Type: System.Security.PermissionSet

System.Security.PermissionSet Class

Assembly: Mscorlib.dll
Namespace: System.Security

Summary: Represents a collection that can contain many different types of permissions.

C# Syntax:

[Serializable]
public class PermissionSet : ISecurityEncodable, ICollection, IEnumerable, IStackWalk, IDeserializationCallback

Remarks

You can use PermissionSet to perform operations on several different permissions as a group.

See also:

System.Security Namespace

System.Security.PermissionSet Member List:

Public Constructors

ctor #1	Overloaded: `.ctor(PermissionSet permSet)` Initializes a new instance of the PermissionSet class with initial values taken from the permSet parameter.
ctor #2	Overloaded: `.ctor(PermissionState state)` Initializes a new instance of the PermissionSet class with the specified PermissionState.

Public Properties

Count	Read-only Gets the number of permission objects contained in the permission set.
IsReadOnly	Read-only Gets a value indicating whether the collection is read-only.
IsSynchronized	Read-only Gets a value indicating whether the collection is guaranteed to be thread safe.
SyncRoot	Read-only Gets the root object of the current collection.

Public Methods

AddPermission	Adds a specified permission to the PermissionSet.
Assert	Asserts that the calling code can access the resource contained in the set through the code that calls this method, even if callers higher in the stack have not been granted permission to access the resource.
ContainsNonCodeAccessPermissions	Gets a value indicating whether the PermissionSet contains permissions that are not derived from CodeAccessPermission.
ConvertPermissionSet	This method is for internal use only.
Copy	Creates a copy of the PermissionSet.
CopyTo	Copies the permission objects of the set to the indicated location in an Array.
Demand	Forces a SecurityException at run time if all callers higher in the call stack have not been granted the permissions specified by the current instance.
Deny	Causes any PermissionSet.Demand that passes through the calling code for a permission that has an intersection with a permission of a type contained in the current PermissionSet to fail.
Equals (inherited from System.Object)	See base class member description: System.Object.Equals Derived from System.Object, the primary base class for all objects.
FromXml	Reconstructs a security object with a specified state from an XML encoding.
GetEnumerator	Returns an enumerator for the permissions of the set.
GetHashCode (inherited from System.Object)	See base class member description: System.Object.GetHashCode Derived from System.Object, the primary base class for all objects.
GetPermission	Gets a permission object of the specified type, if it exists in the set.
GetType (inherited from System.Object)	See base class member description: System.Object.GetType Derived from System.Object, the primary base class for all objects.
Intersect	Creates and returns a permission that is the intersection of the current PermissionSet and the specified PermissionSet.
IsEmpty	Gets a value indicating whether the PermissionSet is empty.
IsSubsetOf	Determines whether the current PermissionSet is a subset of the specified PermissionSet.
IsUnrestricted	Determines whether the PermissionSet is Unrestricted.
PermitOnly	Causes any PermissionSet.Demand that passes through the calling code for any PermissionSet that is not a subset of the current PermissionSet to fail.
RemovePermission	Removes a permission of a certain type from the set.
SetPermission	Sets a permission to the PermissionSet, replacing any existing permission of the same type.
ToString	Overridden: Returns a string representation of the PermissionSet.
ToXml	Creates an XML encoding of the security object and its current state.
Union	Creates a PermissionSet that is the union of the current PermissionSet and the specified PermissionSet.

Protected Methods

Finalize (inherited from System.Object)	See base class member description: System.Object.Finalize Derived from System.Object, the primary base class for all objects.
MemberwiseClone (inherited from System.Object)	See base class member description: System.Object.MemberwiseClone Derived from System.Object, the primary base class for all objects.

Hierarchy:

System.Object

System.Security.PermissionSet
- System.Security.NamedPermissionSet

System.Security.PermissionSet Member Details

Overloaded ctor #1

Summary: Initializes a new instance of the PermissionSet class with initial values taken from the permSet parameter.

C# Syntax:


            public PermissionSet(PermissionSet(
   PermissionSet permSet
);

Parameters:

permSet

The PermissionSet from which to take the value of the new PermissionSet, or null to create an empty PermissionSet.

Exceptions

Exception Type	Condition
ArgumentException	The permSet parameter is not null and is not a PermissionSet object.

Remarks

The new PermissionSet contains copies of the permissions contained in the specified PermissionSet.

Note This is equivalent to PermissionSet.Copy when the permSet parameter is not null.

Return to top

Overloaded ctor #2

Summary: Initializes a new instance of the PermissionSet class with the specified PermissionState.

C# Syntax:


            public PermissionSet(
   PermissionState state
);

Parameters:

state

One of the PermissionState values.

