString("XMLNoPermSet"),
CResourceStore.GetString("XMLNoPermSetTitle"),
MB.ICONEXCLAMATION);
}
return(null);
}// ImportPermissionSet
public void FromXml_NoName()
{
NamedPermissionSet nps = new NamedPermissionSet(name, PermissionState.None);
SecurityElement se = nps.ToXml();
SecurityElement w = new SecurityElement(se.Tag);
w.AddAttribute("class", se.Attribute("class"));
w.AddAttribute("version", "1");
nps.FromXml(w);
// having a null name can badly influence the rest of the class code
Assert.IsNull(nps.Name, "Name");
NamedPermissionSet copy = (NamedPermissionSet)nps.Copy();
Assert.IsNull(copy.Name, "Copy.Name");
copy = nps.Copy("name");
Assert.AreEqual("name", copy.Name, "Copy(Name).Name");
se = nps.ToXml();
Assert.IsNull(se.Attribute("Name"), "Name attribute");
#if NET_2_0
Assert.AreEqual(0, nps.GetHashCode(), "GetHashCode");
Assert.IsTrue(nps.Equals(nps), "Equals-self");
#endif
}
/// <summary>Reconstructs a security object with a given state from an XML encoding.</summary>
/// <param name="e">The XML encoding to use to reconstruct the security object. </param>
/// <exception cref="T:System.ArgumentNullException">The <paramref name="e" /> parameter is null. </exception>
/// <exception cref="T:System.ArgumentException">The <see cref="T:System.Security.SecurityElement" /> specified by the <paramref name="e" /> parameter is invalid. </exception>
/// <PermissionSet>
/// <IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Flags="UnmanagedCode" />
/// </PermissionSet>
public void FromXml(SecurityElement e)
{
if (e == null)
{
throw new ArgumentNullException("e");
}
SecurityElement securityElement = e.SearchForChildByTag("SecurityClasses");
if (securityElement != null && securityElement.Children != null && securityElement.Children.Count > 0)
{
this.fullNames = new Hashtable(securityElement.Children.Count);
foreach (object obj in securityElement.Children)
{
SecurityElement securityElement2 = (SecurityElement)obj;
this.fullNames.Add(securityElement2.Attributes["Name"], securityElement2.Attributes["Description"]);
}
}
SecurityElement securityElement3 = e.SearchForChildByTag("FullTrustAssemblies");
if (securityElement3 != null && securityElement3.Children != null && securityElement3.Children.Count > 0)
{
this.full_trust_assemblies.Clear();
foreach (object obj2 in securityElement3.Children)
{
SecurityElement securityElement4 = (SecurityElement)obj2;
if (securityElement4.Tag != "IMembershipCondition")
{
throw new ArgumentException(Locale.GetText("Invalid XML"));
}
string text = securityElement4.Attribute("class");
if (text.IndexOf("StrongNameMembershipCondition") < 0)
{
throw new ArgumentException(Locale.GetText("Invalid XML - must be StrongNameMembershipCondition"));
}
this.full_trust_assemblies.Add(new StrongNameMembershipCondition(securityElement4));
}
}
SecurityElement securityElement5 = e.SearchForChildByTag("CodeGroup");
if (securityElement5 != null && securityElement5.Children != null && securityElement5.Children.Count > 0)
{
this.root_code_group = CodeGroup.CreateFromXml(securityElement5, this);
SecurityElement securityElement6 = e.SearchForChildByTag("NamedPermissionSets");
if (securityElement6 != null && securityElement6.Children != null && securityElement6.Children.Count > 0)
{
this.named_permission_sets.Clear();
foreach (object obj3 in securityElement6.Children)
{
SecurityElement et = (SecurityElement)obj3;
NamedPermissionSet namedPermissionSet = new NamedPermissionSet();
namedPermissionSet.Resolver = this;
namedPermissionSet.FromXml(et);
this.named_permission_sets.Add(namedPermissionSet);
}
}
return;
}
throw new ArgumentException(Locale.GetText("Missing Root CodeGroup"));
}
public void FromXml_WrongTagCase()
{
NamedPermissionSet nps = new NamedPermissionSet(name, PermissionState.None);
SecurityElement se = nps.ToXml();
