All geek questions in one place

Verify user permissions with a site collection

I want to check if the user has permissions for the site collection. But I do not know how to use SPSite.DoesUserHavePermissions().

What is SPReusableAcl? How can I get it to verify user rights?

+3
source share
3 answers

Does the MSDN article help ( method SPWeb.DoesUserHavePermissions (String, SPBasePermissions) )? The sample code can be used to verify that the user has access to the site collection:

using System;
using Microsoft.SharePoint;

namespace Test
{
    class Program
    {
        static void Main(string[] args)
        {
            using (SPSite site = new SPSite("http://localhost"))
            {
                using (SPWeb web = site.OpenWeb())
                {
                    // Make sure the current user can enumerate permissions.
                    if (web.DoesUserHavePermissions(SPBasePermissions.EnumeratePermissions))
                    {
                        // Specify the permission to check.
                        SPBasePermissions permissionToCheck = SPBasePermissions.ManageLists;
                        Console.WriteLine("The following users have {0} permission:", permissionToCheck);

                        // Check the permissions of users who are explicitly assigned permissions.
                        SPUserCollection users = web.Users;
                        foreach (SPUser user in users)
                        {
                            string login = user.LoginName;
                            if (web.DoesUserHavePermissions(login, permissionToCheck))
                            {
                                Console.WriteLine(login);
                            }
                        }
                    }
                }
            }
            Console.ReadLine();
        }
    }
}

URL- permissionToCheck. SPBasePermissions , (SPBasePermissions Enumeration).

, DoesUserHavePermissions, . Google Search.

+1

, MSDN , .

, SharePoint 2010, , , RunWithElevatedPrivileges, , , , catch-22 . (LoginName - FBA "\" AD - ):

SPSecurity.RunWithElevatedPrivileges(delegate()
{
    using (SPSite elevatedSite = new SPSite(siteCollectionUrl))
    {
        foreach (SPSite siteCollection in elevatedSite.WebApplication.Sites)
        {
            using (SPWeb elevatedWeb = siteCollection.OpenWeb())
            {
                bool allowUnsafeUpdates = elevatedWeb.AllowUnsafeUpdates;
                bool originalCatchValue = SPSecurity.CatchAccessDeniedException;
                SPSecurity.CatchAccessDeniedException = false;

                try
                {
                    elevatedWeb.AllowUnsafeUpdates = true;

                    // You can't verify permissions if the user does not exist and you
                    // can't ensure the user if the user does not have access so we
                    // are stuck with a try-catch
                    SPUser innerUser = elevatedWeb.EnsureUser(loginName);

                    if (null != innerUser)
                    {
                        string splogin = innerUser.LoginName;
                        if (!string.IsNullOrEmpty(splogin) && elevatedWeb.DoesUserHavePermissions(splogin, SPBasePermissions.ViewPages))
                        {
                            // this user has permissions; any other login - particularly one that
                            // results in an UnauthorizedAccessException - does not
                        }
                    }
                }
                catch (UnauthorizedAccessException)
                {
                    // handle exception
                }
                catch (Exception)
                {
                    // do nothing
                }
                finally
                {
                    elevatedWeb.AllowUnsafeUpdates = allowUnsafeUpdates;
                    // reset the flag
                    SPSecurity.CatchAccessDeniedException = originalCatchValue;
                }
            }
        }
    }
});
0

SPSite.DoesUserHavePermissions (SPReusableAcl, SPBasePermissions);

0
source

Source: https://habr.com/ru/post/1769713/

More articles:


All Articles