///////////////////////////////////////////////////////////////////////
public static bool IsApproved(
IPolicyContext policyContext
)
{
if ((policyContext != null) && IsApproved(policyContext.Decision))
{
return(true);
}
return(false);
}
private static ReturnCode Class0PolicyCallback( /* POLICY */
Interpreter interpreter, /* in */
IClientData clientData, /* in */
ArgumentList arguments, /* in */
ref Result result /* out */
)
{
//
// NOTE: We only want to make policy decisions for our own command;
// therefore, use the appropriate helper method provided by
// the interpreter. This method also allows us to easily
// extract the policy context data required to make command
// execution decisions.
//
IPolicyContext policyContext = null;
bool match = false;
if (Utility.ExtractPolicyContextAndCommand(interpreter,
clientData, typeof(Class0), 0, ref policyContext,
ref match, ref result) == ReturnCode.Ok)
{
if (match)
{
//
// NOTE: If necessary, create a new random policy decision
// maker to allow this policy to easily demonstrate
// the effects of both the "approved" and "denied"
// decisions.
//
if (random == null)
{
random = new Random();
}
//
// NOTE: Get a random integer; even numbers result in a
// policy approval and odd numbers result in policy
// denial.
//
if ((random.Next() % 2) == 0)
{
policyContext.Approved("random number is even");
}
else
{
policyContext.Denied("random number is odd");
}
}
return(ReturnCode.Ok);
}
return(ReturnCode.Error);
}
public static ReturnCode PolicyCallback( /* POLICY */
Interpreter interpreter,
IClientData clientData,
ArgumentList arguments,
ref Result result
)
{
IPolicyContext policyContext = null;
bool match = false;
if (Utility.ExtractPolicyContextAndCommand(
interpreter, clientData, null, 0, ref policyContext,
ref match, ref result) == ReturnCode.Ok)
{
if (match)
{
//
// NOTE: Fetch the reference to the Cmdlet itself that we
// smuggled in via the named opaque object handle
// that was prearranged with the base cmdlet itself.
//
_Cmdlets.Script script = null;
if (GetCmdlet(interpreter,
ref script, ref result) == ReturnCode.Ok)
{
//
// NOTE: Grab the interpreter host, if any.
//
IInteractiveHost interactiveHost = interpreter.Host;
//
// NOTE: If the interpreter host is available, use the
// title as the caption; otherwise, we will use
// the hard-coded default.
//
string processCaption = (interactiveHost != null) ?
interactiveHost.Title : null;
//
// NOTE: If the caption is null or empty, use the
// hard-coded default.
//
if (String.IsNullOrEmpty(processCaption))
{
processCaption = _Constants.Policy.ProcessCaption;
}
//
// NOTE: Build the description of the operation for
// "What-If" and "Verbose" modes.
//
string verboseDescription = String.Format(
_Constants.Policy.VerboseDescription, arguments);
//
// NOTE: Grab the command name from the argument list
// because we need to present it to the user in
// the confirmation query.
//
string commandName = (arguments.Count > 0) ?
arguments[0] : null;
//
// NOTE: Build the confirmation query to present to
// the user.
//
string verboseWarning = String.Format(
_Constants.Policy.VerboseWarning, commandName,
arguments);
//
// TODO: *TEST* Verify that this works correctly and
// has the expected semantics.
//
if (ShouldProcess(script, verboseDescription,
verboseWarning, processCaption))
{
//
// NOTE: If the interpreter host is available, use
// the title as the caption; otherwise, we
// will use the hard-coded default.
//
string continueCaption = (interactiveHost != null) ?
interactiveHost.Title : null;
//
// NOTE: If the caption is null or empty, use the
// hard-coded default.
//
if (String.IsNullOrEmpty(continueCaption))
{
continueCaption = _Constants.Policy.ContinueCaption;
}
//
// NOTE: Build the re-confirmation query to present
// to the user.
//
string query = String.Format(
_Constants.Policy.Query, verboseWarning);
//
// NOTE: If we are in "force" mode or the user
// allows us to continue then do so;
// otherwise, do nothing and the command will
// be allowed/denied based on the other
// policies, if any. In the event that there
// are no other policies present, the command
// will not be allowed to execute.
//
// BUGFIX: Cannot ask user when not interactive.
//
if (script.Force ||
ShouldContinue(script, query, continueCaption,
ref yesToAll, ref noToAll))
{
//
// NOTE: The user has explicitly approved the
// command execution.
//
policyContext.Approved();
}
else if (script.Deny)
{
//
// BUGFIX: Must explicitly deny to override the
// built-in policies (e.g. for [info],
// [object], etc).
//
policyContext.Denied();
}
}
else if (script.Deny)
{
//
// BUGFIX: Must explicitly deny to override the
// built-in policies (e.g. for [info],
// [object], etc).
//
policyContext.Denied();
}
//
// NOTE: The policy checking has been successful;
// however, this does not necessarily mean
// that we allow the command to be executed.
//
return(ReturnCode.Ok);
}
}
else
{
result = "policyContext does not contain a command object";
}
}
return(ReturnCode.Error);
}
