[Original] a question about spsecurity. runwithelevatedprivileges [a problem about spsecurity. runwithelevatedprivileges

For spsecurity. runwithelevatedprivileges, there are manyArticleIt is used to execute privileges.CodeBut I have always reported permission exceptions in today's calls, so I need to take a closer look at it and pay attention to the following two issues:

1. spsecurity. runwithelevatedprivileges must be executed in a new context. This means that a new spsite and spweb are required. For example, the error code is as follows:

 
Spsecurity. runwithelevatedprivileges (Delegate() {Splist list = spcontext. Current. Web. list ["List name"] ;});
 

At this time, the running context is still the current user (for example, an anonymous user is not logged on), and its privileges are not elevated. Therefore, the following code is required to run the program correctly.

 spsecurity. runwithelevatedprivileges ( DeleGate  () {guid siteid = spcontext. current. web. site. ID;  using  (spsite impersonatedsite =  New  spsite (siteid )) { using  (spweb = impersonatedsite. rootweb) {splist list = web. list [ "list name" ] ;}}); 

 

2. essence of spsecurity. runwithelevatedprivileges

Spsecurity. runwithelevatedprivileges uses the system account Account to execute code.ProgramThe user in the associated application pool to execute the code.

in this image, the code is executed using the dev \ administrator account. Now there is a problem: if Dev \ administrator is not a website set user, or is it not the management of the website set? The answer is: exceptions may be reported due to insufficient permissions. Therefore, you must configure the identified account as the account corresponding to the system account of the website set or an administrator account. Similarly, if you want to call the corresponding attributes or methods in the spfarm instance in the code, pay attention to whether the user configured in the application pool is the server farm administrator, otherwise, a permission exception is reported.