namespace System.Security {
[Serializable]
+ [SecurityPermission (SecurityAction.InheritanceDemand, ControlEvidence = true, ControlPolicy = true)]
+ [ComVisible (true)]
+ [MonoTODO ("CAS support is experimental (and unsupported).")]
public abstract class CodeAccessPermission : IPermission, ISecurityEncodable, IStackWalk {
+
protected CodeAccessPermission ()
{
}
- [MonoTODO ("Imperative mode isn't supported")]
+ [MonoTODO ("CAS support is experimental (and unsupported). Imperative mode is not implemented.")]
public void Assert ()
{
new PermissionSet (this).Assert ();
{
if (denied == null)
return true;
- if (denied.GetType () != this.GetType ())
+ Type t = denied.GetType ();
+ if (t != this.GetType ())
+ return true;
+ IPermission inter = Intersect (denied);
+ if (inter == null)
return true;
- return (Intersect (denied) == null);
+ // sadly that's not enough :( at this stage we must also check
+ // if an empty (PermissionState.None) is a subset of the denied
+ // (which is like a empty intersection looks like for flag based
+ // permissions, e.g. AspNetHostingPermission).
+ return denied.IsSubsetOf (PermissionBuilder.Create (t));
}
internal bool CheckPermitOnly (CodeAccessPermission target)
public abstract IPermission Copy ();
- [MonoTODO ("Imperative Assert, Deny and PermitOnly aren't yet supported")]
public void Demand ()
{
// note: here we're sure it's a CAS demand
return;
// skip frames until we get the caller (of our caller)
- new PermissionSet (this).CasOnlyDemand (2);
+ new PermissionSet (this).CasOnlyDemand (3);
}
- [MonoTODO ("Imperative mode isn't supported")]
+ [MonoTODO ("CAS support is experimental (and unsupported). Imperative mode is not implemented.")]
public void Deny ()
{
new PermissionSet (this).Deny ();
}
-#if NET_2_0
[ComVisible (false)]
public override bool Equals (object obj)
{
CodeAccessPermission cap = (obj as CodeAccessPermission);
return (IsSubsetOf (cap) && cap.IsSubsetOf (this));
}
-#endif
public abstract void FromXml (SecurityElement elem);
-#if NET_2_0
[ComVisible (false)]
public override int GetHashCode ()
{
return base.GetHashCode ();
}
-#endif
public abstract IPermission Intersect (IPermission target);
return null;
}
- [MonoTODO ("Imperative mode isn't supported")]
+ [MonoTODO ("CAS support is experimental (and unsupported). Imperative mode is not implemented.")]
public void PermitOnly ()
{
new PermissionSet (this).PermitOnly ();
}
- [MonoTODO ("Imperative mode isn't supported")]
+ [MonoTODO ("CAS support is experimental (and unsupported). Imperative mode is not implemented.")]
public static void RevertAll ()
{
+ if (!SecurityManager.SecurityEnabled)
+ return;
+
SecurityFrame sf = new SecurityFrame (1);
bool revert = false;
if ((sf.Assert != null) && !sf.Assert.DeclarativeSecurity) {
revert = true;
- // TODO
throw new NotSupportedException ("Currently only declarative Assert are supported.");
}
if ((sf.Deny != null) && !sf.Deny.DeclarativeSecurity) {
revert = true;
- // TODO
throw new NotSupportedException ("Currently only declarative Deny are supported.");
}
- if ((sf.PermitOnly != null) && sf.PermitOnly.DeclarativeSecurity) {
+ if ((sf.PermitOnly != null) && !sf.PermitOnly.DeclarativeSecurity) {
revert = true;
- // TODO
throw new NotSupportedException ("Currently only declarative PermitOnly are supported.");
}
}
}
- [MonoTODO ("Imperative mode isn't supported")]
+ [MonoTODO ("CAS support is experimental (and unsupported). Imperative mode is not implemented.")]
public static void RevertAssert ()
{
+ if (!SecurityManager.SecurityEnabled)
+ return;
+
SecurityFrame sf = new SecurityFrame (1);
if ((sf.Assert != null) && !sf.Assert.DeclarativeSecurity) {
- // TODO
throw new NotSupportedException ("Currently only declarative Assert are supported.");
} else {
// we can't revert declarative security (or an empty frame) imperatively
}
}
- [MonoTODO ("Imperative mode isn't supported")]
+ [MonoTODO ("CAS support is experimental (and unsupported). Imperative mode is not implemented.")]
public static void RevertDeny ()
{
+ if (!SecurityManager.SecurityEnabled)
+ return;
+
SecurityFrame sf = new SecurityFrame (1);
if ((sf.Deny != null) && !sf.Deny.DeclarativeSecurity) {
- // TODO
throw new NotSupportedException ("Currently only declarative Deny are supported.");
} else {
// we can't revert declarative security (or an empty frame) imperatively
}
}
- [MonoTODO ("Imperative mode isn't supported")]
+ [MonoTODO ("CAS support is experimental (and unsupported). Imperative mode is not implemented.")]
