UnauthorizedAccessException was unhandled by user code in SharePoint event receiver

In this article we will be seeing how to resolve "UnauthorizedAccessException was unhandled by user code" in SharePoint event receiver.

I had one custom list "MyList" which contains two columns "Title" and "Service Account".

I had one group with Full control "Service Team". In the "Service Account" column I need to add all the users from the "Service Team" group. I have written ItemAdded event receiver for adding the users from the "Service Team" group to the "Service Account" column.

1. public override void ItemAdded(SPItemEventProperties properties)      

2. {

3. base.ItemAdded(properties);

4. SPSecurity.RunWithElevatedPrivileges(delegate()          

5. {

6. SPWeb web = properties.Web;

7. SPListItem item = properties.ListItem;

8. SPGroup group = web.Groups["Service Team"];              

9. web.AllowUnsafeUpdates = true;

10. SPFieldUserValueCollection UserCollection = new SPFieldUserValueCollection();

11. foreach (SPUser user in group.Users)              

12. {

13. SPFieldUserValue UserName = new SPFieldUserValue(web, user.ID, user.LoginName);                  

14. UserCollection.Add(UserName);               

15. }              

16. item["Service Account"] = UserCollection;              

17. item.Update();                   

18. });      

19. }
    

When the user with contribute access tried to add the column, users from the "Service Team" were not added to the column and I was getting the following error when I was debugging.

Even though I was using SPSecurity.RunWithElevatedPrivileges I was getting the error. That is because "when using SPSecurity.RunWithElevatedPrivileges, we need to open an elevated site context through a new SPSite object in order to really be elevated". Then I tried with the following code which added users to the columns successfully.

1. public override void ItemAdded(SPItemEventProperties properties)      

2. {

3. base.ItemAdded(properties);

4. SPSecurity.RunWithElevatedPrivileges(delegate()          

5. {

6. using(SPSite site=new SPSite (properties.SiteId))               

7. {

8. using (SPWeb web = site.RootWeb)                   

9. {                       

10. SPListItem item = properties.ListItem;

11. SPGroup group = web.Groups["Service Team"];                       

12. web.AllowUnsafeUpdates = true;

13. SPFieldUserValueCollection UserCollection = new SPFieldUserValueCollection();

14. foreach (SPUser user in group.Users)                       

15. {

16. SPFieldUserValue UserName = new SPFieldUserValue(web, user.ID, user.LoginName);                            

17. UserCollection.Add(UserName);                       

18. }                       

19. item["Service Account"] = UserCollection;                       

20. item.Update();                   

21. }               

22. }          

23. });      

24. }