Allowing UserProfileManager Permissions in SharePoint 2010

谁说胖子不能爱 提交于 2019-12-24 09:16:30

问题


I am trying to display a list of users in a custom webpart using the UserProfileManager. For some reason, I can view the webpart and all profiles are output to the screen (maybe because I am an administrator). But when a standard user logs in, they encounter a 403 page.

I have done some reading up on this and I know its something to do with permissions. This is what I have in my code:

private DataTable GetProfiles()
    {
        DataTable dtUserProfile = new DataTable();
        //...DataTable Columns

        SPSecurity.RunWithElevatedPrivileges(delegate()
        {
            Guid guid = SPContext.Current.Site.ID;

            using (SPSite intranet = new SPSite(guid))
            {
                SPUserToken userToken = intranet.Owner.UserToken;

                //Get current intranet context.
                SPServiceContext sContext = SPServiceContext.GetContext(intranet); 

                UserProfileManager profileManager = new UserProfileManager(sContext); 

                int totalUsers = int.Parse(profileManager.Count.ToString());

                Random random = new Random(); 

                for (int i = 0; i < NumberOfUsersToRetrieve(NoOfProfiles, totalUsers); i++)
                {
                    int randNumber = random.Next(1, totalUsers); 

                    DataRow drUserProfile; 

                    UserProfile up = profileManager.GetUserProfile(randNumber); 

                    drUserProfile = dtUserProfile.NewRow();

                    drUserProfile["DisplayName"] = up.DisplayName;
                    drUserProfile["FirstName"] = up["FirstName"].Value;
                    drUserProfile["LastName"] = up["LastName"].Value;
                    drUserProfile["Department"] = up["Department"].Value;
                    drUserProfile["ContactNumber"] = up["Office"].Value;                        
                    drUserProfile["MySiteUrl"] = up.PublicUrl;

                    dtUserProfile.Rows.Add(drUserProfile);
                }
            }
        }); 

        return dtUserProfile;
    }

My code basically gets a random collection of users depending on the number of users I want to return.

Is it possible to create a SPUserToken for a user that all permissions needed to retrieve the user profiles?

Thanks!


回答1:


I appreciate this question is old, but I had the exact same problem. To help the original poster and other users, I have altered the code from the original post to the following:

SPSecurity.RunWithElevatedPrivileges(delegate()
{
    SPSite sc = new SPSite(SPContext.Current.Site.ID);
    SPServiceContext context = SPServiceContext.GetContext(sc);

    HttpContext currentContext = HttpContext.Current;
    HttpContext.Current = null;

    UserProfileManager profileManager = new UserProfileManager(context);

    IEnumerator profileEnum = profileManager.GetEnumerator();

    while (profileEnum.MoveNext())
    {
        UserProfile up = (UserProfile)profileEnum.Current;

        if ((up["FirstName"] != null && up["FirstName"].Value != null && !String.IsNullOrEmpty(up["FirstName"].Value.ToString()))
            && (up.PublicUrl != null && !String.IsNullOrEmpty(up.PublicUrl.ToString())))
        {
            DataRow drUserProfile;

            drUserProfile = dtUserProfile.NewRow();

            drUserProfile["DisplayName"] = up.DisplayName;
            drUserProfile["FirstName"] = up["FirstName"].Value;
            drUserProfile["LastName"] = up["LastName"].Value;
            drUserProfile["Department"] = up["Department"].Value;
            drUserProfile["Location"] = up["SPS-Location"].Value;           

            drUserProfile["MySiteUrl"] = up.PublicUrl.ToString().Replace(@"\", @"&#92;");

            dtUserProfile.Rows.Add(drUserProfile);
        }
    }
}

HttpContext.Current = currentContext;

Hopefully this code should resolve the error.




回答2:


Instead of getting the UserToken of SPSite.Owner, have you tried SPSite.SystemAccount.UserToken, or SPWeb.AllUsers["user"].UserToken;

I'd do the latter if possible, rule of least privileges etc.



来源:https://stackoverflow.com/questions/5046363/allowing-userprofilemanager-permissions-in-sharepoint-2010

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!