CodeAccessPermission 类
定义
注意
Code Access Security is not supported or honored by the runtime.
定义所有代码访问权限的基础结构。Defines the underlying structure of all code access permissions.
public ref class CodeAccessPermission abstract : System::Security::IPermission, System::Security::IStackWalkpublic abstract class CodeAccessPermission : System.Security.IPermission, System.Security.IStackWalk[System.Obsolete("Code Access Security is not supported or honored by the runtime.", DiagnosticId="SYSLIB0003", UrlFormat="https://aka.ms/dotnet-warnings/{0}")]
public abstract class CodeAccessPermission : System.Security.IPermission, System.Security.IStackWalk[System.Serializable]
public abstract class CodeAccessPermission : System.Security.IPermission, System.Security.IStackWalk[System.Serializable]
[System.Runtime.InteropServices.ComVisible(true)]
public abstract class CodeAccessPermission : System.Security.IPermission, System.Security.IStackWalktype CodeAccessPermission = class
interface IPermission
interface ISecurityEncodable
interface IStackWalk[<System.Obsolete("Code Access Security is not supported or honored by the runtime.", DiagnosticId="SYSLIB0003", UrlFormat="https://aka.ms/dotnet-warnings/{0}")>]
type CodeAccessPermission = class
interface IPermission
interface ISecurityEncodable
interface IStackWalk[<System.Serializable>]
type CodeAccessPermission = class
interface IPermission
interface ISecurityEncodable
interface IStackWalk[<System.Serializable>]
[<System.Runtime.InteropServices.ComVisible(true)>]
type CodeAccessPermission = class
interface IPermission
interface ISecurityEncodable
interface IStackWalkPublic MustInherit Class CodeAccessPermission
Implements IPermission, IStackWalk- 继承
-
CodeAccessPermission
- 派生
- 属性
- 实现
示例
下面的代码示例演示一个派生自类的权限 CodeAccessPermission 。The following code example shows a permission derived from the CodeAccessPermission class.
//#define debug
// This custom permission is intended only for the purposes of illustration.
// The following code shows how to create a custom permission that inherits
// from CodeAccessPermission. The code implements all required overrides.
// A wildcard character ('*') is implemented for the Name property.
using namespace System;
using namespace System::Security;
using namespace System::Security::Permissions;
using namespace System::IO;
using namespace System::Security::Policy;
using namespace System::Collections;
using namespace System::Text;
[assembly:System::Reflection::AssemblyKeyFile("Key.snk")];
[assembly:System::Security::AllowPartiallyTrustedCallersAttribute];
[Serializable]
public ref class NameIdPermission: public CodeAccessPermission, public IUnrestrictedPermission
{
private:
String^ m_Name;
bool m_Unrestricted;
public:
NameIdPermission( String^ name )
{
m_Name = name;
}
NameIdPermission( PermissionState state )
{
if ( state == PermissionState::None )
{
m_Name = "";
}
else if ( state == PermissionState::Unrestricted )
{
throw gcnew ArgumentException( "Unrestricted state is not allowed for identity permissions." );
}
else
{
throw gcnew ArgumentException( "Invalid permission state." );
}
}
property String^ Name
{
String^ get()
{
return m_Name;
}
void set( String^ value )
{
m_Name = value;
}
}
public:
virtual IPermission^ Copy() override
{
String^ name = m_Name;
return gcnew NameIdPermission( name );
}
public:
virtual bool IsUnrestricted()
{
// Always false, unrestricted state is not allowed.
return m_Unrestricted;
}
private:
bool VerifyType( IPermission^ target )
{
return dynamic_cast<NameIdPermission^>(target) != nullptr;
}
public:
virtual bool IsSubsetOf( IPermission^ target ) override
{
#if ( debug )
Console::WriteLine( "************* Entering IsSubsetOf *********************" );
#endif
if ( target == nullptr )
{
Console::WriteLine( "IsSubsetOf: target == null" );
return false;
}
#if ( debug )
Console::WriteLine( "This is = {0}", ((NameIdPermission)this).Name );
Console::WriteLine( "Target is {0}", ((NameIdPermission)target).m_Name );
#endif
try
{
NameIdPermission^ operand = dynamic_cast<NameIdPermission^>(target);
// The following check for unrestricted permission is only included as an example for
// permissions that allow the unrestricted state. It is of no value for this permission.
