+//
// System.Security.Policy.CodeGroup
//
-// Author(s):
-// Nick Drochak (ndrochak@gol.com)
+// Authors:
+// Nick Drochak (ndrochak@gol.com)
+// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2001 Nick Drochak, All rights reserved.
-
-//
-// Copyright (C) 2004 Novell, Inc (http://www.novell.com)
+// Copyright (C) 2004-2006 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
using System.Collections;
using System.Globalization;
using System.Reflection;
-using System.Security.Policy;
+using System.Runtime.InteropServices;
using System.Security.Permissions;
-//using System; // for MonoTODO attribute
namespace System.Security.Policy {
[Serializable]
+ [ComVisible (true)]
public abstract class CodeGroup {
- PolicyStatement m_policy = null;
- IMembershipCondition m_membershipCondition = null;
- string m_description = null;
- string m_name = null;
+ PolicyStatement m_policy;
+ IMembershipCondition m_membershipCondition;
+ string m_description;
+ string m_name;
ArrayList m_children = new ArrayList();
- PolicyLevel m_level;
+// PolicyLevel m_level;
- public CodeGroup (IMembershipCondition membershipCondition, PolicyStatement policy)
+ protected CodeGroup (IMembershipCondition membershipCondition, PolicyStatement policy)
{
if (null == membershipCondition)
- throw new ArgumentNullException("Value cannot be null.");
+ throw new ArgumentNullException ("membershipCondition");
- m_policy = policy;
- m_membershipCondition = membershipCondition;
+ if (policy != null)
+ m_policy = policy.Copy ();
+ m_membershipCondition = membershipCondition.Copy ();
}
// for PolicyLevel (to avoid validation duplication)
- internal CodeGroup (SecurityElement e)
+ internal CodeGroup (SecurityElement e, PolicyLevel level)
{
- FromXml (e);
+ FromXml (e, level);
}
// abstract
- public abstract CodeGroup Copy();
- public abstract string MergeLogic {get;}
+ public abstract CodeGroup Copy ();
+
+ public abstract string MergeLogic { get; }
+
public abstract PolicyStatement Resolve (Evidence evidence);
- public abstract CodeGroup ResolveMatchingCodeGroups(Evidence evidence);
- public PolicyStatement PolicyStatement {
+ public abstract CodeGroup ResolveMatchingCodeGroups (Evidence evidence);
- get { return m_policy; }
+ // properties
+ public PolicyStatement PolicyStatement {
+ get { return m_policy; }
set { m_policy = value; }
}
public string Description {
-
get { return m_description; }
-
set { m_description = value; }
}
public IMembershipCondition MembershipCondition {
-
- get {
- return m_membershipCondition;
- }
-
+ get { return m_membershipCondition; }
set {
if (null == value)
- throw new ArgumentException("Value cannot be null");
+ throw new ArgumentException ("value");
m_membershipCondition = value;
}
}
set {
if (null == value)
throw new ArgumentNullException ("value");
- m_children = new ArrayList(value);
+ m_children = new ArrayList (value);
}
}
public virtual string PermissionSetName {
get {
+ if (m_policy == null)
+ return null;
if (m_policy.PermissionSet is Security.NamedPermissionSet)
return ((NamedPermissionSet)(m_policy.PermissionSet)).Name;
return null;
}
}
- public void AddChild(CodeGroup group)
+ public void AddChild (CodeGroup group)
{
if (null == group)
- throw new ArgumentNullException("The group parameter cannot be null");
- m_children.Add(group);
+ throw new ArgumentNullException ("group");
+
+ m_children.Add (group.Copy ());
}
- public override bool Equals(object o)
+ public override bool Equals (object o)
{
- if (!(o is CodeGroup))
+ CodeGroup cg = (o as CodeGroup);
+ if (cg == null)
return false;
- return Equals((CodeGroup)o, false);
+ return Equals (cg, false);
}
- public bool Equals(CodeGroup cg, bool compareChildren)
+ public bool Equals (CodeGroup cg, bool compareChildren)
{
if (cg.Name != this.Name)
return false;
if (cg.Description != this.Description)
return false;
-// FIXME: this compiles with CSC. Didn't succeed at creating a smaller/different test case :(
-// if (!cg.MembershipCondition.Equals (m_membershipCondition))
- if (((object) cg.MembershipCondition).ToString () !=
- ((object) m_membershipCondition).ToString ())
+ if (!cg.MembershipCondition.Equals (m_membershipCondition))
return false;
if (compareChildren) {
return false;
for (int index = 0; index < childCount; index++) {
- // LAMESPEC: are we supposed to check child equality recursively?
