NamedPermissionSet Class
Defines a permission set that has a name and description associated with it. This class cannot be inherited.
Assembly: mscorlib (in mscorlib.dll)
The NamedPermissionSet type exposes the following members.
| Name | Description | |
|---|---|---|
![]() | NamedPermissionSet(NamedPermissionSet) | Initializes a new instance of the NamedPermissionSet class from another named permission set. |
![]() | NamedPermissionSet(String) | Initializes a new, empty instance of the NamedPermissionSet class with the specified name. |
![]() | NamedPermissionSet(String, PermissionState) | Initializes a new instance of the NamedPermissionSet class with the specified name in either an unrestricted or a fully restricted state. |
![]() | NamedPermissionSet(String, PermissionSet) | Initializes a new instance of the NamedPermissionSet class with the specified name from a permission set. |
| Name | Description | |
|---|---|---|
![]() | Count | Gets the number of permission objects contained in the permission set. (Inherited from PermissionSet.) |
![]() | Description | Gets or sets the text description of the current named permission set. |
![]() | IsReadOnly | Gets a value indicating whether the collection is read-only. (Inherited from PermissionSet.) |
![]() | IsSynchronized | Gets a value indicating whether the collection is guaranteed to be thread safe. (Inherited from PermissionSet.) |
![]() | Name | Gets or sets the name of the current named permission set. |
![]() | SyncRoot | Gets the root object of the current collection. (Inherited from PermissionSet.) |
| Name | Description | |
|---|---|---|
![]() | AddPermission | Adds a specified permission to the PermissionSet. (Inherited from PermissionSet.) |
![]() | AddPermissionImpl | Adds a specified permission to the PermissionSet. (Inherited from PermissionSet.) |
![]() | Assert | Declares that the calling code can access the resource protected by a permission demand through the code that calls this method, even if callers higher in the stack have not been granted permission to access the resource. Using Assert can create security vulnerabilities. (Inherited from PermissionSet.) |
![]() | ContainsNonCodeAccessPermissions | Gets a value indicating whether the PermissionSet contains permissions that are not derived from CodeAccessPermission. (Inherited from PermissionSet.) |
![]() | Copy() | Creates a permission set copy from a named permission set. (Overrides PermissionSet::Copy().) |
![]() | Copy(String) | Creates a copy of the named permission set with a different name but the same permissions. |
![]() | CopyTo | Copies the permission objects of the set to the indicated location in an Array. (Inherited from PermissionSet.) |
![]() | Demand | Forces a SecurityException at run time if all callers higher in the call stack have not been granted the permissions specified by the current instance. (Inherited from PermissionSet.) |
![]() | Deny | Obsolete. Causes any Demand that passes through the calling code for a permission that has an intersection with a permission of a type contained in the current PermissionSet to fail. (Inherited from PermissionSet.) |
![]() | Equals | Determines whether the specified NamedPermissionSet object is equal to the current NamedPermissionSet. (Overrides PermissionSet::Equals(Object).) |
![]() | Finalize | Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.) |
![]() | FromXml | Reconstructs a named permission set with a specified state from an XML encoding. (Overrides PermissionSet::FromXml(SecurityElement).) |
![]() | GetEnumerator | Returns an enumerator for the permissions of the set. (Inherited from PermissionSet.) |
![]() | GetEnumeratorImpl | Returns an enumerator for the permissions of the set. (Inherited from PermissionSet.) |
![]() | GetHashCode | Gets a hash code for the NamedPermissionSet object that is suitable for use in hashing algorithms and data structures such as a hash table. (Overrides PermissionSet::GetHashCode().) |
![]() | GetPermission | Gets a permission object of the specified type, if it exists in the set. (Inherited from PermissionSet.) |
![]() | GetPermissionImpl | Gets a permission object of the specified type, if it exists in the set. (Inherited from PermissionSet.) |
![]() | GetType | Gets the Type of the current instance. (Inherited from Object.) |
![]() | Intersect | Creates and returns a permission set that is the intersection of the current PermissionSet and the specified PermissionSet. (Inherited from PermissionSet.) |
![]() | IsEmpty | Gets a value indicating whether the PermissionSet is empty. (Inherited from PermissionSet.) |
![]() | IsSubsetOf | Determines whether the current PermissionSet is a subset of the specified PermissionSet. (Inherited from PermissionSet.) |
![]() | IsUnrestricted | Determines whether the PermissionSet is Unrestricted. (Inherited from PermissionSet.) |
![]() | MemberwiseClone | Creates a shallow copy of the current Object. (Inherited from Object.) |
![]() | PermitOnly | Causes any Demand that passes through the calling code for any PermissionSet that is not a subset of the current PermissionSet to fail. (Inherited from PermissionSet.) |
![]() | RemovePermission | Removes a permission of a certain type from the set. (Inherited from PermissionSet.) |
![]() | RemovePermissionImpl | Removes a permission of a certain type from the set. (Inherited from PermissionSet.) |
![]() | SetPermission | Sets a permission to the PermissionSet, replacing any existing permission of the same type. (Inherited from PermissionSet.) |
![]() | SetPermissionImpl | Sets a permission to the PermissionSet, replacing any existing permission of the same type. (Inherited from PermissionSet.) |
![]() | ToString | Returns a string representation of the PermissionSet. (Inherited from PermissionSet.) |
![]() | ToXml | Creates an XML element description of the named permission set. (Overrides PermissionSet::ToXml().) |
![]() | Union | Creates a PermissionSet that is the union of the current PermissionSet and the specified PermissionSet. (Inherited from PermissionSet.) |
| Name | Description | |
|---|---|---|
![]() ![]() | IDeserializationCallback::OnDeserialization | Infrastructure. Runs when the entire object graph has been deserialized. (Inherited from PermissionSet.) |
Named permission sets are used in security policy administration to specify the permissions to be granted to code that belongs to certain code groups. Names are strings of alphanumeric characters. Description strings can consist of any printable characters. For more information, see Named Permission Sets.
