Best practice to generate wsp with code access policy

sharepoint.stackexchange https://sharepoint.stackexchange.com//questions/81379

  •  10-12-2019
  •  | 
  •  

Question

I am using sharepoint 2007 and visual studio 2008. I have changed some custom code in an existing solution. Now I finished the development and try to generate the wsp file. There is only 1 problem. I need to generate a wsp file with CAS policy and NOT to the gac. The person which created this solution was doing it with this scenario:

1) changed the build output path to "80\bin".

2) do a release build

3) generate a wsp with wsp builder

4) change the extension of the generated wsp file to .cab

5) extract the cab file

6) find and edit the manifest.xml

7) change the element to:

<CodeAccessSecurity>
    <PolicyItem>
      <PermissionSet class="NamedPermissionSet" version="1" Description="WSPBuilder generated permissionSet" Name="MyCompany.MyCustomer.SharePoint.MySolutionNamed20708d8-8d7f-448d-ae19-52e93e729cc5">
    <IPermission class="AspNetHostingPermission" version="1" Level="Minimal" />
    <IPermission class="SecurityPermission" version="1" Flags="Assertion, Execution, ControlThread, ControlPrincipal" />
    <IPermission class="Microsoft.SharePoint.Security.SharePointPermission, Microsoft.SharePoint.Security,  version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" version="1" ObjectModel="True"  UnsafeSaveOnGet="True" Unrestricted="True"/>
</PermissionSet>
      <Assemblies>
        <Assembly Name="MyCompany.MyCustomer.SharePoint.MySolutionName" Version="1.0.0.0" PublicKeyBlob="002400000480000094000000060200000024000052534131000400000100010061501CE5D2B707D9EE7AFE461FC262A07CD83D417AE9AC31B142586832A038C385DF5A19C4974B39E0EE5F166B4F9C1707987030522B7B5808D910E6C749BAC97EE79976273BA06516AD5D7DB9DD7C53D8A47B038479E627BB0B2AAE299D6F0C392AF7C00CE42D6A3FB25F391AAC36C5217AE98FBBD18AFE3736905FFF0058A4" />
      </Assemblies>
    </PolicyItem>
  </CodeAccessSecurity>

8) save the file

9) create cab file

10) create wsp file

Someone told me this is the nasty solution to do this. It should be possible with the wspbuilder in command line. Can someone tell me how to do this?

Was it helpful?

Solution

add this just above your public class file!

[SharePointPermissionAttribute(System.Security.Permissions.SecurityAction.Demand, Impersonate = true)] 

[SharePointPermissionAttribute(System.Security.Permissions.SecurityAction.Demand, ObjectModel = true)]

then let wspbuilder do the rest for you as it will build the xml file for you within the manifest file!

EDIT

The code that follows the call into the Demand method will be executed only if all the callers in the call stack are granted the permission to access the SharePoint object model. Note that this security demand has no impact on the code that comes before the call into the Demand method. The situation would be different if you were to use the declarative security syntax to annotate MyMethod with the SharePointPermissionAttribute metadata attribute:

   [SharePointPermission(SecurityAction.Demand, ObjectModel=true, Unrestricted=true)]
public void MyMethod()
{
   ...
   SPWeb site = SPContext.Current.Web;
   ...
}

in your case its the main class that contains the create child controls method, as an example:

using System;
using System.ComponentModel;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using Microsoft.SharePoint;
using Microsoft.SharePoint.WebControls;

namespace test    {

    [SharePointPermissionAttribute(System.Security.Permissions.SecurityAction.Demand, Impersonate = true)] 
    [SharePointPermissionAttribute(System.Security.Permissions.SecurityAction.Demand, ObjectModel = true)]
    [ToolboxItemAttribute(false)]
    public class VisualWebPart1 : WebPart
    {
        // Visual Studio might automatically update this path when you change the Visual Web Part project item.
        private const string _ascxPath = @"~/_CONTROLTEMPLATES/test/VisualWebPart1UserControl.ascx";

        protected override void CreateChildControls()
        {
            Control control = Page.LoadControl(_ascxPath);
            Controls.Add(control);
        }
    }
}

also it depends on what you want visible to the policy? as iv noted within the comment block. To my understanding its just the main class that needs the policy and not every class within the project!

http://msdn.microsoft.com/en-us/library/gg427711(v=office.12).aspx

Licensed under: CC-BY-SA with attribution
Not affiliated with sharepoint.stackexchange
scroll top