SharePoint 2103 Check user permission on list

一、需求: check user 对SharePoint list 的permission

代码如下:

 1    private static string GetListPermission(SPList list, string loginName)
 2         {
 3             string perStr = string.Empty;
 4             SPSecurity.RunWithElevatedPrivileges(() =>
 5             {
 6                 try
 7                 {
 8                     SPUser user = list.ParentWeb.Users[loginName];
 9                     SPRoleAssignment roleAssignment = list.RoleAssignments.GetAssignmentByPrincipal(user);
10                     SPRoleDefinitionBindingCollection defColl = roleAssignment.RoleDefinitionBindings;
11                     foreach (SPRoleDefinition roleDef in defColl)
12                     {
13                         perStr += roleDef.Name + ";";
14                     }
15                 }
16                 catch (Exception)
17                 {
18                     logger.Debug("Get user permission by list.GetUserEffectivePermissionInfo method, list title: {0}, loginName: {1}.", list.Title, loginName);
19                     try
20                     {
21                         SPPermissionInfo permissionInfo = list.GetUserEffectivePermissionInfo(loginName);
22                         var roleAssignments = permissionInfo.RoleAssignments;
23                         foreach (SPRoleAssignment roleAssignment in roleAssignments)
24                         {
25                             SPRoleDefinitionBindingCollection roleDefColl = roleAssignment.RoleDefinitionBindings;
26                             foreach (SPRoleDefinition roleDef in roleDefColl)
27                             {
28                                 perStr += roleDef.Name + ";";
29                             }
30                         }
31                     }
32                     catch (Exception ex)
33                     {
34                         logger.Error("An error occurred while getting permission by list.GetUserEffectivePermissionInfo method, list title: {0}, loginName: {1}, exception; {2}.",
35                             list.Title, loginName, ex.ToString());
36                     }
37                 }
38             });
39             return perStr;
40         }

注意: catch中的代码作用是check,当user是AD group中的member,但却不单独存在于web userInformation list中,此时如果直接获取user  SPRoleAssignment,则抛‘Index is out of range’, 所以这样的user可以通过

list.GetUserEffectivePermissionInfo(loginName); 来获取SPPermissionInfo,然后再获取user的SPRoleDefinition,有的读者会问,为什么不直接通过catch中的方法获取,这样无论这个user是否只存在于AD group中都不会抛异常

可以正确的获取到SPRoleDefinition,其实是可以的,之所以这样做,原因在于效率问题。

二、需求: set permission to list

代码如下:

 1 private static void SetLibPermission(SPList list,  bool isRead)
 2         {
 3             try
 4             {
 5                 SPSecurity.RunWithElevatedPrivileges(() =>
 6                 {
 7                     bool hasUnique = list.HasUniqueRoleAssignments;
 8                     list.ParentWeb.AllowUnsafeUpdates = true;
 9                     if (!hasUnique)
10                     {
11                         list.BreakRoleInheritance(false);
12                         list.Update();
13                     }
14                        try
15                         {
16                             SPUser user = list.ParentWeb.EnsureUser(userInfo.Key);
17                             SPRoleDefinitionCollection objDefiColl = list.ParentWeb.RoleDefinitions;
18                             SPRoleAssignment objRoleAssign = new SPRoleAssignment(user);
19                             SPRoleDefinition roleDefination = null;
20                             if (isRead)
21                             {
22                                 roleDefination = objDefiColl.GetByType(SPRoleType.Reader);
23                             }
24                             else
25                             {
26                                 roleDefination = objDefiColl.GetByType(SPRoleType.Contributor);
27                             }
28                             objRoleAssign.RoleDefinitionBindings.Add(roleDefination);
29                             list.RoleAssignments.Add(objRoleAssign);
30                         }
31                         catch (Exception ex)
32                         {
33
34                         }
35                     list.Update();
36                     list.ParentWeb.AllowUnsafeUpdates = false;
37                 });
38
39             }
40             catch (Exception ex)
41             {
42
43             }
44         }

