Редагувати

Поділитися через


PermissionSet Class

Definition

Caution

Code Access Security is not supported or honored by the runtime.

Represents a collection that can contain many different types of permissions.

public ref class PermissionSet : System::Collections::ICollection, System::Runtime::Serialization::IDeserializationCallback, System::Security::ISecurityEncodable, System::Security::IStackWalk
[System.Obsolete("Code Access Security is not supported or honored by the runtime.", DiagnosticId="SYSLIB0003", UrlFormat="https://aka.ms/dotnet-warnings/{0}")]
public class PermissionSet : System.Collections.ICollection, System.Runtime.Serialization.IDeserializationCallback, System.Security.ISecurityEncodable, System.Security.IStackWalk
public class PermissionSet : System.Collections.ICollection, System.Runtime.Serialization.IDeserializationCallback, System.Security.ISecurityEncodable, System.Security.IStackWalk
[System.Serializable]
public class PermissionSet : System.Collections.ICollection, System.Runtime.Serialization.IDeserializationCallback, System.Security.ISecurityEncodable, System.Security.IStackWalk
[System.Serializable]
[System.Runtime.InteropServices.ComVisible(true)]
public class PermissionSet : System.Collections.ICollection, System.Runtime.Serialization.IDeserializationCallback, System.Security.ISecurityEncodable, System.Security.IStackWalk
[<System.Obsolete("Code Access Security is not supported or honored by the runtime.", DiagnosticId="SYSLIB0003", UrlFormat="https://aka.ms/dotnet-warnings/{0}")>]
type PermissionSet = class
    interface ICollection
    interface IEnumerable
    interface IDeserializationCallback
    interface ISecurityEncodable
    interface IStackWalk
type PermissionSet = class
    interface ICollection
    interface IEnumerable
    interface IDeserializationCallback
    interface ISecurityEncodable
    interface IStackWalk
[<System.Serializable>]
type PermissionSet = class
    interface ISecurityEncodable
    interface ICollection
    interface IEnumerable
    interface IStackWalk
    interface IDeserializationCallback
[<System.Serializable>]
[<System.Runtime.InteropServices.ComVisible(true)>]
type PermissionSet = class
    interface ISecurityEncodable
    interface ICollection
    interface IEnumerable
    interface IStackWalk
    interface IDeserializationCallback
Public Class PermissionSet
Implements ICollection, IDeserializationCallback, ISecurityEncodable, IStackWalk
Inheritance
PermissionSet
Derived
Attributes
Implements

Examples

The following code example demonstrates the use of the PermissionSet class and members.

// This sample demonstrates the use of the PermissionSet class.
using namespace System;
using namespace System::Reflection;
using namespace System::Security::Permissions;
using namespace System::Security;
using namespace System::IO;
using namespace System::Collections;
void PermissionSetDemo()
{
   Console::WriteLine( "Executing PermissionSetDemo" );
   try
   {
      // Open a new PermissionSet.
      PermissionSet^ ps1 = gcnew PermissionSet( PermissionState::None );

      Console::WriteLine( "Adding permission to open a file from a file dialog box." );

      // Add a permission to the permission set.
      ps1->AddPermission( gcnew FileDialogPermission( FileDialogPermissionAccess::Open ) );

      Console::WriteLine( "Demanding permission to open a file." );
      ps1->Demand();
      Console::WriteLine( "Demand succeeded." );
      Console::WriteLine( "Adding permission to save a file from a file dialog box." );
      ps1->AddPermission( gcnew FileDialogPermission( FileDialogPermissionAccess::Save ) );
      Console::WriteLine( "Demanding permission to open and save a file." );
      ps1->Demand();
      Console::WriteLine( "Demand succeeded." );
      Console::WriteLine( "Adding permission to read environment variable USERNAME." );
      ps1->AddPermission( gcnew EnvironmentPermission( EnvironmentPermissionAccess::Read,"USERNAME" ) );
      ps1->Demand();
      Console::WriteLine( "Demand succeeded." );
      Console::WriteLine( "Adding permission to read environment variable COMPUTERNAME." );
      ps1->AddPermission( gcnew EnvironmentPermission( EnvironmentPermissionAccess::Read,"COMPUTERNAME" ) );

      // Demand all the permissions in the set.
      Console::WriteLine( "Demand all permissions." );
      ps1->Demand();

      Console::WriteLine( "Demand succeeded." );

      // Display the number of permissions in the set.
      Console::WriteLine( "Number of permissions = {0}", ps1->Count );

      // Display the value of the IsSynchronized property.
      Console::WriteLine( "IsSynchronized property = {0}", ps1->IsSynchronized );

      // Display the value of the IsReadOnly property.
      Console::WriteLine( "IsReadOnly property = {0}", ps1->IsReadOnly );

      // Display the value of the SyncRoot property.
      Console::WriteLine( "SyncRoot property = {0}", ps1->SyncRoot );

      // Display the result of a call to the ContainsNonCodeAccessPermissions method.
      // Gets a value indicating whether the PermissionSet contains permissions
      // that are not derived from CodeAccessPermission.
      // Returns true if the PermissionSet contains permissions that are not
      // derived from CodeAccessPermission; otherwise, false.
      Console::WriteLine( "ContainsNonCodeAccessPermissions method returned {0}", ps1->ContainsNonCodeAccessPermissions() );

      Console::WriteLine( "Value of the permission set ToString = \n{0}", ps1->ToString() );

      PermissionSet^ ps2 = gcnew PermissionSet( PermissionState::None );

      // Create a second permission set and compare it to the first permission set.
      ps2->AddPermission( gcnew EnvironmentPermission( EnvironmentPermissionAccess::Read,"USERNAME" ) );
      ps2->AddPermission( gcnew EnvironmentPermission( EnvironmentPermissionAccess::Write,"COMPUTERNAME" ) );
      IEnumerator^ list =  ps1->GetEnumerator();
      Console::WriteLine("Permissions in first permission set:");
            while (list->MoveNext())
                Console::WriteLine(list->Current->ToString());
      Console::WriteLine( "Second permission IsSubsetOf first permission = {0}", ps2->IsSubsetOf( ps1 ) );

      // Display the intersection of two permission sets.
      PermissionSet^ ps3 = ps2->Intersect( ps1 );
      Console::WriteLine( "The intersection of the first permission set and the second permission set = {0}", ps3 );

      // Create a new permission set.
      PermissionSet^ ps4 = gcnew PermissionSet( PermissionState::None );
      ps4->AddPermission( gcnew FileIOPermission( FileIOPermissionAccess::Read,"C:\\Temp\\Testfile.txt" ) );
      ps4->AddPermission( gcnew FileIOPermission( static_cast<FileIOPermissionAccess>(FileIOPermissionAccess::Read | FileIOPermissionAccess::Write | FileIOPermissionAccess::Append),"C:\\Temp\\Testfile.txt" ) );

      // Display the union of two permission sets.
      PermissionSet^ ps5 = ps3->Union( ps4 );
      Console::WriteLine( "The union of permission set 3 and permission set 4 = {0}", ps5 );

      // Remove FileIOPermission from the permission set.
      ps5->RemovePermission( FileIOPermission::typeid );
      Console::WriteLine( "The last permission set after removing FileIOPermission = {0}", ps5 );

      // Change the permission set using SetPermission.
      ps5->SetPermission( gcnew EnvironmentPermission( EnvironmentPermissionAccess::AllAccess,"USERNAME" ) );
      Console::WriteLine( "Permission set after SetPermission = {0}", ps5 );

      // Display result of ToXml and FromXml operations.
      PermissionSet^ ps6 = gcnew PermissionSet( PermissionState::None );
      ps6->FromXml( ps5->ToXml() );
      Console::WriteLine( "Result of ToFromXml = {0}\n", ps6 );

      // Display results of PermissionSet::GetEnumerator.
      IEnumerator^ psEnumerator = ps1->GetEnumerator();
      while ( psEnumerator->MoveNext() )
      {
         Console::WriteLine( psEnumerator->Current );
      }

      // Check for an unrestricted permission set.
      PermissionSet^ ps7 = gcnew PermissionSet( PermissionState::Unrestricted );
      Console::WriteLine( "Permission set is unrestricted = {0}", ps7->IsUnrestricted() );

      // Create and display a copy of a permission set.
      ps7 = ps5->Copy();
      Console::WriteLine( "Result of copy = {0}", ps7 );
   }
   catch ( Exception^ e ) 
   {
      Console::WriteLine( e->Message );
   }

}

int main()
{
   PermissionSetDemo();
}
// This sample demonstrates the use of the PermissionSet class.

using System;
using System.Reflection;
using System.Security.Permissions;
using System.Security;
using System.IO;
using System.Collections;

class MyClass
{
    public static void PermissionSetDemo()
    {
        Console.WriteLine("Executing PermissionSetDemo");
        try
        {
            // Open a new PermissionSet.
            PermissionSet ps1 = new PermissionSet(PermissionState.None);
            Console.WriteLine("Adding permission to open a file from a file dialog box.");
            // Add a permission to the permission set.
            ps1.AddPermission(
                new FileDialogPermission(FileDialogPermissionAccess.Open));
            Console.WriteLine("Demanding permission to open a file.");
            ps1.Demand();
            Console.WriteLine("Demand succeeded.");
            Console.WriteLine("Adding permission to save a file from a file dialog box.");
            ps1.AddPermission(
                new FileDialogPermission(FileDialogPermissionAccess.Save));
            Console.WriteLine("Demanding permission to open and save a file.");
            ps1.Demand();
            Console.WriteLine("Demand succeeded.");
            Console.WriteLine("Adding permission to read environment variable USERNAME.");
            ps1.AddPermission(
                new EnvironmentPermission(EnvironmentPermissionAccess.Read, "USERNAME"));
            ps1.Demand();
            Console.WriteLine("Demand succeeded.");
            Console.WriteLine("Adding permission to read environment variable COMPUTERNAME.");
            ps1.AddPermission(
                new EnvironmentPermission(EnvironmentPermissionAccess.Read, "COMPUTERNAME"));
            // Demand all the permissions in the set.
            Console.WriteLine("Demand all permissions.");
            ps1.Demand();
            Console.WriteLine("Demand succeeded.");
            // Display the number of permissions in the set.
            Console.WriteLine("Number of permissions = " + ps1.Count);
            // Display the value of the IsSynchronized property.
            Console.WriteLine("IsSynchronized property = " + ps1.IsSynchronized);
            // Display the value of the IsReadOnly property.
            Console.WriteLine("IsReadOnly property = " + ps1.IsReadOnly);
            // Display the value of the SyncRoot property.
            Console.WriteLine("SyncRoot property = " + ps1.SyncRoot);
            // Display the result of a call to the ContainsNonCodeAccessPermissions method.
            // Gets a value indicating whether the PermissionSet contains permissions
            // that are not derived from CodeAccessPermission.
            // Returns true if the PermissionSet contains permissions that are not
            // derived from CodeAccessPermission; otherwise, false.
            Console.WriteLine("ContainsNonCodeAccessPermissions method returned " +
                ps1.ContainsNonCodeAccessPermissions());
            Console.WriteLine("Value of the permission set ToString = \n" + ps1.ToString());
            PermissionSet ps2 = new PermissionSet(PermissionState.None);
            // Create a second permission set and compare it to the first permission set.
            ps2.AddPermission(
                new EnvironmentPermission(EnvironmentPermissionAccess.Read, "USERNAME"));
            ps2.AddPermission(
                new EnvironmentPermission(EnvironmentPermissionAccess.Write, "COMPUTERNAME"));
            IEnumerator list =  ps1.GetEnumerator();
            Console.WriteLine("Permissions in first permission set:");
            while (list.MoveNext())
                Console.WriteLine(list.Current.ToString());
            Console.WriteLine("Second permission IsSubsetOf first permission = " + ps2.IsSubsetOf(ps1));
            // Display the intersection of two permission sets.
            PermissionSet ps3 = ps2.Intersect(ps1);
            Console.WriteLine("The intersection of the first permission set and "
                + "the second permission set = " + ps3.ToString());
            // Create a new permission set.
            PermissionSet ps4 = new PermissionSet(PermissionState.None);
            ps4.AddPermission(
                new FileIOPermission(FileIOPermissionAccess.Read,
                "C:\\Temp\\Testfile.txt"));
            ps4.AddPermission(
                new FileIOPermission(FileIOPermissionAccess.Read |
                FileIOPermissionAccess.Write | FileIOPermissionAccess.Append,
                "C:\\Temp\\Testfile.txt"));
            // Display the union of two permission sets.
            PermissionSet ps5 = ps3.Union(ps4);
            Console.WriteLine("The union of permission set 3 and permission set 4 = "
                + ps5.ToString());
            // Remove FileIOPermission from the permission set.
            ps5.RemovePermission(typeof(FileIOPermission));
            Console.WriteLine("The last permission set after removing FileIOPermission = "
                + ps5.ToString());
            // Change the permission set using SetPermission.
            ps5.SetPermission(new EnvironmentPermission(EnvironmentPermissionAccess.AllAccess, "USERNAME"));
            Console.WriteLine("Permission set after SetPermission = " + ps5.ToString());
            // Display result of ToXml and FromXml operations.
            PermissionSet ps6 = new PermissionSet(PermissionState.None);
            ps6.FromXml(ps5.ToXml());
            Console.WriteLine("Result of ToFromXml = " + ps6.ToString() + "\n");
            // Display results of PermissionSet.GetEnumerator.
            IEnumerator psEnumerator = ps1.GetEnumerator();
            while (psEnumerator.MoveNext())
            {
                Console.WriteLine(psEnumerator.Current);
            }
            // Check for an unrestricted permission set.
            PermissionSet ps7 = new PermissionSet(PermissionState.Unrestricted);
            Console.WriteLine("Permission set is unrestricted = " + ps7.IsUnrestricted());
            // Create and display a copy of a permission set.
            ps7 = ps5.Copy();
            Console.WriteLine("Result of copy = " + ps7.ToString());
        }
        catch (Exception e)
        {
            Console.WriteLine(e.Message.ToString());
        }
    }

    static void Main(string[] args)
    {
        PermissionSetDemo();
    }
}
' This sample demonstrates the use of the PermissionSet class.
Imports System.Reflection
Imports System.Security.Permissions
Imports System.Security
Imports System.IO
Imports System.Collections

Class [MyClass]

    Public Shared Sub PermissionSetDemo()
        Console.WriteLine("Executing PermissionSetDemo")
        Try
            ' Open a new PermissionSet.
            Dim ps1 As New PermissionSet(PermissionState.None)
            Console.WriteLine("Adding permission to open a file from a file dialog box.")
            ' Add a permission to the permission set.
            ps1.AddPermission(New FileDialogPermission(FileDialogPermissionAccess.Open))
            Console.WriteLine("Demanding permission to open a file.")
            ps1.Demand()
            Console.WriteLine("Demand succeeded.")
            Console.WriteLine("Adding permission to save a file from a file dialog box.")
            ps1.AddPermission(New FileDialogPermission(FileDialogPermissionAccess.Save))
            Console.WriteLine("Demanding permission to open and save a file.")
            ps1.Demand()
            Console.WriteLine("Demand succeeded.")
            Console.WriteLine("Adding permission to read environment variable USERNAME.")
            ps1.AddPermission(New EnvironmentPermission(EnvironmentPermissionAccess.Read, "USERNAME"))
            ps1.Demand()
            Console.WriteLine("Demand succeeded.")
            Console.WriteLine("Adding permission to read environment variable COMPUTERNAME.")
            ps1.AddPermission(New EnvironmentPermission(EnvironmentPermissionAccess.Read, "COMPUTERNAME"))
            ' Demand all the permissions in the set.
            Console.WriteLine("Demand all permissions.")
            ps1.Demand()
            Console.WriteLine("Demand succeeded.")
            ' Display the number of permissions in the set.
            Console.WriteLine("Number of permissions = " & ps1.Count)
            ' Display the value of the IsSynchronized property.
            Console.WriteLine("IsSynchronized property = " & ps1.IsSynchronized)
            ' Display the value of the IsReadOnly property.
            Console.WriteLine("IsReadOnly property = " & ps1.IsReadOnly)
            ' Display the value of the SyncRoot property.
            Console.WriteLine("SyncRoot property = " & CType(ps1.SyncRoot, PermissionSet).ToString())
            ' Display the result of a call to the ContainsNonCodeAccessPermissions method.
            ' Gets a value indicating whether the PermissionSet contains permissions 
            ' that are not derived from CodeAccessPermission.
            ' Returns true if the PermissionSet contains permissions that are not 
            ' derived from CodeAccessPermission; otherwise, false.
            Console.WriteLine("ContainsNonCodeAccessPermissions method returned " & ps1.ContainsNonCodeAccessPermissions())
            Console.WriteLine("Value of the permission set ToString = " & ControlChars.Lf & ps1.ToString())
            Dim ps2 As New PermissionSet(PermissionState.None)
            ' Create a second permission set and compare it to the first permission set.
            ps2.AddPermission(New EnvironmentPermission(EnvironmentPermissionAccess.Read, "USERNAME"))
            ps2.AddPermission(New EnvironmentPermission(EnvironmentPermissionAccess.Write, "COMPUTERNAME"))
            Console.WriteLine("Permissions in first permission set:")
            Dim list As IEnumerator = ps1.GetEnumerator()
            While list.MoveNext()
                Console.WriteLine(list.Current.ToString())
            End While
            Console.WriteLine("Second permission IsSubsetOf first permission = " & ps2.IsSubsetOf(ps1))
            ' Display the intersection of two permission sets.
            Dim ps3 As PermissionSet = ps2.Intersect(ps1)
            Console.WriteLine("The intersection of the first permission set and " & "the second permission set = " & ps3.ToString())
            ' Create a new permission set.
            Dim ps4 As New PermissionSet(PermissionState.None)
            ps4.AddPermission(New FileIOPermission(FileIOPermissionAccess.Read, "C:\Temp\Testfile.txt"))
            ps4.AddPermission(New FileIOPermission(FileIOPermissionAccess.Read Or FileIOPermissionAccess.Write Or FileIOPermissionAccess.Append, "C:\Temp\Testfile.txt"))
            ' Display the union of two permission sets.
            Dim ps5 As PermissionSet = ps3.Union(ps4)
            Console.WriteLine("The union of permission set 3 and permission set 4 = " & ps5.ToString())
            ' Remove FileIOPermission from the permission set.
            ps5.RemovePermission(GetType(FileIOPermission))
            Console.WriteLine("The last permission set after removing FileIOPermission = " & ps5.ToString())
            ' Change the permission set using SetPermission.
            ps5.SetPermission(New EnvironmentPermission(EnvironmentPermissionAccess.AllAccess, "USERNAME"))
            Console.WriteLine("Permission set after SetPermission = " & ps5.ToString())
            ' Display result of ToXml and FromXml operations.
            Dim ps6 As New PermissionSet(PermissionState.None)
            ps6.FromXml(ps5.ToXml())
            Console.WriteLine("Result of ToFromXml = " & ps6.ToString() & ControlChars.Lf)
            ' Display results of PermissionSet.GetEnumerator.
            Dim psEnumerator As IEnumerator = ps1.GetEnumerator()
            While psEnumerator.MoveNext()
                Console.WriteLine(psEnumerator.Current)
            End While
            ' Check for an unrestricted permission set.
            Dim ps7 As New PermissionSet(PermissionState.Unrestricted)
            Console.WriteLine("Permission set is unrestricted = " & ps7.IsUnrestricted())
            ' Create and display a copy of a permission set.
            ps7 = ps5.Copy()
            Console.WriteLine("Result of copy = " & ps7.ToString())
        Catch e As Exception
            Console.WriteLine(e.Message.ToString())
        End Try
    End Sub

    Overloads Shared Sub Main(ByVal args() As String)
        PermissionSetDemo()
    End Sub
End Class

Remarks

Caution

Code Access Security (CAS) has been deprecated across all versions of .NET Framework and .NET. Recent versions of .NET do not honor CAS annotations and produce errors if CAS-related APIs are used. Developers should seek alternative means of accomplishing security tasks.

You can use PermissionSet to perform operations on several different permissions as a group.

Constructors

PermissionSet(PermissionSet)

Initializes a new instance of the PermissionSet class with initial values taken from the permSet parameter.

PermissionSet(PermissionState)

Initializes a new instance of the PermissionSet class with the specified PermissionState.

Properties

Count

Gets the number of permission objects contained in the permission set.

IsReadOnly

Gets a value indicating whether the collection is read-only.

IsSynchronized

Gets a value indicating whether the collection is guaranteed to be thread safe.

SyncRoot

Gets the root object of the current collection.

Methods

AddPermission(IPermission)

Adds a specified permission to the PermissionSet.

AddPermissionImpl(IPermission)

Adds a specified permission to the PermissionSet.

Assert()

Declares that the calling code can access the resource protected by a permission demand through the code that calls this method, even if callers higher in the stack have not been granted permission to access the resource. Using Assert() can create security vulnerabilities.

ContainsNonCodeAccessPermissions()

Gets a value indicating whether the PermissionSet contains permissions that are not derived from CodeAccessPermission.

ConvertPermissionSet(String, Byte[], String)
Obsolete.
Obsolete.

Converts an encoded PermissionSet from one XML encoding format to another XML encoding format.

Copy()

Creates a copy of the PermissionSet.

CopyTo(Array, Int32)

Copies the permission objects of the set to the indicated location in an Array.

Demand()

Forces a SecurityException at run time if all callers higher in the call stack have not been granted the permissions specified by the current instance.

Deny()
Obsolete.
Obsolete.

Causes any Demand() that passes through the calling code for a permission that has an intersection with a permission of a type contained in the current PermissionSet to fail.

Equals(Object)

Determines whether the specified PermissionSet or NamedPermissionSet object is equal to the current PermissionSet.

Equals(Object)

Determines whether the specified object is equal to the current object.

(Inherited from Object)
FromXml(SecurityElement)

Reconstructs a security object with a specified state from an XML encoding.

GetEnumerator()

Returns an enumerator for the permissions of the set.

GetEnumeratorImpl()

Returns an enumerator for the permissions of the set.

GetHashCode()

Gets a hash code for the PermissionSet object that is suitable for use in hashing algorithms and data structures such as a hash table.

GetHashCode()

Serves as the default hash function.

(Inherited from Object)
GetPermission(Type)

Gets a permission object of the specified type, if it exists in the set.

GetPermissionImpl(Type)

Gets a permission object of the specified type, if it exists in the set.

GetType()

Gets the Type of the current instance.

(Inherited from Object)
Intersect(PermissionSet)

Creates and returns a permission set that is the intersection of the current PermissionSet and the specified PermissionSet.

IsEmpty()

Gets a value indicating whether the PermissionSet is empty.

IsSubsetOf(PermissionSet)

Determines whether the current PermissionSet is a subset of the specified PermissionSet.

IsUnrestricted()

Determines whether the PermissionSet is Unrestricted.

MemberwiseClone()

Creates a shallow copy of the current Object.

(Inherited from Object)
PermitOnly()

Causes any Demand() that passes through the calling code for any PermissionSet that is not a subset of the current PermissionSet to fail.

RemovePermission(Type)

Removes a permission of a certain type from the set.

RemovePermissionImpl(Type)

Removes a permission of a certain type from the set.

RevertAssert()

Causes any previous Assert() for the current frame to be removed and no longer be in effect.

SetPermission(IPermission)

Sets a permission to the PermissionSet, replacing any existing permission of the same type.

SetPermissionImpl(IPermission)

Sets a permission to the PermissionSet, replacing any existing permission of the same type.

ToString()

Returns a string representation of the PermissionSet.

ToXml()

Creates an XML encoding of the security object and its current state.

Union(PermissionSet)

Creates a PermissionSet that is the union of the current PermissionSet and the specified PermissionSet.

Explicit Interface Implementations

IDeserializationCallback.OnDeserialization(Object)

Runs when the entire object graph has been deserialized.

Extension Methods

Cast<TResult>(IEnumerable)

Casts the elements of an IEnumerable to the specified type.

OfType<TResult>(IEnumerable)

Filters the elements of an IEnumerable based on a specified type.

AsParallel(IEnumerable)

Enables parallelization of a query.

AsQueryable(IEnumerable)

Converts an IEnumerable to an IQueryable.

Applies to