Total Online Users: 9101

How to find a suitable job?

Home

Forums

Videos

Photos

Blogs

Beginners

Advertise with Us

| Consulting

Submit an Article

Submit a Blog




Remember Me

Forgot Password
Forgot Username
Why Register

Jump to

Technology

Website

Visual C# .NET

Visual Basic .NET

ASP.NET

Windows Longhorn

SQL Server 2005

Managed C++

Visual Studio 2005

Others

SQL

Visual C++ 6.0

COBOL .NET

Visual J#

Visual Studio .NET

XML

Pocket PC

Mobile & Embedded Development

Web Services

Sharepoint Portal Server

Design & Architecture

Enterprise Development

ASP.NET 2.0/3.5

Visual Web Developer 2005

SQL Server

HTML

SOA

Java Script

.NET 3.0

SQL Server 2008

JQuery

Share Point

Java

HTML 5

Active Directory C#

GDI+ & Graphics

Visual C#

Algorithms & AI

C# Assemblies

COM Interop

Compact Framework

Cryptography C#

Crystal Reports C#

Design & Architecture

DirectX C#

Exception Handling C#

Games Programming C#

Internet & Web

Mobile & Embedded

Programming Best Practices

Printing in C#

.NET Remoting

Security in .NET

Speech in C#

Arrays & Collections

ASP.NET

ASP.NET Controls

Windows Forms C#

Windows Controls C#

Windows Services

XML in C#

ADO.NET & Database

Web Services

ASP.NET 2.0/3.5

ADO.NET 2.0

Visual Studio 2010

SQL Server 2005

Tablet PC

Visual Studio .NET

C# 2.0

How do I

C# Language

Deployment

Office Development

Java and .NET

Threading in C#

ASP.NET 2.0 Controls

WebForms Controls

Web Forms

Pocket PC

Enterprise Development

Networking

Tutorials C#

MS Office for .NET

Current Affairs

COBOL.NET

Articles

Custom Controls C#

Testing

AJAX

LINQ

Error Zone

SharePoint

Learn .NET

SQL Server 2012

Reporting Services

XAML

WPF

WCF

WF

Robotics & Hardware

Project Management

String & StringBuilder

XNA

BizTalk Server

F#

Financial Applications

OOP/OOD

Silverlight

SQL

Databases & DBA

Hardware

Operating Systems

Team Foundation and VSS

ASP.NET & Web Forms

ASP.NET MVC & JQuery

Files & IO

Cloud Computing

ASP, JavaScript, CSS

Expression Studio

iPhone/iPad

JQuery

.NET 4.0

Career Advice

Message Queue

Windows PowerShell

HTML 5

Windows Phone

Android Programming

Java

Swings

JSP

Visual Studio LightSwitch 2011

Windows 8

MonoDevelop

Visual Basic .NET

Leadership

PHP

Chapters

Visual Studio 2011

VB.NET

Articles

Active Directory

ADO.NET & Database

Algorithms

COM Interop

Cryptography

Assemblies

Deployment

Design & Architecture

Crystal Reports

Exception Handling

LINQ

GDI+ and Graphics

Mobile .NET

Internet and Web

Visual Basic Language

Networking

Office and VB.NET

Pocket PC

Printing

Security

Strings & Arrays

Tablet PC

Multithreading

Windows Forms

Windows Controls

XML in VB.NET

Web Services

Language Syntaxes

Visual Basic 2005

Web Forms Controls

Web Forms

Windows Services

General

Enterprise Development

Games Programming

DirectX

Remoting in VB.NET

VB.NET Tutorials

FAQ

ASP.NET and Web

AJAX

How do I

Reporting Services

WCF

WPF

Silverlight

Speech in VB.NET

Workflow Foundation

XAML

Database & DBA

WCF

WPF

WPF Controls

Windows Vista

Windows Server 2008

How do I

XAML

XAML Reference

.NET 3.0/3.5 SDK

Deployment

Device Drivers

WWF

Expression Tools

Windows CardSpace

LINQ

Silverlight Controls

XLINQ

Silverlight

XAML Templates

WPF FAQ

WPF Documents

WPF References

.NET Heaven

C# Corner

DbTalks

Interview Corner

Longhorn Corner

Mindcracker

VB.NET Heaven

Sponsored by

Become a Sponsor

Resources

About Us

ASP.NET Hosting

Authors

Book Chapters

Book Reviews

Downloads

Media Kit

News & Events

Product Reviews

Tips

Tools

User Groups

Our Network

.NET Heaven

C# Corner

DbTalks

Interview Corner

Longhorn Corner

Mindcracker

VB.NET Heaven

Search :

Advanced Search »

Home » » Checking User Permissions in SharePoint Sites

Checking User Permissions in SharePoint Sites

By Shafiq Ahmed September 19, 2006

Page Views :	54203
Downloads :	0
Rating :	Rate it
Level :	Beginner

Sponsored by

6 Months Free & No Setup Fees ASP.NET Hosting!

Become a Sponsor

Similar ArticlesMost ReadTop RatedLatest

Sponsored by

Become a Sponsor

Tag Cloud

Latest Jobs

dot net developer

MCA

.NET Developer Needed

.Net Developer

Senior .Net Software Engineer

Senior Software Engineer

Senior WPF Developer

Software Developer

Application Developer

More ...

Latest Interview Questions

What is lazy loading?

What is Replication in MS SQL. ? Type of Replication.?

What are Value types and Reference types ?

What is boxing and unboxing ?

What are different types that a variable can be defined and their scopes ?

What is Strong name ?

Different types of authentication modes in .NET Framework ?

What is an Assembly ?

What is the difference between Metadata and Menifest ?

What is delay signing?

More ...

This tutorial will tell you how to check user permissions in SharePoint sites programmatically. This is a very popular question asked by users. I have included the complete source code of the application for your convenience. This application is helpful especially when you want to check user permissions in different sites without logging into SharePoint. Of course, manually checking permissions in each site will not be a good idea, especially if you are using SharePoint in an enterprise and your SharePoint hosts hundreds of sites. You can easily extend this application by adding functionality that will write the user names and their privileges in a text file or an excel sheet. I always ask users to consult SharePoint's SDK for detailed help and references. SDK contains easy to understand sample code. You can download the SDK from here:

http://www.microsoft.com/downloads/details.aspx?familyid=aa3e7fe5-daee-4d10-980f-789b827967b0&displaylang=en

Let's take a look at the code:

MsgBox(CheckGroupRights(txtSiteURL.Text, txtSubSite.text, txtUserLogin.Text))

We have called the main function, CheckGroupRights in the msgbox function. CheckGroupRights() returns a string telling us whether the user has rights in the subsite or not. Please note that this tool will look for "Reader" privileges only. For example, if you provide a user named as "domain\user1" then this tool will check whether user1 has reader rights or not. You can modify the code to check for any type of rights. Instead of using a message box, you can write the result in a string variable and later write it to a text file. For example,

Dim sResult As String

sResult = CheckGroupRights(txtSiteURL.Text, txtSubSite.text, txtUserLogin.Text)

If you look at the screen shot above, you will notice there are three fields where you would have to enter some text. For example, Site URL will contain the main URL of the site. User Login contains the user's login name, that is, complete login name including the domain, for example, domain1\johndoe. Sub Site Name is the name of the site where you want to check the permissions. For example, you have a subsite named as subsite1 under the main site which has the following URL:

http://mainsite/sites/site1

The application will form the following URL from the values provided by you:

http://mainsite/sites/site1/subsite1

Here is the code that checks the rights:

Function CheckGroupRights(ByVal FolderPath As String, ByVal SubSite As String, ByVal UserLogin As String) As String

'Notes:

'Folderpath: is the main url where you want to find the permissions. I know this is cumbersome to provide

'both the url of the main site and the name of the subsite but this is just a sample to show you how things

'work. I may make it more simpler in the next version provided i got enough time to make the modifications.

'Examples: Folderpath: http://mainportalsite/sites/site1

' http://mainportalsite

'SubSite: This should be the name of the subsite, it should not be a URL, e.g,

'abc, 123, site1, site2, site3, etc

'final url that will be formed if your folderpath contained http://mainsite/sites/site1 and subsite contained "abc", will be

'http://mainsite/sites/site1/abc

'userlogin: is the users domain login, e.g, domain\username

Try

Dim strStatus As String = "User " & UserLogin & " does not have Reader permissions in " & FolderPath & "/" & SubSite & "."

If Not FolderPath Is Nothing Or Not FolderPath = "" Then

Dim siteCollection As SPSite

siteCollection = New SPSite(FolderPath)

Dim site As SPWeb = siteCollection.OpenWeb(SubSite)

Dim allUsers As SPUserCollection = site.Users

Dim user As SPUser

For Each user In allUsers

If user.LoginName.ToUpper = UserLogin.ToUpper Then

Dim allGroups As SPRoleCollection = user.Roles

Dim group As SPRole

For Each group In allGroups

Dim right As Integer

right = group.PermissionMask And SPRights.ViewListItems

If right = SPRights.ViewListItems Then

strStatus = "User " & UserLogin & " has Reader permissions in " & FolderPath & "/" & SubSite & "."

Return strStatus

Exit Function

End If

Return strStatus

End If

Catch ex As Exception

MsgBox(ex.Message)

End Try

End Function

Code is pretty simple. Nothing fancy! Please look at these lines again:

.....

right = group.PermissionMask And SPRights.ViewListItems

If right = SPRights.ViewListItems Then
.....

SPRights.ViewListItems checks for the "Reader" privileges only. You can modify these lines to check other privileges. For example:

SPRights.ManageLists: Use "ManageLists" if you want to check whether the user has "Approver" rights in the subsite. User with these rights can add, edit, delete, approve content in the sites.

SPRights.EditListItems: User with these permissions can add, delete, modify site content but can not approve items in the site.

Similarly, you can check for many other types of privileges in the site. For complete list of rights, see SPS SDK.

I hope you will find this small tool useful. It is meant for learning purposes only. If you are a beginner, you can pick up hints from this code and can expand and make some other useful application out of this code. Stay tuned for more applications and tutorials!

Comment Request!
Thank you for reading this post. Please post your feedback, question, or comments about this post Here.

[Top]

Rate this article

12345

About the author

Shafiq Ahmed
S.S. Ahmed specializes in SharePoint and has been using SharePoint for the last 4 years. He has 8 years experience in developing web based applications. He uses C#, VB and PHP for developing web applications. He also designs graphical interfaces for web applications. Ahmed regularly writes about SharePoint.

Looking for C# Consulting?

C# Consulting is founded in 2002 by the founders of C# Corner. Unlike a traditional consulting company, our consultants are well-known experts in .NET and many of them are MVPs, authors, and trainers. We specialize in Microsoft .NET development and utilize Agile Development and Extreme Programming practices to provide fast pace quick turnaround results. Our software development model is a mix of Agile Development, traditional SDLC, and Waterfall models.

Click here to learn more about C# Consulting.

Introducing MaxV - one click. infinite control. Hyper-V Hosting from MaximumASP.
Finally – a virtual platform that delivers next-generation Windows Server 2008 Hyper-V virtualization technology from a managed hosting partner you can truly depend on. Visit www.maximumasp.com/max for a FREE 30 day trial. Hurry offer ends soon. Climb aboard the MaxV platform and take advantage of High Availability, Intelligent Monitoring, Recurrent Backups, and Scalability – with no hassle or hidden fees. As a managed hosting partner focused solely on Microsoft technologies since 2000, MaximumASP is uniquely qualified to provide the superior support that our business is built on. Unparalleled expertise with Microsoft technologies lead to working directly with Microsoft as first to offer IIS 7 and SQL 2008 betas in a hosted environment; partnering in the Go Live Program for Hyper-V; and product co-launches built on WS 2008 with Hyper-V technology.

Dynamic PDF
ceTE software specializes in components for dynamic PDF generation and manipulation. The DynamicPDF™ product line allows you to dynamically generate PDF documents, merge PDF documents and new content to existing PDF documents from within your applications.

Discover the top 5 tips for understanding .NET
Ricky Leeks presents the top 5 tips for understanding .NET Interoperability. Learn more.

Nevron Chart for .NET 2010.1 Now Available
The leading .NET charting control now features PDF, Flash and Silverlight export, visualization of large datasets and more. Deliver true charting functionality to your BI, Scorecard, Presentation or Scientific apps. Download evaluation now.

ASP.NET 4 Hosting
Get 2 Months Free of ASP.NET Hosting for Only $4.95/month! Receive FREE MS SQL and MySQL Databases Including ASP.NET 4/3.5, MVC 3.0, Silverlight 4, Windows 2008/IIS 7.0 Plus FREE IIS 7 Modules. Host UNLIMITED ASP.NET Web Sites – Click Here!

Post a Feedback, Comment, or Question about this article


Subject:
Comment:

Sponsored by

Become a Sponsor

Comments

Problem by Jamieson On June 13, 2007

I need to use this code or code similar to this to check permissions on an ASP .NET page for whether someone has permissions on the Sharepoint site. It only works if the AUTH_USER has permissions to Modify and Move users between site groups which makes checking their permissions pointless if they could just change their own permissions as they please. I was wondering if you knew of a way to get this to work for any user despite their permissions.

Reply | Email | Modify

Re: Problem by amit On August 6, 2007

Hi Jamie, Try executing this code with elevated permissions.This means even if the user has view permissions,behind the scene your code will execute with admin rights. e.g. SPSecurity.CodeToRunElevated myCode = new SPSecurity.CodeToRunElevated(getRights); SPSecurity.RunWithElevatedPrivileges(myCode); getRights function has all the above validation.Remember this function should not accept or return anything Amit

Reply | Email | Modify

Re: Re: Problem by amit On August 6, 2007

Hi, SPSecurity.CodeToRunElevated method is not quiet working in this case.Though the code executes well for all users,but as behind the scenes all the users have got whole access rights,so it always shows that each user has edit rights. Amit

Reply | Email | Modify

Getting user permissions when user exists in DL by amit On August 6, 2007

Hi, I want to use the above code,but my problem is that user might exists in People and Groups section {in this case above code works},but user can be a part of DL which is added to People and groups section.I am getting problem in second case. Any workarounds??? Amit

Reply | Email | Modify

MOSS by Manju On October 26, 2007

Do you have the updated code? Some of the class like SPRole is all obsolete now..Appreciate your reply. Thanks

Reply | Email | Modify

esr can help by Jack On January 28, 2008

In addition to this programmatic way there is also an easier one- using special software. I work very close with sharepoint server but I'm not into programming at all so every time I try to find some software products that can solve my tasks. For such purpuses I have found enterprise security reporter . http://www.scriptlogic.com/products/enterprisesecurityreporter/sharepoint/ This tool can easy report on sharepoint permissions and sharepoint security-related data including permission levels, groups, sites, libraries, accounts.

Reply | Email | Modify

How to use this in VBA? by Gus On March 20, 2009

What changes do I need to make to be able to use this in a Powerpoint 2003 module?

Reply | Email | Modify

SharePoint effective permissions web part by tanya On May 21, 2010

Our company developed a small web part for determining effective permissions for the users around SharePoint sites. You can read more about it at http://bit.ly/cOe6oT or download it free from our company site http://www.myitechnology.com

Reply | Email | Modify

Checking User Permissions in SharePoint Sites by Keith On March 21, 2011

Great article. Clear and concise. Just what I was looking for. Shafiq - keep writing.

Reply | Email | Modify

Current Version: 5.2011.8.6