private static void SetSecurityOnRessouces(SPWeb Web, SPList List)
{
// list permission levels
foreach (SPRoleDefinition PermLevel in Web.RoleDefinitions)
{
Console.WriteLine(string.Format("Role: {0}, ID: {1}", PermLevel.Name, PermLevel.Id));
}
// list groups
foreach (SPGroup gp in Web.SiteGroups)
{
Console.WriteLine(string.Format("Group: {0}", gp.Name));
}
// break rights inheritance - boolean: copy permissions
List.BreakRoleInheritance(false);
// assign permissions to class\katja
Web.SiteUsers.Add(@"class\katja", "*****@*****.**", "Katja", "a test user");
SPUser usrKatja = Web.SiteUsers[@"class\katja"]; //login name
if (usrKatja != null)
{
usrKatja.Name = "Katja";
usrKatja.Email = "*****@*****.**";
usrKatja.Update();
// create a new permission level
SPRoleDefinition PermLevelFull = Web.RoleDefinitions["Full Control"];
SPRoleAssignment KatjaAssign =
new SPRoleAssignment(usrKatja.LoginName, usrKatja.Email, usrKatja.Name, usrKatja.Notes);
// Bind Assignment to definition
KatjaAssign.RoleDefinitionBindings.Add(PermLevelFull);
List.RoleAssignments.Add(KatjaAssign);
List.Update();
}
}
public void UpdateUser(UserObject user)
{
if (user == null)
{
return;
}
if (string.IsNullOrEmpty(user.UserName))
{
return;
}
try
{
SPUser sharepointUser = GetUserObject(user.UserName);
if (sharepointUser == null)
{
return;
}
if (user.Email != string.Empty)
{
sharepointUser.Email = user.Email;
}
if (user.Name != string.Empty)
{
sharepointUser.Name = user.Name;
}
if (user.Notes != string.Empty)
{
sharepointUser.Notes = user.Notes;
}
sharepointUser.Update();
}
catch (Exception ex)
{
var log = new AppEventLog(AppException.ExceptionMessage(ex, "UpdateUser", "ClsHelper"));
log.WriteToLog();
}
}
protected void OnSubmit(object sender, EventArgs e)
{
// get user info
string userName = this.Request.QueryString["USERNAME"];
SPUser spuser = null;
// This could be done with EnsureUsers, which won't throw an exception if the user hasn't logged on to the site.
try
{
spuser = this.Web.AllUsers[Utils.EncodeUsername(userName)];
}
catch
{
}
MembershipUser user = Utils.BaseMembershipProvider().GetUser(userName, false);
// check user exists
if (user != null)
{
try
{
// TODO: If we want the Email to be used for the user account, we need to delete the user and create a new one with the new email address.
// This will mean we need to iterate over the groups that the user is a member of, in all site collections in all web apps, and add the new user
// to those groups. In the meantime, we allow the email to be changed, but this won't update the account username.
// update membership provider info
user.Email = txtUsername.Text;
user.IsApproved = isActive.Checked;
//Unlock Account
if (user.IsLockedOut && !isLocked.Checked)
{
user.UnlockUser();
}
try
{
Utils.BaseMembershipProvider().UpdateUser(user);
}
catch (System.Configuration.Provider.ProviderException ex)
{
lblMessage.Text = ex.Message;
return;
}
// if roles enabled add/remove user to selected role(s)
if (_showRoles)
{
for (int i = 0; i < rolesList.Items.Count; i++)
{
if (rolesList.Items[i].Selected)
{
if (!Utils.BaseRoleProvider().IsUserInRole(user.UserName, rolesList.Items[i].Value))
{
Utils.BaseRoleProvider().AddUsersToRoles(new string[] { user.UserName }, new string[] { rolesList.Items[i].Value });
}
}
else
{
if (Utils.BaseRoleProvider().IsUserInRole(user.UserName, rolesList.Items[i].Value))
{
Utils.BaseRoleProvider().RemoveUsersFromRoles(new string[] { user.UserName }, new string[] { rolesList.Items[i].Value });
}
}
}
}
// or add/remove user to selected group(s)
else
{
for (int i = 0; i < groupList.Items.Count; i++)
{
string groupName = groupList.Items[i].Value;
// determine whether user is in group
bool userInGroup = false;
if (spuser != null)
{
foreach (SPGroup group in spuser.Groups)
{
if (group.Name == groupName)
{
userInGroup = true;
break;
}
}
}
// if selected add user to group
if (groupList.Items[i].Selected)
{
// only add if not already in group
if (!userInGroup)
{
//Add the user to SharePoint if they're not already a SharePoint user
if (spuser == null)
{
try
{
spuser = this.Web.EnsureUser(Utils.EncodeUsername(userName));
}
catch (Exception ex)
{
lblMessage.Text = LocalizedString.GetGlobalString("FBAPackWebPages", "ErrorAddingToSharePoint");
Utils.LogError(ex, false);
return;
}
}
this.Web.SiteGroups[groupName].AddUser(spuser);
}
}
// else remove user from group
else
{
// only attempt remove if actually in the group
if (userInGroup)
{
this.Web.SiteGroups[groupName].RemoveUser(spuser);
}
}
}
}
SPSite site = SPContext.Current.Site;
SPWeb web = site.RootWeb;
SPList list = web.SiteUserInfoList;
SPListItem userItem = null;
// update sharepoint user info
if (spuser != null)
{
spuser.Email = txtUsername.Text;
spuser.Name = txtFullName.Text;
spuser.Update();
try
{
userItem = list.GetItemById(spuser.ID);
}
catch (Exception ex)
{
Utils.LogError(ex);
}
if (userItem != null)
{
userItem["CMIT Location"] = txtCMITLocation.Text;
userItem["CMITTitle"] = txtTitle.Text;
userItem["Telephone Number"] = txtTelephoneNumber.Text;
userItem["Date of provisioning"] = txtDatofProvisionaing.SelectedDate;
userItem.Update();
}
}
SPUtility.Redirect("FBA/Management/UsersDisp.aspx", SPRedirectFlags.RelativeToLayoutsPage | SPRedirectFlags.UseSource, this.Context);
}
catch (Exception ex)
{
Utils.LogError(ex, true);
}
}
else
{
SPUtility.TransferToErrorPage(LocalizedString.GetGlobalString("FBAPackWebPages", "UserNotFound"));
}
}
/// <summary>
/// Ensures the users.
/// </summary>
/// <param name="request">The request.</param>
/// <returns>Ensure User Response Object</returns>
public EnsureUserRequestResponse EnsureUsers(EnsureUserRequestResponse request)
{
EnsureUserRequestResponse response = new EnsureUserRequestResponse();
if (request != null && request.Users != null && request.Users.Count > 0)
{
Guid siteId = SPContext.Current.Site.ID;
Guid webId = SPContext.Current.Web.ID;
List <User> users = new List <User>();
SPSecurity.RunWithElevatedPrivileges(delegate
{
using (SPSite site = new SPSite(siteId))
{
using (SPWeb web = site.OpenWeb(webId))
{
bool unsafeUpdateStatus = web.AllowUnsafeUpdates;
try
{
web.AllowUnsafeUpdates = true;
