static void DemanAspNetProvidersPermissions(ServiceHost host)
{
bool demand = false;
foreach (IServiceBehavior behavior in host.Description.Behaviors)
{
if (behavior is ServiceCredentials)
{
ServiceCredentials credentialsBehavior = behavior as ServiceCredentials;
if (credentialsBehavior.UserNameAuthentication.UserNamePasswordValidationMode == UserNamePasswordValidationMode.MembershipProvider)
{
demand = true;
break;
}
}
if (behavior is ServiceAuthorizationBehavior)
{
ServiceAuthorizationBehavior serviceAuthorization = behavior as ServiceAuthorizationBehavior;
if (serviceAuthorization.PrincipalPermissionMode == PrincipalPermissionMode.UseAspNetRoles && Roles.Enabled)
{
demand = true;
break;
}
}
}
if (demand)
{
IPermission permission = new AspNetHostingPermission(AspNetHostingPermissionLevel.Minimal);
permission.Demand();
}
}
public void Union_None()
{
// Union with none is same
AspNetHostingPermission pp1 = new AspNetHostingPermission(PermissionState.None);
AspNetHostingPermission pp2 = new AspNetHostingPermission(PermissionState.None);
AspNetHostingPermission union = null;
foreach (AspNetHostingPermissionLevel ppl in AllLevelExceptUnrestricted)
{
pp2.Level = ppl;
union = (AspNetHostingPermission)pp1.Union(pp2);
Assert.IsFalse(union.IsUnrestricted(), "target.Unrestricted " + ppl.ToString());
Assert.AreEqual(ppl, union.Level, "target.Level " + ppl.ToString());
union = (AspNetHostingPermission)pp2.Union(pp1);
Assert.IsFalse(union.IsUnrestricted(), "source.Unrestricted " + ppl.ToString());
Assert.AreEqual(ppl, union.Level, "source.Level " + ppl.ToString());
}
pp2.Level = AspNetHostingPermissionLevel.Unrestricted;
union = (AspNetHostingPermission)pp1.Union(pp2);
Assert.IsTrue(union.IsUnrestricted(), "target.Unrestricted Unrestricted");
Assert.AreEqual(AspNetHostingPermissionLevel.Unrestricted, union.Level, "target.Level Unrestricted");
union = (AspNetHostingPermission)pp2.Union(pp1);
Assert.IsTrue(union.IsUnrestricted(), "source.Unrestricted Unrestricted");
Assert.AreEqual(AspNetHostingPermissionLevel.Unrestricted, union.Level, "source.Level Unrestricted");
}
private static void GetPermissions()
{
if (!m_Initialized)
{
// test RelectionPermission
CodeAccessPermission securityTest;
try
{
securityTest = new ReflectionPermission(PermissionState.Unrestricted);
securityTest.Demand();
m_ReflectionPermission = true;
}
catch
{
// code access security error
m_ReflectionPermission = false;
}
// test WebPermission
try
{
securityTest = new WebPermission(PermissionState.Unrestricted);
securityTest.Demand();
m_WebPermission = true;
}
catch
{
// code access security error
m_WebPermission = false;
}
// test WebHosting Permission (Full Trust)
try
{
securityTest = new AspNetHostingPermission(AspNetHostingPermissionLevel.Unrestricted);
securityTest.Demand();
m_AspNetHostingPermission = true;
}
catch
{
// code access security error
m_AspNetHostingPermission = false;
}
m_Initialized = true;
// Test for Unmanaged Code permission
try
{
securityTest = new SecurityPermission(SecurityPermissionFlag.UnmanagedCode);
securityTest.Demand();
m_UnManagedCodePermission = true;
}
catch (Exception)
{
m_UnManagedCodePermission = false;
}
}
}
public void ConstructorLevel_Deny_Unrestricted()
{
AspNetHostingPermission p = new AspNetHostingPermission(AspNetHostingPermissionLevel.Unrestricted);
Assert.AreEqual(AspNetHostingPermissionLevel.Unrestricted, p.Level, "Level");
Assert.IsTrue(p.IsUnrestricted(), "IsUnrestricted");
CommonTests(p);
}
public void ConstructorState_Deny_Unrestricted()
{
AspNetHostingPermission p = new AspNetHostingPermission(PermissionState.None);
Assert.AreEqual(AspNetHostingPermissionLevel.None, p.Level, "Level");
Assert.IsFalse(p.IsUnrestricted(), "IsUnrestricted");
CommonTests(p);
}
public void FromXml_WrongVersion()
{
AspNetHostingPermission anhp = new AspNetHostingPermission(PermissionState.None);
SecurityElement se = anhp.ToXml();
se.Attributes.Remove("version");
se.Attributes.Add("version", "2");
anhp.FromXml(se);
}
public void FromXml_NoVersion()
{