se.Tag = se.Tag.ToUpper(); // instead of PermissionSet
nps.FromXml(se);
}
public void FromXml_NoClass()
{
NamedPermissionSet nps = new NamedPermissionSet(name, PermissionState.None);
SecurityElement se = nps.ToXml();
SecurityElement w = new SecurityElement(se.Tag);
w.AddAttribute("version", se.Attribute("version"));
nps.FromXml(w);
// doesn't even care of the class attribute presence
}
public static void NamedPermissionSetCallMethods()
{
NamedPermissionSet nps = new NamedPermissionSet("Test");
PermissionSet ps = nps.Copy();
NamedPermissionSet nps2 = nps.Copy("Test");
nps.Equals(nps2);
int hash = nps.GetHashCode();
SecurityElement se = new SecurityElement("");
nps.FromXml(se);
se = nps.ToXml();
}
public void FromXml_NoVersion()
{
NamedPermissionSet nps = new NamedPermissionSet(name, PermissionState.None);
SecurityElement se = nps.ToXml();
SecurityElement w = new SecurityElement(se.Tag);
w.AddAttribute("class", se.Attribute("class"));
w.AddAttribute("Name", se.Attribute("Name"));
nps.FromXml(w);
}
public void FromXml_InvalidPermission()
{
NamedPermissionSet nps = new NamedPermissionSet(name, PermissionState.None);
SecurityElement se = nps.ToXml();
// can't modify - so we create our own
SecurityElement se2 = new SecurityElement("InvalidPermissionSet", se.Text);
se2.AddAttribute("class", se.Attribute("class"));
se2.AddAttribute("version", se.Attribute("version"));
se2.AddAttribute("Name", se.Attribute("Name"));
nps.FromXml(se2);
}
// [ExpectedException (typeof (ArgumentException))]
public void FromXml_WrongVersion()
{
NamedPermissionSet nps = new NamedPermissionSet(name, PermissionState.None);
SecurityElement se = nps.ToXml();
// can't modify - so we create our own
SecurityElement se2 = new SecurityElement(se.Tag, se.Text);
se2.AddAttribute("class", se.Attribute("class"));
se2.AddAttribute("version", "2");
se2.AddAttribute("Name", se.Attribute("Name"));
nps.FromXml(se2);
// wow - here we accept a version 2 !!!
}
public static void NamedPermissionSetCallMethods()
{
NamedPermissionSet nps = new NamedPermissionSet("Test");
PermissionSet ps = nps.Copy();
NamedPermissionSet nps2 = nps.Copy("Test");
nps.Equals(nps2);
int hash = nps.GetHashCode();
SecurityElement se = new SecurityElement("");
nps.FromXml(se);
se = nps.ToXml();
}
public void FromXml_WrongClass()
{
NamedPermissionSet nps = new NamedPermissionSet(name, PermissionState.None);
SecurityElement se = nps.ToXml();
SecurityElement w = new SecurityElement(se.Tag);
w.AddAttribute("class", "Wrong" + se.Attribute("class"));
w.AddAttribute("version", se.Attribute("version"));
w.AddAttribute("Name", se.Attribute("Name"));
nps.FromXml(w);
// doesn't care of the class name at that stage
// anyway the class has already be created so...
}
}// NewPermissions
protected override int WizFinish(IntPtr hwnd)
{
if (isImportXMLFile)
{
// We're importing a permission set
try
{
SecurityElement se = SecurityXMLStuff.GetSecurityElementFromXMLFile(XMLFilename);
if (se == null)
{
throw new Exception("Invalid XML");
}
m_ps = new NamedPermissionSet("Hi");
m_ps.FromXml(se);
if (m_ps.Name == null || m_ps.Name.Length == 0)
{
m_ps.Name = Security.FindAGoodPermissionSetName(m_pl, "CustomPermissionSet");
}
return(0);
}
catch (Exception)
{
MessageBox(CResourceStore.GetString("XMLNoPermSet"),
CResourceStore.GetString("XMLNoPermSetTitle"),
MB.ICONEXCLAMATION);
SendMessage(GetParent(hwnd), PSM.SETCURSEL, (IntPtr)0, (IntPtr)(-1));
return(-1);
}
}
// Ok, let's create our permission set
NamedPermissionSet nps = new NamedPermissionSet(NewPermissionSetName, PermissionState.None);
nps.Description = NewPermissionSetDescription;
IPermission[] perms = NewPermissions;
for (int i = 0; i < perms.Length; i++)
{
nps.SetPermission(perms[i]);
}
// Ok, now that we have this permission set, let's add it to
// our other ones....
