Isolating RER code logic from Provider Hosted Apps

Problem Statement

Users who have full permission on the SharePoint site can delete the mandatory provider hosted apps developed to handle remote events such as List Added, Item Added, etc.,

If the user removes this app by mistake/intentional then the logic written to handle the remote events will not get executed so it’s an overhead for the governance/monitoring job.

Workaround

Deploy the mandatory apps from app catalog as explained here

Optimal Workaround

rer

  • Remove the RER code from the List Settings App (Samples.RER.App) and configure full tenant permissions so that we can attach the RER to any Web or List across the tenant.
  • Instead of installing the List Settings app (Samples.RER.App) in all the sites, install the app only in App Store site so that we have an app principle (app id and secret) that is trusted in our tenant.
  • Don’t deploy the remote web (Samples.RER.AppWeb) that gets created with the List Settings App project (provider hosted).

         Note: I assume you do not have any functionality written on the remote web that gets created with the List Settings App.

  • Create a web project(Samples.RER.Service) that implements the IRemoteEventService interface. This essentially means it must override the methods ProcessEvent and ProcessOneWayEvent methods. Make sure that your project now has the TokenHelper.cs class also. The clientcontext object is retrieved as an app only access token. This code is different from the code that is used normally for a RER.
  • Go back to our web project(Samples.RER.Service) and plug in the App id and secret for the List Settings App in the web.config file.
  • Deploy the app web project(Samples.RER.Service) to azure.
  • Use PowerShell/C# to add/remove receivers to different sites and for different events.
  • When the event occurs, SharePoint will reach out to the WCF Service URL with the event properties object (SPRemoteEventProperties).

The advantage with this setup is that you can keep updating your web project(Samples.RER.Service) and deploy to Azure and then use PowerShell/C# to add/remove receivers to different sites and for different events. There is no need to deploy, remove, redeployment of the app to attach the receivers.

Thank you Srinivas(MS PFE) for this idea.

Advertisements

About Joseph Velliah
As a SharePoint Developer my professional interests tend to be technical and SharePoint focused. I run a blog at "SP RIDER" where you can expect to read HOW TOs and scenarios that I run into during my day to day job. I hope my posts will give back a little to the community that is helped me.

Comments are closed.

%d bloggers like this: