Code Access Security policy template for Visual Studio 2010 SharePoint Developer Tools

SharePoint 2010 ships with the Sandbox: a new concept that allows you to deploy solutions with limited trust. Still there are many scenarios to think of when you might need to deploy your work to the Web Application’s BIN directory. When doing that, you need to define for your assembly a CAS policy, which specifies what your code should and should not be allowed to do. While the contents of the policy always depend on your code, I have noticed that there are a few entries that are common for almost every solution deployed to the BIN directory.

Adding a new CAS policy to your SharePoint Solution is extremely easy when working with the new Visual Studio 2010 SharePoint Developer Tools. All you have to do is to open the Package Designer (1), choose Manifest from the sections at the bottom (2) and open the Edit Options section (3).

Editing the CAS policy contens with the Package Designer

The next step is to insert the contents of your CAS policy.

<CodeAccessSecurity>  
  <PolicyItem>
    <PermissionSet class="NamedPermissionSet" version="1">
      <IPermission class="SecurityPermission" version="1" Flags="Execution" />
      <IPermission class="AspNetHostingPermission" version="1" Level="Minimal" />
      <IPermission class="Microsoft.SharePoint.Security.SharePointPermission, Microsoft.SharePoint.Security, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" version="1" ObjectModel="True" />
    </PermissionSet>
    <Assemblies>
      <Assembly Name="$SharePoint.Project.AssemblyName$" Version="$SharePoint.Project.AssemblyVersion$" PublicKeyBlob="$SharePoint.Project.AssemblyPublicKeyBlob$"/>
    </Assemblies>
  </PolicyItem>
</CodeAccessSecurity>  

The above policy contains the minimal set of permissions plus it allows your code to use the SharePoint Object Model. Although it looks like an ordinary CAS policy, notice the tokens in the Assembly entry. These tokens will be replaced by the Visual Studio 2010 SharePoint Developer Tools during the packaging process by the real values.

The above template contains the most common entries and is a good starting point when working with SharePoint Solutions deployed to the Web Application’s BIN directory. Depending on your code you might need to add additional SharePoint permissions or some other permissions as required by your code.

Technorati Tags: SharePoint,Visual Studio 2010

Comments

comments powered by Disqus