2 // System.Security.CodeAccessPermission.cs
5 // Miguel de Icaza (miguel@ximian.com)
6 // Nick Drochak, ndrochak@gol.com
7 // Sebastien Pouliot <sebastien@ximian.com>
9 // (C) Ximian, Inc. http://www.ximian.com
10 // Copyright (C) 2001 Nick Drochak, All Rights Reserved
11 // Portions (C) 2004 Motus Technologies Inc. (http://www.motus.com)
12 // Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
14 // Permission is hereby granted, free of charge, to any person obtaining
15 // a copy of this software and associated documentation files (the
16 // "Software"), to deal in the Software without restriction, including
17 // without limitation the rights to use, copy, modify, merge, publish,
18 // distribute, sublicense, and/or sell copies of the Software, and to
19 // permit persons to whom the Software is furnished to do so, subject to
20 // the following conditions:
22 // The above copyright notice and this permission notice shall be
23 // included in all copies or substantial portions of the Software.
25 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
26 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
27 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
28 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
29 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
30 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
31 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
34 using System.Diagnostics;
35 using System.Globalization;
36 using System.Reflection;
37 using System.Runtime.CompilerServices;
38 using System.Runtime.InteropServices;
39 using System.Security.Permissions;
40 using System.Threading;
42 namespace System.Security {
45 [SecurityPermission (SecurityAction.InheritanceDemand, ControlEvidence = true, ControlPolicy = true)]
46 public abstract class CodeAccessPermission : IPermission, ISecurityEncodable, IStackWalk {
48 protected CodeAccessPermission ()
52 [MonoTODO ("Imperative mode isn't supported")]
55 new PermissionSet (this).Assert ();
58 internal bool CheckAssert (CodeAccessPermission asserted)
62 if (asserted.GetType () != this.GetType ())
64 return IsSubsetOf (asserted);
67 internal bool CheckDemand (CodeAccessPermission target)
71 if (target.GetType () != this.GetType ())
73 return IsSubsetOf (target);
76 internal bool CheckDeny (CodeAccessPermission denied)
80 if (denied.GetType () != this.GetType ())
82 return (Intersect (denied) == null);
85 internal bool CheckPermitOnly (CodeAccessPermission target)
89 if (target.GetType () != this.GetType ())
91 return IsSubsetOf (target);
94 public abstract IPermission Copy ();
96 [MonoTODO ("Imperative Assert, Deny and PermitOnly aren't yet supported")]
99 // note: here we're sure it's a CAS demand
100 if (!SecurityManager.SecurityEnabled)
103 // skip frames until we get the caller (of our caller)
104 new PermissionSet (this).CasOnlyDemand (3);
107 [MonoTODO ("Imperative mode isn't supported")]
110 new PermissionSet (this).Deny ();
115 public override bool Equals (object obj)
119 if (obj.GetType () != this.GetType ())
121 CodeAccessPermission cap = (obj as CodeAccessPermission);
122 return (IsSubsetOf (cap) && cap.IsSubsetOf (this));
126 public abstract void FromXml (SecurityElement elem);
130 public override int GetHashCode ()
132 return base.GetHashCode ();
136 public abstract IPermission Intersect (IPermission target);
138 public abstract bool IsSubsetOf (IPermission target);
140 public override string ToString ()
142 SecurityElement elem = ToXml ();
143 return elem.ToString ();
146 public abstract SecurityElement ToXml ();
148 public virtual IPermission Union (IPermission other)
151 throw new System.NotSupportedException (); // other is not null.
155 [MonoTODO ("Imperative mode isn't supported")]
156 public void PermitOnly ()
158 new PermissionSet (this).PermitOnly ();
161 [MonoTODO ("Imperative mode isn't supported")]
162 public static void RevertAll ()
164 if (!SecurityManager.SecurityEnabled)
167 SecurityFrame sf = new SecurityFrame (1);
169 if ((sf.Assert != null) && !sf.Assert.DeclarativeSecurity) {
172 throw new NotSupportedException ("Currently only declarative Assert are supported.");
174 if ((sf.Deny != null) && !sf.Deny.DeclarativeSecurity) {
177 throw new NotSupportedException ("Currently only declarative Deny are supported.");
179 if ((sf.PermitOnly != null) && sf.PermitOnly.DeclarativeSecurity) {
182 throw new NotSupportedException ("Currently only declarative PermitOnly are supported.");
186 string msg = Locale.GetText ("No stack modifiers are present on the current stack frame.");
187 // FIXME: we don't (yet) support imperative stack modifiers
188 msg += Environment.NewLine + "Currently only declarative stack modifiers are supported.";
189 throw new ExecutionEngineException (msg);
193 [MonoTODO ("Imperative mode isn't supported")]
194 public static void RevertAssert ()
196 if (!SecurityManager.SecurityEnabled)
199 SecurityFrame sf = new SecurityFrame (1);
200 if ((sf.Assert != null) && !sf.Assert.DeclarativeSecurity) {
202 throw new NotSupportedException ("Currently only declarative Assert are supported.");
204 // we can't revert declarative security (or an empty frame) imperatively
205 ThrowExecutionEngineException (SecurityAction.Assert);
209 [MonoTODO ("Imperative mode isn't supported")]
210 public static void RevertDeny ()
212 if (!SecurityManager.SecurityEnabled)
