CodeAccessPermission.PermitOnly Method


防止处于调用堆栈较高位置的调用函数使用此代码,此代码将调用此方法来访问除当前实例指定的资源以外的所有资源。Prevents callers higher in the call stack from using the code that calls this method to access all resources except for the resource specified by the current instance.

 virtual void PermitOnly();
 void PermitOnly();
public void PermitOnly ();
public void PermitOnly ();
abstract member PermitOnly : unit -> unit
override this.PermitOnly : unit -> unit
member this.PermitOnly : unit -> unit
Public Sub PermitOnly ()




已存在一个用于当前帧的活动的 PermitOnly()There is already an active PermitOnly() for the current frame.



应仅使用 PermitOnly 方法来防止完全受信任的代码意外访问资源。The PermitOnly method should be used only to protect resources from accidental access by fully trusted code. 不应使用它来防止不受信任的代码有意滥用资源。It should not be used to protect resources from intentional misuse by untrusted code. 例如,如果方法 A 为权限发出 PermitOnly,然后调用方法 B,则方法 B 可以通过发出 PermitOnly 来 overtly 重写 AssertFor example, if method A issues a PermitOnly for a permission and then calls method B, method B can overtly override the PermitOnly by issuing an Assert. 调用的方法在堆栈中始终更高。The called method is always higher in the stack. 因此,如果方法 B 尝试访问受保护的资源,则安全系统会开始检查其权限,因为方法 B 是直接调用方,然后向下遍历堆栈,以确认堆栈中没有 DenyPermitOnly 低于。Therefore, if method B tries to access a protected resource, the security system begins checking for permissions with it because method B is the immediate caller, and then walks down the stack to confirm that there is no Deny or PermitOnly lower in the stack. 尝试访问资源的方法 B可通过使用 Assert 方法立即停止堆栈遍历。Method B, which is trying to access the resource, can stop the stack walk immediately by using the Assert method. 在这种情况下,永远不会发现通过方法 A (调用方法)放置在堆栈上的 PermitOnlyIn that case, the PermitOnly placed on the stack by method A (the calling method) is never discovered.

PermitOnly 类似于 Deny,因为在这两个情况下,堆栈遍历将会失败。PermitOnly is similar to Deny, in that both cause stack walks to fail when they would otherwise succeed. 不同之处在于 Deny 指定将导致堆栈遍历失败的权限,但 PermitOnly 指定不会导致堆栈遍历失败的唯一权限。The difference is that Deny specifies permissions that will cause the stack walk to fail, but PermitOnly specifies the only permissions that do not cause the stack walk to fail.

调用此方法以确保你的代码只能用于访问指定的资源。Call this method to ensure that your code can be used to access only the specified resources. PermitOnly 的调用在调用代码返回到其调用方之前有效。The call to PermitOnly is effective until the calling code returns to its caller. 帧上只有一个 PermitOnly 可以处于活动状态。Only one PermitOnly can be active on a frame. 当帧上存在活动 PermitOnly 导致 SecurityException时,尝试调用 PermitOnlyAn attempt to call PermitOnly when an active PermitOnly exists on the frame results in a SecurityException. 调用 RevertPermitOnlyRevertAll 以删除活动 PermitOnlyCall RevertPermitOnly or RevertAll to remove an active PermitOnly.

对于未授予的权限,将忽略 PermitOnly,因为对该权限的请求将不会成功。PermitOnly is ignored for a permission not granted because a demand for that permission will not succeed. 但是,如果调用堆栈上的代码越小,稍后将对该权限调用 Demand,当堆栈遍历到达尝试调用 PermitOnly的代码时,将引发 SecurityExceptionHowever, if code lower on the call stack later calls Demand for that permission, a SecurityException is thrown when the stack walk reaches the code that tried to call PermitOnly. 这是因为未授予调用 PermitOnly 的代码的权限,即使该代码为该权限调用了 PermitOnlyThis is because the code that called PermitOnly has not been granted the permission, even though it called PermitOnly for that permission. 调用堆栈通常表示为向下增长,因此调用堆栈中较高位置的方法调用堆栈中较低的调用方法。The call stack is typically represented as growing down, so that methods higher in the call stack call methods lower in the call stack.

Notes to Inheritors

不能重写此方法。You cannot override this method.

Applies to