No permission to access webApplication properties
-
09-12-2019 - |
Question
When activating a site feature I automaticly want to set a WebApplication property. Even if a farm administrator activates the feature, the security exception is thrown ("access denied").
AFAIK SPSecurity.RunWithElevatedPrivileges runs as a site admin, not farm admin. But HOW can this be done? I tried the following codes:
SPWebServiceCollection wsc = new SPWebServiceCollection(SPFarm.Local);
foreach (SPWebService ws in wsc)
{
SPWebApplicationCollection wac = ws.WebApplications;
foreach (SPWebApplication wa in wac)
{
try
{
if (wa.MaxQueryLookupFields < maxLookupFields)
{
wa.MaxQueryLookupFields = maxLookupFields;
}
}
catch (System.Security.SecurityException ex)
{
_log.ErrorFormat("Access denied");
}
}
}
Error at currentApplication.MaxQueryLookupFields = maxLookupFields
another attempt with same Exception:
SPSecurity.RunWithElevatedPrivileges(delegate()
{
SPWeb currentWeb = ContentTypes.ValidateFeatureActivation(properties);
using (SPSite site = new SPSite(SPContext.Current.Site.ID, SPUserToken.SystemAccount))
{
SPWebApplication currentApplication = site.WebApplication;
if (currentApplication.MaxQueryLookupFields < newMaxValue)
{
try
{
currentApplication.MaxQueryLookupFields = newMaxValue;
success = currentApplication.MaxQueryLookupFields == newMaxValue;
}
catch (System.Security.SecurityException ex)
{
_log.ErrorFormat("no permission");
}
} else
{
success = true;
}
}
});
Solution
I think that these properties are stored in Configuration Data Base. By security reason, access to this DB is limmited. This post describes how to solve this issue for self-site creation process. I think that the solution in your case will be the same.
Licensed under: CC-BY-SA with attribution
Not affiliated with sharepoint.stackexchange