Developing a Sandboxed Solution with

Web Parts

Developing a Sandboxed Solution with Web Parts

Table of Contents
Developing a Sandboxed Solution with Web Parts ................................................................. 1
Getting Started ..............................................................................................................................................................2
Lab Setup Instructions ...................................................................................................................................................3
Exercise 1 Familiarize with MySites structures ..............................................................................................................4
Exercise 2 Calling SPSecurity..........................................................................................................................................6
Exercise 3 Calling a CAS secured method ......................................................................................................................8

Developing a Sandboxed Solution with Web Parts

Developing a Sandboxed Solution with Web

Parts
Objectives
The support for sandboxed solutions provides an important new deployment
mechanism for SharePoint. With a development methodology that is the same
for full solutions the key focus point is not on what to build, but on what can
be built.
In this lab you will construct a basic Web Part that will call into the SharePoint
API to retrieve some information. Next it will try and use SPSecurity to try to
elevate privileges. The third and last action that is added is an attempt to
initiate a HTTP connection to an external site.

Estimated Time to
Complete This Lab

45 Minutes

Computers used in this

Lab

demo2010

The password for the Contoso/Administrator account on all computers in this

lab is: pass@word1

Additional Resources

This lab includes the following additional resources:

Starter
Files

NA

There are no
Starter Files for
this lab.

Source
Code

C:\Student\Labs\14_sandboxedsolutions
\Solution

Completed lab
source code in C#
for the
SandboxedWebPa
rt project.

Resources

C:\Student\Presentations\14_sandboxedsol
utions

Supporting
presentations for
the topics in this
lab.

Page 1 of 9

Developing a Sandboxed Solution with Web Parts

Getting Started
Scenario
This Hands-On Lab contains a number of additional resources in fixed locations. By default, it is assumed that the
base HOL directory is C:\Student and that the labs and additional resources are located under this directory.

The default working folder for this lab is C:\Student\Labs\14_sandboxedsolutions.

Copying code samples from Word document
Copying and pasting code from this Word document to Visual Studio is only safe for the sections of formatted
code, e.g.:
Console.WriteLine("This is safe code!");
Code not in these sections may contain Unicode or other invisible characters that are not valid XML or C#/VB code,
e.g.:
Console.WriteLine(This is NOT safe code !!);

Page 2 of 9

Developing a Sandboxed Solution with Web Parts

Lab Setup Instructions

Scenario
In the lab setup you will execute a PowerShell script that will create a new SharePoint site collection.
Tasks

Detailed Steps

Complete the following

task on:

a. Start the Virtual Machine in Hyper-V.

b. Log on to the Virtual Machine as the local administrator with a user name of

Contoso\Administrator and a password of pass@word1.

demo2010

c. Open Windows Explorer and browse to the location

C:\Student\Labs\14_SandboxedSolutions in the folder double click

SetupLab14.bat.
d. Verify the site created successfully message, and then press a key to close the

prompt.
The setup script launches a PowerShell script that creates a sample SharePoint
site at the location http://intranet.contoso.com/sites/Lab14 that you will use in
the next exercises.

Page 3 of 9

Developing a Sandboxed Solution with Web Parts

Exercise 1
Familiarize with MySites structures
Scenario
In this exercise, we are getting familiar of the different structures available in my sites.
Tasks

Detailed Steps

Complete the following

task on:

Note: In this exercise you will create a SharePoint project and set it for Sandboxed
deployment.

demo2010
1. Creating a Visual

Studio 2010 Project

2. Adding Code to the

Web Part

a. Task 1- Setup Visual Studio Project

b. Click Start | All Programs | Microsoft Visual Studio 2010| Microsoft Visual
Studio 2010.
c. On the Start page, in the Projects section, click New Project.
d. In the Installed Templates section, in the Visual C# group, expand the
SharePoint group, click 2010. Then click Empty SharePoint Project.
e. In the Name textbox, type SandboxedWebPart.
f. In the Location textbox, type C:\Student\Labs\14_sandboxedsolutions
g. Leave other fields with their default values and click OK.
The SharePoint Customization Wizard appears.
h. In the What local site do you want to use for debugging? combo box, type
http://intranet.contoso.com/sites/lab14
i. Click the Deploy as a sandboxed solution option box.
j. Click Finish.
k. In the Solution Explorer window, right-click SandboxedWebPart and then click
Add and then choose New Item.
l. In the Installed Templates section, in the SharePoint group, with 2010 selected,
click Web Part.
m. In the Name textbox, ensure that it states WebPart1.
a. Click Add.
The WebPart1.cs file opens in the code editor.
Note: In this task you will add code to the WebPart class that renders a button. When
the button is pressed the number of lists in the current web will be returned.
a.

Locate the WebPart1 class.

b.

