Determine the SharePoint Sites and Webs That A Specified User Can Access Programmatically?

Question

Hi,

I need to determine the sites and webs that a specified user can access in a SharePoint web application via the SharePoint API. Note the specified user is different from the current user that is calling the code. I initially was thinking of making use of the PortalSiteMapProvider, but it does not offer an option to change the user context in which it is built up. Can anyone offer any alternatives to this?

Thanks, MagicAndi

Answer 1

You could use the Webservices API:

http://stackoverflow.com/questions/1213459/determining-users-role-in-a-sharepoint-site-workspace-using-the-webservices-api

Answer 2

One possible approach is to make use of impersonation to determine the sites and webs that a specific user (other than the current user) can access via the PortalSiteMapProvider. A method for impersonating another user in a SharePoint context is described here:

http://blackninjasoftware.com/2009/04/09/how-to-programmatically-impersonate-users-in-sharepoint/

Answer 3

Not the most efficient solution to this problem, but you can iterate through all the site collections / webs in the web application and then call:

web.DoesUserHavePermissions(userID, SPBasePermissions.Open)

where "web" is a SPWeb object and userID is "DOMAIN\user.name" of the user you are checking access permissions for. Do it within a RWEP and make sure you dispose of your SPSite/SPWeb objects correctly.