NamedPermissionSet-Klasse
Definiert einen Berechtigungssatz, dem ein Name und eine Beschreibung zugeordnet sind. Diese Klasse kann nicht vererbt werden.
Namespace: System.Security
Assembly: mscorlib (in mscorlib.dll)
Syntax
'Declaration
<SerializableAttribute> _
<ComVisibleAttribute(True)> _
Public NotInheritable Class NamedPermissionSet
Inherits PermissionSet
'Usage
Dim instance As NamedPermissionSet
[SerializableAttribute]
[ComVisibleAttribute(true)]
public sealed class NamedPermissionSet : PermissionSet
[SerializableAttribute]
[ComVisibleAttribute(true)]
public ref class NamedPermissionSet sealed : public PermissionSet
/** @attribute SerializableAttribute() */
/** @attribute ComVisibleAttribute(true) */
public final class NamedPermissionSet extends PermissionSet
SerializableAttribute
ComVisibleAttribute(true)
public final class NamedPermissionSet extends PermissionSet
Hinweise
Mit benannten Berechtigungssätzen werden bei der Verwaltung von Sicherheitsrichtlinien die Berechtigungen angegeben, die einem Code einer bestimmten Codegruppe gewährt werden. Namen sind Zeichenfolgen aus alphanumerischen Zeichen. Beschreibungszeichenfolgen können beliebige druckbare Zeichen enthalten.
Beispiel
Im folgenden Codebeispiel wird die Verwendung von Membern der NamedPermissionSet-Klasse veranschaulicht.
Imports System
Imports System.Reflection
Imports System.Security
Imports System.Security.Permissions
Imports System.Security.Policy
Imports System.IO
Imports System.Collections
Public Class Form1
Inherits System.Windows.Forms.Form
#Region " Windows Form Designer generated code "
Public Sub New()
MyBase.New()
'This call is required by the Windows Form Designer.
InitializeComponent()
'Add any initialization after the InitializeComponent() call
End Sub
'Form overrides dispose to clean up the component list.
Protected Overloads Overrides Sub Dispose(ByVal disposing As Boolean)
If disposing Then
If Not (components Is Nothing) Then
components.Dispose()
End If
End If
MyBase.Dispose(disposing)
End Sub
'Required by the Windows Form Designer
Private components As System.ComponentModel.IContainer
'NOTE: The following procedure is required by the Windows Form Designer
'It can be modified using the Windows Form Designer.
'Do not modify it using the code editor.
Friend WithEvents TextBox1 As System.Windows.Forms.TextBox
Friend WithEvents Button1 As System.Windows.Forms.Button
Friend WithEvents Button2 As System.Windows.Forms.Button
<System.Diagnostics.DebuggerStepThrough()> Private Sub InitializeComponent()
Me.TextBox1 = New System.Windows.Forms.TextBox
Me.Button1 = New System.Windows.Forms.Button
Me.Button2 = New System.Windows.Forms.Button
Me.SuspendLayout()
'
'TextBox1
'
Me.TextBox1.Location = New System.Drawing.Point(16, 40)
Me.TextBox1.Multiline = True
Me.TextBox1.Name = "TextBox1"
Me.TextBox1.ScrollBars = System.Windows.Forms.ScrollBars.Both
Me.TextBox1.Size = New System.Drawing.Size(752, 336)
Me.TextBox1.TabIndex = 0
Me.TextBox1.Text = ""
'
'Button1
'
Me.Button1.Location = New System.Drawing.Point(440, 440)
Me.Button1.Name = "Button1"
Me.Button1.Size = New System.Drawing.Size(80, 24)
Me.Button1.TabIndex = 1
Me.Button1.Text = "Run Demo"
'
'Button2
'
Me.Button2.Location = New System.Drawing.Point(568, 440)
Me.Button2.Name = "Button2"
Me.Button2.Size = New System.Drawing.Size(88, 24)
Me.Button2.TabIndex = 2
Me.Button2.Text = "Exit"
'
'Form1
'
Me.AutoScaleBaseSize = New System.Drawing.Size(5, 13)
Me.ClientSize = New System.Drawing.Size(808, 502)
Me.Controls.Add(Me.Button2)
Me.Controls.Add(Me.Button1)
Me.Controls.Add(Me.TextBox1)
Me.Name = "Form1"
Me.Text = "Form1"
Me.ResumeLayout(False)
End Sub
#End Region
Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
End Sub
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
PermissionSetDemo()
End Sub
Private Sub PermissionSetDemo()
TextBox1.AppendText("Executing NamedPermissionSetDemo")
Try
' Create a new named permission set and add it to Machine policy.
