static void Main(string[] args) { var aPrincipal = new GenericPrincipal(new GenericIdentity("AUser", ""), new[] { "RoleA" }); var bPrincipal = new GenericPrincipal(new GenericIdentity("BUser", ""), new[] { "RoleB" }); var abPrincipal = new GenericPrincipal(new GenericIdentity("ABUser", ""), new[] { "RoleB", "RoleA" }); // AB can do anything Thread.CurrentPrincipal = abPrincipal; var sc = new SecureClass(); TryConstruct(); TryBMethod(sc); TryABMethod(sc); // What can A do? Thread.CurrentPrincipal = aPrincipal; TryConstruct(); TryBMethod(sc); TryABMethod(sc); // What can B do? Thread.CurrentPrincipal = bPrincipal; TryConstruct(); TryBMethod(sc); TryABMethod(sc); Console.WriteLine("Press ENTER to exit"); Console.ReadLine(); }
// S1006/ImperativeSecurity public static void Work() { NamedPermissionSet permissions = new NamedPermissionSet("Custom"); permissions.Demand(); SecureClass.RevertDocument(); }
static void TryABMethod(SecureClass sc) { try { sc.RoleABMethod(); } catch (SecurityException) { Console.WriteLine("RoleABMethod SecurityException for " + Thread.CurrentPrincipal.Identity.Name); } }
static void TryConstruct() { try { var sc = new SecureClass(); } catch (SecurityException) { Console.WriteLine("Constructor SecurityException for " + Thread.CurrentPrincipal.Identity.Name); } }
public static void Work() { SecureClass.RevertDocument(); }