How to set Item Level Permission for SharePoint 2007 (MOSS/WSS) List/Document Library Programmatically
2010-07-14 00:55
676 查看
Here is a piece of code (a function) to set Item Level Permission. You can use it as a Web Method in a custom Web Service. This method can be used from Applications outside of SharePoint, provided the user using this application has sufficient privilege to update lists/libraries etc.
public string ItemPermission(string SitePath)
{
string ReturnVal = "";
try
{
SPSite WebApp = new SPSite(SitePath);
SPWeb Site = WebApp.OpenWeb();
SPList list = Site.Lists["TestDocLib"];
SPListItem item = list.Items[0];
SPRoleDefinition RoleDefinition = Site.RoleDefinitions.GetByType(SPRoleType.Contributor);
SPRoleAssignment RoleAssignment = new SPRoleAssignment("<domain>\\<user>", "email", "name", "notes");
RoleAssignment.RoleDefinitionBindings.Add(RoleDefinition);
if(!item.HasUniqueRoleAssignments)
{
item.BreakRoleInheritance(true);
}
item.RoleAssignments.Add(RoleAssignment);
item.Update();
}
catch (Exception ex)
{
ReturnVal += "Permission not set, reason: " + ex.Message;
}
return ReturnVal;
}
=========================================================
预期在 SPSecurity.RunWithElevatedPrivileges 中得到操作权限提升的任何对象都必须是来之这个新的安全上下文创建的对象,在其内部引用外部创建的对象,还是没有权限操作
SPSecurity.RunWithElevatedPrivileges(delegate
{
using (SPSite site = new SPSite(properties.SiteId))
{
using (SPWeb web = site.OpenWeb(properties.ListItem.ParentList.ParentWeb.ID))
{
web.AllowUnsafeUpdates = true;
// Make sure referring to the new objec created under the evelvated security context
// there seems to be some bug in web.Lists[properties.ListId].Items[properties.ListItemId] // IndexOutOfRange
SPListItem item = web.Lists[properties.ListId].Items[properties.ListItem.UniqueId];
item.BreakRoleInheritance(false);
SPRoleDefinition readRoleDef = web.RoleDefinitions["Read"];
SPRoleDefinition contributeRoleDef = web.RoleDefinitions["Contribute"];
// the user creating this item have the Contribute permisioin level
SPRoleAssignment roleAssOfCurrentUser = new SPRoleAssignment(web.AllUsers[properties.UserLoginName]);
roleAssOfCurrentUser.RoleDefinitionBindings.Add(contributeRoleDef);
// all the authenticated user can read
SPRoleAssignment roleAssOfAllUser = new SPRoleAssignment(web.AllUsers["NT AUTHORITY\\Authenticated Users"]);
roleAssOfAllUser.RoleDefinitionBindings.Add(readRoleDef);
item.RoleAssignments.Add(roleAssOfCurrentUser);
item.RoleAssignments.Add(roleAssOfAllUser);
//properties.ListItem.SystemUpdate(); // NO NEED
}
}
});
public string ItemPermission(string SitePath)
{
string ReturnVal = "";
try
{
SPSite WebApp = new SPSite(SitePath);
SPWeb Site = WebApp.OpenWeb();
SPList list = Site.Lists["TestDocLib"];
SPListItem item = list.Items[0];
SPRoleDefinition RoleDefinition = Site.RoleDefinitions.GetByType(SPRoleType.Contributor);
SPRoleAssignment RoleAssignment = new SPRoleAssignment("<domain>\\<user>", "email", "name", "notes");
RoleAssignment.RoleDefinitionBindings.Add(RoleDefinition);
if(!item.HasUniqueRoleAssignments)
{
item.BreakRoleInheritance(true);
}
item.RoleAssignments.Add(RoleAssignment);
item.Update();
}
catch (Exception ex)
{
ReturnVal += "Permission not set, reason: " + ex.Message;
}
return ReturnVal;
}
=========================================================
预期在 SPSecurity.RunWithElevatedPrivileges 中得到操作权限提升的任何对象都必须是来之这个新的安全上下文创建的对象,在其内部引用外部创建的对象,还是没有权限操作
SPSecurity.RunWithElevatedPrivileges(delegate
{
using (SPSite site = new SPSite(properties.SiteId))
{
using (SPWeb web = site.OpenWeb(properties.ListItem.ParentList.ParentWeb.ID))
{
web.AllowUnsafeUpdates = true;
// Make sure referring to the new objec created under the evelvated security context
// there seems to be some bug in web.Lists[properties.ListId].Items[properties.ListItemId] // IndexOutOfRange
SPListItem item = web.Lists[properties.ListId].Items[properties.ListItem.UniqueId];
item.BreakRoleInheritance(false);
SPRoleDefinition readRoleDef = web.RoleDefinitions["Read"];
SPRoleDefinition contributeRoleDef = web.RoleDefinitions["Contribute"];
// the user creating this item have the Contribute permisioin level
SPRoleAssignment roleAssOfCurrentUser = new SPRoleAssignment(web.AllUsers[properties.UserLoginName]);
roleAssOfCurrentUser.RoleDefinitionBindings.Add(contributeRoleDef);
// all the authenticated user can read
SPRoleAssignment roleAssOfAllUser = new SPRoleAssignment(web.AllUsers["NT AUTHORITY\\Authenticated Users"]);
roleAssOfAllUser.RoleDefinitionBindings.Add(readRoleDef);
item.RoleAssignments.Add(roleAssOfCurrentUser);
item.RoleAssignments.Add(roleAssOfAllUser);
//properties.ListItem.SystemUpdate(); // NO NEED
}
}
});
相关文章推荐
- SharePoint 2007 (MOSS/WSS) - how to remove "Download a Copy" context menu from a Document Library
- how to set default content type in document set in Sharepoint
- How to set value for webpart’s properties when I create a new sharepoint template
- [转]How to Create a Thumbnail Picture Library View in SharePoint 2007
- How to delete a large number of data in SharePoint for List when refreshing data?
- How to submit an InfoPath form to a Windows SharePoint Services document library
- How to delete a large number of data in SharePoint for List when refreshing data?
- How to create your own custom 404 error page and handle redirect in SharePoint 2007 (MOSS)?
- 转:How to create your own custom 404 error page and handle redirect in SharePoint 2007 (MOSS)?
- How to use document library in Sharepoint 2010
- Document Library Tree View Web Part for SharePoint
- How to tune SharePoint 2010 Server for better performance?
- Hide some fields for SharePoint list item when creating, updating, viewing
- How to Access the DOM(Document Object Model) in MOSS 2007
- Create a New SharePoint Permission Level and Bind it to an Existing SharePoint Group
- How to point cmake at specific directory for library?
- Changing the Item-Level Permissions Settings for a Document Library requires PowerShell
- Uploading files to the SharePoint Document Library and updating any metadata columns
- How to remove the ribbon tabs in list forms in SharePoint 2010
- How to set trace for others sessions, for your own session and at instance level