So what is an App Principal? This is probably best explained by way of a little story, and it goes something like this. Suppose I have a SkyDrive site. I keep all of my documents and pictures up there. When I want to access that content I have to enter my username and password. SkyDrive validates my credentials and then gives me access to that content.
The App model is a new way to develop and opens up possibilities for selling a SharePoint 2013 App to the masses via the Office Store and for preparing for the day when SharePoint is entirely based in the cloud.
SharePoint App – An application whose interface is launched from SharePoint but whose code is executed elsewhere.
In the SharePoint platform, running code with elevated privileges is accomplished using the SPSecurity.RunWithElevatedPrivileges method. This method invokes a delegate that runs with the Windows identity set to the AppPool account. The password of the AppPool account is not required, as it is with Impersonation.
Guid webID = SPContext.Current.Web.ID;
Guid siteID = SPContext.Current.Site.ID;
using (SPSite site = new SPSite(siteID))
using(SPWeb web = site.AllWebs[webID])
SPList list = web.Lists["Test"];
In many Sharepoint projects the following code has been used to check if a certain user has full control or not over a specific site:
But this code only check if a user is a Site Collection administrator. Even if the current user is in the owners group, it will not work. And therefore, problems will happen once implemented live.
private bool isCurrentUserOwner()
bool currentUserOwner = false;
SPUser currentUser = SPContext.Current.Web.CurrentUser;
SPSite currentSite = new SPSite(SPContext.Current.Site.Url);
SPWeb currentWeb = currentSite.OpenWeb(SPContext.Current.Web.ID);
SPGroup ownersGroup = currentWeb.AssociatedOwnerGroup;
//Check if currentuser belongs to owners group of the current web
foreach(SPUser user in ownersGroup.Users)
if (currentUser.ID == user.ID)
currentUserOwner = true;
catch (Exception ex)
//Not an owner member