internal void CheckAssembly(Assembly a, SecurityFrame frame)
{
IPermission p = SecurityManager.CheckPermissionSet(a, this, false);
if (p != null)
{
CodeAccessPermission.ThrowSecurityException(this, "Demand failed assembly permissions checks.",
frame, SecurityAction.Demand, p);
}
}
internal void CheckAppDomain(AppDomain domain, SecurityFrame frame)
{
IPermission p = SecurityManager.CheckPermissionSet(domain, this);
if (p != null)
{
CodeAccessPermission.ThrowSecurityException(this, "Demand failed appdomain permissions checks.",
frame, SecurityAction.Demand, p);
}
}
internal bool ProcessFrame(SecurityFrame frame)
{
if (frame.PermitOnly != null)
{
bool flag = frame.PermitOnly.IsUnrestricted();
if (!flag)
{
foreach (object obj in frame.PermitOnly)
{
IPermission permission = (IPermission)obj;
if (this.CheckPermitOnly(permission as CodeAccessPermission))
{
flag = true;
break;
}
}
}
if (!flag)
{
CodeAccessPermission.ThrowSecurityException(this, "PermitOnly", frame, SecurityAction.Demand, null);
}
}
if (frame.Deny != null)
{
if (frame.Deny.IsUnrestricted())
{
CodeAccessPermission.ThrowSecurityException(this, "Deny", frame, SecurityAction.Demand, null);
}
foreach (object obj2 in frame.Deny)
{
IPermission permission2 = (IPermission)obj2;
if (!this.CheckDeny(permission2 as CodeAccessPermission))
{
CodeAccessPermission.ThrowSecurityException(this, "Deny", frame, SecurityAction.Demand, permission2);
}
}
}
if (frame.Assert != null)
{
if (frame.Assert.IsUnrestricted())
{
return(true);
}
foreach (object obj3 in frame.Assert)
{
IPermission permission3 = (IPermission)obj3;
if (this.CheckAssert(permission3 as CodeAccessPermission))
{
return(true);
}
}
return(false);
}
return(false);
}
internal bool ProcessFrame(SecurityFrame frame, ref Assembly current, ref AppDomain domain)
{
if (IsUnrestricted())
{
// we request unrestricted
if (frame.Deny != null)
{
// but have restrictions (some denied permissions)
CodeAccessPermission.ThrowSecurityException(this, "Deny", frame, SecurityAction.Demand, null);
}
else if ((frame.PermitOnly != null) && !frame.PermitOnly.IsUnrestricted())
{
// but have restrictions (only some permitted permissions)
CodeAccessPermission.ThrowSecurityException(this, "PermitOnly", frame, SecurityAction.Demand, null);
}
}
// skip next steps if no Assert, Deny or PermitOnly are present
if (frame.HasStackModifiers)
{
for (int i = 0; i < list.Count; i++)
{
CodeAccessPermission cap = (CodeAccessPermission)list [i];
if (cap.ProcessFrame(frame))
{
_ignored [i] = true; // asserted
if (AllIgnored())
{
return(true); // no more, abort stack walk!
}
}
}
}
// however the "final" grant set is resolved by assembly, so
// there's no need to check it every time (just when we're
// changing assemblies between frames).
if (frame.Assembly != current)
{
CheckAssembly(current, frame);
current = frame.Assembly;
}
if (frame.Domain != domain)
{
CheckAppDomain(domain, frame);
domain = frame.Domain;
}
return(false);
}