public static void RevertPermitOnly ()
{
+ if (!SecurityManager.SecurityEnabled)
+ return;
+
SecurityFrame sf = new SecurityFrame (1);
if ((sf.PermitOnly != null) && sf.PermitOnly.DeclarativeSecurity) {
- // TODO
throw new NotSupportedException ("Currently only declarative PermitOnly are supported.");
} else {
// we can't revert declarative security (or an empty frame) imperatively
case PermissionState.None:
break;
case PermissionState.Unrestricted:
- if (!allowUnrestricted) {
- msg = Locale.GetText ("Unrestricted isn't not allowed for identity permissions.");
- throw new ArgumentException (msg, "state");
- }
+ // unrestricted permissions are possible for identiy permissions
break;
default:
msg = String.Format (Locale.GetText ("Invalid enum {0}"), state);
return (String.Compare (value, Boolean.TrueString, true, CultureInfo.InvariantCulture) == 0);
}
- internal bool ProcessFrame (SecurityFrame frame, ref Assembly current)
+ internal bool ProcessFrame (SecurityFrame frame)
{
- // however the "final" grant set is resolved by assembly, so
- // there's no need to check it every time (just when we're
- // changing assemblies between frames).
- if (frame.Assembly != current) {
- current = frame.Assembly;
- // 1. CheckDemand
- if (!SecurityManager.IsGranted (current, this)) {
- ThrowSecurityException (this, "Demand failed assembly permissions checks.",
- current, frame.Method, SecurityAction.Demand, this);
- }
- }
-
- // skip next steps if not Assert, Deny or PermitOnly are present
- if (!frame.HasStackModifiers)
- return false; // continue the stack walk
-
- // 2. CheckPermitOnly
+ // 1. CheckPermitOnly
if (frame.PermitOnly != null) {
- foreach (IPermission p in frame.PermitOnly) {
- if (!CheckPermitOnly (p as CodeAccessPermission))
- ThrowSecurityException (this, "PermitOnly", current, frame.Method, SecurityAction.Demand, p);
+ // the demanded permission must be in one of the permitted...
+ bool permit = frame.PermitOnly.IsUnrestricted ();
+ if (!permit) {
+ // check individual permissions
+ foreach (IPermission p in frame.PermitOnly) {
+ if (CheckPermitOnly (p as CodeAccessPermission)) {
+ permit = true;
+ break;
+ }
+ }
+ }
+ if (!permit) {
+ // ...or else we throw
+ ThrowSecurityException (this, "PermitOnly", frame, SecurityAction.Demand, null);
}
}
- // 3. CheckDeny
+ // 2. CheckDeny
if (frame.Deny != null) {
// special case where everything is denied (i.e. no child to be processed)
if (frame.Deny.IsUnrestricted ())
- ThrowSecurityException (this, "Deny", current, frame.Method, SecurityAction.Demand, null);
+ ThrowSecurityException (this, "Deny", frame, SecurityAction.Demand, null);
foreach (IPermission p in frame.Deny) {
if (!CheckDeny (p as CodeAccessPermission))
- ThrowSecurityException (this, "Deny", current, frame.Method, SecurityAction.Demand, p);
+ ThrowSecurityException (this, "Deny", frame, SecurityAction.Demand, p);
}
}
- // 4. CheckAssert
+ // 3. CheckAssert
if (frame.Assert != null) {
+ if (frame.Assert.IsUnrestricted ())
+ return true; // remove permission and continue stack walk
foreach (IPermission p in frame.Assert) {
- if (!CheckAssert (p as CodeAccessPermission)) {
- // FIXME: partial asserts
- return true; // stop the stack walk
+ if (CheckAssert (p as CodeAccessPermission)) {
+ return true; // remove permission and continue stack walk
}
}
}
throw new ExecutionEngineException (String.Format (msg, stackmod));
}
- internal static void ThrowSecurityException (object demanded, string message, Assembly a, MethodInfo mi, SecurityAction action, IPermission failed)
+ internal static void ThrowSecurityException (object demanded, string message, SecurityFrame frame,
+ SecurityAction action, IPermission failed)
{
+#if NET_2_1
+ throw new SecurityException (message);
+#else
+ Assembly a = frame.Assembly;
throw new SecurityException (Locale.GetText (message),
- a.GetName (), a.GrantedPermissionSet,
- a.DeniedPermissionSet, mi, action, demanded,
- failed, a.Evidence);
+ a.UnprotectedGetName (), a.GrantedPermissionSet,
+ a.DeniedPermissionSet, frame.Method, action, demanded,
+ failed, a.UnprotectedGetEvidence ());
+#endif
}
}
}