2004-08-19 Sebastien Pouliot <sebastien@ximian.com>
+ * CodeAccessSecurityAttribute.cs: Namespace clean-up (removing System.)
+ * EnvironmentPermission.cs: Common exception for flags validation.
+ Fixed Fx 2.0 return values (String.Empty not null).
+ * EnvironmentPermissionAttribute.cs: Namespace clean-up.
+ * FileIOPermission.cs: Updated to use the common template. Added Fx
+ 2.0 properties.
+ * FileIOPermissionAttribute.cs: Added Fx 2.0 properties.
+ * HostProtectionAttribute.cs: Namespace clean-up (removing System.)
+ * IsolatedStoragePermissionAttribute.cs: Namespace cleanup.
+ * KeyContainerPermissionAttribute.cs: Added default values. Removed
+ unrequired flags validations. Can now create unrestricted permissions.
+ * PermissionSetAttribute.cs: Added new Fx 2.0 Hex property.
+ * PrincipalPermission.cs: Updated to use the common template.
+ * PrincipalPermissionAttribute.cs: Namespace cleanup.
+ * PublisherIdentityPermissionAttribute.cs: Namespace cleanup.
+ * RegistryPermission.cs: Updated to use the common template.
+ * RegistryPermissionAttribute.cs: Added Fx 2.0 properties.
+ * SecurityAttribute.cs: Namespace clean-up (removing System.)
* SecurityPermission.cs: Updated to use the common template. Now
pass all unit tests.
+ * SiteIdentityPermission.cs: Updated to use the common template.
+ * SiteIdentityPermissionAttribute.cs: Move unrestricted responsability
+ check to SiteIdentityPermission constructor.
+ * StrongNamePermissionAttribute.cs: Move unrestricted responsability
+ check to StrongNameIdentityPermission constructor.
+ * UrlIdentityPermission.cs: Updated to use the common template.
+ * UrlIdentityPermissionAttribute.cs: Move unrestricted responsability
+ check to UrlIdentityPermission constructor.
+ * ZoneIdentityPermissionAttribute.cs: Move unrestricted responsability
+ check to ZoneIdentityPermission constructor.
2004-08-18 Sebastien Pouliot <sebastien@ximian.com>
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
-using System;
-using System.Security.Permissions;
-
namespace System.Security.Permissions {
- [System.AttributeUsage(
- System.AttributeTargets.Assembly
- | System.AttributeTargets.Class
- | System.AttributeTargets.Struct
- | System.AttributeTargets.Constructor
- | System.AttributeTargets.Method,
+ [AttributeUsage(
+ AttributeTargets.Assembly
+ | AttributeTargets.Class
+ | AttributeTargets.Struct
+ | AttributeTargets.Constructor
+ | AttributeTargets.Method,
AllowMultiple=true,
Inherited=false)
]
[Serializable]
public abstract class CodeAccessSecurityAttribute : SecurityAttribute {
- public CodeAccessSecurityAttribute (SecurityAction action) : base (action) {}
-
- } // public abstract class CodeAccessSecurityAttribute
-} // namespace System.Security.Permissions
+ public CodeAccessSecurityAttribute (SecurityAction action)
+ : base (action)
+ {
+ }
+ }
+}
}
break;
default:
- throw new ArgumentException ("Invalid EnvironmentPermissionAccess", "flag");
+ ThrowInvalidFlag (flag, false);
+ break;
}
}
switch (flag) {
case EnvironmentPermissionAccess.AllAccess:
case EnvironmentPermissionAccess.NoAccess:
- throw new ArgumentException ("Invalid EnvironmentPermissionAccess in context", "flag");
+ ThrowInvalidFlag (flag, true);
+ break;
case EnvironmentPermissionAccess.Read:
foreach (string path in readList) {
sb.Append (path);
}
break;
default:
- throw new ArgumentException ("Unknown EnvironmentPermissionAccess", "flag");
+ ThrowInvalidFlag (flag, false);
+ break;
}
string result = sb.ToString ();
// remove last ';'
int n = result.Length;
if (n > 0)
return result.Substring (0, n - 1);
+#if NET_2_0
+ return String.Empty;
+#else
return ((_state == PermissionState.Unrestricted) ? String.Empty : null);
+#endif
}
public override IPermission Intersect (IPermission target)
if (ep == null)
return false;
-
if (IsUnrestricted ())
return ep.IsUnrestricted ();
else if (ep.IsUnrestricted ())
}
break;
default:
- throw new ArgumentException ("Invalid EnvironmentPermissionAccess", "flag");
+ ThrowInvalidFlag (flag, false);
+ break;
}
}
return ep;
}
+ internal void ThrowInvalidFlag (EnvironmentPermissionAccess flag, bool context)
+ {
+ string msg = null;
+ if (context)
+ msg = Locale.GetText ("Unknown flag '{0}'.");
+ else
+ msg = Locale.GetText ("Invalid flag '{0}' in this context.");
+ throw new ArgumentException (String.Format (msg, flag), "flag");
+ }
+
#endregion // Methods
}
}
//
// Authors
// Duncan Mak <duncan@ximian.com>
-// Sebastien Pouliot <spouliot@motus.com>
+// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2002 Ximian, Inc. http://www.ximian.com
// Portions Copyright (C) 2003 Motus Technologies (http://www.motus.com)
-//
-
-//
// Copyright (C) 2004 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
-using System;
-
namespace System.Security.Permissions {
[AttributeUsage (AttributeTargets.Assembly | AttributeTargets.Class |
private string write;
// Constructor
- public EnvironmentPermissionAttribute (SecurityAction action) : base (action) {}
+ public EnvironmentPermissionAttribute (SecurityAction action) : base (action)
+ {
+ }
// Properties
public string All {
-#if ! NET_1_0
+#if NET_1_1
get { throw new NotSupportedException ("All"); }
#endif
set {
-//------------------------------------------------------------------------------\r
// \r
// System.Security.Permissions.FileIOPermission.cs \r
//\r
