模拟SharePoint 2013网站集管理员时拒绝访问

时间:2016-05-24 23:36:34

标签: c# security sharepoint permissions sharepoint-2013

我有一个SPUser,它是网站集管理员并包含在Owners组中,并且我在获取文档库时获得访问被拒绝错误,因为知道该库通过从站点本身继承来获取其权限。最烦人的部分是当我用这个用户登录网站时,我可以打开库并下载它的文件。

主要问题发生在使用与网站相同的AppPool的自定义Web Api中。我也尝试在控制台应用程序中测试该案例,我面临相同的结果。注意我正在使用网站AppPool的相同用户登录服务器,因此控制台应用程序运行系统帐户,这意味着runwithelevated工作,无论如何错误发生在GetList上,如下面评论代码中所述

以下是控制台应用代码示例:

var ListName = "Documents";
SPUserToken userToken = null;

//Getting the userToken to impersonate it
SPSecurity.RunWithElevatedPrivileges(delegate()
{
    using (SPSite site = new SPSite(SiteURL))
    {
        using (SPWeb web = site.OpenWeb())
        {
            web.AllowUnsafeUpdates = true;
            site.CatchAccessDeniedException = false;
            userToken = web.GetUserToken("mydomain\\myusername");
            site.CatchAccessDeniedException = true;
            web.AllowUnsafeUpdates = false;

        }
    }
});

//Accessing the site with this user so he just see what he should see
using (SPSite site = new SPSite(SiteURL, userToken))
{

    using (SPWeb web = site.OpenWeb())
    {
        web.AllowUnsafeUpdates = true;

        SPList list = web.GetList(ListName);//Here is the error

        var items = list.GetItems();

        web.AllowUnsafeUpdates = false;

    }

}

错误是:

An unhandled exception of type 'System.UnauthorizedAccessException' occurred in Microsoft.SharePoint.dll

Additional information: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

堆栈跟踪

at Microsoft.SharePoint.SPGlobal.HandleUnauthorizedAccessException(UnauthorizedAccessException ex)
at Microsoft.SharePoint.Library.SPRequest.GetMetadataForUrl(String bstrUrl, Int32 METADATAFLAGS, Guid& pgListId, Int32& plItemId, Int32& plType, Object& pvarFileOrFolder)
at Microsoft.SharePoint.SPWeb.GetList(String strUrl)
at SPTest.TestCls.GetUserContent(String SiteURL) in c:\Projects\SPTest\SPTest\SPTest\TestCls.cs:line 1155

0 个答案:

没有答案