Code:
/ DotNET / DotNET / 8.0 / untmp / WIN_WINDOWS / lh_tools_devdiv_wpf / Windows / wcp / TrustUi / MS / Internal / documents / RightsManagementUser.cs / 1 / RightsManagementUser.cs
//------------------------------------------------------------------------------ // //// Copyright (C) Microsoft Corporation. All rights reserved. // // // Description: // This class represents a RM user. // // History: // 09/28/05 - [....] created // //----------------------------------------------------------------------------- using System; using System.Security; using System.Security.Permissions; using System.Security.RightsManagement; using System.Windows.TrustUI; using MS.Internal.Permissions; namespace MS.Internal.Documents { ////// This class represents a user in the Rights Management system. /// ////// Class responsibilities: /// 1) This class suppresses the RightsManagementPermission by asserting /// for it and marking the respective methods SecurityCritical. /// 2) This class has factory methods to construct itself. /// /// ContentUser is used pervasively. The design was chosen to consolidate /// the asserts needed by RightsManagementProvider and simply require /// callers to be audited for not leaking the information. /// internal class RightsManagementUser : ContentUser { #region Constructors //----------------------------------------------------- // Constructors //----------------------------------------------------- ////// Creates a RightsManagementUser object. /// /// The name of the user /// The authentication type of the /// user ////// This calls the base class ContentUser's constructor, so it /// effectively demands RightsManagementPermission. /// private RightsManagementUser(string name, AuthenticationType authenticationType) : base(name, authenticationType) { } #endregion Constructors #region Public Methods //-------------------------------------------------------------------------- // Public Methods //------------------------------------------------------------------------- ////// Compute hash code. /// ///We are breaking encapsulation by caching the hash code. /// This is OK as long as no properties on the object can change, which /// is the case. We did this for performance reasons, as an assert is /// expensive and GetHashCode() is called somewhat frequently. /// ////// Critical /// 1) Asserts for RightsManagementPermission and returns a value from /// a call made under the assert. /// TreatAsSafe /// 1) We do not consider the hash code a critical value. /// [SecurityCritical, SecurityTreatAsSafe] public override int GetHashCode() { if (_hashCode == 0) { _rmPermission.Assert(); //BlessedAssert try { _hashCode = base.GetHashCode(); } finally { RightsManagementPermission.RevertAssert(); } } return _hashCode; } ////// Test for equality. /// ////// Critical /// 1) Asserts for RightsManagementPermission and returns a value from /// a call made under the assert. /// TreatAsSafe /// 1) We do not consider testing for equality a critical operation. /// [SecurityCritical, SecurityTreatAsSafe] public override bool Equals(object obj) { _rmPermission.Assert(); //BlessedAssert try { return base.Equals(obj); } finally { RightsManagementPermission.RevertAssert(); } } #endregion Public Methods #region Internal Methods //-------------------------------------------------------------------------- // Internal Methods //-------------------------------------------------------------------------- ////// Creates a RightsManagementUser object with the given name and /// authentication type. /// /// The user name /// The user authentication type /// ///A RightsManagementUser with the specified properties /// ////// Critical /// 1) Asserts for RightsManagementPermission and returns a value from /// a call made under the assert. /// [SecurityCritical] internal static RightsManagementUser CreateUser( string name, AuthenticationType authenticationType) { _rmPermission.Assert(); //BlessedAssert try { return new RightsManagementUser(name, authenticationType); } finally { RightsManagementPermission.RevertAssert(); } } ////// Creates a RightsManagementUser object from the given ContentUser /// object. /// /// The ContentUser to copy ///A RightsManagementUser that has the same properties as the /// user passed in as an argument ////// Critical /// 1) Asserts for RightsManagementPermission and returns a value from /// a call made under the assert. /// [SecurityCritical] internal static RightsManagementUser CreateUser(ContentUser user) { _rmPermission.Assert(); //BlessedAssert try { return new RightsManagementUser( user.Name, user.AuthenticationType); } finally { RightsManagementPermission.RevertAssert(); } } #endregion Internal Methods #region Internal Properties //------------------------------------------------------------------------- // Internal Properties //-------------------------------------------------------------------------- ////// Returns the authentication type of the user. /// ////// Critical /// 1) Asserts for RightsManagementPermission and returns a value from /// a call made under the assert. /// internal new AuthenticationType AuthenticationType { [SecurityCritical] get { _rmPermission.Assert(); //BlessedAssert try { return base.AuthenticationType; } finally { RightsManagementPermission.RevertAssert(); } } } ////// Fully qualified e-mail address of the user. /// ////// Critical /// 1) Asserts for RightsManagementPermission and returns a value from /// a call made under the assert. /// internal new string Name { [SecurityCritical] get { string name = string.Empty; // Determine if the current RightsManagementUser represents the AnyoneUser. if (AnyoneRightsManagementUser.Equals(this)) { // Since this is the AnyoneUser return the localized representation for the name. name = SR.Get(SRID.RMPublishingAnyoneUserDisplay); } else { _rmPermission.Assert(); //BlessedAssert try { // Since this is not the AnyoneUser, use name from the RightsManagementUser. name = base.Name; } finally { RightsManagementPermission.RevertAssert(); } } return name; } } ////// Returns an instance of the User class that identifyes "Anyone" persona. /// This user has authentication type "Internal" and Name "Anyone". /// If this such user was granted rights dutring publishing; server will issue Use License /// to anyone who requests one, but it will be attached to the requesting user. /// ////// Critical /// 1) Asserts for RightsManagementPermission and returns a value from /// a call made under the assert. /// TreatAsSafe /// 1) The AnyoneUser object is a known constant. Also, accessing any /// fields on the returned object will require an assert. /// internal new static ContentUser AnyoneUser { [SecurityCritical, SecurityTreatAsSafe] get { _rmPermission.Assert(); //BlessedAssert try { return ContentUser.AnyoneUser; } finally { RightsManagementPermission.RevertAssert(); } } } ////// Returns an instance of the RightsManagementUser class corresponding /// to ContentUser.AnyoneUser. /// ////// Critical /// 1) Calls critical method CreateUser /// 2) Sets critical for set variable _anyoneUserInstance /// TreatAsSafe /// 1) The user created contains no critical data, since it simply /// represents the Anyone user which is a known constant. /// 2) _anyoneUserInstance is set to the appropriate value, a user /// object created from the AnyoneUser. /// internal static RightsManagementUser AnyoneRightsManagementUser { [SecurityCritical, SecurityTreatAsSafe] get { if (_anyoneUserInstance.Value == null) { _anyoneUserInstance.Value = CreateUser(AnyoneUser); } return _anyoneUserInstance.Value; } } #endregion Internal Properties #region Private Fields //------------------------------------------------------------------------- // Private Fields //------------------------------------------------------------------------- ////// Critical /// 1) Creation of the permission is critical as the code will be /// asserting for it and we do not want it replaced without review. /// TreatAsSafe /// 1) Future reviewers, this value should only ever represent /// RightsManagementPermission. It should not be changed without /// reviewing all uses of it in the class. (This is safe because it�s /// being reviewed.) /// [SecurityCritical, SecurityTreatAsSafe] private static RightsManagementPermission _rmPermission = new RightsManagementPermission(); ////// The Anyone user as a RightsManagementUser. /// ////// Critical for set /// 1) We make security decisions (e.g. determining whether a user is /// the Anyone user) using this variable. /// private static SecurityCriticalDataForSet_anyoneUserInstance; private int _hashCode; #endregion Private Fields } } // File provided for Reference Use Only by Microsoft Corporation (c) 2007. // Copyright (c) Microsoft Corporation. All rights reserved.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- InitialServerConnectionReader.cs
- SmiSettersStream.cs
- ColumnResizeAdorner.cs
- Color.cs
- GridLengthConverter.cs
- VisualTreeUtils.cs
- DataGridDesigner.cs
- ConsumerConnectionPoint.cs
- DirectoryObjectSecurity.cs
- MachineKeyConverter.cs
- WebDisplayNameAttribute.cs
- StreamWriter.cs
- ComponentResourceManager.cs
- DesignOnlyAttribute.cs
- FunctionParameter.cs
- XmlConvert.cs
- InteropTrackingRecord.cs
- ScriptRegistrationManager.cs
- Empty.cs
- Activity.cs
- CommonProperties.cs
- DateTimeOffsetStorage.cs
- WindowsFormsHelpers.cs
- EncoderFallback.cs
- HtmlTableRowCollection.cs
- PagedDataSource.cs
- ProjectionPruner.cs
- EmptyEnumerator.cs
- TypeDelegator.cs
- RequestCacheEntry.cs
- AssemblyBuilder.cs
- ConfigurationCollectionAttribute.cs
- ComplexBindingPropertiesAttribute.cs
- SelectorAutomationPeer.cs
- NotSupportedException.cs
- EditorZone.cs
- DbConnectionPoolGroup.cs
- RefreshEventArgs.cs
- StorageEndPropertyMapping.cs
- path.cs
- CodeDomLoader.cs
- TabletCollection.cs
- CheckBox.cs
- CopyCodeAction.cs
- DesignerFrame.cs
- XmlSortKeyAccumulator.cs
- XmlTypeMapping.cs
- WhitespaceRuleLookup.cs
- AspProxy.cs
- odbcmetadatacollectionnames.cs
- InputLanguageCollection.cs
- ToolBar.cs
- PackageDigitalSignature.cs
- ConfigurationManagerHelperFactory.cs
- RectangleHotSpot.cs
- ObjectDataSourceDisposingEventArgs.cs
- XamlSerializerUtil.cs
- RelatedCurrencyManager.cs
- ISFClipboardData.cs
- PropertyConverter.cs
- ReadOnlyNameValueCollection.cs
- CompilerLocalReference.cs
- EntityDataSourceSelectingEventArgs.cs
- WebPartCatalogCloseVerb.cs
- NameValuePair.cs
- LineBreak.cs
- HttpHeaderCollection.cs
- XmlArrayItemAttributes.cs
- ArgumentOutOfRangeException.cs
- _AutoWebProxyScriptEngine.cs
- ITextView.cs
- KeyConverter.cs
- FormsAuthentication.cs
- PartBasedPackageProperties.cs
- ObjectSet.cs
- SqlXmlStorage.cs
- DataPagerCommandEventArgs.cs
- HtmlElementErrorEventArgs.cs
- IsolationInterop.cs
- SecurityBindingElement.cs
- InputLangChangeRequestEvent.cs
- _Rfc2616CacheValidators.cs
- FileFormatException.cs
- RawStylusSystemGestureInputReport.cs
- RenamedEventArgs.cs
- UInt16Converter.cs
- XamlTypeMapper.cs
- DocumentViewerAutomationPeer.cs
- DocumentReferenceCollection.cs
- Logging.cs
- StringReader.cs
- counter.cs
- TimeoutHelper.cs
- ColorAnimationBase.cs
- CodeValidator.cs
- BaseAsyncResult.cs
- MultipleViewProviderWrapper.cs
- DbProviderSpecificTypePropertyAttribute.cs
- TextServicesCompartment.cs
- JobDuplex.cs