-// Copyright (C) 2001 Nick Drochak, All Rights Reserved\r
-// \r
-// Author: Nick Drochak, ndrochak@gol.com\r
-// Created: 2002-01-09 \r
-//\r
-//------------------------------------------------------------------------------\r
-
+// Authors:
+// Nick Drochak, ndrochak@gol.com\r
+// Sebastien Pouliot <sebastien@ximian.com>
//
+// Copyright (C) 2001 Nick Drochak, All Rights Reserved\r
// Copyright (C) 2004 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
using System.Collections;\r
using System.IO;\r
using System.Text;\r
+
+#if NET_2_0
+using System.Security.AccessControl;
+#endif
\r
namespace System.Security.Permissions {\r
\r
[Serializable]\r
public sealed class FileIOPermission\r
: CodeAccessPermission, IBuiltInPermission, IUnrestrictedPermission {\r
+
+ private const int version = 1;
\r
private static char[] m_badCharacters = {'\"','<', '>', '|', '*', '?'};\r
private bool m_Unrestricted = false;\r
private FileIOPermissionAccess m_AllFilesAccess = FileIOPermissionAccess.NoAccess;\r
private FileIOPermissionAccess m_AllLocalFilesAccess = FileIOPermissionAccess.NoAccess;\r
\r
- public FileIOPermission(PermissionState state) {\r
- if (!Enum.IsDefined(typeof(PermissionState), state)){\r
- throw new ArgumentException("Invalid permission state.", "state");\r
- }\r
- m_Unrestricted = (PermissionState.Unrestricted == state);\r
- if (m_Unrestricted) {\r
+ public FileIOPermission (PermissionState state)
+ {\r
+ if (CheckPermissionState (state, true) == PermissionState.Unrestricted) {
+ m_Unrestricted = true;\r
m_AllFilesAccess = FileIOPermissionAccess.AllAccess;\r
m_AllLocalFilesAccess = FileIOPermissionAccess.AllAccess;\r
}\r
}\r
\r
- public FileIOPermission(FileIOPermissionAccess access, string path)
+ public FileIOPermission (FileIOPermissionAccess access, string path)
{
if (path == null)
throw new ArgumentNullException ("path");
AddPathList(access, path);\r
}\r
\r
- public FileIOPermission(FileIOPermissionAccess access, string[] pathList)
+ public FileIOPermission (FileIOPermissionAccess access, string[] pathList)
{\r
if (pathList == null)
throw new ArgumentNullException ("pathList");
}\r
\r
AddPathList(access, pathList);\r
+ }
+
+#if NET_2_0
+ [MonoTODO ("Access Control isn't implemented")]
+ public FileIOPermission (FileIOPermissionAccess access, AccessControlActions control, string path)
+ {
+ throw new NotImplementedException ();
}\r
\r
+ [MonoTODO ("Access Control isn't implemented")]
+ public FileIOPermission (FileIOPermissionAccess access, AccessControlActions control, string[] pathList)
+ {\r
+ throw new NotImplementedException ();
+ }
+#endif\r
+\r
public FileIOPermissionAccess AllFiles {\r
get {\r
return m_AllFilesAccess;\r
}\r
}\r
\r
- public void AddPathList(FileIOPermissionAccess access, string[] pathList ){\r
- foreach(string path in pathList){\r
- AddPathList(access, path);\r
+ public void AddPathList (FileIOPermissionAccess access, string[] pathList)
+ {\r
+ foreach (string path in pathList) {\r
+ AddPathList (access, path);\r
}\r
- \r
}\r
\r
// private constructor used by Copy() method\r
) v Unrestricted=\94true\94 \r
/>\r
*/\r
- public override void FromXml(SecurityElement esd){\r
- if (null == esd) {\r
- throw new ArgumentNullException();\r
- }\r
- if (esd.Tag != "IPermission" || (string)esd.Attributes["class"] != "FileIOPermission"\r
- || (string)esd.Attributes["version"] != "1"){\r
- throw new ArgumentException("Not a valid permission element");\r
- }\r
- m_PathList.Clear();\r
- if ("true" == (string)esd.Attributes["Unrestricted"]){\r
+ public override void FromXml (SecurityElement esd)
+ {\r
+ // General validation in CodeAccessPermission
+ CheckSecurityElement (esd, "esd", version, version);
+ // Note: we do not (yet) care about the return value
+ // as we only accept version 1 (min/max values)
+
+ m_PathList.Clear ();\r
+ if (IsUnrestricted (esd)) {\r
m_Unrestricted = true;\r
}\r
else{\r
m_Unrestricted = false;\r
- string fileList;\r
- fileList = (string)esd.Attributes["Read"];\r
+ string fileList = esd.Attribute ("Read");\r
string[] files;\r
if (fileList != null){\r
files = fileList.Split(';');\r
AddPathList(FileIOPermissionAccess.Read, files);\r
}\r
- fileList = (string)esd.Attributes["Write"];\r
+ fileList = esd.Attribute ("Write");\r
if (fileList != null){\r
files = fileList.Split(';');\r
AddPathList(FileIOPermissionAccess.Write, files);\r
}\r
- fileList = (string)esd.Attributes["Append"];\r
+ fileList = esd.Attribute ("Append");\r
if (fileList != null){\r
files = fileList.Split(';');\r
AddPathList(FileIOPermissionAccess.Append, files);\r
}\r
}\r
\r
- public override IPermission Intersect(IPermission target){ \r
- if (null == target){\r
+ public override IPermission Intersect (IPermission target)
+ { \r
+ FileIOPermission FIOPTarget = Cast (target);\r
+ if (FIOPTarget == null)\r
return null;\r
- }\r
- else {\r
- if (target.GetType() != typeof(FileIOPermission)){\r
- throw new ArgumentException();\r
- }\r
- }\r
- FileIOPermission FIOPTarget = (FileIOPermission)target;\r
+
if (FIOPTarget.IsUnrestricted() && m_Unrestricted){\r
return new FileIOPermission(PermissionState.Unrestricted);\r
}\r
}\r
\r
\r
- public override bool IsSubsetOf(IPermission target){\r
- // X.IsSubsetOf(Y) is true if permission Y includes everything allowed by X.\r
- if (target != null && target.GetType() != typeof(FileIOPermission)){\r
