我想检查用户是否拥有网站集的权限。但我不知道如何使用SPSite.DoesUserHavePermissions()。
什么是SPReusableAcl?如何检查用户的权限?
答案 0 :(得分:1)
MSDN文章(SPWeb.DoesUserHavePermissions Method (String, SPBasePermissions))不帮助您吗?示例代码可用于检查用户是否有权访问网站集:
using System;
using Microsoft.SharePoint;
namespace Test
{
class Program
{
static void Main(string[] args)
{
using (SPSite site = new SPSite("http://localhost"))
{
using (SPWeb web = site.OpenWeb())
{
// Make sure the current user can enumerate permissions.
if (web.DoesUserHavePermissions(SPBasePermissions.EnumeratePermissions))
{
// Specify the permission to check.
SPBasePermissions permissionToCheck = SPBasePermissions.ManageLists;
Console.WriteLine("The following users have {0} permission:", permissionToCheck);
// Check the permissions of users who are explicitly assigned permissions.
SPUserCollection users = web.Users;
foreach (SPUser user in users)
{
string login = user.LoginName;
if (web.DoesUserHavePermissions(login, permissionToCheck))
{
Console.WriteLine(login);
}
}
}
}
}
Console.ReadLine();
}
}
}
在上面的示例代码中,您只需更改网站网址和变量permissionToCheck即可。 SPBasePermissions有很多可能的权限要检查,你可以在这里看到枚举(SPBasePermissions Enumeration)。
实际上有很多关于如何检查某些用户权限的教程,但不限于DoesUserHavePermissions,请参阅以下Google Search。
答案 1 :(得分:0)
像往常一样,MSDN示例提供了很好的教科书示例,并不总是适用于现实场景。
在SharePoint 2010上运行的应用程序页面的上下文中,根据我的理解,此代码需要包含在对RunWithElevatedPrivileges的调用中,即便如此,正如我的评论所暗示的那样,似乎有一个隐含的catch-22要求。这适用于我(对于网站的AD用户,LoginName只是FBA用户名或“域\用户” - 在我们的例子中使用了电子邮件地址):
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite elevatedSite = new SPSite(siteCollectionUrl))
{
foreach (SPSite siteCollection in elevatedSite.WebApplication.Sites)
{
using (SPWeb elevatedWeb = siteCollection.OpenWeb())
{
bool allowUnsafeUpdates = elevatedWeb.AllowUnsafeUpdates;
bool originalCatchValue = SPSecurity.CatchAccessDeniedException;
SPSecurity.CatchAccessDeniedException = false;
try
{
elevatedWeb.AllowUnsafeUpdates = true;
// You can't verify permissions if the user does not exist and you
// can't ensure the user if the user does not have access so we
// are stuck with a try-catch
SPUser innerUser = elevatedWeb.EnsureUser(loginName);
if (null != innerUser)
{
string splogin = innerUser.LoginName;
if (!string.IsNullOrEmpty(splogin) && elevatedWeb.DoesUserHavePermissions(splogin, SPBasePermissions.ViewPages))
{
// this user has permissions; any other login - particularly one that
// results in an UnauthorizedAccessException - does not
}
}
}
catch (UnauthorizedAccessException)
{
// handle exception
}
catch (Exception)
{
// do nothing
}
finally
{
elevatedWeb.AllowUnsafeUpdates = allowUnsafeUpdates;
// reset the flag
SPSecurity.CatchAccessDeniedException = originalCatchValue;
}
}
}
}
});
答案 2 :(得分:0)
SPSite.DoesUserHavePermissions(SPReusableAcl,SPBasePermissions);