In our application, we have some forms which need to show some data specifically if the current user has a specific permission level. These users belong to an SPGroup which includes users who should not see this data, so in this particular case I cannot filter based off of group membership.
My current solution has been to use web.CurrentUser.Roles
and use a simple check on whether it contains a permission level of the correct name. Roles is of the deprecated SPRole
class, so I am bombarded with warning messages despite the fact it technically works. It suggests that I use SPRoleAssignment
or SPRoleDefinition
(the recommendation seems arbitrary since some lines recommend one while others recommend the other even though it is being used for the same thing).
However, I cannot seem to find any method to directly retrieve an SPRoleAssignment
or SPRoleDefinition
object from an SPUser
or SPPrincipal
object, nor can I retrieve either object corresponding specifically to the current user of the SPWeb
object.
How can I update these methods to use non-deprecated code? I've found other cases of determining user permissions, but I haven't found one that will work from a starting point of the current web or the current user. It's not urgent, but it certainly is helpful to avoid having to sift through all of those warnings just to reach the more important warnings.