- throw new ArgumentException();\r
- }\r
- FileIOPermission FIOPTarget = (FileIOPermission)target;\r
+ public override bool IsSubsetOf (IPermission target)
+ {
+ FileIOPermission FIOPTarget = Cast (target);\r
+
if (FIOPTarget.IsUnrestricted()){\r
return true;\r
}\r
}\r
}\r
\r
- public bool IsUnrestricted(){\r
+ public bool IsUnrestricted ()
+ {\r
return m_Unrestricted;\r
}\r
\r
AddPathList(access, pathList);\r
}\r
\r
- public override SecurityElement ToXml(){\r
- //Encode the the current permission to XML using the \r
- //security element class.\r
- SecurityElement element = new SecurityElement("IPermission");\r
- Type type = this.GetType();\r
- StringBuilder AsmName = new StringBuilder(type.Assembly.ToString());\r
- AsmName.Replace('\"', '\'');\r
- element.AddAttribute("class", type.FullName + ", " + AsmName);\r
- element.AddAttribute("version", "1");\r
- if(m_Unrestricted){\r
- element.AddAttribute("Unrestricted", "true");\r
+ public override SecurityElement ToXml ()
+ {\r
+ SecurityElement se = Element (1);
+ if (m_Unrestricted) {\r
+ se.AddAttribute("Unrestricted", "true");\r
}\r
else {\r
- string[] paths;\r
- paths = GetPathList(FileIOPermissionAccess.Append);\r
+ string[] paths = GetPathList(FileIOPermissionAccess.Append);\r
if (null != paths && paths.Length >0){\r
- element.AddAttribute("Append", String.Join(";",paths));\r
+ se.AddAttribute("Append", String.Join(";",paths));\r
}\r
paths = GetPathList(FileIOPermissionAccess.Read);\r
if (null != paths && paths.Length >0){\r
- element.AddAttribute("Read", String.Join(";",paths));\r
+ se.AddAttribute("Read", String.Join(";",paths));\r
}\r
paths = GetPathList(FileIOPermissionAccess.Write);\r
if (null != paths && paths.Length >0){\r
- element.AddAttribute("Write", String.Join(";",paths));\r
+ se.AddAttribute("Write", String.Join(";",paths));\r
}\r
}\r
- return element;\r
+ return se;\r
}\r
\r
- public override IPermission Union(IPermission other){\r
- if (null == other){\r
+ public override IPermission Union (IPermission other)
+ {\r
+ FileIOPermission FIOPTarget = Cast (other);\r
+ if (FIOPTarget == null)\r
return null;\r
- }\r
- else {\r
- if (other.GetType() != typeof(FileIOPermission)){\r
- throw new ArgumentException();\r
- }\r
- }\r
- FileIOPermission FIOPTarget = (FileIOPermission)other;\r
+
if (FIOPTarget.IsUnrestricted() || m_Unrestricted){\r
return new FileIOPermission(PermissionState.Unrestricted);\r
}\r
else{\r
FileIOPermission retVal = (FileIOPermission)Copy();\r
retVal.AllFiles |= FIOPTarget.AllFiles;\r
- retVal.AllLocalFiles |= FIOPTarget.AllLocalFiles;\r
- string[] paths;\r
- paths = FIOPTarget.GetPathList(FileIOPermissionAccess.Append);\r
+ retVal.AllLocalFiles |= FIOPTarget.AllLocalFiles;
+\r
+ string[] paths = FIOPTarget.GetPathList(FileIOPermissionAccess.Append);\r
if (null != paths){\r
- retVal.AddPathList(FileIOPermissionAccess.Append, paths);\r
+ retVal.AddPathList(FileIOPermissionAccess.Append, paths);\r
}\r
paths = FIOPTarget.GetPathList(FileIOPermissionAccess.Read);\r
if (null != paths){\r
}\r
}\r
\r
+#if NET_2_0
+ [MonoTODO]
+ public override bool Equals (object obj)
+ {
+ return false;
+ }
+
+ [MonoTODO]
+ public override int GetHashCode ()
+ {
+ return base.GetHashCode ();
+ }
+#endif
+
// IBuiltInPermission\r
int IBuiltInPermission.GetTokenIndex ()\r
{\r
- return 2;\r
- }\r
+ return (int) BuiltInToken.FileIO;
+ }
+
+ // helpers
+
+ private FileIOPermission Cast (IPermission target)
+ {
+ if (target == null)
+ return null;
+
+ FileIOPermission fiop = (target as FileIOPermission);
+ if (fiop == null) {
+ ThrowInvalidPermission (target, typeof (FileIOPermission));
+ }
+
+ return fiop;
+ }
}\r
}\r
//
// Authors
// Duncan Mak <duncan@ximian.com>
-// Sebastien Pouliot <spouliot@motus.com>
+// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2002 Ximian, Inc. http://www.ximian.com
// Portions Copyright (C) 2003 Motus Technologies (http://www.motus.com)
-//
-
-//
// Copyright (C) 2004 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
-using System;
-
namespace System.Security.Permissions {
[AttributeUsage (AttributeTargets.Assembly | AttributeTargets.Class |
private string path;
private string read;
private string write;
-
+#if NET_2_0
+ private FileIOPermissionAccess allFiles;
+ private FileIOPermissionAccess allLocalFiles;
+ private string changeAccessControl;
+ private string viewAccessControl;
+ private string viewAndModify;
+#endif
+
// Constructor
- public FileIOPermissionAttribute (SecurityAction action) : base (action) {}
+ public FileIOPermissionAttribute (SecurityAction action) : base (action)
+ {
+ }
// Properties
- public string All
- {
-#if ! NET_1_0
+#if NET_2_0
+ [Obsolete ("use newer properties")]
+#endif
+ public string All {
+#if NET_1_1
get { throw new NotSupportedException ("All"); }
#endif
set {
}
}
- public string Append
- {
+ public string Append {
get { return append; }
set { append = value; }
}
- public string PathDiscovery
- {
+ public string PathDiscovery {
get { return path; }
set { path = value; }
}
- public string Read
- {
+ public string Read {
get { return read; }
set { read = value; }
}
- public string Write
- {
+ public string Write {
get { return write; }
set { write = value; }
}
+
+#if NET_2_0
+ public FileIOPermissionAccess AllFiles {
+ get { return allFiles; }
+ set { allFiles = value; }
+ }
+
