How Do I Restrict Access To A Public Method To Only A Specific Class In C#?

Question

0.00/5 (No votes)

See more:

i have CURD class for do basic Operation

C#

public class CURD
  {
      public void DoCreate()
      {
          // Create User
      }
      public void DoUpdate()
      {
          // Update User Info
      }
      public void DoRead()
      {
          // Read User info
      }
      public void DoDelete()
      {
          // Delete User Infor

      }

  }

alsoe I have Some Class for expose User in my Program(ex: Admin,PowerUser,User)
i want to following:
only Admin class can access all CURD class method.
PowerUser class can access only to DoUpdate and DoRead.
user class can access only to DoRead method
.
how can i implement it in c#?

Posted 22-Nov-14 19:25pm

AminMhmdi

Add a Solution

3 solutions

Solution 2

Usually this is controlled at a UI level.

However you can do :

C#

...
[System.Security.Permissions.PrincipalPermission(System.Security.Permissions.SecurityAction.Demand, Role="DoDelete")] // or "PowerUser" etc.
public void DoDelete()
{
    // Delete User Infor

}
...

Which would require the user to have a "DoDelete" role in their security context otherwise the CLR will throw a SecurityException and somewhere in your login code you would do the following for the login user :

C#

public void btnLogin_click(object sender, EventArgs e)
{
   // authenticate user here
   if(Authenticate(username, password))
   {
      GenericIdentity id = new GenericIdentity(username); // username of the current login 

      Thread.CurrentPrincipal = new GenericPrincipal(id, new string[] {"Admin", "PowerUser", "DoDelete"}); // the roles the user has usually from a database
   }

}

Posted 22-Nov-14 19:43pm

Mehdi Gholam

Updated 22-Nov-14 23:48pm

v2

Comments

AminMhmdi 23-Nov-14 2:12am

tnx for answer but i dont understand your code!
how can i use this in my class to restrict access to public method?

Mehdi Gholam 23-Nov-14 5:25am

You put the security attribute on the methods you want to control access to ( begins and ends with the brackets [] ), and in your login you set the roles the user has.

AminMhmdi 23-Nov-14 5:40am

ok so can you explain more about login part??or give me link for article about it??in asp.net we have Web Site Administration Tool but i dont know about desktop apps

Mehdi Gholam 23-Nov-14 5:48am

See the updated solution.

Solution 1

There is no such capability in .NET. You should better improve your code design.

However, in many it could be possible to replace public access modified by internal. This will limit access to the same assembly as the assembly of the declaring type. Another, rarely used opportunity is the use of private or friend assemblies. You can read about them here:
http://msdn.microsoft.com/en-us/library/windows/desktop/ff951638%28v=vs.85%29.aspx[^],
http://msdn.microsoft.com/en-us/library/0tke9fxk.aspx[^].

—SA

Posted 22-Nov-14 19:33pm

Sergey Alexandrovich Kryukov

Comments

Mehdi Gholam 23-Nov-14 1:44am

There is a way Sergey, check my answer.

Sergey Alexandrovich Kryukov 23-Nov-14 2:01am

Sorry, Mehdi, but it looks like your question is totally off-topic. The question was about OOP design and implementation. By access, compile-time access is meant. It has nothing to do with permissions and nothing to do with UI.
—SA

Mehdi Gholam 23-Nov-14 5:28am

I believe the OP means runtime access control when referring to "admin", "power user" etc., obviously at compile time you either have access to a method or you don't and there is no notion of a user.

Sergey Alexandrovich Kryukov 23-Nov-14 13:34pm

No, not even close. The OP's statement is crystal clear. "Admin" is the name of the class.
—SA

AminMhmdi 23-Nov-14 1:48am

tnx Sergey.i am in UML design process we create some actor that have access to same activity(CURD operation) i wonder how can i limit access of some actor to CURD operation? How to design my Diagram??and in implementation code ,Should is write Separate CURD function for each actor?

Sergey Alexandrovich Kryukov 23-Nov-14 2:07am

Look, it's hardly possible to review the whole design in a short answer, in response to a comment of a couple of lines. Good design needs consideration of many aspects of the problem...
I answered your original question in full. "How to design" something is not a definitive question... You design be doing design work, sorry for this piece of tautology... If you can find a way to describe you bigger problem in sufficient detail but still suitable for the forum, we will try to help you...
—SA

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

AminMhmdi · Accepted Answer · 2014-12-04T03:40:00

Solution 3

tnx for response
as Sergey say i must "improve my code design"
i think best solution is create Some Boolean Field for each of User such as:

C#

Bool canCreate
Bool canRead
Bool canUpdate
Bool canDelete

and set this value from database to each

Posted 4-Dec-14 3:40am

AminMhmdi