BreakRoleInheritance Common mistake Tip for SharePoint

No.of Views3039
Bookmarked0 times
By  Mostafa Elzoghbi   On  06 Jul 2010 09:07:18
Tag : SharePoint , Development and Programming
This tips is to share with SharePoint folks/Developers one of the common mistakes that i caught while debugging and reviewing one of my projects
emailbookmarkadd commentsprint

Images in this article missing? We recently lost them in a site migration. We're working to restore these as you read this. Should you need an image in an emergency, please contact us at



This post is to share with SharePoint folks/Developers one of the common mistakes that i caught while debugging and reviewing one of my projects.They system is using Custom List to store Data. and we set the permissions in C#, Here is how to set the permissions on item level permissions in SharePoint 2007:

Code Snippet

// Define Role Assignment object.groupRoleAssignment = new SPRoleAssignment(SPContext.Current.Web.CurrentUser); 

// Define the Permission Level you would like to give.SPRoleDefinition readControlDef = SPContext.Current.Site.RootWeb.RoleDefinitions["Read"];

//Add Permissions to the RolegroupRoleAssignment.RoleDefinitionBindings.Add(readControlDef);

//Add the item to your custom list.SPListItem myItem = web.Lists[RFIListName].Items.Add();

// Break the inheritance to add your custom - Note this stepmyItem.BreakRoleInheritance(true);

// Add Role assignment to the created item.myItem.RoleAssignments.Add(groupRoleAssignment);


 To check the permissions on the item level in SharePoint 2007, here is the code you need to write:

Code Snippet

SPListItem item = MyBLL.getListItem(Id);
// Check if the user has permissions to edit the itemif (!item.DoesUserHavePermissions(SPBasePermissions.EditListItems))
{// the user doesn't have permission to edit the item, do something...}

The check above was returning True, even if the user doesn't have Edit/Contribute permissions on the item.

Why ?! If you check the above function on this line:

True: means copy the permissions first, then my code add more custom permissions. and this is not what i want, i don't want to inherit any permissions from the site.

False: Means don't copy and i will handle the permissions by my self. and this is what i want.

The Developer who wrote above lines didn't read the description of the function, he thought that he wants to break the permissions by setting it to true.Lessons learned, and this is the point i want to share it with all.

Hope this helps.

Sign Up to vote for this article
About Author
Mostafa Elzoghbi
Member Type-Junior
Location-United States
Joined date-07 Jun 2010
Home Page-
Blog Page-
Other popularSectionarticles
There is no comments for this articles.
Leave a Reply
Display Name:
(not display in page for the security purphase)
Please refresh your screen using Ctrl+F5
If you can't read this number refresh your screen
Please input the anti-spam code that you can read in the image.
^ Scroll to Top