G
Guest
My client uses a SQL Database to store their usernames and passwords, and I
do not believe they have AD...no big deal... I wrote a class to create a
generic identity and generic principal so that I can use the .IsInRole
function for some added security. I would like to do the same by applying an
attribute to a method or class. The code I am including works from what I
can see, but I am experiencing the following... 1) I cannot add the custom
attribues to my main project... .NET does not seem to like it. 2) I cannot
complie my main application unless my custom attribute assembly is in the
GAC. Is this be design or am I doing something completely wrong...
Here are the 2 class files that I use to make the "Security" assembly that
for some reason must be in the GAC
Imports System.Security
Imports System.Security.Permissions
Imports System.Runtime.Remoting.Messaging
Imports System.Text
Imports System.Runtime.Serialization
<Serializable()> _
Public NotInheritable Class UserPermission
Implements IPermission, ISecurityEncodable, IUnrestrictedPermission,
ISerializable
Private _permission As String = ""
Private _name As String = ""
Private _unrestricted As Boolean = False
Public Function IsUnrestricted() As Boolean Implements
IUnrestrictedPermission.IsUnrestricted
Return _unrestricted
End Function
Public Sub GetObjectData(ByVal info As SerializationInfo, ByVal context
As StreamingContext) Implements ISerializable.GetObjectData
info.AddValue("Permission", _permission)
info.AddValue("User", _name)
info.AddValue("Unrestricted", _unrestricted)
End Sub
Public Sub New(ByVal info As SerializationInfo, ByVal context As
StreamingContext)
_permission = info.GetString("Permission")
_name = info.GetString("User")
_unrestricted = info.GetBoolean("Unrestricted")
End Sub
Public Sub New(ByVal perm As PermissionState)
_unrestricted = perm
_permission = ""
_name = ""
End Sub
Public Sub New(ByVal name As String, ByVal permission As String)
_name = name
_permission = permission
End Sub
Public Sub New(ByVal unrestricted As Boolean, Optional ByVal name As
String = "", Optional ByVal permission As String = "")
_unrestricted = unrestricted
_name = name
_permission = permission
End Sub
Public Function Copy() As IPermission Implements IPermission.Copy
Dim iperm As New UserPermission(PermissionState.None)
iperm._name = Me._name
iperm._permission = Me._permission
iperm._unrestricted = Me._unrestricted
Return iperm
End Function
Public Sub Demand() Implements IPermission.Demand
Try
Dim principal As Security.Principal.IPrincipal =
Threading.Thread.CurrentPrincipal
If principal.IsInRole("UnrestrictedAccess") Then
Exit Sub
End If
If principal.IsInRole(_permission) = False Then
Throw New SecurityException("You do not have rights to
perform the requested function.")
End If
Catch ex As Exception
Throw New SecurityException("You do not have rights to perform
the requested function.")
End Try
End Sub
Public Function IsSubsetOf(ByVal target As IPermission) As Boolean
Implements IPermission.IsSubsetOf
If target Is Nothing Then
Return False
'Return Not Me.IsUnRestricted
End If
Dim passedPerm As UserPermission = target
If passedPerm._permission = Me._permission Then
Return True
Else
Return False
End If
End Function
Public Function Union(ByVal target As IPermission) As IPermission
Implements IPermission.Union
Dim result As New UserPermission(PermissionState.None)
Dim passedPerm As UserPermission = target
result._unrestricted = Me._unrestricted And passedPerm._unrestricted
If Me._name = passedPerm._name Then
result._name = ""
Else
result._name = Me._name
End If
If Me._permission = passedPerm._permission Then
result._permission = ""
Else
result._permission = Me._permission
End If
Return result
End Function
Public Function Intersect(ByVal target As IPermission) As IPermission
Implements IPermission.Intersect
If target Is Nothing Then
Return Nothing
End If
Dim passedPerm As UserPermission = target
End Function
Public Sub FromXml(ByVal e As SecurityElement) Implements
ISecurityEncodable.FromXml
Dim iVal As String
iVal = e.Attribute("User")
_name = iVal
iVal = e.Attribute("Permission")
_permission = iVal
iVal = e.Attribute("Unrestricted")
If iVal <> "" Then
_unrestricted = Convert.ToBoolean(iVal)
End If
End Sub
' Serialize permission object to xml
Public Function ToXml() As SecurityElement Implements
ISecurityEncodable.ToXml
Dim e As New SecurityElement("IPermission")
Dim typ As Type = Me.GetType()
Dim assemblyName As New StringBuilder(typ.Assembly.ToString)
assemblyName.Replace(ControlChars.Quote, "'"c)
e.AddAttribute("class", typ.FullName & ", " & assemblyName.ToString)
e.AddAttribute("version", "1")
e.AddAttribute("Unrestricted", _unrestricted.ToString)
e.AddAttribute("User", _name)
e.AddAttribute("Permission", _permission)
Return e
End Function
Public ReadOnly Property PermissionSet() As String
