共用方式為


CodeAccessPermission 類別

定義

警告

Code Access Security is not supported or honored by the runtime.

定義所有程式碼存取權限的基礎結構。

public ref class CodeAccessPermission abstract : System::Security::IPermission, System::Security::IStackWalk
public abstract class CodeAccessPermission : System.Security.IPermission, System.Security.IStackWalk
[System.Obsolete("Code Access Security is not supported or honored by the runtime.", DiagnosticId="SYSLIB0003", UrlFormat="https://aka.ms/dotnet-warnings/{0}")]
public abstract class CodeAccessPermission : System.Security.IPermission, System.Security.IStackWalk
[System.Serializable]
public abstract class CodeAccessPermission : System.Security.IPermission, System.Security.IStackWalk
[System.Serializable]
[System.Runtime.InteropServices.ComVisible(true)]
public abstract class CodeAccessPermission : System.Security.IPermission, System.Security.IStackWalk
type CodeAccessPermission = class
    interface IPermission
    interface ISecurityEncodable
    interface IStackWalk
[<System.Obsolete("Code Access Security is not supported or honored by the runtime.", DiagnosticId="SYSLIB0003", UrlFormat="https://aka.ms/dotnet-warnings/{0}")>]
type CodeAccessPermission = class
    interface IPermission
    interface ISecurityEncodable
    interface IStackWalk
[<System.Serializable>]
type CodeAccessPermission = class
    interface IPermission
    interface ISecurityEncodable
    interface IStackWalk
[<System.Serializable>]
[<System.Runtime.InteropServices.ComVisible(true)>]
type CodeAccessPermission = class
    interface IPermission
    interface ISecurityEncodable
    interface IStackWalk
Public MustInherit Class CodeAccessPermission
Implements IPermission, IStackWalk
繼承
CodeAccessPermission
衍生
屬性
實作

範例

下列程式代碼範例顯示衍生自 CodeAccessPermission 類別的許可權。

//#define debug
// This custom permission is intended only for the purposes of illustration.
// The following code shows how to create a custom permission that inherits
// from CodeAccessPermission. The code implements all required overrides.
// A wildcard character ('*') is implemented for the Name property.

using namespace System;
using namespace System::Security;
using namespace System::Security::Permissions;
using namespace System::IO;
using namespace System::Security::Policy;
using namespace System::Collections;
using namespace System::Text;

[assembly:System::Reflection::AssemblyKeyFile("Key.snk")];
[assembly:System::Security::AllowPartiallyTrustedCallersAttribute];

[Serializable]
public ref class NameIdPermission: public CodeAccessPermission, public IUnrestrictedPermission
{
private:
   String^ m_Name;
   bool m_Unrestricted;

public:
   NameIdPermission( String^ name )
   {
      m_Name = name;
   }

   NameIdPermission( PermissionState state )
   {
      if ( state == PermissionState::None )
      {
         m_Name = "";
      }
      else if ( state == PermissionState::Unrestricted )
      {
         throw gcnew ArgumentException( "Unrestricted state is not allowed for identity permissions." );
      }
      else
      {
         throw gcnew ArgumentException( "Invalid permission state." );
      }
   }

   property String^ Name 
   {
      String^ get()
      {
         return m_Name;
      }
      void set( String^ value )
      {
         m_Name = value;
      }
   }

public:
   virtual IPermission^ Copy() override
   {
      String^ name = m_Name;
      return gcnew NameIdPermission( name );
   }

public:
   virtual bool IsUnrestricted()
   {
      // Always false, unrestricted state is not allowed.
      return m_Unrestricted;
   }

private:
   bool VerifyType( IPermission^ target )
   {
      return dynamic_cast<NameIdPermission^>(target) != nullptr;
   }

public:
   virtual bool IsSubsetOf( IPermission^ target ) override
   {
#if ( debug ) 
      Console::WriteLine( "************* Entering IsSubsetOf *********************" );
#endif

      if ( target == nullptr )
      {
         Console::WriteLine( "IsSubsetOf: target == null" );
         return false;
      }

