What is the command to elevate privileges in the Sharepoint Online (Office 365)?

Question

What is the equivalent of the Farm Solution command to elevate privileges in the Sharepoint Online (Office 365) environment?
In Farm Solution for Sharepoint on-premise, in server-side languages like C#, we use

SPSecurity.RunWithElevatedPrivileges
or we use the system account token
new SPSite(weburl, SPUserToken.SystemAccount))

BUT what we can use in a Sharepoint-Addin developed for Sharepoint Online (without server side code, so with a client side language like Javascript)? If an equivalent exists.

Answer 1

How bad does it stink that you can’t elevate to the application pool account in Office 365. It used to make things like cross site reads so much easier but from a security perspective totally makes sense it doesn’t exist. There really is no delegated replacement

you can make the process slightly less painless by using the relevant objects within an extension method off a ClientContext object. Here is the extension method:

public static ClientContext BuildImpersonatedClientContext(this ClientContext context, string username, string password)
{
SecureString secureStrPwd = new SecureString();
foreach (char x in password)
{
secureStrPwd.AppendChar(x);
}
SharePointOnlineCredentials credentials = new SharePointOnlineCredentials(username, secureStrPwd);
context.Credentials = credentials;
return context;
}

To use the method, just invoke it as such:

ClientContext impersonatedContext = new ClientContext("MyUrl").BuildImpersonatedClientContext("user", "password");

http://www.sharepointsecurity.com/sharepoint/sharepoint-development/runwithelevatedprivileges-in-sharepoint-online-office-365/

Answer 2

For SharePoint Addin, you need to given appropriate permissions rights like tenant, site collection, web etc. In your Addin you need to use app-only context while connecting to SharePoint, in this way you can elevate the privileges.