Web Part Permissions?
Posted on 2010-08-12
I have a question that I have tried to search for an answer to, but so far haven't found anything to help yet.
I have two web parts, to which I'll post the code below in their own posts (to keep things clean).
One web part queries the web application that the page being viewed is currently in, and displays all of the groups that the current user is a member of, as well as the URL to the site that the group exists on. I'll call it "Query User" web part.
The other web part, is a basic "hello world" web part that allows you to change the text (from "hello world" to whatever you want), as well as the color of the text. Very simple, but I used a webcast from Microsoft to do it because I didn't understand the get/set methods and what they were supposed to do.
Anyway, the problem is this:
I have the three default groups on my test site: Owners, Members, Readers, as well as Site Collection Administrators for my site collection. So, I add myself to the Owners group (but I am not a Site Collection Administrator).
I can browse to my site, and add the "hello world" web part to the page, change the text, and change the color. Everything works fine there. I tried it on Owners, Members, and Readers, and the site displays (although Readers cannot change the web part attributes since they cannot edit the page).
So now my current membership is only "Owners", and I go to add my "Query User" web part to the page...it starts thinking...and then I get "Access Denied". So, I remote desktop into my VM, and log in with the "SP Admin" account that I created, and browse to my site. Voila! There it is, my web part, displaying exactly what it should be showing.
I then added myself as a Site Collection Administrator (by using the service account on the remote-desktop), went back to my normal pc, and tried browsing to the site...and it worked.
So what it comes down to, is that I have two web parts:
Hello World Web Part - can be put on the page, and the page can be seen by ALL users regardless of permission.
Query User Web Part - requires Site Collection Administrator permissions to even view the site, once this web part is added to a page.
Does anyone know why it does this, and what I have to do to fix it? I'd like other people to be able to use this web part (once I'm done with it, I have more ideas for it but first i want to get this sorted), however I don't want to add everyone to the site collection administrators group, as that's very insecure.