none
Error Loading and running event receiver: Access is Denied RRS feed

  • Question

  • I wrote an event handler using SP 2010 Server object model which responds to an event when a document library is created.

    when I try to create a library the event executes perfectly and everything is fine. This is because I am farm admin.

    Now when I create a fresh site collection and a test user who is the owner of that site collection creates the library they get error

    Error loading and running event receiver PS.SharePoint2010.ReportingServices.ReportLibraryWebEventReceiver.ReportLibraryWebEventReceiver in PS.SharePoint2010.ReportingServices, Version=1.0.0.0, Culture=neutral, PublicKeyToken=aa2a6b1bda61cf67. Additional information is below.

    : Access is denied

    Funny thing is that I have resolved this error once over here

    http://social.msdn.microsoft.com/Forums/en-NZ/sharepoint2010general/thread/368411e7-0c35-44b2-82d2-c2df82800e65

    And based on my own suggestion my current event handler looks like

           public override void ListAdded(SPListEventProperties properties)
           {
               base.ListAdded(properties);
               if (properties.TemplateId == 433) {
                   EventLog.WriteEntry("PS.SharePoint2010.ReportingServices", "++++ Report Library Created: " + properties.ListTitle);
    
                   string webUrl = properties.Web.ServerRelativeUrl;
                   string siteUrl = properties.Web.Site.Url;
                   string url = properties.List.DefaultViewUrl.Substring(0, properties.List.DefaultViewUrl.IndexOf("/Forms"));
    
                   SPSecurity.RunWithElevatedPrivileges(delegate() {
                       EventLog.WriteEntry("PS.SharePoint2010.ReportingServices", "++++ Elevated Permissions v2 ++++");
    
                       using (SPSite site = new SPSite(siteUrl)) {
                           using (SPWeb web = site.OpenWeb(webUrl)) {
                               
                               // create the permission level
                               CreatePermissionLevel(web, site);
    
                               // Create SP Group
                               CreateGroup(web, site);
                               
                               SPList list = web.GetList(url);
    
                               if (list != null) {
                                   // Add SSRS Content types
                                   // Remove irrelevant Content types
                                   FixContentTypes(web, list);
    
                                   // Change the default view to SSRS requirements
                                   ChangeDefaultView(list);
    
                                   // Remove all other views
                                   RemoveOtherViews(list);
                               }
                           }
                       }
                   });
               }
           }
    

    So you can see that inside the RunWithElevatedPrivileges I have created a new SPSite object and then every other object like SPWeb, SPList is also built new.

    But still the code fails for all test users. It works for me because I am farm admin/local admin.

    where am I going wrong?


    MSDNStudent Knows not much!

    Thursday, June 7, 2012 1:25 PM

Answers

  • I resolved the error. 

    I moved the permission level and group creation logic into the feature activation method instead of the library creation event.

    the problem got resolved after this change was made.


    MSDNStudent Knows not much!

    • Marked as answer by Shimin Huang Wednesday, June 13, 2012 7:21 AM
    Friday, June 8, 2012 12:20 AM

All replies

  • I looked into ULS Log and found more details

    06/07/2012 09:18:58.98 w3wp.exe (0x12E8)                       0x140C SharePoint Foundation         General                       6875 Critical Error loading and running event receiver GS.SharePoint2010.ReportingServices.ReportLibraryWebEventReceiver.ReportLibraryWebEventReceiver in GS.SharePoint2010.ReportingServices, Version=1.0.0.0, Culture=neutral, PublicKeyToken=aa2a6b1bda61cf67. Additional information is below.  : You cannot customize permission levels in a web site with inherited permission levels. 35f6a72c-ceaa-49f9-8cec-2196bc6b46aa
    06/07/2012 09:18:59.08 w3wp.exe (0x12E8)                       0x140C SharePoint Foundation         Monitoring                     b4ly High     Leaving Monitored Scope (Render WebPart AddGalleryWebPart). Execution Time=345.072907310845 35f6a72c-ceaa-49f9-8cec-2196bc6b46aa

    So I think the problem is coming because of method CreatePermissionLevel which creates a new permission level. But why can't I create a new permission level on the root web in the event handler?


