private void btnUnion_Click(object sender, System.EventArgs e)
{
// Clear Textbox
txtDisplay.Text = string.Empty;
// You can create a Demand that checks for multiple groups by using the Union method.
// This example requires that the user be a member of the built-in Power Users group
// or the custom Managers group. if the user is not a member of either one, a security
// exception will be thrown.
// Instantiate PrincipalPermission objects for PowerUsers and Managers
PrincipalPermission opPower = new PrincipalPermission(null, @"BUILTIN\PowerUsers");
PrincipalPermission opMgr = new PrincipalPermission(null, machName + @"\Managers");
// Use the Union operator to combine Managers and Power Users.
try
{
opPower.Union(opMgr).Demand();
frmProtected frm = new frmProtected();
frm.Show();
frm.txtProtected.Text = string.Format("Demand succeeded.{0}User is a member of the Power Users or the Managers group.", Environment.NewLine);
// An exception will be thrown if the user belongs to neither group.
}
catch (System.Security.SecurityException ex)
{
txtDisplay.Text = string.Format("Security Exception:{0}{1}{2}Not a member of Managers or Power Users.", Environment.NewLine, ex.Message, Environment.NewLine);
}
}
private void btnAdminRun_Click(object sender, System.EventArgs e)
{
// Clear Textbox
this.txtDisplay.Text = string.Empty;
// The PrincipalPermission object allows security checks against the active
// principal by passing the user name and the group (or role) name. if you pass
// null, then all members of the specified role are considered, not individual users.
// Note that you can't use the WindowsBuiltInRole enumerations here--you must
// pass a string using the BUILTIN keyword and the Windows group name.
PrincipalPermission op = new PrincipalPermission(null, @"BUILTIN\Administrators");
// Placing the security Demand in a try {-catch block allows you to gracefully
// handle the security exception that will be thrown if the current user is not
// a member of the specified group.
try
{
op.Demand();
frmProtected frm = new frmProtected();
frm.Show();
frm.txtProtected.Text = string.Format("Demand succeeded.{0}User is a member of the Administrators group.", Environment.NewLine);
}
catch (System.Security.SecurityException ex)
{
// The catch block handles the exception thrown if someone who is not a member
// of the Administrators group tries to run the code. A message is displayed in
// the TextBox control on the form.
txtDisplay.Text = string.Format("Security Exception:{0}{1}{2}Not a member of the Administrators group.", Environment.NewLine, ex.Message, Environment.NewLine);
}
}
private void btnPowerRun_Click(object sender, System.EventArgs e)
{
// Clear Textbox
txtDisplay.Text = string.Empty;
// The Power Users group is also a built-in group.
PrincipalPermission op = new PrincipalPermission(null, @"BUILTIN\PowerUsers");
try
{
op.Demand();
frmProtected frm = new frmProtected();
frm.Show();
frm.txtProtected.Text = string.Format("Demand succeeded.{0}User is a member of the Power Users group.", Environment.NewLine);
}
catch (System.Security.SecurityException ex)
{
txtDisplay.Text = string.Format("Security Exception:{0}{1}{2}Not a member of the Power Users group.", Environment.NewLine, ex.Message, Environment.NewLine);
}
}
private void btnManagerRun_Click(object sender, System.EventArgs e)
{
// Clear Textbox
txtDisplay.Text = string.Empty;
// The MachineName is required for custom groups. if the user is not a member of the
// group, or if the group does not exist, then a security exception will be thrown
// and the Demand will fail.
PrincipalPermission op = new PrincipalPermission(null, machName + @"\Managers");
try
{
op.Demand();
frmProtected frm = new frmProtected();
frm.Show();
frm.txtProtected.Text = string.Format("Demand succeeded.{0}User is a member of the Managers group.", Environment.NewLine);
}
catch (System.Security.SecurityException ex)
{
txtDisplay.Text = string.Format("Security Exception:{0}{1}{2}Not a member of the Managers group.", Environment.NewLine, ex.Message, Environment.NewLine);
}
}
