Exemplo n.º 1
0
        public PermissionSet Intersect(PermissionSet other)
        {
            if (other == null || other.FastIsEmpty() || this.FastIsEmpty())
            {
                return null;
            }

            int thisMax = this.m_permSet == null ? -1 : this.m_permSet.GetMaxUsedIndex();
            int otherMax = other.m_permSet == null ? -1 : other.m_permSet.GetMaxUsedIndex();
            int minMax = thisMax < otherMax ? thisMax : otherMax;

            if (this.IsUnrestricted() && minMax < otherMax)
            {
                minMax = otherMax;
                this.CheckSet();
            }

            if (other.IsUnrestricted() && minMax < thisMax)
            {
                minMax = thisMax;
                other.CheckSet();
            }

            PermissionSet pset = new PermissionSet( false );

            if (minMax > -1)
            {
                pset.m_permSet = new TokenBasedSet();
            }

            for (int i = 0; i <= minMax; ++i)
            {
                Object thisObj = this.m_permSet.GetItem( i );
                IPermission thisPerm = thisObj as IPermission;
#if FEATURE_CAS_POLICY
                ISecurityElementFactory thisElem = thisObj as ISecurityElementFactory;
#endif // FEATURE_CAS_POLICY

                Object otherObj = other.m_permSet.GetItem( i );
                IPermission otherPerm = otherObj as IPermission;
#if FEATURE_CAS_POLICY
                ISecurityElementFactory otherElem = otherObj as ISecurityElementFactory;
#endif // FEATURE_CAS_POLICY

                if (thisObj == null && otherObj == null)
                    continue;

#if FEATURE_CAS_POLICY
                if (thisElem != null && otherElem != null)
                {
                    bool copyOther = true;
                    bool copyThis = true;
                    SecurityElement newElem = new SecurityElement( s_str_PermissionIntersection );
                    newElem.AddAttribute( "class", otherElem.Attribute( "class" ) );
                    if (this.IsUnrestricted())
                    {
                        SecurityElement newElemUU = new SecurityElement( s_str_PermissionUnrestrictedUnion );
                        newElemUU.AddAttribute( "class", thisElem.Attribute( "class" ) );
                        SafeChildAdd( newElemUU, thisElem, true );
                        copyThis = false;
                        thisElem = newElemUU;
                    }
                    if (other.IsUnrestricted())
                    {
                        SecurityElement newElemUU = new SecurityElement( s_str_PermissionUnrestrictedUnion );
                        newElemUU.AddAttribute( "class", otherElem.Attribute( "class" ) );
                        SafeChildAdd( newElemUU, otherElem, true );
                        copyOther = false;
                        otherElem = newElemUU;
                    }

                    SafeChildAdd( newElem, otherElem, copyOther );
                    SafeChildAdd( newElem, thisElem, copyThis );
                    pset.m_permSet.SetItem( i, newElem );
                }
                else
#endif // FEATURE_CAS_POLICY
                if (thisObj == null)
                {
                    if (this.m_Unrestricted)
                    {
#if FEATURE_CAS_POLICY
                        if (otherElem != null)
                        {
                            SecurityElement newElem = new SecurityElement( s_str_PermissionUnrestrictedIntersection );
                            newElem.AddAttribute( "class", otherElem.Attribute( "class" ) );
                            SafeChildAdd( newElem, otherElem, true );
                            pset.m_permSet.SetItem( i, newElem );
                            Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                        }
                        else
#endif // FEATURE_CAS_POLICY
                        if (otherPerm != null)
                        {
                            PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i );
                            if ((token.m_type & PermissionTokenType.IUnrestricted) != 0)
                            {
                                pset.m_permSet.SetItem( i, otherPerm.Copy() );
                                Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                            }
                        }
                    }
                }
                else if (otherObj == null)
                {
                    if (other.m_Unrestricted)
                    {
#if FEATURE_CAS_POLICY
                        if (thisElem != null)
                        {
                            SecurityElement newElem = new SecurityElement( s_str_PermissionUnrestrictedIntersection );
                            newElem.AddAttribute( "class", thisElem.Attribute( "class" ) );
                            SafeChildAdd( newElem, thisElem, true );
                            pset.m_permSet.SetItem( i, newElem );
                            Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                        }
                        else
#endif // FEATURE_CAS_POLICY
                        if (thisPerm != null)
                        {
                            PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i );
                            if ((token.m_type & PermissionTokenType.IUnrestricted) != 0)
                            {
                                pset.m_permSet.SetItem( i, thisPerm.Copy() );
                                Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                            }
                        }
                    }
                }
                else
                {
#if FEATURE_CAS_POLICY
                    if (thisElem != null)
                        thisPerm = this.CreatePermission(thisElem, i);
                    if (otherElem != null)
                        otherPerm = other.CreatePermission(otherElem, i);
#endif // FEATURE_CAS_POLICY