    MSDNStudent Knows not much!

    Thursday, June 7, 2012 1:50 PM
  • The problem as you said is in the CreatePermissionLevel method. Can you post that method?
    Thursday, June 7, 2012 1:55 PM
  •        private void CreatePermissionLevel(SPWeb web, SPSite site) {
               SPRoleDefinitionCollection defCol = site.RootWeb.RoleDefinitions;
               if (defCol != null && defCol.Count > 0) {
                   SPRoleDefinition def = null;
                   foreach (SPRoleDefinition temp in defCol) {
                       if (temp.Name.Equals(Constants.SSRSReportViewerPermissionLevel)) {
                           def = temp;
                       }
                   }
    
                   if (def == null) {
                       // create new permission level
                       SPRoleDefinition ssrsRoleDef = new SPRoleDefinition();
                       ssrsRoleDef.Name = Constants.SSRSReportViewerPermissionLevel;
                       ssrsRoleDef.Description = Constants.SSRSReportViewerPermissionLevel;
                       ssrsRoleDef.BasePermissions &= SPBasePermissions.EditListItems;
                       ssrsRoleDef.BasePermissions |= SPBasePermissions.ViewListItems;
                       ssrsRoleDef.BasePermissions |= SPBasePermissions.OpenItems;
                       ssrsRoleDef.BasePermissions |= SPBasePermissions.ViewVersions;
                       ssrsRoleDef.BasePermissions |= SPBasePermissions.ViewFormPages;
                       ssrsRoleDef.BasePermissions |= SPBasePermissions.ViewPages;
                       ssrsRoleDef.BasePermissions |= SPBasePermissions.BrowseUserInfo;
                       ssrsRoleDef.BasePermissions |= SPBasePermissions.UseRemoteAPIs;
                       ssrsRoleDef.BasePermissions |= SPBasePermissions.Open;
                       web.RoleDefinitions.Add(ssrsRoleDef);
                       web.Update();
                   }
                   else {
                       EventLog.WriteEntry("PS.SharePoint2010.ReportingServices", "++++ SSRS Report Viewer PermissionLevel Already exists.");
                   }
               }
           }
    


    MSDNStudent Knows not much!

    Thursday, June 7, 2012 2:23 PM
  • Hi

    Try adding this line after the if (def == null) {  line

    web.RoleDefinitions.BreakInheritance(true, false);
    Beware though that this call will set unique   permissions for the site referenced by web.

    Kind Regards Bjoern
    Blog


    Thursday, June 7, 2012 3:32 PM
    Moderator
  • But here is the thing.... I am creating the document library in the RootWeb so where is the question of breaking inheritence?

    My understanding was that the concept of breaking inheritence is only applicable for "subWebs"

    but if you see my code the premission level is being put on the rootweb.

    So I don't understand the permission break thing.


    MSDNStudent Knows not much!

    Thursday, June 7, 2012 3:43 PM
  • Logically you are right, but I'd guess this will work anyhow since each site is itself a securable object on which permissions can be assigned  , and the top level site is a site just like the sub sites , with the same set of properties that can be modified .  But maybe you should also reconsider why you want to manipulate the top level site settings this way.


    Kind Regards Bjoern
    Blog


    Thursday, June 7, 2012 4:04 PM
    Moderator
  • I resolved the error. 

    I moved the permission level and group creation logic into the feature activation method instead of the library creation event.

    the problem got resolved after this change was made.


    MSDNStudent Knows not much!

    • Marked as answer by Shimin Huang Wednesday, June 13, 2012 7:21 AM
    Friday, June 8, 2012 12:20 AM