I ran into a problem recently where I was attempting to update the permissions on an SPListItem within code but ran into the following error:
Updates are currently disallowed on GET requests. To allow updates on a GET, set the ‘AllowUnsafeUpdates’ property on SPWeb.
Now I’m quite familiar with this error, and it’s one of the few errors in SharePoint that gives you a hint in terms of what you need to do: set the AllowUnsafeUpdates property to true on your SPWeb object.
Well, I did that, but without success. I was still receiving this error. I did a bit of digging and came across some useful information on Hristo Pavlov’s blog. His article is titled What You Need To Know About AllowUnsafeUpdates (Part 1) and is a must read for anyone working with these objects.
The root of my issue turned out to be that my AllowUnsafeUpdates property was being reset to false, even after I had already set it to true:
When any object that implements ISecurable (those are SPWeb, SPList and SPListItem) breaks or reverts their role definition inheritance. This means every time you call SPRoleDefinitionCollection.BreakInheritance(), BreakRoleInheritance(), ResetRoleInheritance() or set the value of HasUniquePerm the AllowUnsafeUpdates property of the parent web will reset to its default value and you may need to set it back to true in order to do further updates to the same objects.
To resolve my issue, I had to reset the AllowUnsafeUpdates property to true after executing BreakRoleInheritance() in my code. I encourge you to read the rest of Hristo’s blog as it really helped me understand this property a little better.