Managing a VBA Project

3 4

To work effectively and to minimize maintenance tasks later, use these project management practices:

  • Remove project items that are no longer needed to reduce file size and make the project easier to maintain.
  • Protect your code, if necessary, from being viewed or modified by users.
  • Digitally sign your Microsoft Visual Basic for Applications (VBA) projects to show that your solution is from a trusted source.
  • Design modules, class modules, and user forms for reuse, to save time writing code. In addition, VBA versions 6.0 and later allow you to run add-ins that can be shared across applications.

For details about reusing project items, see Importing Files into and Exporting Files from Your Project in Creating a VBA Project earlier in this chapter.

Removing Project Items

When you remove an item, you permanently delete it from the project list—you cannot undo the Remove action. Make sure remaining code in other modules and user forms doesn't refer to code in the removed item.

To remove a project item

  1. Select the item in the Project Explorer.
  2. On the File menu, click Remove name.
  3. You will be asked if you want to export the item before removing it.
    • Click Yes to open the Export File dialog box.
    • Click No to delete the item.

Protecting Your Solution's VBA Code

To protect your code from being viewed or modified by users, you can lock a project. When you lock a project, you set a password that must be entered before the project can be viewed in the Project Explorer.

To lock your VBA project against viewing

  1. On the Tools menu, click Drawing Name Properties.
  2. Click the Protection tab and select the Lock project for viewing check box.
  3. Enter a password and confirm it.
  4. Save your Visio file and close it.

The next time you open the Visio file, the project is locked. Anyone who wants to view or edit the project must enter a password.

Using Digital Certificates to Produce Trusted Solutions

Like other Microsoft Office or Office XP products, Microsoft Visio uses Microsoft Authenticode technology to allow you to digitally sign VBA projects in your documents by using a digital certificate that identifies you as a trusted source. Visio has security-level settings that allow users to identify code produced by trusted sources and to prevent unsigned VBA projects from running in Visio.

To produce a trusted solution, you need to obtain and install a digital certificate that you can use to digitally sign your VBA projects in Visio documents. When opening a signed document, Visio can verify if an authentic digital signature exists and determine if the signed VBA project has been altered in any way since it was signed. Depending on the security level, Visio either automatically disables macros that might have been altered, or lets the user decide whether to enable or disable these macros.

Note


The security settings for Visio apply specifically to VBA projects within Visio documents. Visio does not provide security for Visio add-ons, COM add-ins, and any ShapeSheet functions that cause external code to run.

As a Visio solution developer, digitally signing your VBA projects can help to ensure that your solution users will be able to run the solution without being blocked by security settings. However, there are some security options in the control of users and administrators that can potentially interfere with your solution. For details, see Security and policy settings that can affect your solution's VBA code later in this section.

Setting security levels for Visio

A Visio document opens in run mode by default unless the macros in the document have been disabled. Macros are enabled or disabled depending on the security level setting for Visio and whether the VBA project has been digitally signed. The following table describes the possible ways that security settings, signed and unsigned projects, and trusted and untrusted sources can interact when a document opens.

How security levels and digital signatures work together

Type of document and verification result High security Medium security Low security

No project

Document is opened.

Document is opened.

Document is opened.

Unsigned project

Macros are automatically disabled without notification and the document opens.

User is prompted to enable or disable macros.

No prompt. Macros are enabled.

Signed project from a trusted source. Verification succeeds.

Macros are automatically enabled and the document opens.

Macros are automatically enabled and the document opens.

Macros are enabled.

Signed project from an unknown author. Verification succeeds.

A dialog box is displayed with information about the certificate. Macros can be enabled only if the user chooses to trust the author and certifying authority by selecting the Always trust macros from this author check box in the Security Warning dialog box. A network administrator can lock the trusted sources list and prevent the user from adding the author to the list and enabling the document's VBA project's macros.

A dialog box is displayed with information about the certificate. The user is prompted to enable or disable macros. Optionally, the user can choose to trust the author and certifyingauthority by selectingthe Always trust macros from this author check box in the Security Warning dialog box.

No prompt or verification. Macros are enabled.

Signed project from any author. Verification fails, due to a virus.

User is warned of a possible virus. Macros are automatically disabled.

User is warned of a possible virus. Macros are automatically disabled.

No prompt or verification. Macros are enabled.

Signed project from any author. Verification not possible because public key is missing or incompatible encryption methods were used.

User is warned that verification is not possible. Macros are automatically disabled.

User is warned that verification is not possible. User is prompted to enable or disable macros.

No prompt or verification. Macros are enabled.

Signed project from any author. The signature was made after the certificate had expired or been revoked.

User is warned that the signature has expired or been revoked. Macros are automatically disabled.

User is warned that the signature has expired or been revoked. User is prompted to enable or disable macros.

No prompt or verification. Macros are enabled.

