<

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x

Getting  the private properties of user profile service displayed in a webpart, that can be viewed by visitors.

Published on
9,073 Points
3,073 Views
Last Modified:
Approved
Getting the private properties of a user's profile was one of the problems that I faced at my work. This was a very serious problem and finally I came up with a solution that helped me getting the required objectives.

I am still looking forward if there are any other better way for this. Meanwhile I would just like to share what I have done and understood throughout.

Please suggest or comment where you think there are better ways, or any improvements.

My college and I had lot of discussion about getting those values displayed. Most of them suggested changing the visibility of the current property.  When you change the visibility of the property to all and access the user profile service through elevated privileges then it would work as desired.

But here is the catch we have the legal compliance with the client that didn't allowed us to change the visibility of the property to public from private. We tried to educate our client about the implementation and making the property visible to preserve the security compliance.

But they never agreed with our approach. So Finally, I came up with a solution which helps me getting the values as I desired.

I am putting the code here so that anyone interested can use it and may be make it more efficient.

 public void DisplayLoginDate()
        {
            SPUser AdminUser = SPContext.Current.Site.SystemAccount;
            var superToken = AdminUser.UserToken;
            HttpContext con = HttpContext.Current;
            SPSecurity.RunWithElevatedPrivileges(delegate()
            {
                using (SPSite site = new SPSite(SPContext.Current.Site.Url, superToken))
                {
                    SPServiceContext context1 = SPServiceContext.GetContext(site);
                    HttpContext.Current = null;
                    UserProfileManager upm = new UserProfileManager(context1, false);
                    foreach (UserProfile up in upm)
                    {
                        if (up["privateprop"].Count == 1)
                        {
                       LoginDate.Text += (up["AccountName"].Value + "****Last Login: " + up["privateprop"].Value.ToString()) + "</br>";
                        }

                        else 
                        {
                            LoginDate.Text += (up["AccountName"].Value + "****Last Login: " + "No Data Availiable") + "</br>";
                        }

                    }
                   
                }
            });
            HttpContext.Current = con;
          

        }

Open in new window


The above is the function that retrieves the value and displays in a label in my case.

One thing I realized but I am still trying to verify this is.

1. Even when you access with elevated privileges while accessing the user profile properties, user profile service always check the current context of the user if the logged in user has enough permission to access the user profile service application then only he would be allowed to see the value else he won’t see the value.
 
2. So, I decided to access the application though a admin user context , I opened the web through admin user context and then set the current context to null after the I accessed the user profile service application with admin or system user's context. this way I was always running under the context of the admin user.

This might not be the right way for the process since I am killing the current context with in the process but it gives me what is needed and hopefully it will do for all as I say.
0
Comment
Author:kukdai
0 Comments

Featured Post

OWASP: Forgery and Phishing

Learn the techniques to avoid forgery and phishing attacks and the types of attacks an application or network may face.

Join & Write a Comment

Basic Overview of office 365 user portal
Please check the video also in regards to recovery of deleted emails from office 365 admin center and through the MFCMAPI tool. I have mentioned each and every step with the proper steps that need to be taken care of.

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month