An interesting read on Guerrilla Threat Modelling (or ‘Threat Modeling’ if you’re American) by Peter Torr. This is a relatively old post, but still applies today. In addition, a good practice to implementing threat countermeasures is the STRIDE approach which is described in MSDN magazine.
Here is a quick list of Inversion of Control Frameworks:
Problem
In a MOSS 2007 installation we have a site with a wiki library. The wiki library has been customized a bit with event handlers to do some fancy automatic permission assignments to individual wiki pages and prevent some users from approving wiki pages that they are not allowed to. This was done so that every user is able to add, read, edit wiki pages but let individual identified users handle the approval of the pages in a large wiki library. These details are probably inconsequential.
The real problem is there is a single user who can can read, add, and edit wiki pages. He is also assigned to approve some wiki pages. However, when he attempts to view the history of a wiki page for approval he gets an access denied error. The history page for a wiki page in a wiki library is an application page (in _layouts directory) with the following path: http://<path to sharepoint site>/_layouts/VersionDiff.aspx?ListID=<my wiki library id>&ID=<id for the wiki page>&Source=<return path>
The user also experiences this error when clicking the link to view incoming links. The path for this page is: http://<path to sharepoint site>/_layouts/BackLinks.aspx?ListID=<my wiki library id>&ID=<id for the wiki page>
This user has the following permissions being applied:
- Site Permissions – Limited Access
- List Permissions – Limited Access
- Item Permissions – Design
This user is also part of a domain group which has the following permissions being applied:
- Site Permissions – Limited Access
- List Permissions – Contribute
- Item Permissions – Contribute
Solution
I started a thread in the TechNet SharePoint forum in hopes of finding someone who has run into this problem before. Thanks to the folks in the forums, there were a few suggestions on how to resolve the problem. Unfortunately, I didn’t have the opportunity to try most of these. But here are the suggestions:
- Delete the user from the SharePoint site and re-add the user and re-apply permissions.
- Recreate the AD account
- Assign a higher level privillege to a parent object (This is the band aid that I applied which resolved the problem)
Came across this blog post via EndUserSharePoint.com which goes through and clearly differentiates between the definition of a community and a social network from both an offline and online perspective.
It is interesting to see and understand the difference between the two terms which are often interchanged without a second thought.
. Lot’s of good content here regarding development and design guidelines for using the .NET Framework. The