Out Of The Box Sharepoint (?)

February 25, 2008

Impersonating in MOSS

Filed under: Sharepoint — Peter Kruisman @ 1:01 pm

I Use C#:

  •  webpart template 1.1 , 
  •  strong signed,
  • method SPSecurity.RunWithElevatedPrivileges() ,
  • webconfig  <trust level=WSS_Minimal originUrl=“” />.

    Logged on as a visitor didn’t update the list (access denied).
    It took me a considerable time to discover my miscoding. 
    Maybe others can benefit from my quest.
    his does  the job in an out of the box MOSS environment:
    SPWeb Oweb = siteNew.OpenWeb(SPContext.Current.Web.ID))
    SPSite siteNew = new SPSite(SPContext.Current.Site.ID))
    Oweb.AllowUnsafeUpdates = true;
    SPList list = Oweb.Lists[“YourListName”];
    The ‘complete’  method, call it from within an event,  StatusUpdate():

    using (SPSite siteNew = new SPSite(SPContext.Current.Site.ID)){
    using (SPWeb Oweb = siteNew.OpenWeb(SPContext.Current.Web.ID)){
    Oweb.AllowUnsafeUpdates = true;
    SPList lijst = Oweb.Lists[“Feedback”];
    if (lijst.DoesUserHavePermissions(SPBasePermissions.EditListItems)){
    SPQuery query = new SPQuery();
    string Squery;
    Squery = string.Format(“<Where><Eq><FieldRef Name=’Ontvanger’/><Value Type=’User’>{0}</Value></Eq></Where>”, gebruiker);
    query.Query = Squery;SPListItemCollection data = lijst.GetItems(query);
    this.data_Table = new DataTable();data_Table = data.GetDataTable();//test: heeft gebruiker wel een item
    if (data_Table != null){//kolomdata_ColumnCollection = data_Table.Columns;
    //Status is “Approved” = 0 : checked event — “Pending” = 2 : unChecked event
    if (ID_ >= 0 && status != 100){
    SPListItem nw_Status = lijst.GetItemById(ID_);

    /*SourceID=”http://schemas.microsoft.com/sharepoint/v3&#8243; StaticName=”_ModerationStatus” FromBaseType=”TRUE”><CHOICES><CHOICE>0;#Approved</CHOICE><CHOICE>1;#Rejected</CHOICE><CHOICE>2;#Pending</CHOICE><CHOICE>3;#Draft</CHOICE>





    nw_Status[“_ModerationStatus”] = status;//0 = Approved, 2 = Pendingnw_Status.Update();}}else{//data_Table}}else{//DoesUserHavePermissions

    }// //–Oweb.AllowUnsafeUpdates = false;Oweb.AllowUnsafeUpdates = false;
    /* SPSIte en SPWeb implementeren de IDisposable interface. .Net verwacht dat deze interfaces worden opgeschoond */

    );//einde RunWithElevatedPrivileges

    return data_Table;

1 Comment »

  1. Thanks for this snippet, it saved my day. I had a similar problem with queries against lists and “access denied” due to lack of permissions for updating view.

    Comment by Toft — March 25, 2008 @ 10:47 am

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: