![[转]SharePoint 2010/2013 使用Javascript来判断权限的三种方法](https://image.shishitao.com:8440/aHR0cHM6Ly9ia3FzaW1nLmlrYWZhbi5jb20vdXBsb2FkL2NoYXRncHQtcy5wbmc%2FIQ%3D%3D.png?!?w=700&webp=1 "[转]SharePoint 2010/2013 使用Javascript来判断权限的三种方法")
本文讲述SharePoint 2010/2013 使用Javascript来判断权限的三种方法的实现方式及其优缺点。
1. 根据用户所在的SharePoint组(比如用户在Leader 组才可以使用审批按钮)
a. 优点,简单明了,容易理解,要获得这个权限只有一个入口,就是将用户加入到SharePoint组
b. 缺点, 不能兼容AD group套SharePoint组的情况,只能将用户直接加入到SharePoint组的情况下起作用
c. 实现代码如下:
- function IsCurrentUserMemberOfGroup(strGroupName, functionComplete) {
- //Setup Vars
- currentContext = null;
- currentWeb = null;
- allGroups = null;
- leaderGroup = null;
- currentUser = null;
- groupUsers = null;
- //Get an instance of the Client Content.
- currentContext = new SP.ClientContext.get_current();
- //Grab the client web object.
- currentWeb = currentContext.get_web();
- //Get the current user object
- currentUser = currentContext.get_web().get_currentUser();
- currentContext.load(currentUser);
- //Setup the groupColletion.
- allGroups = currentWeb.get_siteGroups();
- currentContext.load(allGroups);
- //Now populate the objects above.
- currentContext.executeQueryAsync(
- Function.createDelegate(this, GetAllGroupsExecuteOnSuccess),
- Function.createDelegate(this, ExecuteOnFailure)
- );
- // GroupCollection - Load - SUCCESS
- function GetAllGroupsExecuteOnSuccess(sender, args) {
- // CHECK THE GROUPS
- // Time to Enumerate through the group collection that was returned.
- var groupEnumerator = allGroups.getEnumerator();
- // Loop for the collection.
- while (groupEnumerator.moveNext()) {
- //Grab the Group Item.
- var group = groupEnumerator.get_current();
- if (group.get_title().indexOf(strGroupName) > -1) {
- // Now that we have the group let's grab the list of users.
- groupUsers = group.get_users();
- currentContext.load(groupUsers);
- currentContext.executeQueryAsync(
- Function.createDelegate(this, SingleGroupExecuteOnSuccess),
- Function.createDelegate(this, ExecuteOnFailure)
- );
- }
- }
- }
- // Single Group - Load - SUCCESS
- function SingleGroupExecuteOnSuccess(sender, args) {
- // Time to setup the Enumerator
- var groupUserEnumerator = groupUsers.getEnumerator();
- // This is the flag to set to true if the user is in the group.
- var boolUserInGroup = false;
- // and start looping.
- while (groupUserEnumerator.moveNext()) {
- //Grab the User Item.
- var groupUser = groupUserEnumerator.get_current();
- // and finally. If a Group User ID Matches the current user ID then they are in the group!
- if (groupUser.get_id() == currentUser.get_id()) {
- boolUserInGroup = true;
- }
- }
- //Run the delegate function with the bool;
- functionComplete(boolUserInGroup);
- }
- // GroupCollection or Single Group - Load - FAILURE
- function ExecuteOnFailure(sender, args) {
- //Run the delegate function and return false because there was no match.
- functionComplete(false);
- }
- }
- IsCurrentUserMemberOfGroup("Lead", function (isCurrentUserInGroup) {
- if(isCurrentUserInGroup)
- {
- // Do something for the user in the correct SP group
- }
- });
function IsCurrentUserMemberOfGroup(strGroupName, functionComplete) {
//Setup Vars
currentContext = null;
currentWeb = null;
allGroups = null;
leaderGroup = null;
currentUser = null;
groupUsers = null;
//Get an instance of the Client Content.
currentContext = new SP.ClientContext.get_current();
//Grab the client web object.
currentWeb = currentContext.get_web();
//Get the current user object
currentUser = currentContext.get_web().get_currentUser();
currentContext.load(currentUser);
//Setup the groupColletion.
allGroups = currentWeb.get_siteGroups();
currentContext.load(allGroups);
//Now populate the objects above.
currentContext.executeQueryAsync(
Function.createDelegate(this, GetAllGroupsExecuteOnSuccess),
Function.createDelegate(this, ExecuteOnFailure)
);
// GroupCollection - Load - SUCCESS
function GetAllGroupsExecuteOnSuccess(sender, args) {
// CHECK THE GROUPS
// Time to Enumerate through the group collection that was returned.
var groupEnumerator = allGroups.getEnumerator();
// Loop for the collection.
while (groupEnumerator.moveNext()) {
//Grab the Group Item.
var group = groupEnumerator.get_current();
if (group.get_title().indexOf(strGroupName) > -1) {
// Now that we have the group let's grab the list of users.
groupUsers = group.get_users();
currentContext.load(groupUsers);
currentContext.executeQueryAsync(
Function.createDelegate(this, SingleGroupExecuteOnSuccess),
Function.createDelegate(this, ExecuteOnFailure)
);
}
}
}
// Single Group - Load - SUCCESS
function SingleGroupExecuteOnSuccess(sender, args) {
// Time to setup the Enumerator
var groupUserEnumerator = groupUsers.getEnumerator();
// This is the flag to set to true if the user is in the group.
var boolUserInGroup = false;
// and start looping.
while (groupUserEnumerator.moveNext()) {
//Grab the User Item.
var groupUser = groupUserEnumerator.get_current();
// and finally. If a Group User ID Matches the current user ID then they are in the group!
if (groupUser.get_id() == currentUser.get_id()) {
boolUserInGroup = true;
}
}
//Run the delegate function with the bool;
functionComplete(boolUserInGroup);
}
// GroupCollection or Single Group - Load - FAILURE
function ExecuteOnFailure(sender, args) {
//Run the delegate function and return false because there was no match.
functionComplete(false);
}
}
IsCurrentUserMemberOfGroup("Lead", function (isCurrentUserInGroup) {
if(isCurrentUserInGroup)
{
// Do something for the user in the correct SP group
}
});
2. 使用User 类的isSiteAdmin属性
a. 优点:需要写代码少,效率高
b. 缺点:只能判断用户是否为当前站点集管理员,适用场景很少
c. 代码实现如下:
- var currentUser;
- SP.SOD.executeFunc('sp.js', 'SP.ClientContext', GetCurrentUser);
- function GetCurrentUser() {
- var clientContext = new SP.ClientContext.get_current();
- var oWeb = clientContext.get_web();
- currentUser = oWeb.get_currentUser();
- clientContext.load(currentUser);
- clientContext.executeQueryAsync(Onsuccess, OnFailed);
- }
- function Onsuccess()
- {
- if(currentUser.get_isSiteAdmin())
- {
- // Do something for the user who is the current site collection admin
- }
- }
- function OnFailed(request, message)
- {
- alert('error' + message);
- }
var currentUser;
SP.SOD.executeFunc('sp.js', 'SP.ClientContext', GetCurrentUser);
function GetCurrentUser() {
var clientContext = new SP.ClientContext.get_current();
var oWeb = clientContext.get_web();
currentUser = oWeb.get_currentUser();
clientContext.load(currentUser);
clientContext.executeQueryAsync(Onsuccess, OnFailed);
}
function Onsuccess()
{
if(currentUser.get_isSiteAdmin())
{
// Do something for the user who is the current site collection admin
}
}
function OnFailed(request, message)
{
alert('error' + message);
}
3. 使用 EffectiveBasePermissions,这个也是微软推荐的做法
a. 优点:功能上基本没有限制,可以检查所有SharePoint的权限级别: http://msdn.microsoft.com/en-us/library/ee556747(v=office.14).aspx
b. 缺点:获得权限的入口不是唯一的,可以单独给用户权限,也可以由用户加入到某个组来获取权限
c. 代码实现如下:
- <script type="text/javascript">
- SP.SOD.executeFunc('sp.js', 'SP.ClientContext', CheckPermissionOnWeb);
- function CheckPermissionOnWeb() {
- context = new SP.ClientContext.get_current();
- web = context.get_web();
- this._currentUser = web.get_currentUser();
- context.load(this._currentUser);
- context.load(web, 'EffectiveBasePermissions');
- context.executeQueryAsync(Function.createDelegate(this, this.onSuccessMethod), Function.createDelegate(this, this.onFailureMethod));
- }
- function onSuccessMethod(sender, args) {
- if (web.get_effectiveBasePermissions().has(SP.PermissionKind.manageWeb)) {
- // User Has permission to manage web
- // Do something you want to do for the user who can manage the web
- }
- }
- Function onFailureMethod(sender, args)
- {
- alert('error' +args.message);
- }
- </script>
原文地址:http://blog.csdn.net/abrahamcheng/article/details/17447479