如何限制对C＃中的特定类的公共方法的访问？ [英] How Do I Restrict Access To A Public Method To Only A Specific Class In C#?

问题描述

我有CURD课程用于执行基本操作

i have CURD class for do basic Operation

public class CURD
  {
      public void DoCreate()
      {
          // Create User
      }
      public void DoUpdate()
      {
          // Update User Info
      }
      public void DoRead()
      {
          // Read User info
      }
      public void DoDelete()
      {
          // Delete User Infor

      }

  }

我还有一些类用于在我的程序中公开用户（例如：管理员，PowerUser，用户）

i想要关注：

只有Admin类可以访问所有CURD类方法。

PowerUser类只能访问DoUpdate和DoRead。

用户类只能访问DoRead方法

。

如何在c＃中实现它？

alsoe I have Some Class for expose User in my Program(ex: Admin,PowerUser,User)
i want to following:
only Admin class can access all CURD class method.
PowerUser class can access only to DoUpdate and DoRead.
user class can access only to DoRead method
.
how can i implement it in c#?

推荐答案

.NET中没有这样的功能。你应该更好地改进你的代码设计。



但是，在很多情况下，有可能替换 public 访问被修改通过内部。这将限制对与声明类型的程序集的访问相同的程序集。另一个很少使用的机会是使用私人或朋友集会。你可以在这里阅读它们：

http://msdn.microsoft.com/en-us/library/windows/desktop/ff951638%28v=vs.85%29.aspx [ ^ ]，

http://msdn.microsoft.com/en-us/library/0tke9fxk.aspx [ ^ ]。

-SA

There is no such capability in .NET. You should better improve your code design.

However, in many it could be possible to replace public access modified by internal. This will limit access to the same assembly as the assembly of the declaring type. Another, rarely used opportunity is the use of private or friend assemblies. You can read about them here:
http://msdn.microsoft.com/en-us/library/windows/desktop/ff951638%28v=vs.85%29.aspx[^],
http://msdn.microsoft.com/en-us/library/0tke9fxk.aspx[^].

—SA

通常这是在UI级别控制的。



但是你可以这样做：

Usually this is controlled at a UI level.

However you can do :

...
[System.Security.Permissions.PrincipalPermission(System.Security.Permissions.SecurityAction.Demand, Role="DoDelete")] // or "PowerUser" etc.
public void DoDelete()
{
    // Delete User Infor

}
...

这将要求用户在其安全上下文中具有DoDelete角色，否则CLR将抛出一个 SecurityException 并在您的登录代码中的某处为登录用户执行以下操作：

Which would require the user to have a "DoDelete" role in their security context otherwise the CLR will throw a SecurityException and somewhere in your login code you would do the following for the login user :

public void btnLogin_click(object sender, EventArgs e)
{
   // authenticate user here
   if(Authenticate(username, password))
   {
      GenericIdentity id = new GenericIdentity(username); // username of the current login 

      Thread.CurrentPrincipal = new GenericPrincipal(id, new string[] {"Admin", "PowerUser", "DoDelete"}); // the roles the user has usually from a database
   }

}

tnx for response

谢尔盖说我必须改进我的代码设计

i认为最佳解决方案是为每个用户创建一些布尔字段，例如：

tnx for response
as Sergey say i must "improve my code design"
i think best solution is create Some Boolean Field for each of User such as:

Bool canCreate
Bool canRead
Bool canUpdate
Bool canDelete

并将此值从数据库设置为每个

and set this value from database to each

这篇关于如何限制对C＃中的特定类的公共方法的访问？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！