i am getting this error when trying to update an alert for a user in the team discussion list.
My code is :
SPUser user = mysite.OpenWeb().CurrentUser;
SPSecurity.RunWithElevatedPrivileges(delegate()
{
SPSite site = new SPSite(mysite.ID);
SPWeb myweb = site.OpenWeb();
string id = this.Page.Request.QueryString["RootFolder"].ToString();
string[] rootfolder = id.Split(#"//".ToCharArray());
myweb.AllowUnsafeUpdates = true;
SPList mylsit = myweb.Lists["Team Discussion"];
SPListItem item = mylsit.GetItemById(21);
SPUser curruser = myweb.EnsureUser(user.LoginName);
Response.Write(curruser.LoginName);
SPAlert newAlert = user.Alerts.Add();
newAlert.AlertType = SPAlertType.Item;
newAlert.Item = item;
newAlert.Properties["eventtypeindex"] = "1";
newAlert.AlertFrequency = SPAlertFrequency.Immediate;
newAlert.Update(false);
myweb.AllowUnsafeUpdates = false;
});
And i am getting the error when the alert.update() is executing. please help me on this
The only thing I can see of note is the "! Important" section in the below MSDN article on the RunWithElevatedPrivileges function:
http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.spsecurity.runwithelevatedprivileges.aspx
It would seem you are doing some form of writing, and may not have called ValidateFormDigest?
Related
I am working on SharePoint 2016 CSOM to get list item version history. unfortunately i am not getting the field values. please find the code below.
var file = item.File;
var versionFiles = file.Versions;
var fa = file.ListItemAllFields;
clientContext.Load(fa);
clientContext.Load(file);
clientContext.Load(versionFiles);
clientContext.ExecuteQuery();
if (null != versionFiles)
{
var fileVersion = file.Versions[5];
SP.File oldFile =web.GetFileByServerRelativeUrl("/sites/site/_vti_history/1234/list1/file1.pdf");
var allField = oldFile.ListItemAllFields;
clientContext.Load(allField);
}
You could get version history metadata from Lists.asmx.
Sample code:
var web = clientContext.Web;
List spList = clientContext.Web.Lists.GetByTitle("MyDoc");
var item = spList.GetItemById(43);
clientContext.Load(spList);
clientContext.Load(item);
clientContext.ExecuteQuery();
#region customList
Lists.Lists listService = new Lists.Lists();
listService.Credentials = System.Net.CredentialCache.DefaultCredentials;
listService.Url = siteUrl + "/_vti_bin/lists.asmx";
XmlNode nodeAttachments = listService.GetVersionCollection(spList.Id.ToString(), item.Id.ToString(), "Title");
foreach (System.Xml.XmlNode xNode in nodeAttachments)
{
Console.WriteLine(xNode.Attributes["Title"].Value);
}
I'm using the following code to get all "Announcement" lists in a Web Applications site collection.
Unfortunately, sometimes the current user does not have permission to that site and the page fails with an exception, even inside the try block.
What would be the right way to do the following safely for all users, where even an anonymous user would just get no results?
static public List<SPListMeta> AllSiteAnnouncementsLists()
{
var returnList = new List<SPListMeta>();
foreach (SPSite oSiteCollection in SPContext.Current.Web.Site.WebApplication.Sites)
{
var collWebs = oSiteCollection.AllWebs;
try
{
foreach (SPWeb oWebsite in collWebs)
{
using (oWebsite)
{
var collSiteLists = oWebsite.GetListsOfType(SPBaseType.GenericList);
returnList.AddRange(from SPList oList in collSiteLists where oList.Title == "Announcements" select new SPListMeta(oList));
}
}
}
catch
{
}
}
return returnList;
}
Try give your code the right permission to execute.
using Microsoft.Sharepoint.Administrator;
SPSecurity.RunWithElevatedPrivileges(delegate(){
// Your source code goes here
});
To get all items of the specific list type from the site collection you have to use SPSiteDataQuery. Each user will get only those items they have permissions.
SPWeb web = SPContext.Current.Web;
SPSiteDataQuery query = new SPSiteDataQuery();
//Ask for all lists created from the announcement template.
query.Lists = "<Lists ServerTemplate=\"104\" />";
// Get the Title field. Define here all you need.
query.ViewFields = "<FieldRef Name=\"Title\" />";
// Set the sort order.
query.Query = "<OrderBy>" +
"<FieldRef Name=\"Title\" />" +
"</OrderBy>";
// Query all Web sites in this site collection.
query.Webs = "<Webs Scope=\"SiteCollection\" />";
DataTable dt = web.GetSiteData(query);
DataView dv = new DataView(dt);
This is what ended up working for me, though I do not know if it is the best way to do this.
