PermissionAttribute Class using VB.NET
In this article I will explain you about PermissionAttribute Class using VB.NET.
You can place security attributes in your classes or methods to assert, demand, deny, or permit only certain permissions.
There can be zero or more public properties set in the attribute, each separated by a comma. For example, the FileIOPermissionAttribute has properties for controlling how a user can append, read, and write to a file. Setting these properties in this attribute defines which files or directories you wish to check for access permissions.
In he given below example, FileIOPermissionAttribute demands permission to read C:\dir1\ whenever a method in MyClass is called. The EnvironmentPermissionAttribute demands permission for reading the TEMP environment variable before a call to MyMethod can succeed. If either of the demands fails, the system throws a security exception for calls to MyMethod.
Example of PermissionAttribute
' PermissionAttribute for class and method
<FileIOPermissionAttribute(SecurityAction.Demand, Read:="c:\dir1\")> _
Public Class [MyClass]
<EnvironmentPermissionAttribute(SecurityAction.Demand, Read:="TEMP")> _
Public Sub MyMethod()
End Sub
End Class
In the next example, AnyClass defines two assembly permission set attributes, which will cause it to request to read, at a minimum, the minimum_permission.xml file and, optionally, the optional_permission.xml file.
Example of PermissionSetAttribute
' PermissionSetAttribute
<Assembly: PermissionSetAttribute(SecurityAction.Request.Minimum, File:="minimum_permission.xml")>
<Assembly: PermissionSetAttribute(SecurityAction.RequestOptional, File:="optional_permission.xml")>
Public Class AnyClass
Public Shared Sub Main()
Console.WriteLine("Permissions")
End Sub
End Class
Next example illustrates the declarative use of Deny to override security checks. RegistryPermissionAttribute includes a SecurityAction enumeration for Deny and the registry key to which write access will be denied.
Example of RegistryPermissionAttribute
' Declarative demand1
<RegistryPermissionAttribute(SecurityAction.Deny, Write:="HKEY_LOCAL_MACHINE")> _
Public Class [MyClass]
Public Sub New()
End Sub
' no writes but read to HKLM is allowed!
Public Sub ReadRegistry()
'Access the registry.
End Sub
End Class
The next example shows how to use Assert declaratively to override security checks. Using Assert in FileIOPermission causes demands for access to C:\temp\trace1.txt to succeed, since the Assert method is called during JIT compilation.
Example of FileIOPermission
' Declarative demand2
<FileIOPermission(SecurityAction.Assert, All:="C:\temp\trace1.txt")> _
Public Sub SaveTrace()
Dim TextStream As New StreamWriter("C:\temp\trace1.txt")
TextStream.WriteLine("created on:" + DateTime.Now)
TextStream.Close()
End Sub
The next example shows how a link demand can be used to check only the immediate caller of your code during a security check performed as part of a JIT compilation. The immediate caller of the CoolApp class must have the strong name used in the StrongNameIdentityPermissionAttribute defined in the listing, since we used the LinkDemand security action. CoolApp class can be linked only by the assembly that has the strong name specified in the LinkDemand attribute.
Example of LinkDemand
' link demand
<StrongNameIdentityPermissionAttribute(SecurityAction.LinkDemand,
PublicKey="0024000004800000940000000602000000240000525341310004000001000100bf01b056
b9778a08f3b7b7a573b1a6e6e1bf18af004f8f017997a28b4378ea7b389932c9f537df90190b994c1e0
849a4222a6d87761bc96d2a16d8a36865c6d7d031fa3109ed9711d064d20e7059aa945dfe10cdd64d32
49c10b76e2759556d3554f7708ade90c9453b1118f97a492b81ba33d193ee8df19b29af7dabae691d5"
Name:="CoolApp", Version:="1.0.0.2")> _
Public Class CoolApp
' Additional code here
End Class
Conclusion
Hope this article would have helped you in understanding PermissionAttribute Class using VB.NET