我已经编写了签入/签出列表项的代码。它适用于管理员,但任何其他权限级别都有问题,对于该站点的“_vti_bin / lists.asmx”上的UpdateListItems是401未经授权的错误。我已确认用户可以查看“_vti_bin / lists.asmx”网络服务。
//declare variables used for check-in/check-out.
var varName;
var varChecked;
var varID
var varQueryStringVals;
//Check who has checked out the item
function getCheckOutPerson (){
$().SPServices({
operation: "GetListItems",
async: false,
listName: "Communications Services Request Form",
CAMLQuery: "<Query><Where><Eq><FieldRef Name='ID' /><Value Type='Number'>" + varID + "</Value></Eq></Where></Query>",
completefunc: function (xData, Status) {
$(xData.responseXML).SPFilterNode("z:row").each(function() {
varChecked = $(this).attr("ows_CheckedOutTo");
});
}
});
};
$(document).ready(function() {
//Check-in if edits cancelled
$("#cancelBtn").click(function(){
//Check in edited item.
if (varName == varChecked){
$().SPServices({
operation: "UpdateListItems",
async: false,
debug: true,
listName: "Communications Services Request Form",
ID: varID,
valuepairs: [["CheckedOutTo", ""]],
completefunc: function(xData, Status) {}
});
};
});
//get current user
varName = $().SPServices.SPGetCurrentUser({
fieldName: "Title",
debug: false
});
//get current list item ID
varQueryStringVals = $().SPServices.SPGetQueryString();
varID = varQueryStringVals["ID"];
//get checked out name
getCheckOutPerson();
// item checked in or checked out by current user?
if (varChecked == undefined || varName == varChecked){
//check out item
$().SPServices({
operation: "UpdateListItems",
async: false,
debug: true,
listName: "Communications Services Request Form",
ID: varID,
valuepairs: [["CheckedOutTo", varName]],
completefunc: function(xData, Status) {
}
});
};
//checked out message
if (varChecked != undefined && varName != varChecked) {
alert ("You cannot edit this item. It is check out by " + varChecked +".");
history.back();
};
//Display 'checked out to' in dispitem.aspx
getCheckOutPerson();
if ($('.CheckedOut').text('')) {
$('.CheckedOut').append(varChecked);
}
});
function PreSaveAction() {
if (varName != varChecked){
alert ("You cannot make changes to this item. It it checked out to " + varChecked);
return false;
};
//Check in edited item.
$().SPServices({
operation: "UpdateListItems",
async: false,
debug: true,
listName: "Communications Services Request Form",
ID: varID,
valuepairs: [["CheckedOutTo", ""]],
completefunc: function(xData, Status) {}
});
return true;
};
答案 0 :(得分:0)
非管理员用户是否拥有足够的权限?只读无法办理退房/办理登机手续。
您是否碰巧使用了商品级权限? http://www.novolocus.com/2009/05/08/updatelistitems-web-service-fails-when-using-item-level-permissions/
我能够使用lists.asmx UndoCheckOut获得一个工作示例。测试是通过具有admin / owner的用户和另一个只有贡献的用户传递的。 docUrl需要是项目的完整网址(例如 - http://server/site/list/item.txt)。注意,标题中的SOAPAction(参见Jan Tielen - http://weblogs.asp.net/jan/archive/2009/05/25/quot-the-security-validation-for-this-page-is-invalid-quot-when-calling-the-sharepoint-web-services.aspx)。
function UndoCheckout(docUrl){
var soapEnv =
"<?xml version='1.0' encoding='utf-8'?> \
<soap:Envelope xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xmlns:xsd='http://www.w3.org/2001/XMLSchema' xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'> \
<soap:Body> \
<UndoCheckOut xmlns='http://schemas.microsoft.com/sharepoint/soap/'> \
<pageUrl>"+ docUrl +"</pageUrl> \
</UndoCheckOut> \
</soap:Body> \
</soap:Envelope>";
$.ajax({
url: "http://server/mysite/_vti_bin/lists.asmx",
type: "POST",
dataType: "xml",
data: soapEnv,
contentType: "text/xml; charset=\"utf-8\"",
beforeSend: function(xhr) {
xhr.setRequestHeader("SOAPAction",
"http://schemas.microsoft.com/sharepoint/soap/UndoCheckOut");
},
complete: function(xData, status){
var result = $(xData.responseXML).find("UndoCheckOutResult").text();
if (result == "true") alert("Undo checkout succeeded.");
},
error: function(){
alert("error");
}
});
}
答案 1 :(得分:0)
原来这与我在那里发布的任何内容无关。权限层次结构混乱,因此当我尝试在列表级别为其提供贡献权限并且忽略列表级别权限时,将为更高站点的用户提供读取权限。