#if ( debug ) 
      Console::WriteLine( "This is = {0}", ((NameIdPermission)this).Name );
      Console::WriteLine( "Target is {0}", ((NameIdPermission)target).m_Name );
#endif

      try
      {
         NameIdPermission^ operand = dynamic_cast<NameIdPermission^>(target);
         
         // The following check for unrestricted permission is only included as an example for
         // permissions that allow the unrestricted state. It is of no value for this permission.
         if ( true == operand->m_Unrestricted )
         {
            return true;
         }
         else if ( true == this->m_Unrestricted )
         {
            return false;
         }

         if ( this->m_Name != nullptr )
         {
            if ( operand->m_Name == nullptr )
            {
               return false;
            }
            if ( this->m_Name->Equals( "" ) )
            {
               return true;
            }
         }

         if ( this->m_Name->Equals( operand->m_Name ) )
         {
            return true;
         }
         else
         {
            // Check for wild card character '*'.
            int i = operand->m_Name->LastIndexOf( "*" );

            if ( i > 0 )
            {
               String^ prefix = operand->m_Name->Substring( 0, i );
               if ( this->m_Name->StartsWith( prefix ) )
               {
                  return true;
               }
            }
         }
         return false;
      }
      catch ( InvalidCastException^ ) 
      {
         throw gcnew ArgumentException( String::Format( "Argument_WrongType", this->GetType()->FullName ) );
      }
   }

public:
   virtual IPermission^ Intersect( IPermission^ target ) override
   {
      Console::WriteLine( "************* Entering Intersect *********************" );
      if ( target == nullptr )
      {
         return nullptr;
      }

#if ( debug ) 
      Console::WriteLine( "This is = {0}", ((NameIdPermission)this).Name );
      Console::WriteLine( "Target is {0}", ((NameIdPermission)target).m_Name );
#endif 

      if (  !VerifyType( target ) )
      {
         throw gcnew ArgumentException( String::Format( "Argument is wrong type.", this->GetType()->FullName ) );
      }

      NameIdPermission^ operand = dynamic_cast<NameIdPermission^>(target);

      if ( operand->IsSubsetOf( this ) )
      {
         return operand->Copy();
      }
      else if ( this->IsSubsetOf( operand ) )
      {
         return this->Copy();
      }
      else
      {
         return nullptr;
      }
   }

public:
   virtual IPermission^ Union( IPermission^ target ) override
   {
#if ( debug ) 
      Console::WriteLine( "************* Entering Union *********************" );
#endif 

      if ( target == nullptr )
      {
         return this;
      }

#if ( debug ) 
      Console::WriteLine( "This is = {0}", ((NameIdPermission)this).Name );
      Console::WriteLine( "Target is {0}", ((NameIdPermission)target).m_Name );
#endif 

      if (  !VerifyType( target ) )
      {
         throw gcnew ArgumentException( String::Format( "Argument_WrongType", this->GetType()->FullName ) );
      }

      NameIdPermission^ operand = dynamic_cast<NameIdPermission^>(target);

      if ( operand->IsSubsetOf( this ) )
      {
         return this->Copy();
      }
      else if ( this->IsSubsetOf( operand ) )
      {
         return operand->Copy();
      }
      else
      {
         return nullptr;
      }
   }

public:
   virtual void FromXml( SecurityElement^ e ) override
   {
      // The following code for unrestricted permission is only included as an example for
      // permissions that allow the unrestricted state. It is of no value for this permission.
      String^ elUnrestricted = e->Attribute("Unrestricted");
      if ( nullptr != elUnrestricted )
      {
         m_Unrestricted = Boolean::Parse( elUnrestricted );
         return;
      }

      String^ elName = e->Attribute("Name");
      m_Name = elName == nullptr ? nullptr : elName;
   }

public:
   virtual SecurityElement^ ToXml() override
   {
      // Use the SecurityElement class to encode the permission to XML.
      SecurityElement^ esd = gcnew SecurityElement( "IPermission" );
      String^ name = NameIdPermission::typeid->AssemblyQualifiedName;
      esd->AddAttribute( "class", name );
      esd->AddAttribute( "version", "1.0" );
      
      // The following code for unrestricted permission is only included as an example for
      // permissions that allow the unrestricted state. It is of no value for this permission.
      if ( m_Unrestricted )
      {
         esd->AddAttribute( "Unrestricted", true.ToString() );
      }

      if ( m_Name != nullptr )
      {
         esd->AddAttribute( "Name", m_Name );
      }

      return esd;
   }
};
//#define debug
// This custom permission is intended only for the purposes of illustration.
// The following code shows how to create a custom permission that inherits
// from CodeAccessPermission. The code implements all required overrides.
// A wildcard character ('*') is implemented for the Name property.
using System;
using System.Security;
using System.Security.Permissions;
using System.IO;
using System.Security.Policy;
using System.Collections;
using System.Text;

[assembly:System.Reflection.AssemblyKeyFile("Key.snk")]
[assembly:System.Security.AllowPartiallyTrustedCallersAttribute()]

namespace MyPermission
{
    [Serializable()] sealed public class   NameIdPermission : CodeAccessPermission, IUnrestrictedPermission
    {
        private String m_Name;
        private bool m_Unrestricted;

        public  NameIdPermission(String name)
        {
            m_Name = name;
        }

        public  NameIdPermission(PermissionState state)
        {
            if (state == PermissionState.None)
            {
                m_Name = "";
            }
            else
                if (state == PermissionState.Unrestricted)
            {
                throw new ArgumentException("Unrestricted state is not allowed for identity permissions.");
            }
            else
            {
                throw new ArgumentException("Invalid permission state.");
            }
        }

        public String Name
        {
            set{m_Name = value;}
            get{ return m_Name;}
        }
        public override IPermission Copy()
        {
            string name = m_Name;
            return new  NameIdPermission( name );
        }
        public bool IsUnrestricted()
        {
            // Always false, unrestricted state is not allowed.
            return m_Unrestricted;
        }

        private bool VerifyType(IPermission target)
        {
            return (target is  NameIdPermission);
        }
        public override bool IsSubsetOf(IPermission target)
        {
#if(debug)
            Console.WriteLine ("************* Entering IsSubsetOf *********************");
#endif
            if (target == null)
            {
                Console.WriteLine ("IsSubsetOf: target == null");
                return false;
            }
#if(debug)

            Console.WriteLine ("This is = " + (( NameIdPermission)this).Name);
            Console.WriteLine ("Target is " + (( NameIdPermission)target).m_Name);
#endif
            try
            {
                 NameIdPermission operand = ( NameIdPermission)target;

                // The following check for unrestricted permission is only included as an example for
                // permissions that allow the unrestricted state. It is of no value for this permission.
                if (true == operand.m_Unrestricted)
                {
                    return true;
                }
                else if (true == this.m_Unrestricted)
                {
                    return false;
                }

                if (this.m_Name != null)
                {
                    if (operand.m_Name == null) return false;

                    if (this.m_Name == "") return true;
                }

                if (this.m_Name.Equals (operand.m_Name))
                {
                    return true;
                }
                else
                {
                    // Check for wild card character '*'.
                    int i = operand.m_Name.LastIndexOf ("*");

                    if (i > 0)
                    {
                        string prefix = operand.m_Name.Substring (0, i);

                        if (this.m_Name.StartsWith (prefix))
                        {
                            return true;
                        }
                    }
                }

                return false;
            }
            catch (InvalidCastException)
            {
                throw new ArgumentException (String.Format ("Argument_WrongType", this.GetType ().FullName));
            }
        }
        public override IPermission Intersect(IPermission target)
        {
            Console.WriteLine ("************* Entering Intersect *********************");
            if (target == null)
            {
                return null;
            }
#if(debug)
            Console.WriteLine ("This is = " + (( NameIdPermission)this).Name);
            Console.WriteLine ("Target is " + (( NameIdPermission)target).m_Name);
#endif
            if (!VerifyType(target))
            {
                throw new ArgumentException (String.Format ("Argument is wrong type.", this.GetType ().FullName));
            }

             NameIdPermission operand = ( NameIdPermission)target;

            if (operand.IsSubsetOf (this)) return operand.Copy ();
            else if (this.IsSubsetOf (operand)) return this.Copy ();
            else
                return null;
        }

        public override IPermission Union(IPermission target)
        {
#if(debug)
            Console.WriteLine ("************* Entering Union *********************");
#endif
            if (target == null)
            {
                return this;
            }
#if(debug)
            Console.WriteLine ("This is = " + (( NameIdPermission)this).Name);
            Console.WriteLine ("Target is " + (( NameIdPermission)target).m_Name);
#endif
            if (!VerifyType(target))
            {
                throw new ArgumentException (String.Format ("Argument_WrongType", this.GetType ().FullName));
            }

