I'm having quite a hard time with security permissions for a webpart
that uses SPRoleAssignment. Any page the webpart is on gives a '403
Forbidden' error, unless browsing with the Admin account.
Steps I've taken to fix: (I know these are far from ideal attempts,
but this after I tried to rewrite a trust.config file )
1.) Set <trust level="Full" originUrl="" /> in the web.config
2.) Deployed the solution to the GAC
3.) I have also attempted to use the
SPSecurity.RunWithElevatedPrivileges as shown below:
SPWeb web = SPContext.Current.Web;
SPUser user = web.CurrentUser; // the calling user
// Uses the SHAREPOINT\system creds with the SPUser's
identity reference of user
SPSecurity.RunWithElevatedPrivileges(delegate()
{
// Gets a new security context using SHAREPOINT\system
using (SPSite site = new
SPSite(this.Page.Request.Url.ToString()))
{
using (SPWeb thisWeb = site.OpenWeb())
{
thisWeb.AllowUnsafeUpdates = true;
SPFolder folder = web.GetFolder(foldername);
SPListItem itemFolder = folder.Item;
SPRoleAssignmentCollection perms =
itemFolder.RoleAssignments;
foreach (SPRoleAssignment perm in perms)
Obviously none of these attempts have made a change at all, what am I
missing?!?!? I mean Full Trust Level, running from GAC even...