Prash's Blog

Conditionally elevating security privileges to approve custom content type document July 14, 2009

Filed under: SharePoint — prazjain @ 9:48 pm
Tags: ,

In one of the posts before I had explained how to set content approval on a document library.

When you set content approval on that library, you would see that only when you are in admin / system account, that you can approve / reject documents else you cannot.

So here I would show you a scenario where you can elevate the privleges of the currently logged in user and approve / reject the document programmatically, depending on your business case.

Sample case : You have a Document Library “Custom List” which has documents of type “Custom Document”, now this “Custom Document” content type has some meta data associated with it i.e Document Type (which would be a kind of subtype to differentiate between different “Custom Document” files in the document library.
So based on this meta data / field of custom content type “Custom Document” we would decide if we want to automatically approve the document.

Here is the code that does the task :

1) To know how to enable content approval on a list programmatically, check the article here.

2) Now extend the class SPItemEventReceiver, to listen to the events the you are interested in handling.

3) Here we would capture the ItemUpdated event, and if the status of document is pending then elevate the privileges and approve the document.

public class CustomDocItemEventReceiver : SPItemEventReceiver
{
public override void ItemUpdated(SPItemEventProperties properties)
{
SPListItem item = properties.ListItem;
// if its a folder then return
if (item.Folder != null)
return;
// here you can have your code update the meta data of the document
//run with elevated rights
// store url of the list item in a variable as we would need to get a new instance of
// this list item in elevated privilege
string url = item.ParentList.ParentWeb.ServerRelativeUrl + "/" + item.Url;
// store the webGuid as we would need to get new instance of this web in elevate privilege
Guid webGuid = item.Web.ID;
// check if the document is in Pending state
if (item.ModerationInformation.Status == SPModerationStatusType.Pending)
{
// put a conditional logic that check if the list item meets the condition of being
// auto-approved.
bool approvalRequired = Helper.IsApprovalRequired(item);
if (!approvalRequired)
{
// disable event firing as you do not want recursive item updates to be invoked.
base.DisableEventFiring();
SPSecurity.RunWithElevatedPrivileges(delegate()
{
// important thing to keep in mind here is that you would need to get new instances to
// SPSite and SPWeb objects because the security privileges have changed. Just trying to
// get a reference to SPSite and SPWeb from objects that were instantiated in lower
// privileges would not work.
using (SPSite site = new SPSite(item.Web.Site.ID))
{
using (SPWeb web = site.OpenWeb(webGuid))
{
SPListItem elevatedItem = null;
elevatedItem = web.GetListItem(url);
elevatedItem.File.Approve("Updated by the system on major version increase");
}
}
});
// do not forget to enable the event firing again :)
base.EnableEventFiring();
}
}
}

}

This way a user with contribute permissions when updating the document can automatically approve the document.

Advertisements
 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s