                    IPermission intersectPerm;
                    if (thisPerm == null)
                        intersectPerm = otherPerm;
                    else if(otherPerm == null)
                        intersectPerm = thisPerm;
                    else
                        intersectPerm = thisPerm.Intersect( otherPerm );
                    pset.m_permSet.SetItem( i, intersectPerm );
                    Contract.Assert( intersectPerm == null || PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                }
            }

            pset.m_Unrestricted = this.m_Unrestricted && other.m_Unrestricted;
            if (pset.FastIsEmpty())
                return null;
            else
                return pset;
        }
Exemplo n.º 2
0
        internal bool IsSubsetOfHelper(PermissionSet target, IsSubsetOfType type, out IPermission firstPermThatFailed, bool ignoreNonCas)
        {
    #if _DEBUG
            if (debug)     
                DEBUG_WRITE("IsSubsetOf\n" +
                            "Other:\n" +
                            (target == null ? "<null>" : target.ToString()) +
                            "\nMe:\n" +
                            ToString());
    #endif
    
            firstPermThatFailed = null;
            if (target == null || target.FastIsEmpty())
            {
                if(this.IsEmpty())
                    return true;
                else
                {
                    firstPermThatFailed = GetFirstPerm();
                    return false;
                }
            }
            else if (this.IsUnrestricted() && !target.IsUnrestricted())
                return false;
            else if (this.m_permSet == null)
                return true;
            else
            {
                target.CheckSet();

                for (int i = m_permSet.GetStartingIndex(); i <= this.m_permSet.GetMaxUsedIndex(); ++i)
                {
                    IPermission thisPerm = this.GetPermission(i);
                    if (thisPerm == null || thisPerm.IsSubsetOf(null))
                        continue;

                    IPermission targetPerm = target.GetPermission(i);
#if _DEBUG                    
                    PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i );
                    Contract.Assert(targetPerm == null || (token.m_type & PermissionTokenType.DontKnow) == 0, "Token not properly initialized");
#endif

                    if (target.m_Unrestricted)
                        continue;

                    // targetPerm can be null here, but that is fine since it thisPerm is a subset
                    // of empty/null then we can continue in the loop.
                    CodeAccessPermission cap = thisPerm as CodeAccessPermission;
                    if(cap == null)
                    {
                        if (!ignoreNonCas && !thisPerm.IsSubsetOf( targetPerm ))
                        {
                            firstPermThatFailed = thisPerm;
                            return false;
                        }
                    }
                    else
                    {
                        firstPermThatFailed = thisPerm;
                        switch(type)
                        {
                        case IsSubsetOfType.Normal:
                            if (!thisPerm.IsSubsetOf( targetPerm ))
                                return false;
                            break;
                        case IsSubsetOfType.CheckDemand:
                            if (!cap.CheckDemand( (CodeAccessPermission)targetPerm ))
                                return false;
                            break;
                        case IsSubsetOfType.CheckPermitOnly:
                            if (!cap.CheckPermitOnly( (CodeAccessPermission)targetPerm ))
                                return false;
                            break;
                        case IsSubsetOfType.CheckAssertion:
                            if (!cap.CheckAssert( (CodeAccessPermission)targetPerm ))
                                return false;
                            break;
                        }
                        firstPermThatFailed = null;
                    }
                }
            }

            return true;
        }
Exemplo n.º 3
0
        internal void InplaceIntersect( PermissionSet other )
        {
            Exception savedException = null;
        
            m_CheckedForNonCas = false;
            
            if (this == other)
                return;
            
            if (other == null || other.FastIsEmpty())
            {
                // If the other is empty or null, make this empty.
                Reset();
                return;
            }

            if (this.FastIsEmpty())
                return;

            int maxMax = this.m_permSet == null ? -1 : this.m_permSet.GetMaxUsedIndex();
            int otherMax = other.m_permSet == null ? -1 : other.m_permSet.GetMaxUsedIndex();

            if (this.IsUnrestricted() && maxMax < otherMax)
            {
                maxMax = otherMax;
                this.CheckSet();
            }
                
            if (other.IsUnrestricted())
            {
                other.CheckSet();
            }
                
            for (int i = 0; i <= maxMax; ++i)
            {
                Object thisObj = this.m_permSet.GetItem( i );
                IPermission thisPerm = thisObj as IPermission;
#if FEATURE_CAS_POLICY
                ISecurityElementFactory thisElem = thisObj as ISecurityElementFactory;
#endif // FEATURE_CAS_POLICY

                Object otherObj = other.m_permSet.GetItem( i );
                IPermission otherPerm = otherObj as IPermission;
#if FEATURE_CAS_POLICY
                ISecurityElementFactory otherElem = otherObj as ISecurityElementFactory;
#endif // FEATURE_CAS_POLICY

                if (thisObj == null && otherObj == null)
                    continue;

#if FEATURE_CAS_POLICY
                if (thisElem != null && otherElem != null)
                {
                    // If we already have an intersection node, just add another child
                    if (thisElem.GetTag().Equals( s_str_PermissionIntersection ) ||
                        thisElem.GetTag().Equals( s_str_PermissionUnrestrictedIntersection ))
                    {
                        Contract.Assert( thisElem is SecurityElement, "SecurityElement expected" );
                        SafeChildAdd( (SecurityElement)thisElem, otherElem, true );
                    }
                    // If either set is unrestricted, intersect the nodes unrestricted
                    else
                    {
                        bool copyOther = true;
                        if (this.IsUnrestricted())
                        {
                            SecurityElement newElemUU = new SecurityElement( s_str_PermissionUnrestrictedUnion );
                            newElemUU.AddAttribute( "class", thisElem.Attribute( "class" ) );
                            SafeChildAdd( newElemUU, thisElem, false );
                            thisElem = newElemUU;
                        }
                        if (other.IsUnrestricted())
                        {
                            SecurityElement newElemUU = new SecurityElement( s_str_PermissionUnrestrictedUnion );
                            newElemUU.AddAttribute( "class", otherElem.Attribute( "class" ) );
                            SafeChildAdd( newElemUU, otherElem, true );
                            otherElem = newElemUU;
                            copyOther = false;
                        }
                        
                        SecurityElement newElem = new SecurityElement( s_str_PermissionIntersection );
                        newElem.AddAttribute( "class", thisElem.Attribute( "class" ) );
                        
