How to get all folders in a SPList, then checking permission "Contribute" for current user

Question

I have a sharepoint list like that:

List
---------Folder 1
-----------------Item 1
-----------------Item 2
---------Folder 2
-----------------Item 1
-----------------Item 2
---------Folder 3
-----------------Item 1
-----------------Item 2

1. How can I get all Folders in List?

2. After that checking if current user has Contribute permission on Folder 1, Folder 2, Folder 3?

Answer 1

To get the list of folders of a list you can use the Folders property of the SPList object:

private SPFolderCollection GetListFolders(SPList list) {
  return list.Folders; 
  // you can also do:
  // return list.Folders.Cast<SPFolder>().ToList();
  // to return a List<SPFolder> instead of a SPFolderCollection
}

To check if a given user has Contribute permission on a folder you need to get the SPListItem associated with the SPFolder, check for a RoleAssignment of the given user and check its RoleDefinitionBindings for the Contribute Role Definition:

private bool HasContributePermissionOnFolder(SPFolder folder, SPPrincipal user) {
  var contributePermission = folder.ParentWeb.RoleDefinitions["Contribute"];

  var roleAssignementsOfUser = folder.Item.RoleAssignments.Cast<SPRoleAssignment>()
    .Where(ra => ra.Member == user);

  var hasContributePermission = roleAssignementsOfUser
    .Where(ra => ra.RoleDefinitionBindings.Contains(contributePermission)).Count() > 0;

  return hasContributePermission;
}

Usage example

//remember to add using System.Linq; for the above code to work
//SPList list = <your list>;
//SPWeb web = <your web>;

var folders = GetAllFoldersOfList(list);

foreach (SPFolder folder in folders) {
  if (HasContributePermissionOnFolder(folder, spWeb.CurrentUser)) {
  // do stuff
}

Answer 2

private IEnumerable<SPFolder> GetListFolders(SPList list)
{
    return list.Folders.OfType<SPListItem>().Select(item => item.Folder);
}

Answer 3

Checking user permissions by checking their membership of role definitions is a bit risky. Who's to say that the role definition won't be renamed or that the base permissions included in the role definition won't have been modified.

If the goal is primarily to check the current user's permissions on a securable object then I think a better way is simply to call one of the overloaded DoesUserHavePermissions methods of the SPSecurableObject (SPListItem, SPList, SPWeb or SPSite) with the desired permission mask.