internal static bool CheckSetHelper(PermissionSet grants,
PermissionSet refused,
PermissionSet demands,
RuntimeMethodHandle rmh,
Object assemblyOrString,
SecurityAction action,
bool throwException)
{
BCLDebug.Assert(demands != null, "Should not reach here with a null demand set");
#if _DEBUG
if (debug)
{
DEBUG_OUT("Granted: ");
DEBUG_OUT(grants.ToXml().ToString());
DEBUG_OUT("Refused: ");
DEBUG_OUT(refused != null ? refused.ToXml().ToString() : "<null>");
DEBUG_OUT("Demanded: ");
DEBUG_OUT(demands!=null ? demands.ToXml().ToString() : "<null>");
}
#endif
IPermission permThatFailed = null;
if (grants != null)
grants.CheckDecoded(demands);
if (refused != null)
refused.CheckDecoded(demands);
bool bThreadSecurity = SecurityManager._SetThreadSecurity(false);
try
{
// Check grant set
if (!demands.CheckDemand(grants, out permThatFailed))
{
if (throwException)
ThrowSecurityException(assemblyOrString, grants, refused, rmh, action, demands, permThatFailed);
else
return false;
}
// Check refused set
if (!demands.CheckDeny(refused, out permThatFailed))
{
if (throwException)
ThrowSecurityException(assemblyOrString, grants, refused, rmh, action, demands, permThatFailed);
else
return false;
}
}
catch (SecurityException)
{
throw;
}
catch (Exception)
{
// Any exception besides a security exception in this code means that
// a permission was unable to properly handle what we asked of it.
// We will define this to mean that the demand failed.
if (throwException)
ThrowSecurityException(assemblyOrString, grants, refused, rmh, action, demands, permThatFailed);
else
return false;
}
catch
{
return false;
}
finally
{
if (bThreadSecurity)
SecurityManager._SetThreadSecurity(true);
}
return true;
}