+ public FileIOPermissionAccess AllLocalFiles {
+ get { return allLocalFiles; }
+ set { allLocalFiles = value; }
+ }
+
+ public string ChangeAccessControl {
+ get { return changeAccessControl; }
+ set { changeAccessControl = value; }
+ }
+
+ public string ViewAccessControl {
+ get { return viewAccessControl; }
+ set { viewAccessControl = value; }
+ }
+
+ public string ViewAndModify {
+ get { throw new NotSupportedException (); } // as documented
+ set {
+ append = value;
+ path = value;
+ read = value;
+ write = value;
+ }
+ }
+#endif
// Methods
public override IPermission CreatePermission ()
namespace System.Security.Permissions {
- [System.AttributeUsage (System.AttributeTargets.Assembly | System.AttributeTargets.Class |
- System.AttributeTargets.Struct | System.AttributeTargets.Constructor | System.AttributeTargets.Method,
+ [AttributeUsage (AttributeTargets.Assembly | AttributeTargets.Class | AttributeTargets.Struct |
+ AttributeTargets.Constructor | AttributeTargets.Method | AttributeTargets.Delegate,
AllowMultiple = true, Inherited = false)]
[Serializable]
public sealed class HostProtectionAttribute : CodeAccessSecurityAttribute {
//
-// System.Security.Permissions.IsolatedStoragePermissionAttributes.cs
+// System.Security.Permissions.IsolatedStoragePermissionAttribute.cs
//
// Author:
// Dan Lewis (dihlewis@yahoo.co.uk)
//
// (C) 2002
-//
-
-//
// Copyright (C) 2004 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
-using System;
-
namespace System.Security.Permissions {
[AttributeUsage ( AttributeTargets.Assembly | AttributeTargets.Class |
[Serializable]
public abstract class IsolatedStoragePermissionAttribute : CodeAccessSecurityAttribute {
- public IsolatedStoragePermissionAttribute (SecurityAction action) : base (action) {
+ public IsolatedStoragePermissionAttribute (SecurityAction action)
+ : base (action)
+ {
}
public IsolatedStorageContainment UsageAllowed {
public KeyContainerPermissionAttribute (SecurityAction action)
: base (action)
{
+ _spec = -1;
+ _type = -1;
}
// Properties
public KeyContainerPermissionFlags Flags {
get { return _flags; }
- set {
- if ((value & KeyContainerPermissionFlags.AllFlags) != 0) {
- string msg = String.Format (Locale.GetText ("Invalid enum {0}"), value);
- throw new ArgumentException (msg, "KeyContainerPermissionFlags");
- }
- _flags = value;
- }
+ set { _flags = value; }
}
public string KeyContainerName {
public override IPermission CreatePermission ()
{
- if (EmptyEntry ()) {
+ if (this.Unrestricted)
+ return new KeyContainerPermission (PermissionState.Unrestricted);
+ else if (EmptyEntry ())
return new KeyContainerPermission (_flags);
- }
else {
KeyContainerPermissionAccessEntry[] list = new KeyContainerPermissionAccessEntry [1];
list [0] = new KeyContainerPermissionAccessEntry (_store, _providerName, _type, _containerName, _spec, _flags);
//
// Authors
// Duncan Mak <duncan@ximian.com>
-// Sebastien Pouliot <spouliot@videotron.ca>
+// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2002 Ximian, Inc. http://www.ximian.com
-//
-
-//
// Copyright (C) 2004 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
-using System;
using System.IO;
using System.Security.Policy;
using System.Text;
private string name;
private bool isUnicodeEncoded;
private string xml;
+#if NET_2_0
+ private string hex;
+#endif
// Constructor
public PermissionSetAttribute (SecurityAction action)
}
// Properties
- public string File
- {
+ public string File {
get { return file; }
set { file = value; }
}
-
- public string Name
- {
+#if NET_2_0
+ [MonoTODO ("Undocumented")]
+ public string Hex {
+ get { return hex; }
+ set { hex = value; }
+ }
+#endif
+ public string Name {
get { return name; }
set { name = value; }
}
- public bool UnicodeEncoded
- {
+ public bool UnicodeEncoded {
get { return isUnicodeEncoded; }
set { isUnicodeEncoded = value; }
}
- public string XML
- {
+ public string XML {
get { return xml; }
set { xml = value; }
}
return null;
PermissionState state = PermissionState.None;
- if (se.Attribute ("Unrestricted") == "true")
+ if (CodeAccessPermission.IsUnrestricted (se))
state = PermissionState.Unrestricted;
if (className.EndsWith ("NamedPermissionSet")) {
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
-using System;
using System.Collections;
using System.Security.Principal;
-using System.Text;
using System.Threading;
namespace System.Security.Permissions {
[Serializable]
public sealed class PrincipalPermission : IPermission, IUnrestrictedPermission, IBuiltInPermission {
+ private const int version = 1;
+
internal class PrincipalInfo {
private string _name;
public PrincipalPermission (PermissionState state)
{
principals = new ArrayList ();
- switch (state) {
- case PermissionState.None:
- break;
- case PermissionState.Unrestricted:
- PrincipalInfo pi = new PrincipalInfo (null, null, true);
- principals.Add (pi);
- break;
- default:
- throw new ArgumentException ("unknown PermissionState");
+ if (CodeAccessPermission.CheckPermissionState (state, true) == PermissionState.Unrestricted) {
+ PrincipalInfo pi = new PrincipalInfo (null, null, true);
+ principals.Add (pi);
}
}
public void FromXml (SecurityElement esd)
{
- if (esd == null)
- throw new ArgumentNullException ("esd");
- if (esd.Tag != "IPermission")
- throw new ArgumentException ("not IPermission");
- if (!(esd.Attributes ["class"] as string).StartsWith ("System.Security.Permissions.PrincipalPermission"))
- throw new ArgumentException ("not PrincipalPermission");
- if ((esd.Attributes ["version"] as string) != "1")
- throw new ArgumentException ("wrong version");
+ // General validation in CodeAccessPermission
+ CodeAccessPermission.CheckSecurityElement (esd, "esd", version, version);
+ // Note: we do not (yet) care about the return value
+ // as we only accept version 1 (min/max values)
// Children is null, not empty, when no child is present
if (esd.Children != null) {
public IPermission Intersect (IPermission target)
{
- if (target == null)
+ PrincipalPermission pp = Cast (target);
+ if (pp == null)
return null;
- if (! (target is PrincipalPermission))
- throw new ArgumentException ("wrong type");
- PrincipalPermission o = (PrincipalPermission) target;
if (IsUnrestricted ())
- return o.Copy ();
- if (o.IsUnrestricted ())
+ return pp.Copy ();
+ if (pp.IsUnrestricted ())
return Copy ();
PrincipalPermission intersect = new PrincipalPermission (PermissionState.None);
foreach (PrincipalInfo pi in principals) {
- foreach (PrincipalInfo opi in o.principals) {
+ foreach (PrincipalInfo opi in pp.principals) {
if (pi.IsAuthenticated == opi.IsAuthenticated) {
string name = null;
if ((pi.Name == opi.Name) || (opi.Name == null))
public bool IsSubsetOf (IPermission target)
{
- if (target == null)
+ PrincipalPermission pp = Cast (target);
+ if (pp == null)
return false;
- if (! (target is PrincipalPermission))
- throw new ArgumentException ("wrong type");
-
- PrincipalPermission o = (PrincipalPermission) target;
if (IsUnrestricted ())
- return o.IsUnrestricted ();
- else if (o.IsUnrestricted ())
+ return pp.IsUnrestricted ();
+ else if (pp.IsUnrestricted ())
return true;
// each must be a subset of the target
foreach (PrincipalInfo pi in principals) {
bool thisItem = false;
- foreach (PrincipalInfo opi in o.principals) {
+ foreach (PrincipalInfo opi in pp.principals) {
if (((pi.Name == opi.Name) || (opi.Name == null)) &&
((pi.Role == opi.Role) || (opi.Role == null)) &&
(pi.IsAuthenticated == opi.IsAuthenticated))
{
SecurityElement se = new SecurityElement ("IPermission");
Type type = this.GetType ();
- StringBuilder asmName = new StringBuilder (type.Assembly.ToString ());
- asmName.Replace ('\"', '\'');
- se.AddAttribute ("class", type.FullName + ", " + asmName);
- se.AddAttribute ("version", "1");
+ se.AddAttribute ("class", type.FullName + ", " + type.Assembly.ToString ().Replace ('\"', '\''));
+ se.AddAttribute ("version", version.ToString ());
+
foreach (PrincipalInfo pi in principals) {
SecurityElement sec = new SecurityElement ("Identity");
if (pi.Name != null)
public IPermission Union (IPermission target)
{
- if (target == null)
+ PrincipalPermission pp = Cast (target);
+ if (pp == null)
return Copy ();
- if (! (target is PrincipalPermission))
- throw new ArgumentException ("wrong type");
- PrincipalPermission o = (PrincipalPermission) target;
- if (IsUnrestricted () || o.IsUnrestricted ())
+ if (IsUnrestricted () || pp.IsUnrestricted ())
return new PrincipalPermission (PermissionState.Unrestricted);
PrincipalPermission union = new PrincipalPermission (principals);
- foreach (PrincipalInfo pi in o.principals)
+ foreach (PrincipalInfo pi in pp.principals)
principals.Add (pi);
return union;
{
if (obj == null)
return false;
+
PrincipalPermission pp = (obj as PrincipalPermission);
if (pp == null)
return false;
// IBuiltInPermission
int IBuiltInPermission.GetTokenIndex ()
{
- return 8;
+ return (int) BuiltInToken.Principal;
+ }
+
+ // helpers
+
+ private PrincipalPermission Cast (IPermission target)
+ {
+ if (target == null)
+ return null;
+
+ PrincipalPermission pp = (target as PrincipalPermission);
+ if (pp == null) {
+ CodeAccessPermission.ThrowInvalidPermission (target, typeof (PrincipalPermission));
+ }
+
+ return pp;
}
}
}
//
// System.Security.Permissions.PrincipalPermissionAttribute.cs
//
-// Duncan Mak <duncan@ximian.com>
+// Authors:
+// Duncan Mak <duncan@ximian.com>
+// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2002 Ximian, Inc. http://www.ximian.com
-//
-
-//
// Copyright (C) 2004 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
-using System;
-
namespace System.Security.Permissions {
[AttributeUsage (AttributeTargets.Class | AttributeTargets.Method, AllowMultiple=true, Inherited=false)]
}
// Properties
- public bool Authenticated
- {
+ public bool Authenticated {
get { return authenticated; }
set { authenticated = value; }
}
-
- public string Name
- {
+
+ public string Name {
get { return name; }
set { name = value; }
}
-
- public string Role
- {
+
+ public string Role {
get { return role; }
set { role = value; }
}
//
// (C) 2003 Motus Technologies Inc. (http://www.motus.com)
// (C) 2004 Novell (http://www.novell.com)
-//
-
-//
// Copyright (C) 2004 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
-using System;
-using System.Security.Cryptography.X509Certificates;
+using SSCX = System.Security.Cryptography.X509Certificates;
using Mono.Security.Cryptography;
private string signedFile;
private string x509data;
- public PublisherIdentityPermissionAttribute (SecurityAction action) : base (action) {}
+ public PublisherIdentityPermissionAttribute (SecurityAction action)
+ : base (action)
+ {
+ }
// If X509Certificate is set, this property is ignored.
public string CertFile {
public override IPermission CreatePermission ()
{
if (this.Unrestricted)
- throw new ArgumentException ("Unsupported PermissionState.Unrestricted");
+ return new PublisherIdentityPermission (PermissionState.Unrestricted);
- X509Certificate x509 = null;
+ SSCX.X509Certificate x509 = null;
if (x509data != null) {
byte[] rawcert = CryptoConvert.FromHex (x509data);
- x509 = new X509Certificate (rawcert);
+ x509 = new SSCX.X509Certificate (rawcert);
return new PublisherIdentityPermission (x509);
}
if (certFile != null) {
- x509 = System.Security.Cryptography.X509Certificates.X509Certificate.CreateFromCertFile (certFile);
+ x509 = SSCX.X509Certificate.CreateFromCertFile (certFile);
return new PublisherIdentityPermission (x509);
}
if (signedFile != null) {
- x509 = System.Security.Cryptography.X509Certificates.X509Certificate.CreateFromSignedFile (signedFile);
+ x509 = SSCX.X509Certificate.CreateFromSignedFile (signedFile);
return new PublisherIdentityPermission (x509);
}
return new PublisherIdentityPermission (PermissionState.None);
// System.Security.Permissions.RegistryPermission.cs
//
// Author
-// Sebastien Pouliot <spouliot@motus.com>
+// Sebastien Pouliot <sebastien@ximian.com>
//
// Copyright (C) 2003 Motus Technologies. http://www.motus.com
-//
-
-//
// Copyright (C) 2004 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
-using System;
using System.Globalization;
+#if NET_2_0
+using System.Security.AccessControl;
+#endif
+
namespace System.Security.Permissions {
[Serializable]
public sealed class RegistryPermission
: CodeAccessPermission, IUnrestrictedPermission, IBuiltInPermission {
+ private const int version = 1;
+
private PermissionState _state;
private RegistryPermissionAccess _access;
private string _pathList;
-
+#if NET_2_0
+ private AccessControlActions _control;
+#endif
// Constructors
public RegistryPermission (PermissionState state)
{
- _state = state;
+ _state = CheckPermissionState (state, true);
}
public RegistryPermission (RegistryPermissionAccess access, string pathList)
_state = PermissionState.None;
AddPathList (access, pathList);
}
-
+#if NET_2_0
+ public RegistryPermission (RegistryPermissionAccess access, AccessControlActions control, string pathList)
+ {
+ if (!Enum.IsDefined (typeof (AccessControlActions), control)) {
+ string msg = String.Format (Locale.GetText ("Invalid enum {0}"), control);
+ throw new ArgumentException (msg, "AccessControlActions");
+ }
+ _state = PermissionState.None;
+ AddPathList (access, control, pathList);
+ }
+#endif
// Properties
// Methods
public void AddPathList (RegistryPermissionAccess access, string pathList)
{
}
-
+#if NET_2_0
+ [MonoTODO]
+ public void AddPathList (RegistryPermissionAccess access, AccessControlActions control, string pathList)
+ {
+ }
+#endif
[MonoTODO]
public string GetPathList (RegistryPermissionAccess access)
{
public override void FromXml (SecurityElement esd)
{
- if (esd == null)
- throw new ArgumentNullException (
- Locale.GetText ("The argument is null."));
-
- if (esd.Attribute ("class") != GetType ().AssemblyQualifiedName)
- throw new ArgumentException (
- Locale.GetText ("The argument is not valid"));
-
- if (esd.Attribute ("version") != "1")
- throw new ArgumentException (
- Locale.GetText ("The argument is not valid"));
+ // General validation in CodeAccessPermission
+ CheckSecurityElement (esd, "esd", version, version);
+ // Note: we do not (yet) care about the return value
+ // as we only accept version 1 (min/max values)
// This serialization format stinks
foreach (object o in esd.Attributes.Keys) {
public override SecurityElement ToXml ()
{
- SecurityElement e = new SecurityElement ("IPermission");
- e.AddAttribute ("class", GetType ().AssemblyQualifiedName);
- e.AddAttribute ("version", "1");
+ SecurityElement e = Element (version);
e.AddAttribute (_access.ToString (), _pathList);
-
return e;
}
// IBuiltInPermission
int IBuiltInPermission.GetTokenIndex ()
{
- return 5;
+ return (int) BuiltInToken.Registry;
+ }
+
+ // helpers
+
+ private RegistryPermission Cast (IPermission target)
+ {
+ if (target == null)
+ return null;
+
+ RegistryPermission rp = (target as RegistryPermission);
+ if (rp == null) {
+ ThrowInvalidPermission (target, typeof (RegistryPermission));
+ }
+
+ return rp;
}
}
}
//
// Authors
// Duncan Mak <duncan@ximian.com>
-// Sebastien Pouliot <spouliot@motus.com>
+// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2002 Ximian, Inc. http://www.ximian.com
// Portions Copyright (C) 2003 Motus Technologies (http://www.motus.com)
-//
-
-//
// Copyright (C) 2004 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
private string create;
private string read;
private string write;
-
+#if NET_2_0
+ private string changeAccessControl;
+ private string viewAccessControl;
+ private string viewAndModify;
+#endif
+
// Constructor
- public RegistryPermissionAttribute (SecurityAction action) : base (action) {}
+ public RegistryPermissionAttribute (SecurityAction action) : base (action)
+ {
+ }
// Properties
- public string All
- {
+#if NET_2_0
+ [Obsolete ("use newer properties")]
+#endif
+ public string All {
#if ! NET_1_0
get { throw new NotSupportedException ("All"); }
#endif
}
}
- public string Create
- {
+ public string Create {
get { return create; }
set { create = value; }
}
- public string Read
- {
+ public string Read {
get { return read; }
set { read = value; }
}
- public string Write
- {
+ public string Write {
get { return write; }
set { write = value; }
