Csharp/CSharp Tutorial/Security/Permissions

Материал из .Net Framework эксперт
Версия от 12:17, 26 мая 2010; Admin (обсуждение | вклад) (1 версия)
(разн.) ← Предыдущая | Текущая версия (разн.) | Следующая → (разн.)
Перейти к: навигация, поиск

A declarative role-based security demand for the current principal

using System;
using System.Security.Permissions;
class MainClass
{
    [PrincipalPermission(SecurityAction.Demand, Name = @"MACHINE\Joe", Role = @"MACHINE\Managers")]
    public static void MyMethod()
    {
    }
}

A declarative role-based security demand for the current principal to be a member of the roles Managers OR Developers

using System;
using System.Security.Permissions;
class MainClass
{
 
    [PrincipalPermission(SecurityAction.Demand, Role = @"MACHINE\Managers")]
    [PrincipalPermission(SecurityAction.Demand, Role = @"MACHINE\Developers")]    
    public static void MyMethod()
    {
    }
}

An imperative role-based security demand for the current principal to represent an identity with the name Anya AND be a member of the Managers role

using System;
using System.Security.Permissions;
class MainClass
{
    public static void MyMethod() 
    { 
 
        PrincipalPermission perm = new PrincipalPermission(@"MACHINE\Joe", @"MACHINE\Managers");
            
        perm.Demand();
    }
}

An imperative role-based security demand for the current principal to represent an identity with the name Anya, the roles of the principal are irrelevant

using System;
using System.Security.Permissions;
class MainClass
{
    public static void MyMethod() 
    { 
        PrincipalPermission perm = new PrincipalPermission(@"MACHINE\Joe", null);
            
        perm.Demand();
    }
}

Create PrincipalPermission for Administrators

using System;
using System.Threading;
using System.Security;
using System.Security.Permissions;
using System.Collections.Generic;
using System.Text;
using System.Collections;
    class Program
    {
        static void Main(string[] args)
        {          
            System.Security.Principal.WindowsIdentity wi = System.Security.Principal.WindowsIdentity.GetCurrent();
            Thread.CurrentPrincipal = new System.Security.Principal.WindowsPrincipal(wi);
            Console.WriteLine(wi.Name);
            Console.WriteLine(Thread.CurrentPrincipal.Identity.Name);
            PrincipalPermission pp = new PrincipalPermission(null, "Administrators", true);
            pp.Demand();
            PrincipalPermission pp2 = new PrincipalPermission(null, "Users", true);
            pp.Union(pp2).Demand();
            try
            {
                PrincipalPermission pp3 = new PrincipalPermission(null, "Club");
                pp3.Demand();
            }
            catch (SecurityException e)
            {
                Console.WriteLine("You do not have access to the secret club.");
            }
        }
    }

File IO Permission: SecurityAction.RequestRefuse, Write

using System.Security.Permissions;
[assembly:FileIOPermission(SecurityAction.RequestRefuse, Write = @"C:\")]
class MainClass{
   public static void Main(){
    
   
   }
}

Internet SecurityAction

using System.Security.Permissions;
[assembly:PermissionSet(SecurityAction.RequestOptional, Name = "Internet")]
class MainClass
{
    public static void Main(){
        
    }
}

Optional permission request for IsolatedStorageFilePermission

using System;
using System.Net;
using System.Security.Permissions;

[assembly: IsolatedStorageFilePermission(SecurityAction.RequestOptional, Unrestricted = true)]
class MainClass
{
    public static void Main()
    {
    }
}

PrincipalPolicy.Intersect/Union

using System;
using System.Security.Permissions;
class MainClass
{
    public static void MyMethod() 
    { 
        PrincipalPermission perm1 = new PrincipalPermission(null, @"MACHINE\Managers");
        PrincipalPermission perm2 = new PrincipalPermission(null, @"MACHINE\Developers");
        // Make the demand.
        perm1.Union(perm2).Demand();
    }
}

Refuse request for ReflectionPermission

using System;
using System.Net;
using System.Security.Permissions;

[assembly: ReflectionPermission(SecurityAction.RequestRefuse, Unrestricted = true)]
class MainClass
{
    public static void Main()
    {
        FileIOPermission fileIOPerm = new FileIOPermission(FileIOPermissionAccess.Write, @"C:\Data");
        fileIOPerm.Demand();
    }
}

Specify the certification file

using System.Security.Permissions;
[PublisherIdentityPermission(SecurityAction.InheritanceDemand, CertFile = "YourCertFile.cer")]
public class MainClass
{
    [PermissionSet(SecurityAction.InheritanceDemand, Name="FullTrust")]
    public void SomeProtectedMethod () 
    {
    }
}

Test if the current assembly has the specified permission

using System;
using System.Security;
using System.Security.Permissions;
class MainClass
{
    public static void Main()
    {
        FileIOPermission fileIOPerm = new FileIOPermission(FileIOPermissionAccess.Write, @"C:\Data");
        Console.WriteLine(SecurityManager.IsGranted(fileIOPerm));
    }
}
True

UnmanagedCode element of SecurityPermission( controls the code�s ability to execute unmanaged code)

using System;
using System.Net;
using System.Security.Permissions;
[assembly:SecurityPermission(SecurityAction.RequestMinimum, UnmanagedCode = true)]
class MainClass
{
    public static void Main()
    {        
    }
}