This topic has not yet been rated - Rate this topic

PermissionSet Class

.NET Framework 4.5

Represents a collection that can contain many different types of permissions.

System.Object
  System.Security.PermissionSet
    System.Security.NamedPermissionSet
    System.Security.ReadOnlyPermissionSet

Namespace: System.Security
Assembly: mscorlib (in mscorlib.dll)

Syntax

C++

[SerializableAttribute]
[ComVisibleAttribute(true)]
[StrongNameIdentityPermissionAttribute(SecurityAction.InheritanceDemand, Name = "mscorlib", 
	PublicKey = "0x00000000000000000400000000000000")]
public class PermissionSet : ISecurityEncodable, 
	ICollection, IEnumerable, IStackWalk, IDeserializationCallback

The PermissionSet type exposes the following members.

Constructors

	Name	Description
	PermissionSet(PermissionSet)	Initializes a new instance of the PermissionSet class with initial values taken from the permSet parameter.
	PermissionSet(PermissionState)	Initializes a new instance of the PermissionSet class with the specified PermissionState.

Top

Properties

	Name	Description
	Count	Gets the number of permission objects contained in the permission set.
	IsReadOnly	Gets a value indicating whether the collection is read-only.
	IsSynchronized	Gets a value indicating whether the collection is guaranteed to be thread safe.
	SyncRoot	Gets the root object of the current collection.

Top

Methods

	Name	Description
	AddPermission	Adds a specified permission to the PermissionSet.
	AddPermissionImpl	Adds a specified permission to the PermissionSet.
	Assert	Declares that the calling code can access the resource protected by a permission demand through the code that calls this method, even if callers higher in the stack have not been granted permission to access the resource. Using Assert can create security vulnerabilities.
	ContainsNonCodeAccessPermissions	Gets a value indicating whether the PermissionSet contains permissions that are not derived from CodeAccessPermission.
	ConvertPermissionSet	Infrastructure. Obsolete. Converts an encoded PermissionSet from one XML encoding format to another XML encoding format.
	Copy	Creates a copy of the PermissionSet.
	CopyTo	Copies the permission objects of the set to the indicated location in an Array.
	Demand	Forces a SecurityException at run time if all callers higher in the call stack have not been granted the permissions specified by the current instance.
	Deny	Obsolete. Causes any Demand that passes through the calling code for a permission that has an intersection with a permission of a type contained in the current PermissionSet to fail.
	Equals	Determines whether the specified PermissionSet or NamedPermissionSet object is equal to the current PermissionSet. (Overrides Object.Equals(Object).)
	Finalize	Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
	FromXml	Reconstructs a security object with a specified state from an XML encoding.
	GetEnumerator	Returns an enumerator for the permissions of the set.
	GetEnumeratorImpl	Returns an enumerator for the permissions of the set.
	GetHashCode	Gets a hash code for the PermissionSet object that is suitable for use in hashing algorithms and data structures such as a hash table. (Overrides Object.GetHashCode().)
	GetPermission	Gets a permission object of the specified type, if it exists in the set.
	GetPermissionImpl	Gets a permission object of the specified type, if it exists in the set.
	GetType	Gets the Type of the current instance. (Inherited from Object.)
	Intersect	Creates and returns a permission set that is the intersection of the current PermissionSet and the specified PermissionSet.
	IsEmpty	Gets a value indicating whether the PermissionSet is empty.
	IsSubsetOf	Determines whether the current PermissionSet is a subset of the specified PermissionSet.
	IsUnrestricted	Determines whether the PermissionSet is Unrestricted.
	MemberwiseClone	Creates a shallow copy of the current Object. (Inherited from Object.)
	PermitOnly	Causes any Demand that passes through the calling code for any PermissionSet that is not a subset of the current PermissionSet to fail.
	RemovePermission	Removes a permission of a certain type from the set.
	RemovePermissionImpl	Removes a permission of a certain type from the set.
	RevertAssert	Causes any previous Assert for the current frame to be removed and no longer be in effect.
	SetPermission	Sets a permission to the PermissionSet, replacing any existing permission of the same type.
	SetPermissionImpl	Sets a permission to the PermissionSet, replacing any existing permission of the same type.
	ToString	Returns a string representation of the PermissionSet. (Overrides Object.ToString().)
	ToXml	Creates an XML encoding of the security object and its current state.
	Union	Creates a PermissionSet that is the union of the current PermissionSet and the specified PermissionSet.

Top

Extension Methods

	Name	Description
	AsParallel	Enables parallelization of a query. (Defined by ParallelEnumerable.)
	AsQueryable	Converts an IEnumerable to an IQueryable. (Defined by Queryable.)
	Cast<TResult>	Casts the elements of an IEnumerable to the specified type. (Defined by Enumerable.)
	OfType<TResult>	Filters the elements of an IEnumerable based on a specified type. (Defined by Enumerable.)

Top

Explicit Interface Implementations

	Name	Description
	IDeserializationCallback.OnDeserialization	Infrastructure. Runs when the entire object graph has been deserialized.

Top

Remarks

You can use PermissionSet to perform operations on several different permissions as a group.

Examples

The following code example demonstrates the use of the PermissionSet class and members.