Get
Dim perm As New UserPermission(PermissionState.None)
Dim pset As New
NamedPermissionSet("HospitalityMaxPermissionSet", PermissionState.None)
pset.Description = "Permission set containing permissions for
hospitalitymax"
pset.AddPermission(perm)
Return pset.ToXml().ToString()
End Get
End Property
End Class
Imports System.Security
Imports System.Security.Permissions
Imports System.Runtime.Serialization
<AttributeUsage(AttributeTargets.All, inherited:=False,
AllowMultiple:=True), Serializable()> _
Public NotInheritable Class UserPermissionAttribute
Inherits CodeAccessSecurityAttribute
Private _permission As String = "IsAuthenticated"
Private _name As String = ""
Public Property Permission() As String
Get
Return _permission
End Get
Set(ByVal Value As String)
_permission = Value
End Set
End Property
Public Property User() As String
Get
Return _name
End Get
Set(ByVal Value As String)
_name = Value
End Set
End Property
Public Sub New(Optional ByVal action As SecurityAction =
SecurityAction.Demand)
MyBase.New(action)
End Sub
Public Overrides Function CreatePermission() As
System.Security.IPermission
Return New UserPermission(MyBase.Unrestricted, _name, _permission)
End Function
End Class
So in my main app all I would like to do is similar to the following test...
Once again it seems to work but I have to add it to the GAC on my Devl
machine in order for it to complie. Once built I can deploy without issues.
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles Button1.Click
Threading.Thread.CurrentPrincipal = Nothing
Try
Me.SomeCodeToRun()
Catch ex As Exception
MsgBox(ex.ToString)
End Try
End Sub
<UserPermission(Permission:="CanRunThisCode")> _
Private Sub SomeCodeToRun()
MsgBox("Code got called")
End Sub
Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles Button2.Click
Dim roles() As String = {"CanRunThisCode"}
Dim i As New Security.Principal.GenericIdentity("steve")
Dim p As New Security.Principal.GenericPrincipal(i, roles)
Threading.Thread.CurrentPrincipal = p
Try
Me.SomeCodeToRun()
Catch ex As Exception
MsgBox(ex.ToString)
End Try
End Sub
Any thoughts?
do not believe they have AD...no big deal... I wrote a class to create a
generic identity and generic principal so that I can use the .IsInRole
function for some added security. I would like to do the same by applying an
attribute to a method or class. The code I am including works from what I
can see, but I am experiencing the following... 1) I cannot add the custom
attribues to my main project... .NET does not seem to like it. 2) I cannot
complie my main application unless my custom attribute assembly is in the
GAC. Is this be design or am I doing something completely wrong...
Here are the 2 class files that I use to make the "Security" assembly that
for some reason must be in the GAC
Imports System.Security
Imports System.Security.Permissions
Imports System.Runtime.Remoting.Messaging
Imports System.Text
Imports System.Runtime.Serialization
<Serializable()> _
Public NotInheritable Class UserPermission
Implements IPermission, ISecurityEncodable, IUnrestrictedPermission,
ISerializable
Private _permission As String = ""
Private _name As String = ""
Private _unrestricted As Boolean = False
Public Function IsUnrestricted() As Boolean Implements
IUnrestrictedPermission.IsUnrestricted
Return _unrestricted
End Function
Public Sub GetObjectData(ByVal info As SerializationInfo, ByVal context
As StreamingContext) Implements ISerializable.GetObjectData
info.AddValue("Permission", _permission)
info.AddValue("User", _name)
info.AddValue("Unrestricted", _unrestricted)
End Sub
Public Sub New(ByVal info As SerializationInfo, ByVal context As
StreamingContext)
_permission = info.GetString("Permission")
_name = info.GetString("User")
_unrestricted = info.GetBoolean("Unrestricted")
End Sub
Public Sub New(ByVal perm As PermissionState)
_unrestricted = perm
_permission = ""
_name = ""
End Sub
Public Sub New(ByVal name As String, ByVal permission As String)
_name = name
_permission = permission
End Sub
Public Sub New(ByVal unrestricted As Boolean, Optional ByVal name As
String = "", Optional ByVal permission As String = "")
_unrestricted = unrestricted
_name = name
_permission = permission
End Sub
Public Function Copy() As IPermission Implements IPermission.Copy
Dim iperm As New UserPermission(PermissionState.None)
iperm._name = Me._name
iperm._permission = Me._permission
iperm._unrestricted = Me._unrestricted
Return iperm
End Function
Public Sub Demand() Implements IPermission.Demand
Try
Dim principal As Security.Principal.IPrincipal =
Threading.Thread.CurrentPrincipal
If principal.IsInRole("UnrestrictedAccess") Then
Exit Sub
End If
If principal.IsInRole(_permission) = False Then
Throw New SecurityException("You do not have rights to
perform the requested function.")
