Part 2, which covers permissions for anonymous users can be found here

Survey’s are a nice feature of SharePoint, however their security is not the easiest to understand. I thought it was just me which didn’t take to it straight away, but seeing Veronique's post on Information Worker made me think it is not just me. So for this post I will answer her question which I am summarizing as: How do you enable a user to respond to a survey but NOT edit the site (the survey sits in) content?

First off we need a survey:

Creating a new survey.

On the settings you need to click the permissions for the survey:

The survey settings page.

On the list permission settings click Actions and then Edit Permissions. At which point you will be asked to confirm you want to create unique permissions for the survey, in short it will not inherit from it’s parent security permissions in the future.

Actions –> Edit Permissions on the survey permissions.

The confirmation prompt.

For my example survey, I am assuming you want to let all users who logged into the site to complete the survey. So for that you need to find the NT AUTHORITY\AUTHENTICATED USERS domain group. Now click on it and make sure you give them Contribute and click OK. Now get back to the survey settings page.

The user listing.

Managing user permissions.

Now click on advanced settings on the settings page.

The settings page.

The advanced settings page allows you to configure who can see what responses and what they can edit. Note: Edit here means changing their votes after they submit, not editing the survey or web site. The fact they have contribute means they can add (submit) votes.

Advanced survey settings.

Once you have done that your survey should be able to be completed by the users, but because we created unique permissions for the list/survey they won’t be able to edit the site which contains the survey.

If you create a standard WCF service it does not work with Silverlight, it needs a few tweaks to get it to work. First is that Silverlight only supports connecting to a basicHTTP service and not a wsHTTP service, so you need to enable a second service or change your primary to basicHTTP, you can find out the reasons why by reading: Accessing SOAP Services

Second you need to attribute your class with: [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]. For example:

   1: namespace SilverlightApplication1Web

   2: {

   3:     [ServiceContract(Namespace = "")]

   4:     [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]

   5:     public class CustomerService

   6:     {

   7:         [OperationContract]

   8:         public int CountUsers()

   9:         {

  10:             return 2;

  11:         }

The third tweak is the biggest: Normally your WCF service and Silverlight application do not sit in the web application (either in Visual Studio or on the server) and due to the security put in place to prevent cross site attacks your service calls will fail. Obviously creating a web application with everything in is a solution, but if you haven’t you must add a security file to the WCF service web application. There are two files you can create in the root of your website, the first one is a crossdomain.xml. Crossdomain.xml is a format created by Macromedia. I do not recommend this one for Silverlight scenarios as Silverlight only supports a subset of the functionality but if you need to deal with Flash based clients then this is the route you must follow. Your other option is the Microsoft way, which is to create a file called clientaccesspolicy.xml. A clientaccesspolicy.xml to allow all methods, from all clients, to all URLS looks like this:

<?xml version="1.0" encoding="utf-8"?>

<access-policy>

  <cross-domain-access>

    <policy>

      <allow-from http-request-headers="*">

        <domain uri="*"/>

      </allow-from>

      <grant-to>

        <resource path="/" include-subpaths="true"/>

      </grant-to>

    </policy>

  </cross-domain-access>

</access-policy>

That is not normally what you want to do in production because of the security issues, but for early development it can help. Note: You can use BOTH files to get Silverlight and Flash clients to have the best experience. More details on both those files can be found at: http://msdn.microsoft.com/en-us/library/cc197955(VS.95).aspx

The last tip is the usage of WCF in Silverlight. It is still WCF so you are required to open and close your service connection. However since Silverlight makes web calls using async methods you need to chain up commands using events. i.e. you would create a event handler for when the connection is open and then open the connection. In the open event handler you would do the work, and once that completes you close the connection.

Chaining event handlers for getting Silverlight + WCF in code and program flow. 

Special thanks to Herman (the delegator) and Willy for prompting me to write this post… especially since Herman won’t blog on this.

It started with Martin Woodward offering to send a hard drive with the 202 PDC videos on it, which arrived 3 weeks ago. That drive then got sent to Cape Town, in the care of Zlatan. Then on Thursday Chris Simusokwe stopped by the office and grabbed a copy of the videos to take back with him to Zambia! It is very cool to see how the videos recorded in LA a month ago showing the latest from Microsoft have travelled the world ;)

On Thursday night I had the honor to go to my sisters graduation! After many hard years of work and sacrifice she graduated as a teacher, specializing in foundation classes (grade 0-2 if memory serves) from Wits! I am very proud of her :) :) Next year she will be teaching at a school in Krugersdoorp!

