πLearning to code? Check out ourbrand new Bootcampfor beginners!
Learning Exercise
The const modifier can be (and generally should be) applied to any field where its value is known at compile time and will not change during the lifetime of the program.
private const int num = 1729;
public const string title = "Grand" + " Master";
The readonly modifier can be (and generally should be) applied to any field that cannot be made const where its value will not change during the lifetime of the program and is either set by an inline initializer or during instantiation (by the constructor or a method called by the constructor).
private readonly int num;
private readonly System.Random rand = new System.Random();
public MyClass(int num)
{
this.num = num;
}
In security sensitive situations (or even simply on a large code-base where developers have different priorities and agendas) you should avoid allowing a class's public API to be circumvented by accepting and storing a method's mutable parameters or by exposing a mutable member of a class through a return value or as an out parameter.
While the readonly modifier prevents the value or reference in a field from being overwritten, it offers no protection for the members of a reference type.
readonly List<int> ints = new List<int>();
void Foo()
{
ints.Add(1); // ok
ints = new List<int>(); // fails to compile
}
To ensure that all members of a reference type are protected the fields can be made readonly and automatic properties can be defined without a set accessor.
The Base Class Library (BCL) provides some readonly versions of collections where there is a requirement to stop members of a collections being updated. These come in the form of wrappers:
ReadOnlyDictionary<T> exposes a Dictionary<T> as read-only.ReadOnlyCollection<T> exposes a List<T> as read-only.The authentication system that you last saw in developer-privileges is in need of some attention. You have been tasked with cleaning up the code. Such a cleanup project will not only make life easy for future maintainers but will expose and fix some security vulnerabilities.
This is a refactoring task. Add the const modifier to any members of Authenticator or Identity that you think appropriate.
This is a refactoring task. Add the readonly modifier to any fields of the Authenticator class or the Identity struct that you think appropriate.
Remove the set accessor or make it private for any appropriate property on the Authenticator class or Identity struct.
At present the admin identity field is returned by a call to Admin. This is not ideal as the caller can modify the field. Find a way to prevent the caller from modifying the details of admin on the Authenticator object.
At present the dictionary containing the hard coded privileged developer identities is returned by a call to GetDevelopers(). This is not ideal as the caller can modify the dictionary. Find a way to prevent the caller from modifying the details of developers on the Authenticator object.
Edit via GitHub
Sign up to Exercism to learn and master C# with 62 concepts, 167 exercises, and real human mentoring, all for free.