If the user selects the Always trust macros from this source check box in the Security Warning dialog box, the certificate is listed on the Trusted Sources tab of the Security dialog box.

The Trusted Sources tab in the Security dialog box lists all digital certificates that have been previously accepted by a user or that have been previously installed by a network administrator. A user doesn't add trusted sources directly to this dialog box, but can add a new certificate to the list by selecting the Always trust macros from this author check box upon opening a signed document from a new source for the first time. An administrator can lock the trusted sources list so that no new sources can be added to the list by users. Therefore, only macros signed by using approved certificates currently in the list will run.

Note


Visio does not support the Trust all installed add-ins and templates option that some Microsoft Office and Office XP applications support.

To change the security level for macro virus protection

  1. On the Tools menu, point to Macros, and then click Security.
  2. Click the Security Level tab, and then choose the security level you want to use.
  3. High Runs code only from trusted sources.

    Medium Permits users to choose whether to run potentially unsafe code.

    Low Runs all code, trusted or not.

  4. Click OK.

Note


Todisable macros programmatically when a document opens, use the visOpenMacrosDisabled flag in the OpenEx method of a Documents collection.

Digitally signing a VBA project

To digitally sign VBA projects in your solution, you must first obtain a digital certificate for software publishing. You can get a digital certificate in three ways:

  • Create a digital certificate for your own use.
  • Obtain a digital certificate from your organization's internal certification authority.
  • Obtain a digital certificate from a commercial certification authority such as VeriSign, Inc.

For more information about digital certificates and digital signatures, search on these terms in the MSDN Library: "digital signature," "digital certificate," "Authenticode," and "security."

To digitally sign a VBA project

  1. Open the document or template that contains the VBA project you want to sign.
  2. Open the Visual Basic Editor (on the Tools menu, point to Macros, and then click Visual Basic Editor).
  3. In the Project Explorer, select the project you want to sign.
  4. On the Tools menu, click Digital Signature.
  5. Do one of the following:
    • If you haven't previously selected a digital certificate, or want to use another one, click Choose, select the certificate, and then click OK twice.
    • To use the current certificate, click OK.

    If a VBA project has been signed previously, clicking Choose and selecting a new digital certificate replaces the previous signature. To remove a signature from a previously signed project, click Remove.

Security and policy settings that can affect your solution's VBA code

Be aware that administrators and users can set security levels, installation options, or run-time options for VBA projects that might interfere with your solution's ability to run VBA code in Visio.

Users can set Visio security levels and whether VBA is enabled or disabled in Visio at run time in the Visio application. Administrators can set security policies using a Policy Editor or logon scripts, or by manually updating the registry. Settings that affect security and the ability to run code in a solution include the following:

  • Security level settings In addition to user control over security level settings, administrators can also set policies that determine the minimum allowable security level for a user or a group. The highest security level setting (user or administrator) is enforced.
  • Disabling VBA in Visio Visio users can temporarily disable VBA in Visio by clearing the Enable Visual Basic for Applications check box on the Advanced tab of the Options dialog box (on the Tools menu, click Options). Administrators can set a policy (user or group) for this option to disable VBA.
  • Visio users and administrators can also disable VBA in Visio by choosing not to install VBA. If another application installs VBA, it will then become available to Visio. In that case, users and administrators would still have the option to disable VBA temporarily using the methods previously mentioned.

  • Denying access to the Visual Basic object model from Visio An administrator can set a policy that denies access to the Visual Basic object model from Visio. When access to the Visual Basic object model is denied, the Application.VBE property and the Document.VBProject property are disabled. This setting provides security against virusesthat use these properties to replicate themselves into projects of other documents. This is an administrator setting only; users cannot set this property through the Visio user interface.

Additional details for administrators on setting security policies can be found in the Microsoft Visio Resource Kit, available from the Microsoft Visio Web site (http://www.microsoft.com/office/visio/).

Using the Add-In Manager

In the Visual Basic Editor, you can use the Add-In Manager to manage add-ins that extend the VBA development environment. These add-ins are COM-based and provide the developer with a way to use a single add-in to add functionality to any VBA host application (VBA version 6.0 and later), including Visio. For more information about add-ins, see the Microsoft Visual Basic Help.

To display the Add-In Manager from the Visual Basic Editor

  • On the Add-Ins menu, click Add-In Manager.

The Add-In Manager dialog box appears with a list of add-ins that have been registered with Visio.

Note


The add-ins described in this section apply specifically to extending the VBA development environment. For details on using COM add-ins to extend Visio, see Chapter 23, Using COM Add-ins in a Visio Solution.



Developing Microsoft Visio Solutions 2001
Developing Microsoft Visio Solutions (Pro-Documentation)
ISBN: 0735613532
EAN: 2147483647
Year: 2004
Pages: 180

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net