This documentation is archived and is not being maintained.

PolicyStatement Class

Represents the statement of a CodeGroup describing the permissions and other information that apply to code with a particular set of evidence. This class cannot be inherited.

System::Object
  System.Security.Policy::PolicyStatement

Namespace:  System.Security.Policy
Assembly:  mscorlib (in mscorlib.dll)

[SerializableAttribute]
[ComVisibleAttribute(true)]
public ref class PolicyStatement sealed : ISecurityPolicyEncodable, 
	ISecurityEncodable

The PolicyStatement type exposes the following members.

  NameDescription
Public methodPolicyStatement(PermissionSet)Initializes a new instance of the PolicyStatement class with the specified PermissionSet.
Public methodPolicyStatement(PermissionSet, PolicyStatementAttribute)Initializes a new instance of the PolicyStatement class with the specified PermissionSet and attributes.
Top

  NameDescription
Public propertyAttributesGets or sets the attributes of the policy statement.
Public propertyAttributeStringGets a string representation of the attributes of the policy statement.
Public propertyPermissionSetGets or sets the PermissionSet of the policy statement.
Top

  NameDescription
Public methodCopyCreates an equivalent copy of the current policy statement.
Public methodEqualsDetermines whether the specified PolicyStatement object is equal to the current PolicyStatement. (Overrides Object::Equals(Object).)
Protected methodFinalizeAllows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.)
Public methodFromXml(SecurityElement)Reconstructs a security object with a given state from an XML encoding.
Public methodFromXml(SecurityElement, PolicyLevel)Reconstructs a security object with a given state from an XML encoding.
Public methodGetHashCodeGets a hash code for the PolicyStatement object that is suitable for use in hashing algorithms and data structures such as a hash table. (Overrides Object::GetHashCode().)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Protected methodMemberwiseCloneCreates a shallow copy of the current Object. (Inherited from Object.)
Public methodToStringReturns a string that represents the current object. (Inherited from Object.)
Public methodToXml()Creates an XML encoding of the security object and its current state.
Public methodToXml(PolicyLevel)Creates an XML encoding of the security object and its current state.
Top

A PolicyStatement consists of a set of granted permissions, and possible special attributes for the code group.

Policy statements are typically used as the return value of a Resolve operation on a PolicyLevel.

The following code example shows the use of members of the PolicyStatement class


using namespace System;
using namespace System::Security;
using namespace System::Security::Policy;
using namespace System::Security::Principal;
using namespace System::Security::Permissions;

ref class Members
{
public:
   [STAThread]
   static void Main()
   {
      // Create two new policy statements.
      PolicyStatement^ policyStatement = firstConstructorTest();
      PolicyStatement^ policyStatement2 = secondConstructorTest();

      // Add attributes to the first policy statement.
      policyStatement->Attributes = PolicyStatementAttribute::All;

      // Create a copy of the first policy statement.
      PolicyStatement^ policyStatementCopy = createCopy( policyStatement );
      addXmlMember(  &policyStatementCopy );

      summarizePolicyStatment( policyStatement );
      Console::Write( L"This sample completed successfully; " );
      Console::WriteLine( L"press Enter to exit." );
      Console::ReadLine();
   }

private:
   // Construct a PolicyStatement with an Unrestricted permission set.
   static PolicyStatement^ firstConstructorTest()
   {
      // Construct the permission set.
      PermissionSet^ permissions = gcnew PermissionSet(
         PermissionState::Unrestricted );
      permissions->AddPermission( gcnew SecurityPermission(
         SecurityPermissionFlag::Execution ) );
      permissions->AddPermission( gcnew ZoneIdentityPermission(
         SecurityZone::MyComputer ) );

      // Create a policy statement based on the newly created permission
      // set.
      PolicyStatement^ policyStatement = gcnew PolicyStatement(
         permissions );

      return policyStatement;
   }

   // Construct a PolicyStatement with an Unrestricted permission set and
   // the LevelFinal attribute.
   static PolicyStatement^ secondConstructorTest()
   {
      // Construct the permission set.
      PermissionSet^ permissions = gcnew PermissionSet(
         PermissionState::Unrestricted );
      permissions->AddPermission( gcnew SecurityPermission(
         SecurityPermissionFlag::Execution ) );
      permissions->AddPermission( gcnew ZoneIdentityPermission(
         SecurityZone::MyComputer ) );

      PolicyStatementAttribute levelFinalAttribute =
         PolicyStatementAttribute::LevelFinal;

      // Create a new policy statement with the specified permission set.
      // The LevelFinal attribute is set to prevent the evaluation of lower
      // policy levels in a resolve operation.
      PolicyStatement^ policyStatement = gcnew PolicyStatement(
         permissions,levelFinalAttribute );

      return policyStatement;
   }

   // Add a named permission set to the specified PolicyStatement.
   static void AddPermissions( interior_ptr<PolicyStatement^>policyStatement )
   {
      // Construct a NamedPermissionSet with basic permissions.
      NamedPermissionSet^ allPerms = gcnew NamedPermissionSet(
         L"allPerms" );
      allPerms->AddPermission( gcnew SecurityPermission(
         SecurityPermissionFlag::Execution ) );
      allPerms->AddPermission( gcnew ZoneIdentityPermission(
         SecurityZone::MyComputer ) );
      allPerms->AddPermission( gcnew SiteIdentityPermission(
         L"www.contoso.com" ) );

      ( *policyStatement)->PermissionSet = allPerms;
   }

   // If a class attribute is not found in the specified PolicyStatement,
   // add a child XML element with an added class attribute.
   static void addXmlMember( interior_ptr<PolicyStatement^>policyStatement )
   {
      SecurityElement^ xmlElement = ( *policyStatement)->ToXml();
      if ( xmlElement->Attribute(L"class") == nullptr )
      {
         SecurityElement^ newElement = gcnew SecurityElement(
            L"PolicyStatement" );
         newElement->AddAttribute( L"class", (
            *policyStatement)->ToString() );
         newElement->AddAttribute( L"version", L"1.1" );

         newElement->AddChild( gcnew SecurityElement( L"PermissionSet" ) );

         ( *policyStatement)->FromXml( newElement );

         Console::Write( L"Added the class attribute and modified its " );
         Console::WriteLine( L"version number.\n{0}", newElement );
      }
   }

   // Verify that the type of the specified object is a PolicyStatement type
   // then create a copy of the object.
   static PolicyStatement^ createCopy( Object^ sourceObject )
   {
      PolicyStatement^ returnedStatement = gcnew PolicyStatement( nullptr );
      // Compare specified object type with the PolicyStatement type.
      if ( sourceObject->GetType()->Equals( PolicyStatement::typeid ) )
      {
         returnedStatement = getCopy(
            static_cast<PolicyStatement^>(sourceObject) );
      }
      else
      {
         throw gcnew ArgumentException(
            L"Expected the PolicyStatement type." );
      }

      return returnedStatement;
   }

   // Return a copy of the specified PolicyStatement if the result of the
   // Copy command is an equivalent object. Otherwise, return the
   // original PolicyStatement object.
   static PolicyStatement^ getCopy( PolicyStatement^ policyStatement )
   {
      // Create an equivalent copy of the policy statement.
      PolicyStatement^ policyStatementCopy = policyStatement->Copy();

      // Compare the specified objects for equality.
      if (  !policyStatementCopy->Equals( policyStatement ) )
      {
         return policyStatementCopy;
      }
      else
      {
         return policyStatement;
      }
   }

   // Summarize the attributes of the specified PolicyStatement on the
   // console window.
   static void summarizePolicyStatment( PolicyStatement^ policyStatement )
   {
      // Retrieve the class path for policyStatement.
      String^ policyStatementClass = policyStatement->ToString();

      int hashCode = policyStatement->GetHashCode();

      String^ attributeString = L"";

      // Retrieve the string representation of the PolicyStatement
      // attributes.
      if ( policyStatement->AttributeString != nullptr )
      {
         attributeString = policyStatement->AttributeString;
      }

      // Write a summary to the console window.
      Console::WriteLine( L"\n*** {0} summary ***", policyStatementClass );
      Console::Write( L"This PolicyStatement has been created with hash " );
      Console::Write( L"code({0}) ", hashCode );

      Console::Write( L"and contains the following attributes: " );
      Console::WriteLine( attributeString );
   }
};

int main()
{
   Members::Main();
}

//
// This sample produces the following output:
//
// Added the class attribute and modified the version number.
// <PolicyStatement class="System.Security.Policy.PolicyStatement"
//                  version="1.1">
//    <PermissionSet/>
// </PolicyStatement>
//
// *** System.Security.Policy.PolicyStatement summary ***
// PolicyStatement has been created with hash code(20) containing the
// following attributes: Exclusive LevelFinal
// This sample completed successfully; press Enter to exit.


.NET Framework

Supported in: 4, 3.5, 3.0, 2.0, 1.1, 1.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Show: