Adding members to groups i am not a member of
https://sharepoint.stackexchange.com//questions/57098
-
10-12-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have a process which runs in a event receiver, this involves adding users from ad to groups based on the contents of a custom list.
The problem occurs when i try to add a user into a group that i am not a member of (or whoever the logged in user is).
I am in sandboxed solution so i cant use RunWithElevatedPrivelages.
Is there any way to get around this limitation?
Solution
As other suggested the limitation is indeed put in place as a security measure. Under normal condition sandboxed solutions shouldn't be able to perform privilege elevation as that would enable them to escape the security context of the sandbox. So I fear there is no built in way to perform what you are asking directly.
That said, if you just have to another solution comes to mind. You could implement a full-trust proxy that will perform the required operations outside of the sandbox limits. This way you are delegating the task to an "external" module that is defined as "trusted" by your SharePoint farm. There are many tutorial about this (on msdn or extarnal blogs), but keep in mind that a full trust proxy is actually a farm solution, so you need to ensure that you are actually allowed to use it (trad: ensure there aren't random policies created by the standard SharePoint it admin mad-hatter) before starting.
OTHER TIPS
No, it's entirely by design. To do this either the user(s) needs permissions, or you need to run elevated.
If you don't need to add users to group imediately, you can create list with 2 columns - user, group - add here your desired value pairs and every hour/day run timer job on this list.
