Question

当我尝试从webpart更新工作流的任务属性时，出现以下异常：

Microsoft.SharePoint.SPException: Task Updates are not allowed via unstrusted code
at Microsoft.SharePoint.SPListItem.PrepareItemForUpdate(Guid newGuidOnAdd,Boolean bMigration, Boolean& bAdd, Boolean& bPublish,Object& objAttachmentNames, Object& objAttachmentContents,Int32& parentFolderId) 
at Microsoft.SharePoint.SPListItem.UpdateInternal(Boolean bSystem, BooleanbPreserveItemVersion, Guid newGuidOnAdd, Boolean bMigration, Boolean
bPublish, Boolean bNoVersion, Boolean bCheckOut, Boolean bCheckin,Boolean suppressAfterEvents) 
at Microsoft.SharePoint.SPListItem.Update() 
at Microsoft.SharePoint.Workflow.SPWorkflowTask.AlterTask(SPListItem task,Hashtable htData, Boolean fSynchronous)

用于更新任务的示例代码是：

Hashtable props = new Hashtable();
props.Add(SPBuiltInFieldId.AssignedTo, finalAssignedTo);
props.Add(SPBuiltInFieldId.Completed, "0");
props.Add(SPBuiltInFieldId.TaskStatus, "In Progress");
props.Add(SPBuiltInFieldId.Priority, "(2) Normal");
props.Add(SPBuiltInFieldId.TaskType, "0");
task.Web.AllowUnsafeUpdates = true;
bool outcome = SPWorkflowTask.AlterTask(task, props, true);

Web部件部署在bin目录下。我们为此Web部件设置了自定义CAS策略。以下是我的CAS政策。

<CodeAccessSecurity>
    <PolicyItem>
      <PermissionSet class="NamedPermissionSet" version="1" Name="MyPermission" Description="Permission set for my solution">
        <IPermission class="System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Level="Medium"    />
        <IPermission class="System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Unrestricted="true" />
        <IPermission class="System.Security.Permissions.EnvironmentPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Unrestricted="true" />
        <IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Flags="AllFlags" />
        <IPermission class="Microsoft.SharePoint.Security.WebPartPermission, Microsoft.SharePoint.Security, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" version="1" Connections="true"    />
        <IPermission class="Microsoft.SharePoint.Security.SharePointPermission, Microsoft.SharePoint.Security, Version=12.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c"    version="1"    ObjectModel="true" UnsafeSaveOnGet="true" Impersonate="true"/>
        <IPermission class="System.Net.WebPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" version="1" Unrestricted="true">
          <ConnectAccess>
            <URI uri="$OriginHost$"/>
            <URI uri="http://.*\.....\.com/.*"/>
          </ConnectAccess>
        </IPermission>
      </PermissionSet>
      <Assemblies>
        <Assembly Name="MyOffice" Version="1.0.0.0" PublicKeyBlob="0024000004800000940000000602000000240000525341310004000001000100df0e85cb8c660241cd3225eb653a590b91303ddbd37f8f1e661d2dffb840a258b899d6bacbbc55d03768d5ea0260ee4c8341fd447d7200abdb74b837733c3f756833e169cae803aef808530dd3ddad953a49492faee3eeba6f0dba66b0d66f1f9ca5266c69dcb799ed364db5e9e6ebcd4e81fb27365de962cbe6e7e7fba300dc"/>
      </Assemblies>
    </PolicyItem>
  </CodeAccessSecurity>

请告知。

Answer 1

您需要将工作流程序集部署到GAC。

这是微软的最佳实践。看看Ms模式和实践。

您还需要允许部分信任的呼叫者共享点Web部件：请参阅此处的步骤3：

msdn.microsoft.com/en-us/library/ms452873.aspx

Answer 2

部分公共类Request1 继承WebPart

' Uncomment the following SecurityPermission attribute only when doing Performance Profiling on a farm solution
' using the Instrumentation method, and then remove the SecurityPermission attribute when the code is ready
' for production. Because the SecurityPermission attribute bypasses the security check for callers of
' your constructor, it's not recommended for production purposes.
' <System.Security.Permissions.SecurityPermission(System.Security.Permissions.SecurityAction.Assert, UnmanagedCode := True)> _
Public Sub New()
End Sub

