CODEWITHSUNDEEP
c#securitysharepoint-2010camlsplistitem
Xavier Casillas
Xavier Casillas

Reputation: 87

Sharepoint 2010, Determine access to SPListItem based on a Current User

i am using a CAML Queryy to get all the list items that are cotains a ContentType, but i also need to know if the Current user, has permissions to see that file.

That part i do not know how can i check it.

i use this exmpla as reference of how to get the items related to a content type.

https://sharepoint.stackexchange.com/questions/14566/how-to-find-all-documents-of-a-certain-content-type

Thanks.

Upvotes: 0

Views: 3729

Answers (1)

Stefan
Stefan

Reputation: 14880

Per default in SharePoint our code runs impersonated as the user executing the web request. Thus the items returned by the CAML query are already security trimmed. Meaning, the result set only contains items the current user is allowed to "see".

Under some circumstances you are required to execute the CAML query with system priveliges. To do so the SPSite object has to be opend with the system account token:

using (SPSite elevatedSite = new SPSite("http://server-url", SPUserToken.SystemAccount))
{
  // open web; list; 
  // execute caml query with system account priveliges.
}

In that case you could check / ensure permissions on a certain list item with the method DoesUserHavePermissions:

SPListItem item = //...
if (item.DoesUserHavePermissions(SPContext.Current.Web.CurrentUser, SPBasePermissions.ViewListItems))
{
  // futher actions if user has permission goes here.
}

Important to note is that you have to call the overload of the DoesUserHavePermissions with the SPUser argument. The overload without will use the "current user" of the site. Which is the system account since the site was opened with the system account token.

Upvotes: 1

Related Questions