End If
Catch ex As Exception
Throw New SecurityException("You do not have rights to perform
the requested function.")
End Try
End Sub
Public Function IsSubsetOf(ByVal target As IPermission) As Boolean
Implements IPermission.IsSubsetOf
If target Is Nothing Then
Return False
'Return Not Me.IsUnRestricted
End If
Dim passedPerm As UserPermission = target
If passedPerm._permission = Me._permission Then
Return True
Else
Return False
End If
End Function
Public Function Union(ByVal target As IPermission) As IPermission
Implements IPermission.Union
Dim result As New UserPermission(PermissionState.None)
Dim passedPerm As UserPermission = target
result._unrestricted = Me._unrestricted And passedPerm._unrestricted
If Me._name = passedPerm._name Then
result._name = ""
Else
result._name = Me._name
End If
If Me._permission = passedPerm._permission Then
result._permission = ""
Else
result._permission = Me._permission
End If
Return result
End Function
Public Function Intersect(ByVal target As IPermission) As IPermission
Implements IPermission.Intersect
If target Is Nothing Then
Return Nothing
End If
Dim passedPerm As UserPermission = target
End Function
Public Sub FromXml(ByVal e As SecurityElement) Implements
ISecurityEncodable.FromXml
Dim iVal As String
iVal = e.Attribute("User")
_name = iVal
iVal = e.Attribute("Permission")
_permission = iVal
iVal = e.Attribute("Unrestricted")
If iVal <> "" Then
_unrestricted = Convert.ToBoolean(iVal)
End If
End Sub
' Serialize permission object to xml
Public Function ToXml() As SecurityElement Implements
ISecurityEncodable.ToXml
Dim e As New SecurityElement("IPermission")
Dim typ As Type = Me.GetType()
Dim assemblyName As New StringBuilder(typ.Assembly.ToString)
assemblyName.Replace(ControlChars.Quote, "'"c)
e.AddAttribute("class", typ.FullName & ", " & assemblyName.ToString)
e.AddAttribute("version", "1")
e.AddAttribute("Unrestricted", _unrestricted.ToString)
e.AddAttribute("User", _name)
e.AddAttribute("Permission", _permission)
Return e
End Function
Public ReadOnly Property PermissionSet() As String
Get
Dim perm As New UserPermission(PermissionState.None)
Dim pset As New
NamedPermissionSet("HospitalityMaxPermissionSet", PermissionState.None)
pset.Description = "Permission set containing permissions for
hospitalitymax"
pset.AddPermission(perm)
Return pset.ToXml().ToString()
End Get
End Property
End Class
Imports System.Security
Imports System.Security.Permissions
Imports System.Runtime.Serialization
<AttributeUsage(AttributeTargets.All, inherited:=False,
AllowMultiple:=True), Serializable()> _
Public NotInheritable Class UserPermissionAttribute
Inherits CodeAccessSecurityAttribute
Private _permission As String = "IsAuthenticated"
Private _name As String = ""
Public Property Permission() As String
Get
Return _permission
End Get
Set(ByVal Value As String)
_permission = Value
End Set
End Property
Public Property User() As String
Get
Return _name
End Get
Set(ByVal Value As String)
_name = Value
End Set
End Property
Public Sub New(Optional ByVal action As SecurityAction =
SecurityAction.Demand)
MyBase.New(action)
End Sub
Public Overrides Function CreatePermission() As
System.Security.IPermission
Return New UserPermission(MyBase.Unrestricted, _name, _permission)
End Function
End Class
So in my main app all I would like to do is similar to the following test...
Once again it seems to work but I have to add it to the GAC on my Devl
machine in order for it to complie. Once built I can deploy without issues.
Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles Button1.Click
Threading.Thread.CurrentPrincipal = Nothing
Try
Me.SomeCodeToRun()
Catch ex As Exception
MsgBox(ex.ToString)
End Try
End Sub
<UserPermission(Permission:="CanRunThisCode")> _
Private Sub SomeCodeToRun()
MsgBox("Code got called")
End Sub
Private Sub Button2_Click(ByVal sender As System.Object, ByVal e As
System.EventArgs) Handles Button2.Click
Dim roles() As String = {"CanRunThisCode"}
Dim i As New Security.Principal.GenericIdentity("steve")
Dim p As New Security.Principal.GenericPrincipal(i, roles)
Threading.Thread.CurrentPrincipal = p
Try
Me.SomeCodeToRun()
Catch ex As Exception
MsgBox(ex.ToString)
End Try
End Sub
Any thoughts?