SharePoint Security Tip: ExplicitlyContainsCurrentUser

When doing security programming, often times you will often run into group chaining, essentially this is when the current SPUser object is a member of a SPGroup through indirect association. However, often times the software requirement will be targeted to direct SPUser group membership, i.e. a user is an EXPLICIT member of a group, and not in a SPGroup which is nested in a parent SPGroup.

Within code, the use is pretty straightforward:

[csharp]
private void RemoveCurrentUserFromGroup(SPGroup group)
{
SPUser curUser = SPContext.Current.Web.CurrentUser;
if (group.ExplicitlyContainsCurrentUser)
{
group.Users.Remove(curUser.LoginName);
}
}
[/csharp]

Share