Sharepoint Impersonation.

Please visit this : Samsung Service Galaxy S

When you create a web form or web part for wss or sharepoint and work with list items for example you should impersonate the current logged user in your application to see who modified, added the list item. I chose this example to be the simplest.
So I created a web part for my sharepoint site.

I added this to the default project created when you choose Sharepoint Web Part project:
c# code:

private string customMessage = "Hello, world!";
[WebBrowsable(true),
WebDescription("Displays a custom message"),
WebDisplayName("Display Message"),
Personalizable(PersonalizationScope.User)]
public string DisplayMessage
{
get { return customMessage; }
set { customMessage = value; }

}

In the render function i added my code. To make a similarity to asp.net you can think of it as page_load handler. Whenever you refresh the page that has the web part on it it executes your code.
Here i get the current logged in user i display it on the screen and then i create a new item in the Announcements List as added by the user logged in:

protected override void Render(System.Web.UI.HtmlTextWriter writer)
{
try
{
HttpContext ctx = HttpContext.Current;
SPWeb web = SPControl.GetContextWeb(this.Context);

if ( (ctx.User != null) && (ctx.User.Identity != null))
customMessage=ctx.User.Identity.Name;
writer.Write(DisplayMessage);

And we show this way the current logged in user.
Now we impersonate the user and create a new item in the Announcements list in his name. Every logged in user has a token (it identifies the authentication process applied to the user).

SPSite impersonatedSiteCollection = new SPSite( SPControl.GetContextSite(this.Context).ID, token);
SPWeb oWebsiteRoot = impersonatedSiteCollection.OpenWeb();
oWebsiteRoot.AllowUnsafeUpdates = true;
SPList oList = oWebsiteRoot.Lists["Announcements"];

SPListItem oListItem = oList.Items.Add();
oListItem["Title"] = "My Item";
oListItem["Created"] = new DateTime(2004, 1, 23);
oListItem["Modified"] = new DateTime(2005, 10, 1);
oListItem.Update();
}
catch (System.ArgumentException e)
{
customMessage = e.Message ;
writer.Write(DisplayMessage);
}

I put it in a try catch sequence because the current logged in user might not have the rights to add a new item to that list and if so the page that contains the webpart will crash and he would not see it even though he has rights to. With the try catch the webpart will tell him that he has no rights.

Commerce Server 2009

Advertisements
Leave a comment

1 Comment

  1. Add RoleAssignment to listitem. « Techyard’s Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: