// Set the caller's permissions to only this object.
internal static void PermitOnly(PermissionSet set, int skipFrames)
{
// Make sure that we don't already have a "PermitOnly" value.
ClrPermissions current;
current = ClrSecurity.GetPermissionsFrom(skipFrames);
if (current != null && current.permitOnly != null)
{
throw new SecurityException(_("Exception_PermitOnly"));
}
// Add the "PermitOnly" set to the call stack.
if (current == null)
{
// Initialize the permissions context to "allow
// only this permission object".
current = new ClrPermissions
(new PermissionSet(PermissionState.Unrestricted),
new PermissionSet(PermissionState.None),
set);
}
else
{
current = current.SetPermitOnly(set);
}
ClrSecurity.SetPermissions(current, skipFrames);
}
public void Demand()
{
// Get the current permission state.
ClrPermissions current = ClrSecurity.GetPermissionsFrom(1);
if (current == null)
{
// Null is equivalent to "unrestricted".
return;
}
// Build a permission set with just this permission.
PermissionSet set = new PermissionSet(PermissionState.None);
set.AddPermission(this);
// If "PermitOnly" is set, then only check that set.
if (current.permitOnly != null)
{
if (!set.IsSubsetOf(current.permitOnly))
{
throw new SecurityException
(_("Exception_SecurityNotGranted"));
}
return;
}
// The permission must be granted, but not denied.
if (!set.IsSubsetOf(current.granted) ||
set.IsSubsetOf(current.denied))
{
throw new SecurityException
(_("Exception_SecurityNotGranted"));
}
}
// Revert all permissions for the caller.
public static void RevertAll()
{
ClrPermissions current = ClrSecurity.GetPermissions(1);
ClrPermissions parent = ClrSecurity.GetPermissionsFrom(2);
if (current != null)
{
ClrSecurity.SetPermissions(parent, 1);
}
}
// Assert permissions for the caller.
internal void Assert(int skipFrames)
{
// Add the permission to the granted permissions set. If there
// are no permissions at all, then assume we are unrestricted.
ClrPermissions current;
current = ClrSecurity.GetPermissionsFrom(skipFrames);
if (current != null)
{
PermissionSet set = new PermissionSet(PermissionState.None);
set.AddPermission(this.Copy());
set = set.Union(current.granted);
ClrSecurity.SetPermissions
(current.SetGranted(set), skipFrames);
}
}
// Revert all "PermitOnly" permissions for the caller.
public static void RevertPermitOnly()
{
ClrPermissions current = ClrSecurity.GetPermissions(1);
ClrPermissions parent = ClrSecurity.GetPermissionsFrom(2);
if (current != null)
{
if (parent != null)
{
ClrSecurity.SetPermissions
(current.SetPermitOnly(parent.permitOnly), 1);
}
else
{
ClrSecurity.SetPermissions
(current.SetPermitOnly(null), 1);
}
}
}
// Revert all denials for the caller.
public static void RevertDeny()
{
ClrPermissions current = ClrSecurity.GetPermissions(1);
ClrPermissions parent = ClrSecurity.GetPermissionsFrom(2);
if (current != null)
{
if (parent != null)
{
ClrSecurity.SetPermissions
(current.SetDenied(parent.denied), 1);
}
else
{
ClrSecurity.SetPermissions
(current.SetDenied
(new PermissionSet(PermissionState.None)), 1);
}
}
}
// Revert all assertions for the caller.
public static void RevertAssert()
{
ClrPermissions current = ClrSecurity.GetPermissions(1);
ClrPermissions parent = ClrSecurity.GetPermissionsFrom(2);
if (current != null)
{
if (parent != null)
{
ClrSecurity.SetPermissions
(current.SetGranted(parent.granted), 1);
}
else
{
ClrSecurity.SetPermissions
(current.SetGranted
(new PermissionSet
(PermissionState.Unrestricted)), 1);
}
}
}
// Deny permissions to the caller.
internal void Deny(int skipFrames)
{
// Add the permission to the denied permissions set.
ClrPermissions current;
current = ClrSecurity.GetPermissionsFrom(skipFrames);
PermissionSet set = new PermissionSet(PermissionState.None);
set.AddPermission(this.Copy());
if (current == null)
{
// Initialize the permissions context to "allow
// everything except this permission object".
current = new ClrPermissions
(new PermissionSet(PermissionState.Unrestricted),
set, null);
}
else
{
current = current.SetDenied(set.Union(current.denied));
}
ClrSecurity.SetPermissions(current, skipFrames);
}
// Determine if a specific permission has been granted.
public static bool IsGranted(IPermission perm)
{
// Bail out if the requested permission is null.
if (perm == null)
{
return(true);
}
// Get the current permission state.
ClrPermissions current = ClrSecurity.GetPermissionsFrom(1);
if (current == null)
{
// Null is equivalent to "unrestricted".
return(true);
}
// Build a permission set with just this permission.
PermissionSet set = new PermissionSet(PermissionState.None);
set.AddPermission(perm);
// If "PermitOnly" is set, then only check that set.
if (current.permitOnly != null)
{
return(set.IsSubsetOf(current.permitOnly));
}
// The permission must be granted, but not denied.
if (!set.IsSubsetOf(current.granted) ||
set.IsSubsetOf(current.denied))
{
return(false);
}
return(true);
}
