TODO:
You impersonate a user in an event receiver, and the result of calling Update() on the list item means that the "Modified By" user is that of the impersonated account, and not the original user that was logged into the site. The solution is pretty simple, just use the code below to set that user back to the original user.
SOLUTION:
private void ApplyPermissions(SPItemEventProperties properties)
{
string debugMessage = string.Empty;
Guid webId = properties.ListItem.Web.ID;
Guid siteId = properties.SiteId;
SPUserToken sysToken = null;
SPUser currentUser = null;
try
{
currentUser = properties.Web.CurrentUser;
//open site, and get elevated user
using (SPSite site = new SPSite(siteId))
{
//use our site collection
using (SPWeb myWeb = site.OpenWeb(webId))
{
sysToken = myWeb.AllUsers["i:0#.w|mydomain\\impusr"].UserToken;
}
}
bool allowUnsafeUpdates = false;
//open site with elevated user
using (SPSite site = new SPSite(properties.SiteId, sysToken))
{
//get the web
using (SPWeb myWeb = site.OpenWeb(properties.ListItem.Web.ID))
{
try
{
allowUnsafeUpdates = myWeb.AllowUnsafeUpdates; //save unsafe update setting
myWeb.AllowUnsafeUpdates = true; //allow unsafe updates for now
SPListItem elevatedListItem = null;
elevatedListItem = myWeb.Lists[properties.ListId].Items[properties.ListItem.UniqueId]; //get elevated list item
//DO ELEVATED ACTIONS HERE
base.EventFiringEnabled = false;
elevatedListItem["Editor"] = currentUser; //set current user to editor and author
elevatedListItem["Author"] = currentUser;
elevatedListItem.Update(); //update the item
base.EventFiringEnabled = true;
}
catch (Exception x)
{
throw x;
}
finally
{
myWeb.AllowUnsafeUpdates = allowUnsafeUpdates; //put back original setting
}
}//using web
}//using site
}
catch (Exception x)
{
properties.ErrorMessage = x.ToString();
}
}
NOTES:
This code ran in an ItemAdded and ItemUpdated Event Receiver