If you receive this error message that looks like this:
Microsoft.SharePoint.SPException: You cannot grant a user a permission level that is not attached to a web.
at Microsoft.SharePoint.SPRoleDefinitionBindingCollection.AddInternal(SPRoleDefinition roleDefinition)
at Microsoft.SharePoint.SPRoleDefinitionBindingCollection.Add(SPRoleDefinition roleDefinition)
When you’re doing something like this:
private static SPRoleDefinition FindAddEditListItemsRoleDefinition(SPWeb site) {
SPRoleDefinition definition = site.RoleDefinitions
.Cast<SPRoleDefinition>()
.FirstOrDefault(def => def.Name == ROLE_DEFINITION_TITLE);
if (definition != null) return definition;
definition = new SPRoleDefinition {
Name = ROLE_DEFINITION_TITLE,
Description = "Can view and edit list items only.",
BasePermissions = SPBasePermissions.EditListItems
| SPBasePermissions.ViewListItems
| SPBasePermissions.ViewFormPages
| SPBasePermissions.ViewPages
};
site.RoleDefinitions.BreakInheritance(true, true);
site.RoleDefinitions.Add(definition);
site.Update();
return definition;
}
It may be because SharePoint doesn’t allow you to use the SPRoleDefinition you just created and you have to return the one you just added. Stupid, but hopefully it will help someone somewhere.
...
site.Update();
// you can't just return definition because SharePoint gives you
// "You cannot grant a user a permission level that is not
// attached to a web" when you attempt to use it, so
// you need to return it again
return site.RoleDefinitions
.Cast<SPRoleDefinition>()
.First(def => def.Name == ROLE_DEFINITION_TITLE);
}
Comments
God and Sharepoint work in mysterious ways. We must not seek understanding of either. ;-)
?