                        SafeChildAdd( newElem, thisElem, false );
                        SafeChildAdd( newElem, otherElem, copyOther );
                        this.m_permSet.SetItem( i, newElem );
                    }
                }
                else
#endif // FEATURE_CAS_POLICY
                if (thisObj == null)
                {
                    // There is no object in <this>, so intersection is empty except for IUnrestrictedPermissions
                    if (this.IsUnrestricted())
                    {
#if FEATURE_CAS_POLICY
                        if (otherElem != null)
                        {
                            SecurityElement newElem = new SecurityElement( s_str_PermissionUnrestrictedIntersection );
                            newElem.AddAttribute( "class", otherElem.Attribute( "class" ) );
                            SafeChildAdd( newElem, otherElem, true );
                            this.m_permSet.SetItem( i, newElem );
                            Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                        }
                        else
#endif // FEATURE_CAS_POLICY
                        {
                            PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i );
                            if ((token.m_type & PermissionTokenType.IUnrestricted) != 0)
                            {
                                this.m_permSet.SetItem( i, otherPerm.Copy() );
                                Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                            }
                        }
                    }
                }
                else if (otherObj == null)
                {
                    if (other.IsUnrestricted())
                    {
#if FEATURE_CAS_POLICY
                        if (thisElem != null)
                        {
                            SecurityElement newElem = new SecurityElement( s_str_PermissionUnrestrictedIntersection );
                            newElem.AddAttribute( "class", thisElem.Attribute( "class" ) );
                            SafeChildAdd( newElem, thisElem, false );
                            this.m_permSet.SetItem( i, newElem );
                        }
                        else
#endif // FEATURE_CAS_POLICY
                        {
                            PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i );
                            if ((token.m_type & PermissionTokenType.IUnrestricted) == 0)
                                this.m_permSet.SetItem( i, null );
                        }
                    }
                    else
                    {
                        this.m_permSet.SetItem( i, null );
                    }
                }
                else
                {
#if FEATURE_CAS_POLICY
                    if (thisElem != null)
                        thisPerm = this.CreatePermission(thisElem, i);
                    if (otherElem != null)
                        otherPerm = other.CreatePermission(otherElem, i);
#endif // FEATURE_CAS_POLICY

                    try
                    {
                        IPermission intersectPerm;
                        if (thisPerm == null)
                            intersectPerm = otherPerm;
                        else if(otherPerm == null)
                            intersectPerm = thisPerm;
                        else
                            intersectPerm = thisPerm.Intersect( otherPerm );
                        this.m_permSet.SetItem( i, intersectPerm );
                    }
                    catch (Exception e)
                    {
                        if (savedException == null)
                            savedException = e;
                    }
                }
            }

            this.m_Unrestricted = this.m_Unrestricted && other.m_Unrestricted;

            if (savedException != null)
                throw savedException;
        }
 public PermissionSet Union(PermissionSet other)
 {
     if ((other == null) || other.FastIsEmpty())
     {
         return this.Copy();
     }
     if (this.FastIsEmpty())
     {
         return other.Copy();
     }
     int num = -1;
     PermissionSet set = new PermissionSet {
         m_Unrestricted = this.m_Unrestricted || other.m_Unrestricted
     };
     if (!set.m_Unrestricted)
     {
         this.CheckSet();
         other.CheckSet();
         num = (this.m_permSet.GetMaxUsedIndex() > other.m_permSet.GetMaxUsedIndex()) ? this.m_permSet.GetMaxUsedIndex() : other.m_permSet.GetMaxUsedIndex();
         set.m_permSet = new TokenBasedSet();
         for (int i = 0; i <= num; i++)
         {
             object item = this.m_permSet.GetItem(i);
             IPermission permission = item as IPermission;
             ISecurityElementFactory child = item as ISecurityElementFactory;
             object obj3 = other.m_permSet.GetItem(i);
             IPermission target = obj3 as IPermission;
             ISecurityElementFactory factory2 = obj3 as ISecurityElementFactory;
             if ((item != null) || (obj3 != null))
             {
                 if ((child != null) && (factory2 != null))
                 {
                     SecurityElement element;
                     if (this.IsUnrestricted() || other.IsUnrestricted())
                     {
                         element = new SecurityElement("PermissionUnrestrictedUnion");
                     }
                     else
                     {
                         element = new SecurityElement("PermissionUnion");
                     }
                     element.AddAttribute("class", child.Attribute("class"));
                     SafeChildAdd(element, child, true);
                     SafeChildAdd(element, factory2, true);
                     set.m_permSet.SetItem(i, element);
                 }
                 else if (item == null)
                 {
                     if (factory2 != null)
                     {
                         set.m_permSet.SetItem(i, factory2.Copy());
                     }
                     else if (target != null)
                     {
                         PermissionToken token = (PermissionToken) PermissionToken.s_tokenSet.GetItem(i);
                         if (((token.m_type & PermissionTokenType.IUnrestricted) == 0) || !set.m_Unrestricted)
                         {
                             set.m_permSet.SetItem(i, target.Copy());
                         }
                     }
                 }
                 else if (obj3 == null)
                 {
                     if (child != null)
                     {
                         set.m_permSet.SetItem(i, child.Copy());
                     }
                     else if (permission != null)
                     {
                         PermissionToken token2 = (PermissionToken) PermissionToken.s_tokenSet.GetItem(i);
                         if (((token2.m_type & PermissionTokenType.IUnrestricted) == 0) || !set.m_Unrestricted)
                         {
                             set.m_permSet.SetItem(i, permission.Copy());
                         }
                     }
                 }
                 else
                 {
                     IPermission permission3;
                     if (child != null)
                     {
                         permission = this.CreatePermission(child, i);
                     }
                     if (factory2 != null)
                     {
                         target = other.CreatePermission(factory2, i);
                     }
                     if (permission == null)
                     {
                         permission3 = target;
                     }
                     else if (target == null)
                     {
                         permission3 = permission;
                     }
                     else
                     {
                         permission3 = permission.Union(target);
                     }
                     set.m_permSet.SetItem(i, permission3);
                 }
             }
         }
     }
     return set;
 }
Exemplo n.º 5
0
        public PermissionSet Union(PermissionSet other)
        {
            // if other is null or empty, return a clone of myself
            if (other == null || other.FastIsEmpty())
            {
                return this.Copy();
            }
            
            if (this.FastIsEmpty())
            {
                return other.Copy();
            }

            int maxMax = -1;

            PermissionSet pset = new PermissionSet();
            pset.m_Unrestricted = this.m_Unrestricted || other.m_Unrestricted;
            if (pset.m_Unrestricted)
            {
                // if the result of Union is unrestricted permset, just return
                return pset;
            }
            
            // degenerate case where we look at both this.m_permSet and other.m_permSet
            this.CheckSet();
            other.CheckSet();
            maxMax = this.m_permSet.GetMaxUsedIndex() > other.m_permSet.GetMaxUsedIndex() ? this.m_permSet.GetMaxUsedIndex() : other.m_permSet.GetMaxUsedIndex();
            pset.m_permSet = new TokenBasedSet();



            for (int i = 0; i <= maxMax; ++i)
            {
                Object thisObj = this.m_permSet.GetItem( i );
                IPermission thisPerm = thisObj as IPermission;
#if FEATURE_CAS_POLICY
                ISecurityElementFactory thisElem = thisObj as ISecurityElementFactory;
#endif // FEATURE_CAS_POLICY

                Object otherObj = other.m_permSet.GetItem( i );
                IPermission otherPerm = otherObj as IPermission;
#if FEATURE_CAS_POLICY
                ISecurityElementFactory otherElem = otherObj as ISecurityElementFactory;
#endif // FEATURE_CAS_POLICY

                if (thisObj == null && otherObj == null)
                    continue;

#if FEATURE_CAS_POLICY
                if (thisElem != null && otherElem != null)
                {
                    SecurityElement newElem;
                    if (this.IsUnrestricted() || other.IsUnrestricted())
                        newElem = new SecurityElement( s_str_PermissionUnrestrictedUnion );
                    else
                        newElem = new SecurityElement( s_str_PermissionUnion );
                    newElem.AddAttribute( "class", thisElem.Attribute( "class" ) );
                    SafeChildAdd( newElem, thisElem, true );
                    SafeChildAdd( newElem, otherElem, true );
                    pset.m_permSet.SetItem( i, newElem );
                }
                else
#endif // FEATURE_CAS_POLICY
                if (thisObj == null)
                {
#if FEATURE_CAS_POLICY
                    if (otherElem != null)
                    {
                        pset.m_permSet.SetItem( i, otherElem.Copy() );
                        Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                    }
                    else
#endif // FEATURE_CAS_POLICY
                    if (otherPerm != null)
                    {
                        PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i );
                        if (((token.m_type & PermissionTokenType.IUnrestricted) == 0) || !pset.m_Unrestricted)
                        {
                            pset.m_permSet.SetItem( i, otherPerm.Copy() );
                            Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                        }
                    }
                }
                else if (otherObj == null)
                {
#if FEATURE_CAS_POLICY
                    if (thisElem != null)
                    {
                        pset.m_permSet.SetItem( i, thisElem.Copy() );
                    }
                    else
#endif // FEATURE_CAS_POLICY
                    if (thisPerm != null)
                    {
                        PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i );
                        if (((token.m_type & PermissionTokenType.IUnrestricted) == 0) || !pset.m_Unrestricted)
                        {
                            pset.m_permSet.SetItem( i, thisPerm.Copy() );
                            Contract.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                        }
                    }
                }
                else
                {
#if FEATURE_CAS_POLICY
                    if (thisElem != null)
                        thisPerm = this.CreatePermission(thisElem, i);
                    if (otherElem != null)
                        otherPerm = other.CreatePermission(otherElem, i);
#endif // FEATURE_CAS_POLICY

                    IPermission unionPerm;
                    if(thisPerm == null)
                        unionPerm = otherPerm;
                    else if(otherPerm == null)
                        unionPerm = thisPerm;
                    else
                        unionPerm = thisPerm.Union( otherPerm );
                    pset.m_permSet.SetItem( i, unionPerm );
                    Contract.Assert( unionPerm == null || PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                }
            }
            
