您的位置:首页 > 其它

How to set Item Level Permission for SharePoint 2007 (MOSS/WSS) List/Document Library Programmatically

2010-07-14 00:55 676 查看
Here is a piece of code (a function) to set Item Level Permission. You can use it as a Web Method in a custom Web Service. This method can be used from Applications outside of SharePoint, provided the user using this application has sufficient privilege to update lists/libraries etc.

public string ItemPermission(string SitePath)

{

string ReturnVal = "";

try

{

SPSite WebApp = new SPSite(SitePath);

SPWeb Site = WebApp.OpenWeb();

SPList list = Site.Lists["TestDocLib"];

SPListItem item = list.Items[0];

SPRoleDefinition RoleDefinition = Site.RoleDefinitions.GetByType(SPRoleType.Contributor);

SPRoleAssignment RoleAssignment = new SPRoleAssignment("<domain>\\<user>", "email", "name", "notes");

RoleAssignment.RoleDefinitionBindings.Add(RoleDefinition);

if(!item.HasUniqueRoleAssignments)

{

item.BreakRoleInheritance(true);

}

item.RoleAssignments.Add(RoleAssignment);

item.Update();

}

catch (Exception ex)

{

ReturnVal += "Permission not set, reason: " + ex.Message;

}

return ReturnVal;

}

=========================================================

预期在 SPSecurity.RunWithElevatedPrivileges 中得到操作权限提升的任何对象都必须是来之这个新的安全上下文创建的对象,在其内部引用外部创建的对象,还是没有权限操作

SPSecurity.RunWithElevatedPrivileges(delegate
{
using (SPSite site = new SPSite(properties.SiteId))
{
using (SPWeb web = site.OpenWeb(properties.ListItem.ParentList.ParentWeb.ID))
{
web.AllowUnsafeUpdates = true;
// Make sure referring to the new objec created under the evelvated security context
// there seems to be some bug in web.Lists[properties.ListId].Items[properties.ListItemId] // IndexOutOfRange
SPListItem item = web.Lists[properties.ListId].Items[properties.ListItem.UniqueId];
item.BreakRoleInheritance(false);

SPRoleDefinition readRoleDef = web.RoleDefinitions["Read"];
SPRoleDefinition contributeRoleDef = web.RoleDefinitions["Contribute"];

// the user creating this item have the Contribute permisioin level
SPRoleAssignment roleAssOfCurrentUser = new SPRoleAssignment(web.AllUsers[properties.UserLoginName]);
roleAssOfCurrentUser.RoleDefinitionBindings.Add(contributeRoleDef);

// all the authenticated user can read
SPRoleAssignment roleAssOfAllUser = new SPRoleAssignment(web.AllUsers["NT AUTHORITY\\Authenticated Users"]);
roleAssOfAllUser.RoleDefinitionBindings.Add(readRoleDef);

item.RoleAssignments.Add(roleAssOfCurrentUser);
item.RoleAssignments.Add(roleAssOfAllUser);

//properties.ListItem.SystemUpdate(); // NO NEED
}
}
});
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签: 
相关文章推荐
新的分享
章节导航