AspNetHostingPermission anhp = new AspNetHostingPermission(PermissionState.None);
SecurityElement se = anhp.ToXml();
SecurityElement w = new SecurityElement(se.Tag);
w.AddAttribute("class", se.Attribute("class"));
anhp.FromXml(w);
}
public void FromXml_WrongTagCase()
{
AspNetHostingPermission anhp = new AspNetHostingPermission(PermissionState.None);
SecurityElement se = anhp.ToXml();
se.Tag = "IPERMISSION"; // instead of IPermission
anhp.FromXml(se);
// note: normally IPermission classes (in corlib) DO care about the
// IPermission tag
}
public void Union_Self()
{
AspNetHostingPermission anhp = new AspNetHostingPermission(PermissionState.None);
foreach (AspNetHostingPermissionLevel ppl in AllLevel)
{
anhp.Level = ppl;
AspNetHostingPermission result = (AspNetHostingPermission)anhp.Union(anhp);
Assert.AreEqual(ppl, result.Level, ppl.ToString());
}
}
public void Copy()
{
AspNetHostingPermission anhp = new AspNetHostingPermission(PermissionState.None);
foreach (AspNetHostingPermissionLevel ppl in AllLevel)
{
anhp.Level = ppl;
AspNetHostingPermission copy = (AspNetHostingPermission)anhp.Copy();
Assert.AreEqual(ppl, copy.Level, ppl.ToString());
}
}
public void IsSubset_Self()
{
AspNetHostingPermission anhp = new AspNetHostingPermission(PermissionState.None);
foreach (AspNetHostingPermissionLevel ppl in AllLevel)
{
anhp.Level = ppl;
AspNetHostingPermission result = (AspNetHostingPermission)anhp.Intersect(anhp);
Assert.IsTrue(anhp.IsSubsetOf(anhp), ppl.ToString());
}
}
private void CommonTests(AspNetHostingPermission p)
{
Assert.IsNotNull(p.Copy(), "Copy");
SecurityElement se = p.ToXml();
Assert.IsNotNull(se, "ToXml");
p.FromXml(se);
Assert.IsNotNull(p.Intersect(p), "Intersect");
Assert.IsTrue(p.IsSubsetOf(p), "IsSubsetOf");
Assert.IsNotNull(p.Union(p), "Union");
}
public void IsSubset_Null()
{
AspNetHostingPermission anhp = new AspNetHostingPermission(PermissionState.None);
Assert.IsTrue(anhp.IsSubsetOf(null), "NoLevel");
foreach (AspNetHostingPermissionLevel ppl in AllLevelExceptNone)
{
anhp.Level = ppl;
Assert.IsFalse(anhp.IsSubsetOf(null), ppl.ToString());
}
}
public void FromXml_NoClass()
{
AspNetHostingPermission anhp = new AspNetHostingPermission(PermissionState.None);
SecurityElement se = anhp.ToXml();
SecurityElement w = new SecurityElement(se.Tag);
w.AddAttribute("version", se.Attribute("version"));
anhp.FromXml(w);
// note: normally IPermission classes (in corlib) DO NOT care about
// attribute "class" name presence in the XML
}
public void Union_Null()
{
AspNetHostingPermission anhp = new AspNetHostingPermission(PermissionState.None);
// Union with null is a simple copy
foreach (AspNetHostingPermissionLevel ppl in AllLevel)
{
anhp.Level = ppl;
AspNetHostingPermission union = (AspNetHostingPermission)anhp.Union(null);
Assert.AreEqual(ppl, union.Level, ppl.ToString());
}
}
public void Default()
{
AspNetHostingPermissionAttribute a = new AspNetHostingPermissionAttribute(SecurityAction.Assert);
Assert.AreEqual(a.ToString(), a.TypeId.ToString(), "TypeId");
Assert.IsFalse(a.Unrestricted, "Unrestricted");
Assert.AreEqual(AspNetHostingPermissionLevel.None, a.Level, "AspNetHostingPermissionLevel");
AspNetHostingPermission anhp = (AspNetHostingPermission)a.CreatePermission();
Assert.IsFalse(anhp.IsUnrestricted(), "IsUnrestricted");
}
public void Intersect_Null()
{
AspNetHostingPermission anhp = new AspNetHostingPermission(PermissionState.None);
// No intersection with null
foreach (AspNetHostingPermissionLevel ppl in AllLevel)
{
anhp.Level = ppl;
IPermission p = anhp.Intersect(null);
Assert.IsNull(p, ppl.ToString());
}
}
public void FromXml_WrongClass()
{
AspNetHostingPermission anhp = new AspNetHostingPermission(PermissionState.None);
SecurityElement se = anhp.ToXml();
SecurityElement w = new SecurityElement(se.Tag);
w.AddAttribute("class", "Wrong" + se.Attribute("class"));
w.AddAttribute("version", se.Attribute("version"));
anhp.FromXml(w);
// doesn't care of the class name at that stage
// anyway the class has already be created so...
