C#  

PermissionAttribute Class using C#


This article has been excerpted from book "The Complete Visual C# Programmer's Guide" from the Authors of C# Corner.

You can place security attributes in your classes or methods to assert, demand, deny, or permit only certain permissions. 

There can be zero or more public properties set in the attribute, each separated by a comma. For example, the FileIOPermissionAttribute has properties for controlling how a user can append, read, and write to a file. Setting these properties in this attribute defines which files or directories you wish to check for access permissions. 

In Listing 22.22, FileIOPermissionAttribute demands permission to read C:\dir1\ whenever a method in MyClass is called. The EnvironmentPermissionAttribute demands permission for reading the TEMP environment variable before a call to MyMethod can succeed. If either of the demands fails, the system throws a security exception for calls to MyMethod. 

Listing 22.22: PermissionAttribute Example 

// PermissionAttribute for class and method
[FileIOPermissionAttribute(SecurityAction.Demand,
Read = @"c:\dir1\")]

public class MyClass
{
    [EnvironmentPermissionAttribute(SecurityAction.Demand,
    Read = "TEMP")]
    public void MyMethod()
    {
    }
}

In Listing 22.23, AnyClass defines two assembly permission set attributes, which will cause it to request to read, at a minimum, the minimum_permission.xml file and, optionally, the optional_permission.xml file. 

Listing 22.23: PermissionSetAttribute Example

// PermissionSetAttribute
[assembly: PermissionSetAttribute(SecurityAction.Request.Minimum,
File = "minimum_permission.xml")]
[assembly: PermissionSetAttribute(SecurityAction.RequestOptional,
File = "optional_permission.xml")]

public class AnyClass
{
    public static void Main()
    {
        Console.WriteLine("Permissions");
    }
}

Listing 22.24 illustrates the declarative use of Deny to override security checks. RegistryPermissionAttribute includes a SecurityAction enumeration for Deny and the registry key to which write access will be denied. 

Listing 22.24: RegistryPermissionAttribute Example 

// Declarative demand1
[RegistryPermissionAttribute(SecurityAction.Deny, Write = "HKEY_LOCAL_MACHINE")]

public class MyClass
{
    public MyClass()
    {
    }

    // no writes but read to HKLM is allowed!
    public void ReadRegistry()
    {
        //Access the registry.
    }
}

Listing 22.25 shows how to use Assert declaratively to override security checks. Using Assert in FileIOPermission causes demands for access to C:\temp\trace1.txt to succeed, since the Assert method is called during JIT compilation. 

Listing 22.25: FileIOPermission Example 

// Declarative demand2
[FileIOPermission(SecurityAction.Assert, All = @"C:\temp\trace1.txt")]

public void SaveTrace()
{
    StreamWriter TextStream = new StreamWriter(@"C:\temp\trace1.txt");
    TextStream.WriteLine("created on:" + DateTime.Now);
    TextStream.Close();
}

Listing 22.26 shows how a link demand can be used to check only the immediate caller of your code during a security check performed as part of a JIT compilation. The immediate caller of the CoolApp class must have the strong name used in the StrongNameIdentityPermissionAttribute defined in the listing, since we used the LinkDemand security action. CoolApp class can be linked only by the assembly that has the strong name specified in the LinkDemand attribute. 

Listing 22.26: LinkDemand Example 

// link demand
[StrongNameIdentityPermissionAttribute(SecurityAction.LinkDemand,
PublicKey="0024000004800000940000000602000000240000525341310004000001000100bf01b056
b9778a08f3b7b7a573b1a6e6e1bf18af004f8f017997a28b4378ea7b389932c9f537df90190b994c1e0
849a4222a6d87761bc96d2a16d8a36865c6d7d031fa3109ed9711d064d20e7059aa945dfe10cdd64d32
49c10b76e2759556d3554f7708ade90c9453b1118f97a492b81ba33d193ee8df19b29af7dabae691d5"
,
Name = "CoolApp", Version = "1.0.0.2"]
public class CoolApp
{
    // Additional code here
}

Conclusion

Hope this article would have helped you in understanding tPermissionAttribute Class using C#. See other articles on the website on .NET and C#.

visual C-sharp.jpg
 The Complete Visual C# Programmer's Guide covers most of the major components that make up C# and the .net environment. The book is geared toward the intermediate programmer, but contains enough material to satisfy the advanced developer.

Membership not found