sharepoint - 无权访问 webApplication 属性

Question

激活站点功能时，我会自动设置 WebApplication 属性。这是代码：

   public override void FeatureActivated(SPFeatureReceiverProperties properties)
        {             
                SPWeb currentWeb = ContentTypes.ValidateFeatureActivation(properties);
                using (SPSite site = new SPSite(currentWeb.Site.Url))
                {
                    SPWebApplication currentApplication = site.WebApplication;
                    if (currentApplication.MaxQueryLookupFields < 20)
                    {

                        SPSecurity.RunWithElevatedPrivileges(delegate()
                        {
                            try
                            {
                                currentApplication.MaxQueryLookupFields = 20;
                            }

                            catch (System.Security.SecurityException ex)
                            {
                                _log.ErrorFormat("no permission");
                            }
                        });

                    }
                }                
        }

即使我是农场管理员激活了该功能，也会引发安全异常（“拒绝访问”）。在线

currentApplication.MaxQueryLookupFields = 20;

AFAIK SPSecurity.RunWithElevatedPrivileges 作为站点管理员而不是场管理员运行。但如何做到这一点？（没有 RunWithElevatedPrivileges 我得到了同样的例外。

Answer 1

您需要在 SPSecurity.RunWithElevatedPrivileges 中创建新的 SPSite、SPWeb 和 SPWebApplication 对象，否则您将以与当前用户相同的权限运行它们。例如

    public override void FeatureActivated(SPFeatureReceiverProperties properties)
        {
        SPSecurity.RunWithElevatedPrivileges(delegate()
             {             
                SPWeb currentWeb = ContentTypes.ValidateFeatureActivation(properties);
                using (SPSite site = new SPSite(currentWeb.Site.Url))
                {
                    SPWebApplication currentApplication = site.WebApplication;
                    if (currentApplication.MaxQueryLookupFields < 20)
                    {
                            try
                            {
                                currentApplication.MaxQueryLookupFields = 20;
                            }

                            catch (System.Security.SecurityException ex)
                            {
                                _log.ErrorFormat("no permission");
                            }


                    }
                }
            });                
        }

Answer 2

您应该在 RWEP 内实例化另一个 SPSite 对象以获取应用程序池标识上下文，因为在 RWEP 块之外创建的第一个 SPSite 是使用 SPSite 当前用户上下文创建的。所以试试这个：

public override void FeatureActivated(SPFeatureReceiverProperties properties)
    {
        SPWeb currentWeb = ContentTypes.ValidateFeatureActivation(properties);
        using (SPSite site = new SPSite(currentWeb.Site.Url))
        {
            SPSecurity.RunWithElevatedPrivileges(delegate()
            {
                using (SPSite _site = new SPSite(site.ID))
                {
                    SPWebApplication currentApplication = _site.WebApplication;
                    if (currentApplication.MaxQueryLookupFields < 20)
                    {
                        try
                        {
                            currentApplication.MaxQueryLookupFields = 20;
                        }
                        catch (System.Security.SecurityException ex)
                        {
                            _log.ErrorFormat("no permission");
                        }
                    }
                }
            });
        }
    }