File: system\security\permissions\registrypermission.cs
Project: ndp\clr\src\bcl\mscorlib.csproj (mscorlib)
// ==++==
// 
//   Copyright (c) Microsoft Corporation.  All rights reserved.
// 
// ==--==
//  RegistryPermission.cs
// 
// <OWNER>Microsoft</OWNER>
//
 
namespace System.Security.Permissions
{
    using System;
    using SecurityElement = System.Security.SecurityElement;
    using System.Security.AccessControl;
    using System.Security.Util;
    using System.IO;
    using System.Globalization;
    using System.Runtime.Serialization;
 
#if !FEATURE_PAL
 
[Serializable]
    [Flags]
[System.Runtime.InteropServices.ComVisible(true)]
    public enum RegistryPermissionAccess
    {
        NoAccess = 0x00,
        Read = 0x01,
        Write = 0x02,
        Create = 0x04,
        AllAccess = 0x07,
    }
    
[System.Runtime.InteropServices.ComVisible(true)]
    [Serializable]
    sealed public class RegistryPermission : CodeAccessPermission, IUnrestrictedPermission, IBuiltInPermission
    {
        private StringExpressionSet m_read;
        private StringExpressionSet m_write;
        private StringExpressionSet m_create;
        [OptionalField(VersionAdded = 2)]
        private StringExpressionSet m_viewAcl;
        [OptionalField(VersionAdded = 2)]
        private StringExpressionSet m_changeAcl;
        private bool m_unrestricted;
    
 
        public RegistryPermission(PermissionState state)
        {
            if (state == PermissionState.Unrestricted)
            {
                m_unrestricted = true;
            }
            else if (state == PermissionState.None)
            {
                m_unrestricted = false;
            }
            else
            {
                throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPermissionState"));
            }
        }
        
        public RegistryPermission( RegistryPermissionAccess access, String pathList )
        {
            SetPathList( access, pathList );
        }
 
#if FEATURE_MACL
        public RegistryPermission( RegistryPermissionAccess access, AccessControlActions control, String pathList )
        {
            m_unrestricted = false;
            AddPathList( access, control, pathList );
        }
#endif
 
        public void SetPathList( RegistryPermissionAccess access, String pathList )
        {
            VerifyAccess( access );
 
            m_unrestricted = false;
 
            if ((access & RegistryPermissionAccess.Read) != 0)
                m_read = null;
            
            if ((access & RegistryPermissionAccess.Write) != 0)
                m_write = null;
    
            if ((access & RegistryPermissionAccess.Create) != 0)
                m_create = null;
            
            AddPathList( access, pathList );
        }
 
#if FEATURE_MACL
        internal void SetPathList( AccessControlActions control, String pathList )
        {
            m_unrestricted = false;
 
            if ((control & AccessControlActions.View) != 0)
                m_viewAcl = null;
 
            if ((control & AccessControlActions.Change) != 0)
                m_changeAcl = null;
 
            AddPathList( RegistryPermissionAccess.NoAccess, control, pathList );
        }
#endif
 
        public void AddPathList( RegistryPermissionAccess access, String pathList )
        {
            AddPathList( access, AccessControlActions.None, pathList );
        }
 
        [System.Security.SecuritySafeCritical]  // auto-generated
        public void AddPathList( RegistryPermissionAccess access, AccessControlActions control, String pathList )
        {
            VerifyAccess( access );
            
            if ((access & RegistryPermissionAccess.Read) != 0)
            {
                if (m_read == null)
                    m_read = new StringExpressionSet();
                m_read.AddExpressions( pathList );
            }
            
            if ((access & RegistryPermissionAccess.Write) != 0)
            {
                if (m_write == null)
                    m_write = new StringExpressionSet();
                m_write.AddExpressions( pathList );
            }
    
            if ((access & RegistryPermissionAccess.Create) != 0)
            {
                if (m_create == null)
                    m_create = new StringExpressionSet();
                m_create.AddExpressions( pathList );
            }
 
