If you’re working on a SharePoint solution that requires a custom code access security (CAS) policy, the following is an easy way of determining the permission(s) you need to add to the config.<\/p>\n
For this to work, you need to be able to debug the code, which should be a given, considering you’re creating a custom CAS for a solution you’re writing . \ud83d\ude42<\/p>\n
A basic CAS will look something like:<\/p>\n
\r\n\r\n \r\n \r\n \r\n \r\n <\/Assemblies>\r\n <\/PolicyItem>\r\n<\/CodeAccessSecurity>\r\n<\/pre>\n
\nAll the above does is effectively grant your custom assembly the ability to use the SharePoint object model.<\/p>\n
Now, say you added code that performs some reflection, you would receive a security exception but may be left unclear exactly what permission policy is required for the CAS config. By debugging the code and setting a breakpoint on the catch block for the error:<\/p>\n
\r\npublic void GetListItem(SPList list)\r\ntry {\r\n SPContext context = SPContext.GetContext(Context, 0, list.ID, list.ParentWeb);\r\n SPListItem listItem = list.AddItem();\r\n var contextItem = (typeof(SPContext)).GetField(\"m_item\", System.Reflection.BindingFlags.Instance | System.Reflection.BindingFlags.NonPublic);\r\n contextItem.SetValue(context, listItem);\r\n \r\n \/\/ Do other stuff\r\n}\r\ncatch (SecurityException ex) {\r\n \/\/ do something with the exception\r\n}\r\n<\/pre>\nYou will be able to get this information by typing the following into the Immediate window of Visual Studio (ctrl+i):<\/p>\n
\r\nex.m_demanded\r\n<\/pre>\nm_demanded<\/em> is a private field of the SecurityException<\/a> class and can be drilled into from the Immediate window, QuickWatch, etc. while debugging.<\/p>\nThe output can then be copied and pasted into your CAS config:<\/p>\n
\r\n\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"If you’re working on a SharePoint solution that requires a custom code access security (CAS) policy, the following is an easy way of determining the permission(s) you need to add to the config. For this to work, you need to … Continue reading