The following code example shows the use of members of the NamedPermissionSet class.
using namespace System; using namespace System::Reflection; using namespace System::Security; using namespace System::Security::Permissions; using namespace System::Security::Policy; using namespace System::IO; using namespace System::Collections; bool DisplayPermissions( NamedPermissionSet^ namedPS1 ); NamedPermissionSet^ CreateCompanyPermission(); void PermissionSetDemo() { Console::WriteLine( "Executing NamedPermissionSetDemo" ); try { // Create a new named permission set and add it to Machine policy. NamedPermissionSet^ namedPS1 = CreateCompanyPermission(); Console::WriteLine( "The name of the custom named permission set is {0}\n", namedPS1->Name ); Console::WriteLine( "The description of the custom named permission set is {0}\n", namedPS1->Description ); DisplayPermissions( namedPS1 ); NamedPermissionSet^ namedPS2 = gcnew NamedPermissionSet( "MyPermssionSetCopy" ); // Perform a ToXml/FromXml round trip. namedPS2->FromXml( namedPS1->ToXml() ); Console::WriteLine( "\nResult of the ToXml/FromXml round trip:" ); // For simplicity the results are displayed using a method call. DisplayPermissions( namedPS2 ); // Create and display a copy of a permission set. NamedPermissionSet^ namedPS3 = dynamic_cast<NamedPermissionSet^>(namedPS2->Copy()); Console::WriteLine( "Is the copy equal to the original? {0}", namedPS2->Equals( namedPS3 ) ); NamedPermissionSet^ namedPS4 = gcnew NamedPermissionSet( "Second copy", namedPS3 ); Console::WriteLine( "The name of the new permission set is {0}\n", namedPS4->Name ); // Show that the new named permission set has the same permissions as the original. DisplayPermissions( namedPS4 ); // The hash code for two instances of the same permission might be different, hence a hash code should not be used to // compare two named permission sets. Console::WriteLine( "The hash code of the original permission set is {0}", namedPS2->GetHashCode() ); Console::WriteLine( "The hash code of the copy is {0}", namedPS4->GetHashCode() ); } catch ( Exception^ e ) { Console::WriteLine( "Exception thrown: {0}", e->Message ); } } bool DisplayPermissions( NamedPermissionSet^ namedPS1 ) { // Display results of namedPS.GetEnumerator. IEnumerator^ psEnumerator = namedPS1->GetEnumerator(); while ( psEnumerator->MoveNext() ) { Console::WriteLine( psEnumerator->Current ); } return true; } // The following method uses the LocalIntranet permission set to create // a custom permission set named MyCompany. The new permission set is // added to local Machine policy. The custom named permission set is returned. NamedPermissionSet^ CreateCompanyPermission() { IEnumerator^ policyEnumerator = SecurityManager::PolicyHierarchy(); // Move through the policy levels to the Machine policy level. while ( policyEnumerator->MoveNext() ) { PolicyLevel^ currentLevel = dynamic_cast<PolicyLevel^>(policyEnumerator->Current); if ( currentLevel->Label->Equals( "Machine" ) ) { // Enumerate the permission sets in the Machine policy level. IList^ namedPermissions = currentLevel->NamedPermissionSets; IEnumerator^ namedPermission = namedPermissions->GetEnumerator(); // Locate the LocalIntranet permission set. while ( namedPermission->MoveNext() ) { if ( (dynamic_cast<NamedPermissionSet^>(namedPermission->Current))->Name->Equals( "LocalIntranet" ) ) { // The current permission set is a copy of the LocalIntranet permission set. // It can be modified to provide the permissions for the new permission set. // Rename the copy to the name chosen for the new permission set. (dynamic_cast<NamedPermissionSet^>(namedPermission->Current))->Name = "MyCompany"; (dynamic_cast<NamedPermissionSet^>(namedPermission->Current))->Description = "My custom named permission set"; IEnumerator^ permissions = (dynamic_cast<NamedPermissionSet^>(namedPermission->Current))->GetEnumerator(); // Remove the current security permission from the permission set and replace it // with a new security permission that does not have the right to assert permissions. while ( permissions->MoveNext() ) { if ( permissions->Current->GetType()->ToString()->Equals( "System.Security.Permissions.SecurityPermission" ) ) { // Remove the current security permission. (dynamic_cast<NamedPermissionSet^>(namedPermission->Current))->RemovePermission( permissions->Current->GetType() ); // Add a new security permission that only allows execution. (dynamic_cast<NamedPermissionSet^>(namedPermission->Current))->AddPermission( gcnew SecurityPermission( SecurityPermissionFlag::Execution ) ); break; } } try { // If you run this application twice, the following instruction throws // an exception because the named permission set already exists. // You can remove the custom named permission set using either Caspole.exe or the // .NET Framework Configuration tool (Mscorcfg.msc). currentLevel->AddNamedPermissionSet(safe_cast<NamedPermissionSet^>(namedPermission->Current)); SecurityManager::SavePolicy(); return dynamic_cast<NamedPermissionSet^>(namedPermission->Current); } // Catch the exception for a duplicate permission set. catch ( System::ArgumentException^ e ) { Console::WriteLine( "{0}\n", e->Message ); return dynamic_cast<NamedPermissionSet^>(namedPermission->Current); } } } } } return gcnew NamedPermissionSet( "Nothing" ); } // Test harness. int main() { PermissionSetDemo(); Console::WriteLine( "Press any key to exit." ); Console::Read(); }
Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
