Author: spouliot
Date: 2005-06-20 12:50:56 -0400 (Mon, 20 Jun 2005)
New Revision: 46249
Modified:
trunk/mcs/class/corlib/System.Security/ChangeLog
trunk/mcs/class/corlib/System.Security/CodeAccessPermission.cs
trunk/mcs/class/corlib/System.Security/PermissionSet.cs
trunk/mcs/class/corlib/System.Security/SecurityManager.cs
Log:
2005-06-20 Sebastien Pouliot <[EMAIL PROTECTED]>
* CodeAccessPermission.cs: Removed redundant and unrequired TODO.
* PermissionSet.cs: Some 2.0 optimizations (because sets are simpler
without the special case for identity permissions).
* SecurityManager.cs: Shortcut for ResolveIdentityPermissions (in 2.0)
and some more declarative security syntax updates.
Modified: trunk/mcs/class/corlib/System.Security/ChangeLog
===================================================================
--- trunk/mcs/class/corlib/System.Security/ChangeLog 2005-06-20 16:45:38 UTC
(rev 46248)
+++ trunk/mcs/class/corlib/System.Security/ChangeLog 2005-06-20 16:50:56 UTC
(rev 46249)
@@ -1,3 +1,11 @@
+2005-06-20 Sebastien Pouliot <[EMAIL PROTECTED]>
+
+ * CodeAccessPermission.cs: Removed redundant and unrequired TODO.
+ * PermissionSet.cs: Some 2.0 optimizations (because sets are simpler
+ without the special case for identity permissions).
+ * SecurityManager.cs: Shortcut for ResolveIdentityPermissions (in 2.0)
+ and some more declarative security syntax updates.
+
2005-06-16 Sebastien Pouliot <[EMAIL PROTECTED]>
* PermissionSet.cs: Added support for non-CAS permissions in the
Modified: trunk/mcs/class/corlib/System.Security/CodeAccessPermission.cs
===================================================================
--- trunk/mcs/class/corlib/System.Security/CodeAccessPermission.cs
2005-06-20 16:45:38 UTC (rev 46248)
+++ trunk/mcs/class/corlib/System.Security/CodeAccessPermission.cs
2005-06-20 16:50:56 UTC (rev 46249)
@@ -96,7 +96,6 @@
public abstract IPermission Copy ();
- [MonoTODO ("Imperative Assert, Deny and PermitOnly aren't yet
supported")]
public void Demand ()
{
// note: here we're sure it's a CAS demand
@@ -171,17 +170,14 @@
bool revert = false;
if ((sf.Assert != null) &&
!sf.Assert.DeclarativeSecurity) {
revert = true;
- // TODO
throw new NotSupportedException ("Currently
only declarative Assert are supported.");
}
if ((sf.Deny != null) && !sf.Deny.DeclarativeSecurity) {
revert = true;
- // TODO
throw new NotSupportedException ("Currently
only declarative Deny are supported.");
}
if ((sf.PermitOnly != null) &&
!sf.PermitOnly.DeclarativeSecurity) {
revert = true;
- // TODO
throw new NotSupportedException ("Currently
only declarative PermitOnly are supported.");
}
@@ -201,7 +197,6 @@
SecurityFrame sf = new SecurityFrame (1);
if ((sf.Assert != null) &&
!sf.Assert.DeclarativeSecurity) {
- // TODO
throw new NotSupportedException ("Currently
only declarative Assert are supported.");
} else {
// we can't revert declarative security (or an
empty frame) imperatively
@@ -217,7 +212,6 @@
SecurityFrame sf = new SecurityFrame (1);
if ((sf.Deny != null) && !sf.Deny.DeclarativeSecurity) {
- // TODO
throw new NotSupportedException ("Currently
only declarative Deny are supported.");
} else {
// we can't revert declarative security (or an
empty frame) imperatively
@@ -233,7 +227,6 @@
SecurityFrame sf = new SecurityFrame (1);
if ((sf.PermitOnly != null) &&
sf.PermitOnly.DeclarativeSecurity) {
- // TODO
throw new NotSupportedException ("Currently
only declarative PermitOnly are supported.");
} else {
// we can't revert declarative security (or an
empty frame) imperatively
Modified: trunk/mcs/class/corlib/System.Security/PermissionSet.cs
===================================================================
--- trunk/mcs/class/corlib/System.Security/PermissionSet.cs 2005-06-20
16:45:38 UTC (rev 46248)
+++ trunk/mcs/class/corlib/System.Security/PermissionSet.cs 2005-06-20
16:50:56 UTC (rev 46249)
@@ -72,9 +72,7 @@
public PermissionSet (PermissionState state) : this ()
{
- if (!Enum.IsDefined (typeof (PermissionState), state))
- throw new System.ArgumentException ("state");
- this.state = state;
+ this.state = CodeAccessPermission.CheckPermissionState
(state, true);
}
public PermissionSet (PermissionSet permSet) : this ()
@@ -151,10 +149,9 @@
}
[MonoTODO ("Imperative mode isn't supported")]
+ [SecurityPermission (SecurityAction.Demand, Assertion = true)]
public virtual void Assert ()
{
- new SecurityPermission
(SecurityPermissionFlag.Assertion).Demand ();
-
int count = this.Count;
// we (current frame) must have the permission to
assert it to others
@@ -202,7 +199,6 @@
}
}
- [MonoTODO ("Imperative Assert, Deny and PermitOnly aren't yet
supported")]
public virtual void Demand ()
{
