public void DefaultConstructor () { Evidence evidence = new Evidence (); AssertEquals ("Default constructor count should be zero", evidence.Count, 0); AssertEquals ("Default constructor host enumerator MoveNext() should be false", evidence.GetHostEnumerator().MoveNext(), false); AssertEquals ("Default constructor assembly enumerator MoveNext() should be false", evidence.GetAssemblyEnumerator().MoveNext(), false); AssertEquals ("Default constructor enumerator MoveNext() should be false", evidence.GetEnumerator().MoveNext(), false); }
internal static char[] MakeEvidenceArray( Evidence evidence, bool verbose ) { // We only support caching on our built-in evidence types (excluding hash b/c it would // make our caching scheme just match up the same assembly from the same location which // doesn't gain us anything). IEnumerator enumerator = evidence.GetEnumerator(); int requiredLength = 0; while (enumerator.MoveNext()) { IBuiltInEvidence obj = enumerator.Current as IBuiltInEvidence; if (obj == null) return null; requiredLength += obj.GetRequiredSize(verbose); } enumerator.Reset(); char[] buffer = new char[requiredLength]; int position = 0; while (enumerator.MoveNext()) { position = ((IBuiltInEvidence)enumerator.Current).OutputToBuffer( buffer, position, verbose ); } return buffer; }
public PermissionSet Resolve(Evidence evidence, PermissionSet request) { #if _DEBUG if (debug) { DEBUG_OUT("PolicyManager::Resolve"); IEnumerator evidenceEnumerator = evidence.GetEnumerator(); DEBUG_OUT("Evidence:"); while (evidenceEnumerator.MoveNext()) { Object obj = evidenceEnumerator.Current; if (obj is Site) { DEBUG_OUT( ((Site)obj).ToXml().ToString() ); } else if (obj is Zone) { DEBUG_OUT( ((Zone)obj).ToXml().ToString() ); } else if (obj is Url) { DEBUG_OUT( ((Url)obj).ToXml().ToString() ); } else if (obj is StrongName) { DEBUG_OUT( ((StrongName)obj).ToXml().ToString() ); } else if (obj is PermissionRequestEvidence) { DEBUG_OUT( ((PermissionRequestEvidence)obj).ToXml().ToString() ); } } } #endif // We set grant to null to represent "AllPossible" PermissionSet grant = null; PolicyStatement policy; PolicyLevel currentLevel = null; IEnumerator levelEnumerator = m_levels.GetEnumerator(); char[] serializedEvidence = MakeEvidenceArray( evidence, false ); int count = evidence.Count; bool testApplicationLevels = false; while (levelEnumerator.MoveNext()) { currentLevel = (PolicyLevel)levelEnumerator.Current; policy = currentLevel.Resolve( evidence, count, serializedEvidence ); // If the grant is "AllPossible", the intersection is just the other permission set. // Otherwise, do an inplace intersection (since we know we can alter the grant set since // it is a copy of the first policy statement's permission set). if (grant == null) { grant = policy.PermissionSet; } else { // An exception somewhere in here means that a permission // failed some operation. This simply means that it will be // dropped from the grant set which is safe operation that // can be ignored. try { grant.InplaceIntersect( policy.GetPermissionSetNoCopy() ); } catch (Exception) { } } #if _DEBUG if (debug) { DEBUG_OUT( "Level = " + currentLevel.Label ); DEBUG_OUT( "policy =\n" + policy.ToXml().ToString() ); DEBUG_OUT( "grant so far =\n" + grant.ToXml().ToString() ); } #endif if (grant.IsEmpty()) { break; } else if ((policy.Attributes & PolicyStatementAttribute.LevelFinal) == PolicyStatementAttribute.LevelFinal) { if (!currentLevel.Label.Equals( "AppDomain" )) { testApplicationLevels = true; } break; } } if (testApplicationLevels) { PolicyLevel appDomainLevel = null; for (int i = m_levels.Count - 1; i >= 0; --i) { currentLevel = (PolicyLevel)m_levels[i]; if (currentLevel.Label.Equals( "AppDomain" )) { appDomainLevel = currentLevel; break; } } if (appDomainLevel != null) { policy = appDomainLevel.Resolve( evidence, count, serializedEvidence ); grant.InplaceIntersect( policy.GetPermissionSetNoCopy() ); } } #if _DEBUG if (debug) { DEBUG_OUT( "granted =\n" + grant.ToString() ); DEBUG_OUT( "request =\n" + (request != null ? request.ToString() : "<null>") ); DEBUG_OUT( "awarded =\n" + (request != null ? grant.Intersect( request ).ToString() : grant.ToString()) ); } #endif try { if(request != null) grant.InplaceIntersect( request ); } catch (Exception) { } #if _DEBUG if (debug) { DEBUG_OUT("granted after intersect w/ request =\n" + grant.ToString()); } #endif // Each piece of evidence can possibly create an identity permission that we // need to add to our grant set. Therefore, for all pieces of evidence that // implement the IIdentityPermissionFactory interface, ask it for its // adjoining identity permission and add it to the grant. IEnumerator enumerator = evidence.GetHostEnumerator(); while (enumerator.MoveNext()) { try { Object obj = enumerator.Current; IIdentityPermissionFactory factory = obj as IIdentityPermissionFactory; if (factory != null) { IPermission perm = factory.CreateIdentityPermission( evidence ); if (perm != null) { grant.AddPermission( perm ); } } } catch (Exception) { } } #if _DEBUG if (debug) { DEBUG_OUT( "awarded with identity =\n" + grant.ToString() ); } #endif return grant; }
public void EnumeratorReset () { object[] hostarray = { "host-1", "host-2", "host-3", "host-4" }; object[] asmbarray = { "asmb-1", "asmb-2", "asmb-3", "asmb-4" }; ArrayList compare = new ArrayList (); Evidence evidence = new Evidence (hostarray, asmbarray); compare.AddRange (hostarray); compare.AddRange (asmbarray); int i = 0; IEnumerator enumerator = evidence.GetEnumerator (); while (enumerator.MoveNext ()) { Assert.AreEqual (enumerator.Current, compare[i++]); } enumerator.Reset (); i = 0; while (enumerator.MoveNext ()) { Assert.AreEqual (enumerator.Current, compare[i++]); } }