            return pset;
        }
 public PermissionSet Intersect(PermissionSet other)
 {
     if (((other == null) || other.FastIsEmpty()) || this.FastIsEmpty())
     {
         return null;
     }
     int num = (this.m_permSet == null) ? -1 : this.m_permSet.GetMaxUsedIndex();
     int num2 = (other.m_permSet == null) ? -1 : other.m_permSet.GetMaxUsedIndex();
     int num3 = (num < num2) ? num : num2;
     if (this.IsUnrestricted() && (num3 < num2))
     {
         num3 = num2;
         this.CheckSet();
     }
     if (other.IsUnrestricted() && (num3 < num))
     {
         num3 = num;
         other.CheckSet();
     }
     PermissionSet set = new PermissionSet(false);
     if (num3 > -1)
     {
         set.m_permSet = new TokenBasedSet();
     }
     for (int i = 0; i <= num3; i++)
     {
         object item = this.m_permSet.GetItem(i);
         IPermission permission = item as IPermission;
         ISecurityElementFactory child = item as ISecurityElementFactory;
         object obj3 = other.m_permSet.GetItem(i);
         IPermission target = obj3 as IPermission;
         ISecurityElementFactory factory2 = obj3 as ISecurityElementFactory;
         if ((item != null) || (obj3 != null))
         {
             if ((child != null) && (factory2 != null))
             {
                 bool copy = true;
                 bool flag2 = true;
                 SecurityElement parent = new SecurityElement("PermissionIntersection");
                 parent.AddAttribute("class", factory2.Attribute("class"));
                 if (this.IsUnrestricted())
                 {
                     SecurityElement element2 = new SecurityElement("PermissionUnrestrictedUnion");
                     element2.AddAttribute("class", child.Attribute("class"));
                     SafeChildAdd(element2, child, true);
                     flag2 = false;
                     child = element2;
                 }
                 if (other.IsUnrestricted())
                 {
                     SecurityElement element3 = new SecurityElement("PermissionUnrestrictedUnion");
                     element3.AddAttribute("class", factory2.Attribute("class"));
                     SafeChildAdd(element3, factory2, true);
                     copy = false;
                     factory2 = element3;
                 }
                 SafeChildAdd(parent, factory2, copy);
                 SafeChildAdd(parent, child, flag2);
                 set.m_permSet.SetItem(i, parent);
             }
             else if (item == null)
             {
                 if (this.m_Unrestricted)
                 {
                     if (factory2 != null)
                     {
                         SecurityElement element4 = new SecurityElement("PermissionUnrestrictedIntersection");
                         element4.AddAttribute("class", factory2.Attribute("class"));
                         SafeChildAdd(element4, factory2, true);
                         set.m_permSet.SetItem(i, element4);
                     }
                     else if (target != null)
                     {
                         PermissionToken token = (PermissionToken) PermissionToken.s_tokenSet.GetItem(i);
                         if ((token.m_type & PermissionTokenType.IUnrestricted) != 0)
                         {
                             set.m_permSet.SetItem(i, target.Copy());
                         }
                     }
                 }
             }
             else if (obj3 == null)
             {
                 if (other.m_Unrestricted)
                 {
                     if (child != null)
                     {
                         SecurityElement element5 = new SecurityElement("PermissionUnrestrictedIntersection");
                         element5.AddAttribute("class", child.Attribute("class"));
                         SafeChildAdd(element5, child, true);
                         set.m_permSet.SetItem(i, element5);
                     }
                     else if (permission != null)
                     {
                         PermissionToken token2 = (PermissionToken) PermissionToken.s_tokenSet.GetItem(i);
                         if ((token2.m_type & PermissionTokenType.IUnrestricted) != 0)
                         {
                             set.m_permSet.SetItem(i, permission.Copy());
                         }
                     }
                 }
             }
             else
             {
                 IPermission permission3;
                 if (child != null)
                 {
                     permission = this.CreatePermission(child, i);
                 }
                 if (factory2 != null)
                 {
                     target = other.CreatePermission(factory2, i);
                 }
                 if (permission == null)
                 {
                     permission3 = target;
                 }
                 else if (target == null)
                 {
                     permission3 = permission;
                 }
                 else
                 {
                     permission3 = permission.Intersect(target);
                 }
                 set.m_permSet.SetItem(i, permission3);
             }
         }
     }
     set.m_Unrestricted = this.m_Unrestricted && other.m_Unrestricted;
     if (set.FastIsEmpty())
     {
         return null;
     }
     return set;
 }
        internal bool IsSubsetOfHelper(PermissionSet target, IsSubsetOfType type, out IPermission firstPermThatFailed, bool ignoreNonCas)
        {
            firstPermThatFailed = null;
            if ((target == null) || target.FastIsEmpty())
            {
                if (this.IsEmpty())
                {
                    return true;
                }
                firstPermThatFailed = this.GetFirstPerm();
                return false;
            }
            if (this.IsUnrestricted() && !target.IsUnrestricted())
            {
                return false;
            }
            if (this.m_permSet != null)
            {
                target.CheckSet();
                for (int i = this.m_permSet.GetStartingIndex(); i <= this.m_permSet.GetMaxUsedIndex(); i++)
                {
                    IPermission permission = this.GetPermission(i);
                    if ((permission != null) && !permission.IsSubsetOf(null))
                    {
                        IPermission permission2 = target.GetPermission(i);
                        if (!target.m_Unrestricted)
                        {
                            CodeAccessPermission permission3 = permission as CodeAccessPermission;
                            if (permission3 == null)
                            {
                                if (!ignoreNonCas && !permission.IsSubsetOf(permission2))
                                {
                                    firstPermThatFailed = permission;
                                    return false;
                                }
                                continue;
                            }
                            firstPermThatFailed = permission;
                            switch (type)
                            {
                                case IsSubsetOfType.Normal:
                                    if (permission.IsSubsetOf(permission2))
                                    {
                                        break;
                                    }
                                    return false;

                                case IsSubsetOfType.CheckDemand:
                                    if (permission3.CheckDemand((CodeAccessPermission) permission2))
                                    {
                                        break;
                                    }
                                    return false;

                                case IsSubsetOfType.CheckPermitOnly:
                                    if (permission3.CheckPermitOnly((CodeAccessPermission) permission2))
                                    {
                                        break;
                                    }
                                    return false;

