Add System.Security.Permissions.PrincipalPermission

[danmoseley]

We see this being used in apps. It does have effect in Desktop in the default configuration (unlike CAS). We could reasonably implement it cross platform. So we should add it.

class Program
{
    static void Main()
    {
        new System.Security.Permissions.PrincipalPermission("foo", "bar").Demand();
    }
}

Unhandled Exception: System.Security.SecurityException: Request for principal permission failed.
   at System.Security.Permissions.PrincipalPermission.ThrowSecurityException()
   at System.Security.Permissions.PrincipalPermission.Demand()
   at Program.Main() in C:\Users\stoub\Documents\Visual Studio 2015\Projects\ConsoleApplication27\ConsoleApplication27\Program.cs:line 5

[danmoseley]

Not in scope: making the Attribute work. Only the imperative. This does not need to work:

    public static void Main()
    {
        try
        {
            // PrincipalPolicy must be set to WindowsPrincipal to check roles.
            AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
            // Check using the PrincipalPermissionAttribute
            CheckAdministrator();
            // Check using PrincipalPermission class.
            PrincipalPermission principalPerm = new PrincipalPermission(null, "Administrators");
            principalPerm.Demand();
            Console.WriteLine("Demand succeeded.");
        }
        catch (Exception e)
        {
            Console.WriteLine(e.Message);
        }
    }
    [PrincipalPermission(SecurityAction.Demand, Role = "Administrators")]
    static void CheckAdministrator()
    {
        Console.WriteLine("User is an administrator");
    }

[ioanacrant]

Resolved in dotnet/corefx#10977

[stephentoub]

The type was added in dotnet/corefx#10977, but it's not actually functional. This is one we decided we need to be functional.

[ianhays]

Looking at the original reference source, most of it can be easily translatable to .net core. My only concerns are the things wrapped in FEATURE_CAS_POLICY and FEATURE_IMPERSONATION. Are those bits necessary to include as well? Some of the functions like Demand won't work without FEATURE_IMPERSONATION so I assume that's necessary. FEATURE_CAS_POLICY on the other hand only affects XML parsing.