3 // Copyright (c) Microsoft Corporation. All rights reserved.
6 // <OWNER>Microsoft</OWNER>
10 using System.Collections;
11 using System.Diagnostics.Contracts;
12 using System.Runtime.Serialization;
14 namespace System.Security
17 /// Read only permission sets are created from explicit XML and cannot be modified after creation time.
18 /// This allows us to round trip the permission set to the same XML that it was originally created
19 /// from - which allows permission sets to be created from XML representing a permission set in a
20 /// previous version of the framework to be deserialized on the current version while still
21 /// serializing back to XML that makes sense on the original framework version.
23 /// Note that while we protect against modifications of the permission set itself (such as adding or
24 /// removing permissions), we do not make any attempt to guard against modification to the permissions
25 /// which are members of the set. Permission accesor APIs always return a copy of the permission in
26 /// question, although it may be mutable depending upon the permission class. If it is mutable, users
27 /// will only be modifing a copy of the permission, and not modifying the state of the
28 /// ReadOnlyPermissionSet.
31 public sealed class ReadOnlyPermissionSet : PermissionSet
33 private SecurityElement m_originXml;
36 private bool m_deserializing;
38 public ReadOnlyPermissionSet(SecurityElement permissionSetXml)
40 if (permissionSetXml == null)
41 throw new ArgumentNullException("permissionSetXml");
43 m_originXml = permissionSetXml.Copy();
44 base.FromXml(m_originXml);
48 private void OnDeserializing(StreamingContext ctx)
50 m_deserializing = true;
54 private void OnDeserialized(StreamingContext ctx)
56 m_deserializing = false;
59 public override bool IsReadOnly
64 public override PermissionSet Copy()
66 return new ReadOnlyPermissionSet(m_originXml);
69 public override SecurityElement ToXml()
71 return m_originXml.Copy();
75 // Permission access methods - since modification to a permission would result in modifying the
76 // underlying permission set, we always ensure that a copy of the permission is returned rather than
77 // the permission itself.
80 protected override IEnumerator GetEnumeratorImpl()
82 return new ReadOnlyPermissionSetEnumerator(base.GetEnumeratorImpl());
85 protected override IPermission GetPermissionImpl(Type permClass)
87 IPermission permission = base.GetPermissionImpl(permClass);
88 return permission != null ? permission.Copy() : null;
92 // Permission set mutation methods - all of these simply reject the attempt to modify the permission
93 // set by throwing an InvalidOperationException
96 protected override IPermission AddPermissionImpl(IPermission perm)
98 throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_ModifyROPermSet"));
101 public override void FromXml(SecurityElement et)
103 // PermissionSet uses FromXml when it deserializes itself - so if we're deserializing, let
104 // the base type recreate its state, otherwise it is invalid to modify a read only permission set
105 // with a FromXml call.
112 throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_ModifyROPermSet"));
116 protected override IPermission RemovePermissionImpl(Type permClass)
118 throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_ModifyROPermSet"));
121 protected override IPermission SetPermissionImpl(IPermission perm)
123 throw new InvalidOperationException(Environment.GetResourceString("InvalidOperation_ModifyROPermSet"));
128 /// Class to enumerate permissions of a read only permission set - returning only copies of the
129 /// permissions in the underlying permission set.
131 internal sealed class ReadOnlyPermissionSetEnumerator : IEnumerator
133 private IEnumerator m_permissionSetEnumerator;
135 internal ReadOnlyPermissionSetEnumerator(IEnumerator permissionSetEnumerator)
137 Contract.Assert(permissionSetEnumerator != null);
138 m_permissionSetEnumerator = permissionSetEnumerator;
141 public object Current
145 IPermission currentPermission = m_permissionSetEnumerator.Current as IPermission;
146 return currentPermission != null ? currentPermission.Copy() : null;
150 public bool MoveNext()
152 return m_permissionSetEnumerator.MoveNext();
157 m_permissionSetEnumerator.Reset();