Dim namedPS1 As NamedPermissionSet
namedPS1 = CreateCompanyPermission()
TextBox1.AppendText(("The name of the custom named permission set is " + namedPS1.Name + ControlChars.Lf))
TextBox1.AppendText(("The description of the custom named permission set is " + namedPS1.Description + ControlChars.Lf))
DisplayPermissions(namedPS1)
Dim namedPS2 As New NamedPermissionSet("MyPermssionSetCopy")
' Perform a ToXml/FromXml round trip.
namedPS2.FromXml(namedPS1.ToXml())
TextBox1.AppendText(ControlChars.Lf + "Result of the ToXml/FromXml round trip:")
' For simplicity the results are displayed using a method call.
DisplayPermissions(namedPS2)
' Create and display a copy of a permission set.
Dim namedPS3 As NamedPermissionSet = CType(namedPS2.Copy(), NamedPermissionSet)
TextBox1.AppendText("Is the copy equal to the original? " + namedPS2.Equals(namedPS3).ToString())
Dim namedPS4 As New NamedPermissionSet("Second copy", namedPS3)
TextBox1.AppendText(("The name of the new permission set is " + namedPS4.Name + ControlChars.Lf))
' Show that the new named permission set has the same permissions as the original.
DisplayPermissions(namedPS4)
' The hash code for two instances of the same permission might be different, hence a hash code should not be used to
' compare two named permission sets.
TextBox1.AppendText("The hash code of the original permission set is " + namedPS2.GetHashCode().ToString())
TextBox1.AppendText("The hash code of the copy is " + namedPS4.GetHashCode().ToString())
Catch e As Exception
TextBox1.AppendText(("Exception thrown: " + e.Message.ToString()))
End Try
End Sub 'PermissionSetDemo
Private Function DisplayPermissions(ByVal namedPS1 As NamedPermissionSet) As Boolean
' Display results of namedPS.GetEnumerator.
Dim psEnumerator As IEnumerator = namedPS1.GetEnumerator()
While psEnumerator.MoveNext()
TextBox1.AppendText(CType(psEnumerator.Current, IPermission).ToXml().ToString())
End While
Return True
End Function 'DisplayPermissions
' The following method uses the LocalIntranet permission set to create
' a custom permission set named MyCompany. The new permission set is
' added to local Machine policy. The custom named permission set is returned.
Private Function CreateCompanyPermission() As NamedPermissionSet
Dim policyEnumerator As IEnumerator = SecurityManager.PolicyHierarchy()
' Move through the policy levels to the Machine policy level.
While policyEnumerator.MoveNext()
Dim currentLevel As PolicyLevel = CType(policyEnumerator.Current, PolicyLevel)
If currentLevel.Label = "Machine" Then
' Enumerate the permission sets in the Machine policy level.
Dim namedPermissions As IList = currentLevel.NamedPermissionSets
Dim namedPermission As IEnumerator = namedPermissions.GetEnumerator()
' Locate the LocalIntranet permission set.
While namedPermission.MoveNext()
If CType(namedPermission.Current, NamedPermissionSet).Name = "LocalIntranet" Then
' The current permission set is a copy of the LocalIntranet permission set.
' It can be modified to provide the permissions for the new permission set.
' Rename the copy to the name chosen for the new permission set.
CType(namedPermission.Current, NamedPermissionSet).Name = "MyCompany"
CType(namedPermission.Current, NamedPermissionSet).Description = "My custom named permission set"
Dim permissions As IEnumerator = CType(namedPermission.Current, NamedPermissionSet).GetEnumerator()
' Remove the current security permission from the permission set and replace it
' with a new security permission that does not have the right to assert permissions.
