使用代码访问策略生成WSP的最佳实践
https://sharepoint.stackexchange.com//questions/81379
-
10-12-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian题
我正在使用SharePoint 2007和Visual Studio 2008.我已经在现有解决方案中更改了一些自定义代码。现在我完成了开发并尝试生成WSP文件。只有1个问题。我需要生成带CAS策略而不是GAC的WSP文件。创建此解决方案的人正在使用此方案进行:
1)将构建输出路径更改为“80 \ bin”。
2)进行释放构建
3)使用WSP Builder生成WSP
4)将生成的WSP文件的扩展更改为.cab
5)提取驾驶室文件
6)查找并编辑Manifest.xml
7)将元素更改为:
<CodeAccessSecurity>
<PolicyItem>
<PermissionSet class="NamedPermissionSet" version="1" Description="WSPBuilder generated permissionSet" Name="MyCompany.MyCustomer.SharePoint.MySolutionNamed20708d8-8d7f-448d-ae19-52e93e729cc5">
<IPermission class="AspNetHostingPermission" version="1" Level="Minimal" />
<IPermission class="SecurityPermission" version="1" Flags="Assertion, Execution, ControlThread, ControlPrincipal" />
<IPermission class="Microsoft.SharePoint.Security.SharePointPermission, Microsoft.SharePoint.Security, version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" version="1" ObjectModel="True" UnsafeSaveOnGet="True" Unrestricted="True"/>
</PermissionSet>
<Assemblies>
<Assembly Name="MyCompany.MyCustomer.SharePoint.MySolutionName" Version="1.0.0.0" PublicKeyBlob="002400000480000094000000060200000024000052534131000400000100010061501CE5D2B707D9EE7AFE461FC262A07CD83D417AE9AC31B142586832A038C385DF5A19C4974B39E0EE5F166B4F9C1707987030522B7B5808D910E6C749BAC97EE79976273BA06516AD5D7DB9DD7C53D8A47B038479E627BB0B2AAE299D6F0C392AF7C00CE42D6A3FB25F391AAC36C5217AE98FBBD18AFE3736905FFF0058A4" />
</Assemblies>
</PolicyItem>
</CodeAccessSecurity>
8)保存文件
9)创建CAB文件
10)创建WSP文件
有人告诉我这是做这个的讨厌的解决方案。它应该可以在命令行中使用WSPBuilder。有人可以告诉我如何做到这一点?
解决方案
add this just above your public class file!
[SharePointPermissionAttribute(System.Security.Permissions.SecurityAction.Demand, Impersonate = true)]
[SharePointPermissionAttribute(System.Security.Permissions.SecurityAction.Demand, ObjectModel = true)]
then let wspbuilder do the rest for you as it will build the xml file for you within the manifest file!
EDIT
The code that follows the call into the Demand method will be executed only if all the callers in the call stack are granted the permission to access the SharePoint object model. Note that this security demand has no impact on the code that comes before the call into the Demand method. The situation would be different if you were to use the declarative security syntax to annotate MyMethod with the SharePointPermissionAttribute metadata attribute:
[SharePointPermission(SecurityAction.Demand, ObjectModel=true, Unrestricted=true)]
public void MyMethod()
{
...
SPWeb site = SPContext.Current.Web;
...
}
in your case its the main class that contains the create child controls method, as an example:
using System;
using System.ComponentModel;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using Microsoft.SharePoint;
using Microsoft.SharePoint.WebControls;
namespace test {
[SharePointPermissionAttribute(System.Security.Permissions.SecurityAction.Demand, Impersonate = true)]
[SharePointPermissionAttribute(System.Security.Permissions.SecurityAction.Demand, ObjectModel = true)]
[ToolboxItemAttribute(false)]
public class VisualWebPart1 : WebPart
{
// Visual Studio might automatically update this path when you change the Visual Web Part project item.
private const string _ascxPath = @"~/_CONTROLTEMPLATES/test/VisualWebPart1UserControl.ascx";
protected override void CreateChildControls()
{
Control control = Page.LoadControl(_ascxPath);
Controls.Add(control);
}
}
}
also it depends on what you want visible to the policy? as iv noted within the comment block. To my understanding its just the main class that needs the policy and not every class within the project!
http://msdn.microsoft.com/en-us/library/gg427711(v=office.12).aspx
