linux-packaging-mono/mcs/class/corlib/System.Security.AccessControl/CommonObjectSecurity.cs

//
// System.Security.AccessControl.CommonObjectSecurity implementation
//
// Authors:
//	Dick Porter  <dick@ximian.com>
//	Atsushi Enomoto  <atsushi@ximian.com>
//	James Bellinger  <jfb@zer7.com>
//
// Copyright (C) 2005-2007 Novell, Inc (http://www.novell.com)
// Copyright (C) 2012      James Bellinger
//
// Permission is hereby granted, free of charge, to any person obtaining
// a copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to
// permit persons to whom the Software is furnished to do so, subject to
// the following conditions:
// 
// The above copyright notice and this permission notice shall be
// included in all copies or substantial portions of the Software.
// 
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//

using System.Collections.Generic;

namespace System.Security.AccessControl
{
	public abstract class CommonObjectSecurity : ObjectSecurity
	{
		protected CommonObjectSecurity (bool isContainer)
			: base (isContainer, false)
		{
		}
		
		internal CommonObjectSecurity (CommonSecurityDescriptor securityDescriptor)
			: base (securityDescriptor)
		{
		}
		
		public AuthorizationRuleCollection GetAccessRules (bool includeExplicit, bool includeInherited, Type targetType)
		{
			return InternalGetAccessRules (includeExplicit, includeInherited, targetType);
		}
		
		public AuthorizationRuleCollection GetAuditRules (bool includeExplicit, bool includeInherited, Type targetType)
		{
			return InternalGetAuditRules (includeExplicit, includeInherited, targetType);
		}
		
		protected void AddAccessRule (AccessRule rule)
		{
			bool modified;
			ModifyAccess (AccessControlModification.Add, rule, out modified);
		}
		
		protected bool RemoveAccessRule (AccessRule rule)
		{
			bool modified;
			return ModifyAccess (AccessControlModification.Remove, rule, out modified);
		}
		
		protected void RemoveAccessRuleAll (AccessRule rule)
		{
			bool modified;
			ModifyAccess (AccessControlModification.RemoveAll, rule, out modified);
		}
		
		protected void RemoveAccessRuleSpecific (AccessRule rule)
		{
			bool modified;
			ModifyAccess (AccessControlModification.RemoveSpecific, rule, out modified);
		}
		
		protected void ResetAccessRule (AccessRule rule)
		{
			bool modified;
			ModifyAccess (AccessControlModification.Reset, rule, out modified);
		}
		
		protected void SetAccessRule (AccessRule rule)
		{
			bool modified;
			ModifyAccess (AccessControlModification.Set, rule, out modified);
		}		
		
		protected override bool ModifyAccess (AccessControlModification modification, AccessRule rule, out bool modified)
		{		
			if (null == rule)
				throw new ArgumentNullException ("rule");
				
			modified = true;
			
			WriteLock ();
			try {
				switch (modification) {
				case AccessControlModification.Add:
					descriptor.DiscretionaryAcl.AddAccess (rule.AccessControlType,
									       SidFromIR (rule.IdentityReference),
									       rule.AccessMask,
									       rule.InheritanceFlags,
									       rule.PropagationFlags);
					break;
				case AccessControlModification.Set:
					descriptor.DiscretionaryAcl.SetAccess (rule.AccessControlType,
									       SidFromIR (rule.IdentityReference),
									       rule.AccessMask,
									       rule.InheritanceFlags,
									       rule.PropagationFlags);
					break;
				case AccessControlModification.Reset:
					PurgeAccessRules (rule.IdentityReference);
					goto case AccessControlModification.Add;
				case AccessControlModification.Remove:
					modified = descriptor.DiscretionaryAcl.RemoveAccess (rule.AccessControlType,
											     SidFromIR (rule.IdentityReference),
											     rule.AccessMask,
											     rule.InheritanceFlags,
											     rule.PropagationFlags);
					break;
				case AccessControlModification.RemoveAll:
					PurgeAccessRules (rule.IdentityReference);
					break;
				case AccessControlModification.RemoveSpecific:
					descriptor.DiscretionaryAcl.RemoveAccessSpecific (rule.AccessControlType,
											  SidFromIR (rule.IdentityReference),
											  rule.AccessMask,
											  rule.InheritanceFlags,
											  rule.PropagationFlags);
					break;
				default:
					throw new ArgumentOutOfRangeException ("modification");
				}
				
