// Reinitializes all state in PermissionSet.
public void Reset()
{
if (m_unrestrictedPermSet == null)
{
m_unrestrictedPermSet = new TokenBasedSet(12, 4);
}
else
{
m_unrestrictedPermSet.Reset();
}
if (m_normalPermSet == null)
{
m_normalPermSet = new TokenBasedSet(6, 4);
}
else
{
m_normalPermSet.Reset();
}
// By default, the PermissionListSet is unrestricted. Why?
// At the start, having nothing on the stack should indicate success.
// Once the first non-unrestricted grant is appended to the set,
// then the PermissionListSet will become non-unrestricted.
m_unrestricted = true;
m_state = PermissionListSetState.None;
}
public void AppendStack(PermissionListSet permListSet)
{
if (permListSet == null)
{
return;
}
AppendStackHelper(this.m_normalPermSet, permListSet.m_normalPermSet, false, false, false);
if (((m_state & (PermissionListSetState.UnrestrictedAssert | PermissionListSetState.UnrestrictedDeny)) == 0))
{
AppendStackHelper(this.m_unrestrictedPermSet, permListSet.m_unrestrictedPermSet, this.m_unrestricted, permListSet.m_unrestricted, true);
m_state = m_state | permListSet.m_state;
// The new list set is unrestricted only if both were previously.
m_unrestricted = m_unrestricted && permListSet.m_unrestricted;
}
}
public PermissionListSet(PermissionListSet permListSet)
{
if (permListSet == null)
{
Reset();
return;
}
m_unrestrictedPermSet = new TokenBasedSet(permListSet.m_unrestrictedPermSet);
// Now deep copy all permission lists in set.
// Note that this DOES deep copy permissions in the list.
for (int i = 0; i <= m_unrestrictedPermSet.GetMaxUsedIndex(); i++)
{
PermissionList plist = (PermissionList)m_unrestrictedPermSet.GetItem(i);
if (plist != null)
{
m_unrestrictedPermSet.SetItem(i, plist.Copy());
}
}
m_normalPermSet = new TokenBasedSet(permListSet.m_normalPermSet);
// Now deep copy all permission lists in set.
// Note that this DOES deep copy permissions in the list.
for (int i = 0; i <= m_normalPermSet.GetMaxUsedIndex(); i++)
{
PermissionList plist = (PermissionList)m_normalPermSet.GetItem(i);
if (plist != null)
{
m_normalPermSet.SetItem(i, plist.Copy());
}
}
m_unrestricted = permListSet.m_unrestricted;
m_state = permListSet.m_state;
}
public void AppendStack(PermissionListSet permListSet)
{
if (permListSet == null)
return;
AppendStackHelper( this.m_normalPermSet, permListSet.m_normalPermSet, false, false, false );
if (((m_state & (PermissionListSetState.UnrestrictedAssert | PermissionListSetState.UnrestrictedDeny)) == 0))
{
AppendStackHelper( this.m_unrestrictedPermSet, permListSet.m_unrestrictedPermSet, this.m_unrestricted, permListSet.m_unrestricted, true );
m_state = m_state | permListSet.m_state;
// The new list set is unrestricted only if both were previously.
m_unrestricted = m_unrestricted && permListSet.m_unrestricted;
}
}
// Returns true if it is necessary to continue compression,
// or false if there is no value in continuing.
public bool AppendPermissions(PermissionSet permSet, int type)
{
if (permSet == null)
{
// The null permission set has no meaning accept for the case of
// PermitOnly and Checked where it will make all demands fail (except
// demands for empty permissions).
if (type == PermissionList.MatchChecked || type == PermissionList.MatchPermitOnly)
{
TerminateSet( type );
m_unrestricted = false;
return false;
}
return true;
}
if (((m_state & (PermissionListSetState.UnrestrictedAssert | PermissionListSetState.UnrestrictedDeny)) == 0))
{
if (permSet.IsUnrestricted())
{
switch (type)
{
case PermissionList.MatchDeny:
m_state |= PermissionListSetState.UnrestrictedDeny;
m_unrestricted = false;
TerminateSet( type );
break;
case PermissionList.MatchAssert:
m_state |= PermissionListSetState.UnrestrictedAssert;
TerminateSet( type );
break;
case PermissionList.MatchPermitOnly:
case PermissionList.MatchChecked:
break;
default:
throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPermissionListType"));
}
}
else
{
// Handle the "unrestricted" permissions.
AppendTokenBasedSets( this.m_unrestrictedPermSet, permSet.m_unrestrictedPermSet, type, true );
if (type != PermissionList.MatchAssert && type != PermissionList.MatchDeny)
m_unrestricted = false;
}
}
// Handle the "normal" permissions
AppendTokenBasedSets( this.m_normalPermSet, permSet.m_normalPermSet, type, false );
return true;
}
private static bool CheckTokenBasedSets( TokenBasedSet thisSet, TokenBasedSet permSet, bool unrestricted, PermissionListSetState state, out Exception exception, bool bNeedAlteredSet, out TokenBasedSet alteredSet )
{
alteredSet = null;
// If the set is empty, there is no reason to walk the
// stack.
if (permSet == null || permSet.IsEmpty())
{
if (bNeedAlteredSet)
alteredSet = new TokenBasedSet( 1, 4 );
exception = null;
return false;
}
int permMaxIndex = permSet.GetMaxUsedIndex();
// Make a quick check to see if permSet definitely contains permissions that this set doesn't
if (permMaxIndex > thisSet.GetMaxUsedIndex())
{
// The only way we don't want to throw an exception is
// if we are unrestricted. Then, if we don't want to throw
// an exception we may want to terminate the stack walk
// based on an unrestricted assert.
if (unrestricted)
{
if (((state & PermissionListSetState.UnrestrictedAssert) != 0))
{
if (bNeedAlteredSet)
alteredSet = new TokenBasedSet( 1, 4 );
exception = null;
return false;
}
else
{
exception = null;
return true;
}
}
else
{
exception = new SecurityException(Environment.GetResourceString("Security_GenericNoType") );
return false;
}
}
bool continueStackWalk = false;
// We know that checking to <permMaxIndex> is sufficient because of above check
for (int i = 0; i <= permMaxIndex; i++)
{
Object obj = permSet.GetItem(i);
if (obj != null)
{
CodeAccessPermission cap = (CodeAccessPermission)obj;
PermissionList permList = (PermissionList)thisSet.GetItem(i);
if (permList != null)
{
bool tempContinue = permList.CheckDemandInternal(cap, out exception);
if (exception != null)
return false;
if (tempContinue)
{
// If we are supposed to continue the stack walk but there is an unrestricted
// deny, then we should fail.
if (((state & PermissionListSetState.UnrestrictedDeny) != 0) && (cap is IUnrestrictedPermission))
{
exception = new SecurityException(String.Format( Environment.GetResourceString("Security_Generic"), cap.GetType().AssemblyQualifiedName ) );
return false;
}
continueStackWalk = true;
}
else if (((state & PermissionListSetState.UnrestrictedAssert) == 0) && (cap is IUnrestrictedPermission))
{
// We only want to build the altered set if we don't have an
// unrestricted assert because we know if we have an unrestricted
// assert and we don't throw an exception that the stackwalk should
// include no unrestricted permissions.
if (bNeedAlteredSet)
{
if (alteredSet == null)
alteredSet = CopyTokenBasedSet( permSet );
alteredSet.SetItem( i, null );
}
}
}
else
{
if (!unrestricted)
{
exception = new SecurityException(String.Format( Environment.GetResourceString("Security_Generic"), cap.GetType().AssemblyQualifiedName ) );
return false;
}
}
}
}
exception = null;
return continueStackWalk;
}
// Reinitializes all state in PermissionSet.
public void Reset()
{
if (m_unrestrictedPermSet == null)
m_unrestrictedPermSet = new TokenBasedSet( 12, 4 );
else
m_unrestrictedPermSet.Reset();
if (m_normalPermSet == null)
m_normalPermSet = new TokenBasedSet( 6, 4 );
else
m_normalPermSet.Reset();
// By default, the PermissionListSet is unrestricted. Why?
// At the start, having nothing on the stack should indicate success.
// Once the first non-unrestricted grant is appended to the set,
// then the PermissionListSet will become non-unrestricted.
m_unrestricted = true;
m_state = PermissionListSetState.None;
}
public PermissionListSet(PermissionListSet permListSet)
{
if (permListSet == null)
{
Reset();
return;
}
m_unrestrictedPermSet = new TokenBasedSet(permListSet.m_unrestrictedPermSet);
// Now deep copy all permission lists in set.
// Note that this DOES deep copy permissions in the list.
for (int i = 0; i <= m_unrestrictedPermSet.GetMaxUsedIndex(); i++)
{
PermissionList plist = (PermissionList)m_unrestrictedPermSet.GetItem(i);
if (plist != null)
{
m_unrestrictedPermSet.SetItem(i, plist.Copy());
}
}
m_normalPermSet = new TokenBasedSet(permListSet.m_normalPermSet);
// Now deep copy all permission lists in set.
