static void Main(string[] args)
{
var aPrincipal = new GenericPrincipal(new GenericIdentity("AUser", ""), new[] { "RoleA" });
var bPrincipal = new GenericPrincipal(new GenericIdentity("BUser", ""), new[] { "RoleB" });
var abPrincipal = new GenericPrincipal(new GenericIdentity("ABUser", ""), new[] { "RoleB", "RoleA" });
// AB can do anything
Thread.CurrentPrincipal = abPrincipal;
var sc = new SecureClass();
TryConstruct();
TryBMethod(sc);
TryABMethod(sc);
// What can A do?
Thread.CurrentPrincipal = aPrincipal;
TryConstruct();
TryBMethod(sc);
TryABMethod(sc);
// What can B do?
Thread.CurrentPrincipal = bPrincipal;
TryConstruct();
TryBMethod(sc);
TryABMethod(sc);
Console.WriteLine("Press ENTER to exit");
Console.ReadLine();
}
// S1006/ImperativeSecurity
public static void Work()
{
NamedPermissionSet permissions = new NamedPermissionSet("Custom");
permissions.Demand();
SecureClass.RevertDocument();
}
static void TryABMethod(SecureClass sc)
{
try
{
sc.RoleABMethod();
}
catch (SecurityException)
{
Console.WriteLine("RoleABMethod SecurityException for " + Thread.CurrentPrincipal.Identity.Name);
}
}
static void TryConstruct()
{
try
{
var sc = new SecureClass();
}
catch (SecurityException)
{
Console.WriteLine("Constructor SecurityException for " + Thread.CurrentPrincipal.Identity.Name);
}
}
public static void Work()
{
SecureClass.RevertDocument();
}
