When to explicitly check permission
From: Andreas Håkansson (andreas.hakansson_at_nospam.com)
Date: 10/29/04
- Next message: Marius Groenendijk: "Check for permission does not work"
- Previous message: Christian Staffe: "Calling a Web Service protected by a certificate"
- Next in thread: Nicole Calinoiu: "Re: When to explicitly check permission"
- Reply: Nicole Calinoiu: "Re: When to explicitly check permission"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 29 Oct 2004 16:20:29 +0200
When should you explicitly check for correct permission? Perhaps this sounds
strang, I know, but stick with me for a moment. For example the
GetCurrentDirectory
method on the Directory class throws an UnauthorizedAccessException if the
caller doesn't have access to the I/O operation, so there wouldn't be any
point
in doing a Demand call on a FileIOPermission object and possibly trap a
SecurityException instead would there?
The Exists method on the File class performs a call to the Demand method on
a
FileIOPermission object interally, but never rethrows the SecurityException
(among
others) which can occure internally in the method, but instead returns
False - so why
should I do an explicit check my self before I call the method? Or shouldn't
I ? =)
The Framework is litered with scenarios like these. A few places I have used
it is with
the SQLClientPermission and SecurityPermission (to be sure I could call into
unmanged
code - COM Interop scenario), but I would like some more generall guidelines
for this
kind of stuff to improve the overall quality of my code.
Cheers! =)
//Andreas
- Next message: Marius Groenendijk: "Check for permission does not work"
- Previous message: Christian Staffe: "Calling a Web Service protected by a certificate"
- Next in thread: Nicole Calinoiu: "Re: When to explicitly check permission"
- Reply: Nicole Calinoiu: "Re: When to explicitly check permission"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
