In my data access layer, I have permissions on each method similar to:
<PrincipalPermission(SecurityAction.Demand, Authenticated:=True,
Role:="modifyProspects")_
Public Overrides Function AddTracking(someVars...ect...) As Integer
End Function
During conversion to a new database some records may not have information
associated with them and thus a table cannot be created for this tracking
information. In my code I detect that if information does not exist, and
then simply add default values, but in order to do this as seen above I need
the manageProspects role. Is there a way to assert a permission on the
method below that can bypass the "manageProspects" role so that information
can be added when any user opens a prospect that has missing information?
Public Shared Function SelectTracking(ByVal prospect As
MarketingProspect) As Tracking
Dim dbConn As DataAccessLayer.DataAccessBase =
DataAccessLayer.DataAccessBaseHelper.GetDataAccess Layer
Dim dt As Data.DataTable = dbConn.SelectTracking(prospect.MktgId)
'If tracking information is missing, we can quickly add it with
its default values.
'This table is extremely important to reporting, but for
normalization, it was placed
'into another table. In the event that the transaction fails on
this table we need an entry.
'We will impersonate a user with higher permissions to
accomplish this task.
If dt.Rows.Count = 0 Then
Dim trk As New Tracking(Nothing, Nothing, Nothing, Nothing,
Nothing, StatusType.StatusTypes.Prospect)
trk.Add(prospect) '<-- HERE IS WHERE I NEED TO BYPASS
PERMISSIONS
Return trk
Else
etc...
End If