if ( true == operand->m_Unrestricted )
{
return true;
}
else if ( true == this->m_Unrestricted )
{
return false;
}
if ( this->m_Name != nullptr )
{
if ( operand->m_Name == nullptr )
{
return false;
}
if ( this->m_Name->Equals( "" ) )
{
return true;
}
}
if ( this->m_Name->Equals( operand->m_Name ) )
{
return true;
}
else
{
// Check for wild card character '*'.
int i = operand->m_Name->LastIndexOf( "*" );
if ( i > 0 )
{
String^ prefix = operand->m_Name->Substring( 0, i );
if ( this->m_Name->StartsWith( prefix ) )
{
return true;
}
}
}
return false;
}
catch ( InvalidCastException^ )
{
throw gcnew ArgumentException( String::Format( "Argument_WrongType", this->GetType()->FullName ) );
}
}
public:
virtual IPermission^ Intersect( IPermission^ target ) override
{
Console::WriteLine( "************* Entering Intersect *********************" );
if ( target == nullptr )
{
return nullptr;
}
#if ( debug )
Console::WriteLine( "This is = {0}", ((NameIdPermission)this).Name );
Console::WriteLine( "Target is {0}", ((NameIdPermission)target).m_Name );
#endif
if ( !VerifyType( target ) )
{
throw gcnew ArgumentException( String::Format( "Argument is wrong type.", this->GetType()->FullName ) );
}
NameIdPermission^ operand = dynamic_cast<NameIdPermission^>(target);
if ( operand->IsSubsetOf( this ) )
{
return operand->Copy();
}
else if ( this->IsSubsetOf( operand ) )
{
return this->Copy();
}
else
{
return nullptr;
}
}
public:
virtual IPermission^ Union( IPermission^ target ) override
{
#if ( debug )
Console::WriteLine( "************* Entering Union *********************" );
#endif
if ( target == nullptr )
{
return this;
}
#if ( debug )
Console::WriteLine( "This is = {0}", ((NameIdPermission)this).Name );
Console::WriteLine( "Target is {0}", ((NameIdPermission)target).m_Name );
#endif
if ( !VerifyType( target ) )
{
throw gcnew ArgumentException( String::Format( "Argument_WrongType", this->GetType()->FullName ) );
}
NameIdPermission^ operand = dynamic_cast<NameIdPermission^>(target);
if ( operand->IsSubsetOf( this ) )
{
return this->Copy();
}
else if ( this->IsSubsetOf( operand ) )
{
return operand->Copy();
}
else
{
return nullptr;
}
}
public:
virtual void FromXml( SecurityElement^ e ) override
{
// The following code for unrestricted permission is only included as an example for
// permissions that allow the unrestricted state. It is of no value for this permission.
String^ elUnrestricted = e->Attribute("Unrestricted");
if ( nullptr != elUnrestricted )
{
m_Unrestricted = Boolean::Parse( elUnrestricted );
return;
}
String^ elName = e->Attribute("Name");
m_Name = elName == nullptr ? nullptr : elName;
}
public:
virtual SecurityElement^ ToXml() override
{
// Use the SecurityElement class to encode the permission to XML.
SecurityElement^ esd = gcnew SecurityElement( "IPermission" );
String^ name = NameIdPermission::typeid->AssemblyQualifiedName;
esd->AddAttribute( "class", name );
esd->AddAttribute( "version", "1.0" );
// The following code for unrestricted permission is only included as an example for
// permissions that allow the unrestricted state. It is of no value for this permission.
if ( m_Unrestricted )
{
esd->AddAttribute( "Unrestricted", true.ToString() );
}
if ( m_Name != nullptr )
{
esd->AddAttribute( "Name", m_Name );
}
return esd;
}
};
//#define debug
// This custom permission is intended only for the purposes of illustration.
// The following code shows how to create a custom permission that inherits
// from CodeAccessPermission. The code implements all required overrides.
// A wildcard character ('*') is implemented for the Name property.
using System;
using System.Security;
using System.Security.Permissions;
using System.IO;
using System.Security.Policy;
using System.Collections;
using System.Text;
[assembly:System.Reflection.AssemblyKeyFile("Key.snk")]
[assembly:System.Security.AllowPartiallyTrustedCallersAttribute()]
namespace MyPermission
{
[Serializable()] sealed public class NameIdPermission : CodeAccessPermission, IUnrestrictedPermission
{
private String m_Name;
private bool m_Unrestricted;
public NameIdPermission(String name)
{
m_Name = name;
}
public NameIdPermission(PermissionState state)
{
if (state == PermissionState.None)
{
m_Name = "";
}
else
if (state == PermissionState.Unrestricted)
{
throw new ArgumentException("Unrestricted state is not allowed for identity permissions.");
}
else
{
throw new ArgumentException("Invalid permission state.");
}
}
public String Name
{
set{m_Name = value;}
get{ return m_Name;}
}
public override IPermission Copy()
{
string name = m_Name;
return new NameIdPermission( name );
}
public bool IsUnrestricted()
{
// Always false, unrestricted state is not allowed.
return m_Unrestricted;
}
private bool VerifyType(IPermission target)
{
return (target is NameIdPermission);
}
public override bool IsSubsetOf(IPermission target)
{
#if(debug)
Console.WriteLine ("************* Entering IsSubsetOf *********************");
#endif
if (target == null)
{
Console.WriteLine ("IsSubsetOf: target == null");
return false;
}
#if(debug)
Console.WriteLine ("This is = " + (( NameIdPermission)this).Name);
Console.WriteLine ("Target is " + (( NameIdPermission)target).m_Name);
#endif
try
{
NameIdPermission operand = ( NameIdPermission)target;
// The following check for unrestricted permission is only included as an example for
// permissions that allow the unrestricted state. It is of no value for this permission.
if (true == operand.m_Unrestricted)
{
return true;
}
else if (true == this.m_Unrestricted)
{
return false;
}
if (this.m_Name != null)
{
if (operand.m_Name == null) return false;
if (this.m_Name == "") return true;
}
if (this.m_Name.Equals (operand.m_Name))
{
return true;
}
else
{
// Check for wild card character '*'.
int i = operand.m_Name.LastIndexOf ("*");
if (i > 0)
{
string prefix = operand.m_Name.Substring (0, i);
if (this.m_Name.StartsWith (prefix))
{
return true;
}
}
}
return false;
}
catch (InvalidCastException)
{
throw new ArgumentException (String.Format ("Argument_WrongType", this.GetType ().FullName));
}
}
public override IPermission Intersect(IPermission target)
{
Console.WriteLine ("************* Entering Intersect *********************");
if (target == null)
{
return null;
}
#if(debug)
Console.WriteLine ("This is = " + (( NameIdPermission)this).Name);
Console.WriteLine ("Target is " + (( NameIdPermission)target).m_Name);
#endif
if (!VerifyType(target))
{
throw new ArgumentException (String.Format ("Argument is wrong type.", this.GetType ().FullName));
}
NameIdPermission operand = ( NameIdPermission)target;
if (operand.IsSubsetOf (this)) return operand.Copy ();
else if (this.IsSubsetOf (operand)) return this.Copy ();
else
return null;
}
public override IPermission Union(IPermission target)
{
#if(debug)
Console.WriteLine ("************* Entering Union *********************");
#endif
if (target == null)
{
return this;
}
#if(debug)
Console.WriteLine ("This is = " + (( NameIdPermission)this).Name);
Console.WriteLine ("Target is " + (( NameIdPermission)target).m_Name);
#endif
if (!VerifyType(target))
{
throw new ArgumentException (String.Format ("Argument_WrongType", this.GetType ().FullName));
}
NameIdPermission operand = ( NameIdPermission)target;
if (operand.IsSubsetOf (this)) return this.Copy ();
else if (this.IsSubsetOf (operand)) return operand.Copy ();
else
return null;
}
public override void FromXml(SecurityElement e)
{
// The following code for unrestricted permission is only included as an example for
// permissions that allow the unrestricted state. It is of no value for this permission.
String elUnrestricted = e.Attribute("Unrestricted");
if (null != elUnrestricted)
{
m_Unrestricted = bool.Parse(elUnrestricted);
return;
}
String elName = e.Attribute( "Name" );
m_Name = elName == null ? null : elName;
}
public override SecurityElement ToXml()
{
// Use the SecurityElement class to encode the permission to XML.
SecurityElement esd = new SecurityElement("IPermission");
String name = typeof( NameIdPermission).AssemblyQualifiedName;
esd.AddAttribute("class", name);
esd.AddAttribute("version", "1.0");
// The following code for unrestricted permission is only included as an example for
// permissions that allow the unrestricted state. It is of no value for this permission.
if (m_Unrestricted)
{
esd.AddAttribute("Unrestricted", true.ToString());
}
if (m_Name != null) esd.AddAttribute( "Name", m_Name );
return esd;
}
}
}
' This custom permission is intended only for the purposes of illustration.
' The following code shows how to create a custom permission that inherits
' from CodeAccessPermission. The code implements all required overrides.
' A wildcard character ('*') is implemented for the Name property.
Imports System.Security
Imports System.Security.Permissions
Imports System.IO
Imports System.Security.Policy
Imports System.Collections
<assembly: System.Reflection.AssemblyKeyFile("Key.snk")>
<assembly: System.Security.AllowPartiallyTrustedCallersAttribute()>
Namespace MyPermission
<Serializable()> _
Public NotInheritable Class NameIdPermission
Inherits CodeAccessPermission
Implements IUnrestrictedPermission
Private m_Name As String
Private m_Unrestricted As Boolean
Public Sub New(ByVal name As String)
m_name = name
End Sub
Public Sub New(ByVal state As PermissionState)
If state = PermissionState.None Then
m_name = ""
ElseIf state = PermissionState.Unrestricted Then
Throw New ArgumentException("Unrestricted state is not allowed for identity permissions.")
Else
Throw New ArgumentException("Invalid permission state.")
End If
End Sub
Public Property Name() As String
Get
Return m_name
End Get
Set(ByVal Value As String)
m_name = Value
End Set
End Property
Public Overrides Function Copy() As IPermission
Dim name As String
name = m_name
Return New NameIdPermission(name)
End Function 'Copy
Public Function IsUnrestricted() As Boolean Implements IUnrestrictedPermission.IsUnrestricted
' Always false, unrestricted state is not allowed.
Return m_Unrestricted
End Function
Private Function VerifyType(ByVal target As IPermission) As Boolean
Return TypeOf target Is NameIdPermission
End Function 'VerifyType
Public Overrides Function IsSubsetOf(ByVal target As IPermission) As Boolean
#If (Debug) Then
Console.WriteLine("************* Entering IsSubsetOf *********************")
#End If
If target Is Nothing Then
Console.WriteLine("IsSubsetOf: target == null")
Return False
End If
#If (Debug) Then
Console.WriteLine(("This is = " + CType(Me, NameIdPermission).Name))
Console.WriteLine(("Target is " + CType(target, NameIdPermission).m_name))
#End If
Try
Dim operand As NameIdPermission = CType(target, NameIdPermission)
' The following check for unrestricted permission is only included as an example for
' permissions that allow the unrestricted state. It is of no value for this permission.
If True = operand.m_Unrestricted Then
Return True
ElseIf True = Me.m_Unrestricted Then
Return False
End If
If Not (Me.m_name Is Nothing) Then
If operand.m_name Is Nothing Then
Return False
End If
If Me.m_name = "" Then
Return True
End If
End If
If Me.m_name.Equals(operand.m_name) Then
Return True
Else
' Check for wild card character '*'.
Dim i As Integer = operand.m_name.LastIndexOf("*")
If i > 0 Then
Dim prefix As String = operand.m_name.Substring(0, i)
If Me.m_name.StartsWith(prefix) Then
Return True
End If
End If
End If
Return False
Catch
Throw New ArgumentException(String.Format("Argument_WrongType", Me.GetType().FullName))
End Try
End Function
Public Overrides Function Intersect(ByVal target As IPermission) As IPermission
Console.WriteLine("************* Entering Intersect *********************")
If target Is Nothing Then
Return Nothing
End If
#If (Debug) Then
Console.WriteLine(("This is = " + CType(Me, NameIdPermission).Name))
Console.WriteLine(("Target is " + CType(target, NameIdPermission).m_name))
#End If
If Not VerifyType(target) Then
Throw New ArgumentException(String.Format("Argument is wrong type.", Me.GetType().FullName))
End If
Dim operand As NameIdPermission = CType(target, NameIdPermission)
If operand.IsSubsetOf(Me) Then
Return operand.Copy()
ElseIf Me.IsSubsetOf(operand) Then
Return Me.Copy()
Else
Return Nothing
End If
End Function 'Intersect
Public Overrides Function Union(ByVal target As IPermission) As IPermission
#If (Debug) Then
Console.WriteLine("************* Entering Union *********************")
#End If
If target Is Nothing Then
Return Me
End If
#If (Debug) Then
Console.WriteLine(("This is = " + CType(Me, NameIdPermission).Name))
Console.WriteLine(("Target is " + CType(target, NameIdPermission).m_name))
#End If
If Not VerifyType(target) Then
Throw New ArgumentException(String.Format("Argument_WrongType", Me.GetType().FullName))
End If
Dim operand As NameIdPermission = CType(target, NameIdPermission)
If operand.IsSubsetOf(Me) Then
Return Me.Copy()
ElseIf Me.IsSubsetOf(operand) Then
Return operand.Copy()
Else
Return Nothing
End If
End Function 'Union
Public Overrides Sub FromXml(ByVal e As SecurityElement)
' The following code for unrestricted permission is only included as an example for
' permissions that allow the unrestricted state. It is of no value for this permission.