注意:给list赋权限,需要打破继承,具体可以根据实际需求

代码中的userInfo.Key即为loginName

list.ParentWeb.EnsureUser(userInfo.Key);即把user保存到user information list中

时间: 2024-08-30 05:38:24

SharePoint 2103 Check user permission on list的相关文章

Column & View Permission For SharePoint List

Project Description:As you already know, there is no possibility in SharePoint 2010/SharePoint 2007 to setup Columns and View permission for Lists or Document Libraries. I was told by Microsoft, that there will be a big performance issue if they crea

【转】必需知道的 SharePoint 权限 Tips

SharePoint Tips about Permissions: What you need to know         I have been writing tips about SharePoint from last two years now. After a great popularity and huge following of my SharePoint tips section, recently I received a very interesting requ

permission 文档 翻译 运行时权限

文档位置:API24/guide/topics/security/permissions.html System Permissions 系统权限 Android is a privilege-separated operating system, in which each application runs with a distinct system identity (Linux user ID and group ID). Parts of the system are also sep

通过PowerShell创建SharePoint Site Collection。

通过PowerShell创建SharePoint Site Collection,代码如下: Add-PSSnapin microsoft.sharepoint.powershell function CreateTeamSite() { $webApps = Get-SPWebApplication $webAppsUrl = $webApps.Url if($webApps.count -eq 1) { Write-Host "You have only one web applicatio

Failed to start NodeManager caused by "/var/lib/hadoop-yarn/yarn-nm-recovery/yarn-nm-state/LOCK: Permission denied"

Hadoop 安装步骤: 0. 安装前准备(节点机器,环境设置,yum源设置) 1. 配置并安装Cloudera-Manager 2. 启动 CM 服务 3. 安装CDH,并配置集群 4. 启动 在启动Yarn时, NodeManager 启动失败.接下来查看对应的日志:Cloudera Manager 主页,点击YARN项操作,选择"实例",点击角色类型,进入NodeManager 主页,在日志文件下拉框有stdout,stderr,角色日志文件,建议查看角色日志文件. 下面是角色日

Centos-6.7下_Oracle 11gR2"静默"详细安装过程及排错

系统要求:内存:1G(官方最低要求1G)硬盘:40G(企业版安装所需4.29G和1.7G数据文件) 检查的命令内存# grep MemTotal /proc/meminfo交换空间# grep SwapTotal /proc/meminfo磁盘空间# df -ah 安装前系统准备:1.修改主机名# sed -i "s/HOSTNAME=localhost.localdomain/HOSTNAME=DB_2/g" /etc/sysconfig/network# hostname DB_2

项目中AOP的实例应用

其中包括了权限管理.表单验证.事务管理.信息过滤.拦截器.过滤器.页面转发等等. 公司项目的应用:(涉及用户验证登录以及用户是否有管理员权限.心理用户权限等),还有涉及的其他日志管理代码就不一一举例了: /** * 登录拦截器(登录判断) * @author alex * */ public class LoginInterceptor extends HandlerInterceptorAdapter { @Autowired private UserService userService;

EventProxy流程控制

EventProxy是一个通过控制事件触发顺序来控制业务流程的工具. 1. 利用事件机制解耦复杂业务逻辑 2. 移除被广为诟病的深度callback嵌套问题 3. 将串行等待变成并行等待,提升多异步协作场景下的执行效率 4. 友好的Error handling node.js的亮点是回调函数,node.js流程控制.传参都是通过回调函数来实现的.开发中经常会遇到回调嵌套的场景,尤其是在业务复杂的场景下,会嵌套n层回调函数,这样做的原因是为了控制代码执行的流程. 下面是一个需要同步读取文件的例子

TinyHttp源码解读

tinyhttp是一个最简单的web服务器,实现了web服务器的基本原理.代码全部使用C语言开发,只有500多行,阅读代码,可以了解web服务器的基本原理. 下载连接:http://sourceforge.net/projects/tinyhttpd/ 下载后,编译时会遇到问题.在Makefile中,执行编译脚本为: gcc -W -Wall -lsocket -lpthread -o httpd httpd.c 其中lsocket是不需要的,因为作者开发时用的Linux版本和我不同,我使用了U