- // The docs imply 'no' but it seems natural to do a 'deep' compare.
- // Will check the children's children, and so-on unless we find out that
- // we shouldn't
- if (!((CodeGroup)(this.Children[index])).Equals((CodeGroup)(cg.Children[index]), true))
+ // not a deep compare
+ if (!((CodeGroup)(this.Children [index])).Equals ((CodeGroup)(cg.Children [index]), false))
return false;
}
}
throw new ArgumentNullException("e");
PermissionSet ps = null;
- SecurityElement pset = e.SearchForChildByTag ("PermissionSet");
- if (pset != null) {
- Type classType = Type.GetType (pset.Attribute ("class"));
- ps = (PermissionSet) Activator.CreateInstance (classType, true);
- ps.FromXml (pset);
+ string psetname = e.Attribute ("PermissionSetName");
+ if ((psetname != null) && (level != null)) {
+ ps = level.GetNamedPermissionSet (psetname);
+ }
+ else {
+ SecurityElement pset = e.SearchForChildByTag ("PermissionSet");
+ if (pset != null) {
+ Type classType = Type.GetType (pset.Attribute ("class"));
+ ps = (PermissionSet) Activator.CreateInstance (classType, true);
+ ps.FromXml (pset);
+ }
+ else {
+ ps = new PermissionSet (new PermissionSet (PermissionState.None));
+ }
}
- else
- ps = new NamedPermissionSet ("Nothing", new PermissionSet (PermissionState.None));
m_policy = new PolicyStatement (ps);
m_children.Clear ();
if ((e.Children != null) && (e.Children.Count > 0)) {
foreach (SecurityElement se in e.Children) {
if (se.Tag == "CodeGroup") {
- this.AddChild (CodeGroup.CreateFromXml (se));
+ this.AddChild (CodeGroup.CreateFromXml (se, level));
}
}
}
Type classType = Type.GetType (className);
if (classType == null)
classType = Type.GetType ("System.Security.Policy." + className);
- m_membershipCondition = (IMembershipCondition) Activator.CreateInstance (classType);
+ m_membershipCondition = (IMembershipCondition) Activator.CreateInstance (classType, true);
m_membershipCondition.FromXml (mc, level);
}
m_description = e.Attribute("Description");
// seems like we might need this to Resolve() in subclasses
- m_level = level;
+ //m_level = level;
ParseXml (e, level);
}
- protected virtual void ParseXml(SecurityElement e, PolicyLevel level)
+ protected virtual void ParseXml (SecurityElement e, PolicyLevel level)
{
}
- public SecurityElement ToXml()
+ public SecurityElement ToXml ()
{
return ToXml (null);
}
return e;
}
- protected virtual void CreateXml(SecurityElement element, PolicyLevel level)
+ protected virtual void CreateXml (SecurityElement element, PolicyLevel level)
{
}
// internal stuff
- internal static CodeGroup CreateFromXml (SecurityElement se)
+ internal static CodeGroup CreateFromXml (SecurityElement se, PolicyLevel level)
{
string fullClassName = se.Attribute ("class");
string className = fullClassName;
// much faster than calling Activator.CreateInstance
switch (className) {
case "FileCodeGroup":
- return new FileCodeGroup (se);
+ return new FileCodeGroup (se, level);
case "FirstMatchCodeGroup":
- return new FirstMatchCodeGroup (se);
+ return new FirstMatchCodeGroup (se, level);
case "NetCodeGroup":
- return new NetCodeGroup (se);
+ return new NetCodeGroup (se, level);
case "UnionCodeGroup":
- return new UnionCodeGroup (se);
+ return new UnionCodeGroup (se, level);
default: // unknown
Type classType = Type.GetType (fullClassName);
- return (CodeGroup) Activator.CreateInstance (classType, true);
+ CodeGroup cg = (CodeGroup) Activator.CreateInstance (classType, true);
+ cg.FromXml (se, level);
+ return cg;
}
}
- } // public abstract class CodeGroup
-} // namespace System.Security.Policy
+ }
+}