Exceptions

Exception Type	Condition
ArgumentException	The state parameter is not a valid PermissionState.

Remarks

The Unrestricted state allows all permissions that implement the IUnrestrictedPermission interface, while None allows no permissions.

Use PermissionSet.AddPermission on an empty PermissionSet to define the set in greater detail.

Return to top

Property: Count (read-only)

Summary: Gets the number of permission objects contained in the permission set.

C# Syntax:


            public virtual int Count {get;}

Implements:: ICollection.Count

Remarks

In the None or Unrestricted state this returns zero, because no actual permission object instances are used.

Return to top

Property: IsReadOnly (read-only)

Summary: Gets a value indicating whether the collection is read-only.

C# Syntax:


            public virtual bool IsReadOnly {get;}

Remarks

A PermissionSet cannot be read-only, so this property is always false.

Return to top

Property: IsSynchronized (read-only)

Summary: Gets a value indicating whether the collection is guaranteed to be thread safe.

C# Syntax:


            public virtual bool IsSynchronized {get;}

Implements:: ICollection.IsSynchronized

Remarks

PermissionSet does not automatically handle thread safety, so this property is always false.

This method is required to support ICollection.

Return to top

Property: SyncRoot (read-only)

Summary: Gets the root object of the current collection.

C# Syntax:


            public virtual object SyncRoot {get;}

Implements:: ICollection.SyncRoot

Remarks

This method is required to support ICollection.

Exception Type	Condition
ArgumentException	The perm parameter is not a permission object.

If a permission of the same type as the added permission already exists in the PermissionSet, the new permission is the union of the existing permission object and the specified permission object. For example, if a permission that implements IUnrestrictedPermission is added to an PermissionState.Unrestricted PermissionSet, the resulting union is the original Unrestricted PermissionSet.

Return to top

Method: Assert()

Summary: Asserts that the calling code can access the resource contained in the set through the code that calls this method, even if callers higher in the stack have not been granted permission to access the resource.

C# Syntax:


            public virtual void Assert();

Exceptions

Exception Type	Condition
SecurityException	The PermissionSet instance asserted has not been granted to the asserting code.

Implements:: IStackWalk.Assert

Remarks

This is the only way to assert multiple permissions at the same time within a frame because only one PermissionSet.Assert can be active on a frame. PermissionSet.Assert is only effective for granted permissions.

See also:
MSDN: assert

Return to top

Method: ContainsNonCodeAccessPermissions()

Summary: Gets a value indicating whether the PermissionSet contains permissions that are not derived from CodeAccessPermission.

C# Syntax:


            public bool ContainsNonCodeAccessPermissions();

Return Value:: true if the PermissionSet contains permissions that are not derived from CodeAccessPermission; otherwise, false.

Return to top

Method: ConvertPermissionSet(
   string inFormat,
   byte[] inData,
   string outFormat
)

Summary: This method is for internal use only.

This type supports the Shared Source CLI infrastructure and is not intended to be used directly from your code.

C# Syntax:


            public static byte[] ConvertPermissionSet(
   string inFormat,
   byte[] inData,
   string outFormat
);

Parameters:

inFormat

(internal)

inData

(internal)

outFormat

(internal)

Return Value:: An encryption of the PermissionSet with the specified format.

Remarks

The method is used internally, and is not for use by application code.

Return to top

Method: Copy()

Summary: Creates a copy of the PermissionSet.

C# Syntax:


            public virtual PermissionSet Copy();

Return Value:: A copy of the PermissionSet.

Remarks

A copy of a PermissionSet represents the same access to resources as the original object. Changes made to the copy do not affect the original permission set.

Return to top

Method: CopyTo(
Array array,
int index
)

Summary: Copies the permission objects of the set to the indicated location in an Array.

C# Syntax:


            public virtual void CopyTo(
   Array array,
   int index
);

Parameters:

array

The target array to which to copy.

index

The starting position in the array to begin copying (zero based).

Exceptions

Exception Type	Condition
ArgumentException	The index parameter is out of the range of the array parameter.
ArgumentNullException	The array parameter is null.

Implements:: ICollection.CopyTo

Return to top

Method: Demand()

Summary: Forces a SecurityException at run time if all callers higher in the call stack have not been granted the permissions specified by the current instance.

C# Syntax:


            public virtual void Demand();

Exceptions

Exception Type	Condition
SecurityException	A caller in the call chain does not have the permission demanded.

Implements:: IStackWalk.Demand

Remarks

Use PermissionSet.Demand on a PermissionSet to ensure that all callers have all permissions in the set with one operation.

