Was this page helpful?
Your feedback about this content is important. Let us know what you think.
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

NamedPermissionSet Class

Defines a permission set that has a name and description associated with it. This class cannot be inherited.

System.Object
  System.Security.PermissionSet
    System.Security.NamedPermissionSet

Namespace:  System.Security
Assembly:  mscorlib (in mscorlib.dll)

'Declaration
<SerializableAttribute> _
<ComVisibleAttribute(True)> _
Public NotInheritable Class NamedPermissionSet _
	Inherits PermissionSet

The NamedPermissionSet type exposes the following members.

  NameDescription
Public methodNamedPermissionSet(NamedPermissionSet)Initializes a new instance of the NamedPermissionSet class from another named permission set.
Public methodNamedPermissionSet(String)Initializes a new, empty instance of the NamedPermissionSet class with the specified name.
Public methodNamedPermissionSet(String, PermissionState)Initializes a new instance of the NamedPermissionSet class with the specified name in either an unrestricted or a fully restricted state.
Public methodNamedPermissionSet(String, PermissionSet)Initializes a new instance of the NamedPermissionSet class with the specified name from a permission set.
Top

  NameDescription
Public propertyCountGets the number of permission objects contained in the permission set. (Inherited from PermissionSet.)
Public propertyDescriptionGets or sets the text description of the current named permission set.
Public propertyIsReadOnlyGets a value indicating whether the collection is read-only. (Inherited from PermissionSet.)
Public propertyIsSynchronizedGets a value indicating whether the collection is guaranteed to be thread safe. (Inherited from PermissionSet.)
Public propertyNameGets or sets the name of the current named permission set.
Public propertySyncRootGets the root object of the current collection. (Inherited from PermissionSet.)
Top

  NameDescription
Public methodAddPermissionAdds a specified permission to the PermissionSet. (Inherited from PermissionSet.)
Protected methodAddPermissionImplAdds a specified permission to the PermissionSet. (Inherited from PermissionSet.)
Public methodAssertDeclares that the calling code can access the resource protected by a permission demand through the code that calls this method, even if callers higher in the stack have not been granted permission to access the resource. Using Assert can create security vulnerabilities. (Inherited from PermissionSet.)
Public methodContainsNonCodeAccessPermissionsGets a value indicating whether the PermissionSet contains permissions that are not derived from CodeAccessPermission. (Inherited from PermissionSet.)
Public methodCopyCreates a permission set copy from a named permission set. (Overrides PermissionSet.Copy.)
Public methodCopy(String)Creates a copy of the named permission set with a different name but the same permissions.
Public methodCopyToCopies the permission objects of the set to the indicated location in an Array. (Inherited from PermissionSet.)
Public methodDemandForces a SecurityException at run time if all callers higher in the call stack have not been granted the permissions specified by the current instance. (Inherited from PermissionSet.)
Public methodDeny Obsolete. Causes any Demand that passes through the calling code for a permission that has an intersection with a permission of a type contained in the current PermissionSet to fail. (Inherited from PermissionSet.)
Public methodEqualsDetermines whether the specified NamedPermissionSet object is equal to the current NamedPermissionSet. (Overrides PermissionSet.Equals(Object).)
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
Public methodFromXmlReconstructs a named permission set with a specified state from an XML encoding. (Overrides PermissionSet.FromXml(SecurityElement).)
Public methodGetEnumeratorReturns an enumerator for the permissions of the set. (Inherited from PermissionSet.)
Protected methodGetEnumeratorImplReturns an enumerator for the permissions of the set. (Inherited from PermissionSet.)
Public methodGetHashCodeGets a hash code for the NamedPermissionSet object that is suitable for use in hashing algorithms and data structures such as a hash table. (Overrides PermissionSet.GetHashCode.)
Public methodGetPermissionGets a permission object of the specified type, if it exists in the set. (Inherited from PermissionSet.)
Protected methodGetPermissionImplGets a permission object of the specified type, if it exists in the set. (Inherited from PermissionSet.)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Public methodIntersectCreates and returns a permission set that is the intersection of the current PermissionSet and the specified PermissionSet. (Inherited from PermissionSet.)
Public methodIsEmptyGets a value indicating whether the PermissionSet is empty. (Inherited from PermissionSet.)
Public methodIsSubsetOfDetermines whether the current PermissionSet is a subset of the specified PermissionSet. (Inherited from PermissionSet.)
Public methodIsUnrestrictedDetermines whether the PermissionSet is Unrestricted. (Inherited from PermissionSet.)
Protected methodMemberwiseCloneCreates a shallow copy of the current Object. (Inherited from Object.)
Public methodPermitOnlyCauses any Demand that passes through the calling code for any PermissionSet that is not a subset of the current PermissionSet to fail. (Inherited from PermissionSet.)
Public methodRemovePermissionRemoves a permission of a certain type from the set. (Inherited from PermissionSet.)
Protected methodRemovePermissionImplRemoves a permission of a certain type from the set. (Inherited from PermissionSet.)
Public methodSetPermissionSets a permission to the PermissionSet, replacing any existing permission of the same type. (Inherited from PermissionSet.)
Protected methodSetPermissionImplSets a permission to the PermissionSet, replacing any existing permission of the same type. (Inherited from PermissionSet.)
Public methodToStringReturns a string representation of the PermissionSet. (Inherited from PermissionSet.)
Public methodToXmlCreates an XML element description of the named permission set. (Overrides PermissionSet.ToXml.)
Public methodUnionCreates a PermissionSet that is the union of the current PermissionSet and the specified PermissionSet. (Inherited from PermissionSet.)
Top

