开发者

How to forbid calling a method C#

问答 作者:

I want to allow calling the method only from the particular methods. Take a look at the code below. 

  private static void TargetMethod()
  {
  }

  private static void ForbiddenMethod()
  {
     Targe开发者_StackOverflow中文版tMethod();
  }

  private static void AllowedMethod()
  {
     TargetMethod();
  }

I need only AllowedMethod could call TargetMethod. How to do it using classes from System.Security.Permissions?

Updated: Thanks for your answers, but I don't want to debate about design of my application. I just want to know is it possible to do it using .net security or not?

You can solve this using normal object-oriented design. Move AllowedMethod to a new class and make ForbiddenMethod a private method of that class:

public class MyClass
{
    public void AllowedMethod() { // ... }

    private void TargetMethod() { // ... }
}

AllowedMethod has access to private members, but no-one else have.

I believe you should try to structure your code in meaningfull classes, and use the standard access modifiers (private, protected, public, internal). Is there any specific reason why this would not solve your problem?

The only alternative I can think of, would involve traversing the call stack from within the callee, but that would likely yield code mess and suboptimal performance.

You could examine the call stack to accomplish this, but it is rather slow. I wouldn't recommend it if it can be avoided.

Should you still want to do this, you need to be careful to avoid method inlining as well, or your code might suddenly stop working under Release builds.

[MethodImpl(MethodImplOptions.NoInlining)]
private static void TargetMethod()
{
    StackFrame fr = new StackFrame(1, false);
    Console.WriteLine(fr.GetMethod().Name);
}

As far as I know, there are no out-of-the-box attributes to do this.

CAS cannot do this if the code is running in full trust.

If the code is executing in Full Trust (i.e. a normal, local application, not a silverlight application or something run from the network), then all .NET CAS checks are completely bypassed; any security attribute is simply ignored.

CAS simply walks the stack to determine permissions, though, and you can do that too, as Darin pointed out earlier by just checking the StackTrace.

I am not sure if this is achievable with System.Security.Permissions, but inside TargetMethod you could get the caller and act accordingly:

StackTrace stackTrace = new StackTrace();
Console.WriteLine(stackTrace.GetFrame(1).GetMethod().Name);

You might be able to use CodeAccessPermission objects. You'd have to implement the interface in your own object to have it work like you're suggesting though.

http://msdn.microsoft.com/en-us/library/system.security.codeaccesspermission.aspx

By using Attributes you can solve this issue.

Use Conditional Attributs.

In the top

#define "Show" 


  public void TargetMethod()
    {
      //Code
    }
   [ Conditional("Hidden")]
   public void HiddenMethod()
    {
       TargetMethod()
    }
 [ Conditional("Show")]
  public void AllowMethod()
    {
       TargetMethod()
    }

One of your methos will be called.

继续阅读:.net.net-securitypermissions

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9