SecurityAction 枚举

定义

警告

此 API 现已过时。

指定可以使用声明性安全执行的安全操作。Specifies the security actions that can be performed using declarative security.

public enum class SecurityAction
[System.Runtime.InteropServices.ComVisible(true)]
[System.Obsolete("CAS support is not available with Silverlight applications.")]
[System.Serializable]
public enum SecurityAction
type SecurityAction = 
Public Enum SecurityAction
继承
SecurityAction
属性

字段

Assert 3

调用代码可以访问当前权限对象所标识的资源,即使尚未对堆栈中的高级调用方授予访问该资源的权限(请参阅使用 Assert 方法)。The calling code can access the resource identified by the current permission object, even if callers higher in the stack have not been granted permission to access the resource (see Using the Assert Method).

Demand 2

要求调用堆栈中的所有高级调用方已被授予当前权限对象所指定的权限。All callers higher in the call stack are required to have been granted the permission specified by the current permission object.

Deny 4

即使已向调用方授予访问权限,也会拒绝其访问当前权限对象指定的资源(请参阅使用 Deny 方法)。The ability to access the resource specified by the current permission object is denied to callers, even if they have been granted permission to access it (see Using the Deny Method).

InheritanceDemand 7

要求继承此类或重写某一方法的派生类已被授予了指定的权限。The derived class inheriting the class or overriding a method is required to have been granted the specified permission.

LinkDemand 6

要求直接调用方已被授予指定的权限。The immediate caller is required to have been granted the specified permission. 请不要在 .NET Framework 4.NET Framework 4 中使用。Do not use in the .NET Framework 4.NET Framework 4. 对于完全信任,请改用 SecurityCriticalAttribute;对于部分信任,请使用 DemandFor full trust, use SecurityCriticalAttribute instead; for partial trust, use Demand.

PermitOnly 5

仅可以访问此权限对象所指定的资源,即使代码已被授予访问其他资源的权限。Only the resources specified by this permission object can be accessed, even if the code has been granted permission to access other resources.

RequestMinimum 8

代码运行所需的最低权限请求。The request for the minimum permissions required for code to run. 此操作仅可以在程序集的作用域内使用。This action can only be used within the scope of the assembly.

RequestOptional 9

可选的其他权限请求(不要求运行)。The request for additional permissions that are optional (not required to run). 此请求隐式拒绝所有未明确请求的其他权限。This request implicitly refuses all other permissions not specifically requested. 此操作仅可以在程序集的作用域内使用。This action can only be used within the scope of the assembly.

RequestRefuse 10

可能被误用的权限将不授予给调用代码的请求。The request that permissions that might be misused will not be granted to the calling code. 此操作仅可以在程序集的作用域内使用。This action can only be used within the scope of the assembly.

示例

此示例演示如何通知 CLR:调用的方法中的代码只有 IsolatedStoragePermission,并演示如何在独立存储中进行写入和读取操作。This example shows how to notify the CLR that code in called methods has only IsolatedStoragePermission, and also demonstrates how to write and read from isolated storage.

using namespace System;
using namespace System::Security;
using namespace System::Security::Permissions;
using namespace System::IO::IsolatedStorage;
using namespace System::IO;


static void WriteIsolatedStorage()
{
    try
    {
        // Attempt to create a storage file that is isolated by
        // user and assembly. IsolatedStorageFilePermission
        // granted to the attribute at the top of this file
        // allows CLR to load this assembly and execution of this
        // statement.
        Stream^ fileCreateStream = gcnew
            IsolatedStorageFileStream(
            "AssemblyData",
            FileMode::Create,
            IsolatedStorageFile::GetUserStoreForAssembly());

        StreamWriter^ streamWriter = gcnew StreamWriter(
            fileCreateStream);
        try
        {
            // Write some data out to the isolated file.

            streamWriter->Write("This is some test data.");
            streamWriter->Close();	
        }
        finally
        {
            delete fileCreateStream;
            delete streamWriter;
        } 
    }
    catch (IOException^ ex)
    {
        Console::WriteLine(ex->Message);
    }

    try
    {
        Stream^ fileOpenStream =
            gcnew IsolatedStorageFileStream(
            "AssemblyData",
            FileMode::Open,
            IsolatedStorageFile::GetUserStoreForAssembly());
        // Attempt to open the file that was previously created.

        StreamReader^ streamReader = gcnew StreamReader(
            fileOpenStream);
        try
        { 
            // Read the data from the file and display it.

            Console::WriteLine(streamReader->ReadLine());
            streamReader->Close();
        }
        finally
        {
            delete fileOpenStream;
            delete streamReader;
        }
    }
    catch (FileNotFoundException^ ex)
    {
        Console::WriteLine(ex->Message);
    }
    catch (IOException^ ex)
    {
        Console::WriteLine(ex->Message);
    }
}
// Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
// This restricts the called methods to working only with storage files that are isolated 
// by user and assembly.
[IsolatedStorageFilePermission(SecurityAction::PermitOnly, UsageAllowed = IsolatedStorageContainment::AssemblyIsolationByUser)]
int main()
{
    WriteIsolatedStorage();
}

// This code produces the following output.
//
//  This is some test data.
using System;
using System.Security.Permissions;
using System.IO.IsolatedStorage;
using System.IO;

// Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
// This restricts the called methods to working only with storage files that are isolated 
// by user and assembly.
[IsolatedStorageFilePermission(SecurityAction.PermitOnly, UsageAllowed = IsolatedStorageContainment.AssemblyIsolationByUser)]
public sealed class App
{
    static void Main()
    {
        WriteIsolatedStorage();

    }
    private static void WriteIsolatedStorage()
    {
        // Attempt to create a storage file that is isolated by user and assembly.
        // IsolatedStorageFilePermission granted to the attribute at the top of this file 
        // allows CLR to load this assembly and execution of this statement.
        using (Stream s = new IsolatedStorageFileStream("AssemblyData", FileMode.Create, IsolatedStorageFile.GetUserStoreForAssembly()))
        {

            // Write some data out to the isolated file.
            using (StreamWriter sw = new StreamWriter(s))
            {
                sw.Write("This is some test data.");
            }
        }

        // Attempt to open the file that was previously created.
        using (Stream s = new IsolatedStorageFileStream("AssemblyData", FileMode.Open, IsolatedStorageFile.GetUserStoreForAssembly()))
        {
            // Read the data from the file and display it.
            using (StreamReader sr = new StreamReader(s))
            {
                Console.WriteLine(sr.ReadLine());
            }
        }
    }
}

// This code produces the following output.
//
//  Some test data.
Option Strict On
Imports System.Security.Permissions
Imports System.IO.IsolatedStorage
Imports System.IO


' Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
' This restricts the called methods to working only with storage files that are isolated 
' by user and assembly.
<IsolatedStorageFilePermission(SecurityAction.PermitOnly, UsageAllowed:=IsolatedStorageContainment.AssemblyIsolationByUser)> _
Public NotInheritable Class App

    Shared Sub Main()
        WriteIsolatedStorage()
    End Sub
    Shared Sub WriteIsolatedStorage()
        ' Attempt to create a storage file that is isolated by user and assembly.
        ' IsolatedStorageFilePermission granted to the attribute at the top of this file 
        ' allows CLR to load this assembly and execution of this statement.
        Dim s As New IsolatedStorageFileStream("AssemblyData", FileMode.Create, IsolatedStorageFile.GetUserStoreForAssembly())
        Try

            ' Write some data out to the isolated file.
            Dim sw As New StreamWriter(s)
            Try
                sw.Write("This is some test data.")
            Finally
                sw.Dispose()
            End Try
        Finally
            s.Dispose()
        End Try

        ' Attempt to open the file that was previously created.
        Dim t As New IsolatedStorageFileStream("AssemblyData", FileMode.Open, IsolatedStorageFile.GetUserStoreForAssembly())
        Try
            ' Read the data from the file and display it.
            Dim sr As New StreamReader(t)
            Try
                Console.WriteLine(sr.ReadLine())
            Finally
                sr.Dispose()
            End Try
        Finally
            t.Dispose()
        End Try

    End Sub
End Class

' This code produces the following output.
'
'  Some test data.

注解

下表描述了每个安全操作发生的时间及其支持的目标。The following table describes the time that each security action takes place and the targets that it supports.

重要

.NET Framework 4.NET Framework 4中,已删除运行时支持,以便强制执行 Deny、RequestMinimum、RequestOptional 和 RequestRefuse 权限请求。In the .NET Framework 4.NET Framework 4, runtime support has been removed for enforcing the Deny, RequestMinimum, RequestOptional, and RequestRefuse permission requests. 这些请求不应用于基于 .NET Framework 4.NET Framework 4 或更高版本的代码中。These requests should not be used in code that is based on .NET Framework 4.NET Framework 4 or later. 有关此更改以及其他更改的详细信息,请参阅安全更改For more information about this and other changes, see Security Changes.

不应在 .NET Framework 4.NET Framework 4中使用 LinkDemandYou should not use LinkDemand in the .NET Framework 4.NET Framework 4. 请改用 SecurityCriticalAttribute 将使用限制为完全受信任的应用程序,或使用 Demand 限制部分受信任的调用方。Instead, use the SecurityCriticalAttribute to restrict usage to fully trusted applications, or use Demand to restrict partially trusted callers.

安全操作的声明Declaration of security action 操作时间Time of action 支持的目标Targets supported
LinkDemand (请勿在 .NET Framework 4.NET Framework 4中使用)LinkDemand (do not use in the .NET Framework 4.NET Framework 4) 实时编译Just-in-time compilation Class、方法Class, method
InheritanceDemand 加载时间Load time Class、方法Class, method
Demand 运行时Run time Class、方法Class, method
Assert 运行时Run time Class、方法Class, method
Deny.NET Framework 4.NET Framework 4中已过时)Deny (obsolete in the .NET Framework 4.NET Framework 4) 运行时Run time Class、方法Class, method
PermitOnly 运行时Run time Class、方法Class, method
RequestMinimum.NET Framework 4.NET Framework 4中已过时)RequestMinimum (obsolete in the .NET Framework 4.NET Framework 4) 授予时间Grant time AssemblyAssembly
RequestOptional.NET Framework 4.NET Framework 4中已过时)RequestOptional (obsolete in the .NET Framework 4.NET Framework 4) 授予时间Grant time AssemblyAssembly
RequestRefuse.NET Framework 4.NET Framework 4中已过时)RequestRefuse (obsolete in the .NET Framework 4.NET Framework 4) 授予时间Grant time AssemblyAssembly

有关属性目标的其他信息,请参阅 AttributeFor additional information about attribute targets, see Attribute.

适用于