Protected Overrides Sub OnInit(ByVal e As System.EventArgs)
    MyBase.OnInit(e)
    InitializeControl()
End Sub

Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
    Dim IntItemID As Integer
    If Not Page.IsPostBack Then

        Dim siteId As Guid = SPContext.Current.Site.ID
        Dim webId As Guid = SPContext.Current.Web.ID

        Using objSpSite As New SPSite(siteId)
            Using objSpWeb As SPWeb = objSpSite.OpenWeb(webId)
                txtCurrentUserName.Text = objSpWeb.CurrentUser.Name

                If Not Page.Request.QueryString("ItemID") Is Nothing And Page.Request.QueryString("ItemID") <> "" Then
                    IntItemID = CInt(Page.Request.QueryString.Item("ItemID").ToString)
                    Panel1.Visible = False

                    txtID.Text = IntItemID.ToString
                    Dim objList As SPList = objSpWeb.Lists("RequestList")
                    Dim objListItem As SPListItem = objList.Items.GetItemById(IntItemID)
                    dtPermission.SelectedDate = objListItem("PermissionDate")
                    dtTimeFrom.SelectedDate = objListItem("PermissionFromTime")
                    dtTimeTo.SelectedDate = objListItem("PermissionToTime")
                    cmbType.SelectedValue = objListItem("PermissionType")
                    txtManager.Text = objListItem("Manager1Name")
                    txtManagerUserName.Text = objListItem("Manager1UserName")
                    txtCount.Text = objListItem("PermissionCount")

                    Dim objCrUser As SPFieldUser
                    objCrUser = objListItem.Fields.GetFieldByInternalName("Author")
                    Dim objCrUserValue As SPFieldUserValue
                    objCrUserValue = objCrUser.GetFieldValue(objListItem("Author").ToString())
                    txtCreatedBy.Text = objCrUserValue.User.Name
                    dtCreated.SelectedDate = objListItem("Created")

                    Dim objWFTask As SPWorkflowTask = objListItem.Tasks(0)

                    If objWFTask Is Nothing Then

                        If objWFTask.DoesUserHavePermissions(SPBasePermissions.ApproveItems) = False Then
                            Panel2.Visible = False
                        End If

                    End If


                Else
                    IntItemID = 0
                    txtID.Text = "New"
                    dtCreated.SelectedDate = Today
                    txtCreatedBy.Text = objSpWeb.CurrentUser.Name
                    Dim objServiceContext As SPServiceContext = SPServiceContext.GetContext(objSpSite)
                    Dim objUserProfileManager As New UserProfileManager(objServiceContext)

                    Dim objUserProfile As UserProfile
                    Dim strUserAccount As String
                    strUserAccount = objSpWeb.CurrentUser.LoginName.Replace("i:0#.w|", "")
                    If objUserProfileManager.UserExists(strUserAccount) Then
                        objUserProfile = objUserProfileManager.GetUserProfile(strUserAccount)
                        Try
                            txtManager.Text = objUserProfile.GetManager.DisplayName
                            txtManagerUserName.Text = objUserProfile.GetManager.AccountName
                        Catch ex As Exception
                            txtManager.Text = ex.Message
                        End Try

                    End If


                    Panel2.Visible = False

                End If

            End Using
        End Using

    End If

End Sub

Protected Sub cmdSubmit_Click(sender As Object, e As EventArgs) Handles cmdSubmit.Click
    Dim siteId As Guid = SPContext.Current.Site.ID
    Dim webId As Guid = SPContext.Current.Web.ID