             NameIdPermission operand = ( NameIdPermission)target;

            if (operand.IsSubsetOf (this)) return this.Copy ();
            else if (this.IsSubsetOf (operand)) return operand.Copy ();
            else
                return null;
        }
        
        
        
        
       public override void FromXml(SecurityElement e)
        {
            // The following code for unrestricted permission is only included as an example for
            // permissions that allow the unrestricted state. It is of no value for this permission.
            String elUnrestricted = e.Attribute("Unrestricted");
            if (null != elUnrestricted)
            {
                m_Unrestricted = bool.Parse(elUnrestricted);
                return;
            }

            String elName = e.Attribute( "Name" );
            m_Name = elName == null ? null : elName;
        }
        public override SecurityElement ToXml()
        {
            // Use the SecurityElement class to encode the permission to XML.
            SecurityElement esd = new SecurityElement("IPermission");
            String name = typeof( NameIdPermission).AssemblyQualifiedName;
            esd.AddAttribute("class", name);
            esd.AddAttribute("version", "1.0");

            // The following code for unrestricted permission is only included as an example for
            // permissions that allow the unrestricted state. It is of no value for this permission.
            if (m_Unrestricted)
            {
                esd.AddAttribute("Unrestricted", true.ToString());
            }
            if (m_Name != null) esd.AddAttribute( "Name", m_Name );
            return esd;
        }
     }
}
' This custom permission is intended only for the purposes of illustration.
' The following code shows how to create a custom permission that inherits
' from CodeAccessPermission. The code implements all required overrides.
' A wildcard character ('*') is implemented for the Name property.
Imports System.Security
Imports System.Security.Permissions
Imports System.IO
Imports System.Security.Policy
Imports System.Collections

<assembly: System.Reflection.AssemblyKeyFile("Key.snk")>

<assembly: System.Security.AllowPartiallyTrustedCallersAttribute()>
Namespace MyPermission

    <Serializable()> _
                   Public NotInheritable Class NameIdPermission
        Inherits CodeAccessPermission
        Implements IUnrestrictedPermission
        Private m_Name As String
        Private m_Unrestricted As Boolean


        Public Sub New(ByVal name As String)
            m_name = name
        End Sub


        Public Sub New(ByVal state As PermissionState)
            If state = PermissionState.None Then
                m_name = ""
            ElseIf state = PermissionState.Unrestricted Then
                Throw New ArgumentException("Unrestricted state is not allowed for identity permissions.")
            Else
                Throw New ArgumentException("Invalid permission state.")
            End If
        End Sub

        Public Property Name() As String
            Get
                Return m_name
            End Get
            Set(ByVal Value As String)
                m_name = Value
            End Set
        End Property

        Public Overrides Function Copy() As IPermission
            Dim name As String
            name = m_name
            Return New NameIdPermission(name)
        End Function 'Copy

        Public Function IsUnrestricted() As Boolean Implements IUnrestrictedPermission.IsUnrestricted
            ' Always false, unrestricted state is not allowed.
            Return m_Unrestricted
        End Function
        Private Function VerifyType(ByVal target As IPermission) As Boolean
            Return TypeOf target Is NameIdPermission
        End Function 'VerifyType

        Public Overrides Function IsSubsetOf(ByVal target As IPermission) As Boolean

#If (Debug) Then

            Console.WriteLine("************* Entering IsSubsetOf *********************")
#End If
            If target Is Nothing Then
                Console.WriteLine("IsSubsetOf: target == null")
                Return False
            End If
#If (Debug) Then
            Console.WriteLine(("This is = " + CType(Me, NameIdPermission).Name))
            Console.WriteLine(("Target is " + CType(target, NameIdPermission).m_name))
#End If
            Try
                Dim operand As NameIdPermission = CType(target, NameIdPermission)

                ' The following check for unrestricted permission is only included as an example for
                ' permissions that allow the unrestricted state. It is of no value for this permission.
                If True = operand.m_Unrestricted Then
                    Return True
                ElseIf True = Me.m_Unrestricted Then
                    Return False
                End If

                If Not (Me.m_name Is Nothing) Then
                    If operand.m_name Is Nothing Then
                        Return False
                    End If
                    If Me.m_name = "" Then
                        Return True
                    End If
                End If
                If Me.m_name.Equals(operand.m_name) Then
                    Return True
                Else
                    ' Check for wild card character '*'.
                    Dim i As Integer = operand.m_name.LastIndexOf("*")

                    If i > 0 Then
                        Dim prefix As String = operand.m_name.Substring(0, i)

                        If Me.m_name.StartsWith(prefix) Then
                            Return True
                        End If
                    End If
                End If

                Return False
            Catch
                Throw New ArgumentException(String.Format("Argument_WrongType", Me.GetType().FullName))
            End Try
        End Function

        Public Overrides Function Intersect(ByVal target As IPermission) As IPermission
            Console.WriteLine("************* Entering Intersect *********************")
            If target Is Nothing Then
                Return Nothing
            End If
#If (Debug) Then

            Console.WriteLine(("This is = " + CType(Me, NameIdPermission).Name))
            Console.WriteLine(("Target is " + CType(target, NameIdPermission).m_name))
#End If
            If Not VerifyType(target) Then
                Throw New ArgumentException(String.Format("Argument is wrong type.", Me.GetType().FullName))
            End If

            Dim operand As NameIdPermission = CType(target, NameIdPermission)

            If operand.IsSubsetOf(Me) Then
                Return operand.Copy()
            ElseIf Me.IsSubsetOf(operand) Then
                Return Me.Copy()
            Else
                Return Nothing
            End If
        End Function 'Intersect

        Public Overrides Function Union(ByVal target As IPermission) As IPermission
#If (Debug) Then

            Console.WriteLine("************* Entering Union *********************")
#End If
            If target Is Nothing Then
                Return Me
            End If
#If (Debug) Then
            Console.WriteLine(("This is = " + CType(Me, NameIdPermission).Name))
            Console.WriteLine(("Target is " + CType(target, NameIdPermission).m_name))
#End If
            If Not VerifyType(target) Then
                Throw New ArgumentException(String.Format("Argument_WrongType", Me.GetType().FullName))
            End If

            Dim operand As NameIdPermission = CType(target, NameIdPermission)

            If operand.IsSubsetOf(Me) Then
                Return Me.Copy()
            ElseIf Me.IsSubsetOf(operand) Then
                Return operand.Copy()
            Else
                Return Nothing
            End If
        End Function 'Union

        Public Overrides Sub FromXml(ByVal e As SecurityElement)
            ' The following code for unrestricted permission is only included as an example for
            ' permissions that allow the unrestricted state. It is of no value for this permission.
            Dim elUnrestricted As String = e.Attribute("Unrestricted")
            If Nothing <> elUnrestricted Then
                m_Unrestricted = Boolean.Parse(elUnrestricted)
                Return
            End If

            Dim elName As String = e.Attribute("Name")
            m_name = IIf(elName Is Nothing, Nothing, elName)
        End Sub

        Public Overrides Function ToXml() As SecurityElement
            ' Use the SecurityElement class to encode the permission to XML.
            Dim esd As New SecurityElement("IPermission")

            Dim name As String = GetType(NameIdPermission).AssemblyQualifiedName
            esd.AddAttribute("class", name)
            esd.AddAttribute("version", "1.0")

            ' The following code for unrestricted permission is only included as an example for
            ' permissions that allow the unrestricted state. It is of no value for this permission.
            If m_Unrestricted Then
                esd.AddAttribute("Unrestricted", True.ToString())
            End If
            If Not (m_Name Is Nothing) Then
                esd.AddAttribute("Name", m_Name)
            End If
            Return esd
        End Function 'ToXml
    End Class
End Namespace

備註

警告

程式代碼存取安全性 (CAS) 在所有版本的 .NET Framework 和 .NET 中已被取代。 使用 CAS 相關 API 時,最新版本的 .NET 不會接受 CAS 批注,併產生錯誤。 開發人員應尋求替代方案來完成安全性工作。

程式代碼訪問許可權會使用堆疊逐步解說,以確保程式代碼的所有呼叫端都已獲得許可權。 如果許可權物件為 null,則會處理與狀態 PermissionState.None為的許可權物件相同。

呼叫堆疊通常表示為相應減少,因此呼叫堆棧呼叫方法中的方法會降低呼叫堆疊。

類別的 CodeAccessPermission 繼承者必須獲得完全信任,才能正確運作,以擴充安全性基礎結構的許可權。 若要判斷繼承者完全信任,CodeAccessPermission請針對 ControlEvidencetrue = 和 ControlPolicytrue = 發出 。InheritanceDemand

給實施者的注意事項

當您繼承自 CodeAccessPermission時,也必須實作 IUnrestrictedPermission 介面。

必須覆寫下列 CodeAccessPermission 成員: Copy()Intersect(IPermission)、、 IsSubsetOf(IPermission)ToXml()FromXml(SecurityElement)Union(IPermission)

您也必須定義接受 做為其唯一參數的 PermissionState 建構函式。

您必須將 SerializableAttribute 屬性套用至繼承自 CodeAccessPermission的類別。

建構函式

CodeAccessPermission()
已淘汰.

初始化 CodeAccessPermission 類別的新執行個體。

方法

Assert()
已淘汰.

宣告即使堆疊中較高層的呼叫端未獲得資源存取權限,呼叫程式碼仍可透過呼叫這個方法的程式碼要求權限,來存取受保護的資源。 使用 Assert() 會造成安全性問題。

Copy()
已淘汰.

由衍生類別實作時,建立並傳回目前權限物件的相同複本。

Demand()
已淘汰.

如果在呼叫堆疊中較高的所有呼叫端都尚未被授與由目前執行個體所指定之權限,則會在執行階段強制執行 SecurityException

Deny()
已淘汰.
已淘汰.

防止呼叫堆疊中較高的呼叫端,使用程式碼呼叫此方法來存取目前執行個體所指定的資源。

Equals(Object)
已淘汰.

判斷指定的 CodeAccessPermission 物件是否等於目前的 CodeAccessPermission

Equals(Object)
已淘汰.

判斷指定的物件是否等於目前的物件。

(繼承來源 Object)
FromXml(SecurityElement)
已淘汰.

在衍生類別中覆寫時,透過 XML 編碼方式,重新建構具有指定狀態的安全性物件。

GetHashCode()
已淘汰.

取得 CodeAccessPermission 物件的雜湊碼,其適合用於雜湊表這類的雜湊演算法和資料結構。

GetHashCode()
已淘汰.

做為預設雜湊函式。

(繼承來源 Object)
GetType()
已淘汰.

取得目前執行個體的 Type

(繼承來源 Object)
Intersect(IPermission)
已淘汰.

當由衍生類別實作時,建立並傳回目前使用權限和指定使用權限交集的使用權限。

IsSubsetOf(IPermission)
已淘汰.

當由衍生類別實作時,決定目前使用權限是否為指定使用權限的子集。

MemberwiseClone()
已淘汰.

建立目前 Object 的淺層複製。

(繼承來源 Object)
PermitOnly()
已淘汰.

防止呼叫堆疊中較高的呼叫端,使用程式碼呼叫此方法來存取目前執行個體所指定之資源以外的所有資源。

RevertAll()
已淘汰.

會移除目前畫面格之所有先前覆寫,且不再有作用。

RevertAssert()
已淘汰.

會移除目前畫面格之任何先前的 Assert(),且不再有作用。

RevertDeny()
已淘汰.
已淘汰.

會移除目前畫面格之任何先前的 Deny(),且不再有作用。

RevertPermitOnly()
已淘汰.

會移除目前畫面格之任何先前的 PermitOnly(),且不再有作用。

ToString()
已淘汰.

建立並傳回目前權限物件的字串表示。

ToXml()
已淘汰.

在衍生類別中覆寫時,建立安全性物件及其目前狀態的 XML 編碼。

Union(IPermission)
已淘汰.

在衍生類別中覆寫時,建立目前權限與指定權限聯集的權限。

適用於