m_ps = nps;
return(0);
}// WizFinish
private PermissionSet CreateFromXml(string xml)
{
#if !NET_2_1
SecurityParser sp = new SecurityParser();
try
{
sp.LoadXml(xml);
}
catch (Mono.Xml.SmallXmlParserException xe)
{
throw new XmlSyntaxException(xe.Line, xe.ToString());
}
SecurityElement se = sp.ToXml();
string className = se.Attribute("class");
if (className == null)
{
return(null);
}
PermissionState state = PermissionState.None;
if (CodeAccessPermission.IsUnrestricted(se))
{
state = PermissionState.Unrestricted;
}
if (className.EndsWith("NamedPermissionSet"))
{
NamedPermissionSet nps = new NamedPermissionSet(se.Attribute("Name"), state);
nps.FromXml(se);
return((PermissionSet)nps);
}
else if (className.EndsWith("PermissionSet"))
{
PermissionSet ps = new PermissionSet(state);
ps.FromXml(se);
return(ps);
}
#endif
return(null);
}
private PermissionSet CreateFromXml (string xml)
{
#if !NET_2_1
SecurityParser sp = new SecurityParser ();
try {
sp.LoadXml (xml);
}
catch (Mono.Xml.SmallXmlParserException xe) {
throw new XmlSyntaxException (xe.Line, xe.ToString ());
}
SecurityElement se = sp.ToXml ();
string className = se.Attribute ("class");
if (className == null)
return null;
PermissionState state = PermissionState.None;
if (CodeAccessPermission.IsUnrestricted (se))
state = PermissionState.Unrestricted;
if (className.EndsWith ("NamedPermissionSet")) {
NamedPermissionSet nps = new NamedPermissionSet (se.Attribute ("Name"), state);
nps.FromXml (se);
return (PermissionSet) nps;
}
else if (className.EndsWith ("PermissionSet")) {
PermissionSet ps = new PermissionSet (state);
ps.FromXml (se);
return ps;
}
#endif
return null;
}
/// <summary>
/// Gets the medium trust permission set.
/// </summary>
/// <param name="pathToConfigFile">The path to the config file.</param>
/// <returns></returns>
public static NamedPermissionSet GetMediumTrustPermissionSet(string pathToConfigFile)
{
// Load the config file trusting that it exists.
var xDocument = XDocument.Load(pathToConfigFile);
// Get all of the SecurityClass elements which we'll use later to look
// up a type strongname given a key
var securityClasses = xDocument.Descendants("SecurityClass").Select(
x => new
{
Name = (string)x.Attribute("Name"),
Type = (string)x.Attribute("Description")
});
// Get the first PermissionSet element where the Name attribute is "ASP.Net"
var namedSet = xDocument.Descendants("PermissionSet").Where(x => (string)x.Attribute("Name") == "ASP.Net").FirstOrDefault();
// If we didn't find it, that's a fail
Assert.NotNull(namedSet);
// Create a new SecurityElement class to mimic what is represented in Xml
var secElement = new SecurityElement("PermissionSet");
secElement.AddAttribute("Name", "ASP.Net");
secElement.AddAttribute("class", "NamedPermissionSet");
secElement.AddAttribute("version", "1");
// For each child of the ASP.Net PermissionSet, create a child SecurityElement representing the IPermission
foreach (var xElement in namedSet.Elements())
{
var child = new SecurityElement("IPermission");
// Check if we need to do any string replacement on the Xml values first
ProcessIPermissionAttributeValue(xElement);
// Get the attributes of the IPermission from Xml and put them onto our child SecurityElement
foreach (var xAttribute in xElement.Attributes())
{
var attribName = xAttribute.Name.LocalName;
var value = xAttribute.Value;
try
{
if (attribName == "class")
{
// This is the type key. Get the full type name from the SecurityClasses list we grabbed earlier
value = securityClasses.Where(x => x.Name == value).Select(x => x.Type).Single();
}
}
catch (Exception ex)
{
throw new XmlException("Could not find the fully-qualified type name for " + value, ex);
}
child.AddAttribute(attribName, value);
}
secElement.AddChild(child);
}
// Create a new NamedPermissionSet, pass in the SecurityElement class representing the Xml
var permissionSet = new NamedPermissionSet("ASP.Net");
permissionSet.FromXml(secElement);
return(permissionSet);
}
private void LoadAllPermissionSets()
{
// This function loads all the permission sets held in the m_permSetElement member.
