public class PermissionSet : ICollection, IEnumerable
Object
PermissionSetThis type implements ICollection and IEnumerable.
mscorlib
BCL
Represents a collection that can contain different kinds of permissions and perform security operations.
[Note: Use PermissionSet to perform operations on different permission types as a group.]
The XML encoding of a PermissionSet instance is defined below in EBNF format. The following conventions are used:
The following meta-language symbols are used:
- All non-literals in the grammar below are shown in normal type.
- All literals are in bold font.
The XML encoding of a PermissionSet instance is as follows:
- '*' represents a meta-language symbol suffixing an expression that can appear zero or more times.
- '?' represents a meta-language symbol suffixing an expression that can appear zero or one time.
- '+' represents a meta-language symbol suffixing an expression that can appear one or more times.
- '(',')' is used to group literals, non-literals or a mixture of literals and non-literals.
- '|' denotes an exclusive disjunction between two expressions.
- '::= ' denotes a production rule where a left hand non-literal is replaced by a right hand expression containing literals, non-literals or both.
PermissionSet::=
CustomPermissionXML represents any custom permission. The XML encoding for custom permissions makes use of the following symbols:(
<PermissionSet
class="System.Security.PermissionSet"
version="1" Unrestricted="true"/>
)
|
(
<PermissionSet
class="System.Security.PermissionSet"
version="1">
DnsPermissionXML ?
SocketPermissionXML ?
WebPermissionXML ?
EnvironmentPermissionXML ?
FileIOPermissionXML ?
ReflectionPermissionXML ?
SecurityPermissionXML ?
CustomPermissionXML *
</PermissionSet>
)
ClassName is the name of the class implementing the permission.
AssemblyName is the name of the assembly that contains the class implementing the permission.
Version is the version number indicating the version of the assembly implementing the permission.
StrongNamePublicKeyToken is the strong name public key token constituting the strong name of the assembly that implements the permission.
version is version information for the custom permission. Format and content are defined by the author of the custom permission.
PermissionAttributes is any attribute and attribute value on the IPermission element used by the permission to represent a particular permission state, for example, unrestricted= "true". Format and content are defined by the author of the custom permission.
PermissionXML is any valid XML used by the permission to represent permission state. Format and content are defined by the author of the custom permission.
The XML encoding of a custom permission instance is as follows:
CustomPermissionXML ::=
<IPermission class="
ClassName
,
AssemblyName
,
Version=
Version,
Culture=neutral,
PublicKeyToken=
StrongNamePublicKeyToken"
version="
version"
(PermissionAttributes)*
>
(PermissionXML)?
</IPermission>
System.Security Namespace
PermissionSet Constructors
PermissionSet(System.Security.Permissions.PermissionState) Constructor
PermissionSet(System.Security.PermissionSet) Constructor
PermissionSet Methods
PermissionSet.AddPermission Method
PermissionSet.Assert Method
PermissionSet.Copy Method
PermissionSet.CopyTo Method
PermissionSet.Demand Method
PermissionSet.Deny Method
PermissionSet.FromXml Method
PermissionSet.GetEnumerator Method
PermissionSet.IsSubsetOf Method
PermissionSet.PermitOnly Method
PermissionSet.ToString Method
PermissionSet.ToXml Method
PermissionSet.Union Method
PermissionSet Properties
PermissionSet.Count Property
PermissionSet.IsSynchronized Property
PermissionSet.SyncRoot Property
public PermissionSet(PermissionState state);
Constructs a new instance of the PermissionSet class with the specified value.
- state
- A PermissionState value. This value is either System.Security.Permissions.PermissionState.None or System.Security.Permissions.PermissionState.Unrestricted , to specify fully restricted or fully unrestricted access.
Exception Type Condition ArgumentException state is not a valid PermissionState value.
[Note: The new instance contains no permissions. To add a permission to the new instance, use System.Security.PermissionSet.AddPermission(System.Security.IPermission).]
System.Security.PermissionSet Class, System.Security Namespace
public PermissionSet(PermissionSet permSet);
Constructs a new instance of the PermissionSet class with the values of the specified PermissionSet instance.
- permSet
- The PermissionSet instance with which to initialize the values of the new instance, or
null
to initialize an empty permission set.
Exception Type Condition ArgumentException permSet is not null
and is not an instance of PermissionSet.
If permSet is notnull
, the new instance is initialized with copies of the objects in permSet, not references to those objects. If permSet isnull
, the new instance contains no permissions.[Note: To add a permission to an empty PermissionSet , use System.Security.PermissionSet.AddPermission(System.Security.IPermission).]
System.Security.PermissionSet Class, System.Security Namespace
public virtual IPermission AddPermission(IPermission perm);
Adds the specified IPermission object to the current instance if that permission does not already exist in the current instance.
- perm
- The IPermission object to add.
The IPermission is added if perm is notnull
and a permission of the same type as perm does not already exist in the current instance. If perm isnull
, returnsnull
. If a permission of the same type as perm already exists in the current instance, the union of the existing permission and perm is added to the current instance and is returned.
Exception Type Condition ArgumentException perm is not a IPermission object.
[Behaviors: As described above.]
[Usage: Use this method to add permission objects to the current instance.]
System.Security.PermissionSet Class, System.Security Namespace
public virtual void Assert();
Asserts that calling code can access the resources identified by the permissions contained in the current instance through the code that calls this method, even if callers have not been granted permission to access the resource.
Exception Type Condition SecurityException The asserting code does not have sufficient permission to call this method. -or-
This method was called with permissions already asserted for the current stack frame.
[Note: This method is the only way to assert multiple permissions at the same time within a frame because only a single assert can be active on a frame at one time; subsequent asserts will result in an exception.]
[Behaviors: As described above.]
[Usage: Use this method to insure that all callers can access a set of secured resources.]
System.Security.PermissionSet Class, System.Security Namespace
public virtual PermissionSet Copy();
Returns a new PermissionSet containing copies of the objects in the current instance.
A new PermissionSet that is value equal to the current instance.
[Behaviors: This method creates copies of the permission objects in the current instance, and adds them to the new instance.]
[Default: This method calls the PermissionSet constructor that takes a PermissionSet argument, and passes the current instance as that parameter.]
[Usage: Use this method to create a new PermissionSet instance containing permissions that are identical to the permissions contained in the current instance.]
System.Security.PermissionSet Class, System.Security Namespace
public virtual void CopyTo(Array array, int index);
Copies the permission objects in the current instance to the specified location in the specified Array .
- array
- The destination Array .
- index
- A Int32 that specifies the zero-based starting position in the array at which to begin copying.
Exception Type Condition ArgumentException array has more than one dimension. IndexOutOfRangeException index is outside the range of allowable values for array. ArgumentNullException array is null
.
[Note: This method is implemented to support the ICollection interface.]
[Behaviors: As described above.]
[Default: The default implementation uses the System.Array.SetValue(System.Object,System.Int32)(Object, Int32) method to add the value to the array.]
[Overrides: Override this method to customize the manner in which elements are added to array . ]
System.Security.PermissionSet Class, System.Security Namespace
public virtual void Demand();
Forces a SecurityException if all callers do not have the permissions specified by the objects contained in the current instance.
Exception Type Condition SecurityException A caller does not have the permission specified by the current instance.
[Behaviors: The permission check for System.Security.PermissionSet.Demand begins with the immediate caller of the code that calls this method and continues until all callers have been checked or a caller has been found that is not granted the demanded permission, in which case a SecurityException exception is thrown.If the current instance is empty, a call to System.Security.PermissionSet.Demand succeeds.
]
[Usage: Use this method to ensure in a single operation that all callers have all permissions contained in a permission set.]
System.Security.PermissionSet Class, System.Security Namespace
public virtual void Deny();
Denies access to the resources secured by the objects contained in the current instance through the code that calls this method.
Exception Type Condition SecurityException A previous call to Deny
has already restricted the permissions for the current stack frame.
This is the only way to deny multiple permissions at the same time within a frame because only a single deny can be active on a frame at one time; subsequent denies will result in an exception.[Behaviors: This method is required to prevent callers from accessing all resources protected by the objects in the current instance even if the callers had been granted permission to access them.
A call to System.Security.PermissionSet.Deny is effective until the calling code returns.
]
[Usage: Use this method to force all security checks for the objects contained in the current instance to fail.]
System.Security.PermissionSet Class, System.Security Namespace
public virtual void FromXml(SecurityElement et);
Reconstructs the state of a PermissionSet object using the specified XML encoding.
- et
- A SecurityElement instance containing the XML encoding to use to reconstruct the state of a PermissionSet object.
Exception Type Condition ArgumentNullException et is null
.ArgumentException et does not contain an XML encoding for a PermissionSet instance. An error occurred while reconstructing et .
[Note: For the XML encoding for this class, see the PermissionSet class page.]
[Behaviors: When this call completes, the objects in the current instance are required to be identical to the objects in the PermissionSet encoded in et .]
[Overrides: Override this method to reconstruct subclasses of PermissionSet .]
[Usage: Applications do not typically call this method; it is called by the system.]
