internal static IPermission CheckPermissionSet (AppDomain ad, PermissionSet ps)
{
if ((ps == null) || ps.IsEmpty ())
return null;
PermissionSet granted = ad.GrantedPermissionSet;
if (granted == null)
return null;
#if NET_2_0
if (granted.IsUnrestricted ())
return null;
#else
if ((granted.Count == 0) && granted.IsUnrestricted ())
return null;
#endif
if (ps.IsUnrestricted ())
return new SecurityPermission (SecurityPermissionFlag.NoFlags);
foreach (IPermission p in ps) {
if (p is CodeAccessPermission) {
CodeAccessPermission grant = (CodeAccessPermission) granted.GetPermission (p.GetType ());
if (grant == null) {
if (!granted.IsUnrestricted () || !(p is IUnrestrictedPermission)) {
if (!p.IsSubsetOf (null))
return p;
}
} else if (!p.IsSubsetOf (grant)) {
return p;
}
} else {
// but non-CAS will throw on failure...
try {
p.Demand ();
}
catch (SecurityException) {
// ... so we catch
return p;
}
}
}
return null;
}