}
private static bool IsHighlyTrusted()
{
try
{
AspNetHostingPermission permission = new AspNetHostingPermission(AspNetHostingPermissionLevel.High);
permission.Demand();
return(true);
}
catch (SecurityException)
{
return(false);
}
}
static TrustHelper()
{
try
{
var permission = new AspNetHostingPermission(
AspNetHostingPermissionLevel.High);
permission.Demand();
TrustHelper.IsHighlyTrusted = true;
}
catch (SecurityException)
{
TrustHelper.IsHighlyTrusted = false;
}
}
public void Unrestricted()
{
AspNetHostingPermissionAttribute a = new AspNetHostingPermissionAttribute(SecurityAction.Assert);
a.Unrestricted = true;
AspNetHostingPermission anhp = (AspNetHostingPermission)a.CreatePermission();
Assert.IsTrue(anhp.IsUnrestricted(), "IsUnrestricted");
Assert.AreEqual(AspNetHostingPermissionLevel.None, a.Level, "None");
a.Unrestricted = false;
anhp = (AspNetHostingPermission)a.CreatePermission();
Assert.IsFalse(anhp.IsUnrestricted(), "!IsUnrestricted");
}
public static void AspNetHostingPermissionCallMethods()
{
AspNetHostingPermission ap = new AspNetHostingPermission(new PermissionState());
AspNetHostingPermissionLevel level = ap.Level;
IPermission other = new AspNetHostingPermission(level);
bool isunrestricted = ap.IsUnrestricted();
other = ap.Copy();
other = ap.Union(other);
other = ap.Intersect(other);
bool isSubsetOf = ap.IsSubsetOf(other);
SecurityElement se = ap.ToXml();
ap.FromXml(se);
}
public void Intersect_None()
{
AspNetHostingPermission sp1 = new AspNetHostingPermission(PermissionState.None);
AspNetHostingPermission sp2 = new AspNetHostingPermission(PermissionState.None);
foreach (AspNetHostingPermissionLevel ppl in AllLevel)
{
sp2.Level = ppl;
// 1. Intersect None with ppl
AspNetHostingPermission result = (AspNetHostingPermission)sp1.Intersect(sp2);
Assert.AreEqual(AspNetHostingPermissionLevel.None, result.Level, "None N " + ppl.ToString());
// 2. Intersect ppl with None
result = (AspNetHostingPermission)sp2.Intersect(sp1);
Assert.AreEqual(AspNetHostingPermissionLevel.None, result.Level, ppl.ToString() + "N None");
}
}
public void Intersect_Null()
{
AspNetHostingPermission anhp = new AspNetHostingPermission(PermissionState.None);
// No intersection with null
foreach (AspNetHostingPermissionLevel ppl in AllLevel)
{
anhp.Level = ppl;
IPermission p = anhp.Intersect(null);
#if !NET_2_0
if (p != null)
{
Assert.Ignore("Behaviour changed in FX 1.1 SP1");
}
#endif
Assert.IsNull(p, ppl.ToString());
}
}
public void PermissionState_None()
{
PermissionState ps = PermissionState.None;
AspNetHostingPermission anhp = new AspNetHostingPermission(ps);
Assert.AreEqual(AspNetHostingPermissionLevel.None, anhp.Level, "Level");
Assert.IsFalse(anhp.IsUnrestricted(), "IsUnrestricted");
SecurityElement se = anhp.ToXml();
// only class and version are present
Assert.AreEqual("None", se.Attribute("Level"), "Xml-Level");
Assert.IsNull(se.Children, "Xml-Children");
AspNetHostingPermission copy = (AspNetHostingPermission)anhp.Copy();
Assert.IsFalse(Object.ReferenceEquals(anhp, copy), "ReferenceEquals");
Assert.AreEqual(anhp.Level, copy.Level, "Level");
Assert.AreEqual(anhp.IsUnrestricted(), copy.IsUnrestricted(), "IsUnrestricted ()");
}
private static void GetPermissions()
{
if (!m_Initialized)
{
// test RelectionPermission
System.Security.CodeAccessPermission securityTest;
try
{