My sister in her “batman” cloak with my mother :)

I am really proud to say I know Zlatan, the SharePoint MVP, S.A. Architect community lead and occasional CRM “expert” ;) because he does lead and share information with the community. So it is really great to see him listed at 59th on the top 100 SharePoint blogs (a climb of 41 places from May!). You can read more on his post. Weldone Zlatan!

Willy has another survey on the go which is worth the 3 seconds it takes to complete it, so for the sake of better documentation please complete it (click the image to access it):

Thanks to Willy for the heads up.

Seriously I am grinning like mad this morning, because my first development love has returned: DELPHI! Many years ago it stopped being a good choice for work, if you could get any work, but that changed recently with the announcement of Delphi Prism. DP makes use of Visual Studio to host the Delphi language, that’s right all the power and beauty of VS! The language has been enhanced to support all the cool things that C# can do (LINQ, Silverlight)! So that is very cool, and using Oxygene Compiler you can target .NET, Win32, Mono (so you can run on Linux) with full GUI support for GTK#, and Cocoa for OSX (Tiger and Leopard)!

That’s right one fully featured language targeting 4 different platforms (Old Windows (Win32); New Windows (.NET); Linux; Mac OSX) right from within Visual Studio!

In reality though it has just been press announcements and demo’s at PDC so nothing for me to truly base this on… but hopefully soon.

InfoQ has a nice into article on the subject too: http://www.infoq.com/news/2008/11/Delphi-Prism

After 10 months and 20 days (since RTM) it is now out! You can download it from http://www.microsoft.com/downloads/details.aspx?familyid=57c6267b-3b13-49dd-bfed-3cc83633aea7&displaylang=en&tm

Highlights of the release include (full list at 952858):

• 117 Fixes included!
• As usual with a rollup pack – importing and exporting customisations between different versions is not supported.
• Workflows which are stuck in In Progress or Waiting (http://support.microsoft.com/kb/957701/) – fixed. I am hoping this refers to my previous posts on the issue.
• Also fixed is workflow not working when imported: http://support.microsoft.com/kb/950680/ which may be related.
• When using the router it downloads the message over and over again (saw this one in the field): http://support.microsoft.com/kb/952018
• Outlook fixes for not responding or data loss!
• http://support.microsoft.com/kb/955234/
• http://support.microsoft.com/kb/954800/
• http://support.microsoft.com/kb/948121/
• http://support.microsoft.com/kb/948045/
• http://support.microsoft.com/kb/951179/
• The text length issue I posted on previously: http://support.microsoft.com/kb/955247/

Important Note - Two of the hotfixes require MANUAL configuration after the rollup has been installed. They are (click links for details):

• You cannot use Outlook as expected until all Microsoft Dynamics CRM 4.0 add-ins are loaded
• E-mail messages from a CRM user to a queue are not delivered in Microsoft Dynamics CRM 4.0

Thanks to Jim Glass for the heads up.

There are three sources for information which I have found valuable for VS2010:

• First is the video from PDC about a lap around VS2010: Great high level introduction to what it will be.
• Next is Willy’s series on VSTS 2010 which he just finished.
• Last is for the SharePoint people, is the InfoQ article on it: http://www.infoq.com/news/2008/11/wss_vs2010 – which had some serious highlights:
• "These tools will replace the much-derided SharePoint Designer”
• “Visual Studio will be able to building and debug SharePoint projects. "F5 Just Works!"”
• “A new Packaging Explorer will exist that supports editing Packaging and structuring the SharePoint Features and WSP file.”

Unfortunately the VS2010 bits we have available currently (if you want a copy let me know) includes everything from the video and Willy’s posts but does not include the WSS items. In fact the forthcoming CTP will not even include them :(

Herman, who you may know as “The man without a blog” or “The Delegator” or the guy who works over the partition from me, has released a poster detailing UI interface choices there are and what are the factors involved with choosing that. Very good to have if you trying to decide between Silverlight, Flash, Flex, ASP.NET, WinForms, WPF etc…

Download details available on Willy’s blog.

A picture of the poster… it’s much bigger when you download it.

Update 10 Jan 2011 - The link to Willy-Peter's blog no longer works.