Security is a necessity in any program, in any system, for every action. Okay, I suppose I went a bit too far now, but I cannot stress enough how important some sort of security is for your applications.
Put on your reading glasses and let’s see how easy it can be to implement Role-based Security in your Visual Basic applications.
Security
Security is quite a broad term that will take me until infinity to explain, so here are a few links to help you understand Application Security:
- https://en.wikipedia.org/wiki/Application_security
- http://searchsoftwarequality.techtarget.com/definition/application-security
Role-based Security
Add the following code behind the btnAdd button’s click event:
Private Sub btnAdd_Click(ByVal sender As System.Object, _
ByVal e As System.EventArgs) Handles btnAdd.Click
Try
Dim ppUser As PrincipalPermission = _
New PrincipalPermission(Nothing, "BUILTIN\Users")
ppUser.Demand(
Dim intAnswer As Integer = (Integer.Parse(txtInput1.Text) _
+ Integer.Parse(txtInput2.Text))
lblAnswer.Text = intAnswer.ToString()
Catch ex As System.Security.SecurityException
MessageBox.Show("You have been denied access: " _
+ ex.Message)
End Try
End Sub
The PrincipalPermission class is used to create a new permission instance. Here, you first specify the Principal and then demand it. If anyone else except the specified principal tries to access the underlying code, they will be denied access. Here is more information about the PrincipalPermission class: https://msdn.microsoft.com/en-us/library/system.security.permissions.principalpermission%28v=vs.110%29.aspx.
Add the following code behind btnSubtract:
Private Sub btnSubtract_Click(ByVal sender As System.Object, _
ByVal e As System.EventArgs) Handles btnSubtract.Click
Dim intAnswer As Integer = (Integer.Parse(txtInput1.Text) _
- Integer.Parse(txtInput2.Text))
lblAnswer.Text = intAnswer.ToString
End Sub
Nothing special here. The preceding code simply subtracts two values.
Add the following code behind the btnDivide button’s click event:
Private Sub btnDivide_Click(ByVal sender As System.Object, _
ByVal e As System.EventArgs) Handles btnDivide.Click
Dim strUser As String = System.Environment.MachineName _
+ "\HTG"
Try
Dim ppPermission As PrincipalPermission = _
New PrincipalPermission(strUser, Nothing)
ppPermission.Demand()
Dim DecAnswer As Decimal = (Decimal.Parse(txtInput1.Text) _
/ Decimal.Parse(txtInput2.Text))
lblAnswer.Text = Decimal.Round(DecAnswer, 2).ToString()
Catch ex As System.Security.SecurityException
MessageBox.Show("You have been denied access: " _
+ ex.Message)
End Try
End Sub
The btnDivide button’s code works exactly as the btnAdd button’s code except for the Principal being different.
Lastly, add the next code behind btnMultiply:
Private Sub btnMultiply_Click(ByVal sender As System.Object, _
ByVal e As System.EventArgs) Handles btnMultiply.Click
lblAnswer.Text = Multiply(Integer.Parse(txtInput1.Text), _
Integer.Parse(txtInput2.Text)).ToString
End Sub
<PrincipalPermission(SecurityAction.Demand, _
Role:="BUILTIN\Administrators")> _
Private Function Multiply(ByVal int1 As Integer, _
ByVal int2 As Integer) As Integer
Return int1 * int2
End Function
This prevents anyone except the Administrators from running this code.