Available and Unavailable SharePoint Assemblies from Sandboxed Solutions in SharePoint 2010
Published: February 2011
This topic lists the Microsoft SharePoint Foundation and Microsoft SharePoint Server managed code assemblies that are available from sandboxed solutions and those that are unavailable.
Not all assemblies in SharePoint Foundation and SharePoint Server can be called from sandboxed solutions.
For information about Microsoft .NET Framework assemblies that are available from sandboxed solutions, see Available and Unavailable .NET Assemblies from Sandboxed Solutions in SharePoint 2010.
Calls from sandboxed solutions to APIs in SharePoint assemblies, other than Microsoft.SharePoint.dll, are subject to the same restrictions as any other calls from sandboxed solutions: Only assemblies with the AllowPartiallyTrustedCallersAttribute can be called, only assemblies that are installed in the global assembly cache can be called, and all APIs that are called are subject to the code access security (CAS) policy and the restricted security token of the sandboxed worker process. For more information, see Restrictions on Sandboxed Solutions in SharePoint 2010.
The Microsoft.SharePoint.dll assembly is a special case. Calls from sandboxed solutions to APIs in this assembly are both more and less restricted than calls to other SharePoint APIs. For more information about calls to this assembly from sandboxed solutions, see Sandboxed Solutions Architecture in SharePoint 2010 and Microsoft.SharePoint.dll APIs That Are Available from Sandboxed Solutions.
The following sections list the SharePoint Foundation and SharePoint Server managed code assemblies that have the AllowPartiallyTrustedCallersAttribute and those that do not.
Some SharePoint assemblies contain only classes that we do not support calling in third-party code. Those assemblies are not listed in any of the tables of this topic.
Code in sandboxed solutions may not call unmanaged assemblies.
The assemblies that are listed in this section are "available" in sandboxed solutions in the sense that they meet three conditions:
There is at least one public API in each of them that we support calling at least in a farm solution.
Each assembly has the AllowPartiallyTrustedCallers attribute.
Each assembly is deployed to the global assembly cache.
Remember that not every API in an available assembly can be successfully called. Some APIs may require permissions that are not allowed by the process token or CAS policy of the sandboxed worker process. Therefore, it is possible that some, or even all, of the APIs in an assembly that is listed as available cannot be called from a sandboxed solution. In particular note that the CAS policy prevents code in the sandboxed worker process from accessing the SharePoint databases (except for calls to the databases made from Microsoft.SharePoint.dll). Often calls to APIs in SharePoint Foundation and SharePoint Server assemblies other than Microsoft.SharePoint.dll will fail because of this restriction even when the assembly is in the GAC and has the AllowPartiallyTrustedCallers attribute.
This assembly is handled differently from the others. For more information, see Sandboxed Solutions Architecture in SharePoint 2010 and Microsoft.SharePoint.dll APIs That Are Available from Sandboxed Solutions.
Most calls to APIs in this assembly trigger calls to Microsoft.SharePoint.dll. Because all calls to the latter assembly (from the sandboxed worker process) are redirected to the shim version of the assembly, the calls from Microsoft.SharePoint.Linq.dll are first passed through the shim and are ultimately executed by the standard version of Microsoft.SharePoint.dll running in a full trust proxy process. Thus, LINQ to SharePoint can read and write to the content databases. For more information about the shim version of Microsoft.SharePoint.dll, see Sandboxed Solutions Architecture in SharePoint 2010 and Special Versions of the Microsoft.SharePoint.dll Assembly. For more information about LINQ to SharePoint, see Managing Data with LINQ to SharePoint.
Most of the assemblies listed here do not have the AllowPartiallyTrustedCallers attribute.
Although this assembly has the AllowPartiallyTrustedCallers attribute, it is not available because it is not deployed to the global assembly cache.