Accessed denied when attempting to permission folder using the Object Model API

Sean
  • Accessed denied when attempting to permission folder using the Object Model API Sean

    I'm attempting to permission a folder using the Object Model API that is created by an ASP.NET page wrapped into a feature. I am able to create and permission the folder for users that are in the appropriate SharePoint role however, I need to permission the folders that are also in more restrictive roles. The folders are created with no problem but I need to break the inheritance and permission the folder.

    I attempted to wrap the folder creation/permission code in

    SPSecurity.RunWithElevatedPrivileges(delegate() { ... });
    

    I also tried using

    web.AllowUnsafeUpdates = true; 
    

    and

    web.Site.WebApplication.FormDigestSettings.Enabled = false;
    ...
    web.Site.WebApplication.FormDigestSettings.Enabled = true;
    

    The folder is always created however it does not permission properly. Any feedback/direction would be appreciated. Thanks.

  • Have you tried impersonating a user with the necessary rights:

  • Did you get a new instance of SPWeb inside the RunWithElevatedPrivileges delegate? If not, it will use the same credentials as the original request.

  • I ended up getting it to work with a combination of Koen Vosters answer and this link.

    After impersonating the user I had to use:

    web.AllowUnsafeUpdats = true;
    ...
    list.BreakRoleinheritance(true);
    web.AllowUnsafeUpdates = true;
    while (list.RoleAssignments.Count > 0)
    {
       list.RoleAssignments.Remove(0);
    }
    ...
    //Add necessary permissions
    

Tags
object-model permissions
Related questions and answers
  • I'm trying to create folders in a set of custom lists I've created. However, when I try to do this, the New Folder button in the Ribbon is disabled. I read up on the matter; and this lead me to look to enable folder creation in List Settings -> Advance Settings. However, there doesn't seem to be an option to enable folder creation on the page. It shouldn't be a permission related issue; as I created the lists; and I'm also an admin on the farm. I could use a document library; but we will not be uploading documents to the list; so this is more then I need. What are my options, or what am I

  • I have been developing on SP 2010 for a while now. Mostly I have been working with the Client Object Model. Though I am at a point where I need to read out the UserProfiles from inside SharePoint. I see no other way to do this than to make a custom WCFService and deploy it to SharePoint. So that is what I did. I made an "Empty SharePoint Project" and added the mapped "ISAPI" folder. The code... = SPServiceContext.GetContext(site); profileManager = new UserProfileManager(context, true); s += "AccountNames: "; u += "firstNames: "; foreach

  • I am using SharePoint Server 2007 Enterprise with Windows Server 2003 R2 Enterprise. I am developing using VSTS 2008 + C# + .Net 3.5 + IIS 6.0. I have put a simple aspx page into layout folder (the code is very simple, just redirect to another page, and I write inline script code in asp.net), here is my code, and I met with unauthorized error (403) when I select to browse the page from IIS 6.0...#" AutoEventWireup="true" %> <script runat="server" type="text/C#"> protected void Page_Load(object sender,EventArgs e) { Response.Redirect("http://www.google.com"); } </script> <

  • Problem: Creating a site column using the SharePoint API (Object Model) with incorrect case in the URL for the SPSite or SPWeb object will cause the new column to throw an exception if an attempt... and SPWeb.Url properties seem to return back whatever case they are instantiated with. In other words, the site collection is provisioned using the following URL: http://server/Path/Site Then, if I create a new Site Column using the SharePoint object model and happen to use http://server/path/site when instantiating the SPSite and SPWeb objects, the site column will be made available but when

  • I have a webpart i build using WSpBuilder and it works OK. When i use Deploy from Visual Studio it installs the WSP sharepoint and add the webpart to the webpart gallery. But it seems the feature does activate the webpart but i also want to remove it when deactivating it.(So i know i need to add something to the FeatureDeactivating So i created a Feature With Reciever template and added it to the project.Which created a folder FeatureWithReceiver with the element and feature xml files and also a FeatureCode folder with FeatureWithReceiver.cs public override void FeatureDeactivating

  • I have some code which I am attempting to use to "rollback" a SharePoint document and it's metadata properties to a previous version using ootb version control and the SharePoint API. Here is a sample of my code: int versionCount = item.Versions.Count; if (versionCount > 0) { // this only restores properties item.Versions.Restore(1); } The expected result of calling restore using 1..., I have attempted to use item.File.Versions only to find item.File.Versions.Count is 1. Can anyone provide any insight?

  • to the Pages library. This correctly provisions the page to the Pages library with an Announcements List View web part provisioned to the page. I have about 800 (or so) sites created from this site definition. We have a need to add a few web parts to the page for any new sites created from the template and also for all of the existing 800 sites. The plan was to move the default.aspx module from ONET...This is in the context of MOSS 2007. I have a custom site definition. Currently in ONET.xml we have the following Module: <View List="$Resources:core,lists_Folder;/$Resources:core

  • to the site and iterate over the Folders and the Items in the top level, but what I want is to be able to iterate over items within the Folders. Out structure is as follows: site - http://localhost/my_site list - Pages Folder - News ItemB - Article ItemA - Contents The site is easy enough to connect to, with that I can get the list, Folder and ItemA's and output them so I can see what lives there. What I would like is to be able to view all the ItemB's (and there may be lots of them) under each Folder, there are about 10 Folders in the List with each Folder containing lots

  • I have created a recursive query that contains 2 multi user fields. After much thrashing, where I would add the and had my query return no results, I found that the FieldRef needed to include Nullable="TRUE" and Type="UserMulti". This works, in the query now returns the correct number of records, however the value in my 2 multi user fields is empty. <View> <Webs Scope="Recursive...; <FieldRef Name="ID" /> <!-- Field which do not return values --> <FieldRef Name="Responsible" Nullable="TRUE" Type="UserMulti" /> <FieldRef Name="Accountable

Data information