开发者

Site members/visitors get access denied error page because of webpart

I`v developed custom webpart. I can add it to page and site owners can view page with no problems.

However Site visitors/users get redirected to access denied error page. Sure, I must be doing some stuff normal users are not allowed to.

But the thing that bugs me is that when I place breakpoint in webpart constructor or even variable declaration it won't get hit! (If i try to view page with limited privileges). But in my browser, I get the access denied page. However, if I close that webpart, I instantly have access to that page and everything is OK.

开发者_C百科What's the catch here? I was hoping I could catch exception with debugger to see which statement is guilty one, but it seems webpart doesn't execute any code and I get that exception.

Edit: Sorry, turns out debugger now hits those breakpoints. Don't know what changed, because symbols were loaded.


What is the trust level at your Sharepoint site ? You might want to give Fulltrust temporarily to see if you have any access problems.

If yes, then you might have a Code Access Security (CAS) problem on your hands. My first instinct is that your assembly does not have neccessary privilages to run correctly for normal users. You can configure it using custom CAS entry in the manifest.xml for the webpart, e.g. if you are calling external resources then you might have to configure System.New.WebPermission and define which url you are allowed to access. You can find more info on this at the U2U site.

Also what does your webpart do ? If you are trying to access resources which normal users don't have access to (e.g. a list in some site) then you have to use the SPSecurity.RunWithElevatedPrivilages method, so that you have the neccessary privilages (be careful to create new Site instance within that method so that the Context populates correctly).


Found the solution.

Turns out that i wanned to determine if user belongs to a specific group by trying to access that group users. As this was impossible if a user doesn't have such a permissions, it was throwing some kind of internal exception with message

"Unable to evaluate expression because the code is optimized or a native frame is on top of the call stack."

Anyways, i now learned to loop through SPUser.Groups (SPGroupCollection) and check if we have a matching group rather than enumerating group principals and seeing if he's inside.


You need to give permission(update personal webpart) to the visitor group. However, it is not recommended. If you want you can create a separate permission level and associate it with the visitors group.

Cheers!!

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