SharePoint Security Tip: ExplicitlyContainsCurrentUser
When doing security programming, often times you will often run into group chaining, essentially this is when the current SPUser object is a member of a SPGroup through indirect association. However, often times the software requirement will be targeted to direct SPUser group membership, i.e. a user is an EXPLICIT member of a group, and not in a SPGroup which is nested in a parent SPGroup.
Within code, the use is pretty straightforward:
- private void RemoveCurrentUserFromGroup(SPGroup group)
- SPUser curUser = SPContext.Current.Web.CurrentUser;
- if (group.ExplicitlyContainsCurrentUser)