Since resources are stored in a database all read operations and more editing operations on resources require no special rights. Basic Resource reading and adding/editing will work in medium trust.

However, several 'intrusive' resource tasks like exporting resources, recycling the application and importing file based resources require additional permissions.

File System Permissions

Several of the administratative features of the Administration interface require WRITE access in the Web path of the application for the Web server account. Typically this account is NETWORK SERVICE/ASPNET typically - but you can check with <%= Environment.UserName %> which account is running. Operations that require full access to the Web directory include:

  • Exporting Resources to ResX files
  • Recycling the Web application (touches web.config)
  • Importing file based resources via Upload

High or Full Trust for Resource Exports

The ResX Exporter routines uses several system components that require at least High Trust if you are using the Westwind.Globalization assembly as a local assembly stored in the BIN directory.

The translation services also require access to System.Net and WebRequest access which is not permitted in medium trust. You can work around this particular Web access problem by using:

Translation Service Access

In addition you may also need to tweak the access URL settings for the Web services which by default won't be allowed access to in Medium trust. You can work around this by adding the originUrl Regular Expression to the Medium Trust directive that enables specific Urls:

<trust level="Medium" originUrl="http://.*"/>

or if you want to be more restrictive:

<trust level="Medium" originUrl="(http://www.google.com/translate_t)|(http://babelfish.yahoo.com/translate_txt)"/>