//
// System.Security.Permissions.ResourcePermissionBase.cs
//
// Authors:
// Jonathan Pryor (jonpryor@vt.edu)
// Sebastien Pouliot <sebastien@ximian.com>
//
// (C) 2002
// Copyright (C) 2004-2005 Novell, Inc (http://www.novell.com)
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
//
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
using System.Collections;
using System.Globalization;
namespace System.Security.Permissions{
[Serializable]
public abstract class ResourcePermissionBase : CodeAccessPermission, IUnrestrictedPermission {
private const int version = 1;
private ArrayList _list;
private bool _unrestricted;
private Type _type;
private string[] _tags;
protected ResourcePermissionBase ()
{
_list = new ArrayList ();
}
protected ResourcePermissionBase (PermissionState state) : this ()
{
#if NET_2_0
PermissionHelper.CheckPermissionState (state, true);
#else
// there are no validation of the permission state
// but any invalid value results in a restricted set
#endif
_unrestricted = (state == PermissionState.Unrestricted);
}
public const string Any = "*";
public const string Local = ".";
protected Type PermissionAccessType {
get { return _type; }
set {
if (value == null)
throw new ArgumentNullException ("PermissionAccessType");
if (!value.IsEnum)
throw new ArgumentException ("!Enum", "PermissionAccessType");
_type = value;
}
}
protected string[] TagNames {
get { return _tags; }
set {
if (value == null)
throw new ArgumentNullException ("TagNames");
if (value.Length == 0)
throw new ArgumentException ("Length==0", "TagNames");
_tags = value;
}
}
protected void AddPermissionAccess (ResourcePermissionBaseEntry entry)
{
CheckEntry (entry);
if (Exists (entry)) {
string msg = Locale.GetText ("Entry already exists.");
throw new InvalidOperationException (msg);
}
_list.Add (entry);
}
protected void Clear ()
{
_list.Clear ();
}
public override IPermission Copy ()
{
ResourcePermissionBase copy = CreateFromType (this.GetType (), _unrestricted);
if (_tags != null)
copy._tags = (string[]) _tags.Clone ();
copy._type = _type;
// FIXME: shallow or deep copy ?
copy._list.AddRange (_list);
return copy;
}
[MonoTODO ("incomplete - need more test")]
public override void FromXml (SecurityElement securityElement)
{
#if NET_2_0
if (securityElement == null)
throw new ArgumentNullException ("securityElement");
#else
if (securityElement == null)
throw new NullReferenceException ("securityElement");
#endif
CheckSecurityElement (securityElement, "securityElement", version, version);
// Note: we do not (yet) care about the return value
// as we only accept version 1 (min/max values)
_list.Clear ();
_unrestricted = PermissionHelper.IsUnrestricted (securityElement);
if ((securityElement.Children == null) || (securityElement.Children.Count < 1))
return;
string[] names = new string [1];
foreach (SecurityElement child in securityElement.Children) {
// TODO: handle multiple names
names [0] = child.Attribute ("name");
int access = (int) Enum.Parse (PermissionAccessType, child.Attribute ("access"));
ResourcePermissionBaseEntry entry = new ResourcePermissionBaseEntry (access, names);
AddPermissionAccess (entry);
}
}
protected ResourcePermissionBaseEntry[] GetPermissionEntries ()
{
ResourcePermissionBaseEntry[] entries = new ResourcePermissionBaseEntry [_list.Count];
_list.CopyTo (entries, 0);
return entries;
}
public override IPermission Intersect (IPermission target)
{
ResourcePermissionBase rpb = Cast (target);
if (rpb == null)
return null;
bool su = this.IsUnrestricted ();
bool tu = rpb.IsUnrestricted ();
// if one is empty we return null (unless the other one is unrestricted)
if (IsEmpty () && !tu)
return null;
if (rpb.IsEmpty () && !su)
return null;
ResourcePermissionBase result = CreateFromType (this.GetType (), (su && tu));
foreach (ResourcePermissionBaseEntry entry in _list) {
if (tu || rpb.Exists (entry))
result.AddPermissionAccess (entry);
}
foreach (ResourcePermissionBaseEntry entry in rpb._list) {
// don't add twice
if ((su || this.Exists (entry)) && !result.Exists (entry))
result.AddPermissionAccess (entry);
}
return result;
}
public override bool IsSubsetOf (IPermission target)
{
if (target == null) {
#if NET_2_0
// do not use Cast - different permissions (and earlier Fx) return false :-/
return true;
#else
return false;
#endif
}
ResourcePermissionBase rpb = (target as ResourcePermissionBase);
if (rpb == null)
return false;
if (rpb.IsUnrestricted ())
return true;
if (IsUnrestricted ())
return rpb.IsUnrestricted ();
foreach (ResourcePermissionBaseEntry entry in _list) {
if (!rpb.Exists (entry))
return false;
}
return true;
}
public bool IsUnrestricted ()
{
return _unrestricted;
}
protected void RemovePermissionAccess (ResourcePermissionBaseEntry entry)
{
CheckEntry (entry);
for (int i = 0; i < _list.Count; i++) {
ResourcePermissionBaseEntry rpbe = (ResourcePermissionBaseEntry) _list [i];
if (Equals (entry, rpbe)) {
_list.RemoveAt (i);
return;
}
}
string msg = Locale.GetText ("Entry doesn't exists.");
throw new InvalidOperationException (msg);
}