While permissions.MoveNext()
If permissions.Current.GetType().ToString() = "System.Security.Permissions.SecurityPermission" Then
' Remove the current security permission.
CType(namedPermission.Current, NamedPermissionSet).RemovePermission(permissions.Current.GetType())
' Add a new security permission that only allows execution.
CType(namedPermission.Current, NamedPermissionSet).AddPermission(New SecurityPermission(SecurityPermissionFlag.Execution))
Exit While
End If
End While
Try
' If you run this application twice, the following instruction throws
' an exception because the named permission set already exists.
' You can remove the custom named permission set using either Caspole.exe or the
' .NET Framework Configuration tool (Mscorcfg.msc).
currentLevel.AddNamedPermissionSet(CType(namedPermission.Current, NamedPermissionSet))
SecurityManager.SavePolicy()
Return CType(namedPermission.Current, NamedPermissionSet)
' Catch the exception for a duplicate permission set.
Catch e As System.ArgumentException
TextBox1.AppendText(e.Message + ControlChars.Lf)
Return CType(namedPermission.Current, NamedPermissionSet)
End Try
End If
End While
End If
End While
' The following code is executed only if the LocalIntranet permission set has been removed.
Return New NamedPermissionSet("Nothing")
End Function 'CreateCompanyPermission
Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click
Form1.ActiveForm.Close()
End Sub
End Class 'NamedPermissionSetDemo
using System;
using System.Reflection;
using System.Security;
using System.Security.Permissions;
using System.Security.Policy;
using System.IO;
using System.Collections;
class NamedPermissionSetDemo
{
public static void PermissionSetDemo()
{
Console.WriteLine("Executing NamedPermissionSetDemo");
try
{
// Create a new named permission set and add it to Machine policy.
NamedPermissionSet namedPS1 = CreateCompanyPermission();
Console.WriteLine("The name of the custom named permission set is " + namedPS1.Name + "\n");
Console.WriteLine("The description of the custom named permission set is " + namedPS1.Description + "\n");
DisplayPermissions(namedPS1);
NamedPermissionSet namedPS2 = new NamedPermissionSet("MyPermssionSetCopy");
// Perform a ToXml/FromXml round trip.
namedPS2.FromXml(namedPS1.ToXml());
Console.WriteLine("\nResult of the ToXml/FromXml round trip:");
// For simplicity the results are displayed using a method call.
DisplayPermissions(namedPS2);
// Create and display a copy of a permission set.
NamedPermissionSet namedPS3 = (NamedPermissionSet)namedPS2.Copy();
Console.WriteLine("Is the copy equal to the original? " + namedPS2.Equals(namedPS3));
NamedPermissionSet namedPS4 = new NamedPermissionSet("Second copy", namedPS3);
Console.WriteLine("The name of the new permission set is " + namedPS4.Name + "\n");
// Show that the new named permission set has the same permissions as the original.
DisplayPermissions(namedPS4);
// The hash code for two instances of the same permission might be different, hence a hash code should not be used to
// compare two named permission sets.
Console.WriteLine("The hash code of the original permission set is " + namedPS2.GetHashCode());
Console.WriteLine("The hash code of the copy is " + namedPS4.GetHashCode());
}
catch (Exception e)
{
Console.WriteLine("Exception thrown: " + e.Message.ToString());
}
}
public static bool DisplayPermissions(NamedPermissionSet namedPS1)
{
// Display results of namedPS.GetEnumerator.
IEnumerator psEnumerator = namedPS1.GetEnumerator();
while (psEnumerator.MoveNext())
{
Console.WriteLine(psEnumerator.Current);
}
return true;
}
// The following method uses the LocalIntranet permission set to create
// a custom permission set named MyCompany. The new permission set is
// added to local Machine policy. The custom named permission set is returned.
private static NamedPermissionSet CreateCompanyPermission()
{
IEnumerator policyEnumerator = SecurityManager.PolicyHierarchy();
// Move through the policy levels to the Machine policy level.
while (policyEnumerator.MoveNext())
{
PolicyLevel currentLevel = (PolicyLevel)policyEnumerator.Current;
if (currentLevel.Label == "Machine")
{
// Enumerate the permission sets in the Machine policy level.
IList namedPermissions = currentLevel.NamedPermissionSets;
IEnumerator namedPermission = namedPermissions.GetEnumerator();
// Locate the LocalIntranet permission set.
while (namedPermission.MoveNext())
{
if (((NamedPermissionSet)namedPermission.Current).Name == "LocalIntranet")
{
// The current permission set is a copy of the LocalIntranet permission set.
// It can be modified to provide the permissions for the new permission set.
// Rename the copy to the name chosen for the new permission set.
((NamedPermissionSet)namedPermission.Current).Name = "MyCompany";
((NamedPermissionSet)namedPermission.Current).Description = "My custom named permission set";
IEnumerator permissions = ((NamedPermissionSet)namedPermission.Current).GetEnumerator();
// Remove the current security permission from the permission set and replace it
// with a new security permission that does not have the right to assert permissions.
while (permissions.MoveNext())
{
if (permissions.Current.GetType().ToString() == "System.Security.Permissions.SecurityPermission")
{
// Remove the current security permission.
((NamedPermissionSet)namedPermission.Current).RemovePermission(permissions.Current.GetType());
// Add a new security permission that only allows execution.
((NamedPermissionSet)namedPermission.Current).AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
break;
}
}
try
{
// If you run this application twice, the following instruction throws
// an exception because the named permission set already exists.
// You can remove the custom named permission set using either Caspole.exe or the
// .NET Framework Configuration tool (Mscorcfg.msc).
currentLevel.AddNamedPermissionSet(((NamedPermissionSet)namedPermission.Current));
SecurityManager.SavePolicy();
return (NamedPermissionSet)namedPermission.Current;
}
// Catch the exception for a duplicate permission set.
catch (System.ArgumentException e)
{
Console.WriteLine(e.Message + "\n");
return (NamedPermissionSet)namedPermission.Current;
}
}
}
}
}
// The following code is executed only if the LocalIntranet permission set has been removed.
return new NamedPermissionSet("Nothing");
}
// Test harness.
static void Main(string[] args)
{
PermissionSetDemo();
Console.WriteLine("Press any key to exit.");
Console.Read();
}
}
using namespace System;
using namespace System::Reflection;
using namespace System::Security;
using namespace System::Security::Permissions;
using namespace System::Security::Policy;
using namespace System::IO;
using namespace System::Collections;
bool DisplayPermissions( NamedPermissionSet^ namedPS1 );
NamedPermissionSet^ CreateCompanyPermission();
void PermissionSetDemo()
{
Console::WriteLine( "Executing NamedPermissionSetDemo" );
try
{
// Create a new named permission set and add it to Machine policy.
NamedPermissionSet^ namedPS1 = CreateCompanyPermission();
Console::WriteLine( "The name of the custom named permission set is {0}\n", namedPS1->Name );
Console::WriteLine( "The description of the custom named permission set is {0}\n", namedPS1->Description );
DisplayPermissions( namedPS1 );
NamedPermissionSet^ namedPS2 = gcnew NamedPermissionSet( "MyPermssionSetCopy" );
// Perform a ToXml/FromXml round trip.
namedPS2->FromXml( namedPS1->ToXml() );
Console::WriteLine( "\nResult of the ToXml/FromXml round trip:" );
// For simplicity the results are displayed using a method call.
DisplayPermissions( namedPS2 );
// Create and display a copy of a permission set.
NamedPermissionSet^ namedPS3 = dynamic_cast<NamedPermissionSet^>(namedPS2->Copy());
Console::WriteLine( "Is the copy equal to the original? {0}", namedPS2->Equals( namedPS3 ) );
NamedPermissionSet^ namedPS4 = gcnew NamedPermissionSet( "Second copy", namedPS3 );
Console::WriteLine( "The name of the new permission set is {0}\n", namedPS4->Name );
// Show that the new named permission set has the same permissions as the original.
DisplayPermissions( namedPS4 );
// The hash code for two instances of the same permission might be different, hence a hash code should not be used to
// compare two named permission sets.
