2 // System.Security.Permissions.ResourcePermissionBase.cs
5 // Jonathan Pryor (jonpryor@vt.edu)
6 // Sebastien Pouliot <sebastien@ximian.com>
9 // Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
11 // Permission is hereby granted, free of charge, to any person obtaining
12 // a copy of this software and associated documentation files (the
13 // "Software"), to deal in the Software without restriction, including
14 // without limitation the rights to use, copy, modify, merge, publish,
15 // distribute, sublicense, and/or sell copies of the Software, and to
16 // permit persons to whom the Software is furnished to do so, subject to
17 // the following conditions:
19 // The above copyright notice and this permission notice shall be
20 // included in all copies or substantial portions of the Software.
22 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
23 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
24 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
25 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
26 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
27 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
28 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
31 using System.Collections;
32 using System.Globalization;
34 namespace System.Security.Permissions {
37 public abstract class ResourcePermissionBase : CodeAccessPermission, IUnrestrictedPermission {
39 private const int version = 1;
41 private ArrayList _list;
42 private bool _unrestricted;
44 private string[] _tags;
46 protected ResourcePermissionBase ()
48 _list = new ArrayList ();
51 protected ResourcePermissionBase (PermissionState state) : this ()
53 PermissionHelper.CheckPermissionState (state, true);
54 _unrestricted = (state == PermissionState.Unrestricted);
57 public const string Any = "*";
58 public const string Local = ".";
60 protected Type PermissionAccessType {
64 throw new ArgumentNullException ("PermissionAccessType");
66 throw new ArgumentException ("!Enum", "PermissionAccessType");
71 protected string[] TagNames {
75 throw new ArgumentNullException ("TagNames");
76 if (value.Length == 0)
77 throw new ArgumentException ("Length==0", "TagNames");
82 protected void AddPermissionAccess (ResourcePermissionBaseEntry entry)
86 string msg = Locale.GetText ("Entry already exists.");
87 throw new InvalidOperationException (msg);
93 protected void Clear ()
98 public override IPermission Copy ()
100 ResourcePermissionBase copy = CreateFromType (this.GetType (), _unrestricted);
102 copy._tags = (string[]) _tags.Clone ();
104 // FIXME: shallow or deep copy ?
105 copy._list.AddRange (_list);
109 [MonoTODO ("incomplete - need more test")]
110 public override void FromXml (SecurityElement securityElement)
112 if (securityElement == null)
113 throw new ArgumentNullException ("securityElement");
114 CheckSecurityElement (securityElement, "securityElement", version, version);
115 // Note: we do not (yet) care about the return value
116 // as we only accept version 1 (min/max values)
119 _unrestricted = PermissionHelper.IsUnrestricted (securityElement);
120 if ((securityElement.Children == null) || (securityElement.Children.Count < 1))
123 string[] names = new string [1];
124 foreach (SecurityElement child in securityElement.Children) {
125 // TODO: handle multiple names
126 names [0] = child.Attribute ("name");
127 int access = (int) Enum.Parse (PermissionAccessType, child.Attribute ("access"));
128 ResourcePermissionBaseEntry entry = new ResourcePermissionBaseEntry (access, names);
129 AddPermissionAccess (entry);
133 protected ResourcePermissionBaseEntry[] GetPermissionEntries ()
135 ResourcePermissionBaseEntry[] entries = new ResourcePermissionBaseEntry [_list.Count];
136 _list.CopyTo (entries, 0);
140 public override IPermission Intersect (IPermission target)
142 ResourcePermissionBase rpb = Cast (target);
146 bool su = this.IsUnrestricted ();
147 bool tu = rpb.IsUnrestricted ();
149 // if one is empty we return null (unless the other one is unrestricted)
150 if (IsEmpty () && !tu)
152 if (rpb.IsEmpty () && !su)
155 ResourcePermissionBase result = CreateFromType (this.GetType (), (su && tu));
156 foreach (ResourcePermissionBaseEntry entry in _list) {
157 if (tu || rpb.Exists (entry))
158 result.AddPermissionAccess (entry);
160 foreach (ResourcePermissionBaseEntry entry in rpb._list) {
162 if ((su || this.Exists (entry)) && !result.Exists (entry))
163 result.AddPermissionAccess (entry);
168 public override bool IsSubsetOf (IPermission target)
170 if (target == null) {
171 // do not use Cast - different permissions (and earlier Fx) return false :-/
175 ResourcePermissionBase rpb = (target as ResourcePermissionBase);
178 if (rpb.IsUnrestricted ())
180 if (IsUnrestricted ())
181 return rpb.IsUnrestricted ();
182 foreach (ResourcePermissionBaseEntry entry in _list) {
183 if (!rpb.Exists (entry))
189 public bool IsUnrestricted ()
191 return _unrestricted;
194 protected void RemovePermissionAccess (ResourcePermissionBaseEntry entry)