C++

// This sample demonstrates the use of the PermissionSet class. 

using System;
using System.Reflection;
using System.Security.Permissions;
using System.Security;
using System.IO;
using System.Collections;

class MyClass
{
    public static void PermissionSetDemo()
    {
        Console.WriteLine("Executing PermissionSetDemo");
        try
        {
            // Open a new PermissionSet.
            PermissionSet ps1 = new PermissionSet(PermissionState.None);
            Console.WriteLine("Adding permission to open a file from a file dialog box.");
            // Add a permission to the permission set.
            ps1.AddPermission(
                new FileDialogPermission(FileDialogPermissionAccess.Open));
            Console.WriteLine("Demanding permission to open a file.");
            ps1.Demand();
            Console.WriteLine("Demand succeeded.");
            Console.WriteLine("Adding permission to save a file from a file dialog box.");
            ps1.AddPermission(
                new FileDialogPermission(FileDialogPermissionAccess.Save));
            Console.WriteLine("Demanding permission to open and save a file.");
            ps1.Demand();
            Console.WriteLine("Demand succeeded.");
            Console.WriteLine("Adding permission to read environment variable USERNAME.");
            ps1.AddPermission(
                new EnvironmentPermission(EnvironmentPermissionAccess.Read, "USERNAME"));
            ps1.Demand();
            Console.WriteLine("Demand succeeded.");
            Console.WriteLine("Adding permission to read environment variable COMPUTERNAME.");
            ps1.AddPermission(
                new EnvironmentPermission(EnvironmentPermissionAccess.Read, "COMPUTERNAME"));
            // Demand all the permissions in the set.
            Console.WriteLine("Demand all permissions.");
            ps1.Demand();
            Console.WriteLine("Demand succeeded.");
            // Display the number of permissions in the set.
            Console.WriteLine("Number of permissions = " + ps1.Count);
            // Display the value of the IsSynchronized property.
            Console.WriteLine("IsSynchronized property = " + ps1.IsSynchronized);
            // Display the value of the IsReadOnly property.
            Console.WriteLine("IsReadOnly property = " + ps1.IsReadOnly);
            // Display the value of the SyncRoot property.
            Console.WriteLine("SyncRoot property = " + ps1.SyncRoot);
            // Display the result of a call to the ContainsNonCodeAccessPermissions method. 
            // Gets a value indicating whether the PermissionSet contains permissions 
            // that are not derived from CodeAccessPermission. 
            // Returns true if the PermissionSet contains permissions that are not 
            // derived from CodeAccessPermission; otherwise, false.
            Console.WriteLine("ContainsNonCodeAccessPermissions method returned " +
                ps1.ContainsNonCodeAccessPermissions());
            Console.WriteLine("Value of the permission set ToString = \n" + ps1.ToString());
            PermissionSet ps2 = new PermissionSet(PermissionState.None);
            // Create a second permission set and compare it to the first permission set.
            ps2.AddPermission(
                new EnvironmentPermission(EnvironmentPermissionAccess.Read, "USERNAME"));
            ps2.AddPermission(
                new EnvironmentPermission(EnvironmentPermissionAccess.Write, "COMPUTERNAME"));
            IEnumerator list =  ps1.GetEnumerator();
            Console.WriteLine("Permissions in first permission set:");
            while (list.MoveNext())
                Console.WriteLine(list.Current.ToString());
            Console.WriteLine("Second permission IsSubsetOf first permission = " + ps2.IsSubsetOf(ps1));
            // Display the intersection of two permission sets.
            PermissionSet ps3 = ps2.Intersect(ps1);
            Console.WriteLine("The intersection of the first permission set and "
                + "the second permission set = " + ps3.ToString());
            // Create a new permission set.
            PermissionSet ps4 = new PermissionSet(PermissionState.None);
            ps4.AddPermission(
                new FileIOPermission(FileIOPermissionAccess.Read,
                "C:\\Temp\\Testfile.txt"));
            ps4.AddPermission(
                new FileIOPermission(FileIOPermissionAccess.Read |
                FileIOPermissionAccess.Write | FileIOPermissionAccess.Append,
                "C:\\Temp\\Testfile.txt"));
            // Display the union of two permission sets.
            PermissionSet ps5 = ps3.Union(ps4);
            Console.WriteLine("The union of permission set 3 and permission set 4 = "
                + ps5.ToString());
            // Remove FileIOPermission from the permission set.
            ps5.RemovePermission(typeof(FileIOPermission));
            Console.WriteLine("The last permission set after removing FileIOPermission = "
                + ps5.ToString());
            // Change the permission set using SetPermission.
            ps5.SetPermission(new EnvironmentPermission(EnvironmentPermissionAccess.AllAccess, "USERNAME"));
            Console.WriteLine("Permission set after SetPermission = " + ps5.ToString());
            // Display result of ToXml and FromXml operations.
            PermissionSet ps6 = new PermissionSet(PermissionState.None);
            ps6.FromXml(ps5.ToXml());
            Console.WriteLine("Result of ToFromXml = " + ps6.ToString() + "\n");
            // Display results of PermissionSet.GetEnumerator.
            IEnumerator psEnumerator = ps1.GetEnumerator();
            while (psEnumerator.MoveNext())
            {
                Console.WriteLine(psEnumerator.Current);
            }
            // Check for an unrestricted permission set.
            PermissionSet ps7 = new PermissionSet(PermissionState.Unrestricted);
            Console.WriteLine("Permission set is unrestricted = " + ps7.IsUnrestricted());
            // Create and display a copy of a permission set.
            ps7 = ps5.Copy();
            Console.WriteLine("Result of copy = " + ps7.ToString());
        }
        catch (Exception e)
        {
            Console.WriteLine(e.Message.ToString());
        }

    }


    static void Main(string[] args)
    {
        PermissionSetDemo();
    }

}

Version Information

.NET Framework

Supported in: 4.5, 4, 3.5, 3.0, 2.0, 1.1, 1.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

.NET Framework Security

InheritanceDemand
for inheritors to be fully trusted, or in an assembly that is signed with the Microsoft StrongName.

Platforms

Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Thread Safety

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Reference

System.Security Namespace

Did you find this helpful? Yes No

Not accurate

Not enough depth

Need more code examples

(1500 characters remaining)