This documentation is archived and is not being maintained.
TeamFoundationSecurityNamespace Class
Visual Studio 2013
Class for managing and enforcing security for a set of AccessControlLists.
Namespace: Microsoft.TeamFoundation.Framework.Server
Assembly: Microsoft.TeamFoundation.Framework.Server (in Microsoft.TeamFoundation.Framework.Server.dll)
The TeamFoundationSecurityNamespace type exposes the following members.
| Name | Description | |
|---|---|---|
![]() | Description | The description this security namespace was built from. |
![]() | NamespaceExtension | The extension for this namespace. |
| Name | Description | |
|---|---|---|
![]() | CheckPermission(TeamFoundationRequestContext, IEnumerable<String>, Int32, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for the tokens and all its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this server, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for all of the children, a SecurityAccessException will be thrown. |
![]() | CheckPermission(TeamFoundationRequestContext, String, Int32, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for this token. If alwaysAllowAdministrators is true and the UserContext is an admin on this server, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions, a SecurityAccessException will be thrown. |
![]() | CheckPermissionForAllChildren(TeamFoundationRequestContext, IEnumerable<String>, Int32, Boolean, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for the tokens and all its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for all of the children, a AccessCheckException will be thrown. |
![]() | CheckPermissionForAllChildren(TeamFoundationRequestContext, String, Int32, Boolean, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for this token and all its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for all of the children, an AccessCheckException will be thrown. |
![]() | CheckPermissionForAnyChildren(TeamFoundationRequestContext, IEnumerable<String>, Int32, Boolean, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for this token or any one of its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for any of the children, a SecurityAccessException will be thrown. |
![]() | CheckPermissionForAnyChildren(TeamFoundationRequestContext, String, Int32, Boolean, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for this token or any one of its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for any of the children, a SecurityAccessException will be thrown. |
![]() | Dispose | |
![]() | EnsureIdentityIsKnown | Ensures the identity is in the security group for the given security namespace. This function only needs to be called if ACEs are being persisted in a manner other than using the APIs on this interface |
![]() | Equals | Determines whether the specified object is equal to the current object. (Inherited from Object.) |
![]() | Finalize | Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.) |
![]() | GetHashCode | Serves as the default hash function. (Inherited from Object.) |
![]() | GetType | Gets the Type of the current instance. (Inherited from Object.) |
![]() | HasPermission(TeamFoundationRequestContext, IEnumerable<String>, Int32, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns true immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions on the tokens. If alwaysAllowAdministrators is true and the UserContext is an admin on this server, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions, false will be returned. |
![]() | HasPermission(TeamFoundationRequestContext, String, Int32, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns true immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions on this token. If alwaysAllowAdministrators is true and the UserContext is an admin on this server, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions, false will be returned. |
![]() | HasPermissionForAllChildren(TeamFoundationRequestContext, IEnumerable<String>, Int32, Boolean, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for the tokens and all their children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for all of the children, false will be returned. |
![]() | HasPermissionForAllChildren(TeamFoundationRequestContext, String, Int32, Boolean, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for this token and all its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for all of the children, false will be returned. |
![]() | HasPermissionForAnyChildren(TeamFoundationRequestContext, IEnumerable<String>, Int32, Boolean, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for the tokens or any one of its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this server, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for any of the children, false will be returned. |
![]() | HasPermissionForAnyChildren(TeamFoundationRequestContext, String, Int32, Boolean, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for this token or any one of its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for any of the children, false will be returned. |
![]() | MemberwiseClone | Creates a shallow copy of the current Object. (Inherited from Object.) |
![]() | OnDataChanged | This function will be called when the data behind the securityNamespace is changed without using this namespaces instance. This allows the security namespaces to refresh the internal cache from the database on the next use. |
![]() | QueryAccessControlList | In all cases: This method will query the AccessControlList for the token specified. It will return AccessControlEntry information on the descriptors that are supplied or all descriptors if null is supplied for the descriptors parameter. |
![]() | QueryAccessControlLists | In all cases: This method will query the AccessControlList for the token specified. It will return AccessControlEntry information for the descriptors that are supplied or all descriptors if null is supplied for the descriptors parameter. |
![]() | QueryEffectivePermissions | Returns the effective allowed permissions for the given descriptor. |
![]() | RemoveAccessControlEntries(TeamFoundationRequestContext, String, IEnumerable<AccessControlEntry>) | Removes all permissions for the provided user on the provided token from the permission store. |
![]() | RemoveAccessControlEntries(TeamFoundationRequestContext, String, IEnumerable<IdentityDescriptor>) | |
![]() | RemoveAccessControlLists | Removes the AccessControlList for the specified tokens. |
![]() | RemovePermissions | Removes the specified permission bits from the existing allows and denys for this descriptor. If no existing AccessControlEntry is found for this descriptor then nothing is done and an empty AccessControlList is returned. This function will not throw an exception if either the token or descriptor cannot be found. |
![]() | RenameToken | This function will move the ACL for the existingToken and all its children to the corresponding newToken. It will begin by querying permissions on the existing token. If none exist, null will be returned. If permissions do exist, all existing permissions under newToken will be cleared and the existing ACLs will be copied over to the newToken path. If the copy parameter is false, the ACLs under existingToken will be deleted. |
![]() | RenameTokens | |
![]() | SetAccessControlEntries(TeamFoundationRequestContext, String, IEnumerable<AccessControlEntry>, Boolean) | Sets the provided AccessControlEntries in this SecurityNamespace. If invalid identities are supplied in this call, it will throw. |
![]() | SetAccessControlEntries(TeamFoundationRequestContext, String, IEnumerable<AccessControlEntry>, Boolean, Boolean) | Sets the provided AccessControlEntries in this SecurityNamespace. |
![]() | SetAccessControlEntry | Sets the provided AccessControlEntry in this SecurityNamespace. |
![]() | SetAccessControlLists(TeamFoundationRequestContext, IEnumerable<AccessControlList>) | Sets the AccessControlLists specified in the SecurityNamespace. Setting an AccessControlList will always overwrite an existing AccessControlList if one exists. |
![]() | SetAccessControlLists(TeamFoundationRequestContext, IEnumerable<AccessControlList>, Boolean) | Sets the AccessControlLists specified in the SecurityNamespace. Setting an AccessControlList will always overwrite an existing AccessControlList if one exists. |
![]() | SetInheritFlag | Sets whether an AccessControlList should inherit permissions from its parents. |
![]() | SetPermissions | Sets a permission for the descriptor in this SecurityNamespace. |
![]() | ToString | Returns a string that represents the current object. (Inherited from Object.) |
Show:
