Export (0) Print
Expand All

TeamFoundationSecurityNamespace Class

Class for managing and enforcing security for a set of AccessControlLists.

System.Object
  Microsoft.TeamFoundation.Framework.Server.TeamFoundationSecurityNamespace

Namespace:  Microsoft.TeamFoundation.Framework.Server
Assembly:  Microsoft.TeamFoundation.Framework.Server (in Microsoft.TeamFoundation.Framework.Server.dll)

public class TeamFoundationSecurityNamespace : IDisposable

The TeamFoundationSecurityNamespace type exposes the following members.

  NameDescription
Public propertyDescriptionThe description this security namespace was built from.
Public propertyNamespaceExtensionThe extension for this namespace.
Top

  NameDescription
Public methodCheckPermission(TeamFoundationRequestContext, IEnumerable<String>, Int32, Boolean, PermissionEvaluationCallback)First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for the tokens and all its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this server, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for all of the children, a SecurityAccessException will be thrown.
Public methodCheckPermission(TeamFoundationRequestContext, String, Int32, Boolean, PermissionEvaluationCallback)First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for this token. If alwaysAllowAdministrators is true and the UserContext is an admin on this server, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions, a SecurityAccessException will be thrown.
Public methodCheckPermissionForAllChildren(TeamFoundationRequestContext, IEnumerable<String>, Int32, Boolean, Boolean, PermissionEvaluationCallback)First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for the tokens and all its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for all of the children, a AccessCheckException will be thrown.
Public methodCheckPermissionForAllChildren(TeamFoundationRequestContext, String, Int32, Boolean, Boolean, PermissionEvaluationCallback)First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for this token and all its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for all of the children, an AccessCheckException will be thrown.
Public methodCheckPermissionForAnyChildren(TeamFoundationRequestContext, IEnumerable<String>, Int32, Boolean, Boolean, PermissionEvaluationCallback)First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for this token or any one of its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for any of the children, a SecurityAccessException will be thrown.
Public methodCheckPermissionForAnyChildren(TeamFoundationRequestContext, String, Int32, Boolean, Boolean, PermissionEvaluationCallback)First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for this token or any one of its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for any of the children, a SecurityAccessException will be thrown.
Public methodDispose
Public methodEnsureIdentityIsKnownEnsures the identity is in the security group for the given security namespace. This function only needs to be called if ACEs are being persisted in a manner other than using the APIs on this interface
Public methodEqualsDetermines whether the specified object is equal to the current object. (Inherited from Object.)
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
Public methodGetHashCodeServes as the default hash function. (Inherited from Object.)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Public methodHasPermission(TeamFoundationRequestContext, IEnumerable<String>, Int32, Boolean, PermissionEvaluationCallback)First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns true immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions on the tokens. If alwaysAllowAdministrators is true and the UserContext is an admin on this server, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions, false will be returned.
Public methodHasPermission(TeamFoundationRequestContext, String, Int32, Boolean, PermissionEvaluationCallback)First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns true immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions on this token. If alwaysAllowAdministrators is true and the UserContext is an admin on this server, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions, false will be returned.
Public methodHasPermissionForAllChildren(TeamFoundationRequestContext, IEnumerable<String>, Int32, Boolean, Boolean, PermissionEvaluationCallback)First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for the tokens and all their children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for all of the children, false will be returned.
Public methodHasPermissionForAllChildren(TeamFoundationRequestContext, String, Int32, Boolean, Boolean, PermissionEvaluationCallback)First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for this token and all its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for all of the children, false will be returned.
Public methodHasPermissionForAnyChildren(TeamFoundationRequestContext, IEnumerable<String>, Int32, Boolean, Boolean, PermissionEvaluationCallback)First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for the tokens or any one of its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this server, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for any of the children, false will be returned.
Public methodHasPermissionForAnyChildren(TeamFoundationRequestContext, String, Int32, Boolean, Boolean, PermissionEvaluationCallback)First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for this token or any one of its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for any of the children, false will be returned.
Protected methodMemberwiseCloneCreates a shallow copy of the current Object. (Inherited from Object.)
Public methodOnDataChangedThis function will be called when the data behind the securityNamespace is changed without using this namespaces instance. This allows the security namespaces to refresh the internal cache from the database on the next use.
Public methodQueryAccessControlListIn all cases: This method will query the AccessControlList for the token specified. It will return AccessControlEntry information on the descriptors that are supplied or all descriptors if null is supplied for the descriptors parameter.
Public methodQueryAccessControlListsIn all cases: This method will query the AccessControlList for the token specified. It will return AccessControlEntry information for the descriptors that are supplied or all descriptors if null is supplied for the descriptors parameter.
Public methodQueryEffectivePermissionsReturns the effective allowed permissions for the given descriptor.
Public methodRemoveAccessControlEntries(TeamFoundationRequestContext, String, IEnumerable<AccessControlEntry>)Removes all permissions for the provided user on the provided token from the permission store.
Public methodRemoveAccessControlEntries(TeamFoundationRequestContext, String, IEnumerable<IdentityDescriptor>)
Public methodRemoveAccessControlListsRemoves the AccessControlList for the specified tokens.
Public methodRemovePermissionsRemoves the specified permission bits from the existing allows and denys for this descriptor. If no existing AccessControlEntry is found for this descriptor then nothing is done and an empty AccessControlList is returned. This function will not throw an exception if either the token or descriptor cannot be found.
Public methodRenameTokenThis function will move the ACL for the existingToken and all its children to the corresponding newToken. It will begin by querying permissions on the existing token. If none exist, null will be returned. If permissions do exist, all existing permissions under newToken will be cleared and the existing ACLs will be copied over to the newToken path. If the copy parameter is false, the ACLs under existingToken will be deleted.
Public methodRenameTokens
Public methodSetAccessControlEntries(TeamFoundationRequestContext, String, IEnumerable<AccessControlEntry>, Boolean)Sets the provided AccessControlEntries in this SecurityNamespace. If invalid identities are supplied in this call, it will throw.
Public methodSetAccessControlEntries(TeamFoundationRequestContext, String, IEnumerable<AccessControlEntry>, Boolean, Boolean)Sets the provided AccessControlEntries in this SecurityNamespace.
Public methodSetAccessControlEntrySets the provided AccessControlEntry in this SecurityNamespace.
Public methodSetAccessControlLists(TeamFoundationRequestContext, IEnumerable<AccessControlList>)Sets the AccessControlLists specified in the SecurityNamespace. Setting an AccessControlList will always overwrite an existing AccessControlList if one exists.
Public methodSetAccessControlLists(TeamFoundationRequestContext, IEnumerable<AccessControlList>, Boolean)Sets the AccessControlLists specified in the SecurityNamespace. Setting an AccessControlList will always overwrite an existing AccessControlList if one exists.
Public methodSetInheritFlagSets whether an AccessControlList should inherit permissions from its parents.
Public methodSetPermissionsSets a permission for the descriptor in this SecurityNamespace.
Public methodToStringReturns a string that represents the current object. (Inherited from Object.)
Top

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Show:
© 2014 Microsoft