I have a DeleteAll method in my base class that requires a specific role ("Remover") to be called. I have a second class that derives from the base class. In the derived class, I want to override the DeleteAll method so I can require a different role ("Operator") to the method.
public BaseClass
{
[PrincipalPermission(SecurityAction.Demand, Authenticated = true, Role = "Remover")]
public virtual void DeleteAll(IEnumerable<Guid> ids)
{
//Code to delete each id
}
}
public DerivedClass : BaseClass
{
[PrincipalPermission(SecurityAction.Demand, Authenticated = true, Role = "Operator")]
public virtual void DeleteAll(IEnumerable<Guid> ids)
{
base.DeleteAll(ids);
}
}
If I call DerivedClass's DeleteAll method, it will require a user to have both the "Operator" and the "Remover" roles. I only want the "Operator" role to be required.
Is there a way to override PrincipalPermission when overriding a method?
I think the problem is that you are using the baseclass in the derivedclass, so the DeleteAll method resulting in DerivedClass needs to have both "operator" and "deleter" roles.
You can try combining multiple PrincipalPermissionAttribute requirements using OR.
See the link below for details.
PrincipalPermission on Method doesn't work if applied to Class
How to apply OR in PrincipalPermission in base and derive class