SecurityAction 列舉

定義

警告

此 API 現已淘汰。

指定可以使用宣告式安全性執行的安全性動作。Specifies the security actions that can be performed using declarative security.

public enum class SecurityAction
[System.Runtime.InteropServices.ComVisible(true)]
[System.Obsolete("CAS support is not available with Silverlight applications.")]
[System.Serializable]
public enum SecurityAction
type SecurityAction = 
Public Enum SecurityAction
繼承
SecurityAction
屬性

欄位

Assert 3

即使堆疊中較高層的呼叫端未獲得資源存取權限,呼叫程式碼仍可以存取目前權限物件所識別的資源 (請參閱使用 Assert 方法)。The calling code can access the resource identified by the current permission object, even if callers higher in the stack have not been granted permission to access the resource (see Using the Assert Method).

Demand 2

呼叫堆疊中較高層的所有呼叫端,必須已獲得目前權限物件所指定的權限。All callers higher in the call stack are required to have been granted the permission specified by the current permission object.

Deny 4

即使呼叫端已獲得資源存取權限,仍會拒絕呼叫端存取目前權限物件所指定的資源。(請參閱使用 Deny 方法)。The ability to access the resource specified by the current permission object is denied to callers, even if they have been granted permission to access it (see Using the Deny Method).

InheritanceDemand 7

繼承類別或覆寫方法的衍生類別 (Derived Class) 必須已經授與指定的使用權限。The derived class inheriting the class or overriding a method is required to have been granted the specified permission.

LinkDemand 6

直接呼叫端必須已獲得指定權限。The immediate caller is required to have been granted the specified permission. 請勿在 .NET Framework 4.NET Framework 4 中使用。Do not use in the .NET Framework 4.NET Framework 4. 如需完全信任,請使用 SecurityCriticalAttribute,部分信任則使用 DemandFor full trust, use SecurityCriticalAttribute instead; for partial trust, use Demand.

PermitOnly 5

只可存取這個權限物件所指定的資源,即使程式碼已獲得其他資源存取權限亦然。Only the resources specified by this permission object can be accessed, even if the code has been granted permission to access other resources.

RequestMinimum 8

要求執行程式碼所需的最低權限。The request for the minimum permissions required for code to run. 這個動作只能在組件的範圍內使用。This action can only be used within the scope of the assembly.

RequestOptional 9

要求選擇性 (非執行所需) 的其他權限。The request for additional permissions that are optional (not required to run). 這項要求會隱含拒絕未特別要求的所有其他權限。This request implicitly refuses all other permissions not specifically requested. 這個動作只能在組件的範圍內使用。This action can only be used within the scope of the assembly.

RequestRefuse 10

要求不將可能遭到誤用的權限授權給呼叫程式碼。The request that permissions that might be misused will not be granted to the calling code. 這個動作只能在組件的範圍內使用。This action can only be used within the scope of the assembly.

範例

這個範例會示範如何通知 CLR,呼叫的方法中的程式碼只有 IsolatedStoragePermission,同時也示範如何從隔離儲存區寫入和讀取。This example shows how to notify the CLR that code in called methods has only IsolatedStoragePermission, and also demonstrates how to write and read from isolated storage.

using namespace System;
using namespace System::Security;
using namespace System::Security::Permissions;
using namespace System::IO::IsolatedStorage;
using namespace System::IO;


static void WriteIsolatedStorage()
{
    try
    {
        // Attempt to create a storage file that is isolated by
        // user and assembly. IsolatedStorageFilePermission
        // granted to the attribute at the top of this file
        // allows CLR to load this assembly and execution of this
        // statement.
        Stream^ fileCreateStream = gcnew
            IsolatedStorageFileStream(
            "AssemblyData",
            FileMode::Create,
            IsolatedStorageFile::GetUserStoreForAssembly());

        StreamWriter^ streamWriter = gcnew StreamWriter(
            fileCreateStream);
        try
        {
            // Write some data out to the isolated file.

            streamWriter->Write("This is some test data.");
            streamWriter->Close();	
        }
        finally
        {
            delete fileCreateStream;
            delete streamWriter;
        } 
    }
    catch (IOException^ ex)
    {
        Console::WriteLine(ex->Message);
    }

    try
    {
        Stream^ fileOpenStream =
            gcnew IsolatedStorageFileStream(
            "AssemblyData",
            FileMode::Open,
            IsolatedStorageFile::GetUserStoreForAssembly());
        // Attempt to open the file that was previously created.

        StreamReader^ streamReader = gcnew StreamReader(
            fileOpenStream);
        try
        { 
            // Read the data from the file and display it.

            Console::WriteLine(streamReader->ReadLine());
            streamReader->Close();
        }
        finally
        {
            delete fileOpenStream;
            delete streamReader;
        }
    }
    catch (FileNotFoundException^ ex)
    {
        Console::WriteLine(ex->Message);
    }
    catch (IOException^ ex)
    {
        Console::WriteLine(ex->Message);
    }
}
// Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
// This restricts the called methods to working only with storage files that are isolated 
// by user and assembly.
[IsolatedStorageFilePermission(SecurityAction::PermitOnly, UsageAllowed = IsolatedStorageContainment::AssemblyIsolationByUser)]
int main()
{
    WriteIsolatedStorage();
}

// This code produces the following output.
//
//  This is some test data.
using System;
using System.Security.Permissions;
using System.IO.IsolatedStorage;
using System.IO;

// Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
// This restricts the called methods to working only with storage files that are isolated 
// by user and assembly.
[IsolatedStorageFilePermission(SecurityAction.PermitOnly, UsageAllowed = IsolatedStorageContainment.AssemblyIsolationByUser)]
public sealed class App
{
    static void Main()
    {
        WriteIsolatedStorage();

    }
    private static void WriteIsolatedStorage()
    {
        // Attempt to create a storage file that is isolated by user and assembly.
        // IsolatedStorageFilePermission granted to the attribute at the top of this file 
        // allows CLR to load this assembly and execution of this statement.
        using (Stream s = new IsolatedStorageFileStream("AssemblyData", FileMode.Create, IsolatedStorageFile.GetUserStoreForAssembly()))
        {

            // Write some data out to the isolated file.
            using (StreamWriter sw = new StreamWriter(s))
            {
                sw.Write("This is some test data.");
            }
        }

        // Attempt to open the file that was previously created.
        using (Stream s = new IsolatedStorageFileStream("AssemblyData", FileMode.Open, IsolatedStorageFile.GetUserStoreForAssembly()))
        {
            // Read the data from the file and display it.
            using (StreamReader sr = new StreamReader(s))
            {
                Console.WriteLine(sr.ReadLine());
            }
        }
    }
}

// This code produces the following output.
//
//  Some test data.
Option Strict On
Imports System.Security.Permissions
Imports System.IO.IsolatedStorage
Imports System.IO


' Notify the CLR to only grant IsolatedStorageFilePermission to called methods. 
' This restricts the called methods to working only with storage files that are isolated 
' by user and assembly.
<IsolatedStorageFilePermission(SecurityAction.PermitOnly, UsageAllowed:=IsolatedStorageContainment.AssemblyIsolationByUser)> _
Public NotInheritable Class App

    Shared Sub Main()
        WriteIsolatedStorage()
    End Sub
    Shared Sub WriteIsolatedStorage()
        ' Attempt to create a storage file that is isolated by user and assembly.
        ' IsolatedStorageFilePermission granted to the attribute at the top of this file 
        ' allows CLR to load this assembly and execution of this statement.
        Dim s As New IsolatedStorageFileStream("AssemblyData", FileMode.Create, IsolatedStorageFile.GetUserStoreForAssembly())
        Try

            ' Write some data out to the isolated file.
            Dim sw As New StreamWriter(s)
            Try
                sw.Write("This is some test data.")
            Finally
                sw.Dispose()
            End Try
        Finally
            s.Dispose()
        End Try

        ' Attempt to open the file that was previously created.
        Dim t As New IsolatedStorageFileStream("AssemblyData", FileMode.Open, IsolatedStorageFile.GetUserStoreForAssembly())
        Try
            ' Read the data from the file and display it.
            Dim sr As New StreamReader(t)
            Try
                Console.WriteLine(sr.ReadLine())
            Finally
                sr.Dispose()
            End Try
        Finally
            t.Dispose()
        End Try

    End Sub
End Class

' This code produces the following output.
'
'  Some test data.

備註

下表描述每個安全性動作的發生時間,以及它所支援的目標。The following table describes the time that each security action takes place and the targets that it supports.

重要

.NET Framework 4.NET Framework 4中,已移除執行時間支援以強制執行 Deny、RequestMinimum、RequestOptional 和 RequestRefuse 許可權要求。In the .NET Framework 4.NET Framework 4, runtime support has been removed for enforcing the Deny, RequestMinimum, RequestOptional, and RequestRefuse permission requests. 在以 .NET Framework 4.NET Framework 4 或更新版本為基礎的程式碼中,不應使用這些要求。These requests should not be used in code that is based on .NET Framework 4.NET Framework 4 or later. 如需這和其他變更的詳細資訊,請參閱安全性變更For more information about this and other changes, see Security Changes.

您不應該在 .NET Framework 4.NET Framework 4中使用 LinkDemandYou should not use LinkDemand in the .NET Framework 4.NET Framework 4. 相反地,請使用 SecurityCriticalAttribute 將使用限制為完全信任的應用程式,或使用 Demand 來限制部分信任的呼叫端。Instead, use the SecurityCriticalAttribute to restrict usage to fully trusted applications, or use Demand to restrict partially trusted callers.

安全性動作的宣告Declaration of security action 動作時間Time of action 支援的目標Targets supported
LinkDemand (請勿在 .NET Framework 4.NET Framework 4中使用)LinkDemand (do not use in the .NET Framework 4.NET Framework 4) 即時編譯Just-in-time compilation Class,方法Class, method
InheritanceDemand 載入時間Load time Class,方法Class, method
Demand 執行階段Run time Class,方法Class, method
Assert 執行階段Run time Class,方法Class, method
Deny (在 .NET Framework 4.NET Framework 4中過時)Deny (obsolete in the .NET Framework 4.NET Framework 4) 執行階段Run time Class,方法Class, method
PermitOnly 執行階段Run time Class,方法Class, method
RequestMinimum (在 .NET Framework 4.NET Framework 4中過時)RequestMinimum (obsolete in the .NET Framework 4.NET Framework 4) 授與時間Grant time AssemblyAssembly
RequestOptional (在 .NET Framework 4.NET Framework 4中過時)RequestOptional (obsolete in the .NET Framework 4.NET Framework 4) 授與時間Grant time AssemblyAssembly
RequestRefuse (在 .NET Framework 4.NET Framework 4中過時)RequestRefuse (obsolete in the .NET Framework 4.NET Framework 4) 授與時間Grant time AssemblyAssembly

如需屬性目標的詳細資訊,請參閱 AttributeFor additional information about attribute targets, see Attribute.

適用於