Dim elUnrestricted As String = e.Attribute("Unrestricted")
If Nothing <> elUnrestricted Then
m_Unrestricted = Boolean.Parse(elUnrestricted)
Return
End If
Dim elName As String = e.Attribute("Name")
m_name = IIf(elName Is Nothing, Nothing, elName)
End Sub
Public Overrides Function ToXml() As SecurityElement
' Use the SecurityElement class to encode the permission to XML.
Dim esd As New SecurityElement("IPermission")
Dim name As String = GetType(NameIdPermission).AssemblyQualifiedName
esd.AddAttribute("class", name)
esd.AddAttribute("version", "1.0")
' The following code for unrestricted permission is only included as an example for
' permissions that allow the unrestricted state. It is of no value for this permission.
If m_Unrestricted Then
esd.AddAttribute("Unrestricted", True.ToString())
End If
If Not (m_Name Is Nothing) Then
esd.AddAttribute("Name", m_Name)
End If
Return esd
End Function 'ToXml
End Class
End Namespace
注解
代码访问权限使用堆栈审核来确保已为代码的所有调用方授予了权限。Code access permissions use a stack walk to ensure that all callers of the code have been granted a permission. 如果权限对象为 null ,则该对象的处理方式与状态相同 PermissionState.None 。If a permission object is null, it is handled the same as a permission object with the state PermissionState.None.
调用堆栈通常表示为向下增长,因此调用堆栈中较高位置的方法调用堆栈中较低的调用方法。The call stack is typically represented as growing down, so that methods higher in the call stack call methods lower in the call stack.
必须向类的继承者 CodeAccessPermission 授予完全信任,才能作为权限扩展安全基础结构。Inheritors of the CodeAccessPermission class must be granted full trust to function correctly as permissions extending the security infrastructure. 若要确定继承方是完全受信任的,请 CodeAccessPermission InheritanceDemand 为 ControlEvidence = true 和发出 ControlPolicy = true 。To determine that the inheritors are fully trusted, CodeAccessPermission issues an InheritanceDemand for ControlEvidence = true and ControlPolicy = true.
实施者说明
当从继承时 CodeAccessPermission ,还必须实现 IUnrestrictedPermission 接口。When you inherit from CodeAccessPermission, you must also implement the IUnrestrictedPermission interface.
CodeAccessPermission必须重写以下成员: Copy() 、 Intersect(IPermission) 、 IsSubsetOf(IPermission) 、 ToXml() 、 FromXml(SecurityElement) 和 Union(IPermission) 。The following CodeAccessPermission members must be overridden: Copy(), Intersect(IPermission), IsSubsetOf(IPermission), ToXml(), FromXml(SecurityElement), and Union(IPermission).
还必须定义一个采用作为唯一的参数的构造函数 PermissionState 。You must also define a constructor that takes a PermissionState as its only parameter.
您必须将特性应用于 SerializableAttribute 从继承的类 CodeAccessPermission 。You must apply the SerializableAttribute attribute to a class that inherits from CodeAccessPermission.
