System.Security.CodeAccessPermission Class

public abstract class CodeAccessPermission : IPermission

Base Types

Object
  CodeAccessPermission

This type implements IPermission.

Assembly

mscorlib

Library

BCL

Summary

Serves as the base class for all code access permissions.

Description

[Note: Classes derived from CodeAccessPermission are required to override the following methods of the CodeAccessPermission class:

In addition, classes derived from CodeAccessPermission are required to implement a constructor that takes a PermissionState as its only parameter.

]

The XML encoding of a CodeAccessPermission instance is defined below in EBNF format. The following conventions are used:

The following meta-language symbols are used:

ClassName is the name of the class implementing the permission, such as EnvironmentPermission.

AssemblyName is the name of the assembly that contains the class implementing the permission, such as mscorlib.

Version is the three part version number indicating the version of the assembly implementing the permission, such as 1.0.1.

StrongNamePublicKeyToken is the strong name public key token constituting the strong name of the assembly that implements the permission.

PermissionAttributes is any attribute and attribute value on the IPermission element used by the permission to represent a particular permission state, for example, unrestricted="true".

PermissionXML is any valid XML used by the permission to represent permission state.

The XML encoding of a CodeAccessPermission instance is as follows:

CodeAccessPermissionXML::=

<IPermission class="

ClassName,

AssemblyName,

Version= Version,

Culture=neutral,

PublicKeyToken= StrongNamePublicKeyToken"

version="1"

(PermissionAttributes)*

&gt;

(PermissionXML)?

</IPermission>

See Also

System.Security Namespace

Members

CodeAccessPermission Constructors

CodeAccessPermission Constructor

CodeAccessPermission Methods

CodeAccessPermission.Assert Method
CodeAccessPermission.Copy Method
CodeAccessPermission.Demand Method
CodeAccessPermission.Deny Method
CodeAccessPermission.FromXml Method
CodeAccessPermission.Intersect Method
CodeAccessPermission.IsSubsetOf Method
CodeAccessPermission.ToString Method
CodeAccessPermission.ToXml Method
CodeAccessPermission.Union Method


CodeAccessPermission Constructor

protected CodeAccessPermission();

Summary

Constructs a new instance of the CodeAccessPermission class.

See Also

System.Security.CodeAccessPermission Class, System.Security Namespace

CodeAccessPermission.Assert Method

public void Assert();

Summary

Asserts that calling code can access the resource identified by the current instance through the code that calls this method, even if callers have not been granted permission to access the resource.

Exceptions

Exception TypeCondition
SecurityExceptionThe calling code does not have System.Security.Permissions.SecurityPermissionFlag.Assertion.

Description

Calling System.Security.CodeAccessPermission.Assert stops the permission check on callers that are after the code performing the assert. An assertion is effective only if the code that calls System.Security.CodeAccessPermission.Assert passes the security check for the permission that it is asserting.

[Note: Even if the callers that are after the code performing the assert do not have the requisite permissions, they can still access resources through the code that calls this method. Because the assertion only applies to the callers of the code performing the assert, a security check for the asserted permission can still fail if the code calling System.Security.CodeAccessPermission.Assert has not itself been granted that permission.

A call to System.Security.CodeAccessPermission.Assert is effective until the code containing the call returns to its caller.

Caution: Because calling System.Security.CodeAccessPermission.Assert removes the requirement that all code be granted permission to access the specified resource, it can open up security vulnerabilities if used incorrectly or inappropriately.

]

See Also

System.Security.CodeAccessPermission Class, System.Security Namespace

CodeAccessPermission.Copy Method

public abstract IPermission Copy();

Summary

Returns a CodeAccessPermission containing the same values as the current instance.

Return Value

A new CodeAccessPermission instance that is value equal to the current instance.

Description

[Note: This method is implemented to support the IPermission interface.]

[Behaviors: The object returned by this method is required be the same type as the current instance and to represent the same access to resources as the current instance.]

[Overrides: Override this method to create a copy an instance in a type derived from CodeAccessPermission. ]

[Usage: Use this method to obtain a copy of the current instance that has values identical to those of the current instance.]

See Also

System.Security.CodeAccessPermission Class, System.Security Namespace

CodeAccessPermission.Demand Method

public void Demand();

Summary

Forces a SecurityException if all callers do not have the permission specified by the current instance.

Exceptions

Exception TypeCondition
SecurityException A caller does not have the permission specified by the current instance.

-or-

A caller has called System.Security.CodeAccessPermission.Deny for the resource protected by the current instance.

Description

The permissions of the code that calls this method are not examined; the check begins from the immediate caller of that code and continues until all callers have been checked, one of the callers invokes System.Security.CodeAccessPermission.Assert , or a caller has been found that is not granted the demanded permission, in which case a SecurityException is thrown.

[Note: System.Security.CodeAccessPermission.Demand is typically used by shared libraries to ensure that callers have permission to access a resource. For example, a method in a shared library calls System.Security.CodeAccessPermission.Demand for the necessary System.Security.Permissions.FileIOPermission before performing a file operation requested by the caller.

This method is implemented to support the IPermission interface.

]

See Also

System.Security.CodeAccessPermission Class, System.Security Namespace

CodeAccessPermission.Deny Method

public void Deny();

Summary

Denies access to the resources specified by the current instance through the code that calls this method.

Description

This method prevents callers from accessing the protected resource through the code that calls this method, even if those callers have been granted permission to access it.

The call to System.Security.CodeAccessPermission.Deny is effective until the calling code returns.

[Note: System.Security.CodeAccessPermission.Deny is ignored for a permission not granted because a demand for that permission will not succeed.

System.Security.CodeAccessPermission.Deny can limit the liability of the programmer or prevent accidental security vulnerabilities because it prevents the method that calls System.Security.CodeAccessPermission.Deny from being used to access the resource protected by the denied permission.

]

See Also

System.Security.CodeAccessPermission Class, System.Security Namespace

CodeAccessPermission.FromXml Method

public abstract void FromXml(SecurityElement elem);

Summary

Reconstructs the state of a CodeAccessPermission object using the specified XML encoding.

Parameters

elem
A SecurityElement instance containing the XML encoding to use to reconstruct the state of a CodeAccessPermission object.

Exceptions

Exception TypeCondition
ArgumentExceptionelem does not contain the XML encoding for a instance of the same type as the current instance.

-or-

The version number of elem is not valid.

Description

[Behaviors: The values of the current instance are set to the values of the permission object encoded in elem .]

[Overrides: Override this method to reconstruct subclasses of CodeAccessPermission .]

[Usage: This method is called by the system.]

[Note: For the XML encoding for this class, see the CodeAccessPermission class page.]

See Also

System.Security.CodeAccessPermission Class, System.Security Namespace

CodeAccessPermission.Intersect Method

public abstract IPermission Intersect(IPermission target);

Summary

Returns a CodeAccessPermission object that is the intersection of the current instance and the specified object.

Parameters

target
A CodeAccessPermission instance to intersect with the current instance.

Return Value

A new CodeAccessPermission instance that represents the intersection of the current instance and target . If the intersection is empty or target is null , returns null .

Exceptions

Exception TypeCondition
ArgumentExceptiontarget is not null and is not a CodeAccessPermission object.

Description

[Note: This method is implemented to support the IPermission interface.]

[Behaviors: As described above.]

[Overrides: Override this method to provide a mechanism for creating an intersection of two IPermission objects that are of the same type and are derived from CodeAccessPermission .]

[Usage: The intersection of two permissions is a permission that secures the resources and operations secured by both permissions. Specifically, it represents the minimum permission such that any demand that passes both permissions will also pass their intersection.]

See Also

System.Security.CodeAccessPermission Class, System.Security Namespace

CodeAccessPermission.IsSubsetOf Method

public abstract bool IsSubsetOf(IPermission target);

Summary

Determines whether the current instance is a subset of the specified object.

Parameters

target
A CodeAccessPermission instance that is to be tested for the subset relationship.

Return Value

true if the current instance is a subset of target; otherwise, false . If the current instance is unrestricted, and target is not, returns false . If target is unrestricted, returns true .

Exceptions

Exception TypeCondition
ArgumentExceptiontarget is not null and is not of type CodeAccessPermission .

Description

[Note: This method is implemented to support the IPermission interface.]

[Behaviors: As described above.]

[Overrides: Override this method to implement the test for the subset relationship in types derived from CodeAccessPermission .]

[Usage: The current instance is a subset of target if the current instance specifies a set of accesses to resources that is wholly contained by target. For example, a permission that represents read access to a file is a subset of a permission that represents read and write access to the file.

If this method returns true , the current instance does not describe a level of access to a set of resources that is not already described by target.

]

See Also

System.Security.CodeAccessPermission Class, System.Security Namespace

CodeAccessPermission.ToString Method

public override string ToString();

Summary

Returns the XML representation of the state of the current instance.

Return Value

A String containing the XML representation of the state of the current instance.

Description

[Note: The XML representation of the current instance is obtained by first calling System.Security.CodeAccessPermission.ToXml, then calling System.Object.ToString on the object returned by that method.

This method overrides System.Object.ToString.

]

See Also

System.Security.CodeAccessPermission Class, System.Security Namespace

CodeAccessPermission.ToXml Method

public abstract SecurityElement ToXml();

Summary

Returns the XML encoding of the current instance.

Return Value

A SecurityElement containing an XML encoding of the state of the current instance.

Description

[Behaviors: The object returned by this method is required to use the XML encoding for the CodeAccessPermission class as defined on the class page. The state of the current instance is required to be reproducible by invoking System.Security.CodeAccessPermission.FromXml(System.Security.SecurityElement) on an instance of CodeAccessPermission using the object returned by this method.]

[Overrides: Override this method to return an object containing the XML encoding for types derived from CodeAccessPermission .]

[Usage: This method is called by the system.]

See Also

System.Security.CodeAccessPermission Class, System.Security Namespace

CodeAccessPermission.Union Method

public virtual IPermission Union(IPermission other);

Summary

Returns a CodeAccessPermission object that is the union of the current instance and the specified object.

Parameters

other
A IPermission object of the same type as the current instance to be combined with the current instance.

Return Value

If other is null , returns a copy of the current instance using the System.Security.IPermission.Copy method.

Exceptions

Exception TypeCondition
ArgumentExceptionother is not of type CodeAccessPermission .
NotSupportedExceptionother is not null .

Description

[Note: This method is implemented to support the IPermission interface.]

[Behaviors: This method returns a new CodeAccessPermission instance that represents the union of the current instance and other. If the current instance or other is unrestricted, returns a CodeAccessPermission instance that is unrestricted. If other is null , returns a copy of the current instance using the System.Security.IPermission.Copy method.]

[Default: If other is not null , this method throws a NotSupportedException exception; otherwise, returns a copy of the current instance.]

[Overrides: Override this method to provide a mechanism for creating the union of two IPermission objects that are of the same type and are derived from CodeAccessPermission .]

[Usage: The result of a call to System.Security.CodeAccessPermission.Union(System.Security.IPermission) is a permission that represents all of the access to resources represented by both the current instance and other . Any demand that passes either permission passes their union.]

See Also

System.Security.CodeAccessPermission Class, System.Security Namespace