In the CreateChildControls method, add the code the following code between
the braces:
Label message = new Label();
Controls.Add(message);
Controls.Add(new WebControl(HtmlTextWriterTag.Br));
Button testButton1 = new Button(); testButton1.Text =
"Test 1";
testButton1.Click += delegate
{
message.Text = String.Format("This site contains
{0} lists",
SPContext.Current.Web.Lists.Count);
};

Page 4 of 9

Developing a Sandboxed Solution with Web Parts

Tasks

Detailed Steps
Controls.Add(testButton1);

3. Debugging the New

Note: In this task you will start the code in debug mode and add the web part to the
page.

Code

a.

On the toolbar menu, click Debug, and then click Start Debugging.
Internet Explorer loads.

b.

In Internet Explorer ensure that youre in url

http://intranet.contoso.com/sites/lab14/SitePages/home.aspx

c.

On the ribbon, click the Page tab, and then click Edit.

d.

Place cursor just above the Shared Documents web part by clicking the editor
zone, and on the ribbon, under Editing Tools, click the Insert tab.

e.

On the ribbon, click Web Part.

f.

In the Categories section, click Custom.

g.

In the Web Parts list section, click WebPart1.

h.

In the About the Web Part section, click Add.

The web part is added to the page

i.

On the ribbon, click Save under the Page

j.

In WebPart1 Web Part, click the Test 1 button

k.

The Web Part displays the number of lists in the current site.

Close Internet Explorer to stop debugging.

Page 5 of 9

Developing a Sandboxed Solution with Web Parts

Exercise 2
Calling SPSecurity

Scenario
In this second exercise you will add code to the Web Part that will call SPSecurity. You will re-deploy and test the
Web Part by starting debugging from Visual Studio.
Tasks

Detailed Steps

Complete the following

task on:

Note: In this task you will add code to the CreateChildControls method that uses the
SPSecurity object.

demo2010
1. Add Code Using the

SPSecurity Object

When typing this code you will notice that Visual Studios IntelliSense will not
recognize SPSecurity as a valid object as it knows the object is unavailable in a
sandboxed solution. When the entire line is typed out it wont add a red underline
indicating a syntax error as you are still building against the full SharePoint object
model.
a.

In the WebPart.cs file, add the following code to the end of the
CreateChildControls class, after the Controls.Add(testButton1); line and before
the closing brace.
Button testButton2 = new Button();
testButton2.Text = "Test 2";
testButton2.Click += delegate
{
try
{
SPSecurity.RunWithElevatedPrivileges(
delegate
{
using (SPSite siteCollection = new
SPSite(SPContext.Current.Site.ID))
{
SPWeb site =
siteCollection.OpenWeb(SPContext.Current.Web.ID);
message.Text = String.Format("This site
contains {0} lists",
site.Lists.Count);
}
});
}
catch (Exception e)
{
message.Text = e.Message;
}
};
Controls.Add(testButton2);

b.

On the Debug menu click Start Debugging.

Page 6 of 9

Developing a Sandboxed Solution with Web Parts

Tasks

Detailed Steps
Internet Explorer loads.
c.

In Internet Explorer ensure that youre in url

http://intranet.contoso.com/sites/lab14/SitePages/home.aspx.

d.

On WebPart1, click Test 2 button.

An exception is thrown that your code handles. It shows that this Web Part,
which is running in the sandbox, cannot include a reference to the SPSecurity
type.

e.

Close Internet Explorer to stop debugging.

Page 7 of 9

Developing a Sandboxed Solution with Web Parts

Exercise 3
Calling a CAS secured method
Scenario
In this exercise you will add code to the Web Part that tries and perform a CAS security protected task. In this
example an HTTP connection is attempted.
Tasks

Detailed Steps

Complete the following

task on:

Note: In this task you will add code that attempts an HttpWebRequest. This is blocked
in the sandbox.

demo2010

a.

1. Adding

HttpWebRequest
Code

In the WebPart.cs file, add the following code to the end of the
CreateChildControls class, after the Controls.Add(testButton2); line and before
the closing brace.
Button testButton3 = new Button();
testButton3.Text = "Test 3";
testButton3.Click += delegate
{
try
{
System.Net.HttpWebRequest.Create("http://intranet.conto
so.com");
}
catch (Exception e)
{
message.Text = e.Message;
}
};
Controls.Add(testButton3);

b.

On the Debug menu click Start Debugging.

Internet Explorer loads.

c.

In Internet Explorer, ensure that youre in url

http://intranet.contoso.com/sites/lab14/SitePages/home.aspx

d.

On WebPart1, click Test 3 button.

An exception is thrown that your code handles. It shows that the sandbox is
running in a special CAS policy that blocks all System.Net.WebPermission
demands, as the HttpWebRequest object does.

e.

Close Internet Explorer to stop debugging

Page 8 of 9

Developing a Sandboxed Solution with Web Parts

Related Resources:
Microsoft SharePoint Server 2010 Trial Download

Lab Summary
In this Lab you performed the following tasks:

Created a Sandboxed Visual Studio Solution

Created and tested a simple Web Part
Called SPSecurity in the code to check the exception is handled by your code
Called a CAS secured method to check the exception is captured in your code

Page 9 of 9