static public List<SPListMeta> AllSiteAnnouncementsLists()
{
var returnList = new List<SPListMeta>();
var collWebs = SPContext.Current.Web.Site.WebApplication.Sites[0].OpenWeb().GetSubwebsForCurrentUser();
if(SPContext.Current.Site.RootWeb.DoesUserHavePermissions(SPBasePermissions.Open))
{
var collSiteLists = SPContext.Current.Site.RootWeb.GetListsOfType(SPBaseType.GenericList);
returnList.AddRange(from SPList oList in collSiteLists
where oList.DoesUserHavePermissions(SPBasePermissions.ViewListItems)
&& oList.BaseTemplate == SPListTemplateType.Announcements
select new SPListMeta(oList));
}
foreach (SPWeb oWebsite in collWebs)
{
returnList.AddRange(WebRecursion.GetListsForCurrentWeb(oWebsite, SPListTemplateType.Announcements));
foreach (SPWeb oSubSite in oWebsite.Webs)
{
returnList.AddRange(WebRecursion.GetListsForCurrentWeb(oSubSite, SPListTemplateType.Announcements));
}
}
return returnList;
}
public static List<SPListMeta> GetListsForCurrentWeb(SPWeb oWebsite, SPListTemplateType type)
{
var returnList = new List<SPListMeta>();
if (oWebsite.DoesUserHavePermissions(SPBasePermissions.Open))
{
using (oWebsite)
{
var collSiteLists = oWebsite.Lists;
returnList.AddRange(from SPList oList in collSiteLists
where oList.DoesUserHavePermissions(SPBasePermissions.ViewListItems)
&& oList.BaseTemplate == type
select new SPListMeta(oList));
}
}
return returnList;
}
I am getting the error "Disposable type not disposed Microsoft.SharePoint.SPWeb ***This may be a false positive depending on how the type was created or if it is disposed outside the current scope".
Below is my code :
public static int AddtoList( string title)
{
int returnValue = int.MinValue;
SPUser sysAcount = SPContext.Current.Web.AllUsers[#"SHAREPOINT\SYSTEM"];
SPUserToken sysAcountToken = sysAcount.UserToken;
using (SPSite siteCollection = new SPSite(SPContext.Current.Site.Url, sysAcountToken))
{
SPWeb currentWeb = siteCollection.RootWeb;
SPList list = currentWeb.Lists[MyList];
SPListItem newItem = errorList.Items.Add();
newItem[TitleColumnName] = title;
currentWeb.AllowUnsafeUpdates = true;
newItem.SystemUpdate(false);
currentWeb.AllowUnsafeUpdates = false;
returnValue = newItem.ID;
}
return returnValue;
}
I understood that when we use RootWeb we do not have dispose the object. Please let me know what does this error message mean and how do I correct it . I have several blogs bug failed to understand the error. Please help me.
Do you have the most up to date version of SPDisposeCheck?
An older version (Dec 2010?) incorrectly flagged .RootWeb
http://blogs.technet.com/b/stefan_gossner/archive/2010/12/15/first-issue-with-spdisposecheck-has-been-identified-by-the-community.aspx
Please try below code sample for SPDisposeChecker error resolve.
public static int AddtoList( string title)
{
int returnValue = int.MinValue;
SPUser sysAcount = SPContext.Current.Web.AllUsers[#"SHAREPOINT\SYSTEM"];
SPUserToken sysAcountToken = sysAcount.UserToken;
using (SPSite siteCollection = new SPSite(SPContext.Current.Site.Url, sysAcountToken))
{
//Add below code for dispose currentWeb object end of the functionality
using(SPWeb currentWeb = siteCollection.RootWeb)
{
SPList list = currentWeb.Lists[MyList];
SPListItem newItem = errorList.Items.Add();
newItem[TitleColumnName] = title;
currentWeb.AllowUnsafeUpdates = true;
newItem.SystemUpdate(false);
currentWeb.AllowUnsafeUpdates = false;
returnValue = newItem.ID;
}
}
return returnValue;
}
Happy SharePointing !!!
Thanks,
Does anyone know how to read the number of attachments, and the names etc for a ListItem using the Client .Net Object model in SharePoint?