public override SecurityElement ToXml ()
{
SecurityElement se = PermissionHelper.Element (this.GetType (), version);
if (IsUnrestricted ()) {
se.AddAttribute ("Unrestricted", "true");
}
else {
foreach (ResourcePermissionBaseEntry entry in _list) {
SecurityElement container = se;
string access = null;
if (PermissionAccessType != null)
access = Enum.Format (PermissionAccessType, entry.PermissionAccess, "g");
for (int i=0; i < _tags.Length; i++) {
SecurityElement child = new SecurityElement (_tags [i]);
child.AddAttribute ("name", entry.PermissionAccessPath [i]);
if (access != null)
child.AddAttribute ("access", access);
container.AddChild (child);
child = container;
}
}
}
return se;
}
public override IPermission Union (IPermission target)
{
ResourcePermissionBase rpb = Cast (target);
if (rpb == null)
return Copy ();
if (IsEmpty () && rpb.IsEmpty ())
return null;
if (rpb.IsEmpty ())
return Copy ();
if (IsEmpty ())
return rpb.Copy ();
bool unrestricted = (IsUnrestricted () || rpb.IsUnrestricted ());
ResourcePermissionBase result = CreateFromType (this.GetType (), unrestricted);
// strangely unrestricted union doesn't process the elements (while intersect does)
if (!unrestricted) {
foreach (ResourcePermissionBaseEntry entry in _list) {
result.AddPermissionAccess (entry);
}
foreach (ResourcePermissionBaseEntry entry in rpb._list) {
// don't add twice
if (!result.Exists (entry))
result.AddPermissionAccess (entry);
}
}
return result;
}
// helpers
private bool IsEmpty ()
{
return (!_unrestricted && (_list.Count == 0));
}
private ResourcePermissionBase Cast (IPermission target)
{
if (target == null)
return null;
ResourcePermissionBase rp = (target as ResourcePermissionBase);
if (rp == null) {
PermissionHelper.ThrowInvalidPermission (target, typeof (ResourcePermissionBase));
}
return rp;
}
internal void CheckEntry (ResourcePermissionBaseEntry entry)
{
if (entry == null)
throw new ArgumentNullException ("entry");
if ((entry.PermissionAccessPath == null) || (entry.PermissionAccessPath.Length != _tags.Length)) {
string msg = Locale.GetText ("Entry doesn't match TagNames");
throw new InvalidOperationException (msg);
}
}
internal bool Equals (ResourcePermissionBaseEntry entry1, ResourcePermissionBaseEntry entry2)
{
if (entry1.PermissionAccess != entry2.PermissionAccess)
return false;
if (entry1.PermissionAccessPath.Length != entry2.PermissionAccessPath.Length)
return false;
for (int i=0; i < entry1.PermissionAccessPath.Length; i++) {
if (entry1.PermissionAccessPath [i] != entry2.PermissionAccessPath [i])
return false;
}
return true;
}
internal bool Exists (ResourcePermissionBaseEntry entry)
{
if (_list.Count == 0)
return false;
foreach (ResourcePermissionBaseEntry rpbe in _list) {
if (Equals (rpbe, entry))
return true;
}
return false;
}
// logic isn't identical to PermissionHelper.CheckSecurityElement
// - no throw on version mismatch
internal int CheckSecurityElement (SecurityElement se, string parameterName, int minimumVersion, int maximumVersion)
{
if (se == null)
throw new ArgumentNullException (parameterName);
#if NET_2_0
// Tag is case-sensitive
if (se.Tag != "IPermission") {
string msg = String.Format (Locale.GetText ("Invalid tag {0}"), se.Tag);
throw new ArgumentException (msg, parameterName);
}
#endif
// Note: we do not care about the class attribute at
// this stage (in fact we don't even if the class
// attribute is present or not). Anyway the object has
// already be created, with success, if we're loading it
// we assume minimum version if no version number is supplied
int version = minimumVersion;
string v = se.Attribute ("version");
if (v != null) {
try {
version = Int32.Parse (v);
}
catch (Exception e) {
string msg = Locale.GetText ("Couldn't parse version from '{0}'.");
msg = String.Format (msg, v);
throw new ArgumentException (msg, parameterName, e);
}
}
#if NET_2_0
if ((version < minimumVersion) || (version > maximumVersion)) {
string msg = Locale.GetText ("Unknown version '{0}', expected versions between ['{1}','{2}'].");
msg = String.Format (msg, version, minimumVersion, maximumVersion);
throw new ArgumentException (msg, parameterName);
}
#endif
return version;
}
// static helpers
private static char[] invalidChars = new char[] { '\t', '\n', '\v', '\f', '\r', ' ', '\\', '\x160' };
internal static void ValidateMachineName (string name)
{
// FIXME: maybe other checks are required (but not documented)
if ((name == null) || (name.Length == 0) || (name.IndexOfAny (invalidChars) != -1)) {
string msg = Locale.GetText ("Invalid machine name '{0}'.");
if (name == null)
name = "(null)";
msg = String.Format (msg, name);
throw new ArgumentException (msg, "MachineName");
}
}
internal static ResourcePermissionBase CreateFromType (Type type, bool unrestricted)
{
object[] parameters = new object [1];
parameters [0] = (object) ((unrestricted) ? PermissionState.Unrestricted : PermissionState.None);
// we must return the derived type - this is why an empty constructor is required ;-)
return (ResourcePermissionBase) Activator.CreateInstance (type, parameters);
}
}
}
|