				if (modified) AccessRulesModified = true;
			} finally {
				WriteUnlock ();
			}
			
			return modified;
		}
		
		protected void AddAuditRule (AuditRule rule)
		{
			bool modified;
			ModifyAudit (AccessControlModification.Add, rule, out modified);
		}
		
		protected bool RemoveAuditRule (AuditRule rule)
		{
			bool modified;
			return ModifyAudit (AccessControlModification.Remove, rule, out modified);
		}
		
		protected void RemoveAuditRuleAll (AuditRule rule)
		{
			bool modified;
			ModifyAudit (AccessControlModification.RemoveAll, rule, out modified);
		}
		
		protected void RemoveAuditRuleSpecific (AuditRule rule)
		{
			bool modified;
			ModifyAudit (AccessControlModification.RemoveSpecific, rule, out modified);
		}
		
		protected void SetAuditRule (AuditRule rule)
		{
			bool modified;
			ModifyAudit (AccessControlModification.Set, rule, out modified);
		}
		
		protected override bool ModifyAudit (AccessControlModification modification, AuditRule rule, out bool modified)
		{
			if (null == rule)
				throw new ArgumentNullException ("rule");

			modified = true;
			
			WriteLock ();
			try {
				switch (modification) {
				case AccessControlModification.Add:
					if (null == descriptor.SystemAcl)
						descriptor.SystemAcl = new SystemAcl (IsContainer, IsDS, 1);
					
					descriptor.SystemAcl.AddAudit (rule.AuditFlags,
								       SidFromIR (rule.IdentityReference),
								       rule.AccessMask,
								       rule.InheritanceFlags,
								       rule.PropagationFlags);
					break;
				case AccessControlModification.Set:
					if (null == descriptor.SystemAcl)
						descriptor.SystemAcl = new SystemAcl (IsContainer, IsDS, 1);

					descriptor.SystemAcl.SetAudit (rule.AuditFlags,
								       SidFromIR (rule.IdentityReference),
								       rule.AccessMask,
								       rule.InheritanceFlags,
								       rule.PropagationFlags);
					break;
				case AccessControlModification.Reset:
					break;
				case AccessControlModification.Remove:
					if (null == descriptor.SystemAcl)
						modified = false;
					else
						modified = descriptor.SystemAcl.RemoveAudit (rule.AuditFlags,
											     SidFromIR (rule.IdentityReference),
											     rule.AccessMask,
											     rule.InheritanceFlags,
											     rule.PropagationFlags);
					break;
				case AccessControlModification.RemoveAll:
					PurgeAuditRules (rule.IdentityReference);
					break;
				case AccessControlModification.RemoveSpecific:
					if (null != descriptor.SystemAcl)
						descriptor.SystemAcl.RemoveAuditSpecific (rule.AuditFlags,
											  SidFromIR (rule.IdentityReference),
											  rule.AccessMask,
											  rule.InheritanceFlags,
											  rule.PropagationFlags);
					break;
				default:
					throw new ArgumentOutOfRangeException ("modification");
				}
				