                                case IsSubsetOfType.CheckAssertion:
                                    if (permission3.CheckAssert((CodeAccessPermission) permission2))
                                    {
                                        break;
                                    }
                                    return false;
                            }
                            firstPermThatFailed = null;
                        }
                    }
                }
            }
            return true;
        }
 internal void InplaceIntersect(PermissionSet other)
 {
     Exception exception = null;
     this.m_CheckedForNonCas = false;
     if (this != other)
     {
         if ((other == null) || other.FastIsEmpty())
         {
             this.Reset();
         }
         else if (!this.FastIsEmpty())
         {
             int num = (this.m_permSet == null) ? -1 : this.m_permSet.GetMaxUsedIndex();
             int num2 = (other.m_permSet == null) ? -1 : other.m_permSet.GetMaxUsedIndex();
             if (this.IsUnrestricted() && (num < num2))
             {
                 num = num2;
                 this.CheckSet();
             }
             if (other.IsUnrestricted())
             {
                 other.CheckSet();
             }
             for (int i = 0; i <= num; i++)
             {
                 object item = this.m_permSet.GetItem(i);
                 IPermission permission = item as IPermission;
                 ISecurityElementFactory child = item as ISecurityElementFactory;
                 object obj3 = other.m_permSet.GetItem(i);
                 IPermission target = obj3 as IPermission;
                 ISecurityElementFactory factory2 = obj3 as ISecurityElementFactory;
                 if ((item != null) || (obj3 != null))
                 {
                     if ((child != null) && (factory2 != null))
                     {
                         if (child.GetTag().Equals("PermissionIntersection") || child.GetTag().Equals("PermissionUnrestrictedIntersection"))
                         {
                             SafeChildAdd((SecurityElement) child, factory2, true);
                         }
                         else
                         {
                             bool copy = true;
                             if (this.IsUnrestricted())
                             {
                                 SecurityElement element = new SecurityElement("PermissionUnrestrictedUnion");
                                 element.AddAttribute("class", child.Attribute("class"));
                                 SafeChildAdd(element, child, false);
                                 child = element;
                             }
                             if (other.IsUnrestricted())
                             {
                                 SecurityElement element2 = new SecurityElement("PermissionUnrestrictedUnion");
                                 element2.AddAttribute("class", factory2.Attribute("class"));
                                 SafeChildAdd(element2, factory2, true);
                                 factory2 = element2;
                                 copy = false;
                             }
                             SecurityElement parent = new SecurityElement("PermissionIntersection");
                             parent.AddAttribute("class", child.Attribute("class"));
                             SafeChildAdd(parent, child, false);
                             SafeChildAdd(parent, factory2, copy);
                             this.m_permSet.SetItem(i, parent);
                         }
                     }
                     else if (item == null)
                     {
                         if (this.IsUnrestricted())
                         {
                             if (factory2 != null)
                             {
                                 SecurityElement element4 = new SecurityElement("PermissionUnrestrictedIntersection");
                                 element4.AddAttribute("class", factory2.Attribute("class"));
                                 SafeChildAdd(element4, factory2, true);
                                 this.m_permSet.SetItem(i, element4);
                             }
                             else
                             {
                                 PermissionToken token = (PermissionToken) PermissionToken.s_tokenSet.GetItem(i);
                                 if ((token.m_type & PermissionTokenType.IUnrestricted) != 0)
                                 {
                                     this.m_permSet.SetItem(i, target.Copy());
                                 }
                             }
                         }
                     }
                     else if (obj3 == null)
                     {
                         if (other.IsUnrestricted())
                         {
                             if (child != null)
                             {
                                 SecurityElement element5 = new SecurityElement("PermissionUnrestrictedIntersection");
                                 element5.AddAttribute("class", child.Attribute("class"));
                                 SafeChildAdd(element5, child, false);
                                 this.m_permSet.SetItem(i, element5);
                             }
                             else
                             {
                                 PermissionToken token2 = (PermissionToken) PermissionToken.s_tokenSet.GetItem(i);
                                 if ((token2.m_type & PermissionTokenType.IUnrestricted) == 0)
                                 {
                                     this.m_permSet.SetItem(i, null);
                                 }
                             }
                         }
                         else
                         {
                             this.m_permSet.SetItem(i, null);
                         }
                     }
                     else
                     {
                         if (child != null)
                         {
                             permission = this.CreatePermission(child, i);
                         }
                         if (factory2 != null)
                         {
                             target = other.CreatePermission(factory2, i);
                         }
                         try
                         {
                             IPermission permission3;
                             if (permission == null)
                             {
                                 permission3 = target;
                             }
                             else if (target == null)
                             {
                                 permission3 = permission;
                             }
                             else
                             {
                                 permission3 = permission.Intersect(target);
                             }
                             this.m_permSet.SetItem(i, permission3);
                         }
                         catch (Exception exception2)
                         {
                             if (exception == null)
                             {
                                 exception = exception2;
                             }
                         }
                     }
                 }
             }
             this.m_Unrestricted = this.m_Unrestricted && other.m_Unrestricted;
             if (exception != null)
             {
                 throw exception;
             }
         }
     }
 }
        public PermissionSet Union(PermissionSet other)
        {
            // if other is null or empty, return a clone of myself
            if (other == null || other.FastIsEmpty())
            {
                return this.Copy();
            }
            
            if (this.FastIsEmpty())
            {
                return other.Copy();
            }

            int maxMax = -1;

            PermissionSet pset = new PermissionSet();
            pset.m_Unrestricted = this.m_Unrestricted || other.m_Unrestricted;
            if (pset.m_Unrestricted)
            {
                if (CodeAccessSecurityEngine.DoesFullTrustMeanFullTrust())
                {
                    // FullTrustMeansFullTrust is on...so if the result of Union is unrestricted permset, just return
                    return pset;
                }
                if (this.m_canUnrestrictedOverride && other.m_canUnrestrictedOverride)
                {
                    // Only unrestricted override-able permissions in both this and other ...again, we can return just an unrestricted pset
                    return pset;
                }
                if (other.m_canUnrestrictedOverride)
                {
                    // Only unrestricted override-able permissions in other...cannot null pset.m_permSet, but don't look at other.m_permSet
                    // just copy over this.m_permSet
                    pset.m_permSet = (this.m_permSet != null)? new TokenBasedSet(this.m_permSet): null;
                    return pset;
                }
            }
            
            // degenerate case where we look at both this.m_permSet and other.m_permSet
            this.CheckSet();
            other.CheckSet();
            maxMax = this.m_permSet.GetMaxUsedIndex() > other.m_permSet.GetMaxUsedIndex() ? this.m_permSet.GetMaxUsedIndex() : other.m_permSet.GetMaxUsedIndex();
            pset.m_permSet = new TokenBasedSet();



            for (int i = 0; i <= maxMax; ++i)
            {
                Object thisObj = this.m_permSet.GetItem( i );
                IPermission thisPerm = thisObj as IPermission;
                ISecurityElementFactory thisElem = thisObj as ISecurityElementFactory;
                
                Object otherObj = other.m_permSet.GetItem( i );
                IPermission otherPerm = otherObj as IPermission;
                ISecurityElementFactory otherElem = otherObj as ISecurityElementFactory;

                if (thisObj == null && otherObj == null)
                    continue;

                if (thisElem != null && otherElem != null)
                {
                    SecurityElement newElem;
                    if (this.IsUnrestricted() || other.IsUnrestricted())
                        newElem = new SecurityElement( s_str_PermissionUnrestrictedUnion );
                    else
                        newElem = new SecurityElement( s_str_PermissionUnion );
                    newElem.AddAttribute( "class", thisElem.Attribute( "class" ) );
                    SafeChildAdd( newElem, thisElem, true );
                    SafeChildAdd( newElem, otherElem, true );
                    pset.m_permSet.SetItem( i, newElem );
                }
                else if (thisObj == null)
                {
                    if (otherElem != null)
                    {
                        pset.m_permSet.SetItem( i, otherElem.Copy() );
                        BCLDebug.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                    }
                    else if (otherPerm != null)
                    {
                        PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i );
                        if (((token.m_type & PermissionTokenType.IUnrestricted) == 0) || !pset.m_Unrestricted)
                        {
                            pset.m_permSet.SetItem( i, otherPerm.Copy() );
                            BCLDebug.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                        }
                    }
                }
                else if (otherObj == null)
                {
                    if (thisElem != null)
                    {
                        pset.m_permSet.SetItem( i, thisElem.Copy() );
                    }
                    else if (thisPerm != null)
                    {
                        PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i );
                        if (((token.m_type & PermissionTokenType.IUnrestricted) == 0) || !pset.m_Unrestricted)
                        {
                            pset.m_permSet.SetItem( i, thisPerm.Copy() );
                            BCLDebug.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                        }
                    }
                }
                else
                {
                    if (thisElem != null)
                        thisPerm = this.CreatePermission(thisElem, i);
                    if (otherElem != null)
                        otherPerm = other.CreatePermission(otherElem, i);

                    IPermission unionPerm;
                    if(thisPerm == null)
                        unionPerm = otherPerm;
                    else if(otherPerm == null)
                        unionPerm = thisPerm;
                    else
                        unionPerm = thisPerm.Union( otherPerm );
                    pset.m_permSet.SetItem( i, unionPerm );
                    BCLDebug.Assert( unionPerm == null || PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                }
            }
            
            return pset;
        }
Exemplo n.º 10
0
        public PermissionSet Union(PermissionSet other)
        {
            // if other is null or empty, return a clone of myself
            if (other == null || other.FastIsEmpty())
            {
                return this.Copy();
            }
            
            if (this.FastIsEmpty())
            {
                return other.Copy();
            }

            int maxMax = -1;

            PermissionSet pset = new PermissionSet();
            pset.m_Unrestricted = this.m_Unrestricted || other.m_Unrestricted;
            if (pset.m_Unrestricted)
            {
                // if the result of Union is unrestricted permset, just return
                return pset;
            }
            
            // degenerate case where we look at both this.m_permSet and other.m_permSet
            this.CheckSet();
            other.CheckSet();
            maxMax = this.m_permSet.GetMaxUsedIndex() > other.m_permSet.GetMaxUsedIndex() ? this.m_permSet.GetMaxUsedIndex() : other.m_permSet.GetMaxUsedIndex();
            pset.m_permSet = new TokenBasedSet();



            for (int i = 0; i <= maxMax; ++i)
            {
                Object thisObj = this.m_permSet.GetItem( i );
                IPermission thisPerm = thisObj as IPermission;

                Object otherObj = other.m_permSet.GetItem( i );
                IPermission otherPerm = otherObj as IPermission;

                if (thisObj == null && otherObj == null)
                    continue;

                if (thisObj == null)
                {
                    if (otherPerm != null)
                    {
                        PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i );
                        if (((token.m_type & PermissionTokenType.IUnrestricted) == 0) || !pset.m_Unrestricted)
                        {
                            pset.m_permSet.SetItem( i, otherPerm.Copy() );
                            Debug.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                        }
                    }
                }
                else if (otherObj == null)
                {
                    if (thisPerm != null)
                    {
                        PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i );
                        if (((token.m_type & PermissionTokenType.IUnrestricted) == 0) || !pset.m_Unrestricted)
                        {
                            pset.m_permSet.SetItem( i, thisPerm.Copy() );
                            Debug.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                        }
                    }
                }
                else
                {
                    IPermission unionPerm;
                    if(thisPerm == null)
                        unionPerm = otherPerm;
                    else if(otherPerm == null)
                        unionPerm = thisPerm;
                    else
                        unionPerm = thisPerm.Union( otherPerm );
                    pset.m_permSet.SetItem( i, unionPerm );
                    Debug.Assert( unionPerm == null || PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                }
            }