// This is useful when you know that an arbitrary permission set loaded from
// the config file could be accessed so you just want to forego the lazy load
// and play it safe.
if (m_permSetElement != null && m_permSetElement.m_lChildren != null)
{
Type type = typeof( PolicyLevel );
lock (type)
{
while (m_permSetElement != null && m_permSetElement.m_lChildren.Count != 0)
{
SecurityElement elPermSet = (SecurityElement)m_permSetElement.m_lChildren[m_permSetElement.m_lChildren.Count-1];
m_permSetElement.m_lChildren.RemoveAt( m_permSetElement.m_lChildren.Count-1 );
if (elPermSet.Tag.Equals( "PermissionSet" ) && elPermSet.Attribute( "class" ).Equals( "System.Security.NamedPermissionSet" ))
{
NamedPermissionSet permSet = new NamedPermissionSet();
permSet.FromXmlNameOnly( elPermSet );
if (permSet.Name != null)
{
m_namedPermissionSets.Add( permSet );
try
{
// We play it conservative here and just say that we are loading policy
// anytime we have to decode a permission set.
bool fullyLoaded;
permSet.FromXml( elPermSet, true, out fullyLoaded );
}
catch (Exception)
{
m_namedPermissionSets.Remove( permSet );
}
}
}
}
m_permSetElement = null;
}
}
}
internal NamedPermissionSet GetNamedPermissionSetInternal( String name )
{
CheckLoaded( true );
Type type = typeof( PolicyLevel );
lock (type)
{
// First, try to find it in the list.
IEnumerator enumerator = m_namedPermissionSets.GetEnumerator();
while (enumerator.MoveNext())
{
NamedPermissionSet current = (NamedPermissionSet)enumerator.Current;
if (current.Name.Equals( name ))
{
if (!current.IsFullyLoaded())
current.LoadPostponedPermissions();
// don't copy because we know we're not going to do
// anything wrong
return current;
}
}
// We didn't find it in the list, so if we have a stored element
// see if it is there.
if (m_permSetElement != null)
{
SecurityElement elem = FindElement( name );
if (elem != null)
{
bool fullyLoaded;
NamedPermissionSet permSet = new NamedPermissionSet();
permSet.Name = name;
m_namedPermissionSets.Add( permSet );
try
{
// We play it conservative here and just say that we are loading policy
// anytime we have to decode a permission set.
permSet.FromXml( elem, true, out fullyLoaded );
}
catch (Exception)
{
m_namedPermissionSets.Remove( permSet );
return null;
}
if (permSet.Name != null)
{
if (!fullyLoaded)
{
m_namedPermissionSets.Remove( permSet );
InsertElement( elem );
}
return permSet;
}
else
{
m_namedPermissionSets.Remove( permSet );
return null;
}
}
}
return null;
}
}
public void FromXml (SecurityElement e)
{
if (e == null)
throw new ArgumentNullException ("e");
// MS doesn't throw an exception for this case
// if (e.Tag != "PolicyLevel")
// throw new ArgumentException (Locale.GetText ("Invalid XML"));
SecurityElement sc = e.SearchForChildByTag ("SecurityClasses");
if ((sc != null) && (sc.Children != null) && (sc.Children.Count > 0)) {
fullNames = new Hashtable (sc.Children.Count);
foreach (SecurityElement se in sc.Children) {
fullNames.Add (se.Attributes ["Name"], se.Attributes ["Description"]);
}
}
SecurityElement fta = e.SearchForChildByTag ("FullTrustAssemblies");
if ((fta != null) && (fta.Children != null) && (fta.Children.Count > 0)) {
full_trust_assemblies.Clear ();
foreach (SecurityElement se in fta.Children) {
if (se.Tag != "IMembershipCondition")
throw new ArgumentException (Locale.GetText ("Invalid XML"));
string className = se.Attribute ("class");
if (className.IndexOf ("StrongNameMembershipCondition") < 0)
throw new ArgumentException (Locale.GetText ("Invalid XML - must be StrongNameMembershipCondition"));
// we directly use StrongNameMembershipCondition
full_trust_assemblies.Add (new StrongNameMembershipCondition (se));
}
}
SecurityElement cg = e.SearchForChildByTag ("CodeGroup");
if ((cg != null) && (cg.Children != null) && (cg.Children.Count > 0)) {
root_code_group = CodeGroup.CreateFromXml (cg, this);
} else {
throw new ArgumentException (Locale.GetText ("Missing Root CodeGroup"));
}
SecurityElement nps = e.SearchForChildByTag ("NamedPermissionSets");
if ((nps != null) && (nps.Children != null) && (nps.Children.Count > 0)) {
named_permission_sets.Clear ();
foreach (SecurityElement se in nps.Children) {
