Module 9 - Code Snippets: Sandboxed Solutions for Web Parts in SharePoint 2010
The following example shows code that attempts to run in a sandboxed solutuon. There are four buttons, each of which attempt a different type of action, as follows:
- renderWebInfo_Click: This operation will be allowed to run in the sandbox.
- renderWebInfoElevated_Click: This operation will not be allowed to run in the sandbox. The sandbox will catch the exception, so the catch{} block will not run.
- accessProhibitedNamespace_Click: This operation will not be allowed to run in the sandbox. However, the exception will be caught by the catch{} block.
- renderCrossSiteData_Click: This operation will not be allowed to run in the sandbox. The sandbox will catch the exception, so the catch{} block will not run
namespace SBWebPart.SandboxedWebPart
{
[ToolboxItemAttribute(false)]
public class SandboxedWebPart : WebPart
{
public SandboxedWebPart()
{
}
LiteralControl output;
protected override void CreateChildControls()
{
Button renderWebInfo = new Button();
renderWebInfo.Text = "Access data in this site";
renderWebInfo.Click += new EventHandler(renderWebInfo_Click);
Button renderWebInfoElevated = new Button();
renderWebInfoElevated.Text = "Use elevated privileges";
renderWebInfoElevated.Click += new EventHandler(renderWebInfoElevated_Click);
Button accessProhibitedNamespace = new Button();
accessProhibitedNamespace.Text = "Create an HTTP connection ";
accessProhibitedNamespace.Click += new EventHandler(accessProhibitedNamespace_Click);
Button renderCrossSiteData = new Button();
renderCrossSiteData.Text = "Access data in other site collections";
renderCrossSiteData.Click += new EventHandler(renderCrossSiteData_Click);
output = new LiteralControl();
output.Text = "";
this.Controls.Add(output);
this.Controls.Add(new LiteralControl("<br />"));
this.Controls.Add(renderWebInfo);
this.Controls.Add(renderWebInfoElevated);
this.Controls.Add(accessProhibitedNamespace);
this.Controls.Add(renderCrossSiteData);
base.CreateChildControls();
}
void renderWebInfo_Click(object sender, EventArgs e)
{
try
{
SPWeb thisWeb = SPContext.Current.Web;
string message = string.Format("This web contains {0} subwebs", thisWeb.Webs.Count);
output.Text = message;
}
catch(Exception ex)
{
output.Text = ex.Message;
}
}
void renderWebInfoElevated_Click(object sender, EventArgs e)
{
try
{
SPSecurity.RunWithElevatedPrivileges(showWebCount);
}
catch (Exception ex)
{
output.Text = "My Caught Error: " + ex.Message;
}
}
void showWebCount()
{
SPWeb thisWeb = SPContext.Current.Web;
string message = string.Format("This web contains {0} subwebs", thisWeb.Webs.Count);
output.Text = message;
}
void accessProhibitedNamespace_Click(object sender, EventArgs e)
{
try
{
System.Net.HttpWebRequest.Create("https://intranet.contoso.com");
output.Text = "Success";
}
catch (Exception ex)
{
output.Text = "My Caught Error: " + ex.Message;
}
}
void renderCrossSiteData_Click(object sender, EventArgs e)
{
try
{
SPWeb thisWeb = SPContext.Current.Web;
SPSiteDataQuery crossSiteQuery = new SPSiteDataQuery();
crossSiteQuery.Lists = "<Lists ServerTemplate='104' />";
crossSiteQuery.Webs = "<Webs Scope='Recursive' />";
string message = string.Format("There are {0} lists",
thisWeb.GetSiteData(crossSiteQuery).Rows.Count.ToString());
output.Text = message;
}
catch (Exception ex)
{
output.Text = "My Caught Error: " + ex.Message;
}
}
protected override void RenderContents(HtmlTextWriter writer)
{
base.RenderContents(writer);
}
}
}