            return pset;
        }
Exemplo n.º 11
0
        public PermissionSet Intersect(PermissionSet other)
        {
            if (other == null || other.FastIsEmpty() || this.FastIsEmpty())
            {
                return null;
            }

            int thisMax = this.m_permSet == null ? -1 : this.m_permSet.GetMaxUsedIndex();
            int otherMax = other.m_permSet == null ? -1 : other.m_permSet.GetMaxUsedIndex();
            int minMax = thisMax < otherMax ? thisMax : otherMax;

            if (this.IsUnrestricted() && minMax < otherMax)
            {
                minMax = otherMax;
                this.CheckSet();
            }

            if (other.IsUnrestricted() && minMax < thisMax)
            {
                minMax = thisMax;
                other.CheckSet();
            }

            PermissionSet pset = new PermissionSet( false );

            if (minMax > -1)
            {
                pset.m_permSet = new TokenBasedSet();
            }

            for (int i = 0; i <= minMax; ++i)
            {
                Object thisObj = this.m_permSet.GetItem( i );
                IPermission thisPerm = thisObj as IPermission;
                Object otherObj = other.m_permSet.GetItem( i );
                IPermission otherPerm = otherObj as IPermission;

                if (thisObj == null && otherObj == null)
                    continue;

                if (thisObj == null)
                {
                    if (this.m_Unrestricted)
                    {
                        if (otherPerm != null)
                        {
                            PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i );
                            if ((token.m_type & PermissionTokenType.IUnrestricted) != 0)
                            {
                                pset.m_permSet.SetItem( i, otherPerm.Copy() );
                                Debug.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                            }
                        }
                    }
                }
                else if (otherObj == null)
                {
                    if (other.m_Unrestricted)
                    {
                        if (thisPerm != null)
                        {
                            PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i );
                            if ((token.m_type & PermissionTokenType.IUnrestricted) != 0)
                            {
                                pset.m_permSet.SetItem( i, thisPerm.Copy() );
                                Debug.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                            }
                        }
                    }
                }
                else
                {
                    IPermission intersectPerm;
                    if (thisPerm == null)
                        intersectPerm = otherPerm;
                    else if(otherPerm == null)
                        intersectPerm = thisPerm;
                    else
                        intersectPerm = thisPerm.Intersect( otherPerm );
                    pset.m_permSet.SetItem( i, intersectPerm );
                    Debug.Assert( intersectPerm == null || PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                }
            }

            pset.m_Unrestricted = this.m_Unrestricted && other.m_Unrestricted;
            if (pset.FastIsEmpty())
                return null;
            else
                return pset;
        }
Exemplo n.º 12
0
        internal void InplaceIntersect( PermissionSet other )
        {
            Exception savedException = null;
        
            m_CheckedForNonCas = false;
            
            if (this == other)
                return;
            
            if (other == null || other.FastIsEmpty())
            {
                // If the other is empty or null, make this empty.
                Reset();
                return;
            }

            if (this.FastIsEmpty())
                return;

            int maxMax = this.m_permSet == null ? -1 : this.m_permSet.GetMaxUsedIndex();
            int otherMax = other.m_permSet == null ? -1 : other.m_permSet.GetMaxUsedIndex();

            if (this.IsUnrestricted() && maxMax < otherMax)
            {
                maxMax = otherMax;
                this.CheckSet();
            }
                
            if (other.IsUnrestricted())
            {
                other.CheckSet();
            }
                
            for (int i = 0; i <= maxMax; ++i)
            {
                Object thisObj = this.m_permSet.GetItem( i );
                IPermission thisPerm = thisObj as IPermission;

                Object otherObj = other.m_permSet.GetItem( i );
                IPermission otherPerm = otherObj as IPermission;

                if (thisObj == null && otherObj == null)
                    continue;

                if (thisObj == null)
                {
                    // There is no object in <this>, so intersection is empty except for IUnrestrictedPermissions
                    if (this.IsUnrestricted())
                    {
                        {
                            PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i );
                            if ((token.m_type & PermissionTokenType.IUnrestricted) != 0)
                            {
                                this.m_permSet.SetItem( i, otherPerm.Copy() );
                                Debug.Assert( PermissionToken.s_tokenSet.GetItem( i ) != null, "PermissionToken should already be assigned" );
                            }
                        }
                    }
                }
                else if (otherObj == null)
                {
                    if (other.IsUnrestricted())
                    {
                        {
                            PermissionToken token = (PermissionToken)PermissionToken.s_tokenSet.GetItem( i );
                            if ((token.m_type & PermissionTokenType.IUnrestricted) == 0)
                                this.m_permSet.SetItem( i, null );
                        }
                    }
                    else
                    {
                        this.m_permSet.SetItem( i, null );
                    }
                }
                else
                {
                    try
                    {
                        IPermission intersectPerm;
                        if (thisPerm == null)
                            intersectPerm = otherPerm;
                        else if(otherPerm == null)
                            intersectPerm = thisPerm;
                        else
                            intersectPerm = thisPerm.Intersect( otherPerm );
                        this.m_permSet.SetItem( i, intersectPerm );
                    }
                    catch (Exception e)
                    {
                        if (savedException == null)
                            savedException = e;
                    }
                }
            }

            this.m_Unrestricted = this.m_Unrestricted && other.m_Unrestricted;

            if (savedException != null)
                throw savedException;
        }