NamedPermissionSet n = new NamedPermissionSet ();
n.Resolver = this;
n.FromXml (se);
named_permission_sets.Add (n);
}
}
}
public void FromXml(SecurityElement e)
{
if (e == null)
{
throw new ArgumentNullException("e");
}
// MS doesn't throw an exception for this case
// if (e.Tag != "PolicyLevel")
// throw new ArgumentException (Locale.GetText ("Invalid XML"));
SecurityElement sc = e.SearchForChildByTag("SecurityClasses");
if ((sc != null) && (sc.Children != null) && (sc.Children.Count > 0))
{
fullNames = new Hashtable(sc.Children.Count);
foreach (SecurityElement se in sc.Children)
{
fullNames.Add(se.Attributes ["Name"], se.Attributes ["Description"]);
}
}
SecurityElement fta = e.SearchForChildByTag("FullTrustAssemblies");
if ((fta != null) && (fta.Children != null) && (fta.Children.Count > 0))
{
full_trust_assemblies.Clear();
foreach (SecurityElement se in fta.Children)
{
if (se.Tag != "IMembershipCondition")
{
throw new ArgumentException(Locale.GetText("Invalid XML"));
}
string className = se.Attribute("class");
if (className.IndexOf("StrongNameMembershipCondition") < 0)
{
throw new ArgumentException(Locale.GetText("Invalid XML - must be StrongNameMembershipCondition"));
}
// we directly use StrongNameMembershipCondition
full_trust_assemblies.Add(new StrongNameMembershipCondition(se));
}
}
SecurityElement cg = e.SearchForChildByTag("CodeGroup");
if ((cg != null) && (cg.Children != null) && (cg.Children.Count > 0))
{
root_code_group = CodeGroup.CreateFromXml(cg, this);
}
else
{
throw new ArgumentException(Locale.GetText("Missing Root CodeGroup"));
}
SecurityElement nps = e.SearchForChildByTag("NamedPermissionSets");
if ((nps != null) && (nps.Children != null) && (nps.Children.Count > 0))
{
named_permission_sets.Clear();
foreach (SecurityElement se in nps.Children)
{
NamedPermissionSet n = new NamedPermissionSet();
n.Resolver = this;
n.FromXml(se);
named_permission_sets.Add(n);
}
}
}
[System.Security.SecurityCritical] // auto-generated
private void LoadAllPermissionSets()
{
// This function loads all the permission sets held in the m_permSetElement member.
// This is useful when you know that an arbitrary permission set loaded from
// the config file could be accessed so you just want to forego the lazy load
// and play it safe.
if (m_permSetElement != null && m_permSetElement.InternalChildren != null) {
lock (InternalSyncObject) {
while (m_permSetElement != null && m_permSetElement.InternalChildren.Count != 0) {
SecurityElement elPermSet = (SecurityElement)m_permSetElement.Children[m_permSetElement.InternalChildren.Count-1];
m_permSetElement.InternalChildren.RemoveAt(m_permSetElement.InternalChildren.Count-1);
if (elPermSet.Tag.Equals("PermissionSet") && elPermSet.Attribute("class").Equals("System.Security.NamedPermissionSet")) {
NamedPermissionSet permSet = new NamedPermissionSet();
permSet.FromXmlNameOnly(elPermSet);
if (permSet.Name != null) {
m_namedPermissionSets.Add(permSet);
try {
permSet.FromXml(elPermSet, false, true);
}
catch {
m_namedPermissionSets.Remove(permSet);
}
}
}
}
m_permSetElement = null;
}
}
}
[System.Security.SecurityCritical] // auto-generated
internal NamedPermissionSet GetNamedPermissionSetInternal(string name) {
CheckLoaded();
lock (InternalSyncObject)
{
// First, try to find it in the list.
foreach (NamedPermissionSet permissionSet in m_namedPermissionSets) {
if (permissionSet.Name.Equals(name)) {
return permissionSet;
}
}
// We didn't find it in the list, so if we have a stored element
// see if it is there.
if (m_permSetElement != null)
{
SecurityElement elem = FindElement(m_permSetElement, name);
if (elem != null)
{
NamedPermissionSet permSet = new NamedPermissionSet();
permSet.Name = name;
m_namedPermissionSets.Add(permSet);
try
{
// We play it conservative here and just say that we are loading policy
// anytime we have to decode a permission set.
permSet.FromXml(elem, false, true);
}
catch
{
m_namedPermissionSets.Remove(permSet);
return null;
}
if (permSet.Name != null)
{
return permSet;
}
else
{
m_namedPermissionSets.Remove(permSet);
}
}
}
}
return null;
}
public void FromXml_Null()
{
NamedPermissionSet nps = new NamedPermissionSet(name, PermissionState.None);
nps.FromXml(null);
}