Console::WriteLine( "The hash code of the original permission set is {0}", namedPS2->GetHashCode() );
Console::WriteLine( "The hash code of the copy is {0}", namedPS4->GetHashCode() );
}
catch ( Exception^ e )
{
Console::WriteLine( "Exception thrown: {0}", e->Message );
}
}
bool DisplayPermissions( NamedPermissionSet^ namedPS1 )
{
// Display results of namedPS.GetEnumerator.
IEnumerator^ psEnumerator = namedPS1->GetEnumerator();
while ( psEnumerator->MoveNext() )
{
Console::WriteLine( psEnumerator->Current );
}
return true;
}
// The following method uses the LocalIntranet permission set to create
// a custom permission set named MyCompany. The new permission set is
// added to local Machine policy. The custom named permission set is returned.
NamedPermissionSet^ CreateCompanyPermission()
{
IEnumerator^ policyEnumerator = SecurityManager::PolicyHierarchy();
// Move through the policy levels to the Machine policy level.
while ( policyEnumerator->MoveNext() )
{
PolicyLevel^ currentLevel = dynamic_cast<PolicyLevel^>(policyEnumerator->Current);
if ( currentLevel->Label->Equals( "Machine" ) )
{
// Enumerate the permission sets in the Machine policy level.
IList^ namedPermissions = currentLevel->NamedPermissionSets;
IEnumerator^ namedPermission = namedPermissions->GetEnumerator();
// Locate the LocalIntranet permission set.
while ( namedPermission->MoveNext() )
{
if ( (dynamic_cast<NamedPermissionSet^>(namedPermission->Current))->Name->Equals( "LocalIntranet" ) )
{
// The current permission set is a copy of the LocalIntranet permission set.
// It can be modified to provide the permissions for the new permission set.
// Rename the copy to the name chosen for the new permission set.
(dynamic_cast<NamedPermissionSet^>(namedPermission->Current))->Name = "MyCompany";
(dynamic_cast<NamedPermissionSet^>(namedPermission->Current))->Description = "My custom named permission set";
IEnumerator^ permissions = (dynamic_cast<NamedPermissionSet^>(namedPermission->Current))->GetEnumerator();
// Remove the current security permission from the permission set and replace it
// with a new security permission that does not have the right to assert permissions.
while ( permissions->MoveNext() )
{
if ( permissions->Current->GetType()->ToString()->Equals( "System.Security.Permissions.SecurityPermission" ) )
{
// Remove the current security permission.
(dynamic_cast<NamedPermissionSet^>(namedPermission->Current))->RemovePermission( permissions->Current->GetType() );
// Add a new security permission that only allows execution.
(dynamic_cast<NamedPermissionSet^>(namedPermission->Current))->AddPermission( gcnew SecurityPermission( SecurityPermissionFlag::Execution ) );
break;
}
}
try
{
// If you run this application twice, the following instruction throws
// an exception because the named permission set already exists.
// You can remove the custom named permission set using either Caspole.exe or the
// .NET Framework Configuration tool (Mscorcfg.msc).
currentLevel->AddNamedPermissionSet(safe_cast<NamedPermissionSet^>(namedPermission->Current));
SecurityManager::SavePolicy();
return dynamic_cast<NamedPermissionSet^>(namedPermission->Current);
}
// Catch the exception for a duplicate permission set.
catch ( System::ArgumentException^ e )
{
Console::WriteLine( "{0}\n", e->Message );
return dynamic_cast<NamedPermissionSet^>(namedPermission->Current);
}
}
}
}
}
return gcnew NamedPermissionSet( "Nothing" );
}
// Test harness.
int main()
{
PermissionSetDemo();
Console::WriteLine( "Press any key to exit." );
Console::Read();
}
Vererbungshierarchie
System.Object
System.Security.PermissionSet
System.Security.NamedPermissionSet
Threadsicherheit
Alle öffentlichen statischen (Shared in Visual Basic) Member dieses Typs sind threadsicher. Bei Instanzmembern ist die Threadsicherheit nicht gewährleistet.
Plattformen
Windows 98, Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition
.NET Framework unterstützt nicht alle Versionen sämtlicher Plattformen. Eine Liste der unterstützten Versionen finden Sie unter Systemanforderungen.
Versionsinformationen
.NET Framework
Unterstützt in: 2.0, 1.1, 1.0