foreach (var user in request.Users)
{
SPUser spuser = default(SPUser);
if (user.LoginName.Contains("|"))
{
spuser = web.EnsureUser(user.LoginName);
}
else
{
spuser = web.EnsureUser(user.EmailId);
}
if (spuser != null)
{
if (string.IsNullOrEmpty(spuser.Email) && !string.IsNullOrEmpty(user.EmailId))
{
spuser.Email = user.EmailId;
spuser.Update();
}
user.LoginName = spuser.LoginName;
users.Add(user);
}
}
response.Users = users;
}
catch
{
throw;
}
finally
{
web.AllowUnsafeUpdates = unsafeUpdateStatus;
}
}
}
});
}
return(response);
}
protected void Button2_Click(object sender, EventArgs e)
{
SPSite site = SPContext.Current.Site;
SPWeb mySite = SPContext.Current.Web;
mySite.AllowUnsafeUpdates = true;
pnlEdit.Visible = false;
GridView1.Visible = true;
Hashtable myHash = new Hashtable();
SPUser user = mySite.AllUsers[HiddenUsername.Value];
bool hasGroup = false;
bool addGroup = false;
foreach (SPGroup group in user.Groups)
{
try
{
string g = mySite.Groups[group.Name].Name;
hasGroup = true;
}
catch
{
}
}
bool setSiteAdmin = false;
if (Request["Groups"] != null)
{
string[] groups = Request["Groups"].Split(',');
if (groups.Length > 0)
{
foreach (string group in groups)
{
if (group == "@")
{
setSiteAdmin = true;
}
else
{
try
{
myHash.Add(group, "");
mySite.Groups[group].AddUser(user);
addGroup = true;
}
catch (Exception)
{
}
}
}
}
}
foreach (SPGroup g in mySite.SiteGroups)
{
string group = g.Name;
if (mySite.SiteGroups[group].CanCurrentUserEditMembership)
{
if (!myHash.Contains(group))
{
try
{
mySite.Groups[group].RemoveUser(user);
}
catch (Exception)
{
}
}
}
}
if (mySite.UserIsSiteAdmin)
{
if (setSiteAdmin)
{
user.IsSiteAdmin = true;
user.Update();
}
else
{
user.IsSiteAdmin = false;
user.Update();
}
}
Microsoft.SharePoint.Utilities.SPUtility.Redirect("epmlive/sitepermissions.aspx?", Microsoft.SharePoint.Utilities.SPRedirectFlags.RelativeToLayoutsPage, HttpContext.Current);
}
//这个没用,可以注释掉,Onload 成功后直接就 Redirect 掉了 ,除非以后成功后还容许在这个界面上设置一些用户属性
protected void OnSubmit(object sender, EventArgs e)
{
// get user info
string userName = this.Request.QueryString["USERNAME"];
SPUser spuser = null;
// This could be done with EnsureUsers, which won't throw an exception if the user hasn't logged on to the site.
try
{
spuser = this.Web.AllUsers[Utils.EncodeUsername(userName)];
}
catch
{
}
MembershipUser user = Utils.BaseMembershipProvider().GetUser(userName, false);
// check user exists
if (user != null)
{
try
{
// TODO: If we want the Email to be used for the user account, we need to delete the user and create a new one with the new email address.
// This will mean we need to iterate over the groups that the user is a member of, in all site collections in all web apps, and add the new user
// to those groups. In the meantime, we allow the email to be changed, but this won't update the account username.
// update membership provider info
user.Email = txtEmail.Text;
user.IsApproved = isActive.Checked;
//Unlock Account
if (user.IsLockedOut && !isLocked.Checked)
{
user.UnlockUser();
}
try
{
Utils.BaseMembershipProvider().UpdateUser(user);
}
catch (System.Configuration.Provider.ProviderException ex)
{
lblMessage.Text = ex.Message;
return;
}
// update sharepoint user info
if (spuser != null)
{
spuser.Email = txtEmail.Text;
spuser.Name = txtFullName.Text;
spuser.Update();
}
SPUtility.Redirect("FBA/Management/UsersDisp.aspx", SPRedirectFlags.RelativeToLayoutsPage | SPRedirectFlags.UseSource, this.Context);
}
catch (Exception ex)
{
Utils.LogError(ex, true);
}
}
else
{
SPUtility.TransferToErrorPage(LocalizedString.GetGlobalString("FBAPackWebPages", "UserNotFound"));
}
}
