Sandboxed Solutions

One of the largest paradigm shifts for developers in SharePoint 2010 is presented with “sandboxed solutions”.

“A sandboxed solution is a new concept in Microsoft SharePoint Foundation that allows site collection users to upload their own custom code solutions. A sandboxed solution uses a subset of the Microsoft.SharePoint namespace. These objects are marked in the object model to show their availability in a sandboxed solution”

Source: http://msdn.microsoft.com/en-us/library/ee539083(office.14).aspx

Simply put – you should always use a sandboxed solution until you can prove that a sandboxed solution is not sufficient to get the job done.

A sandboxed solution works in the same way as a normal solution (farm level solution) but runs in minimal privilege mode. You cannot place files within the old “hive” but rather work with virtual files. It also runs within a separate process outside of the SharePoint application and communicates with SharePoint 2010 over a proxy.

On the upside: your code will not conflict with other custom solutions. On a shared environment this is a huge benefit. The system is also protected from bad code as detection of abnormal CPU, thread or memory usage will cause the component to be booted out of the system.

On the downside: It means more work for developers.

When you need to access external systems, you will now write a “full-trust proxy” that is installed in GAC and made available to all sandbox solutions. This class will have a contract describing exactly what additional access the code can gain. For example, you can read information from a CRM database, but not add data nor access any other external database.

This means less risk of installing third party and bespoke components, less need for code reviews and easy monitoring of software components.

A common breakdown of your solution might be:

• List definitions, fields and content types (sandbox)
• Code-only Web parts (sandbox)
• Full-trust proxy solution with contract for access to read CRM (GAC)
• Data layer for CRM (GAC)

For a complete architectural view of sandboxed solutions, see http://msdn.microsoft.com/en-us/library/ee539417(office.14).aspx.

SharePoint 2010 brings versioning to Web Parts

In the upcoming release of SharePoint Server 2010 we will see versioning of web parts and their properties.

Why is this important?

In the past we had full versioning and approval workflows around the contents of items and pages but any change to web parts and their properties were instantaneous. This caused a lot of confusion and aggravation as web parts, their configurations and content were lost irretrievable when users made changes to them.

All web parts within the page are now fully version controlled with the rest of your page and will not require any additional code within the web part itself.