How to Programmatically Impersonate Users in SharePoint

 

Sometimes when creating SharePoint web or console applications, you may need to execute specific code blocks in another user's context.

Impersonating users in SharePoint will require a couple of things:

• the account that the web or console app uses has privileges to impersonate other users (typically this would be the system account)
• specific users' user tokens

Step 1: Log in as the system account, or get a handle to the system account in your code

string siteStr = "http://mysharepointsite/";

   

//we just need to get a handle to the site for us

//to get the system account user token

SPSite tempSite = new SPSite(siteStr);

   

SPUserToken systoken = tempSite.SystemAccount.UserToken;

   

using (SPSite site = new SPSite(siteStr, systoken))

{

   using (SPWeb web = site.OpenWeb())

   {

       //right now, logged in as Site System Account

       Console.WriteLine("Currently logged in as: " +

                        web.CurrentUser.ToString());

   

       //add your code here

   }

}

Step 2: Before you impersonate, get the user token of the user you are switching to. For example:

//get this current user's user token

SPUserToken userToken = web.AllUsers[user].UserToken;

   

//create an SPSite object in the context of this user

SPSite s = new SPSite(siteStr, userToken);

   

SPWeb w = s.OpenWeb();

Console.WriteLine("Currently logged in as: " +

                  w.CurrentUser.ToString() +

                  "(" + w.CurrentUser.Name + ")"

                 );

Complete code follows:

private static void impersonateTest()

{

   string siteStr = "http://mysharepointsite/";

   SPSite tempSite = new SPSite(siteStr);

   SPUserToken systoken = tempSite.SystemAccount.UserToken;

   using (SPSite site = new SPSite(siteStr, systoken))

   {

       using (SPWeb web = site.OpenWeb())

       {

           //right now, logged in as Site System Account

           Console.WriteLine("Currently logged in as: " +

                              web.CurrentUser.ToString());

           switchUser(web, siteStr, "BlackNinjaSoftware/MatthewCarriere");

           switchUser(web, siteStr, "BlackNinjaSoftware/ShereenQumsieh");

           switchUser(web, siteStr, "BlackNinjaSoftware/DonabelSantos");

       }

   }

}

   

private static void switchUser(SPWeb web, string siteStr, string user)

{

   //impersonate somebody else

   SPUserToken userToken = web.AllUsers[user].UserToken;

   SPSite s = new SPSite(siteStr, userToken);

   SPWeb w = s.OpenWeb();

   Console.WriteLine("Currently logged in as: " +

                     w.CurrentUser.ToString() +

                     "(" + w.CurrentUser.Name + ")"

                    );

}

 

 

From: http://www.sharepointdeveloperhq.com/2009/04/how-to-programmatically-impersonate-users-in-sharepoint/