System.Security.PermissionSet Class, System.Security Namespace
public virtual IEnumerator GetEnumerator();
Returns an enumerator used to iterate over the permissions in the current instance.
A IEnumerator object for the permissions of the set.
[Note: This method is implemented to support the ICollection interface, which supports the IEnumerable interface.]
[Behaviors: As described above.]
[Overrides: Override this method to customize the enumerator returned by this method.]
System.Security.PermissionSet Class, System.Security Namespace
public virtual bool IsSubsetOf(PermissionSet target);
Determines whether the current instance is a subset of the specified object.
- target
- A PermissionSet instance that is to be tested for the subset relationship.
true
if the current instance is a subset of target; otherwise,false
. If the current instance is unrestricted, and target is not, returnsfalse
. If target is unrestricted, returnstrue
.
[Note: The current instance is a subset target if all demands that succeed for the current instance also succeed for target. That is, the current instance is a subset of target if target contains at least the permissions contained in the current instance.If this method returns
true
, the current instance does not describe a level of access to a set of resources that is not already described by target.]
[Behaviors: As described above.]
[Usage: Use this method to determine if the all permissions contained in the current instance are also contained in target.]
System.Security.PermissionSet Class, System.Security Namespace
public virtual void PermitOnly();
Specifies that only the resources described by the current instance can be accessed by calling code, even if the code has been granted permission to access other resources.
Exception Type Condition SecurityException A previous call to PermitOnly
has already set the permissions for the current stack frame.
[Note: System.Security.PermissionSet.PermitOnly is similar to System.Security.PermissionSet.Deny in that both methods cause access to fail where it might otherwise succeed. The difference is that System.Security.PermissionSet.Deny specifies permissions for which to refuse access, while System.Security.PermissionSet.PermitOnlyspecifies the only permissions that will succeed.
This is the only way to permit multiple permissions at the same time within a stack frame because only a single permit at a time can be active on a frame; subsequent permits will result in an exception.
]
[Behaviors: Callers are required to be prevented from accessing resources not secured by the contents of the current instance, even if a caller has been granted permission to access such resources.
A System.Security.PermissionSet.PermitOnly is in effect until the calling code returns to its caller.
]
[Usage: Use this method to limit access to a specified set of resources.]
System.Security.PermissionSet Class, System.Security Namespace
public override string ToString();
Returns a String representation of the state of the current instance.
A String containing the XML representation of the state of the current instance.
[Note: This method overrides System.Object.ToString.]
The following example displays the XML that encodes the state of a PermissionSet .
using System; using System.Security; using System.Security.Permissions; public class PermissionSetToStringExample { public static void Main() { PermissionSet ps = new PermissionSet(PermissionState.Unrestricted); Console.WriteLine(ps.ToString()); } }The output is<PermissionSet class="System.Security.PermissionSet" version="1" Unrestricted="true"/>
System.Security.PermissionSet Class, System.Security Namespace
public virtual SecurityElement ToXml();
Returns the XML encoding of the current instance.
A SecurityElement containing an XML encoding of the state of the current instance.
[Behaviors: As described above.]
[Overrides: Override this method to return an object containing the XML encoding for types derived from PermissionSet.]
[Usage: This method is called by the system.]
System.Security.PermissionSet Class, System.Security Namespace
public virtual PermissionSet Union(PermissionSet other);
Returns a PermissionSet object that is the union of the current instance and the specified object.
- other
- A PermissionSet instance to be combined with the current instance.
A new PermissionSet instance that represents the union of the current instance and other. If the current instance or other is unrestricted, returns a PermissionSet instance that is unrestricted.
The result of a call to System.Security.PermissionSet.Union(System.Security.PermissionSet)is a new PermissionSet instance that represents all the operations represented by the current instance as well as all the operations represented by other . If either set is unrestricted, the union is unrestricted, as well.
[Behaviors: As described above.]
[Usage: Use this method to create a PermissionSet instance that contains all of the permissions of the current instance and other .]
System.Security.PermissionSet Class, System.Security Namespace
int ICollection.Count { get; }
Implemented to support the ICollection interface. [Note: For more information, see System.Collections.ICollection.Count.]
System.Security.PermissionSet Class, System.Security Namespace
bool ICollection.IsSynchronized { get; }
Implemented to support the ICollection interface. [Note: For more information, see System.Collections.ICollection.IsSynchronized.]
System.Security.PermissionSet Class, System.Security Namespace
object ICollection.SyncRoot { get; }
Implemented to support the ICollection interface. [Note: For more information, see System.Collections.ICollection.SyncRoot.]
System.Security.PermissionSet Class, System.Security Namespace