Comparing SPPrincipal Objects To See If Same Member

More because I needed to recall this method that anything. Simple helper method consuming two SPPrincpal objects to compare the membership. Simple property and type testing, nothing very fancy.

[csharp]

public static bool SameMember(SPPrincipal x, SPPrincipal y)

{

if ((x is SPGroup) && (y is SPGroup))

{

var leftGroup = x as SPGroup;

var rightGroup = y as SPGroup;

return string.Equals(leftGroup.Name, rightGroup.Name, StringComparison.CurrentCultureIgnoreCase);

}

if (!(x is SPUser) || !(y is SPUser))

{

return false;

}

var leftUser = x as SPUser;

var rightUser = y as SPUser;

if ((!leftUser.IsDomainGroup || !rightUser.IsDomainGroup) && (leftUser.IsDomainGroup || rightUser.IsDomainGroup))

{

return false;

}

return string.Equals(leftUser.LoginName, rightUser.LoginName, StringComparison.CurrentCultureIgnoreCase);

}

[/csharp]

Share

Get SPGroup, If Not Available, Create!

When developing for calls to SPGroup objects in SharePoint, often times it is best to guarantee that the group exists by placing a creation guard clause in that will create the SPGroup if it is not available off the SPWeb from the initial query.

The GetGroupOrCreate method provided below does just that:

[csharp]
public static SPGroup GetGroupOrCreate(SPWeb web, string name, string description, SPUser owner, SPUser defaultUser, bool associate)
{
SPGroup groupToReturn = null;
foreach (SPGroup group in web.SiteGroups)
{
if (!group.Name.Equals(name, StringComparison.InvariantCultureIgnoreCase)) continue;

groupToReturn = group;
break;

}
if (groupToReturn == null)
{
web.SiteGroups.Add(name, owner, defaultUser, description);
groupToReturn = web.SiteGroups[name];
}
if (associate && !web.AssociatedGroups.Contains(groupToReturn))
{
web.AssociatedGroups.Add(groupToReturn);
web.Update();
}
return groupToReturn;
} [/csharp]

The SPWeb parameter is the web associated with the SPGroup you wish to query or create

The name parameter represents the name of the group to query or create

The description parameter provides a description for the SPGroup if creation is required

The owner parameter is the owner of the SPGroup represented by an SPUser object

The defaultUser parameter is the first SPUser to be put into the SPGroup

The boolean associated defines whether the SPGroup should be added to the SPWeb.AssociatedGroups collection

It is important to note that I am using InvariantCultureIgnoreCase to perform a case-insensitive string comparison using the word comparison rules of the invariant culture.

Share

SharePoint Security Tip: ExplicitlyContainsCurrentUser

When doing security programming, often times you will often run into group chaining, essentially this is when the current SPUser object is a member of a SPGroup through indirect association. However, often times the software requirement will be targeted to direct SPUser group membership, i.e. a user is an EXPLICIT member of a group, and not in a SPGroup which is nested in a parent SPGroup.

Within code, the use is pretty straightforward:

[csharp]
private void RemoveCurrentUserFromGroup(SPGroup group)
{
SPUser curUser = SPContext.Current.Web.CurrentUser;
if (group.ExplicitlyContainsCurrentUser)
{
group.Users.Remove(curUser.LoginName);
}
}
[/csharp]

Share