diff options
author | Sebastien Pouliot <sebastien@ximian.com> | 2004-09-03 15:51:52 +0400 |
---|---|---|
committer | Sebastien Pouliot <sebastien@ximian.com> | 2004-09-03 15:51:52 +0400 |
commit | 0bc21191a28aeafec72a0688690dd9fd34f5d45f (patch) | |
tree | b6ce613ea68a7008dc802452de8c5d0d9cbc63be /mcs/class/corlib/System.Security.Permissions | |
parent | 48459437d6c9fa2e030d3abad01d564d6e8878de (diff) |
2004-09-03 Sebastien Pouliot <sebastien@ximian.com>
* EnvironmentPermission.cs: Fixed GetPathList which has little
differences between Fx 1.1 and 2.0. Required to run the MSDN samples.
* FileDialogPermission.cs: Fixed IsSubsetOf and Intersect.
* RegistryPermission.cs: Fixed ToXml to avoid NullReferenceException.
Required to run the MSDN library samples.
* SecurityPermission.cs: Return null for an empty intersection.
Required to run the MSDN library samples.
* SiteIdentityPermission.cs: Implemented wildcard support in
Intersect, IsSubsetOf and Union.
* StrongNameIdentityPermission.cs: Implemented wildcard support in
Intersect, IsSubsetOf and Union. Fixed ToXml to pass the MSDN samples.
* UrlIdentityPermission.cs: Implemented wildcard support in Intersect,
IsSubsetOf and Union. Fixed difference between Fx1.1 and 2.0 in Copy.
svn path=/trunk/mcs/; revision=33268
Diffstat (limited to 'mcs/class/corlib/System.Security.Permissions')
8 files changed, 243 insertions, 69 deletions
diff --git a/mcs/class/corlib/System.Security.Permissions/ChangeLog b/mcs/class/corlib/System.Security.Permissions/ChangeLog index 62ea0e00f91..1ee79662dcf 100644 --- a/mcs/class/corlib/System.Security.Permissions/ChangeLog +++ b/mcs/class/corlib/System.Security.Permissions/ChangeLog @@ -1,3 +1,19 @@ +2004-09-03 Sebastien Pouliot <sebastien@ximian.com> + + * EnvironmentPermission.cs: Fixed GetPathList which has little + differences between Fx 1.1 and 2.0. Required to run the MSDN samples. + * FileDialogPermission.cs: Fixed IsSubsetOf and Intersect. + * RegistryPermission.cs: Fixed ToXml to avoid NullReferenceException. + Required to run the MSDN library samples. + * SecurityPermission.cs: Return null for an empty intersection. + Required to run the MSDN library samples. + * SiteIdentityPermission.cs: Implemented wildcard support in + Intersect, IsSubsetOf and Union. + * StrongNameIdentityPermission.cs: Implemented wildcard support in + Intersect, IsSubsetOf and Union. Fixed ToXml to pass the MSDN samples. + * UrlIdentityPermission.cs: Implemented wildcard support in Intersect, + IsSubsetOf and Union. Fixed difference between Fx1.1 and 2.0 in Copy. + 2004-09-02 Sebastien Pouliot <sebastien@ximian.com> * SiteIdentityPermission.cs: Updated to match latest unit tests, i.e. diff --git a/mcs/class/corlib/System.Security.Permissions/EnvironmentPermission.cs b/mcs/class/corlib/System.Security.Permissions/EnvironmentPermission.cs index 9a0e8758e42..7903f1f5f44 100644 --- a/mcs/class/corlib/System.Security.Permissions/EnvironmentPermission.cs +++ b/mcs/class/corlib/System.Security.Permissions/EnvironmentPermission.cs @@ -126,10 +126,10 @@ namespace System.Security.Permissions { // Note: we do not (yet) care about the return value // as we only accept version 1 (min/max values) - string read = (esd.Attributes ["Read"] as string); + string read = esd.Attribute ("Read"); if ((read != null) && (read.Length > 0)) SetPathList (EnvironmentPermissionAccess.Read, read); - string write = (esd.Attributes ["Write"] as string); + string write = esd.Attribute ("Write"); if ((write != null) && (write.Length > 0)) SetPathList (EnvironmentPermissionAccess.Write, write); @@ -138,38 +138,20 @@ namespace System.Security.Permissions { public string GetPathList (EnvironmentPermissionAccess flag) { - StringBuilder sb = new StringBuilder (); switch (flag) { case EnvironmentPermissionAccess.AllAccess: case EnvironmentPermissionAccess.NoAccess: ThrowInvalidFlag (flag, true); break; case EnvironmentPermissionAccess.Read: - foreach (string path in readList) { - sb.Append (path); - sb.Append (";"); - } - break; + return GetPathList (readList); case EnvironmentPermissionAccess.Write: - foreach (string path in writeList) { - sb.Append (path); - sb.Append (";"); - } - break; + return GetPathList (writeList); default: ThrowInvalidFlag (flag, false); break; } - string result = sb.ToString (); - // remove last ';' - int n = result.Length; - if (n > 0) - return result.Substring (0, n - 1); -#if NET_2_0 - return String.Empty; -#else - return ((_state == PermissionState.Unrestricted) ? String.Empty : null); -#endif + return null; // never reached } public override IPermission Intersect (IPermission target) @@ -303,6 +285,9 @@ namespace System.Security.Permissions { if (IsUnrestricted () || ep.IsUnrestricted ()) return new EnvironmentPermission (PermissionState.Unrestricted); + if (IsEmpty () && ep.IsEmpty ()) + return null; + EnvironmentPermission result = (EnvironmentPermission) Copy (); string path = ep.GetPathList (EnvironmentPermissionAccess.Read); if (path != null) @@ -321,6 +306,11 @@ namespace System.Security.Permissions { // helpers + private bool IsEmpty () + { + return ((_state == PermissionState.None) && (readList.Count == 0) && (writeList.Count == 0)); + } + private EnvironmentPermission Cast (IPermission target) { if (target == null) @@ -344,6 +334,35 @@ namespace System.Security.Permissions { throw new ArgumentException (String.Format (msg, flag), "flag"); } + private string GetPathList (ArrayList list) + { + if (IsUnrestricted ()) + return String.Empty; +#if NET_2_0 + if (list.Count == 0) + return String.Empty; +#else + if (list.Count == 0) + return null; +#endif + StringBuilder sb = new StringBuilder (); + foreach (string path in list) { + sb.Append (path); + sb.Append (";"); + } + + string result = sb.ToString (); + // remove last ';' + int n = result.Length; + if (n > 0) + return result.Substring (0, n - 1); +#if NET_2_0 + return String.Empty; +#else + return ((_state == PermissionState.Unrestricted) ? String.Empty : null); +#endif + } + #endregion // Methods } } diff --git a/mcs/class/corlib/System.Security.Permissions/FileDialogPermission.cs b/mcs/class/corlib/System.Security.Permissions/FileDialogPermission.cs index b615daf2b66..e59a1711be1 100644 --- a/mcs/class/corlib/System.Security.Permissions/FileDialogPermission.cs +++ b/mcs/class/corlib/System.Security.Permissions/FileDialogPermission.cs @@ -99,15 +99,7 @@ namespace System.Security.Permissions { if (fdp == null) return null; - if (IsUnrestricted ()) - return fdp.Copy (); - if (fdp.IsUnrestricted ()) - return Copy (); - - FileDialogPermissionAccess a = FileDialogPermissionAccess.None; - // note: there are no more OpenSave cases (as they're Unrestricted) - a = (_access & fdp._access); - + FileDialogPermissionAccess a = (_access & fdp._access); return ((a == FileDialogPermissionAccess.None) ? null : new FileDialogPermission (a)); } @@ -117,12 +109,7 @@ namespace System.Security.Permissions { if (fdp == null) return false; - if (IsUnrestricted ()) - return fdp.IsUnrestricted (); - else if (fdp.IsUnrestricted ()) - return true; - - return ((_access | fdp._access) == _access); + return ((_access & fdp._access) == _access); } public bool IsUnrestricted () diff --git a/mcs/class/corlib/System.Security.Permissions/RegistryPermission.cs b/mcs/class/corlib/System.Security.Permissions/RegistryPermission.cs index a42270c8273..96843ab9333 100644 --- a/mcs/class/corlib/System.Security.Permissions/RegistryPermission.cs +++ b/mcs/class/corlib/System.Security.Permissions/RegistryPermission.cs @@ -158,7 +158,8 @@ namespace System.Security.Permissions { public override SecurityElement ToXml () { SecurityElement e = Element (version); - e.AddAttribute (_access.ToString (), _pathList); + if (_pathList != null) + e.AddAttribute (_access.ToString (), _pathList); return e; } diff --git a/mcs/class/corlib/System.Security.Permissions/SecurityPermission.cs b/mcs/class/corlib/System.Security.Permissions/SecurityPermission.cs index dc863355cfe..9f970097c69 100644 --- a/mcs/class/corlib/System.Security.Permissions/SecurityPermission.cs +++ b/mcs/class/corlib/System.Security.Permissions/SecurityPermission.cs @@ -93,7 +93,12 @@ namespace System.Security.Permissions { return sp.Copy (); if (sp.IsUnrestricted ()) return this.Copy (); - return new SecurityPermission (flags & sp.flags); + + SecurityPermissionFlag f = flags & sp.flags; + if (f == SecurityPermissionFlag.NoFlags) + return null; + else + return new SecurityPermission (f); } public override IPermission Union (IPermission target) diff --git a/mcs/class/corlib/System.Security.Permissions/SiteIdentityPermission.cs b/mcs/class/corlib/System.Security.Permissions/SiteIdentityPermission.cs index db69c287835..0dd59f71d8f 100644 --- a/mcs/class/corlib/System.Security.Permissions/SiteIdentityPermission.cs +++ b/mcs/class/corlib/System.Security.Permissions/SiteIdentityPermission.cs @@ -56,12 +56,12 @@ namespace System.Security.Permissions { public string Site { get { if (IsEmpty ()) - throw new NullReferenceException ("Site"); + throw new NullReferenceException ("No site."); return _site; } set { if (!IsValid (value)) - throw new ArgumentException ("Site"); + throw new ArgumentException ("Invalid site."); _site = value; } } @@ -88,24 +88,35 @@ namespace System.Security.Permissions { Site = s; } - [MonoTODO ("do not support wildcard")] public override IPermission Intersect (IPermission target) { SiteIdentityPermission sip = Cast (target); if ((sip == null) || (IsEmpty ())) return null; - if (_site == sip._site) - return Copy (); + + if (Match (sip._site)) { + string s = ((_site.Length > sip._site.Length) ? _site : sip._site); + return new SiteIdentityPermission (s); + } return null; } - [MonoTODO ("do not support wildcard")] public override bool IsSubsetOf (IPermission target) { SiteIdentityPermission sip = Cast (target); if (sip == null) return IsEmpty (); - return (_site == sip._site); + if ((_site == null) && (sip._site == null)) + return true; + if ((_site == null) || (sip._site == null)) + return false; + + int wildcard = sip._site.IndexOf ('*'); + if (wildcard == -1) { + // exact match + return (_site == sip._site); + } + return _site.EndsWith (sip._site.Substring (wildcard + 1)); } public override SecurityElement ToXml () @@ -116,14 +127,18 @@ namespace System.Security.Permissions { return e; } - [MonoTODO ("do not support wildcard")] public override IPermission Union (IPermission target) { SiteIdentityPermission sip = Cast (target); - if ((sip == null) || (_site == sip._site) || sip.IsEmpty ()) + if ((sip == null) || sip.IsEmpty ()) return Copy (); if (IsEmpty ()) return sip.Copy (); + + if (Match (sip._site)) { + string s = ((_site.Length < sip._site.Length) ? _site : sip._site); + return new SiteIdentityPermission (s); + } #if NET_2_0 throw new ArgumentException (Locale.GetText ( "Cannot union two different sites."), "target"); @@ -173,7 +188,7 @@ namespace System.Security.Permissions { private bool IsValid (string s) { - if (s == null) + if ((s == null) || (s.Length == 0)) return false; for (int i = 0; i < s.Length; i++) { @@ -198,11 +213,36 @@ namespace System.Security.Permissions { return true; } - private bool HasWildcard () + private bool Match (string target) { - if (_site == null) + if ((_site == null) || (target == null)) return false; - return (_site.IndexOf ('*') >= 0); + + int wcs = _site.IndexOf ('*'); + int wct = target.IndexOf ('*'); + int pos = Int32.MaxValue; + + if ((wcs == -1) && (wct == -1)) { + // no wildcard, this is an exact match + return (_site == target); + } + else if (wcs == -1) { + // only "target" has a wildcard, use it + return _site.EndsWith (target.Substring (wct + 1)); + } + else if (wct == -1) { + // only "this" has a wildcard, use it + return target.EndsWith (_site.Substring (wcs + 1)); + } + else { + // both have wildcards, partial match with the smallest + string s = _site.Substring (wcs + 1); + target = target.Substring (wct + 1); + if (s.Length > target.Length) + return s.EndsWith (target); + else + return target.EndsWith (s); + } } } } diff --git a/mcs/class/corlib/System.Security.Permissions/StrongNameIdentityPermission.cs b/mcs/class/corlib/System.Security.Permissions/StrongNameIdentityPermission.cs index 5ef44ed25ec..b77755c349d 100644 --- a/mcs/class/corlib/System.Security.Permissions/StrongNameIdentityPermission.cs +++ b/mcs/class/corlib/System.Security.Permissions/StrongNameIdentityPermission.cs @@ -111,20 +111,20 @@ namespace System.Security.Permissions { public override IPermission Intersect (IPermission target) { StrongNameIdentityPermission snip = (target as StrongNameIdentityPermission); - if (snip == null) + if ((snip == null) || IsEmpty ()) return null; - - if (IsEmpty () || snip.IsEmpty ()) + if (snip.IsEmpty ()) return new StrongNameIdentityPermission (PermissionState.None); - - if (name != snip.name) + if (!Match (snip.name)) return null; + + string n = ((name.Length < snip.name.Length) ? name : snip.name); if (!assemblyVersion.Equals (snip.assemblyVersion)) return null; if (!publickey.Equals (snip.publickey)) return null; - return Copy (); + return new StrongNameIdentityPermission (publickey, n, assemblyVersion); } public override bool IsSubsetOf (IPermission target) @@ -133,11 +133,18 @@ namespace System.Security.Permissions { if (snip == null) return IsEmpty (); - if (((name != null) && (name.Length > 0)) && (name != snip.Name)) + if (IsEmpty ()) + return true; + + if ((name != null) && (name.Length > 0) && !IsNameSubsetOf (snip.Name)) return false; if ((assemblyVersion != null) && !assemblyVersion.Equals (snip.assemblyVersion)) return false; - return publickey.Equals (snip.publickey); + // in case PermissionState.None was used in the constructor + if (publickey == null) + return (snip.publickey == null); + else + return publickey.Equals (snip.publickey); } public override SecurityElement ToXml () @@ -158,6 +165,9 @@ namespace System.Security.Permissions { if ((snip == null) || snip.IsEmpty ()) return Copy (); + if (IsEmpty ()) + return snip.Copy (); + if (!publickey.Equals (snip.publickey)) { #if NET_2_0 string msg = Locale.GetText ("Permissions have different public keys."); @@ -171,6 +181,9 @@ namespace System.Security.Permissions { if ((n == null) || (n.Length == 0)) { n = snip.name; } + else if (Match (snip.name)) { + n = ((name.Length > snip.name.Length) ? name : snip.name); + } else if ((snip.name != null) && (snip.name.Length > 0) && (n != snip.name)) { #if NET_2_0 string msg = String.Format (Locale.GetText ("Name mismatch: '{0}' versus '{1}'"), n, snip.Name); @@ -225,5 +238,45 @@ namespace System.Security.Permissions { return snip; } + + private bool IsNameSubsetOf (string target) + { + int wildcard = name.LastIndexOf ('*'); + if (wildcard == 0) + return true; // * + if (wildcard == -1) + wildcard = name.Length; // exact match + + return (String.Compare (name, 0, target, 0, wildcard, true, CultureInfo.InvariantCulture) == 0); + } + + private bool Match (string target) + { + if ((name == null) || (target == null)) + return false; + + int wcu = name.LastIndexOf ('*'); + int wct = target.LastIndexOf ('*'); + int length = Int32.MaxValue; + + if ((wcu == -1) && (wct == -1)) { + // no wildcard, this