The permissions of the code that calls this method are not examined; the check begins from the immediate caller of that code and proceeds up the stack. The call stack is typically represented as growing down, so that methods higher in the call stack call methods lower in the call stack. PermissionSet.Demand succeeds only if no SecurityException is thrown.

If the PermissionSet contains permissions that do not inherit from CodeAccessPermission, the Demand methods of those permissions are called as well.

See also:
MSDN: makingsecuritydemands

Return to top

Method: Deny()

Summary: Causes any PermissionSet.Demand that passes through the calling code for a permission that has an intersection with a permission of a type contained in the current PermissionSet to fail.

C# Syntax:


            public virtual void Deny();

Implements:: IStackWalk.Deny

Remarks

This method prevents callers higher in the call stack from accessing the protected resource through the code that calls this method, even if those callers have been granted permission to access it. The call stack is typically represented as growing down, so that methods higher in the call stack call methods lower in the call stack.

PermissionSet.Deny can limit the liability of the programmer or prevent accidental security vulnerabilities because it prevents the method that calls PermissionSet.Deny from being used to access the resource protected by the denied permission. If a method calls PermissionSet.Deny on a permission, and if a PermissionSet.Demand for that permission is invoked by a caller lower in the call stack, that security check fails when it reaches the PermissionSet.Deny.

PermissionSet.Deny is ignored for a permission that is not granted because a demand for that permission cannot succeed.

See also:
MSDN: deny | MSDN: overridingsecuritychecks

Return to top

Method: Equals(
object obj
)

Inherited
See base class member description: System.Object.Equals

C# Syntax:


            public virtual bool Equals(
   object obj
);

For more information on members inherited from System.Object click on the link above.

Return to top

Method: Finalize()

Inherited
See base class member description: System.Object.Finalize

C# Syntax:


            ~PermissionSet();

For more information on members inherited from System.Object click on the link above.

Return to top

Method: FromXml(
SecurityElement et
)

Summary: Reconstructs a security object with a specified state from an XML encoding.

C# Syntax:


            public virtual void FromXml(
   SecurityElement et
);

Parameters:

The XML encoding to use to reconstruct the security object.

Implements:: ISecurityEncodable.FromXml

Return to top

Method: GetEnumerator()

Summary: Returns an enumerator for the permissions of the set.

C# Syntax:


            public virtual IEnumerator GetEnumerator();

Return Value:: An enumerator object for the permissions of the set.

Implements:: IEnumerable.GetEnumerator

Remarks

Use the enumerator as an index to access individual permission objects in the set.

Return to top

Method: GetHashCode()

Inherited
See base class member description: System.Object.GetHashCode

C# Syntax:


            public virtual int GetHashCode();

For more information on members inherited from System.Object click on the link above.

Return to top

Method: GetPermission(
Type permClass
)

Summary: Gets a permission object of the specified type, if it exists in the set.

C# Syntax:


            public virtual IPermission GetPermission(
   Type permClass
);

Parameters:

permClass

The Type of the desired permission object.

Return Value:: A copy of the permission object of the type specified by the permClass parameter contained in the PermissionSet, or null if none exists.

Remarks

The method returns null for an Unrestricted PermissionSet. Although an Unrestricted PermissionSet effectively contains all permissions, it does not have any actual instances to return.

Return to top

Method: GetType()

Inherited
See base class member description: System.Object.GetType

C# Syntax:


            public Type GetType();

For more information on members inherited from System.Object click on the link above.

Return to top

Method: Intersect(
PermissionSet other
)

Summary: Creates and returns a permission that is the intersection of the current PermissionSet and the specified PermissionSet.

C# Syntax:


            public virtual PermissionSet Intersect(
   PermissionSet other
);

Parameters:

other

A PermissionSet to intersect with the current PermissionSet.

Return Value:: A new PermissionSet that represents the intersection of the current PermissionSet and the specified target. This object is null if the intersection is empty.

Remarks

The intersection of two permission sets is a permission set that describes the set of operations they both describe in common. Specifically, it represents the minimum permissions such that any demand that passes both permission sets also passes their intersection.

For each type of permission that is present in both sets, the two instances of those permissions are intersected using the permission's Intersect method; the resulting permission is included in the resulting PermissionSet. Permission types that exist in only one of the two sets are excluded from the resulting set.

Return to top

Method: IsEmpty()

Summary: Gets a value indicating whether the PermissionSet is empty.

C# Syntax:


            public virtual bool IsEmpty();

Return Value:: true if the PermissionSet is empty; otherwise, false.

