TeamFoundationSecurityNamespace Class
Class for managing and enforcing security for a set of AccessControlLists.
Inheritance Hierarchy
System.Object
Microsoft.TeamFoundation.Framework.Server.TeamFoundationSecurityNamespace
Namespace: Microsoft.TeamFoundation.Framework.Server
Assembly: Microsoft.TeamFoundation.Framework.Server (in Microsoft.TeamFoundation.Framework.Server.dll)
Syntax
'Declaration
Public Class TeamFoundationSecurityNamespace _
Implements IDisposable
public class TeamFoundationSecurityNamespace : IDisposable
public ref class TeamFoundationSecurityNamespace : IDisposable
type TeamFoundationSecurityNamespace =
class
interface IDisposable
end
public class TeamFoundationSecurityNamespace implements IDisposable
The TeamFoundationSecurityNamespace type exposes the following members.
Properties
| Name | Description | |
|---|---|---|
.gif "Public property") |
Description | The description this security namespace was built from. |
|
NamespaceExtension | The extension for this namespace. |
Top
Methods
| Name | Description | |
|---|---|---|
.gif "Public method") |
CheckPermission(TeamFoundationRequestContext, IEnumerable<String>, Int32, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for the tokens and all its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this server, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for all of the children, a SecurityAccessException will be thrown. |
|
CheckPermission(TeamFoundationRequestContext, String, Int32, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for this token. If alwaysAllowAdministrators is true and the UserContext is an admin on this server, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions, a SecurityAccessException will be thrown. |
|
CheckPermissionForAllChildren(TeamFoundationRequestContext, IEnumerable<String>, Int32, Boolean, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for the tokens and all its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for all of the children, a AccessCheckException will be thrown. |
|
CheckPermissionForAllChildren(TeamFoundationRequestContext, String, Int32, Boolean, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for this token and all its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for all of the children, an AccessCheckException will be thrown. |
|
CheckPermissionForAnyChildren(TeamFoundationRequestContext, IEnumerable<String>, Int32, Boolean, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for this token or any one of its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for any of the children, a SecurityAccessException will be thrown. |
|
CheckPermissionForAnyChildren(TeamFoundationRequestContext, String, Int32, Boolean, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for this token or any one of its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for any of the children, a SecurityAccessException will be thrown. |
|
Dispose | |
|
EnsureIdentityIsKnown | Ensures the identity is in the security group for the given security namespace. This function only has to be called if ACEs are being persisted in a manner other than using the APIs on this interface |
|
Equals | Determines whether the specified object is equal to the current object. (Inherited from Object.) |
.gif "Protected method") |
Finalize | Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.) |
|
GetHashCode | Serves as a hash function for a particular type. (Inherited from Object.) |
|
GetType | Gets the Type of the current instance. (Inherited from Object.) |
|
HasPermission(TeamFoundationRequestContext, IEnumerable<String>, Int32, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns true immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions on the tokens. If alwaysAllowAdministrators is true and the UserContext is an admin on this server, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions, false will be returned. |
|
HasPermission(TeamFoundationRequestContext, String, Int32, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns true immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions on this token. If alwaysAllowAdministrators is true and the UserContext is an admin on this server, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions, false will be returned. |
|
HasPermissionForAllChildren(TeamFoundationRequestContext, IEnumerable<String>, Int32, Boolean, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for the tokens and all their children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for all of the children, false will be returned. |
|
HasPermissionForAllChildren(TeamFoundationRequestContext, String, Int32, Boolean, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for this token and all its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for all of the children, false will be returned. |
|
HasPermissionForAnyChildren(TeamFoundationRequestContext, IEnumerable<String>, Int32, Boolean, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for the tokens or any one of its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this server, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for any of the children, false will be returned. |
|
HasPermissionForAnyChildren(TeamFoundationRequestContext, String, Int32, Boolean, Boolean, PermissionEvaluationCallback) | First checks to see whether the request context making the call is a SystemRequestContext and if it is, it returns immediately. Next, it queries the underlying permission store to determine whether the requestContext.UserContext has the requested permissions for this token or any one of its children. If alwaysAllowAdministrators is true and the UserContext is an admin on this host, the user will have permissions regardless of what the permission evaluation says. If the UserContext does not have the requestedPermissions for any of the children, false will be returned. |
|
MemberwiseClone | Creates a shallow copy of the current Object. (Inherited from Object.) |
|
OnDataChanged | This function will be called when the data behind the securityNamespace is changed without using this namespaces instance. This allows the security namespaces to refresh the internal cache from the database on the next use. |
|
QueryAccessControlList | In all cases: This method will query the AccessControlList for the token specified. It will return AccessControlEntry information about the descriptors that are supplied or all descriptors if null is supplied for the descriptors parameter. |
|
QueryAccessControlLists | In all cases, this method will query the AccessControlList for the token specified. It will return AccessControlEntry information for the descriptors that are supplied or all descriptors if null is supplied for the descriptors parameter. |
|
QueryEffectivePermissions | Returns the effective allowed permissions for the given descriptor. |
|
RemoveAccessControlEntries(TeamFoundationRequestContext, String, IEnumerable<AccessControlEntry>) | Removes all permissions for the provided user on the provided token from the permission store. |
|
RemoveAccessControlEntries(TeamFoundationRequestContext, String, IEnumerable<IdentityDescriptor>) | |
|
RemoveAccessControlLists | Removes the AccessControlList for the specified tokens. |
|
RemovePermissions | Removes the specified permission bits from the existing allows and denys for this descriptor. If no existing AccessControlEntry is found for this descriptor then nothing is performed and an empty AccessControlList is returned. This function will not throw an exception if either the token or descriptor cannot be found. |
|
RenameToken | This function will move the ACL for the existingToken and all its children to the corresponding newToken. It will begin by querying permissions on the existing token. If none exist, null will be returned. If permissions do exist, all existing permissions under newToken will be cleared and the existing ACLs will be copied over to the newToken path. If the copy parameter is false, the ACLs under existingToken will be deleted. |
|
RenameTokens | |
|
SetAccessControlEntries(TeamFoundationRequestContext, String, IEnumerable<AccessControlEntry>, Boolean) | Sets the provided AccessControlEntries in this SecurityNamespace. If invalid identities are supplied in this call, it will throw. |
|
SetAccessControlEntries(TeamFoundationRequestContext, String, IEnumerable<AccessControlEntry>, Boolean, Boolean) | Sets the provided AccessControlEntries in this SecurityNamespace. |
|
SetAccessControlEntry | Sets the provided AccessControlEntry in this SecurityNamespace. |
|
SetAccessControlLists(TeamFoundationRequestContext, IEnumerable<AccessControlList>) | Sets the AccessControlLists specified in the SecurityNamespace. Setting an AccessControlList will always overwrite an existing AccessControlList if one exists. |
|
SetAccessControlLists(TeamFoundationRequestContext, IEnumerable<AccessControlList>, Boolean) | Sets the AccessControlLists specified in the SecurityNamespace. Setting an AccessControlList will always overwrite an existing AccessControlList if one exists. |
|
SetInheritFlag | Sets whether an AccessControlList should inherit permissions from its parents. |
|
SetPermissions | Sets a permission for the descriptor in this SecurityNamespace. |
|
ToString | Returns a string that represents the current object. (Inherited from Object.) |
Top
Thread Safety
Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.