Developing a Full Trust Proxy
Not all SharePoint solutions can fit within the boundary of a sandbox. You may have scenarios where you need to write a file to the disk, access databases, or web service. As discussed earlier you are restricted to performing these operations in custom code to be deployed as a sandboxed solution. In such cases, you can overcome these restrictions by developing a full trust proxy. Using a full trust proxy, your sandboxed code can make a call to a trusted assembly that is deployed as a farm solution. This assembly performs the restricted operation on behalf of your sandboxed code and returns the operation execution result.
You may be wondering what the benefit is of such a complicated approach to break the sandbox boundaries. Since in any case we are crossing sandbox limits, why not build a full-fledged farm solution instead? The question is valid; however, the benefit of using a full trust proxy is that your proxy can dictate what restrictions the sandbox is allowed to break. For example, using a full trust proxy, you can expose APIs to allow sandboxed solutions to, say, read or write a file to a particular folder on the file system. However, if you were to build a farm solution instead, the custom code would get full access to the file system and privileges to modify files at other locations of the file system as well or perform any other operation without any restrictions. Thus a full trust proxy lets you decide which part of the boundary you want your sandboxed code to cross.
Following are the essential steps involved in developing a full trust proxy:
1. Create a solution to be deployed at the farm level.
2. Create a class inheriting from the Microsoft.SharePoint.Usercode.SPProxyOperation class. This class would provide the implementation of the operation you want to perform via the proxy.
3. Create a serializeable class inheriting from the Microsoft.SharePoint.Usercode.SPProxyOperationArgs class. This class is used to pass arguments from the sandboxed solution to the proxy.
4. Override the Execute method of the SPProxyOperation class and provide implementation of your operation.
5. Create a feature to register the proxy with the Sandboxed Code Service.
6. Add the AllowPartiallyTrustedCallers attribute to the assembly since we have to refer to it later in the sandboxed solution.
7. Build and deploy this solution.
Once the proxy is created and deployed, you can create a sandboxed solution and add a reference to the preceding assembly from GAC.
Now let’s see the preceding steps in action and create a simple sandboxed solution to deploy a TaskCreatorWebPart that creates new tasks via a call to TaskCreatorProxy. The logic for task creation is implemented in the TaskCreatorProxy’s Execute method, and the task creation details are passed to the proxy via the TaskDetails class, as shown in the following code:
public class TaskCreationOperation : SPProxyOperation
{
public override object Execute(SPProxyOperationArgs args)
{
TaskDetails taskDetails = args as TaskDetails;
if (taskDetails != null)
{
SPWeb currentWeb = SPContext.Current.Web;
SPList taskList = currentWeb.Lists["Tasks"];
if (taskList != null)
{
// Create new task
SPListItem task = taskList.AddItem();
task["Title"] = taskDetails.TaskName;
task["Description"] = taskDetails.TaskDescription;
task.Update();
// Task Created
return true;
}
// Task creation failed
return false;
}
// Task Creation Failed
return false;
}
}
public class TaskDetails : SPProxyOperationArgs
{
public string TaskName { get; set; }
public string TaskDescription { get; set; }
}
Next you need to register the proxy with the Sandboxed Code Service. You do so via the FeatureActivated event receiver. The following code demonstrates exactly how to do that:
public override void FeatureActivated(
SPFeatureReceiverProperties properties)
{
SPProxyOperationType proxyOperationType = new SPProxyOperationType(
"$SharePoint. Project.AssemblyFullName$",
"TaskCreatorProxy FeatureEventReceiver.TaskCreationOperation");
SPUserCodeService userCodeService = SPUserCodeService.Local;
userCodeService.ProxyOperationTypes.Add(proxyOperationType);
}
Build and deploy the proxy. Now that your proxy is ready, let’s see how to make calls to the same through the task creator web part. The web part asks for Task Name and Description from the user and creates a new task via a call to the proxy when the user clicks the Create Task button, as shown in Figure 21.14.
Figure 21.14. The task creator web part
Create a new project to be deployed as a sandboxed solution and add a reference to your proxy assembly from GAC, so that you can refer to the TaskDetails and TaskOperation classes in the code. First construct the TaskDetails object using the task name and description entered by the user. Next call the proxy’s Execute method and pass the task details as a parameter, as demonstrated in the following code:
void createTask_Click(object sender, EventArgs e)
{
TaskDetails taskDetails = new TaskDetails();
taskDetails.TaskName = taskName.Text;
taskDetails.TaskDescription = taskDescription.Text;
TaskCreationOperation proxyOperation = new TaskCreationOperation();
bool result =
Convert.ToBoolean(proxyOperation.Execute(taskDetails));
if (result)
{
resultLabel.Text = "Task creation successful!";
}
else
{
resultLabel.Text = "Task creation failed!";
}
}
The web part displays a task creation success or failure message accordingly, as shown in Figure 21.15.
Figure 21.15. Task created successfully via a call to a full trust proxy