构造函数
| CodeAccessPermission() |
初始化 CodeAccessPermission 类的新实例。Initializes a new instance of the CodeAccessPermission class. |
方法
| Assert() |
声明调用代码能够通过调用此方法的代码,访问受权限请求保护的资源,即使未对堆栈中处于较高位置的调用方授予访问该资源的权限。Declares that the calling code can access the resource protected by a permission demand through the code that calls this method, even if callers higher in the stack have not been granted permission to access the resource. 使用 Assert() 会引起安全问题。Using Assert() can create security issues. |
| Copy() |
由派生类实现时,创建并返回当前权限对象的相同副本。When implemented by a derived class, creates and returns an identical copy of the current permission object. |
| Demand() |
如果未对调用堆栈中处于较高位置的所有调用方授予当前实例所指定的权限,则在运行时强制 SecurityException。Forces a SecurityException at run time if all callers higher in the call stack have not been granted the permission specified by the current instance. |
| Deny() |
已过时。
已过时。
防止处于调用堆栈较高位置的调用函数使用可以调用此方法来访问当前实例指定资源的代码。Prevents callers higher in the call stack from using the code that calls this method to access the resource specified by the current instance. |
| Equals(Object) |
确定指定的 CodeAccessPermission 对象是否等于当前的 CodeAccessPermission。Determines whether the specified CodeAccessPermission object is equal to the current CodeAccessPermission. |
| Equals(Object) |
确定指定对象是否等于当前对象。Determines whether the specified object is equal to the current object. (继承自 Object) |
| FromXml(SecurityElement) |
当在派生类中替代时,用 XML 编码重新构造具有指定状态的安全对象。When overridden in a derived class, reconstructs a security object with a specified state from an XML encoding. |
| GetHashCode() |
获取 CodeAccessPermission 对象的哈希代码,此代码适合在哈希算法和数据结构(例如哈希表)中使用。Gets a hash code for the CodeAccessPermission object that is suitable for use in hashing algorithms and data structures such as a hash table. |
| GetHashCode() |
作为默认哈希函数。Serves as the default hash function. (继承自 Object) |
| GetType() |
获取当前实例的 Type。Gets the Type of the current instance. (继承自 Object) |
| Intersect(IPermission) |
通过派生类实现时,创建和返回是当前权限和指定权限的交集的权限。When implemented by a derived class, creates and returns a permission that is the intersection of the current permission and the specified permission. |
| IsSubsetOf(IPermission) |
通过派生类实现时,确定当前权限是否为指定权限的子集。When implemented by a derived class, determines whether the current permission is a subset of the specified permission. |
| MemberwiseClone() |
创建当前 Object 的浅表副本。Creates a shallow copy of the current Object. (继承自 Object) |
| PermitOnly() |
防止处于调用堆栈较高位置的调用函数使用此代码,此代码将调用此方法来访问除当前实例指定的资源以外的所有资源。Prevents callers higher in the call stack from using the code that calls this method to access all resources except for the resource specified by the current instance. |
| RevertAll() |
导致当前帧以前所有的重写被删除且不再有效。Causes all previous overrides for the current frame to be removed and no longer in effect. |
| RevertAssert() |
导致当前帧以前所有的 Assert() 被删除且不再有效。Causes any previous Assert() for the current frame to be removed and no longer in effect. |
| RevertDeny() |
已过时。
已过时。
导致当前帧以前所有的 Deny() 被删除且不再有效。Causes any previous Deny() for the current frame to be removed and no longer in effect. |
| RevertPermitOnly() |
导致当前帧以前所有的 PermitOnly() 被删除且不再有效。Causes any previous PermitOnly() for the current frame to be removed and no longer in effect. |
| ToString() |
创建并返回当前权限对象的字符串表示形式。Creates and returns a string representation of the current permission object. |
| ToXml() |
当在派生类中重写时,创建安全对象及其当前状态的 XML 编码。When overridden in a derived class, creates an XML encoding of the security object and its current state. |
| Union(IPermission) |
当在派生类中重写时,则创建属于当前权限与指定权限的并集的权限。When overridden in a derived class, creates a permission that is the union of the current permission and the specified permission. |
显式接口实现
| IPermission.Demand() |
如果不满足安全要求,则会在运行时引发 SecurityException。Throws a SecurityException at run time if the security requirement is not met. |
| IStackWalk.Assert() |
断言调用代码可以访问当前权限对象所标识的资源,即使尚未对堆栈中的高级调用方授予访问该资源的权限。Asserts that the calling code can access the resource identified by the current permission object, even if callers higher in the stack have not been granted permission to access the resource. |
| IStackWalk.Demand() |
在运行时确定调用堆栈中的所有调用方是否已被授予当前权限对象所指定的权限。Determines at run time whether all callers in the call stack have been granted the permission specified by the current permission object. |
| IStackWalk.Deny() |
将导致通过调用代码传递的当前对象的每个 Demand() 失败。Causes every Demand() for the current object that passes through the calling code to fail. |
| IStackWalk.PermitOnly() |
导致所有对象的每个 Demand()(除了通过调用代码的当前那个)失败,即使调用堆栈中较高级别的代码已被授予访问其他资源的权限也是如此。Causes every Demand() for all objects except the current one that pass through the calling code to fail, even if code higher in the call stack has been granted permission to access other resources. |