NamedPermissionSet 클래스
관련된 이름 및 설명이 포함된 권한 집합을 정의합니다. 이 클래스는 상속될 수 없습니다.
네임스페이스: System.Security
어셈블리: mscorlib(mscorlib.dll)
구문
‘선언
<SerializableAttribute> _
<ComVisibleAttribute(True)> _
Public NotInheritable Class NamedPermissionSet
Inherits PermissionSet
‘사용 방법
Dim instance As NamedPermissionSet
[SerializableAttribute]
[ComVisibleAttribute(true)]
public sealed class NamedPermissionSet : PermissionSet
[SerializableAttribute]
[ComVisibleAttribute(true)]
public ref class NamedPermissionSet sealed : public PermissionSet
/** @attribute SerializableAttribute() */
/** @attribute ComVisibleAttribute(true) */
public final class NamedPermissionSet extends PermissionSet
SerializableAttribute
ComVisibleAttribute(true)
public final class NamedPermissionSet extends PermissionSet
설명
명명된 권한 집합은 보안 정책 관리에서 특정 코드 그룹에 속하는 코드에 부여할 권한을 지정하는 데 사용됩니다. 이름은 영숫자 문자열입니다. 설명 문자열은 인쇄할 수 있는 문자로 구성됩니다.
예제
다음 코드 예제에서는 NamedPermissionSet 클래스의 멤버를 사용하는 방법을 보여 줍니다.
Imports System
Imports System.Reflection
Imports System.Security
Imports System.Security.Permissions
Imports System.Security.Policy
Imports System.IO
Imports System.Collections
Public Class Form1
Inherits System.Windows.Forms.Form
#Region " Windows Form Designer generated code "
Public Sub New()
MyBase.New()
'This call is required by the Windows Form Designer.
InitializeComponent()
'Add any initialization after the InitializeComponent() call
End Sub
'Form overrides dispose to clean up the component list.
Protected Overloads Overrides Sub Dispose(ByVal disposing As Boolean)
If disposing Then
If Not (components Is Nothing) Then
components.Dispose()
End If
End If
MyBase.Dispose(disposing)
End Sub
'Required by the Windows Form Designer
Private components As System.ComponentModel.IContainer
'NOTE: The following procedure is required by the Windows Form Designer
'It can be modified using the Windows Form Designer.
'Do not modify it using the code editor.
Friend WithEvents TextBox1 As System.Windows.Forms.TextBox
Friend WithEvents Button1 As System.Windows.Forms.Button
Friend WithEvents Button2 As System.Windows.Forms.Button
<System.Diagnostics.DebuggerStepThrough()> Private Sub InitializeComponent()
Me.TextBox1 = New System.Windows.Forms.TextBox
Me.Button1 = New System.Windows.Forms.Button
Me.Button2 = New System.Windows.Forms.Button
Me.SuspendLayout()
'
'TextBox1
'
Me.TextBox1.Location = New System.Drawing.Point(16, 40)
Me.TextBox1.Multiline = True
Me.TextBox1.Name = "TextBox1"
Me.TextBox1.ScrollBars = System.Windows.Forms.ScrollBars.Both
Me.TextBox1.Size = New System.Drawing.Size(752, 336)
Me.TextBox1.TabIndex = 0
Me.TextBox1.Text = ""
'
'Button1
'
Me.Button1.Location = New System.Drawing.Point(440, 440)
Me.Button1.Name = "Button1"
Me.Button1.Size = New System.Drawing.Size(80, 24)
Me.Button1.TabIndex = 1
Me.Button1.Text = "Run Demo"
'
'Button2
'
Me.Button2.Location = New System.Drawing.Point(568, 440)
Me.Button2.Name = "Button2"
Me.Button2.Size = New System.Drawing.Size(88, 24)
Me.Button2.TabIndex = 2
Me.Button2.Text = "Exit"
'
'Form1
'
Me.AutoScaleBaseSize = New System.Drawing.Size(5, 13)
Me.ClientSize = New System.Drawing.Size(808, 502)
Me.Controls.Add(Me.Button2)
Me.Controls.Add(Me.Button1)
Me.Controls.Add(Me.TextBox1)
Me.Name = "Form1"
Me.Text = "Form1"
Me.ResumeLayout(False)
End Sub
#End Region
Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
End Sub
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
PermissionSetDemo()
End Sub
Private Sub PermissionSetDemo()
TextBox1.AppendText("Executing NamedPermissionSetDemo")
Try
' Create a new named permission set and add it to Machine policy.