// Note that this DOES deep copy permissions in the list.
for (int i = 0; i <= m_normalPermSet.GetMaxUsedIndex(); i++)
{
PermissionList plist = (PermissionList)m_normalPermSet.GetItem(i);
if (plist != null)
{
m_normalPermSet.SetItem(i, plist.Copy());
}
}
m_unrestricted = permListSet.m_unrestricted;
m_state = permListSet.m_state;
}
// Returns true if it is necessary to continue compression,
// or false if there is no value in continuing.
public bool AppendPermissions(PermissionSet permSet, int type)
{
if (permSet == null)
{
// The null permission set has no meaning accept for the case of
// PermitOnly and Checked where it will make all demands fail (except
// demands for empty permissions).
if (type == PermissionList.MatchChecked || type == PermissionList.MatchPermitOnly)
{
TerminateSet(type);
m_unrestricted = false;
return(false);
}
return(true);
}
if (((m_state & (PermissionListSetState.UnrestrictedAssert | PermissionListSetState.UnrestrictedDeny)) == 0))
{
if (permSet.IsUnrestricted())
{
switch (type)
{
case PermissionList.MatchDeny:
m_state |= PermissionListSetState.UnrestrictedDeny;
m_unrestricted = false;
TerminateSet(type);
break;
case PermissionList.MatchAssert:
m_state |= PermissionListSetState.UnrestrictedAssert;
TerminateSet(type);
break;
case PermissionList.MatchPermitOnly:
case PermissionList.MatchChecked:
break;
default:
throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPermissionListType"));
}
}
else
{
// Handle the "unrestricted" permissions.
AppendTokenBasedSets(this.m_unrestrictedPermSet, permSet.m_unrestrictedPermSet, type, true);
if (type != PermissionList.MatchAssert && type != PermissionList.MatchDeny)
{
m_unrestricted = false;
}
}
}
// Handle the "normal" permissions
AppendTokenBasedSets(this.m_normalPermSet, permSet.m_normalPermSet, type, false);
return(true);
}
private static bool CheckTokenBasedSets(TokenBasedSet thisSet, TokenBasedSet permSet, bool unrestricted, PermissionListSetState state, bool createException, out Exception exception, bool bNeedAlteredSet, out TokenBasedSet alteredSet)
{
alteredSet = null;
// If the set is empty, there is no reason to walk the
// stack.
if (permSet == null || permSet.FastIsEmpty())
{
if (bNeedAlteredSet)
{
alteredSet = new TokenBasedSet(1, 4);
}
exception = null;
return(false);
}
int permMaxIndex = permSet.GetMaxUsedIndex();
// Make a quick check to see if permSet definitely contains permissions that this set doesn't
if (permMaxIndex > thisSet.GetMaxUsedIndex())
{
// The only way we don't want to throw an exception is
// if we are unrestricted. Then, if we don't want to throw
// an exception we may want to terminate the stack walk
// based on an unrestricted assert.
if (unrestricted)
{
if (((state & PermissionListSetState.UnrestrictedAssert) != 0))
{
if (bNeedAlteredSet)
{
alteredSet = new TokenBasedSet(1, 4);
}
exception = null;
return(false);
}
else
{
exception = null;
return(true);
}
}
else
{
if (createException)
{
exception = new SecurityException(Environment.GetResourceString("Security_GenericNoType"));
}
else
{
exception = GetStaticException();
}
return(false);
}
}
bool continueStackWalk = false;
// We know that checking to <permMaxIndex> is sufficient because of above check
for (int i = 0; i <= permMaxIndex; i++)
{
Object obj = permSet.GetItem(i);
if (obj != null)
{
CodeAccessPermission cap = (CodeAccessPermission)obj;
PermissionList permList = (PermissionList)thisSet.GetItem(i);
if (permList != null)
{
bool tempContinue = permList.CheckDemandInternal(cap, createException, out exception);
if (exception != null)
{
return(false);
}
if (tempContinue)
{
// If we are supposed to continue the stack walk but there is an unrestricted
// deny, then we should fail.
if (((state & PermissionListSetState.UnrestrictedDeny) != 0) && (cap is IUnrestrictedPermission))
{
if (createException)
{
exception = new SecurityException(String.Format(Environment.GetResourceString("Security_Generic"), cap.GetType().AssemblyQualifiedName));
}
else
{
exception = GetStaticException();
}
return(false);
}
continueStackWalk = true;
}
else if (((state & PermissionListSetState.UnrestrictedAssert) == 0) && (cap is IUnrestrictedPermission))
{
// We only want to build the altered set if we don't have an
// unrestricted assert because we know if we have an unrestricted
// assert and we don't throw an exception that the stackwalk should
// include no unrestricted permissions.
if (bNeedAlteredSet)
{
if (alteredSet == null)
{
alteredSet = CopyTokenBasedSet(permSet);
}
alteredSet.SetItem(i, null);
}
}
}
else
{
if (!unrestricted)
{
if (createException)
{
exception = new SecurityException(String.Format(Environment.GetResourceString("Security_Generic"), cap.GetType().AssemblyQualifiedName));
}
else
{
exception = GetStaticException();
}
return(false);
}
}
}
}
exception = null;
return(continueStackWalk);
}