215 SecurityFrame sf = new SecurityFrame (1);
216 if ((sf.Deny != null) && !sf.Deny.DeclarativeSecurity) {
218 throw new NotSupportedException ("Currently only declarative Deny are supported.");
220 // we can't revert declarative security (or an empty frame) imperatively
221 ThrowExecutionEngineException (SecurityAction.Deny);
225 [MonoTODO ("Imperative mode isn't supported")]
226 public static void RevertPermitOnly ()
228 if (!SecurityManager.SecurityEnabled)
231 SecurityFrame sf = new SecurityFrame (1);
232 if ((sf.PermitOnly != null) && sf.PermitOnly.DeclarativeSecurity) {
234 throw new NotSupportedException ("Currently only declarative PermitOnly are supported.");
236 // we can't revert declarative security (or an empty frame) imperatively
237 ThrowExecutionEngineException (SecurityAction.PermitOnly);
241 // Internal helpers methods
243 // snippet moved from FileIOPermission (nickd) to be reused in all derived classes
244 internal SecurityElement Element (int version)
246 SecurityElement se = new SecurityElement ("IPermission");
247 Type type = this.GetType ();
248 se.AddAttribute ("class", type.FullName + ", " + type.Assembly.ToString ().Replace ('\"', '\''));
249 se.AddAttribute ("version", version.ToString ());
253 internal static PermissionState CheckPermissionState (PermissionState state, bool allowUnrestricted)
257 case PermissionState.None:
259 case PermissionState.Unrestricted:
260 if (!allowUnrestricted) {
261 msg = Locale.GetText ("Unrestricted isn't not allowed for identity permissions.");
262 throw new ArgumentException (msg, "state");
266 msg = String.Format (Locale.GetText ("Invalid enum {0}"), state);
267 throw new ArgumentException (msg, "state");
272 internal static int CheckSecurityElement (SecurityElement se, string parameterName, int minimumVersion, int maximumVersion)
275 throw new ArgumentNullException (parameterName);
277 // Tag is case-sensitive
278 if (se.Tag != "IPermission") {
279 string msg = String.Format (Locale.GetText ("Invalid tag {0}"), se.Tag);
280 throw new ArgumentException (msg, parameterName);
283 // Note: we do not care about the class attribute at
284 // this stage (in fact we don't even if the class
285 // attribute is present or not). Anyway the object has
286 // already be created, with success, if we're loading it
288 // we assume minimum version if no version number is supplied
289 int version = minimumVersion;
290 string v = se.Attribute ("version");
293 version = Int32.Parse (v);
295 catch (Exception e) {
296 string msg = Locale.GetText ("Couldn't parse version from '{0}'.");
297 msg = String.Format (msg, v);
298 throw new ArgumentException (msg, parameterName, e);
302 if ((version < minimumVersion) || (version > maximumVersion)) {
303 string msg = Locale.GetText ("Unknown version '{0}', expected versions between ['{1}','{2}'].");
304 msg = String.Format (msg, version, minimumVersion, maximumVersion);
305 throw new ArgumentException (msg, parameterName);
310 // must be called after CheckSecurityElement (i.e. se != null)
311 internal static bool IsUnrestricted (SecurityElement se)
313 string value = se.Attribute ("Unrestricted");
316 return (String.Compare (value, Boolean.TrueString, true, CultureInfo.InvariantCulture) == 0);
319 internal bool ProcessFrame (SecurityFrame frame)
321 // 1. CheckPermitOnly
322 if (frame.PermitOnly != null) {
323 // the demanded permission must be in one of the permitted...
325 foreach (IPermission p in frame.PermitOnly) {
326 if (CheckPermitOnly (p as CodeAccessPermission)) {
332 // ...or else we throw
333 ThrowSecurityException (this, "PermitOnly", frame, SecurityAction.Demand, null);
338 if (frame.Deny != null) {
339 // special case where everything is denied (i.e. no child to be processed)
340 if (frame.Deny.IsUnrestricted ())
341 ThrowSecurityException (this, "Deny", frame, SecurityAction.Demand, null);
342 foreach (IPermission p in frame.Deny) {
343 if (!CheckDeny (p as CodeAccessPermission))
344 ThrowSecurityException (this, "Deny", frame, SecurityAction.Demand, p);
349 if (frame.Assert != null) {
350 foreach (IPermission p in frame.Assert) {
351 if (CheckAssert (p as CodeAccessPermission)) {
352 // FIXME: partial asserts
353 return true; // stop the stack walk
358 // continue the stack walk
362 internal static void ThrowInvalidPermission (IPermission target, Type expected)
364 string msg = Locale.GetText ("Invalid permission type '{0}', expected type '{1}'.");
365 msg = String.Format (msg, target.GetType (), expected);
366 throw new ArgumentException (msg, "target");
369 internal static void ThrowExecutionEngineException (SecurityAction stackmod)
371 string msg = Locale.GetText ("No {0} modifier is present on the current stack frame.");
372 // FIXME: we don't (yet) support imperative stack modifiers
373 msg += Environment.NewLine + "Currently only declarative stack modifiers are supported.";
374 throw new ExecutionEngineException (String.Format (msg, stackmod));
377 internal static void ThrowSecurityException (object demanded, string message, SecurityFrame frame,
378 SecurityAction action, IPermission failed)
380 Assembly a = frame.Assembly;
381 throw new SecurityException (Locale.GetText (message),
382 a.UnprotectedGetName (), a.GrantedPermissionSet,
383 a.DeniedPermissionSet, frame.Method, action, demanded,
384 failed, a.UnprotectedGetEvidence ());