2004-01-05 Sebastien Pouliot <spouliot@videotron.ca>

author Sebastien Pouliot <sebastien@ximian.com>

Tue, 6 Jan 2004 03:15:33 +0000 (03:15 -0000)

committer Sebastien Pouliot <sebastien@ximian.com>

Tue, 6 Jan 2004 03:15:33 +0000 (03:15 -0000)
author Sebastien Pouliot <sebastien@ximian.com>
Tue, 6 Jan 2004 03:15:33 +0000 (03:15 -0000)
committer Sebastien Pouliot <sebastien@ximian.com>
Tue, 6 Jan 2004 03:15:33 +0000 (03:15 -0000)
diff --git a/mcs/class/corlib/System.Security/ChangeLog b/mcs/class/corlib/System.Security/ChangeLog

index 38c14e6a7950ddd8ec317352e071d14ec2285872..ca7b39fe22f763d5bdfda50a8d67c3f134c74282 100755 (executable)
--- a/mcs/class/corlib/System.Security/ChangeLog
+++ b/mcs/class/corlib/System.Security/ChangeLog
@@ -1,3 +1,12 @@
+2004-01-05  Sebastien Pouliot  <spouliot@videotron.ca>
+
+       * CodeAccessPermission.cs: Fixed Union to match 1.1/1.2 documentation. 
+       Simplified ToString to match MS implementation. Added LAMESPEC to 
+       Assert, Demand, Deny and PermitOnly as they aren't virtual.
+       * NamedPermissionSet.cs: Added internal constructor for PolicyLevel. 
+       * PermissionSet.cs: Added internal constructor for PolicyLevel. 
+       * SecurityManager.cs: Moved some stuff to PolicyLevel class (e.g. Load).
+
  2004-01-03  Sebastien Pouliot  <spouliot@videotron.ca>
  
         * SecurityManager.cs: Added some basic stuff to make some security unit
diff --git a/mcs/class/corlib/System.Security/CodeAccessPermission.cs b/mcs/class/corlib/System.Security/CodeAccessPermission.cs

index 148c2a231ba2ceed3169653ef30a7657150974e1..7042078e641ef2d4980de21344b348f386da9618 100755 (executable)
--- a/mcs/class/corlib/System.Security/CodeAccessPermission.cs
+++ b/mcs/class/corlib/System.Security/CodeAccessPermission.cs
@@ -4,11 +4,15 @@
  // Authors:
  //     Miguel de Icaza (miguel@ximian.com)
  //     Nick Drochak, ndrochak@gol.com
+//     Sebastien Pouliot (spouliot@motus.com)
  //
  // (C) Ximian, Inc. http://www.ximian.com
  // Copyright (C) 2001 Nick Drochak, All Rights Reserved
+// Portions (C) 2004 Motus Technologies Inc. (http://www.motus.com)
  //
  
+using System.Globalization;
+using System.Security.Permissions;
  using System.Text;
  
  namespace System.Security {
@@ -18,16 +22,81 @@ namespace System.Security {
  
                 protected CodeAccessPermission () {}
  
-               [MonoTODO()]
-               public void Assert () {}
+               // LAMESPEC: Documented as virtual
+               [MonoTODO("SecurityStackFrame not ready")]
+               public void Assert ()
+               {
+                       // throw a SecurityException if Assertion is denied
+                       new SecurityPermission (SecurityPermissionFlag.Assertion).Demand ();
+//                     SecurityStackFrame.Current.Assert = this;
+               }
  
                 public abstract IPermission Copy ();
  
-               [MonoTODO()]
-               public void Demand () {}
+               // LAMESPEC: Documented as virtual
+               [MonoTODO("MS contralize demands, but I think we should branch back into indivual permission classes.")]
+               public void Demand ()
+               {
+                       IBuiltInPermission perm = (this as IBuiltInPermission);
+                       if (perm == null)
+                               throw new SecurityException (Locale.GetText ("Not a IBuiltInPermission and Demand isn't overridden"));
+
+                       // TODO : Loop the stack
+                       switch (perm.GetTokenIndex ()) {
+                               case 0: // EnvironmentPermission
+                                       // TODO
+                                       break;
+                               case 1: // FileDialogPermission
+                                       // TODO
+                                       break;
+                               case 2: // FileIOPermission
+                                       // TODO
+                                       break;
+                               case 3: // IsolatedStorageFilePermission
+                                       // TODO
+                                       break;
+                               case 4: // ReflectionPermission
+                                       // TODO
+                                       break;
+                               case 5: // RegistryPermission
+                                       // TODO
+                                       break;
+                               case 6: // SecurityPermission
+                                       // TODO
+                                       break;
+                               case 7: // UIPermission
+                                       // TODO
+                                       break;
+                               case 8: // PrincipalPermission
+                                       // TODO
+                                       break;
+                               case 9: // PublisherIdentityPermission
+                                       // TODO
+                                       break;
+                               case 10: // SiteIdentityPermission
+                                       // TODO
+                                       break;
+                               case 11: // StrongNameIdentityPermission
+                                       // TODO
+                                       break;
+                               case 12: // UrlIdentityPermission
+                                       // TODO
+                                       break;
+                               case 13: // ZoneIdentityPermission
+                                       // TODO
+                                       break;
+                               default:
+                                       string message = String.Format (Locale.GetText ("Unknown IBuiltInPermission #{0}"), perm.GetTokenIndex ());
+                                       throw new SecurityException (message);
+                       }
+               }
  
-               [MonoTODO()]
-               public void Deny () {}
+               // LAMESPEC: Documented as virtual
+               [MonoTODO("SecurityStackFrame not ready")]
+               public void Deny ()
+               {
+//                     SecurityStackFrame.Current.Deny = this;
+               }
  
                 public abstract void FromXml (SecurityElement elem);
  
@@ -35,38 +104,51 @@ namespace System.Security {
  
                 public abstract bool IsSubsetOf (IPermission target);
  
-               public override string ToString()
+               public override string ToString ()
                 {
                         SecurityElement elem = ToXml ();
-                       return elem == null ? null : elem.ToString ();
+                       return elem.ToString ();
                 }
  
                 public abstract SecurityElement ToXml ();
  
-               [MonoTODO("Incomplete")]
                 public virtual IPermission Union (IPermission other)
                 {
-                       if (!(other is System.Security.CodeAccessPermission))
-                               throw new System.ArgumentException(); // other is not of type System.Security.CodeAccessPermission.
                         if (null != other)
-                               throw new System.NotSupportedException(); // other is not null.
+                               throw new System.NotSupportedException (); // other is not null.
                         return null;
                 }
  
-               [MonoTODO()]
-               public void PermitOnly () {}
+               // LAMESPEC: Documented as virtual
+               [MonoTODO("SecurityStackFrame not ready")]
+               public void PermitOnly ()
+               {
+//                     SecurityStackFrame.Current.PermitOnly = this;
+               }
  
-               [MonoTODO()]
-               public static void RevertAll () {}
+               [MonoTODO("SecurityStackFrame not ready")]
+               public static void RevertAll ()
+               {
+//                     SecurityStackFrame.Current.RevertAll ();
+               }
  
-               [MonoTODO()]
-               public static void RevertAssert () {}
+               [MonoTODO("SecurityStackFrame not ready")]
+               public static void RevertAssert () 
+               {
+//                     SecurityStackFrame.Current.RevertAssert ();
+               }
  
-               [MonoTODO()]
-               public static void RevertDeny () {}
+               [MonoTODO("SecurityStackFrame not ready")]
+               public static void RevertDeny ()
+               {
+//                     SecurityStackFrame.Current.RevertDeny ();
+               }
  
-               [MonoTODO()]
-               public static void RevertPermitOnly () {}
+               [MonoTODO("SecurityStackFrame not ready")]
+               public static void RevertPermitOnly () 
+               {
+//                     SecurityStackFrame.Current.RevertPermitOnly ();
+               }
  
                 // snippet moved from FileIOPermission (nickd) to be reused in all derived classes
                 internal SecurityElement Element (object o, int version) 
diff --git a/mcs/class/corlib/System.Security/NamedPermissionSet.cs b/mcs/class/corlib/System.Security/NamedPermissionSet.cs

index 3cfd8216e07dbb3dbdce9b49b867cbaf24dd55e6..da2449dfb0e272c29b2ea0c75b2f04c836214d61 100644 (file)
--- a/mcs/class/corlib/System.Security/NamedPermissionSet.cs
+++ b/mcs/class/corlib/System.Security/NamedPermissionSet.cs
@@ -31,6 +31,11 @@ namespace System.Security {
  
                 public NamedPermissionSet (string name) : this (name, PermissionState.None) {}
  
+               // for PolicyLevel (to avoid validation duplication)
+               internal NamedPermissionSet (SecurityElement e) : base (e) {}
+
+               // properties
+
                 public string Description {
                         get { return description; }
                         set { description = value; }
@@ -59,7 +64,7 @@ namespace System.Security {
  
                 public override void FromXml (SecurityElement e) 
                 {
-                       FromXml (e, "System.Security.NamedPermissionSet");
+                       FromXml (e, "NamedPermissionSet");
                         Name = (e.Attributes ["Name"] as string);
                         description = (e.Attributes ["Description"] as string);
                         if (description == null)
diff --git a/mcs/class/corlib/System.Security/PermissionSet.cs b/mcs/class/corlib/System.Security/PermissionSet.cs

index b086eaccdd4c0e0df6e6e3504d2f6c2ed069742a..3c52192c7e6e2fe78b17ab066577496ce69ad483 100644 (file)
--- a/mcs/class/corlib/System.Security/PermissionSet.cs
+++ b/mcs/class/corlib/System.Security/PermissionSet.cs
@@ -23,6 +23,8 @@ namespace System.Security {
                 private PermissionState state;
                 private ArrayList list;
  
+               // constructors
+
                 public PermissionSet (PermissionState state)
                 {
                         if (!Enum.IsDefined(typeof(System.Security.Permissions.PermissionState), state))
@@ -44,6 +46,15 @@ namespace System.Security {
                         }
                 }
  
+               // for PolicyLevel (to avoid validation duplication)
+               internal PermissionSet (SecurityElement e) 
+               {
+                       list = new ArrayList ();
+                       FromXml (e);
+               }
+
+               // methods
+
                 public virtual IPermission AddPermission (IPermission perm)
                 {
                         if (perm == null)
@@ -95,7 +106,7 @@ namespace System.Security {
                                 throw new ArgumentNullException ("et");
                         if (et.Tag != "PermissionSet")
                                 throw new ArgumentException ("not PermissionSet");
-                       if (!(et.Attributes ["class"] as string).StartsWith (className))
+                       if (!(et.Attributes ["class"] as string).EndsWith (className))
                                 throw new ArgumentException ("not " + className);
  // version isn't checked
  //                     if ((et.Attributes ["version"] as string) != "1")
@@ -110,7 +121,7 @@ namespace System.Security {
                 public virtual void FromXml (SecurityElement et)
                 {
                         list.Clear ();
-                       FromXml (et, "System.Security.PermissionSet");
+                       FromXml (et, "PermissionSet");
                         if (et.Children != null) {
                                 foreach (SecurityElement se in et.Children) {
                                         string className = (se.Attributes ["class"] as string);
diff --git a/mcs/class/corlib/System.Security/SecurityManager.cs b/mcs/class/corlib/System.Security/SecurityManager.cs

index 49008e6b152b85214743931e05bd6fd4853cf885..c0238669582ad18006b2429f0bb6a9ce2e187c35 100644 (file)
--- a/mcs/class/corlib/System.Security/SecurityManager.cs
+++ b/mcs/class/corlib/System.Security/SecurityManager.cs
@@ -10,17 +10,23 @@
  //
  
  using System.Collections;
+using System.Globalization;
  using System.IO;
  using System.Security.Permissions;
  using System.Security.Policy;
  
+using Mono.Xml;
+
  namespace System.Security {
  
+       // Note: Using [SecurityPermissionAttribute] would be cool but triggers an error
+       // as you can't reference a custom security attribute from it's own assembly (CS0647)
+
         public sealed class SecurityManager {
  
                 private static bool checkExecutionRights;
                 private static bool securityEnabled;
-               static private object _lockObject;
+               private static object _lockObject;
                 private static ArrayList _hierarchy;
  
                 static SecurityManager () 
@@ -64,46 +70,51 @@ namespace System.Security {
                         return false;
                 }
  
-               [MonoTODO()]
                 public static PolicyLevel LoadPolicyLevelFromFile (string path, PolicyLevelType type)
                 {
-                       if (path == null)
-                               throw new ArgumentNullException ("path");
-                       if (!File.Exists (path))
-                               throw new ArgumentException ("file do not exist");
                         // throw a SecurityException if we don't have ControlPolicy permission
                         new SecurityPermission (SecurityPermissionFlag.ControlPolicy).Demand ();
-                       // throw a SecurityException if we don't have Read, Write and PathDiscovery permissions
-                       FileIOPermissionAccess access = FileIOPermissionAccess.Read | FileIOPermissionAccess.Write | FileIOPermissionAccess.PathDiscovery;
-                       new FileIOPermission (access, path).Demand ();
  
-                       // TODO
-                       return null;
+                       if (path == null)
+                               throw new ArgumentNullException ("path");
+
+                       PolicyLevel pl = null;
+                       try {
+                               pl = new PolicyLevel (type.ToString ());
+                               pl.LoadFromFile (path);
+                       }
+                       catch (Exception e) {
+                               throw new ArgumentException (Locale.GetText ("Invalid policy XML"), e);
+                       }
+                       return pl;
                 }
  
-               [MonoTODO()]
                 public static PolicyLevel LoadPolicyLevelFromString (string str, PolicyLevelType type)
                 {
-                       if (null == str)
-                               throw new ArgumentNullException("str");
                         // throw a SecurityException if we don't have ControlPolicy permission
                         new SecurityPermission (SecurityPermissionFlag.ControlPolicy).Demand ();
  
-                       // TODO
-                       return null;
+                       if (null == str)
+                               throw new ArgumentNullException ("str");
+
+                       PolicyLevel pl = null;
+                       try {
+                               pl = new PolicyLevel (type.ToString ());
+                               pl.LoadFromString (str);
+                       }
+                       catch (Exception e) {
+                               throw new ArgumentException (Locale.GetText ("Invalid policy XML"), e);
+                       }
+                       return pl;
                 }
  
-               [MonoTODO("InitializePolicyHierarchy not implemented")]
+               [MonoTODO("InitializePolicyHierarchy isn't complete")]
                 public static IEnumerator PolicyHierarchy ()
                 {
                         // throw a SecurityException if we don't have ControlPolicy permission
                         new SecurityPermission (SecurityPermissionFlag.ControlPolicy).Demand ();
-                       if (_hierarchy == null) {
-                               lock (_lockObject) {
-                                       InitializePolicyHierarchy ();
-                               }
-                       }
-                       return _hierarchy.GetEnumerator ();
+                       
+                       return Hierarchy;
                 }
  
                 [MonoTODO()]
@@ -129,8 +140,9 @@ namespace System.Security {
                 public static void SavePolicy () 
                 {
                         // throw a SecurityException if we don't have ControlPolicy permission
-                       // done by using PolicyHierarchy (no need to duplicate)
-                       IEnumerator e = PolicyHierarchy ();
+                       new SecurityPermission (SecurityPermissionFlag.ControlPolicy).Demand ();
+
+                       IEnumerator e = Hierarchy;
                         while (e.MoveNext ()) {
                                 PolicyLevel level = (e.Current as PolicyLevel);
                                 InternalSavePolicyLevel (level);
@@ -148,6 +160,17 @@ namespace System.Security {
  
                 // internal stuff
  
+               internal static IEnumerator Hierarchy {
+                       get {
+                               if (_hierarchy == null) {
+                                       lock (_lockObject) {
+                                               InitializePolicyHierarchy ();
+                                       }
+                               }
+                               return _hierarchy.GetEnumerator ();
+                       }
+               }
+
                 internal static void InternalSavePolicyLevel (PolicyLevel level) 
                 {
                         // without the security checks (to avoid checks in loops)
author	Sebastien Pouliot <sebastien@ximian.com>
	Tue, 6 Jan 2004 03:15:33 +0000 (03:15 -0000)
committer	Sebastien Pouliot <sebastien@ximian.com>
	Tue, 6 Jan 2004 03:15:33 +0000 (03:15 -0000)
mcs/class/corlib/System.Security/ChangeLog		patch \| blob \| history
mcs/class/corlib/System.Security/CodeAccessPermission.cs		patch \| blob \| history
mcs/class/corlib/System.Security/NamedPermissionSet.cs		patch \| blob \| history
mcs/class/corlib/System.Security/PermissionSet.cs		patch \| blob \| history
mcs/class/corlib/System.Security/SecurityManager.cs		patch \| blob \| history