Overview
To perform imperative permission checks, you write code within your logic. AzManPermissions contains AzManOperationPermission for directly connected and AzManOperationRemotePermission for remotely connected (through a service) authorization stores.

Examples of using imperative operation permission checks:
Directly connected authorization store
    public void DoSomeThing()
    {
      AzManOperationPermission azmanPerm = new AzManOperationPermission(null, 1);
      azmanPerm.Demand();
      //Do something
    }

Remotely connected authorization store
    public void DoSomeThing()
    {
      AzManOperationRemotePermission azmanPerm = new AzManOperationRemotePermission(null, 1);
      azmanPerm.Demand();
      //Do something
    }


Use enums instead of simple numbers
AzMan identifies each operation with a unique number. It's really hard to remember what a specific number means. I suggest you to create an enum, where the enum tags contain the operation identifiers. It makes your code much more readable.
For example:
  public enum Operations
  {
    Start = 1,
    SomeAction = 2,
    OtherAction = 3
  }

After you created this enum, you can use it in your permission checks:
    public void DoSomeThing()
    {
      AzManOperationPermission azmanPerm = new AzManOperationPermission(null, (int)Operations.Start);
      azmanPerm.Demand();
      //Do something
    }

(The sample is using directly connected authorization store, but the same works with remotely connected stores.)

Important
Before you specify a demand for AzMan operation permission, you must set the current application domain's principal policy to the enumeration value WindowsPrincipal. By default, the principal policy is set to UnauthenticatedPrincipal. If you do not set the principal policy to WindowsPrincipal, a demand for AzMan operation permission will fail. You should execute the following code before you demand the principal permission:
AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal).

Last edited Aug 14, 2012 at 7:10 PM by pjenei, version 2

Comments

No comments yet.