Remarks

A PermissionSet can be empty and yet contain instances of permissions if those permissions are in the fully-restricted state. Permissions are in a fully restricted state if their IsSubsetOf methods return true when null is passed as a parameter.

Return to top

Method: IsSubsetOf(
PermissionSet target
)

Summary: Determines whether the current PermissionSet is a subset of the specified PermissionSet.

C# Syntax:


            public virtual bool IsSubsetOf(
   PermissionSet target
);

Parameters:

target

A PermissionSet to test for the subset relationship. This must be either a PermissionSet or a NamedPermissionSet.

Return Value:: true if the current PermissionSet is a subset of the target parameter; otherwise, false.

Remarks

A PermissionSet is a subset of the target PermissionSet if all demands that succeed for the PermissionSet also succeed for the target. That is, the target contains at least the permissions contained in the subset.

Return to top

Method: IsUnrestricted()

Summary: Determines whether the PermissionSet is Unrestricted.

C# Syntax:


            public virtual bool IsUnrestricted();

Return Value:: true if the PermissionSet is Unrestricted; otherwise, false.

Remarks

An Unrestricted PermissionSet effectively contains all permissions that implement the IUnrestrictedPermission interface.

Return to top

Method: MemberwiseClone()

Inherited
See base class member description: System.Object.MemberwiseClone

C# Syntax:


            protected object MemberwiseClone();

For more information on members inherited from System.Object click on the link above.

Return to top

Method: PermitOnly()

Summary: Causes any PermissionSet.Demand that passes through the calling code for any PermissionSet that is not a subset of the current PermissionSet to fail.

C# Syntax:


            public virtual void PermitOnly();

Implements:: IStackWalk.PermitOnly

Remarks

PermissionSet.PermitOnly is similar to PermissionSet.Deny, in that both cause stack walks to fail when they would otherwise succeed. The difference is that PermissionSet.Deny specifies permissions that will cause the stack walk to fail, but PermissionSet.PermitOnly specifies the only permissions that do not cause the stack walk to fail. Call this method to ensure that your code can be used to access only the specified resources.

PermissionSet.PermitOnly is ignored for a permission not granted because a demand for that permission cannot succeed. However, if code lower on the call stack later calls PermissionSet.Demand for that permission, a SecurityException is thrown when the stack walk reaches the code that tried to call PermissionSet.PermitOnly. This is because the code that called PermissionSet.PermitOnly has not been granted the permission, even though it called PermissionSet.PermitOnly for that permission. The call stack is typically represented as growing down, so that methods higher in the call stack call methods lower in the call stack.

See also:
MSDN: permitonly | MSDN: overridingsecuritychecks

Return to top

Method: RemovePermission(
Type permClass
)

Summary: Removes a permission of a certain type from the set.

C# Syntax:


            public virtual IPermission RemovePermission(
   Type permClass
);

Parameters:

permClass

The Type of permission to delete.

Return Value:: The permission removed from the set.

Return to top

Method: SetPermission(
IPermission perm
)

Summary: Sets a permission to the PermissionSet, replacing any existing permission of the same type.

C# Syntax:


            public virtual IPermission SetPermission(
   IPermission perm
);

Parameters:

perm

The permission to set.

Return Value:: The set permission.

Remarks

This method removes any existing permission object of the same type from the PermissionSet and replaces it with the perm parameter. If a permission that implements IUnrestrictedPermission is set on a PermissionSet that is PermissionState.Unrestricted, the resulting PermissionSet is no longer Unrestricted.

Return to top

Overridden Method: ToString()

Summary: Returns a string representation of the PermissionSet.

C# Syntax:


            public override string ToString();

Return Value:: A representation of the PermissionSet.

Remarks

The string representation is useful in debugging to see the state of a PermissionSet.

Return to top

Method: ToXml()

Summary: Creates an XML encoding of the security object and its current state.

C# Syntax:


            public virtual SecurityElement ToXml();

Return Value:: An XML encoding of the security object, including any state information.

Implements:: ISecurityEncodable.ToXml

Return to top

Method: Union(
PermissionSet other
)

Summary: Creates a PermissionSet that is the union of the current PermissionSet and the specified PermissionSet.

C# Syntax:


            public virtual PermissionSet Union(
   PermissionSet other
);

Parameters:

other

A PermissionSet to form the union with the current PermissionSet.

Return Value:: A new PermissionSet that represents the union of the current PermissionSet and the specified PermissionSet.

Remarks

The result of a call to PermissionSet.Union is a PermissionSet that represents all the operations represented by the current PermissionSet as well as all the operations represented by the specified PermissionSet. If either set is Unrestricted, the union is Unrestricted as well.