securityTest = new ReflectionPermission(PermissionState.Unrestricted);
securityTest.Demand();
m_ReflectionPermission = true;
}
catch
{
m_ReflectionPermission = false;
}
// test WebPermission
try
{
securityTest = new System.Net.WebPermission(PermissionState.Unrestricted);
securityTest.Demand();
m_WebPermission = true;
}
catch
{
m_WebPermission = false;
}
// test WebHosting Permission (Full Trust)
try
{
securityTest = new AspNetHostingPermission(AspNetHostingPermissionLevel.Unrestricted);
securityTest.Demand();
m_AspNetHostingPermission = true;
}
catch
{
m_AspNetHostingPermission = false;
}
m_Initialized = true;
}
}
public void Intersect_Unrestricted()
{
// Intersection with unrestricted == Copy
// a. source (this) is unrestricted
AspNetHostingPermission sp1 = new AspNetHostingPermission(PermissionState.Unrestricted);
AspNetHostingPermission sp2 = new AspNetHostingPermission(PermissionState.None);
foreach (AspNetHostingPermissionLevel ppl in AllLevel)
{
sp2.Level = ppl;
AspNetHostingPermission result = (AspNetHostingPermission)sp1.Intersect(sp2);
Assert.AreEqual(sp2.Level, result.Level, "target " + ppl.ToString());
}
// b. destination (target) is unrestricted
foreach (AspNetHostingPermissionLevel ppl in AllLevel)
{
sp2.Level = ppl;
AspNetHostingPermission result = (AspNetHostingPermission)sp2.Intersect(sp1);
Assert.AreEqual(sp2.Level, result.Level, "source " + ppl.ToString());
}
}
public void Union_Unrestricted()
{
// Union with unrestricted is unrestricted
AspNetHostingPermission sp1 = new AspNetHostingPermission(PermissionState.Unrestricted);
AspNetHostingPermission sp2 = new AspNetHostingPermission(PermissionState.None);
// a. source (this) is unrestricted
foreach (AspNetHostingPermissionLevel ppl in AllLevel)
{
sp2.Level = ppl;
AspNetHostingPermission union = (AspNetHostingPermission)sp1.Union(sp2);
Assert.IsTrue(union.IsUnrestricted(), "target " + ppl.ToString());
}
// b. destination (target) is unrestricted
foreach (AspNetHostingPermissionLevel ppl in AllLevel)
{
sp2.Level = ppl;
AspNetHostingPermission union = (AspNetHostingPermission)sp2.Union(sp1);
Assert.IsTrue(union.IsUnrestricted(), "source " + ppl.ToString());
}
}
public void PermissionState_Unrestricted()
{
PermissionState ps = PermissionState.Unrestricted;
AspNetHostingPermission anhp = new AspNetHostingPermission(ps);
Assert.AreEqual(AspNetHostingPermissionLevel.Unrestricted, anhp.Level, "Level");
Assert.IsTrue(anhp.IsUnrestricted(), "IsUnrestricted");
SecurityElement se = anhp.ToXml();
// fixed in 2.0 RC
Assert.IsNotNull(se.Attribute("Unrestricted"), "Xml-Unrestricted");
Assert.AreEqual("Unrestricted", se.Attribute("Level"), "Xml-Level");
Assert.IsNull(se.Children, "Xml-Children");
AspNetHostingPermission copy = (AspNetHostingPermission)anhp.Copy();
Assert.IsFalse(Object.ReferenceEquals(anhp, copy), "ReferenceEquals");
Assert.AreEqual(anhp.Level, copy.Level, "Level");
Assert.AreEqual(anhp.IsUnrestricted(), copy.IsUnrestricted(), "IsUnrestricted ()");
}
private static bool IsHighlyTrusted()
{
#if NET_1_0
//
// ASP.NET 1.0 applications always required and ran under full
// trust so we just return true here.
//
return(true);
#else
try
{
AspNetHostingPermission permission = new AspNetHostingPermission(AspNetHostingPermissionLevel.High);
permission.Demand();
return(true);
}
catch (SecurityException)
{
return(false);
}
#endif
}
