Hi,
I have developed a custom initation form, and in the form the currently logged in user shall select another user to be the initiator of a new workflow (and fill out some other fields) and press a "Start Workflow"-button. At the click event for the "Start Workflow"-button I have code to create a new workflow instance, and the user that was selected should be set as the initiator of the workflow instance, and not the currently logged in user of the SharePoint page.
What is the best way to achieve this? -The custom initation form is an Asp.Net page developed in Visual Studio, and connected to a workflow developed in SharePoint Designer through a custom task content type.
I have tried
using (SPSite site = new SPSite(SPContext.Current.Web.Url, _selectedUser.UserToken))
{
//...code to start a workflow instance
}But I'm getting error messages of "Access denied"
Then I have tried RunWithElevatedPrivileges
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite site = new SPSite(SPContext.Current.Web.Url, _selectedUser.UserToken))
{
//...code to start a workflow instance
}
}That works IF the application pool user has a lot of privileges on the site collection that the workflow runs on, but I don't like that.
I would like to have the best solution that uses "principle of least priviledge"