Saturday, June 27, 2009

Understanding of securing objects in WSS 3.0

Hi All,

There is a way how we can secure the object in WSS. When I say secure it means objects exposes several methods which will allow us to determine the rights or the permission related stuff on list / document library level, item level and individual site level.

Here we are talking about understanding DoesUserHavePermissions method on these securable objects.

Let us take an example one by one. First we will talk about permission checking on site level.

Let’s say we have taken the reference of current site and it is stored in objWeb, then this method checks if the current user has permission to View the List Items?

// your code goes here

Second, we talk about the same permission set but on the list level.

Let’s say we have taken the reference of lstContacts and wants the check for the same view list items permission, then

// your code goes here

And at last the same with each item of list / doc lib as SPListItem object objItem.

// your code goes here

This method actually does not throw the exception if the permission is not there for the user, but there is one more method which does exactly the same thing, but throws the exception if the permission is not there for the user.

e.g. objWeb.CheckPermissions(SPBasePermissions.ViewListItems)

Above method checks the permission for the current user, but sometimes you may also require to check the same permission for some other user, well in that case, use the same method with overloaded method which has first parameter as string which takes the Login with domain name.

objItem.DoesUserHavePermissions({loginname}, SPBasePermissions.ViewListItems))

Well sometimes i think, is the name of this method correct? I mean shouldn't it be DoesUserHasPermission? if we see real grammer? your thoughts on this, readers? :)

Thank you

1 comment:

أحمد بن عمر باجابر said...

Nice post

And about the method's name, you're completely mistaken!! it MUST be (DoesUserHave...) but why? Ask a grammar expert :)

Share your SharePoint Experiences with us...
As good as the SharePointKings is, we want to make it even better. One of our most valuable sources of input for our Blog Posts comes from ever enthusiastic Visitors/Readers. We welcome every Visitor/Reader to contribute their experiences with SharePoint. It may be in the form of a code stub, snippet, any tips and trick or any crazy thing you have tried with SharePoint.
Send your Articles to with your Profile Summary. We will Post them. The idea is to act as a bridge between you Readers!!!

If anyone would like to have their advertisement posted on this blog, please send us the requirement details to