reporting services: use a custom assembly with a local (RDLC) report

Question

I am designing a report that will be used in local mode (an RDLC file) in a Winform app. I have a custom assembly with a static class that has some functions that I want to use inside of the report (as expressions).

I have found all sorts of help for doing this with RDL reports, but I'm running into a permissions problem with my RDLC report.

I get the following error at runtime: "The report references the code module (my module), which is not a trusted assembly".

I know that this is some kind of a code security issue, but I'm not sure what to do to fix it. The documentation that I have seen online is aimed at RDL reports, and it instructs me to edit a SQL Server-specific policy file. I'm using RDLC, so there is no sql server involved. What do I need to do to acquire the appropriate permissions?

Answer 1

Try using the AddTrustedCodeModuleInCurrentAppDomain method of the ReportViewer.LocalReport Property (reportViewer.LocalReport.AddTrustedCodeModuleInCurrentAppDomain("your assembly")).

Also make sure you use the AllowPartiallyTrustedCallers attribute with your assembly ([assembly:AllowPartiallyTrustedCallers]).

Answer 2

The AddTrustedCodeModuleInCurrentAppDomain method is obsolete for .Net 4.0. Visual Studio 2010 disable the call of this method. But there is the AddFullTrustModuleInSandboxAppDomain method in the LocalReport property of ReportViewer class (reportViewer.LocalReport.AddFullTrustModuleInSandboxAppDomain(myAssemblyStrongName)). It requires the strong name of the assembly. My application executes fine from Visual Studio but I get the error "The report references the code module (my module), which is not a trusted assembly" when I'm manually run exe-file from folder "bin". What it can be?

Answer 3

@StefanHa's comment provides the answer, in case that blog post disappears here's the code that worked for me:

using System.Reflection;
using System.Security;
using System.Security.Permissions;
using System.Security.Policy;
PermissionSet permissions = new PermissionSet(PermissionState.None);
permissions.AddPermission(new FileIOPermission(PermissionState.Unrestricted));
permissions.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution));
rv.LocalReport.SetBasePermissionsForSandboxAppDomain(permissions);
Assembly asm = Assembly.Load("MyLib, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null");
AssemblyName asm_name = asm.GetName();
rv.LocalReport.AddFullTrustModuleInSandboxAppDomain(new StrongName(new StrongNamePublicKeyBlob(asm_name.GetPublicKeyToken()), asm_name.Name, asm_name.Version));

I also needed to set PermissionState.Unrestricted instead of PermissionState.None. In my example I was loading System.Web + System.Drawing and so I only needed up to the SetBasePermissionsForSandboxAppDomain.