SharePoint RunWithElevatedPrivileges Example

The following example sends an email using elevated privileges.  This will elevate the privileges to execute using the service account.

The SPSecurity.RunWithElevatedPrivileges method taks a delegate method as its argument and executes that code with the service account.

SPSecurity.RunWithElevatedPrivileges( 
    delegate()
    {
        // Your code needing elevated permissions goes here.
    }
)

Example:

public void SendEmail(Email email) 
{ 
   SPSecurity.RunWithElevatedPrivileges(delegate() 
   { 
        SmtpClient mail = new SmtpClient();    MailMessage message = new MailMessage(); 
        message.From = new MailAddress(this.SenderAddress); 
        message.To.Add(email.To); 
        message.IsBodyHtml = email.IsHtml; 
                    
        if (!string.IsNullOrEmpty(email.Cc))            
            message.CC.Add(email.Cc); 
                    
        if (!string.IsNullOrEmpty(email.Bcc))            
            message.Bcc.Add(email.Bcc); 
                    
        if (!string.IsNullOrEmpty(this.ReplyToAddress))             
            message.ReplyTo = new MailAddress(this.ReplyToAddress); 
                    
        if (!string.IsNullOrEmpty(email.Subject))            
            message.Subject = email.Subject; 
                    
        if (!string.IsNullOrEmpty(email.Body))            
            message.Body = email.Body; 

        mail.Host = this.CentralAdminOutboundServerAddress; mail.Send(message); 
    });
}

SPSecurityTrimmedControl: Conditionally display contents by security

The SPSecurityTrimmedControl control will conditionally render the contents of this control to the current user only if the current user has access to the permission defined in the PermissionString.  The content can be any HTML code or control you like.  The PermissionString attribute defines the permission required to view the contents.  These Permissions are the same base values that are used in various combinations to the define the default Permission Levels that are created with each new site collection such as Design, Contribute, Read, etc…  You can also create your own custom Permission Levels for use in configuring your SharePoint security.  But remember, the PermissionString attribute can only be supplied valid Permission values, not Permission Levels.  There are 33 base SharePoint Permissions (Permission levels and permissions) of which any of these can be used.

This is a terrific control for use with your custom master pages and even with any custom SharePoint .ASPX pages you are hosting in SharePoint.

Attributes:

  • PermissionString: (required)
    Defines the permission values required to render the contents.
  • PermissionContext (optional):
    Enumeration Values:
    – PermissionContext.CurrentFolder
    – PermissionContext.CurrentItem
    – PermissionContext.CurrentList
    – PermissionContext.CurrentSite
    – PermissionContext.RootSite
  • PermissionMode (optional):
    Allows you to define whether All permissions are required or Any permission is required to render contents.
    Enumeration Values:
    – PermissionMode.All
    – PermissionMode.Any
Example:
<Sharepoint:SPSecurityTrimmedControl runat="server" PermissionsString="AddAndCustomizePages">
You can place any text or HTMl in this section. Only users having the AddAndCustomizePages permission will see this.
</SharePoint:SPSecurityTrimmedControl>
If you need to, you can even create your own Security Trimmer as shown here. 
http://msdn2.microsoft.com/en-us/library/aa981236.aspx

Another method worth noting is the RightsSensitiveVisibilityHelper.UserHasRights method. 
https://msdn2.microsoft.com/en-us/library/ms465624.aspx

References:

PermissionContext Enumeration (Microsoft.SharePoint.Utilities) 
http://msdn2.microsoft.com/en-us/library/microsoft.sharepoint.utilities.permissioncontext.aspx
SPBasePermissions Enumeration (Microsoft.SharePoint)
http://msdn2.microsoft.com/en-us/library/microsoft.sharepoint.spbasepermissions.aspx
PermissionMode Enumeration (Microsoft.SharePoint.Utilities)
http://msdn2.microsoft.com/en-us/library/microsoft.sharepoint.utilities.permissionmode.aspx
Permission Levels and Permissions 
http://office.microsoft.com/en-us/sharepointtechnology/HA101001491033.aspx 
SPSecurityTrimmedControl Class 
http://msdn2.microsoft.com/en-us/library/microsoft.sharepoint.webcontrols.spsecuritytrimmedcontrol.aspx 
DLC's SharePoint Platform Team Blog 
http://www.sharepointplatform.com/teamblog/Lists/Posts/Post.aspx?ID=31