// Note: SecurityEnabled only applies to CAS permissions
@@ -381,9 +377,11 @@
public bool ContainsNonCodeAccessPermissions ()
{
- foreach (IPermission p in list) {
- if (! p.GetType ().IsSubclassOf (typeof
(CodeAccessPermission)))
- return true;
+ if (list.Count > 0) {
+ foreach (IPermission p in list) {
+ if (! p.GetType ().IsSubclassOf (typeof
(CodeAccessPermission)))
+ return true;
+ }
}
return false;
}
@@ -483,20 +481,32 @@
if (this.IsUnrestricted () && other.IsUnrestricted ())
state = PermissionState.Unrestricted;
- PermissionSet interSet = new PermissionSet (state);
+ PermissionSet interSet = null;
+#if NET_2_0
+ // much simpler with 2.0
if (state == PermissionState.Unrestricted) {
+ interSet = new PermissionSet (state);
+ } else if (this.IsUnrestricted ()) {
+ interSet = other.Copy ();
+ } else if (other.IsUnrestricted ()) {
+ interSet = this.Copy ();
+ } else {
+ interSet = new PermissionSet (state);
+ InternalIntersect (interSet, this, other,
false);
+ }
+#else
+ interSet = new PermissionSet (state);
+ if (state == PermissionState.Unrestricted) {
InternalIntersect (interSet, this, other, true);
InternalIntersect (interSet, other, this, true);
- }
- else if (this.IsUnrestricted ()) {
+ } else if (this.IsUnrestricted ()) {
InternalIntersect (interSet, this, other, true);
- }
- else if (other.IsUnrestricted ()) {
+ } else if (other.IsUnrestricted ()) {
InternalIntersect (interSet, other, this, true);
- }
- else {
+ } else {
InternalIntersect (interSet, this, other,
false);
}
+#endif
return interSet;
}
@@ -601,9 +611,14 @@
if (other == null)
return this.Copy ();
- PermissionSet copy = this.Copy ();
+ PermissionSet copy = null;
if (this.IsUnrestricted () || other.IsUnrestricted ()) {
- // so we keep the "right" type
+#if NET_2_0
+ // there are no child elements in unrestricted
permission sets
+ return new PermissionSet
(PermissionState.Unrestricted);
+#else
+ copy = this.Copy ();
+ // so we keep the "right" type (e.g.
NamedPermissionSet)
copy.Clear ();
copy.state = PermissionState.Unrestricted;
// copy all permissions that do not implement
IUnrestrictedPermission
@@ -615,8 +630,9 @@
if (!(p is IUnrestrictedPermission))
copy.AddPermission (p);
}
- }
- else {
+#endif
+ } else {
+ copy = this.Copy ();
// PermissionState.None -> copy all permissions
foreach (IPermission p in other.list) {
copy.AddPermission (p);
@@ -811,7 +827,6 @@
string cnam = Encoding.UTF8.GetString (data, position,
clen);
position += clen;
- // TODO: Unification
Type secattr = Type.GetType (cnam);
SecurityAttribute sa = (Activator.CreateInstance
(secattr, action) as SecurityAttribute);
if (sa == null)
Modified: trunk/mcs/class/corlib/System.Security/SecurityManager.cs
===================================================================
--- trunk/mcs/class/corlib/System.Security/SecurityManager.cs 2005-06-20
16:45:38 UTC (rev 46248)
+++ trunk/mcs/class/corlib/System.Security/SecurityManager.cs 2005-06-20
16:50:56 UTC (rev 46249)
@@ -379,7 +379,7 @@
return al.GetEnumerator ();
}
- [SecurityPermission (SecurityAction.Demand,
Flags=SecurityPermissionFlag.ControlPolicy)]
+ [SecurityPermission (SecurityAction.Demand, ControlPolicy =
true)]
public static void SavePolicy ()
{
IEnumerator e = Hierarchy;
@@ -389,7 +389,7 @@
}
}
- [SecurityPermission (SecurityAction.Demand,
Flags=SecurityPermissionFlag.ControlPolicy)]
+ [SecurityPermission (SecurityAction.Demand, ControlPolicy =
true)]
public static void SavePolicyLevel (PolicyLevel level)
{
// Yes this will throw a NullReferenceException, just
like MS (see FDBK13121)
@@ -456,9 +456,13 @@
return false;
}
- // TODO: this changes in 2.0 as identity permissions can now be
unrestricted
internal static void ResolveIdentityPermissions (PermissionSet
ps, Evidence evidence)
{
+#if NET_2_0
+ // in 2.0 identity permissions can now be unrestricted
+ if (ps.IsUnrestricted ())
+ return;
+#endif
// Only host evidence are used for policy resolution
IEnumerator ee = evidence.GetHostEnumerator ();
while (ee.MoveNext ()) {
@@ -479,17 +483,13 @@
{
// Permission sets from the runtime (declarative
security) can be cached
// for performance as they can never change (i.e. they
are read-only).
+ PermissionSet ps = null;
- if (_declsecCache == null) {
- lock (_lockObject) {
- if (_declsecCache == null) {
- _declsecCache = new Hashtable
();
- }
+ lock (_lockObject) {
+ if (_declsecCache == null) {
+ _declsecCache = new Hashtable ();
}
- }
- PermissionSet ps = null;
- lock (_lockObject) {
object key = (object) (int) permissions;
ps = (PermissionSet) _declsecCache [key];
if (ps == null) {
_______________________________________________
Mono-patches maillist - [email protected]
http://lists.ximian.com/mailman/listinfo/mono-patches
