Sharepoint Security Class

Oct 12, 2007 at 11:00 AM
Hi

We had an issue appear yesterday where our solution was deployed onto a machine that didn't have a "SharePointPermission" security class within its trust.config file, and so the IPermission entry for that class failed.

The manifest.xml file created by WSPBuilder seems to assume such a class exists. We got round this temporarily by entering full details of the SharePointPermission into the appropriate IPermission entry, but when we come to do a deployment using WSPBuilder this won't get picked up. Is this right or have I missed something?

Many thanks
Gerry
Coordinator
Oct 12, 2007 at 12:27 PM
Edited Oct 12, 2007 at 12:31 PM
Have you tried to add the "SharePointPermission" attribute to a method? Or have I understod you question wrong?
WSPBuilder should pick up permission attributes defined in the assemblies and add the them to the PermissionSet. However if still an issue, deploy your dll to the Global Assembly Cache. Personally I always use the CAG if I know my customer.

Thank you
Carsten Keutmann
Oct 16, 2007 at 9:21 AM
Hi
I have just modified WSPBuilder source code to inject custom CAS policies definition from external file just to work around this issue. Code modification is described as follow.

Code modification

  • In \WSPTools\App\WSPBuilder\Library\Config.cs add following code snippet to class Config
public const string CUSTOMCAS = "CustomCAS";
private string _customCAS = string.Empty;

DisplayName("-CustomCAS [filepath] (Default is empty)")
Description("Specifies the custom CAS for the solution.")
public string CustomCAS
{
get
{
if (string.IsNullOrEmpty(_customCAS))
{
_customCAS = GetString(CUSTOMCAS, "");
if (!string.IsNullOrEmpty(_customCAS))
{
// Use the directory as the file name for the wsp file.
using (TextReader tr = new StreamReader(_customCAS))
{
_customCAS = tr.ReadToEnd();
}
}
}
return _customCAS;
}
}
  • In file \WSPTools\App\WSPBuilder\WSP\PolicyItemDefinition.cs, modify function ApplyPolicyPermissions
old code
public string ApplyPolicyPermissions(string manifest)
{
XmlDocument xmlDoc = new XmlDocument();
xmlDoc.LoadXml(manifest.ToString());

XmlNodeList permissionSetList = xmlDoc.GetElementsByTagName("PermissionSet");

foreach (XmlNode permissionSet in permissionSetList)
{
string key = permissionSet.Attributes"Name".Value;
_ permissionSet.InnerXml = PolicyPermissionListkey; _
}

StringWriter result = new StringWriter();
XmlTextWriter xtw = new XmlTextWriter(result);
xtw.Formatting = Formatting.Indented;

xmlDoc.WriteTo(xtw);

return result.ToString();
}
change to new code
public string ApplyPolicyPermissions(string manifest)
{
XmlDocument xmlDoc = new XmlDocument();
xmlDoc.LoadXml(manifest.ToString());

XmlNodeList permissionSetList = xmlDoc.GetElementsByTagName("PermissionSet");

foreach (XmlNode permissionSet in permissionSetList)
{
string key = permissionSet.Attributes"Name".Value;
if (!string.IsNullOrEmpty(key))
{
StringBuilder sb = new StringBuilder();
if (!String.IsNullOrEmpty(Config.Current.CustomCAS))
{
sb.AppendLine(PolicyPermissionListkey);
sb.Append(Config.Current.CustomCAS);
}
else
{
sb.Append(PolicyPermissionListkey);
}
permissionSet.InnerXml = sb.ToString();
}
}

StringWriter result = new StringWriter();
XmlTextWriter xtw = new XmlTextWriter(result);
xtw.Formatting = Formatting.Indented;

xmlDoc.WriteTo(xtw);

return result.ToString();
}
"}

Usage

Above code modification add new parameter to WSPBuilder, CustomCAS, this parameter specifies an external file that contains custom CAS to append custom IPermission entries to the manifest.xml file.

Example of Custom CAS file:
file customCAS.xml
<IPermission class="System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
Unrestricted="True" version="1"
Read="C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\TEMPLATE\CONTROLTEMPLATES\QuickMessageControl.ascx"
Write="$AppDir$" Append="$AppDir$" PathDiscovery="$AppDir$" />
<IPermission class="AspNetHostingPermission" version="1" Level="Medium" />
<IPermission class="System.Net.Mail.SmtpPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Access="Connect" />

Hope this help someone

Nai
Coordinator
Oct 18, 2007 at 9:30 AM
Thank you Nai.
I have now added the code to the latest version of the source code.

/keutmann