CODEWITHSUNDEEP
entity-frameworksharepointsharepoint-2010impersonation
Lorenzo
Lorenzo

Reputation: 29427

EF + UnitOfWork + SharePoint RunWithElevatedPrivileges

In our SharePoint application we have used the UnitOfWork + Repository patterns together with Entity Framework. To avoid the usage of the passthrough authentication we have developed a piece of code that impersonate a single user before creating the ObjectContext instance in a similar way that is described in "Impersonating user with Entity Framework" on this site.

The only difference between our code and the referred question is that, to do the impersonation, we are using RunWithElevatedPrivileges to impersonate the Application Pool identity as in the following sample.

SPSecurity.RunWithElevatedPrivileges(delegate() { 
    using (SPSite site = new SPSite(url)) {
        _context = new MyDataContext(ConfigSingleton.GetInstance().ConnectionString);
    }
});

We have done this way because we expected that creating the ObjectContext after impersonation and, due to the fact that Repositories are receiving the impersonated ObjectContext would solve our requirement.

Unfortunately it's not so easy. In fact we experienced that, even if the ObjectContext is created before and under impersonation circumstances, the real connection is made just before executing the query, and so does not use impersonation, which break our requirement.

I have checked the ObjectContext class to see if there was any event through which we can inject the impersonation but unfortunately found nothing.

Any help?

Upvotes: 0

Views: 541

Answers (1)

Vojtech Nadvornik
Vojtech Nadvornik

Reputation: 351

We had a simillar problem when we used LinqToSharePoint. The DataContext is created from the HttpContext.Current and did not consider the RunWithElevatedPrivileges method. We did a nasty workaround that we backed up the original HttpContext, created a new dummy HttpContext in the RunWithElevatedPrivileges method and the problem went away. Obviously we set the context to the original afterwards.

Edit:

You can use the method below to create new dummy HttpContext.Call this method as first in your RunWithElevatedPrivileges. In the normal context just backup your currenct context with var backupContext = HttpContext.Current and after everything is done just set the context back. 

private void SetNewContextWeb(SPWeb oWeb)   
{ 
    HttpRequest httpRequest = new HttpRequest(string.Empty, oWeb.Url, string.Empty); 
    HttpContext.Current = new HttpContext(httpRequest, new HttpResponse(new System.IO.StringWriter()));   
    SPControl.SetContextWeb(HttpContext.Current, oWeb);   
}

Upvotes: 1

Related Questions