Duration (Pacific Standard Time):
To (Pacific Standard Time):
Impact:
  • None
User Action:
  • None

CodeAccessPermission Class

 

Defines the underlying structure of all code access permissions.

Namespace:   System.Security
Assembly:  mscorlib (in mscorlib.dll)

System.Object
  System.Security.CodeAccessPermission
    System.Configuration.ConfigurationPermission
    System.Data.Common.DBDataPermission
    System.Data.OracleClient.OraclePermission
    System.Drawing.Printing.PrintingPermission
    System.Messaging.MessageQueuePermission
    System.Net.DnsPermission
    System.Net.Mail.SmtpPermission
    System.Net.NetworkInformation.NetworkInformationPermission
    System.Net.PeerToPeer.Collaboration.PeerCollaborationPermission
    System.Net.PeerToPeer.PnrpPermission
    System.Net.SocketPermission
    System.Net.WebPermission
    System.Security.Permissions.DataProtectionPermission
    System.Security.Permissions.EnvironmentPermission
    System.Security.Permissions.FileDialogPermission
    System.Security.Permissions.FileIOPermission
    System.Security.Permissions.GacIdentityPermission
    System.Security.Permissions.IsolatedStoragePermission
    System.Security.Permissions.KeyContainerPermission
    System.Security.Permissions.MediaPermission
    System.Security.Permissions.PublisherIdentityPermission
    System.Security.Permissions.ReflectionPermission
    System.Security.Permissions.RegistryPermission
    System.Security.Permissions.ResourcePermissionBase
    System.Security.Permissions.SecurityPermission
    System.Security.Permissions.SiteIdentityPermission
    System.Security.Permissions.StorePermission
    System.Security.Permissions.StrongNameIdentityPermission
    System.Security.Permissions.TypeDescriptorPermission
    System.Security.Permissions.UIPermission
    System.Security.Permissions.UrlIdentityPermission
    System.Security.Permissions.WebBrowserPermission
    System.Security.Permissions.ZoneIdentityPermission
    System.Transactions.DistributedTransactionPermission
    System.Web.AspNetHostingPermission
    System.Xaml.Permissions.XamlLoadPermission

<SerializableAttribute>
<ComVisibleAttribute(True)>
<SecurityPermissionAttribute(SecurityAction.InheritanceDemand,
	ControlEvidence := True, ControlPolicy := True)>
Public MustInherit Class CodeAccessPermission
	Implements IPermission, ISecurityEncodable, IStackWalk
Name Description
System_CAPS_protmethod CodeAccessPermission()

Initializes a new instance of the CodeAccessPermission class.

Name Description
System_CAPS_pubmethod Assert()

Declares that the calling code can access the resource protected by a permission demand through the code that calls this method, even if callers higher in the stack have not been granted permission to access the resource. Using Assert can create security issues.

System_CAPS_pubmethod Copy()

When implemented by a derived class, creates and returns an identical copy of the current permission object.

System_CAPS_pubmethod Demand()

Forces a SecurityException at run time if all callers higher in the call stack have not been granted the permission specified by the current instance.

System_CAPS_pubmethod Deny()

Obsolete.Prevents callers higher in the call stack from using the code that calls this method to access the resource specified by the current instance.

System_CAPS_pubmethod Equals(Object)

Determines whether the specified CodeAccessPermission object is equal to the current CodeAccessPermission.(Overrides Object.Equals(Object).)

System_CAPS_protmethod Finalize()

Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection.(Inherited from Object.)

System_CAPS_pubmethod FromXml(SecurityElement)

When overridden in a derived class, reconstructs a security object with a specified state from an XML encoding.

System_CAPS_pubmethod GetHashCode()

Gets a hash code for the CodeAccessPermission object that is suitable for use in hashing algorithms and data structures such as a hash table.(Overrides Object.GetHashCode().)

System_CAPS_pubmethod GetType()

Gets the Type of the current instance.(Inherited from Object.)

System_CAPS_pubmethod Intersect(IPermission)

When implemented by a derived class, creates and returns a permission that is the intersection of the current permission and the specified permission.

System_CAPS_pubmethod IsSubsetOf(IPermission)

When implemented by a derived class, determines whether the current permission is a subset of the specified permission.

System_CAPS_protmethod MemberwiseClone()

Creates a shallow copy of the current Object.(Inherited from Object.)

System_CAPS_pubmethod PermitOnly()

Prevents callers higher in the call stack from using the code that calls this method to access all resources except for the resource specified by the current instance.

System_CAPS_pubmethod System_CAPS_static RevertAll()

Causes all previous overrides for the current frame to be removed and no longer in effect.

System_CAPS_pubmethod System_CAPS_static RevertAssert()

Causes any previous Assert for the current frame to be removed and no longer in effect.

System_CAPS_pubmethod System_CAPS_static RevertDeny()

Obsolete.Causes any previous Deny for the current frame to be removed and no longer in effect.

System_CAPS_pubmethod System_CAPS_static RevertPermitOnly()

Causes any previous PermitOnly for the current frame to be removed and no longer in effect.

System_CAPS_pubmethod ToString()

Creates and returns a string representation of the current permission object.(Overrides Object.ToString().)

System_CAPS_pubmethod ToXml()

When overridden in a derived class, creates an XML encoding of the security object and its current state.

System_CAPS_pubmethod Union(IPermission)

When overridden in a derived class, creates a permission that is the union of the current permission and the specified permission.

Code access permissions use a stack walk to ensure that all callers of the code have been granted a permission. If a permission object is null, it is handled the same as a permission object with the state PermissionState.None.

The call stack is typically represented as growing down, so that methods higher in the call stack call methods lower in the call stack.

Inheritors of the CodeAccessPermission class must be granted full trust to function correctly as permissions extending the security infrastructure. To determine that the inheritors are fully trusted, CodeAccessPermission issues an InheritanceDemand for ControlEvidence = true and ControlPolicy = true.

Notes to Inheritors:

When you inherit from CodeAccessPermission, you must also implement the IUnrestrictedPermission interface.

The following CodeAccessPermission members must be overridden: Copy, Intersect, IsSubsetOf, ToXml, FromXml, and Union.

You must also define a constructor that takes a PermissionState as its only parameter.

You must apply the SerializableAttribute attribute to a class that inherits from CodeAccessPermission.

The following code example shows a permission derived from the CodeAccessPermission class.

' This custom permission is intended only for the purposes of illustration.
' The following code shows how to create a custom permission that inherits
' from CodeAccessPermission. The code implements all required overrides.
' A wildcard character ('*') is implemented for the Name property.
Imports System
Imports System.Security
Imports System.Security.Permissions
Imports System.IO
Imports System.Security.Policy
Imports System.Collections
Imports Microsoft.VisualBasic

<assembly: System.Reflection.AssemblyKeyFile("Key.snk")>

<assembly: System.Security.AllowPartiallyTrustedCallersAttribute()>
Namespace MyPermission

    <Serializable()> _
                   Public NotInheritable Class NameIdPermission
        Inherits CodeAccessPermission
        Implements IUnrestrictedPermission
        Private m_Name As String
        Private m_Unrestricted As Boolean


        Public Sub New(ByVal name As String)
            m_name = name
        End Sub 'NewNew


        Public Sub New(ByVal state As PermissionState)
            If state = PermissionState.None Then
                m_name = ""
            ElseIf state = PermissionState.Unrestricted Then
                Throw New ArgumentException("Unrestricted state is not allowed for identity permissions.")
            Else
                Throw New ArgumentException("Invalid permission state.")
            End If
        End Sub 'New 

        Public Property Name() As String
            Get
                Return m_name
            End Get
            Set(ByVal Value As String)
                m_name = Value
            End Set
        End Property

        Public Overrides Function Copy() As IPermission
            Dim name As String
            name = m_name
            Return New NameIdPermission(name)
        End Function 'Copy

        Public Function IsUnrestricted() As Boolean Implements IUnrestrictedPermission.IsUnrestricted
            ' Always false, unrestricted state is not allowed.
            Return m_Unrestricted
        End Function
        Private Function VerifyType(ByVal target As IPermission) As Boolean
            Return TypeOf target Is NameIdPermission
        End Function 'VerifyType

        Public Overrides Function IsSubsetOf(ByVal target As IPermission) As Boolean

#If (Debug) Then

            Console.WriteLine("************* Entering IsSubsetOf *********************")
#End If
            If target Is Nothing Then
                Console.WriteLine("IsSubsetOf: target == null")
                Return False
            End If
#If (Debug) Then
            Console.WriteLine(("This is = " + CType(Me, NameIdPermission).Name))
            Console.WriteLine(("Target is " + CType(target, NameIdPermission).m_name))
#End If
            Try
                Dim operand As NameIdPermission = CType(target, NameIdPermission)

                ' The following check for unrestricted permission is only included as an example for
                ' permissions that allow the unrestricted state. It is of no value for this permission.
                If True = operand.m_Unrestricted Then
                    Return True
                ElseIf True = Me.m_Unrestricted Then
                    Return False
                End If

                If Not (Me.m_name Is Nothing) Then
                    If operand.m_name Is Nothing Then
                        Return False
                    End If
                    If Me.m_name = "" Then
                        Return True
                    End If
                End If
                If Me.m_name.Equals(operand.m_name) Then
                    Return True
                Else
                    ' Check for wild card character '*'.
                    Dim i As Integer = operand.m_name.LastIndexOf("*")

                    If i > 0 Then
                        Dim prefix As String = operand.m_name.Substring(0, i)

                        If Me.m_name.StartsWith(prefix) Then
                            Return True
                        End If
                    End If
                End If

                Return False
            Catch
                Throw New ArgumentException(String.Format("Argument_WrongType", Me.GetType().FullName))
            End Try
        End Function

        Public Overrides Function Intersect(ByVal target As IPermission) As IPermission
            Console.WriteLine("************* Entering Intersect *********************")
            If target Is Nothing Then
                Return Nothing
            End If
#If (Debug) Then

            Console.WriteLine(("This is = " + CType(Me, NameIdPermission).Name))
            Console.WriteLine(("Target is " + CType(target, NameIdPermission).m_name))
#End If
            If Not VerifyType(target) Then
                Throw New ArgumentException(String.Format("Argument is wrong type.", Me.GetType().FullName))
            End If

            Dim operand As NameIdPermission = CType(target, NameIdPermission)

            If operand.IsSubsetOf(Me) Then
                Return operand.Copy()
            ElseIf Me.IsSubsetOf(operand) Then
                Return Me.Copy()
            Else
                Return Nothing
            End If
        End Function 'Intersect

        Public Overrides Function Union(ByVal target As IPermission) As IPermission
#If (Debug) Then

            Console.WriteLine("************* Entering Union *********************")
#End If
            If target Is Nothing Then
                Return Me
            End If
#If (Debug) Then
            Console.WriteLine(("This is = " + CType(Me, NameIdPermission).Name))
            Console.WriteLine(("Target is " + CType(target, NameIdPermission).m_name))
#End If
            If Not VerifyType(target) Then
                Throw New ArgumentException(String.Format("Argument_WrongType", Me.GetType().FullName))
            End If

            Dim operand As NameIdPermission = CType(target, NameIdPermission)

            If operand.IsSubsetOf(Me) Then
                Return Me.Copy()
            ElseIf Me.IsSubsetOf(operand) Then
                Return operand.Copy()
            Else
                Return Nothing
            End If
        End Function 'Union

        Public Overrides Sub FromXml(ByVal e As SecurityElement)
            ' The following code for unrestricted permission is only included as an example for
            ' permissions that allow the unrestricted state. It is of no value for this permission.
            Dim elUnrestricted As String = e.Attribute("Unrestricted")
            If Nothing <> elUnrestricted Then
                m_Unrestricted = Boolean.Parse(elUnrestricted)
                Return
            End If

            Dim elName As String = e.Attribute("Name")
            m_name = IIf(elName Is Nothing, Nothing, elName)
        End Sub 'FromXml

        Public Overrides Function ToXml() As SecurityElement
            ' Use the SecurityElement class to encode the permission to XML.
            Dim esd As New SecurityElement("IPermission")

            Dim name As String = GetType(NameIdPermission).AssemblyQualifiedName
            esd.AddAttribute("class", name)
            esd.AddAttribute("version", "1.0")

            ' The following code for unrestricted permission is only included as an example for
            ' permissions that allow the unrestricted state. It is of no value for this permission.
            If m_Unrestricted Then
                esd.AddAttribute("Unrestricted", True.ToString())
            End If
            If Not (m_Name Is Nothing) Then
                esd.AddAttribute("Name", m_Name)
            End If
            Return esd
        End Function 'ToXml
    End Class ' NameIdPermission 
End Namespace
InheritanceDemand

for the ability of inheritors to provide evidence and view and modify policy. Associated enumerations: SecurityPermissionFlag.ControlEvidence, SecurityPermissionFlag.ControlPolicy.

.NET Framework
Available since 1.1

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Return to top