mcs/class/corlib/System.Security/SecurityContext.cs

   1 //
   2 // System.Security.SecurityContext class
   3 //
   4 // Author:
   5 //      Sebastien Pouliot  <sebastien@ximian.com>
   6 //
   7 // Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
   8 //
   9 // Permission is hereby granted, free of charge, to any person obtaining
  10 // a copy of this software and associated documentation files (the
  11 // "Software"), to deal in the Software without restriction, including
  12 // without limitation the rights to use, copy, modify, merge, publish,
  13 // distribute, sublicense, and/or sell copies of the Software, and to
  14 // permit persons to whom the Software is furnished to do so, subject to
  15 // the following conditions:
  16 //
  17 // The above copyright notice and this permission notice shall be
  18 // included in all copies or substantial portions of the Software.
  19 //
  20 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  21 // EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  22 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
  23 // NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
  24 // LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
  25 // OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
  26 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  27 //
  28
  29 using System.Runtime.InteropServices;
  30 using System.Security.Permissions;
  31 using System.Security.Principal;
  32 using System.Threading;
  33
  34 namespace System.Security {
  35
  36         public sealed class SecurityContext
  37 #if NET_4_0
  38                 : IDisposable
  39 #endif
  40         {
  41                 private bool _capture;
  42                 private IntPtr _winid;
  43                 private CompressedStack _stack;
  44                 private bool _suppressFlowWindowsIdentity;
  45                 private bool _suppressFlow;
  46
  47                 internal SecurityContext ()
  48                 {
  49                 }
  50
  51                 // copy constructor
  52                 internal SecurityContext (SecurityContext sc)
  53                 {
  54                         _capture = true;
  55 #if !MOBILE
  56                         _winid = sc._winid;
  57                         if (sc._stack != null)
  58                                 _stack = sc._stack.CreateCopy ();
  59 #endif
  60                 }
  61
  62                 public SecurityContext CreateCopy ()
  63                 {
  64                         if (!_capture)
  65                                 throw new InvalidOperationException ();
  66
  67                         return new SecurityContext (this);
  68                 }
  69
  70                 // static methods
  71
  72                 static public SecurityContext Capture ()
  73                 {
  74                         SecurityContext sc = Thread.CurrentThread.ExecutionContext.SecurityContext;
  75                         if (sc.FlowSuppressed)
  76                                 return null;
  77
  78                         SecurityContext capture = new SecurityContext ();
  79                         capture._capture = true;
  80 #if !MOBILE
  81                         capture._winid = WindowsIdentity.GetCurrentToken ();
  82                         capture._stack = CompressedStack.Capture ();
  83 #endif
  84                         return capture;
  85                 }
  86
  87 #if NET_4_0
  88                 public void Dispose ()
  89                 {
  90                 }
  91 #endif
  92
  93                 // internal stuff
  94
  95                 internal bool FlowSuppressed {
  96                         get { return _suppressFlow; }
  97                         set { _suppressFlow = value; }
  98                 }
  99
 100                 internal bool WindowsIdentityFlowSuppressed {
 101                         get { return _suppressFlowWindowsIdentity; }
 102                         set { _suppressFlowWindowsIdentity = value; }
 103                 }
 104
 105                 internal CompressedStack CompressedStack {
 106                         get { return _stack; }
 107                         set { _stack = value; }
 108                 }
 109
 110                 internal IntPtr IdentityToken {
 111                         get { return _winid; }
 112                         set { _winid = value; }
 113                 }
 114
 115                 // Suppressing the SecurityContext flow wasn't required before 2.0
 116
 117                 static public bool IsFlowSuppressed ()
 118                 {
 119                         return Thread.CurrentThread.ExecutionContext.SecurityContext.FlowSuppressed;
 120                 }
 121
 122                 static public bool IsWindowsIdentityFlowSuppressed ()
 123                 {
 124                         return Thread.CurrentThread.ExecutionContext.SecurityContext.WindowsIdentityFlowSuppressed;
 125                 }
 126
 127                 static public void RestoreFlow ()
 128                 {
 129                         SecurityContext sc = Thread.CurrentThread.ExecutionContext.SecurityContext;
 130                         // if nothing is suppressed then throw
 131                         if (!sc.FlowSuppressed && !sc.WindowsIdentityFlowSuppressed)
 132                                 throw new InvalidOperationException ();
 133
 134                         sc.FlowSuppressed = false;
 135                         sc.WindowsIdentityFlowSuppressed = false;
 136                 }
 137
 138                 // if you got the context then you can use it
 139                 [SecurityPermission (SecurityAction.Assert, ControlPrincipal = true)]
 140                 [SecurityPermission (SecurityAction.LinkDemand, Infrastructure = true)]
 141                 static public void Run (SecurityContext securityContext, ContextCallback callback, object state)
 142                 {
 143                         if (securityContext == null) {
 144                                 throw new InvalidOperationException (Locale.GetText (
 145                                         "Null SecurityContext"));
 146                         }
 147 #if MOBILE
 148                         callback (state);
 149 #else
 150                         SecurityContext sc = Thread.CurrentThread.ExecutionContext.SecurityContext;
 151                         IPrincipal original = Thread.CurrentPrincipal;
 152                         try {
 153                                 if (sc.IdentityToken != IntPtr.Zero) {
 154                                         Thread.CurrentPrincipal = new WindowsPrincipal (new WindowsIdentity (sc.IdentityToken));
 155                                 }
 156
 157                                 // FIXME: is the security manager isn't active then we may not have
 158                                 // a compressed stack (bug #78652)
 159                                 if (securityContext.CompressedStack != null)
 160                                         CompressedStack.Run (securityContext.CompressedStack, callback, state);
 161                                 else
 162                                         callback (state);
 163                         }
 164                         finally {
 165                                 if ((original != null) && (sc.IdentityToken != IntPtr.Zero))
 166                                         Thread.CurrentPrincipal = original;
 167                         }
 168 #endif
 169                 }
 170
 171                 [SecurityPermission (SecurityAction.LinkDemand, Infrastructure = true)]
 172                 static public AsyncFlowControl SuppressFlow ()
 173                 {
 174                         Thread t = Thread.CurrentThread;
 175                         // suppress both flows
 176                         t.ExecutionContext.SecurityContext.FlowSuppressed = true;
 177                         t.ExecutionContext.SecurityContext.WindowsIdentityFlowSuppressed = true;
 178                         return new AsyncFlowControl (t, AsyncFlowControlType.Security);
 179                 }
 180
 181                 static public AsyncFlowControl SuppressFlowWindowsIdentity ()
 182                 {
 183                         Thread t = Thread.CurrentThread;
 184                         t.ExecutionContext.SecurityContext.WindowsIdentityFlowSuppressed = true;
 185                         return new AsyncFlowControl (t, AsyncFlowControlType.Security);
 186                 }
 187         }
 188 }