RSS Feed Partner Program
English flagChinese (Simplified) flagGerman flagFrench flagSpanish flagRussian flagHindi flagPolish flagHebrew flagIndonesian flag                                
By N2H
About      |       Articles      |      Services      |      Software      |      Contact

Progressive Security Designs Using Integrated Microsoft Technology

Industrial SharePoint Architecture With A Focus On Security And Governance

Secure SharePoint Code Design And Corporate Code Security Reviews

Pioneering SharePoint / Microsoft Security Articles And Research

Articles & Research

Latest Free SharePoint Software

ARB Security Solutions regularly releases free SharePoint software, including WebParts, Client Applications, Framework Extensions, and other Miscellaneous Components.
The most recent freeware is:

Title: Simple SharePoint Rollup WebPart
Date Published: 10/22/2009
Previous Two Free WebPart Releases:

SecureCenter For SharePoint

By SharePoint security integrators, for SharePoint security integrators.

SharePoint Security Assurance Program™

For externally facing SharePoint deployments, security is an acutely important deployment concern. Learn how through daily security scanning, you can ensure external business users and partners that they can collaborate in confidence!

Security Assurance WebPart:



Start Audit Process With The SharePoint Security Assurance Program™

Free Online SharePoint Security Tools

Elevated Code In SharePoint Workflows

Lately, I have been immersed in SharePoint WorkFlows, which in itself is not really a bad thing, however I am finding my own quirks as I run through it. And by some I mean a lot. For example, I was looking for an elegant way to run my work flow code with elevated privileges where I could separate my SharePoint work flow code method and call it with the relevant privileges to execute.

In order to do this, run the work flow code as elevated within the overriden ActivityExecutionStatus execute method. I spaced this for a while, and man it was driving me nuts. In order to get to this to work, you need to setup your activity class to run elevated code appropriately with the relevant method.

Firstly, in your execute method you are going to have nothing really besides a reference to the secure code that you are going to be running. In other words, you are going to create a method that is considered the elevated code in a seperate method that is going to be passed into the execution method of the activity.

It will look like this:

PLAIN TEXT
C#:
  1. protected override ActivityExecutionStatus Execute(ActivityExecutionContext executionContext)
  2. {
  3. this.executionContext = executionContext;
  4. SPSecurity.CodeToRunElevated myElevatedCode = new SPSecurity.CodeToRunElevated(this.secureElevatedCode);
  5. SPSecurity.RunWithElevatedPrivileges(myElevatedCode);
  6. return ActivityExecutionStatus.Closed;
  7. }

You can see that here we are using the SPSecurity.CodeToRunElevated Delegate and
SPSecurity.RunWithElevatedPrivileges Method which takes the secure code to be run as a parameter, which in this case equates to our major work flow method. Using this structure, you aren't limited to building an impersonation.

Following, you build out the method that you want to pass in that equates to your secureElevatedCode method.

PLAIN TEXT
C#:
  1. private void myElevatedCode()
  2. {
  3. ...
  4. // Your elevated workflow code goes here
  5. ...
  6. }

This can contain an arbitrary set of functions. Within it you could start to establish your SharePoint references to consume within your workflow:

PLAIN TEXT
C#:
  1. using (SPSite site = new SPSite(this.YourWorkFlowSiteProperty))
  2. {
  3. using (SPWeb web = site.OpenWeb(this.YourWorkFlowWebProperty))
  4. {
  5.  
  6. ....
  7.  
  8. // Now that you are referenced, do your fun stuff here!
  9.  
  10. ....
  11.  
  12. }
  13.  
  14. }

and start to do some fun stuff if you so choose :-)

If you would like to read more about these methods, in the Microsoft Windows SharePoint Services 3.0 SDK there is an example of an event handler which allows users to iterate through sites and groups as their current identity that uses the same tactic. It might be helpful to read through it to solidfy your understanding of the concept if needed.

  • Share/Bookmark

Article Or Research Filed Under SharePoint Development.

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment


  
w3c complaint W3C Compliant | Legal Notices | Privacy | Contact
© 2009 ARB Security Solutions, LLC. | Providing SharePoint Security Integration Since 2003 | Minneapolis, MN
ARB Security Solutions is not affiliated with or endorsed by Microsoft Corporation. SharePoint is a trademark of Microsoft Corporation.
Site Maintained By Adam Buenz - Microsoft MVP - SharePoint