#if FEATURE_MACL
            if ((control & AccessControlActions.View) != 0)
            {
                if (m_viewAcl == null)
                    m_viewAcl = new StringExpressionSet();
                m_viewAcl.AddExpressions( pathList );
            }
 
            if ((control & AccessControlActions.Change) != 0)
            {
                if (m_changeAcl == null)
                    m_changeAcl = new StringExpressionSet();
                m_changeAcl.AddExpressions( pathList );
            }
#endif
        }
    
        [SecuritySafeCritical]
        public String GetPathList( RegistryPermissionAccess access )
        {
            // SafeCritical: these are registry paths, which means we're not leaking file system information here
            VerifyAccess( access );
            ExclusiveAccess( access );
    
            if ((access & RegistryPermissionAccess.Read) != 0)
            {
                if (m_read == null)
                {
                    return "";
                }
                return m_read.UnsafeToString();
            }
            
            if ((access & RegistryPermissionAccess.Write) != 0)
            {
                if (m_write == null)
                {
                    return "";
                }
                return m_write.UnsafeToString();
            }
    
            if ((access & RegistryPermissionAccess.Create) != 0)
            {
                if (m_create == null)
                {
                    return "";
                }
                return m_create.UnsafeToString();
            }
            
            /* not reached */
            
            return "";
        }     
        
        private void VerifyAccess( RegistryPermissionAccess access )
        {
            if ((access & ~RegistryPermissionAccess.AllAccess) != 0)
                throw new ArgumentException(Environment.GetResourceString("Arg_EnumIllegalVal", (int)access));
        }
        
        private void ExclusiveAccess( RegistryPermissionAccess access )
        {
            if (access == RegistryPermissionAccess.NoAccess)
            {
                throw new ArgumentException( Environment.GetResourceString("Arg_EnumNotSingleFlag") ); 
            }
    
            if (((int) access & ((int)access-1)) != 0)
            {
                throw new ArgumentException( Environment.GetResourceString("Arg_EnumNotSingleFlag") ); 
            }
        }
        
        private bool IsEmpty()
        {
            return (!m_unrestricted &&
                    (this.m_read == null || this.m_read.IsEmpty()) &&
                    (this.m_write == null || this.m_write.IsEmpty()) &&
                    (this.m_create == null || this.m_create.IsEmpty()) &&
                    (this.m_viewAcl == null || this.m_viewAcl.IsEmpty()) &&
                    (this.m_changeAcl == null || this.m_changeAcl.IsEmpty()));
        }
        
        //------------------------------------------------------
        //
        // CODEACCESSPERMISSION IMPLEMENTATION
        //
        //------------------------------------------------------
        
        public bool IsUnrestricted()
        {
            return m_unrestricted;
        }
        
        //------------------------------------------------------
        //
        // IPERMISSION IMPLEMENTATION
        //
        //------------------------------------------------------
        
        [System.Security.SecuritySafeCritical]  // auto-generated
        public override bool IsSubsetOf(IPermission target)
        {
            if (target == null)
            {
                return this.IsEmpty();
            }
 
            RegistryPermission operand = target as RegistryPermission;
            if (operand == null)
                throw new ArgumentException(Environment.GetResourceString("Argument_WrongType", this.GetType().FullName));
 
            if (operand.IsUnrestricted())
                return true;
            else if (this.IsUnrestricted())
                return false;
            else
                return ((this.m_read == null || this.m_read.IsSubsetOf( operand.m_read )) &&
                        (this.m_write == null || this.m_write.IsSubsetOf( operand.m_write )) &&
                        (this.m_create == null || this.m_create.IsSubsetOf( operand.m_create )) &&
                        (this.m_viewAcl == null || this.m_viewAcl.IsSubsetOf( operand.m_viewAcl )) &&
                        (this.m_changeAcl == null || this.m_changeAcl.IsSubsetOf( operand.m_changeAcl )));
        }
        
