Hello,
I have created a C# web part that adds a user found in Active Directory to an existing SharePoint Group. It runs fine if I am running as the SharePoint administrator but gives me an access denied message if I try running the Add as a different user who has full control to the site.
I was able to fake out the "Search" function by changing the group.owner to the ID of the logged on user but the "CanCurrentUserEditMembership" doesn't fall for that.
I have the code encapsulated with RunWithElevatedPrivileges and web.AllowUnsafeUpdates = true and it sets my ID to SharePoint\System but still tells me Access Denied on the Group.AddUser. This link sure made it sound easy
I have now tried impersonating the administrator account but still getting access denied.
I am running in my own VM environment and I am wondering if there is a patch or something I am missing. It won't look pretty but here is the snippet:
foreach (PickerEntity entity in PeopleEditor.ResolvedEntities)
{
if (entity.IsResolved == true)
{
try
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
SPSite oSite = null;
oSite = new SPSite(SPContext.Current.Site.ID);
SPWeb oweb = oSite.OpenWeb();
SPUser SAuser = oweb.AllUsers["MYDOMAIN\\Administrator"];
SPUserToken token = SAuser.UserToken;
SPSite impersonatedSiteCollection = new SPSite(SPContext.Current.Site.ID, token);
using (SPWeb web = impersonatedSiteCollection.OpenWeb(oweb.ID))
{
web.AllowUnsafeUpdates = true;
//RequestList is a SharePoint List
//_ddl_ReqList_Assoc_Groups is a drop down of SP groups associated with that list
SPGroup group = RequestsList.Lists.Web.Groups[_ddl_ReqList_Assoc_Groups.SelectedItem.Value];
group.AddUser(entity.Key, null, null, null);
group.Update();
label.Text = "The selected viewer: " + entity.DisplayText + " has been added to the : " + group.Name + " location</br>";
this.buttonAddUser.Enabled = false;
}
}
);
}
I have created a C# web part that adds a user found in Active Directory to an existing SharePoint Group. It runs fine if I am running as the SharePoint administrator but gives me an access denied message if I try running the Add as a different user who has full control to the site.
I was able to fake out the "Search" function by changing the group.owner to the ID of the logged on user but the "CanCurrentUserEditMembership" doesn't fall for that.
I have the code encapsulated with RunWithElevatedPrivileges and web.AllowUnsafeUpdates = true and it sets my ID to SharePoint\System but still tells me Access Denied on the Group.AddUser. This link sure made it sound easy
I have now tried impersonating the administrator account but still getting access denied.
I am running in my own VM environment and I am wondering if there is a patch or something I am missing. It won't look pretty but here is the snippet:
foreach (PickerEntity entity in PeopleEditor.ResolvedEntities)
{
if (entity.IsResolved == true)
{
try
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
SPSite oSite = null;
oSite = new SPSite(SPContext.Current.Site.ID);
SPWeb oweb = oSite.OpenWeb();
SPUser SAuser = oweb.AllUsers["MYDOMAIN\\Administrator"];
SPUserToken token = SAuser.UserToken;
SPSite impersonatedSiteCollection = new SPSite(SPContext.Current.Site.ID, token);
using (SPWeb web = impersonatedSiteCollection.OpenWeb(oweb.ID))
{
web.AllowUnsafeUpdates = true;
//RequestList is a SharePoint List
//_ddl_ReqList_Assoc_Groups is a drop down of SP groups associated with that list
SPGroup group = RequestsList.Lists.Web.Groups[_ddl_ReqList_Assoc_Groups.SelectedItem.Value];
group.AddUser(entity.Key, null, null, null);
group.Update();
label.Text = "The selected viewer: " + entity.DisplayText + " has been added to the : " + group.Name + " location</br>";
this.buttonAddUser.Enabled = false;
}
}
);
}