DEVHIDE
Login Or Sign up

Update / Edit Sharepoint 2007 User Information List UIL

1.5k Views Asked by At

How to update Sharepoint 2007 User Information List (UIL) through C# code? My code works fine when logged in as an administrator, however when logged in as a simple user the code throws "Access Denied" error because simple user can't access UIL. I need some way to get the simple user to edit HIS OWN information (say EMAIL) in the UIL. Please help. It's very important. My code is like: 

string var_UserName = myUsername;
string var_newemail = [email protected];
SPSecurity.RunWithElevatedPrivileges(delegate()
                {
                    using (SPSite site = SPContext.Current.Site)
                   {
                        SPWeb curWeb = site.OpenWeb();

                        SPList userList = SPContext.Current.Web.SiteUserInfoList;
                        StringBuilder queryBuilder = new StringBuilder();
                        queryBuilder.Append(@"<Query>");
                        queryBuilder.Append(@"<OrderBy>");
                        queryBuilder.Append(@"<FieldRef Name='Title' />");
                        queryBuilder.Append(@"</OrderBy>");
                        queryBuilder.Append(@"<Where>");
                        queryBuilder.Append(@"<Eq>");
                        queryBuilder.Append(@"<FieldRef Name='Title' />");
                        queryBuilder.Append(@"<Value Type='Text'>" + var_UserName + "</Value>");
                        queryBuilder.Append(@"</Eq>");
                        queryBuilder.Append(@"</Where>");
                        queryBuilder.Append(@"</Query>");
                        SPQuery query = new SPQuery();
                        query.Query = queryBuilder.ToString();
                        SPListItemCollection oSPListItemCollection = userList.GetItems(query);
                        SPField field = userList.Fields.GetField("E-Mail");

                        foreach (SPItem item in oSPListItemCollection)
                        {
                            if (item["Title"].ToString().ToLower() == Login1.UserName.ToLower())
                            {
                             item[field.InternalName] = var_newemail;
                             curWeb.AllowUnsafeUpdates = true;
                             item.Update(); //throws error when not logged in as administrator
                             curWeb.AllowUnsafeUpdates = false;
                             break; 
                            }
                        }

                    }
                });
sharepoint sharepoint-2007 user-information-list
Original Q&A
2

There are 2 best solutions below

1
haydnD On

may want to try adding something like this to you code:

    string usName = null;
            SPClaimProviderManager mgr = SPClaimProviderManager.Local;
            if (mgr != null)
            {
                var claim = new SPClaim(SPClaimTypes.UserLogonName,
                                        SPContext.Current.Web.CurrentUser.LoginName,
                                        "http://www.w3.org/2001/XMLSchema#string",
                                        SPOriginalIssuers.Format(SPOriginalIssuerType.Windows));
                usName = mgr.EncodeClaim(claim);



so in your code just try adding:

SPSecurity.RunWithElevatedPrivileges(delegate()
                {
                    using (SPSite site = SPContext.Current.Site)
                   {

 **if (site.DoesUserHavePermissions(usName,SPBasePermissions.ViewPages))
{**


                        SPWeb curWeb = site.OpenWeb();

                        SPList userList = SPContext.Current.Web.SiteUserInfoList;
                        StringBuilder queryBuilder = new StringBuilder();
                        queryBuilder.Append(@"<Query>");
                        queryBuilder.Append(@"<OrderBy>");
                        queryBuilder.Append(@"<FieldRef Name='Title' />");
                        queryBuilder.Append(@"</OrderBy>");
                        queryBuilder.Append(@"<Where>");
                        queryBuilder.Append(@"<Eq>");
                        queryBuilder.Append(@"<FieldRef Name='Title' />");
                        queryBuilder.Append(@"<Value Type='Text'>" + var_UserName + "</Value>");
                        queryBuilder.Append(@"</Eq>");
                        queryBuilder.Append(@"</Where>");
                        queryBuilder.Append(@"</Query>");
                        SPQuery query = new SPQuery();
                        query.Query = queryBuilder.ToString();
                        SPListItemCollection oSPListItemCollection = userList.GetItems(query);
                        SPField field = userList.Fields.GetField("E-Mail");

                        foreach (SPItem item in oSPListItemCollection)
                        {
                            if (item["Title"].ToString().ToLower() == Login1.UserName.ToLower())
                            {
                             item[field.InternalName] = var_newemail;
                             curWeb.AllowUnsafeUpdates = true;
                             item.Update(); //throws error when not logged in as administrator
                             curWeb.AllowUnsafeUpdates = false;
                             break; 
                            }
                        }
}

                    }
                });
0
Suhail Wani On

The thing is: Don't use "context" to create the spSite object since it won't create the object with elevated privileges but with the privileges of the user who execute this code, which may cause an exception/error. So i just removed Context object and it works for any user. BINGO :) Like this:

string var_UserName = myUsername;
string var_newemail = [email protected];
SPSecurity.RunWithElevatedPrivileges(delegate()
            {
               using (SPSite site = new SPSite(Page.Request.Url.ToString())) //Change 1
               {
                    SPWeb curWeb = site.OpenWeb();

                    SPList userList = curWeb.Lists["User Information List"]; //Change 2
                    StringBuilder queryBuilder = new StringBuilder();
                    queryBuilder.Append(@"<Query>");
                    queryBuilder.Append(@"<OrderBy>");
                    queryBuilder.Append(@"<FieldRef Name='Title' />");
                    queryBuilder.Append(@"</OrderBy>");
                    queryBuilder.Append(@"<Where>");
                    queryBuilder.Append(@"<Eq>");
                    queryBuilder.Append(@"<FieldRef Name='Title' />");
                    queryBuilder.Append(@"<Value Type='Text'>" + var_UserName + "</Value>");
                    queryBuilder.Append(@"</Eq>");
                    queryBuilder.Append(@"</Where>");
                    queryBuilder.Append(@"</Query>");
                    SPQuery query = new SPQuery();
                    query.Query = queryBuilder.ToString();
                    SPListItemCollection oSPListItemCollection = userList.GetItems(query);
                    SPField field = userList.Fields.GetField("E-Mail");

                    foreach (SPItem item in oSPListItemCollection)
                    {
                        if (item["Title"].ToString().ToLower() == Login1.UserName.ToLower())
                        {
                         item[field.InternalName] = var_newemail;
                         curWeb.AllowUnsafeUpdates = true;
                         item.Update(); //throws error when not logged in as administrator
                         curWeb.AllowUnsafeUpdates = false;
                         break; 
                        }
                    }

                }
            });

Related Questions in SHAREPOINT

Related Questions in SHAREPOINT-2007

Related Questions in USER-INFORMATION-LIST

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

.

Copyright © 2021 Jogjafile Inc.