is an exact match + length = Math.Max (name.Length, target.Length); + } + else if (wcu == -1) { + // only "target" has a wildcard, use it + length = wct; + } + else if (wct == -1) { + // only "this" has a wildcard, use it + length = wcu; + } + else { + // both have wildcards, partial match with the smallest + length = Math.Min (wcu, wct); + } + + return (String.Compare (name, 0, target, 0, length, true, CultureInfo.InvariantCulture) == 0); + } } } diff --git a/mcs/class/corlib/System.Security.Permissions/UrlIdentityPermission.cs b/mcs/class/corlib/System.Security.Permissions/UrlIdentityPermission.cs index c19139e6c7e..837572b703d 100644 --- a/mcs/class/corlib/System.Security.Permissions/UrlIdentityPermission.cs +++ b/mcs/class/corlib/System.Security.Permissions/UrlIdentityPermission.cs @@ -71,8 +71,13 @@ namespace System.Security.Permissions { public override IPermission Copy () { - if (url == null) + if (url == null) { +#if NET_2_0 return new UrlIdentityPermission (PermissionState.None); +#else + throw new NullReferenceException ("Url"); +#endif + } else return new UrlIdentityPermission (url); } @@ -91,7 +96,6 @@ namespace System.Security.Permissions { Url = u; } - [MonoTODO ("do not support wildcard")] public override IPermission Intersect (IPermission target) { // if one permission is null (object or url) then there's no intersection @@ -99,18 +103,32 @@ namespace System.Security.Permissions { UrlIdentityPermission uip = Cast (target); if ((uip == null) || (IsEmpty ())) return null; - if (url == uip.url) - return Copy (); + if (Match (uip.url)) { + // longest form is the intersection + if (url.Length > uip.url.Length) + return Copy (); + else + return uip.Copy (); + } return null; } - [MonoTODO ("do not support wildcard")] public override bool IsSubsetOf (IPermission target) { UrlIdentityPermission uip = Cast (target); if (uip == null) return IsEmpty (); - return (url == uip.url); + if (IsEmpty ()) + return true; + if (uip.url == null) + return false; + + // here Match wouldn't work as it is bidirectional + int wildcard = uip.url.LastIndexOf ('*'); + if (wildcard == -1) + wildcard = uip.url.Length; // exact match + + return (String.Compare (url, 0, uip.url, 0, wildcard, true, CultureInfo.InvariantCulture) == 0); } public override SecurityElement ToXml () @@ -121,7 +139,6 @@ namespace System.Security.Permissions { return se; } - [MonoTODO ("do not support wildcard")] public override IPermission Union (IPermission target) { UrlIdentityPermission uip = Cast (target); @@ -129,10 +146,17 @@ namespace System.Security.Permissions { return Copy (); if (IsEmpty () && uip.IsEmpty ()) return null; - if (uip.IsEmpty () || (url == uip.url)) + if (uip.IsEmpty ()) return Copy (); if (IsEmpty ()) return uip.Copy (); + if (Match (uip.url)) { + // shortest form is the union + if (url.Length < uip.url.Length) + return Copy (); + else + return uip.Copy (); + } #if NET_2_0 throw new ArgumentException (Locale.GetText ( "Cannot union two different urls."), "target"); @@ -166,5 +190,34 @@ namespace System.Security.Permissions { return uip; } + + private bool Match (string target) + { + if ((url == null) || (target == null)) + return false; + + int wcu = url.LastIndexOf ('*'); + int wct = target.LastIndexOf ('*'); + int length = Int32.MaxValue; + + if ((wcu == -1) && (wct == -1)) { + // no wildcard, this is an exact match + length = Math.Max (url.Length, target.Length); + } + else if (wcu == -1) { + // only "this" has a wildcard, use it + length = wct; + } + else if (wct == -1) { + // only "target" has a wildcard, use it + length = wcu; + } + else { + // both have wildcards, partial match with the smallest + length = Math.Min (wcu, wct); + } + + return (String.Compare (url, 0, target, 0, length, true, CultureInfo.InvariantCulture) == 0); + } } } |