private IsSupersetOf ( |
||
entry | ||
return | bool |
internal bool CheckValueForKeyPermit(DBConnectionString parsetable) { if (parsetable == null) { return(false); } bool isEmpty = false; NameValuePermission[] permissionArray = this._tree; if (permissionArray != null) { isEmpty = parsetable.IsEmpty; if (!isEmpty) { for (int i = 0; i < permissionArray.Length; i++) { NameValuePermission permission = permissionArray[i]; if (permission != null) { string keyword = permission._value; if (parsetable.ContainsKey(keyword)) { string keyInQuestion = parsetable[keyword]; NameValuePermission permission2 = permission.CheckKeyForValue(keyInQuestion); if ((permission2 != null) && permission2.CheckValueForKeyPermit(parsetable)) { isEmpty = true; } else { return(false); } } } } } } DBConnectionString str = this._entry; if (str != null) { isEmpty = str.IsSupersetOf(parsetable); } return(isEmpty); }
internal bool CheckValueForKeyPermit(DBConnectionString parsetable) { if (null == parsetable) { return(false); } bool hasMatch = false; NameValuePermission[] keytree = _tree; // _tree won't mutate but Add will replace it if (null != keytree) { hasMatch = parsetable.IsEmpty; // MDAC 86773 if (!hasMatch) { // which key do we follow the key-value chain on for (int i = 0; i < keytree.Length; ++i) { NameValuePermission permitKey = keytree[i]; if (null != permitKey) { string keyword = permitKey._value; #if DEBUG Debug.Assert(null == permitKey._entry, "key member has no restrictions"); #endif if (parsetable.ContainsKey(keyword)) { string valueInQuestion = (string)parsetable[keyword]; // keyword is restricted to certain values NameValuePermission permitValue = permitKey.CheckKeyForValue(valueInQuestion); if (null != permitValue) { //value does match - continue the chain down that branch if (permitValue.CheckValueForKeyPermit(parsetable)) { hasMatch = true; // adding a break statement is tempting, but wrong // user can safetly extend their restrictions for current rule to include missing keyword // i.e. Add("provider=sqloledb;integrated security=sspi", "data provider=", KeyRestrictionBehavior.AllowOnly); // i.e. Add("data provider=msdatashape;provider=sqloledb;integrated security=sspi", "", KeyRestrictionBehavior.AllowOnly); } else { // failed branch checking return(false); } } else { // value doesn't match to expected values - fail here return(false); } } } // else try next keyword } } // partial chain match, either leaf-node by shorter chain or fail mid-chain if (null == _restrictions) } DBConnectionString entry = _entry; if (null != entry) { // also checking !hasMatch is tempting, but wrong // user can safetly extend their restrictions for current rule to include missing keyword // i.e. Add("provider=sqloledb;integrated security=sspi", "data provider=", KeyRestrictionBehavior.AllowOnly); // i.e. Add("provider=sqloledb;", "integrated security=;", KeyRestrictionBehavior.AllowOnly); hasMatch = entry.IsSupersetOf(parsetable); } return(hasMatch); // mid-chain failure }