none
Getting Access Denied error when we try to add site columns to the OOB site content types

    Question

  • We are trying to add custom columns to the OOB Document, Task, etc. content type. When we try to use the following mechanism we are getting the

    access is denied issue.

    SPSecurity.RunWithElevatedPrivileges(delegate()
                        {
                            if (web.IsRootWeb)
                            {
                                SPContentType taskContentType = web.ContentTypes["Task"];
                                SPField taskSpField = web.Fields["Category"];
                                AddFieldLink(taskSpField, taskContentType);
                                taskContentType.Update(true);

                                SPContentType contentType = web.ContentTypes["Document"];
                                SPField field = web.Fields["Category"];
                                AddFieldLink(field, contentType);
                                contentType.Update(true);
                            }
                            else
                            {
                                SPContentType taskContentTyperoot = siteCol.RootWeb.ContentTypes["Task"];
                                SPField taskSpField = siteCol.RootWeb.Fields["Category"];
                                AddFieldLink(taskSpField, taskContentTyperoot);
                                taskContentTyperoot.Update(true);

                                SPContentType contentTyperoot = siteCol.RootWeb.ContentTypes["Document"];
                                if (!contentTyperoot.Fields.ContainsField("Category"))
                                {
                                    SPContentType contentType = siteCol.RootWeb.ContentTypes["Document"];
                                    SPField field = siteCol.RootWeb.Fields["Category"];
                                    AddFieldLink(field, contentType);
                                    contentType.Update(true);
                                }
                            }
                        });

    static void AddFieldLink(SPField field, SPContentType contentType)
            {
                // Is the FieldLink in the collection?
                SPFieldLink fieldLink = contentType.FieldLinks[field.Id];
                if (fieldLink == null) // No, so add it.
                {
                    fieldLink = new SPFieldLink(field);
                    contentType.FieldLinks.Add(fieldLink);
                }
            }

    In any order we are able to run the first instance. For example in the above scenario the column to the Task will be created, but the error occurs when we try to add column to the Document content type.


    Vijayaragavan, MCTS

    Monday, June 18, 2012 11:42 AM

Answers

  • The issue was resolved when I set the "updatechildren" property to "false". Since I want the column to be added only to the Task / Document conten type I shuold keep that property to false. Otherwise it will try to update the child content type as well. So it should be contentType.Update(false);


    Vijayaragavan, MCTS


    Tuesday, June 19, 2012 4:11 AM

All replies

  • You probably get this errror because  the SPSite (siteCol)  and SPWeb (web) objects that you use have been created outside  the RunWithElevatedPrivileges block. You need to create a new instance of SPSite and SPWeb inside the block to be able to use the application pool identity privileges.


     
    Refer to this site as an example: 
    http://blogs.msdn.com/b/sowmyancs/archive/2008/08/14/spsecurity-runwithelevatedprivileges-an-important-point-while-using-it-in-web-context.aspx


    Kind Regards Bjoern
    Blog




    Monday, June 18, 2012 12:40 PM
  • SPSecurity.RunWithElevatedPrivileges(delegate()
    {
      using ( SPSite site = new SPSite(SPContext.Current.Site.Url))
      {
        using (SPWeb web = site.RootWeb)
        {
           //code here
    
        }
      }
    });

    Regards


    I find it distasteful to beg for 'Mark as Answer' and 'Mark as helpful'. It's supposed to be about helping people, not about getting the high score.

    Monday, June 18, 2012 1:44 PM
  • Thanks for your response. I tried this as well, but still no luck.

    Vijayaragavan, MCTS

    Monday, June 18, 2012 2:05 PM
  • Even if the error is elsewhere,  you should keep it as suggested, otherwise there is no point in using RunWithElevatedPrivileges.  And btw  are you creating a new content type using Document as a parent or are you trying to modify the Document standard site content type itself ? Since many other content types are inherited from Document I would not recommend the latter alternative.  

    Kind Regards Bjoern
    Blog




    Monday, June 18, 2012 2:16 PM
  • I am keeping it as suggested and I am trying to modify the Document standard site content type.


    Vijayaragavan, MCTS

    Monday, June 18, 2012 2:33 PM
  • I'd guess   base content types like Item and Document have the ReadOnly property set to true. You must set it to false in your code before you can make changes. 

    Ref:  http://msdn.microsoft.com/nb-no/library/ms434692


    Kind Regards Bjoern
    Blog

    Monday, June 18, 2012 4:51 PM
  • Bjoern,

    In this case, I am able to add columns to Task / Document content types. But the problem is, during execution the first operation completes successfully and the second operation fails. For example, in the above snippet, the column to the "Task" content type is added successfully. Itt fails when it is adding column to the subsequent "Document" content type.


    Vijayaragavan, MCTS

    Tuesday, June 19, 2012 3:27 AM
  • The issue was resolved when I set the "updatechildren" property to "false". Since I want the column to be added only to the Task / Document conten type I shuold keep that property to false. Otherwise it will try to update the child content type as well. So it should be contentType.Update(false);


    Vijayaragavan, MCTS


    Tuesday, June 19, 2012 4:11 AM