Search This Blog

Wednesday, January 14, 2015

Run code with elevated privileges in SharePoint


“The RWEP method enables you to supply a delegate that runs a subset of code in the context 

of an account with higher privileges than the current user
Exact Definition:


If the user has the required level of permissions to do a certain action like delete,update,move to then we need to use the Run with Elevated Privileges method for access or use it.
How To Use :
private void CustomFunction()
{
            // Non-Elevated Permission Code Goes Here

            SPSecurity.RunWithElevatedPrivileges(delegate()
            {
                         SPSite site = SPContext.Current.Site;   
                         SPWeb web = SPContext.Current.Web;
                          //New SPSite object.
                         using (SPSite newsite = new SPSite(Site.ID))
                         {
                                      //New SPWeb object.
                                     using (SPWeb newWeb = newSite.OpenWeb(web.ID))
                                     {
                                    //Do things by assuming the permission of the "system account".
                                      }
                        }
            });  // Note the Brackets used while creating delegate
}

Example:

private void CustomFunction()
{
      SPSite site = SPContext.Current.Site;
      SPWeb web = SPContext.Current.Web;

      SPSecurity.RunWithElevatedPrivileges(delegate()
      {
            using (SPSite newSite = new SPSite(site.ID))
            {
                  using (SPWeb newWeb = newSite.OpenWeb(web.ID))
                  {
                        list = newWeb.Lists["ElevatedListTest"];
                        SPListItem newItem = list.Items.Add();
                       
                        // Do stuff to create the list item
 
                        newWeb.AllowUnsafeUpdates = true;
                        newItem["Title"] = "Testing Title";
                        newItem.Update();
                                          list.Update();
                        newWeb.AllowUnsafeUpdates = false;
                  }
            }
       });
}

                 Or 


Among the two approaches which one is preferred with run with elevated privileges?
First Approach:
SPSecurity.RunWithElevatedPrivileges(delegate()
                {
                    using (SPSite curSite = new SPSite(SPContext.Current.Site.ID))
                    {
                        using (SPWeb web = curSite.OpenWeb(SPContext.Current.Web.ID))
                        {
                            try
                            {
                                web.AllowUnsafeUpdates = true;
                                \\ do your stuff
                            }
                            catch (Exception e)
                            {

                            }
                            finally
                            {
                                web.AllowUnsafeUpdates = false;
                                web.Dispose();
                            }
                        }
                    }
                });
Second Approach:
SPSite oSite = SPContext.Current.Site;
SPWeb oWeb = SPContext.Current.Web;
SPSecurity.RunWithElevatedPrivileges(delegate()
                {
                    using (SPSite curSite = new SPSite(oSite.ID))
                    {
                        using (SPWeb web = curSite.OpenWeb(oWeb.ID))
                        {
                            try
                            {
                                web.AllowUnsafeUpdates = true;
                                \\ do your stuff
                            }
                            catch (Exception e)
                            {

                            }
                            finally
                            {
                                web.AllowUnsafeUpdates = false;
                                web.Dispose();
                                oWeb.Dispose();
                                oSite.Dispose();
                            }
                        }
                    }
                });
Example Of Sending Email In RWEP:
The following example sends an email using elevated privileges. This will elevate the privileges to execute using the service account. The SPSecurity.RunWithElevatedPrivileges method taks a delegate method as its argument and executes that code with the service account.

public void SendEmail(Email email)
{
   SPSecurity.RunWithElevatedPrivileges(delegate()
   {
        SmtpClient mail = new SmtpClient();    MailMessage message = new MailMessage();
            message.From = new MailAddress(this.SenderAddress);
            message.To.Add(email.To);
            message.IsBodyHtml = email.IsHtml;  
            message.CC.Add(email.Cc);  
            message.Bcc.Add(email.Bcc);  
            message.ReplyTo = new MailAddress(this.ReplyToAddress);  
            message.Subject = email.Subject;  
            message.Body = email.Body;

         mail.Host = this.CentralAdminOutboundServerAddress; mail.Send(message);
    });
}


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)