  NameDescription
Explicit interface implemetationPrivate methodIDeserializationCallback.OnDeserializationInfrastructure. Runs when the entire object graph has been deserialized. (Inherited from PermissionSet.)
Top

Named permission sets are used in security policy administration to specify the permissions to be granted to code that belongs to certain code groups. Names are strings of alphanumeric characters. Description strings can consist of any printable characters. For more information, see Named Permission Sets.

The following code example shows the use of members of the NamedPermissionSet class.


Imports System
Imports System.Reflection
Imports System.Security
Imports System.Security.Permissions
Imports System.Security.Policy
Imports System.IO
Imports System.Collections
Public Class Form1
    Inherits System.Windows.Forms.Form

#Region " Windows Form Designer generated code "

    Public Sub New()
        MyBase.New()

        'This call is required by the Windows Form Designer.
        InitializeComponent()

        'Add any initialization after the InitializeComponent() call

    End Sub

    'Form overrides dispose to clean up the component list.
    Protected Overloads Overrides Sub Dispose(ByVal disposing As Boolean)
        If disposing Then
            If Not (components Is Nothing) Then
                components.Dispose()
            End If
        End If
        MyBase.Dispose(disposing)
    End Sub

    'Required by the Windows Form Designer
    Private components As System.ComponentModel.IContainer

    'NOTE: The following procedure is required by the Windows Form Designer
    'It can be modified using the Windows Form Designer.  
    'Do not modify it using the code editor.
    Friend WithEvents TextBox1 As System.Windows.Forms.TextBox
    Friend WithEvents Button1 As System.Windows.Forms.Button
    Friend WithEvents Button2 As System.Windows.Forms.Button
    <System.Diagnostics.DebuggerStepThrough()> Private Sub InitializeComponent()
        Me.TextBox1 = New System.Windows.Forms.TextBox
        Me.Button1 = New System.Windows.Forms.Button
        Me.Button2 = New System.Windows.Forms.Button
        Me.SuspendLayout()
        '
        'TextBox1
        '
        Me.TextBox1.Location = New System.Drawing.Point(16, 40)
        Me.TextBox1.Multiline = True
        Me.TextBox1.Name = "TextBox1"
        Me.TextBox1.ScrollBars = System.Windows.Forms.ScrollBars.Both
        Me.TextBox1.Size = New System.Drawing.Size(752, 336)
        Me.TextBox1.TabIndex = 0
        Me.TextBox1.Text = ""
        '
        'Button1
        '
        Me.Button1.Location = New System.Drawing.Point(440, 440)
        Me.Button1.Name = "Button1"
        Me.Button1.Size = New System.Drawing.Size(80, 24)
        Me.Button1.TabIndex = 1
        Me.Button1.Text = "Run Demo"
        '
        'Button2
        '
        Me.Button2.Location = New System.Drawing.Point(568, 440)
        Me.Button2.Name = "Button2"
        Me.Button2.Size = New System.Drawing.Size(88, 24)
        Me.Button2.TabIndex = 2
        Me.Button2.Text = "Exit"
        '
        'Form1
        '
        Me.AutoScaleBaseSize = New System.Drawing.Size(5, 13)
        Me.ClientSize = New System.Drawing.Size(808, 502)
        Me.Controls.Add(Me.Button2)
        Me.Controls.Add(Me.Button1)
        Me.Controls.Add(Me.TextBox1)
        Me.Name = "Form1"
        Me.Text = "Form1"
        Me.ResumeLayout(False)

    End Sub

#End Region

    Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load

    End Sub

    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        PermissionSetDemo()
    End Sub
    Private Sub PermissionSetDemo()
        TextBox1.AppendText("Executing NamedPermissionSetDemo")
        Try
            ' Create a new named permission set and add it to Machine policy.
            Dim namedPS1 As NamedPermissionSet
            namedPS1 = CreateCompanyPermission()
            TextBox1.AppendText(("The name of the custom named permission set is " + namedPS1.Name + ControlChars.Lf))
            TextBox1.AppendText(("The description of the custom named permission set is " + namedPS1.Description + ControlChars.Lf))
            DisplayPermissions(namedPS1)
            Dim namedPS2 As New NamedPermissionSet("MyPermssionSetCopy")
            ' Perform a ToXml/FromXml round trip.
            namedPS2.FromXml(namedPS1.ToXml())
            TextBox1.AppendText(ControlChars.Lf + "Result of the ToXml/FromXml round trip:")

            ' For simplicity the results are displayed using a method call.
            DisplayPermissions(namedPS2)
            ' Create and display a copy of a permission set.
            Dim namedPS3 As NamedPermissionSet = CType(namedPS2.Copy(), NamedPermissionSet)
            TextBox1.AppendText("Is the copy equal to the original? " + namedPS2.Equals(namedPS3).ToString())
            Dim namedPS4 As New NamedPermissionSet("Second copy", namedPS3)
            TextBox1.AppendText(("The name of the new permission set is " + namedPS4.Name + ControlChars.Lf))
            ' Show that the new named permission set has the same permissions as the original.
            DisplayPermissions(namedPS4)
            ' The hash code for two instances of the same permission might be different, hence a hash code should not be used to 
            ' compare two named permission sets.
            TextBox1.AppendText("The hash code of the original permission set is " + namedPS2.GetHashCode().ToString())
            TextBox1.AppendText("The hash code of the copy is " + namedPS4.GetHashCode().ToString())
        Catch e As Exception
            TextBox1.AppendText(("Exception thrown: " + e.Message.ToString()))
        End Try
    End Sub 'PermissionSetDemo


    Private Function DisplayPermissions(ByVal namedPS1 As NamedPermissionSet) As Boolean
        ' Display results of namedPS.GetEnumerator.
        Dim psEnumerator As IEnumerator = namedPS1.GetEnumerator()

        While psEnumerator.MoveNext()
            TextBox1.AppendText(CType(psEnumerator.Current, IPermission).ToXml().ToString())
        End While

        Return True
    End Function 'DisplayPermissions

    ' The following method uses the LocalIntranet permission set to create
    ' a custom permission set named MyCompany.  The new permission set is
    ' added to local Machine policy.  The custom named permission set is returned.
    Private Function CreateCompanyPermission() As NamedPermissionSet
        Dim policyEnumerator As IEnumerator = SecurityManager.PolicyHierarchy()

        ' Move through the policy levels to the Machine policy level.
        While policyEnumerator.MoveNext()
            Dim currentLevel As PolicyLevel = CType(policyEnumerator.Current, PolicyLevel)

            If currentLevel.Label = "Machine" Then
                ' Enumerate the permission sets in the Machine policy level.
                Dim namedPermissions As IList = currentLevel.NamedPermissionSets
                Dim namedPermission As IEnumerator = namedPermissions.GetEnumerator()

                ' Locate the LocalIntranet permission set.
                While namedPermission.MoveNext()
                    If CType(namedPermission.Current, NamedPermissionSet).Name = "LocalIntranet" Then
                        ' The current permission set is a copy of the LocalIntranet permission set.
                        ' It can be modified to provide the permissions for the new permission set.
                        ' Rename the copy to the name chosen for the new permission set.
                        CType(namedPermission.Current, NamedPermissionSet).Name = "MyCompany"
                        CType(namedPermission.Current, NamedPermissionSet).Description = "My custom named permission set"
                        Dim permissions As IEnumerator = CType(namedPermission.Current, NamedPermissionSet).GetEnumerator()

                        ' Remove the current security permission from the permission set and replace it 
                        ' with a new security permission that does not have the right to assert permissions.
                        While permissions.MoveNext()
                            If permissions.Current.GetType().ToString() = "System.Security.Permissions.SecurityPermission" Then
                                ' Remove the current security permission.
                                CType(namedPermission.Current, NamedPermissionSet).RemovePermission(permissions.Current.GetType())

                                ' Add a new security permission that only allows execution.
                                CType(namedPermission.Current, NamedPermissionSet).AddPermission(New SecurityPermission(SecurityPermissionFlag.Execution))
                                Exit While
                            End If
                        End While

                        Try
                            ' If you run this application twice, the following instruction throws
                            ' an exception because the named permission set already exists.
                            ' You can remove the custom named permission set using either Caspole.exe or the  
                            ' .NET Framework Configuration tool (Mscorcfg.msc).
                            currentLevel.AddNamedPermissionSet(CType(namedPermission.Current, NamedPermissionSet))
                            SecurityManager.SavePolicy()
                            Return CType(namedPermission.Current, NamedPermissionSet)
                            ' Catch the exception for a duplicate permission set.
                        Catch e As System.ArgumentException
                            TextBox1.AppendText(e.Message + ControlChars.Lf)
                            Return CType(namedPermission.Current, NamedPermissionSet)
                        End Try
                    End If
                End While
            End If
        End While
        ' The following code is executed only if the LocalIntranet permission set has been removed.
        Return New NamedPermissionSet("Nothing")
    End Function 'CreateCompanyPermission

    Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button2.Click
        Form1.ActiveForm.Close()
    End Sub
End Class 'NamedPermissionSetDemo


.NET Framework

Supported in: 4, 3.5, 3.0, 2.0, 1.1, 1.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Community Additions

ADD
Show:
© 2015 Microsoft