    Using objSpSite As New SPSite(siteId)
        Using objSpWeb As SPWeb = objSpSite.OpenWeb(webId)
            objSpWeb.AllowUnsafeUpdates = True
            Dim list As SPList = objSpWeb.Lists("RequestList")
            Dim item As SPListItem = list.Items.Add()
            item("PermissionDate") = dtPermission.SelectedDate
            item("PermissionFromTime") = dtTimeFrom.SelectedDate
            item("PermissionToTime") = dtTimeTo.SelectedDate
            item("PermissionType") = cmbType.SelectedValue
            item("Manager1Name") = txtManager.Text
            item("Manager1UserName") = txtManagerUserName.Text
            item("PermissionCount") = CInt("0" & txtCount.Text.ToString)

            item.Update()
            list.Update()
            objSpWeb.AllowUnsafeUpdates = False
        End Using
    End Using

End Sub

Protected Sub cmdApprove_Click(sender As Object, e As EventArgs) Handles cmdApprove.Click
    Dim siteId As Guid = SPContext.Current.Site.ID
    Dim webId As Guid = SPContext.Current.Web.ID
    Using objSpSite As New SPSite(siteId)
        Using objSpWeb As SPWeb = objSpSite.OpenWeb(webId)
            Dim objList As SPList = objSpWeb.Lists("RequestList")
            Dim objListItem As SPListItem = objList.Items.GetItemById(CInt(txtID.Text))

            Dim objWFTask As SPWorkflowTask = objListItem.Tasks(0)

            If objWFTask Is Nothing Then
                ' no matching task
                Return
            End If

            ' alter the taska
            Dim taskHash As New Hashtable()

            taskHash("Status") = "Complete"
            taskHash("PercentComplete") = 1.0F
            taskHash("TaskStatus") = "Approved"
            'taskHash("SPBuiltInFieldId.TaskStatus") = SPResource.GetString(New CultureInfo(CInt(task.Web.Language), False), Strings.WorkflowStatusCompleted, New Object(-1))

            taskHash("TaskOutcome") = "Approved"
            taskHash("Outcome") = "Approved"
            taskHash("SPBuiltInFieldId.WorkflowOutcome") = "Approved"
            taskHash("Approved") = "true"
            taskHash("Comments") = "Approved By Manager"


            objSpWeb.AllowUnsafeUpdates = True
            SPWorkflowTask.AlterTask(TryCast(objWFTask, SPListItem), taskHash, False)
            objSpWeb.AllowUnsafeUpdates = False

        End Using
    End Using



End Sub

Protected Sub cmdReject_Click(sender As Object, e As EventArgs) Handles cmdReject.Click
    Dim siteId As Guid = SPContext.Current.Site.ID
    Dim webId As Guid = SPContext.Current.Web.ID
    Using objSpSite As New SPSite(siteId)
        Using objSpWeb As SPWeb = objSpSite.OpenWeb(webId)
            Dim objList As SPList = objSpWeb.Lists("RequestList")
            Dim objListItem As SPListItem = objList.Items.GetItemById(CInt(txtID.Text))

            Dim objWFTask As SPWorkflowTask = objListItem.Tasks(0)

            If objWFTask Is Nothing Then
                ' no matching task
                Return
            End If

            ' alter the taska
            Dim taskHash As New Hashtable()

            taskHash("Status") = "Complete"
            taskHash("PercentComplete") = 1.0F
            taskHash("TaskStatus") = "Rejected"
            'taskHash("SPBuiltInFieldId.TaskStatus") = SPResource.GetString(New CultureInfo(CInt(task.Web.Language), False), Strings.WorkflowStatusCompleted, New Object(-1))

            taskHash("TaskOutcome") = "Rejected"
            taskHash("Outcome") = "Rejected"
            taskHash("SPBuiltInFieldId.WorkflowOutcome") = "Rejected"
            taskHash("Rejected") = "true"
            taskHash("Comments") = "Rejected By Manager"

            objSpWeb.AllowUnsafeUpdates = True
            SPWorkflowTask.AlterTask(TryCast(objWFTask, SPListItem), taskHash, False)
            objSpWeb.AllowUnsafeUpdates = False

        End Using
    End Using
End Sub

结束班

从Web部件更新工作流任务属性时出现问题

2 个答案: