SPCurrentUsers.wsp (logging status of users)

Dec 23, 2009 at 10:15 AM

Hi All,

I have downloaded this feature and installed in WSS site.

This feature works well only for users having contribute pernmission on site.

All the users who have read permission gets Access denied page if I activate this feature.

The Download is available at

http://spcurrentusers.codeplex.com/Release/ProjectReleases.aspx?ReleaseId=23415#DownloadId=58922

Please let me know the exact issue.

 

 

Coordinator
Dec 23, 2009 at 11:59 AM
AmarPhadtare wrote:

Hi All,

I have downloaded this feature and installed in WSS site.

This feature works well only for users having contribute pernmission on site.

All the users who have read permission gets Access denied page if I activate this feature.

The Download is available at

http://spcurrentusers.codeplex.com/Release/ProjectReleases.aspx?ReleaseId=23415#DownloadId=58922

Please let me know the exact issue.

 

 

The SPCurrentUsers is primarily built as a learning project, to explore using SharePoint native techniques to solve problems. That's why the solution will remain in a 0.9 beta version indefinitely; it is not intended for production use.

That said, the Access Denied problem may be solved by wrapping the code in a SPSecurity.RunWithElevatedPrivileges method. I'll leave that as an exercise for you :-)

.b

Dec 23, 2009 at 12:27 PM

Hi furuknap,

 

As you said Elevate the user permission.

I am not pretty much sure what impact it will have if I elevate the user permission from read access to system account.

The code will run under elevated permissions, will that affect the security permissions of other controls, web parts or anything else.


 

Coordinator
Dec 23, 2009 at 12:36 PM
AmarPhadtare wrote:

Hi furuknap,

 

As you said Elevate the user permission.

I am not pretty much sure what impact it will have if I elevate the user permission from read access to system account.

The code will run under elevated permissions, will that affect the security permissions of other controls, web parts or anything else.


 

If you use the SPSecurity.RunWithElevatedPriviliges method, you define exactly what part of the code should have increased permission. When the call to RWEP ends, the remaining code runs in user context.

.b

Dec 23, 2009 at 12:41 PM

Hi,

I am not sure which part of code should be run under Elevated permissions.

Which particular part of the code is causing Access Denied for users having "Read only" permission on home site.

 

 

Dec 23, 2009 at 12:42 PM

There are typically 5 .cs files.

Whcih particular file is causing the problem I am not sure of.

 

Coordinator
Dec 23, 2009 at 1:09 PM
AmarPhadtare wrote:

There are typically 5 .cs files.

Whcih particular file is causing the problem I am not sure of.

 

Actually, I don't remember the details myself, and I'm in the middle of SharePoint 2010 lab work, so I can check right now.

If you are using Visual Studio, you can attach to the IIS w3wp.exe process to debug, and the request the page as the limited user. Visual Studio will then pop up with the exact line of execution that fails.

You can read more about debugging SharePoint applications in the free companion issue to USP Journal issue 5. To get that free companion issue, sign up for the USPJ mailing list at http://www.understandingsharepoint.com/journal/uspj-mailing-list and you will be given the password to access the content. The issue is called SharePoint Development and Administration - Bonus Issue 3 - SharePoint Troubleshooting.

.b

Dec 24, 2009 at 8:56 AM

Hi,

Today I found out one more thing.

If I upload this solution on moss 2007, Its working fine. But if I work with WSS 3.0 site, all "read only"  users gets access denied.

Is this feature targeted to MOSS only. Or any other issues ?

Please help me out.

Thanks in Advance.

 

 

 

Aug 19, 2011 at 9:26 AM

Good job on making this.  You have a good almost complete solution for counting users. 

Of course, users with out write privileges can't write to the lists.   I actually fixed the anonymous user issue on the delegate control, but neglected to fix the read only user issue.  Anonymous users and read only users will be denied access due to the delegate control.

Anonymous users can be handled by checking if SPUser is null and not running the delegate control code.   You could probably run other code to track anonymous users by IP address in a custom list or database for that. 

Read-Only users just need to have an elevated privileges command added to the code.

Here's the SPCurrentUsersDelegateControl.cs with the modifications and debug output:

using System;
using System.Collections.Generic;
using System.Text;
using Microsoft.SharePoint;
using System.Web.UI.WebControls;

namespace SPCurrentUsers
{
    public class SPCurrentUsersDelegateControl : WebControl
    {
        protected override void OnLoad(EventArgs e)
        {
           
            Label lblDebug = new Label();

            lblDebug.Text = "DEBUG SPCurrentUsers DELEGATE CONTROL:<br /> ";
            try
            {
              

                // Get current web, use, user info list, and page list.
                SPWeb web = SPContext.Current.Web;
                SPUser spUser = web.CurrentUser;

                if (spUser != null)
                {
                    SPSecurity.RunWithElevatedPrivileges
                    (delegate()
                    {
                        using (SPSite elevatedSite = new SPSite(web.Url))
                        {

                            using (SPWeb elevatedWeb = elevatedSite.OpenWeb())
                            {

                                //spUser = elevatedWeb.CurrentUser;
                                // Interestingly, the spUser inside the RunWithElevatedPrivileges section is the administrator account.


                                lblDebug.Text += "SPUser: " + spUser.Name + "<br />";
                                SPList userList = elevatedWeb.SiteUserInfoList;

                                // Grab the user SPListItem from the user info list
                                SPListItem user = userList.Items.GetItemById(spUser.ID);
                                string thisPage = this.Page.Request.Path;
                                user["LastPageHitTime"] = DateTime.Now.ToString();
                                user["LastPageHitUrl"] = thisPage;
                                try
                                {
                                    // AllowUnsafeUpdates required on GET requests
                                    elevatedWeb.AllowUnsafeUpdates = true;
                                    user.Update();
                                    elevatedWeb.AllowUnsafeUpdates = false;
                                    lblDebug.Text += "User Info Updated.";
                                }
                                catch (Exception ex)
                                {

                                    lblDebug.Text += "Error Updating User Info: " + ex.Message + "<br />";
                                }

                                // TODO: Add code to add page to PageList
                                // Grab the Page list
                                SPList pageList = elevatedWeb.Lists["SPCurrentUsers Pages"];
                                // Create a query object to hold CAML query
                                SPQuery query = new SPQuery();

                                // Build the CAML query
                                query.Query = @"
                            <Where>
                                <Eq>
                                    <FieldRef Name=""Title"" />
                                    <Value Type=""Text"">" + thisPage + @"</Value>
                                </Eq>
                            </Where>";
                                // And retrieve the results
                                SPListItemCollection pageItems = pageList.GetItems(query);
                                if (pageItems.Count < 1)
                                {
                                    double defaultSessionLength;
                                    // Try reading the default session duration, with a bit of error handling.
                                    try
                                    {
                                        defaultSessionLength = double.Parse(
                                            elevatedWeb.Properties["SPCurrentUsersDefaultSessionDuration"]);
                                    }
                                    catch (Exception)
                                    {
                                        // If we can't read property, use default value
                                        defaultSessionLength = 15.0;
                                    }
                                    // Create a new list item in Pages list
                                    SPListItem newPageItem = pageList.Items.Add();
                                    // Set the properties
                                    newPageItem["Title"] = thisPage;
                                    newPageItem["Page Session Timeout"] = defaultSessionLength;
                                    // and then save.
                                    // Note that we still need to use AllowUnsafeUpdates
                                    try
                                    {
                                        elevatedWeb.AllowUnsafeUpdates = true;
                                        newPageItem.Update();
                                        elevatedWeb.AllowUnsafeUpdates = false;
                                    }
                                    catch (Exception ex) { lblDebug.Text += "Error updating Page List: " + ex.Message + "<br />"; }

                                } //end if
                            } //end using SPWeb
                        } //end using SPSite

                    }); //End Delegate Run With Elevated Privileges


                }
                else
                {
                    lblDebug.Text += "User logged in anonymously.<br />";
                }//end if SPUser!=null
            }
            catch (Exception ex) { lblDebug.Text += "Error occurred in SPCurrentUser: " + ex.Message + "<br />"; }

            //lblDebug.Visible = false;  //Either set lblDebug.Visible to false or don't add it to the controls if you want to hide debug info.
            Controls.Add(lblDebug);
        }
     
    }
}

Before I go production with the version I'm working on, I'm probably going to add in functionality to track anonymous users via IPAddress and of course hide the debug output. 

   However, the above changes are what the author was talking about with run with elevated privileges.