Weird behaviour of the PrincipalPermission attribute  
Author Message
Amid





PostPosted: .NET Base Class Library, Weird behaviour of the PrincipalPermission attribute Top

Let's suppose we have the following class:

[PrincipalPermission(SecurityAction.Demand, Authenticated = true)]
public class TestClass
{
[PrincipalPermission(SecurityAction.Demand, Role = "Administrator")]
public void CallMe()
{
PrincipalPermission MyPermission = new PrincipalPermission("User", "Administrator");
MyPermission.Demand();
}
}

And the following code snippet that uses it:

class Class1
{
[STAThread]
static void Main(string[] args)
{
SetPrincipal("bad user");
TestClass tp = new TestClass();
tp.CallMe();
}

private static void SetPrincipal(string role)
{
GenericIdentity myIdentity = new GenericIdentity("User");

String[] myStringArray = { role };
GenericPrincipal myPrincipal = new GenericPrincipal(myIdentity, myStringArray);

Thread.CurrentPrincipal = myPrincipal;
}
}

The weird thing about this code that declarative permission check allows to call method TestClass.CallMe() (though it is not supposed to) but imperative check within this method throws an exception and behaves correctly.
Now if we remove declarative permission check from the class declaration and leave one on the method everything works as it should be.

Any thoughts will be appreciated. Thanks in advance.




.NET Development18