SharePoint Security Tip: ExplicitlyContainsCurrentUser

When doing security programming, often times you will often run into group chaining, essentially this is when the current SPUser object is a member of a SPGroup through indirect association. However, often times the software requirement will be targeted to direct SPUser group membership, i.e. a user is an EXPLICIT member of a group, and not in a SPGroup which is nested in a parent SPGroup.

Within code, the use is pretty straightforward:

[csharp]
private void RemoveCurrentUserFromGroup(SPGroup group)
{
SPUser curUser = SPContext.Current.Web.CurrentUser;
if (group.ExplicitlyContainsCurrentUser)
{
group.Users.Remove(curUser.LoginName);
}
}
[/csharp]

Share

3 thoughts on “SharePoint Security Tip: ExplicitlyContainsCurrentUser”

Leave a Reply

Your email address will not be published. Required fields are marked *