private void btnUnion_Click(object sender, System.EventArgs e) { // Clear Textbox txtDisplay.Text = string.Empty; // You can create a Demand that checks for multiple groups by using the Union method. // This example requires that the user be a member of the built-in Power Users group // or the custom Managers group. if the user is not a member of either one, a security // exception will be thrown. // Instantiate PrincipalPermission objects for PowerUsers and Managers PrincipalPermission opPower = new PrincipalPermission(null, @"BUILTIN\PowerUsers"); PrincipalPermission opMgr = new PrincipalPermission(null, machName + @"\Managers"); // Use the Union operator to combine Managers and Power Users. try { opPower.Union(opMgr).Demand(); frmProtected frm = new frmProtected(); frm.Show(); frm.txtProtected.Text = string.Format("Demand succeeded.{0}User is a member of the Power Users or the Managers group.", Environment.NewLine); // An exception will be thrown if the user belongs to neither group. } catch (System.Security.SecurityException ex) { txtDisplay.Text = string.Format("Security Exception:{0}{1}{2}Not a member of Managers or Power Users.", Environment.NewLine, ex.Message, Environment.NewLine); } }
private void btnAdminRun_Click(object sender, System.EventArgs e) { // Clear Textbox this.txtDisplay.Text = string.Empty; // The PrincipalPermission object allows security checks against the active // principal by passing the user name and the group (or role) name. if you pass // null, then all members of the specified role are considered, not individual users. // Note that you can't use the WindowsBuiltInRole enumerations here--you must // pass a string using the BUILTIN keyword and the Windows group name. PrincipalPermission op = new PrincipalPermission(null, @"BUILTIN\Administrators"); // Placing the security Demand in a try {-catch block allows you to gracefully // handle the security exception that will be thrown if the current user is not // a member of the specified group. try { op.Demand(); frmProtected frm = new frmProtected(); frm.Show(); frm.txtProtected.Text = string.Format("Demand succeeded.{0}User is a member of the Administrators group.", Environment.NewLine); } catch (System.Security.SecurityException ex) { // The catch block handles the exception thrown if someone who is not a member // of the Administrators group tries to run the code. A message is displayed in // the TextBox control on the form. txtDisplay.Text = string.Format("Security Exception:{0}{1}{2}Not a member of the Administrators group.", Environment.NewLine, ex.Message, Environment.NewLine); } }
private void btnPowerRun_Click(object sender, System.EventArgs e) { // Clear Textbox txtDisplay.Text = string.Empty; // The Power Users group is also a built-in group. PrincipalPermission op = new PrincipalPermission(null, @"BUILTIN\PowerUsers"); try { op.Demand(); frmProtected frm = new frmProtected(); frm.Show(); frm.txtProtected.Text = string.Format("Demand succeeded.{0}User is a member of the Power Users group.", Environment.NewLine); } catch (System.Security.SecurityException ex) { txtDisplay.Text = string.Format("Security Exception:{0}{1}{2}Not a member of the Power Users group.", Environment.NewLine, ex.Message, Environment.NewLine); } }
private void btnManagerRun_Click(object sender, System.EventArgs e) { // Clear Textbox txtDisplay.Text = string.Empty; // The MachineName is required for custom groups. if the user is not a member of the // group, or if the group does not exist, then a security exception will be thrown // and the Demand will fail. PrincipalPermission op = new PrincipalPermission(null, machName + @"\Managers"); try { op.Demand(); frmProtected frm = new frmProtected(); frm.Show(); frm.txtProtected.Text = string.Format("Demand succeeded.{0}User is a member of the Managers group.", Environment.NewLine); } catch (System.Security.SecurityException ex) { txtDisplay.Text = string.Format("Security Exception:{0}{1}{2}Not a member of the Managers group.", Environment.NewLine, ex.Message, Environment.NewLine); } }