        [System.Security.SecuritySafeCritical]  // auto-generated
        public override IPermission Intersect(IPermission target)
        {
            if (target == null)
            {
                return null;
            }
            else if (!VerifyType(target))
            {
                throw new 
                    ArgumentException(
                                    Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)
                                     );
            }
            else if (this.IsUnrestricted())
            {
                return target.Copy();
            }
            
            RegistryPermission operand = (RegistryPermission)target;
            if (operand.IsUnrestricted())
            {
                return this.Copy();
            }
            
            
            StringExpressionSet intersectRead = this.m_read == null ? null : this.m_read.Intersect( operand.m_read );
            StringExpressionSet intersectWrite = this.m_write == null ? null : this.m_write.Intersect( operand.m_write );
            StringExpressionSet intersectCreate = this.m_create == null ? null : this.m_create.Intersect( operand.m_create );
            StringExpressionSet intersectViewAcl = this.m_viewAcl == null ? null : this.m_viewAcl.Intersect( operand.m_viewAcl );
            StringExpressionSet intersectChangeAcl = this.m_changeAcl == null ? null : this.m_changeAcl.Intersect( operand.m_changeAcl );
            
            if ((intersectRead == null || intersectRead.IsEmpty()) &&
                (intersectWrite == null || intersectWrite.IsEmpty()) &&
                (intersectCreate == null || intersectCreate.IsEmpty()) &&
                (intersectViewAcl == null || intersectViewAcl.IsEmpty()) &&
                (intersectChangeAcl == null || intersectChangeAcl.IsEmpty()))
            {
                return null;
            }
            
            RegistryPermission intersectPermission = new RegistryPermission(PermissionState.None);
            intersectPermission.m_unrestricted = false;
            intersectPermission.m_read = intersectRead;
            intersectPermission.m_write = intersectWrite;
            intersectPermission.m_create = intersectCreate;
            intersectPermission.m_viewAcl = intersectViewAcl;
            intersectPermission.m_changeAcl = intersectChangeAcl;
            
            return intersectPermission;
        }
        
        [System.Security.SecuritySafeCritical]  // auto-generated
        public override IPermission Union(IPermission other)
        {
            if (other == null)
            {
                return this.Copy();
            }
            else if (!VerifyType(other))
            {
                throw new 
                    ArgumentException(
                                    Environment.GetResourceString("Argument_WrongType", this.GetType().FullName)
                                     );
            }
            
            RegistryPermission operand = (RegistryPermission)other;
            
            if (this.IsUnrestricted() || operand.IsUnrestricted())
            {
                return new RegistryPermission( PermissionState.Unrestricted );
            }
    
            StringExpressionSet unionRead = this.m_read == null ? operand.m_read : this.m_read.Union( operand.m_read );
            StringExpressionSet unionWrite = this.m_write == null ? operand.m_write : this.m_write.Union( operand.m_write );
            StringExpressionSet unionCreate = this.m_create == null ? operand.m_create : this.m_create.Union( operand.m_create );
            StringExpressionSet unionViewAcl = this.m_viewAcl == null ? operand.m_viewAcl : this.m_viewAcl.Union( operand.m_viewAcl );
            StringExpressionSet unionChangeAcl = this.m_changeAcl == null ? operand.m_changeAcl : this.m_changeAcl.Union( operand.m_changeAcl );
            
            if ((unionRead == null || unionRead.IsEmpty()) &&
                (unionWrite == null || unionWrite.IsEmpty()) &&
                (unionCreate == null || unionCreate.IsEmpty()) &&
                (unionViewAcl == null || unionViewAcl.IsEmpty()) &&
                (unionChangeAcl == null || unionChangeAcl.IsEmpty()))
            {
                return null;
            }
            
            RegistryPermission unionPermission = new RegistryPermission(PermissionState.None);
            unionPermission.m_unrestricted = false;
            unionPermission.m_read = unionRead;
            unionPermission.m_write = unionWrite;
            unionPermission.m_create = unionCreate;
            unionPermission.m_viewAcl = unionViewAcl;
            unionPermission.m_changeAcl = unionChangeAcl;
            
            return unionPermission;
        }
            
        
        public override IPermission Copy()
        {
            RegistryPermission copy = new RegistryPermission(PermissionState.None);
            if (this.m_unrestricted)
            {
                copy.m_unrestricted = true;
            }
            else
            {
                copy.m_unrestricted = false;
                if (this.m_read != null)
                {
                    copy.m_read = this.m_read.Copy();
                }
                if (this.m_write != null)
                {
                    copy.m_write = this.m_write.Copy();
                }
                if (this.m_create != null)
                {
                    copy.m_create = this.m_create.Copy();
                }
                if (this.m_viewAcl != null)
                {
                    copy.m_viewAcl = this.m_viewAcl.Copy();
                }
                if (this.m_changeAcl != null)
                {
                    copy.m_changeAcl = this.m_changeAcl.Copy();
                }
            }
            return copy;   
        }
        
#if FEATURE_CAS_POLICY
        [SecuritySafeCritical]
        public override SecurityElement ToXml()
        {
            // SafeCritical: our string expression sets don't contain paths, so there's no information that
            // needs to be guarded in them.
            SecurityElement esd = CodeAccessPermission.CreatePermissionElement( this, "System.Security.Permissions.RegistryPermission" );
            if (!IsUnrestricted())
            {
                if (this.m_read != null && !this.m_read.IsEmpty())
                {
                    esd.AddAttribute( "Read", SecurityElement.Escape( m_read.UnsafeToString() ) );
                }
                if (this.m_write != null && !this.m_write.IsEmpty())
                {
                    esd.AddAttribute( "Write", SecurityElement.Escape( m_write.UnsafeToString() ) );
                }
                if (this.m_create != null && !this.m_create.IsEmpty())
                {
                    esd.AddAttribute( "Create", SecurityElement.Escape( m_create.UnsafeToString() ) );
                }
                if (this.m_viewAcl != null && !this.m_viewAcl.IsEmpty())
                {
                    esd.AddAttribute( "ViewAccessControl", SecurityElement.Escape( m_viewAcl.UnsafeToString() ) );
                }
                if (this.m_changeAcl != null && !this.m_changeAcl.IsEmpty())
                {
                    esd.AddAttribute( "ChangeAccessControl", SecurityElement.Escape( m_changeAcl.UnsafeToString() ) );
                }
            }
            else
            {
                esd.AddAttribute( "Unrestricted", "true" );
            }
            return esd;
        }
 
        public override void FromXml(SecurityElement esd)
        {
            CodeAccessPermission.ValidateElement( esd, this );
            String et;
            
            if (XMLUtil.IsUnrestricted( esd ))
            {
                m_unrestricted = true;
                return;
            }
 
            m_unrestricted = false;
            m_read = null;
            m_write = null;
            m_create = null;
            m_viewAcl = null;
            m_changeAcl = null;
 
            et = esd.Attribute( "Read" );
            if (et != null)
            {
                m_read = new StringExpressionSet( et );
            }
            
            et = esd.Attribute( "Write" );
            if (et != null)
            {
                m_write = new StringExpressionSet( et );
            }
    
            et = esd.Attribute( "Create" );
            if (et != null)
            {
                m_create = new StringExpressionSet( et );
            }
            
            et = esd.Attribute( "ViewAccessControl" );
            if (et != null)
            {
                m_viewAcl = new StringExpressionSet( et );
            }
 
            et = esd.Attribute( "ChangeAccessControl" );
            if (et != null)
            {
                m_changeAcl = new StringExpressionSet( et );
            }
        }
#endif // FEATURE_CAS_POLICY
 
        /// <internalonly/>
        int IBuiltInPermission.GetTokenIndex()
        {
            return RegistryPermission.GetTokenIndex();
        }
 
        internal static int GetTokenIndex()
        {
            return BuiltInPermissionIndex.RegistryPermissionIndex;
        }
 
    }
 
#endif // !FEATURE_PAL
}