Dim namedPS1 As NamedPermissionSet
namedPS1 = CreateCompanyPermission()
TextBox1.AppendText(("The name of the custom named permission set is " + namedPS1.Name + ControlChars.Lf))
TextBox1.AppendText(("The description of the custom named permission set is " + namedPS1.Description + ControlChars.Lf))
DisplayPermissions(namedPS1)
Dim namedPS2 As New NamedPermissionSet("MyPermssionSetCopy")
' Perform a ToXml/FromXml round trip.
namedPS2.FromXml(namedPS1.ToXml())
TextBox1.AppendText(ControlChars.Lf + "Result of the ToXml/FromXml round trip:")
' For simplicity the results are displayed using a method call.
DisplayPermissions(namedPS2)
' Create and display a copy of a permission set.
Dim namedPS3 As NamedPermissionSet = CType(namedPS2.Copy(), NamedPermissionSet)
TextBox1.AppendText("Is the copy equal to the original? " + namedPS2.Equals(namedPS3).ToString())
Dim namedPS4 As New NamedPermissionSet("Second copy", namedPS3)
TextBox1.AppendText(("The name of the new permission set is " + namedPS4.Name + ControlChars.Lf))
' Show that the new named permission set has the same permissions as the original.
DisplayPermissions(namedPS4)
' The hash code for two instances of the same permission might be different, hence a hash code should not be used to
' compare two named permission sets.
TextBox1.AppendText("The hash code of the original permission set is " + namedPS2.GetHashCode().ToString())
TextBox1.AppendText("The hash code of the copy is " + namedPS4.GetHashCode().ToString())
Catch e As Exception
TextBox1.AppendText(("Exception thrown: " + e.Message.ToString()))
End Try
End Sub 'PermissionSetDemo
Private Function DisplayPermissions(ByVal namedPS1 As NamedPermissionSet) As Boolean
' Display results of namedPS.GetEnumerator.
Dim psEnumerator As IEnumerator = namedPS1.GetEnumerator()
While psEnumerator.MoveNext()
TextBox1.AppendText(CType(psEnumerator.Current, IPermission).ToXml().ToString())
End While
Return True
End Function 'DisplayPermissions
' The following method uses the LocalIntranet permission set to create
' a custom permission set named MyCompany. The new permission set is
' added to local Machine policy. The custom named permission set is returned.
Private Function CreateCompanyPermission() As NamedPermissionSet
Dim policyEnumerator As IEnumerator = SecurityManager.PolicyHierarchy()
' Move through the policy levels to the Machine policy level.
While policyEnumerator.MoveNext()
Dim currentLevel As PolicyLevel = CType(policyEnumerator.Current, PolicyLevel)
If currentLevel.Label = "Machine" Then
' Enumerate the permission sets in the Machine policy level.
Dim namedPermissions As IList = currentLevel.NamedPermissionSets
Dim namedPermission As IEnumerator = namedPermissions.GetEnumerator()
' Locate the LocalIntranet permission set.
While namedPermission.MoveNext()
If CType(namedPermission.Current, NamedPermissionSet).Name = "LocalIntranet" Then
' The current permission set is a copy of the LocalIntranet permission set.
' It can be modified to provide the permissions for the new permission set.
' Rename the copy to the name chosen for the new permission set.
CType(namedPermission.Current, NamedPermissionSet).Name = "MyCompany"
CType(namedPermission.Current, NamedPermissionSet).Description = "My custom named permission set"
Dim permissions As IEnumerator = CType(namedPermission.Current, NamedPermissionSet).GetEnumerator()
' Remove the current security permission from the permission set and replace it
' with a new security permission that does not have the right to assert permissions.
While permissions.MoveNext()
If permissions.Current.GetType().ToString() = "System.Security.Permissions.SecurityPermission" Then
' Remove the current security permission.
CType(namedPermission.Current, NamedPermissionSet).RemovePermission(permissions.Current.GetType())
' Add a new security permission that only allows execution.
CType(namedPermission.Current, NamedPermissionSet).AddPermission(New SecurityPermission(SecurityPermissionFlag.Execution))
Exit While
End If
End While
Try
' If you run this application twice, the following instruction throws
' an exception because the named permission set already exists.
' You can remove the custom named permission set using either Caspole.exe or the
' .NET Framework Configuration tool (Mscorcfg.msc).
currentLevel.AddNamedPermissionSet(CType(namedPermission.Current, NamedPermissionSet))
SecurityManager.SavePolicy()
Return CType(namedPermission.Current, NamedPermissionSet)
' Catch the exception for a duplicate permission set.
Catch e As System.ArgumentException
TextBox1.AppendText(e.Message + ControlChars.Lf)
Return CType(namedPermission.Current, NamedPermissionSet)
End Try
End If
End While
End If
End While
' The following code is executed only if the LocalIntranet permission set has been removed.
Return New NamedPermissionSet("Nothing")
End Function 'CreateCompanyPermission
Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click
Form1.ActiveForm.Close()
End Sub
End Class 'NamedPermissionSetDemo
using System;
using System.Reflection;
using System.Security;
using System.Security.Permissions;
using System.Security.Policy;
using System.IO;
using System.Collections;
class NamedPermissionSetDemo
{
public static void PermissionSetDemo()
{
Console.WriteLine("Executing NamedPermissionSetDemo");
try
{
// Create a new named permission set and add it to Machine policy.
NamedPermissionSet namedPS1 = CreateCompanyPermission();
Console.WriteLine("The name of the custom named permission set is " + namedPS1.Name + "\n");
Console.WriteLine("The description of the custom named permission set is " + namedPS1.Description + "\n");
DisplayPermissions(namedPS1);
NamedPermissionSet namedPS2 = new NamedPermissionSet("MyPermssionSetCopy");
// Perform a ToXml/FromXml round trip.
namedPS2.FromXml(namedPS1.ToXml());
Console.WriteLine("\nResult of the ToXml/FromXml round trip:");
// For simplicity the results are displayed using a method call.
DisplayPermissions(namedPS2);
// Create and display a copy of a permission set.
NamedPermissionSet namedPS3 = (NamedPermissionSet)namedPS2.Copy();
Console.WriteLine("Is the copy equal to the original? " + namedPS2.Equals(namedPS3));
NamedPermissionSet namedPS4 = new NamedPermissionSet("Second copy", namedPS3);
Console.WriteLine("The name of the new permission set is " + namedPS4.Name + "\n");
// Show that the new named permission set has the same permissions as the original.
DisplayPermissions(namedPS4);
// The hash code for two instances of the same permission might be different, hence a hash code should not be used to
// compare two named permission sets.
Console.WriteLine("The hash code of the original permission set is " + namedPS2.GetHashCode());
Console.WriteLine("The hash code of the copy is " + namedPS4.GetHashCode());
}
catch (Exception e)
{
Console.WriteLine("Exception thrown: " + e.Message.ToString());
}
}
public static bool DisplayPermissions(NamedPermissionSet namedPS1)
{
// Display results of namedPS.GetEnumerator.
IEnumerator psEnumerator = namedPS1.GetEnumerator();
while (psEnumerator.MoveNext())
{
Console.WriteLine(psEnumerator.Current);
}
return true;
}
// The following method uses the LocalIntranet permission set to create
// a custom permission set named MyCompany. The new permission set is
// added to local Machine policy. The custom named permission set is returned.
private static NamedPermissionSet CreateCompanyPermission()
{
IEnumerator policyEnumerator = SecurityManager.PolicyHierarchy();
// Move through the policy levels to the Machine policy level.
while (policyEnumerator.MoveNext())
{
PolicyLevel currentLevel = (PolicyLevel)policyEnumerator.Current;
if (currentLevel.Label == "Machine")
{
// Enumerate the permission sets in the Machine policy level.
IList namedPermissions = currentLevel.NamedPermissionSets;
IEnumerator namedPermission = namedPermissions.GetEnumerator();
// Locate the LocalIntranet permission set.
while (namedPermission.MoveNext())
{
if (((NamedPermissionSet)namedPermission.Current).Name == "LocalIntranet")
{
// The current permission set is a copy of the LocalIntranet permission set.
// It can be modified to provide the permissions for the new permission set.
// Rename the copy to the name chosen for the new permission set.
((NamedPermissionSet)namedPermission.Current).Name = "MyCompany";
((NamedPermissionSet)namedPermission.Current).Description = "My custom named permission set";
IEnumerator permissions = ((NamedPermissionSet)namedPermission.Current).GetEnumerator();
// Remove the current security permission from the permission set and replace it
// with a new security permission that does not have the right to assert permissions.
while (permissions.MoveNext())
{
if (permissions.Current.GetType().ToString() == "System.Security.Permissions.SecurityPermission")
{
// Remove the current security permission.
((NamedPermissionSet)namedPermission.Current).RemovePermission(permissions.Current.GetType());
// Add a new security permission that only allows execution.
((NamedPermissionSet)namedPermission.Current).AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
break;
}
}
try
{
// If you run this application twice, the following instruction throws
// an exception because the named permission set already exists.
// You can remove the custom named permission set using either Caspole.exe or the
// .NET Framework Configuration tool (Mscorcfg.msc).
currentLevel.AddNamedPermissionSet(((NamedPermissionSet)namedPermission.Current));
SecurityManager.SavePolicy();
return (NamedPermissionSet)namedPermission.Current;
}
// Catch the exception for a duplicate permission set.
catch (System.ArgumentException e)
{
Console.WriteLine(e.Message + "\n");
return (NamedPermissionSet)namedPermission.Current;
}
}
}
}
}
// The following code is executed only if the LocalIntranet permission set has been removed.
return new NamedPermissionSet("Nothing");
}
// Test harness.
static void Main(string[] args)
{
PermissionSetDemo();
Console.WriteLine("Press any key to exit.");
Console.Read();
}
}
using namespace System;
using namespace System::Reflection;
using namespace System::Security;
using namespace System::Security::Permissions;
using namespace System::Security::Policy;
using namespace System::IO;
using namespace System::Collections;
bool DisplayPermissions( NamedPermissionSet^ namedPS1 );
NamedPermissionSet^ CreateCompanyPermission();
void PermissionSetDemo()
{
Console::WriteLine( "Executing NamedPermissionSetDemo" );
try
{
// Create a new named permission set and add it to Machine policy.
NamedPermissionSet^ namedPS1 = CreateCompanyPermission();
Console::WriteLine( "The name of the custom named permission set is {0}\n", namedPS1->Name );
Console::WriteLine( "The description of the custom named permission set is {0}\n", namedPS1->Description );
DisplayPermissions( namedPS1 );
NamedPermissionSet^ namedPS2 = gcnew NamedPermissionSet( "MyPermssionSetCopy" );
// Perform a ToXml/FromXml round trip.
namedPS2->FromXml( namedPS1->ToXml() );
Console::WriteLine( "\nResult of the ToXml/FromXml round trip:" );
// For simplicity the results are displayed using a method call.
DisplayPermissions( namedPS2 );
// Create and display a copy of a permission set.
NamedPermissionSet^ namedPS3 = dynamic_cast<NamedPermissionSet^>(namedPS2->Copy());
Console::WriteLine( "Is the copy equal to the original? {0}", namedPS2->Equals( namedPS3 ) );
NamedPermissionSet^ namedPS4 = gcnew NamedPermissionSet( "Second copy", namedPS3 );
Console::WriteLine( "The name of the new permission set is {0}\n", namedPS4->Name );
// Show that the new named permission set has the same permissions as the original.
DisplayPermissions( namedPS4 );
// The hash code for two instances of the same permission might be different, hence a hash code should not be used to
// compare two named permission sets.
Console::WriteLine( "The hash code of the original permission set is {0}", namedPS2->GetHashCode() );
Console::WriteLine( "The hash code of the copy is {0}", namedPS4->GetHashCode() );
}
catch ( Exception^ e )
{
Console::WriteLine( "Exception thrown: {0}", e->Message );
}
}
bool DisplayPermissions( NamedPermissionSet^ namedPS1 )
{
// Display results of namedPS.GetEnumerator.
IEnumerator^ psEnumerator = namedPS1->GetEnumerator();
while ( psEnumerator->MoveNext() )
{
Console::WriteLine( psEnumerator->Current );
}
return true;
}
// The following method uses the LocalIntranet permission set to create
// a custom permission set named MyCompany. The new permission set is
// added to local Machine policy. The custom named permission set is returned.
NamedPermissionSet^ CreateCompanyPermission()
{
IEnumerator^ policyEnumerator = SecurityManager::PolicyHierarchy();
// Move through the policy levels to the Machine policy level.
while ( policyEnumerator->MoveNext() )
{
PolicyLevel^ currentLevel = dynamic_cast<PolicyLevel^>(policyEnumerator->Current);
if ( currentLevel->Label->Equals( "Machine" ) )
{
// Enumerate the permission sets in the Machine policy level.
IList^ namedPermissions = currentLevel->NamedPermissionSets;
IEnumerator^ namedPermission = namedPermissions->GetEnumerator();
// Locate the LocalIntranet permission set.
while ( namedPermission->MoveNext() )
{
if ( (dynamic_cast<NamedPermissionSet^>(namedPermission->Current))->Name->Equals( "LocalIntranet" ) )
{
// The current permission set is a copy of the LocalIntranet permission set.
// It can be modified to provide the permissions for the new permission set.
// Rename the copy to the name chosen for the new permission set.
(dynamic_cast<NamedPermissionSet^>(namedPermission->Current))->Name = "MyCompany";
(dynamic_cast<NamedPermissionSet^>(namedPermission->Current))->Description = "My custom named permission set";
IEnumerator^ permissions = (dynamic_cast<NamedPermissionSet^>(namedPermission->Current))->GetEnumerator();
// Remove the current security permission from the permission set and replace it
// with a new security permission that does not have the right to assert permissions.
while ( permissions->MoveNext() )
{
if ( permissions->Current->GetType()->ToString()->Equals( "System.Security.Permissions.SecurityPermission" ) )
{
// Remove the current security permission.
(dynamic_cast<NamedPermissionSet^>(namedPermission->Current))->RemovePermission( permissions->Current->GetType() );
// Add a new security permission that only allows execution.
(dynamic_cast<NamedPermissionSet^>(namedPermission->Current))->AddPermission( gcnew SecurityPermission( SecurityPermissionFlag::Execution ) );
break;
}
}
try
{
// If you run this application twice, the following instruction throws
// an exception because the named permission set already exists.
// You can remove the custom named permission set using either Caspole.exe or the
// .NET Framework Configuration tool (Mscorcfg.msc).
currentLevel->AddNamedPermissionSet(safe_cast<NamedPermissionSet^>(namedPermission->Current));
SecurityManager::SavePolicy();
return dynamic_cast<NamedPermissionSet^>(namedPermission->Current);
}
// Catch the exception for a duplicate permission set.
catch ( System::ArgumentException^ e )
{
Console::WriteLine( "{0}\n", e->Message );
return dynamic_cast<NamedPermissionSet^>(namedPermission->Current);
}
}
}
}
}
return gcnew NamedPermissionSet( "Nothing" );
}
// Test harness.
int main()
{
PermissionSetDemo();
Console::WriteLine( "Press any key to exit." );
Console::Read();
}
상속 계층 구조
System.Object
System.Security.PermissionSet
System.Security.NamedPermissionSet
스레드로부터의 안전성
이 형식의 모든 public static(Visual Basic의 경우 Shared) 멤버는 스레드로부터 안전합니다. 인터페이스 멤버는 스레드로부터 안전하지 않습니다.
플랫폼
Windows 98, Windows 2000 SP4, Windows Millennium Edition, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition
.NET Framework에서 모든 플래폼의 모든 버전을 지원하지는 않습니다. 지원되는 버전의 목록은 시스템 요구 사항을 참조하십시오.
버전 정보
.NET Framework
2.0, 1.1, 1.0에서 지원