197 for (int i = 0; i < _list.Count; i++) {
198 ResourcePermissionBaseEntry rpbe = (ResourcePermissionBaseEntry) _list [i];
199 if (Equals (entry, rpbe)) {
204 string msg = Locale.GetText ("Entry doesn't exists.");
205 throw new InvalidOperationException (msg);
208 public override SecurityElement ToXml ()
210 SecurityElement se = PermissionHelper.Element (this.GetType (), version);
211 if (IsUnrestricted ()) {
212 se.AddAttribute ("Unrestricted", "true");
215 foreach (ResourcePermissionBaseEntry entry in _list) {
216 SecurityElement container = se;
217 string access = null;
218 if (PermissionAccessType != null)
219 access = Enum.Format (PermissionAccessType, entry.PermissionAccess, "g");
221 for (int i=0; i < _tags.Length; i++) {
222 SecurityElement child = new SecurityElement (_tags [i]);
223 child.AddAttribute ("name", entry.PermissionAccessPath [i]);
225 child.AddAttribute ("access", access);
226 container.AddChild (child);
234 public override IPermission Union (IPermission target)
236 ResourcePermissionBase rpb = Cast (target);
239 if (IsEmpty () && rpb.IsEmpty ())
246 bool unrestricted = (IsUnrestricted () || rpb.IsUnrestricted ());
247 ResourcePermissionBase result = CreateFromType (this.GetType (), unrestricted);
248 // strangely unrestricted union doesn't process the elements (while intersect does)
250 foreach (ResourcePermissionBaseEntry entry in _list) {
251 result.AddPermissionAccess (entry);
253 foreach (ResourcePermissionBaseEntry entry in rpb._list) {
255 if (!result.Exists (entry))
256 result.AddPermissionAccess (entry);
264 private bool IsEmpty ()
266 return (!_unrestricted && (_list.Count == 0));
269 private ResourcePermissionBase Cast (IPermission target)
274 ResourcePermissionBase rp = (target as ResourcePermissionBase);
276 PermissionHelper.ThrowInvalidPermission (target, typeof (ResourcePermissionBase));
282 internal void CheckEntry (ResourcePermissionBaseEntry entry)
285 throw new ArgumentNullException ("entry");
286 if ((entry.PermissionAccessPath == null) || (entry.PermissionAccessPath.Length != _tags.Length)) {
287 string msg = Locale.GetText ("Entry doesn't match TagNames");
288 throw new InvalidOperationException (msg);
292 internal bool Equals (ResourcePermissionBaseEntry entry1, ResourcePermissionBaseEntry entry2)
294 if (entry1.PermissionAccess != entry2.PermissionAccess)
296 if (entry1.PermissionAccessPath.Length != entry2.PermissionAccessPath.Length)
298 for (int i=0; i < entry1.PermissionAccessPath.Length; i++) {
299 if (entry1.PermissionAccessPath [i] != entry2.PermissionAccessPath [i])
305 internal bool Exists (ResourcePermissionBaseEntry entry)
307 if (_list.Count == 0)
309 foreach (ResourcePermissionBaseEntry rpbe in _list) {
310 if (Equals (rpbe, entry))
316 // logic isn't identical to PermissionHelper.CheckSecurityElement
317 // - no throw on version mismatch
318 internal int CheckSecurityElement (SecurityElement se, string parameterName, int minimumVersion, int maximumVersion)
321 throw new ArgumentNullException (parameterName);
322 // Tag is case-sensitive
323 if (se.Tag != "IPermission") {
324 string msg = String.Format (Locale.GetText ("Invalid tag {0}"), se.Tag);
325 throw new ArgumentException (msg, parameterName);
327 // Note: we do not care about the class attribute at
328 // this stage (in fact we don't even if the class
329 // attribute is present or not). Anyway the object has
330 // already be created, with success, if we're loading it
332 // we assume minimum version if no version number is supplied
333 int version = minimumVersion;
334 string v = se.Attribute ("version");
337 version = Int32.Parse (v);
339 catch (Exception e) {
340 string msg = Locale.GetText ("Couldn't parse version from '{0}'.");
341 msg = String.Format (msg, v);
342 throw new ArgumentException (msg, parameterName, e);
345 if ((version < minimumVersion) || (version > maximumVersion)) {
346 string msg = Locale.GetText ("Unknown version '{0}', expected versions between ['{1}','{2}'].");
347 msg = String.Format (msg, version, minimumVersion, maximumVersion);
348 throw new ArgumentException (msg, parameterName);
355 private static char[] invalidChars = new char[] { '\t', '\n', '\v', '\f', '\r', ' ', '\\', '\x160' };
357 internal static void ValidateMachineName (string name)
359 // FIXME: maybe other checks are required (but not documented)
360 if ((name == null) || (name.Length == 0) || (name.IndexOfAny (invalidChars) != -1)) {
361 string msg = Locale.GetText ("Invalid machine name '{0}'.");
364 msg = String.Format (msg, name);
365 throw new ArgumentException (msg, "MachineName");
369 internal static ResourcePermissionBase CreateFromType (Type type, bool unrestricted)
371 object[] parameters = new object [1];
372 parameters [0] = (object) ((unrestricted) ? PermissionState.Unrestricted : PermissionState.None);
373 // we must return the derived type - this is why an empty constructor is required ;-)
374 return (ResourcePermissionBase) Activator.CreateInstance (type, parameters);