I am trying to develop some code for a custom SharePoint page. At first I had problems with reading from SharePoint lists so I changed the trust level to Medium. Then things moved along ok until I tried to write back to a list. Then I had problems with that. If I put code into a code behind file for the aspx page, and publish the page, then the code works fine. If I put my code into a code file and publish then it makes a .dll file that contains code for both the aspx.cs page and the .cs code file. However, using the pages gives me errors when I click the button that would write back to SharePoint. It seems to be Code Access Security problems. If I change the trust level to Full then the second method also works. Also, my custom page does not have a master page attached. I want my page to have no other links while the user is taking a quiz. Is this part of my problem? My aspx page is in the _layouts directory for testing, and I am copying the .dll file to the bin directory for the web application.
In my code I have tried
mySite.AllowUnsafeUpdates = true;
mySite.Site.WebApplication.FormDigestSettings.Enabled = false;
None of this seems to help unless I set the trust level to Full. I can't do this outside of the dev environment though, I know that wouldn't be good practice.
What is the way that is recommended for this?
the WSS_Minimal trust level does not grant permission to the SharePointPermission.ObjectModel to assemblies in the BIN directory for an application.
There are two solutions for your issue.
1. Register the DLL in GAC, not in the bin folder;
2. Or you can create custom policy for the assembly file.
TechNet Subscriber Support in forum
If you have any feedback on our support, please contact email@example.com.
TechNet Community Support
Thank you for the link. There was a key part in that article that got me going.
By default, the AllCode code group is a FirstMatchCodeGroup in ASP.NET policy
files. Therefore, the CLR stops assigning permissions to an assembly after the
first match to a specific code group.
I had my CodeGroup in the wrong order.
Still, it seems odd the behavior I was seeing. My code would work if I had the part that access the OM within the aspx.cs file, but would not work if I moved code into a separate .cs file.
Test.aspx -> Test.aspx.cs (with code that access OM) = worked
Test.aspx -> Test.aspx.cs -> App_Code.cs(with code that access OM) = did not work
The code was mostly identical, just in a different place. If I changed web.config <trust level="Full" .../> then things would work, so it wasn't a code problem. I don't understand what the difference is though. Do you have any idea why it cares if code that access the SharePoint OM is in a code file (App_Code.cs), but then doesn't care if it is in a code behind for a web page (Test.aspx.cs)?