				if (modified) AuditRulesModified = true;
			} finally {
				WriteUnlock ();
			}
			
			return modified;
		}
	}
}
Imported Upstream version 3.6.0 Former-commit-id: da6be194a6b1221998fc28233f2503bd61dd9d14 2014-08-13 10:39:27 +01:00			`//`
			`// System.Security.AccessControl.CommonObjectSecurity implementation`
			`//`
			`// Authors:`
			`// Dick Porter <dick@ximian.com>`
			`// Atsushi Enomoto <atsushi@ximian.com>`
			`// James Bellinger <jfb@zer7.com>`
			`//`
			`// Copyright (C) 2005-2007 Novell, Inc (http://www.novell.com)`
			`// Copyright (C) 2012 James Bellinger`
			`//`
			`// Permission is hereby granted, free of charge, to any person obtaining`
			`// a copy of this software and associated documentation files (the`
			`// "Software"), to deal in the Software without restriction, including`
			`// without limitation the rights to use, copy, modify, merge, publish,`
			`// distribute, sublicense, and/or sell copies of the Software, and to`
			`// permit persons to whom the Software is furnished to do so, subject to`
			`// the following conditions:`
			`//`
			`// The above copyright notice and this permission notice shall be`
			`// included in all copies or substantial portions of the Software.`
			`//`
			`// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,`
			`// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF`
			`// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND`
			`// NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE`
			`// LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION`
			`// OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION`
			`// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.`
			`//`

			`using System.Collections.Generic;`

			`namespace System.Security.AccessControl`
			`{`
			`public abstract class CommonObjectSecurity : ObjectSecurity`
			`{`
			`protected CommonObjectSecurity (bool isContainer)`
			`: base (isContainer, false)`
			`{`
			`}`

			`internal CommonObjectSecurity (CommonSecurityDescriptor securityDescriptor)`
			`: base (securityDescriptor)`
			`{`
			`}`

			`public AuthorizationRuleCollection GetAccessRules (bool includeExplicit, bool includeInherited, Type targetType)`
			`{`
			`return InternalGetAccessRules (includeExplicit, includeInherited, targetType);`
			`}`

			`public AuthorizationRuleCollection GetAuditRules (bool includeExplicit, bool includeInherited, Type targetType)`
			`{`
			`return InternalGetAuditRules (includeExplicit, includeInherited, targetType);`
			`}`

			`protected void AddAccessRule (AccessRule rule)`
			`{`
			`bool modified;`
			`ModifyAccess (AccessControlModification.Add, rule, out modified);`
			`}`

			`protected bool RemoveAccessRule (AccessRule rule)`
			`{`
			`bool modified;`
			`return ModifyAccess (AccessControlModification.Remove, rule, out modified);`
			`}`

			`protected void RemoveAccessRuleAll (AccessRule rule)`
			`{`
			`bool modified;`
			`ModifyAccess (AccessControlModification.RemoveAll, rule, out modified);`
			`}`

			`protected void RemoveAccessRuleSpecific (AccessRule rule)`
			`{`
			`bool modified;`
			`ModifyAccess (AccessControlModification.RemoveSpecific, rule, out modified);`
			`}`

			`protected void ResetAccessRule (AccessRule rule)`
			`{`
			`bool modified;`
			`ModifyAccess (AccessControlModification.Reset, rule, out modified);`
			`}`

			`protected void SetAccessRule (AccessRule rule)`
			`{`
			`bool modified;`
			`ModifyAccess (AccessControlModification.Set, rule, out modified);`
			`}`

			`protected override bool ModifyAccess (AccessControlModification modification, AccessRule rule, out bool modified)`
			`{`
			`if (null == rule)`
			`throw new ArgumentNullException ("rule");`

			`modified = true;`

			`WriteLock ();`
			`try {`
			`switch (modification) {`
			`case AccessControlModification.Add:`
			`descriptor.DiscretionaryAcl.AddAccess (rule.AccessControlType,`
			`SidFromIR (rule.IdentityReference),`
			`rule.AccessMask,`
			`rule.InheritanceFlags,`
			`rule.PropagationFlags);`
			`break;`
			`case AccessControlModification.Set:`
			`descriptor.DiscretionaryAcl.SetAccess (rule.AccessControlType,`
			`SidFromIR (rule.IdentityReference),`
			`rule.AccessMask,`
			`rule.InheritanceFlags,`
			`rule.PropagationFlags);`
			`break;`
			`case AccessControlModification.Reset:`
			`PurgeAccessRules (rule.IdentityReference);`
			`goto case AccessControlModification.Add;`
			`case AccessControlModification.Remove:`
			`modified = descriptor.DiscretionaryAcl.RemoveAccess (rule.AccessControlType,`
			`SidFromIR (rule.IdentityReference),`
			`rule.AccessMask,`
			`rule.InheritanceFlags,`
			`rule.PropagationFlags);`
			`break;`
			`case AccessControlModification.RemoveAll:`
			`PurgeAccessRules (rule.IdentityReference);`
			`break;`
			`case AccessControlModification.RemoveSpecific:`
			`descriptor.DiscretionaryAcl.RemoveAccessSpecific (rule.AccessControlType,`
			`SidFromIR (rule.IdentityReference),`
			`rule.AccessMask,`
			`rule.InheritanceFlags,`
			`rule.PropagationFlags);`
			`break;`
			`default:`
			`throw new ArgumentOutOfRangeException ("modification");`
			`}`

			`if (modified) AccessRulesModified = true;`
			`} finally {`
			`WriteUnlock ();`
			`}`

			`return modified;`
			`}`

			`protected void AddAuditRule (AuditRule rule)`
			`{`
			`bool modified;`
			`ModifyAudit (AccessControlModification.Add, rule, out modified);`
			`}`

			`protected bool RemoveAuditRule (AuditRule rule)`
			`{`
			`bool modified;`
			`return ModifyAudit (AccessControlModification.Remove, rule, out modified);`
			`}`

			`protected void RemoveAuditRuleAll (AuditRule rule)`
			`{`
			`bool modified;`
			`ModifyAudit (AccessControlModification.RemoveAll, rule, out modified);`
			`}`

			`protected void RemoveAuditRuleSpecific (AuditRule rule)`
			`{`
			`bool modified;`
			`ModifyAudit (AccessControlModification.RemoveSpecific, rule, out modified);`
			`}`

			`protected void SetAuditRule (AuditRule rule)`
			`{`
			`bool modified;`
			`ModifyAudit (AccessControlModification.Set, rule, out modified);`
			`}`

			`protected override bool ModifyAudit (AccessControlModification modification, AuditRule rule, out bool modified)`
			`{`
			`if (null == rule)`
			`throw new ArgumentNullException ("rule");`

			`modified = true;`

			`WriteLock ();`
			`try {`
			`switch (modification) {`
			`case AccessControlModification.Add:`
			`if (null == descriptor.SystemAcl)`
			`descriptor.SystemAcl = new SystemAcl (IsContainer, IsDS, 1);`

			`descriptor.SystemAcl.AddAudit (rule.AuditFlags,`
			`SidFromIR (rule.IdentityReference),`
			`rule.AccessMask,`
			`rule.InheritanceFlags,`
			`rule.PropagationFlags);`
			`break;`
			`case AccessControlModification.Set:`
			`if (null == descriptor.SystemAcl)`
			`descriptor.SystemAcl = new SystemAcl (IsContainer, IsDS, 1);`

			`descriptor.SystemAcl.SetAudit (rule.AuditFlags,`
			`SidFromIR (rule.IdentityReference),`
			`rule.AccessMask,`
			`rule.InheritanceFlags,`
			`rule.PropagationFlags);`
			`break;`
			`case AccessControlModification.Reset:`
			`break;`
			`case AccessControlModification.Remove:`
			`if (null == descriptor.SystemAcl)`
			`modified = false;`
			`else`
			`modified = descriptor.SystemAcl.RemoveAudit (rule.AuditFlags,`
			`SidFromIR (rule.IdentityReference),`
			`rule.AccessMask,`
			`rule.InheritanceFlags,`
			`rule.PropagationFlags);`
			`break;`
			`case AccessControlModification.RemoveAll:`
			`PurgeAuditRules (rule.IdentityReference);`
			`break;`
			`case AccessControlModification.RemoveSpecific:`
			`if (null != descriptor.SystemAcl)`
			`descriptor.SystemAcl.RemoveAuditSpecific (rule.AuditFlags,`
			`SidFromIR (rule.IdentityReference),`
			`rule.AccessMask,`
			`rule.InheritanceFlags,`
			`rule.PropagationFlags);`
			`break;`
			`default:`
			`throw new ArgumentOutOfRangeException ("modification");`
			`}`

			`if (modified) AuditRulesModified = true;`
			`} finally {`
			`WriteUnlock ();`
			`}`

			`return modified;`
			`}`
			`}`
			`}`