}
+#if NET_2_0
+ public string ChangeAccessControl {
+ get { return changeAccessControl; }
+ set { changeAccessControl = value; }
+ }
+
+ public string ViewAccessControl {
+ get { return viewAccessControl; }
+ set { viewAccessControl = value; }
+ }
+
+ public string ViewAndModify {
+ get { throw new NotSupportedException (); } // as documented
+ set {
+ create = value;
+ read = value;
+ write = value;
+ }
+ }
+#endif
// Methods
public override IPermission CreatePermission ()
{
//
namespace System.Security.Permissions {
- [System.AttributeUsage(
- System.AttributeTargets.Assembly
- | System.AttributeTargets.Class
- | System.AttributeTargets.Struct
- | System.AttributeTargets.Constructor
- | System.AttributeTargets.Method,
+
+ [AttributeUsage(
+ AttributeTargets.Assembly
+ | AttributeTargets.Class
+ | AttributeTargets.Struct
+ | AttributeTargets.Constructor
+ | AttributeTargets.Method,
AllowMultiple=true,
Inherited=false)
]
-
[Serializable]
public abstract class SecurityAttribute : Attribute {
public abstract IPermission CreatePermission ();
public bool Unrestricted {
- get {
- return m_Unrestricted;
- }
- set {
- m_Unrestricted = value;
- }
+ get { return m_Unrestricted; }
+ set { m_Unrestricted = value; }
}
public SecurityAction Action {
- get {
- return m_Action;
- }
- set {
- m_Action = value;
- }
+ get { return m_Action; }
+ set { m_Action = value; }
}
}
}
// System.Security.Permissions.SiteIdentityPermission.cs
//
// Author
-// Sebastien Pouliot <spouliot@motus.com>
+// Sebastien Pouliot <sebastien@ximian.com>
//
// Copyright (C) 2003 Motus Technologies. http://www.motus.com
-//
-
-//
// Copyright (C) 2004 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
-using System;
using System.Globalization;
namespace System.Security.Permissions {
[Serializable]
public sealed class SiteIdentityPermission : CodeAccessPermission, IBuiltInPermission {
+ private const int version = 1;
+
private string _site;
// Constructors
public SiteIdentityPermission (PermissionState state)
{
- if (state == PermissionState.Unrestricted)
- throw new ArgumentException ("Unsupported PermissionState.Unrestricted for Identity Permission");
+ // false == do not allow Unrestricted for Identity Permissions
+ CheckPermissionState (state, false);
}
public SiteIdentityPermission (string site)
public override void FromXml (SecurityElement esd)
{
- if (esd == null)
- throw new ArgumentNullException (
- Locale.GetText ("The argument is null."));
-
- if (esd.Attribute ("class") != GetType ().AssemblyQualifiedName)
- throw new ArgumentException (
- Locale.GetText ("The argument is not valid"));
-
- if (esd.Attribute ("version") != "1")
- throw new ArgumentException (
- Locale.GetText ("The argument is not valid"));
+ // General validation in CodeAccessPermission
+ CheckSecurityElement (esd, "esd", version, version);
+ // Note: we do not (yet) care about the return value
+ // as we only accept version 1 (min/max values)
this.Site = esd.Attribute ("Site");
}
public override SecurityElement ToXml ()
{
- SecurityElement e = new SecurityElement ("IPermission");
- e.AddAttribute ("class", GetType ().AssemblyQualifiedName);
- e.AddAttribute ("version", "1");
-
+ SecurityElement e = Element (version);
e.AddAttribute ("Site", _site);
-
return e;
}
// IBuiltInPermission
int IBuiltInPermission.GetTokenIndex ()
{
- return 10;
+ return (int) BuiltInToken.SiteIdentity;
+ }
+
+ // helpers
+
+ private SiteIdentityPermission Cast (IPermission target)
+ {
+ if (target == null)
+ return null;
+
+ SiteIdentityPermission sip = (target as SiteIdentityPermission);
+ if (sip == null) {
+ ThrowInvalidPermission (target, typeof (SiteIdentityPermission));
+ }
+
+ return sip;
}
}
}
//
// System.Security.Permissions.SiteIdentityPermissionAttribute.cs
//
-// Duncan Mak <duncan@ximian.com>
+// Authors:
+// Duncan Mak <duncan@ximian.com>
+// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2002 Ximian, Inc. http://www.ximian.com
-//
-
-//
// Copyright (C) 2004 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
-using System;
-
namespace System.Security.Permissions {
[AttributeUsage (AttributeTargets.Assembly | AttributeTargets.Class |
// Constructor
public SiteIdentityPermissionAttribute (SecurityAction action)
- : base (action) {}
+ : base (action)
+ {
+ }
// Properties
- public string Site
- {
+ public string Site {
get { return site; }
set { site = value; }
}
// Methods
public override IPermission CreatePermission ()
{
- if (this.Unrestricted)
- throw new ArgumentException ("Unsupported PermissionState.Unrestricted");
-
SiteIdentityPermission perm = null;
- if (site == null)
+ if (this.Unrestricted)
+ perm = new SiteIdentityPermission (PermissionState.Unrestricted);
+ else if (site == null)
perm = new SiteIdentityPermission (PermissionState.None);
else
perm = new SiteIdentityPermission (site);
// Methods
public override IPermission CreatePermission ()
{
- if (this.Unrestricted) {
- throw new ArgumentException (Locale.GetText (
- "Unsupported PermissionState.Unrestricted"));
- }
+ if (this.Unrestricted)
+ return new StrongNameIdentityPermission (PermissionState.Unrestricted);
StrongNameIdentityPermission perm = null;
if ((name == null) && (key == null) && (version == null))
- perm = new StrongNameIdentityPermission (PermissionState.None);
- else {
- if (key == null) {
- throw new ArgumentException (Locale.GetText (
- "PublicKey is required"));
- }
+ return new StrongNameIdentityPermission (PermissionState.None);
- StrongNamePublicKeyBlob blob = StrongNamePublicKeyBlob.FromString (key);
+ if (key == null) {
+ throw new ArgumentException (Locale.GetText (
+ "PublicKey is required"));
+ }
+ StrongNamePublicKeyBlob blob = StrongNamePublicKeyBlob.FromString (key);
- Version v = null;
- if (version != null)
- v = new Version (version);
+ Version v = null;
+ if (version != null)
+ v = new Version (version);
- perm = new StrongNameIdentityPermission (blob, name, v);
- }
- return perm;
+ return new StrongNameIdentityPermission (blob, name, v);
}
}
}
// System.Security.Permissions.UrlIdentityPermission.cs
//
// Author
-// Sebastien Pouliot <spouliot@motus.com>
+// Sebastien Pouliot <sebastien@ximian.com>
//
// Copyright (C) 2003 Motus Technologies. http://www.motus.com
-//
-
-//
// Copyright (C) 2004 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
-using System;
using System.Globalization;
namespace System.Security.Permissions {
[Serializable]
public sealed class UrlIdentityPermission : CodeAccessPermission, IBuiltInPermission {
+ private const int version = 1;
+
private string url;
public UrlIdentityPermission (PermissionState state) : base ()
{
- if (state != PermissionState.None)
- throw new ArgumentException ("only accept None");
+ // false == do not allow Unrestricted for Identity Permissions
+ CheckPermissionState (state, false);
}
public UrlIdentityPermission (string site) : base ()
public override void FromXml (SecurityElement esd)
{
- if (esd == null)
- throw new ArgumentNullException (
- Locale.GetText ("The argument is null."));
-
- if (esd.Attribute ("class") != GetType ().AssemblyQualifiedName)
- throw new ArgumentException (
- Locale.GetText ("The argument is not valid"));
-
- if (esd.Attribute ("version") != "1")
- throw new ArgumentException (
- Locale.GetText ("The argument is not valid"));
+ // General validation in CodeAccessPermission
+ CheckSecurityElement (esd, "esd", 1, 1);
+ // Note: we do not (yet) care about the return value
+ // as we only accept version 1 (min/max values)
url = esd.Attribute ("Url");
}
{
// if one permission is null (object or url) then there's no intersection
// if both are null then intersection is null
- if ((target == null) || (url == null))
+ UrlIdentityPermission uip = Cast (target);
+ if ((uip == null) || (url == null))
return null;
- // if non null, target must be of the same type
- if (!(target is UrlIdentityPermission))
- throw new ArgumentNullException ("target");
-
- UrlIdentityPermission targetUrl = (target as UrlIdentityPermission);
- if (targetUrl.Url == null)
+ if (uip.Url == null)
return null;
// TODO
public override SecurityElement ToXml ()
{
- SecurityElement e = new SecurityElement ("IPermission");
- e.AddAttribute ("class", GetType ().AssemblyQualifiedName);
- e.AddAttribute ("version", "1");
-
- e.AddAttribute ("Url", url);
-
- return e;
+ SecurityElement se = Element (version);
+ se.AddAttribute ("Url", url);
+ return se;
}
[MonoTODO]
// IBuiltInPermission
int IBuiltInPermission.GetTokenIndex ()
{
- return 12;
+ return (int) BuiltInToken.UrlIdentity;
+ }
+
+ // helpers
+
+ private UrlIdentityPermission Cast (IPermission target)
+ {
+ if (target == null)
+ return null;
+
+ UrlIdentityPermission uip = (target as UrlIdentityPermission);
+ if (uip == null) {
+ ThrowInvalidPermission (target, typeof (UrlIdentityPermission));
+ }
+
+ return uip;
}
}
}
//
// Authors:
// Duncan Mak <duncan@ximian.com>
-// Sebastien Pouliot (spouliot@motus.com)
+// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2002 Ximian, Inc. http://www.ximian.com
// Portions (C) 2003 Motus Technologies Inc. (http://www.motus.com)
-//
-
-//
// Copyright (C) 2004 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
-using System;
-
namespace System.Security.Permissions {
[AttributeUsage (AttributeTargets.Assembly | AttributeTargets.Class |
private string url;
// Constructor
- public UrlIdentityPermissionAttribute (SecurityAction action) : base (action) {}
+ public UrlIdentityPermissionAttribute (SecurityAction action)
+ : base (action)
+ {
+ }
// Properties
- public string Url
- {
+ public string Url {
get { return url; }
set { url = value; }
}
public override IPermission CreatePermission ()
{
if (this.Unrestricted)
- throw new ArgumentException ("Unsupported PermissionState.Unrestricted for Identity Permissions");
-
+ return new UrlIdentityPermission (PermissionState.Unrestricted);
// Note: It is possible to create a permission with a
// null URL but not to create a UrlIdentityPermission (null)
- if (url == null)
+ else if (url == null)
return new UrlIdentityPermission (PermissionState.None);
else
return new UrlIdentityPermission (url);
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
-using System;
-
namespace System.Security.Permissions {
[AttributeUsage (AttributeTargets.Assembly | AttributeTargets.Class |
private SecurityZone zone;
// Constructor
- public ZoneIdentityPermissionAttribute (SecurityAction action) : base (action)
+ public ZoneIdentityPermissionAttribute (SecurityAction action)
+ : base (action)
{
zone = SecurityZone.NoZone;
}
// Properties
- public SecurityZone Zone
- {
+ public SecurityZone Zone {
get { return zone; }
set { zone = value; }
}
public override IPermission CreatePermission ()
{
if (this.Unrestricted)
- throw new ArgumentException ("Unsupported PermissionState.Unrestricted");
-
- return new ZoneIdentityPermission (zone);
+ return new ZoneIdentityPermission (PermissionState.Unrestricted);
+ else
+ return new ZoneIdentityPermission (zone);
}
}
}