mcs/class/corlib/System.Security/SecurityContext.cs

   1 //
   2 // System.Security.SecurityContext class
   3 //
   4 // Author:
   5 //      Sebastien Pouliot  <sebastien@ximian.com>
   6 //
   7 // Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
   8 //
   9 // Permission is hereby granted, free of charge, to any person obtaining
  10 // a copy of this software and associated documentation files (the
  11 // "Software"), to deal in the Software without restriction, including
  12 // without limitation the rights to use, copy, modify, merge, publish,
  13 // distribute, sublicense, and/or sell copies of the Software, and to
  14 // permit persons to whom the Software is furnished to do so, subject to
  15 // the following conditions:
  16 //
  17 // The above copyright notice and this permission notice shall be
  18 // included in all copies or substantial portions of the Software.
  19 //
  20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
  24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  27 //
  28
  29 using System.Runtime.InteropServices;
  30 using System.Security.Permissions;
  31 using System.Security.Principal;
  32 using System.Threading;
  33
  34 namespace System.Security {
  35
  36         public sealed class SecurityContext
  37 #if NET_4_0
  38                 : IDisposable
  39 #endif
  40         {
  41                 private bool _capture;
  42                 private IntPtr _winid;
  43
  44 #if !MOBILE
  45                 private CompressedStack _stack;
  46 #endif
  47                 private bool _suppressFlowWindowsIdentity;
  48                 private bool _suppressFlow;
  49
  50                 internal SecurityContext ()
  51                 {
  52                 }
  53
  54                 // copy constructor
  55                 internal SecurityContext (SecurityContext sc)
  56                 {
  57                         _capture = true;
  58 #if !MOBILE
  59                         _winid = sc._winid;
  60                         if (sc._stack != null)
  61                                 _stack = sc._stack.CreateCopy ();
  62 #endif
  63                 }
  64
  65                 public SecurityContext CreateCopy ()
  66                 {
  67                         if (!_capture)
  68                                 throw new InvalidOperationException ();
  69
  70                         return new SecurityContext (this);
  71                 }
  72
  73                 // static methods
  74
  75                 static public SecurityContext Capture ()
  76                 {
  77 #if !MOBILE
  78                         SecurityContext sc = Thread.CurrentThread.ExecutionContext.SecurityContext;
  79                         if (sc.FlowSuppressed)
  80                                 return null;
  81 #endif
  82
  83                         SecurityContext capture = new SecurityContext ();
  84                         capture._capture = true;
  85 #if !MOBILE
  86                         capture._winid = WindowsIdentity.GetCurrentToken ();
  87                         capture._stack = CompressedStack.Capture ();
  88 #endif
  89                         return capture;
  90                 }
  91
  92 #if NET_4_0
  93                 public void Dispose ()
  94                 {
  95                 }
  96 #endif
  97
  98                 // internal stuff
  99
 100                 internal bool FlowSuppressed {
 101                         get { return _suppressFlow; }
 102                         set { _suppressFlow = value; }
 103                 }
 104
 105                 internal bool WindowsIdentityFlowSuppressed {
 106                         get { return _suppressFlowWindowsIdentity; }
 107                         set { _suppressFlowWindowsIdentity = value; }
 108                 }
 109
 110 #if !MOBILE
 111                 internal CompressedStack CompressedStack {
 112                         get { return _stack; }
 113                         set { _stack = value; }
 114                 }
 115 #endif
 116
 117                 internal IntPtr IdentityToken {
 118                         get { return _winid; }
 119                         set { _winid = value; }
 120                 }
 121
 122                 // Suppressing the SecurityContext flow wasn't required before 2.0
 123
 124                 static public bool IsFlowSuppressed ()
 125                 {
 126 #if MOBILE
 127                         return false;
 128 #else
 129                         return Thread.CurrentThread.ExecutionContext.SecurityContext.FlowSuppressed;
 130 #endif
 131                 }
 132
 133                 static public bool IsWindowsIdentityFlowSuppressed ()
 134                 {
 135 #if MOBILE
 136                         return false;
 137 #else
 138                         return Thread.CurrentThread.ExecutionContext.SecurityContext.WindowsIdentityFlowSuppressed;
 139 #endif
 140                 }
 141
 142                 static public void RestoreFlow ()
 143                 {
 144 #if !MOBILE
 145                         SecurityContext sc = Thread.CurrentThread.ExecutionContext.SecurityContext;
 146                         // if nothing is suppressed then throw
 147                         if (!sc.FlowSuppressed && !sc.WindowsIdentityFlowSuppressed)
 148                                 throw new InvalidOperationException ();
 149
 150                         sc.FlowSuppressed = false;
 151                         sc.WindowsIdentityFlowSuppressed = false;
 152 #endif
 153                 }
 154
 155                 // if you got the context then you can use it
 156                 [SecurityPermission (SecurityAction.Assert, ControlPrincipal = true)]
 157                 [SecurityPermission (SecurityAction.LinkDemand, Infrastructure = true)]
 158                 static public void Run (SecurityContext securityContext, ContextCallback callback, object state)
 159                 {
 160                         if (securityContext == null) {
 161                                 throw new InvalidOperationException (Locale.GetText (
 162                                         "Null SecurityContext"));
 163                         }
 164 #if MOBILE
 165                         callback (state);
 166 #else
 167                         SecurityContext sc = Thread.CurrentThread.ExecutionContext.SecurityContext;
 168                         IPrincipal original = Thread.CurrentPrincipal;
 169                         try {
 170                                 if (sc.IdentityToken != IntPtr.Zero) {
 171                                         Thread.CurrentPrincipal = new WindowsPrincipal (new WindowsIdentity (sc.IdentityToken));
 172                                 }
 173
 174                                 // FIXME: is the security manager isn't active then we may not have
 175                                 // a compressed stack (bug #78652)
 176                                 if (securityContext.CompressedStack != null)
 177                                         CompressedStack.Run (securityContext.CompressedStack, callback, state);
 178                                 else
 179                                         callback (state);
 180                         }
 181                         finally {
 182                                 if ((original != null) && (sc.IdentityToken != IntPtr.Zero))
 183                                         Thread.CurrentPrincipal = original;
 184                         }
 185 #endif
 186                 }
 187
 188                 [SecurityPermission (SecurityAction.LinkDemand, Infrastructure = true)]
 189                 static public AsyncFlowControl SuppressFlow ()
 190                 {
 191 #if MOBILE
 192                         throw new NotSupportedException ();
 193 #else
 194                         Thread t = Thread.CurrentThread;
 195                         // suppress both flows
 196                         t.ExecutionContext.SecurityContext.FlowSuppressed = true;
 197                         t.ExecutionContext.SecurityContext.WindowsIdentityFlowSuppressed = true;
 198                         return new AsyncFlowControl (t, AsyncFlowControlType.Security);
 199 #endif
 200                 }
 201
 202                 static public AsyncFlowControl SuppressFlowWindowsIdentity ()
 203                 {
 204 #if MOBILE
 205                         throw new NotSupportedException ();
 206 #else
 207                         Thread t = Thread.CurrentThread;
 208                         t.ExecutionContext.SecurityContext.WindowsIdentityFlowSuppressed = true;
 209                         return new AsyncFlowControl (t, AsyncFlowControlType.Security);
 210 #endif
 211                 }
 212         }
 213 }