Thanks
// For getting the list item field information
public void LoadPropertyInfo()
{
using (context = new ClientContext(siteCollectionUrl))
{
spWeb = context.Web;
propertiesList = spWeb.Lists.GetByTitle(listName);
FieldCollection fields = propertiesList.Fields;
context.Load(fields);
SP.CamlQuery query = new SP.CamlQuery();
query.ViewXml = string.Format("<View><Query><Where><Eq><FieldRef Name=\"{0}\" /><Value Type=\"Text\">{1}</Value></Eq></Where></Query></View>", propertyID, PropertyIDValue);
listItems = propertiesList.GetItems(query);
context.Load(listItems);
context.ExecuteQueryAsync(GetRequestSucceeded, RequestFailed);
}
}
// Pass the item id here for getting the attachments
private void GetAttchmentCollection(string id)
{
string RedirectHost = string.Empty;
string Host = string.Empty;
context = SP.ClientContext.Current;
RedirectHost = serviceUrl + "_vti_bin/Lists.asmx";
BasicHttpBinding binding = new BasicHttpBinding();
if (System.Windows.Browser.HtmlPage.Document.DocumentUri.Scheme.StartsWith("https"))
{
binding.Security.Mode = BasicHttpSecurityMode.Transport;
}
binding.MaxReceivedMessageSize = int.MaxValue;
EndpointAddress endpoint = new EndpointAddress(RedirectHost);
ServiceReference1.ListsSoapClient oClient = new ServiceReference1.ListsSoapClient(binding, endpoint);
oClient.GetAttachmentCollectionCompleted += new EventHandler<ServiceReference1.GetAttachmentCollectionCompletedEventArgs>(oClient_GetAttachmentCollectionCompleted);
oClient.GetAttachmentCollectionAsync(listName, id);
}
Your can try this link too.
http://helpmetocode.blogspot.com/2011/11/managed-client-object-models-in.html
I am trying to display a list of users in a custom webpart using the UserProfileManager. For some reason, I can view the webpart and all profiles are output to the screen (maybe because I am an administrator). But when a standard user logs in, they encounter a 403 page.
I have done some reading up on this and I know its something to do with permissions. This is what I have in my code:
private DataTable GetProfiles()
{
DataTable dtUserProfile = new DataTable();
//...DataTable Columns
SPSecurity.RunWithElevatedPrivileges(delegate()
{
Guid guid = SPContext.Current.Site.ID;
using (SPSite intranet = new SPSite(guid))
{
SPUserToken userToken = intranet.Owner.UserToken;
//Get current intranet context.
SPServiceContext sContext = SPServiceContext.GetContext(intranet);
UserProfileManager profileManager = new UserProfileManager(sContext);
int totalUsers = int.Parse(profileManager.Count.ToString());
Random random = new Random();
for (int i = 0; i < NumberOfUsersToRetrieve(NoOfProfiles, totalUsers); i++)
{
int randNumber = random.Next(1, totalUsers);
DataRow drUserProfile;
UserProfile up = profileManager.GetUserProfile(randNumber);
drUserProfile = dtUserProfile.NewRow();
drUserProfile["DisplayName"] = up.DisplayName;
drUserProfile["FirstName"] = up["FirstName"].Value;
drUserProfile["LastName"] = up["LastName"].Value;
drUserProfile["Department"] = up["Department"].Value;
drUserProfile["ContactNumber"] = up["Office"].Value;
drUserProfile["MySiteUrl"] = up.PublicUrl;
dtUserProfile.Rows.Add(drUserProfile);
}
}
});
return dtUserProfile;
}
My code basically gets a random collection of users depending on the number of users I want to return.
Is it possible to create a SPUserToken for a user that all permissions needed to retrieve the user profiles?
Thanks!
I appreciate this question is old, but I had the exact same problem. To help the original poster and other users, I have altered the code from the original post to the following:
SPSecurity.RunWithElevatedPrivileges(delegate()
{
SPSite sc = new SPSite(SPContext.Current.Site.ID);
SPServiceContext context = SPServiceContext.GetContext(sc);
HttpContext currentContext = HttpContext.Current;
HttpContext.Current = null;
UserProfileManager profileManager = new UserProfileManager(context);
IEnumerator profileEnum = profileManager.GetEnumerator();
while (profileEnum.MoveNext())
{
UserProfile up = (UserProfile)profileEnum.Current;
if ((up["FirstName"] != null && up["FirstName"].Value != null && !String.IsNullOrEmpty(up["FirstName"].Value.ToString()))
&& (up.PublicUrl != null && !String.IsNullOrEmpty(up.PublicUrl.ToString())))
{
DataRow drUserProfile;
drUserProfile = dtUserProfile.NewRow();
drUserProfile["DisplayName"] = up.DisplayName;
drUserProfile["FirstName"] = up["FirstName"].Value;
drUserProfile["LastName"] = up["LastName"].Value;
drUserProfile["Department"] = up["Department"].Value;
drUserProfile["Location"] = up["SPS-Location"].Value;
drUserProfile["MySiteUrl"] = up.PublicUrl.ToString().Replace(#"\", #"\");
dtUserProfile.Rows.Add(drUserProfile);
}
}
}
HttpContext.Current = currentContext;
Hopefully this code should resolve the error.
Instead of getting the UserToken of SPSite.Owner, have you tried SPSite.SystemAccount.UserToken, or SPWeb.AllUsers["user"].UserToken;
I'd do the latter if possible, rule of least privileges etc.