/// <summary>
/// First attempts to locate an OOTB role definition from the SPRoleType enumeration. If no role matches the
/// provided name, it iterates over all roles in the SPWeb until it finds the matching definition.
/// </summary>
/// <param name="web">the web containing role definitions</param>
/// <param name="roleName">the name of the role desired</param>
/// <param name="roleDef"></param>
/// <returns>returns True if a match is found, otherwise false</returns>
public static bool TryGetRoleDefinition(this SPWeb web, string roleName, out SPRoleDefinition roleDef)
{
bool retVal = false;
SPRoleDefinitionCollection roles = web.RoleDefinitions;
try
{
// Try to get the definition based on the OOTB RoleTypes (Reader, Contributor, etc), ignoring case
roleDef = roles.GetByType((SPRoleType)Enum.Parse(typeof(SPRoleType), roleName, true));
}
catch (Exception x)
{
Logger.Instance.Info("Error in TryGetRoleDefinition", x, DiagnosticsCategories.eCaseExtensions);
roleDef = null;
}
if (roleDef == null)
{
foreach (SPRoleDefinition role in roles)
{
// Case insensitive comparison
if (string.Compare(role.Name, roleName, true) == 0)
{
roleDef = role;
break;
}
}
}
return(retVal);
}
/// <summary>
/// Adds a given permission to the root SPWeb of a given SPSite, if it doesn't exist.
/// An optional set of base permissions are added to the permission.
/// </summary>
///
/// <param name="spSiteGuid">The GUID of the SPSite to add permissions to the root SPWeb of.
/// </param>
///
/// <param name="permissionName">The name of the permission to create.</param>
///
/// <param name="permissionDescription">The description of the permission to create.</param>
///
/// <param name="basePermissionsToAdd">Base permissions to add to the permission. Use 0 if
/// no base permissions need to be added.</param>
///
static void CreatePermission(Guid spSiteGuid, string permissionName,
string permissionDescription, SPBasePermissions basePermissionsToAdd)
{
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite spSite = new SPSite(spSiteGuid))
{
using (SPWeb rootWeb = spSite.RootWeb)
{
SPRoleDefinitionCollection roleDefs = rootWeb.RoleDefinitions;
try
{
SPRoleDefinition roleDef = roleDefs[permissionName];
roleDef.BasePermissions |= basePermissionsToAdd;
roleDef.Update();
// permission already exists
}
catch (SPException)
{
// permission doesn't exist -- create it
SPRoleDefinition roleDef = new SPRoleDefinition();
roleDef.Name = permissionName;
roleDef.Description = permissionDescription;
roleDef.BasePermissions |= basePermissionsToAdd;
roleDefs.Add(roleDef);
}
}
}
});
}
internal static SPRoleDefinition AddRoleDefinition(SPRoleDefinitionCollection roles, string name, string description, SPBasePermissions permissions, int order)
{
SPRoleDefinition role = null;
try
{
role = roles[name];
role.BasePermissions = permissions;
role.Description = description;
role.Order = order;
}
catch (SPException exception)
{
if (-2146232832 != exception.ErrorCode)
{
throw;
}
role = new SPRoleDefinition();
role.Name = name;
role.Description = description;
role.BasePermissions = permissions;
role.Order = order;
roles.Add(role);
role = roles[name];
}
return(role);
}
public bool ContainsRole(SPWeb web, string roleName)
{
SPRoleDefinitionBindingCollection usersRoles = web.AllRolesForCurrentUser;
SPRoleDefinitionCollection roleDefinitions = web.RoleDefinitions;
SPRoleDefinition roleDefinition = roleDefinitions[roleName];
return(usersRoles.Contains(roleDefinition));
}
public SPRoleDefinitionCollectionInstance(ObjectInstance prototype, SPRoleDefinitionCollection roleDefinitionCollection)
: this(prototype)
{
if (roleDefinitionCollection == null)
{
throw new ArgumentNullException("roleDefinitionCollection");
}
m_roleDefinitionCollection = roleDefinitionCollection;
}
public static SPRoleDefinition AddPermissionLevel(this SPWeb web, bool isApprove, bool isAdd, bool isEdit, bool isDelete, string roleName)
{
SPRoleDefinitionCollection roles = web.RoleDefinitions;
SPRoleDefinition role = null;
foreach (SPRoleDefinition item in roles)
{
if (String.Compare(item.Name.Trim(), roleName) == 0)
{
role = item;
break;
}
}
if (role == null)
{
web.AllowUnsafeUpdates = true;
role = new SPRoleDefinition();
SPBasePermissions approve = SPBasePermissions.ViewListItems;
SPBasePermissions edit = SPBasePermissions.ViewListItems;
SPBasePermissions add = SPBasePermissions.ViewListItems;
SPBasePermissions delete = SPBasePermissions.ViewListItems;
if (isApprove)
{
approve = SPBasePermissions.ApproveItems;
}
if (isEdit)
{
edit = SPBasePermissions.EditListItems;
}
if (isAdd)
{
add = SPBasePermissions.AddListItems;
}
if (isDelete)
{
delete = SPBasePermissions.DeleteListItems;
}
role.BasePermissions = SPBasePermissions.BrowseDirectories | SPBasePermissions.Open | SPBasePermissions.OpenItems |
SPBasePermissions.ViewListItems | SPBasePermissions.ViewFormPages | edit | add | delete | approve |
SPBasePermissions.ViewPages | SPBasePermissions.CancelCheckout | SPBasePermissions.ViewVersions;
role.Name = roleName;
web.RoleDefinitions.Add(role);
web.Update();
}
return(role);
}
private bool JudgeRight()
{
string grpName = "辽宁省数学建模竞赛组委会";
bool result = GetGroupofUser(grpName);
SPWeb web = SPContext.Current.Web;
SPRoleDefinitionBindingCollection usersRoles = web.AllRolesForCurrentUser;
SPRoleDefinitionCollection siteRoleCollection = web.RoleDefinitions;
SPRoleDefinition roleDefinition = siteRoleCollection["完全控制"];
SPRoleDefinition roleDefinition2 = siteRoleCollection["参与讨论"];
return(result || usersRoles.Contains(roleDefinition) || usersRoles.Contains(roleDefinition2));
}
public static SPRoleDefinition GetRoleDefinition(SPWeb web, string name)
{
SPRoleDefinitionCollection roleDefinitions = web.RoleDefinitions;
IEnumerator enumerator = roleDefinitions.GetEnumerator();
while (enumerator.MoveNext())
{
SPRoleDefinition current = (SPRoleDefinition)enumerator.Current;
if (current.Name == name)
{
return(current);
}
}
return(null);
}
public static void AddRoleDefinition(this SPWeb web, SPRoleDefinition role, bool hide)
{
SPRoleDefinitionCollection roles = web.RoleDefinitions;
SPWeb m_web = typeof(SPRoleDefinitionCollection).GetField("m_web", BindingFlags.NonPublic | BindingFlags.Instance).GetValue(roles) as SPWeb;
if (!m_web.HasUniqueRoleDefinitions)
{
throw new ArgumentException(SPResource.GetString("CannotCustomizeRoleDefinitionOnInheritedWeb", new object[0]));
}
object m_webRequest = typeof(SPWeb).GetProperty("Request", BindingFlags.Instance | BindingFlags.NonPublic).GetValue(m_web, null);
Type[] signature = new Type[] { typeof(string), typeof(string), typeof(string), typeof(bool), typeof(int), typeof(ulong), typeof(byte), typeof(int) };
object[] args = new object[] { m_web.Url, role.Name, role.Description, true, role.Order, (ulong)role.BasePermissions, (byte)0, 0 };
m_webRequest.GetType().GetMethod("AddRoleDef", signature).Invoke(m_webRequest, args);
typeof(SPRoleDefinitionCollection).GetMethod("ClearAllVars", BindingFlags.NonPublic | BindingFlags.Instance).Invoke(roles, new object[] { });
}
public static void AddPermissions(this SPListItem item, List <SPPrincipal> principals, int roleId)
{
SPRoleDefinitionCollection webroledefinitions = item.Web.RoleDefinitions;
foreach (SPPrincipal principal in principals)
{
if (!item.IsPrincipalInItemRole(principal, roleId) && !Regex.IsMatch(principal.Name, @"svc_|system|app@sharepoint"))
{
if (!item.HasUniqueRoleAssignments)
{
item.BreakRoleInheritance(true);
}
SPRoleAssignment assignment = new SPRoleAssignment(principal);
assignment.RoleDefinitionBindings.Add(webroledefinitions.GetById(roleId));
item.RoleAssignments.Add(assignment);
}
}
}
private void CreateUpdateDepartmentGroup(SPWeb departmentWeb, SPWeb parentWeb, string departmentName)
{
string contributorsGroupName = departmentName + " Contributors";
string membersGroupName = departmentName + " Members";
string administratorsGroupName = departmentName + " Administrators";
SPRoleDefinitionCollection roleColl = departmentWeb.RoleDefinitions;
CreateSubSiteGroup(departmentWeb, contributorsGroupName, SPRoleType.Contributor, "Description for " + departmentName + " Contributors group");
CreateSubSiteGroup(departmentWeb, membersGroupName, SPRoleType.Reader, "Description for " + departmentName + " Members group");
CreateSubSiteGroup(departmentWeb, administratorsGroupName, SPRoleType.Reader, "Description for " + departmentName + " Administrator group");
AddGroupToParentWeb(parentWeb, contributorsGroupName, SPRoleType.Reader);
AddGroupToParentWeb(parentWeb, membersGroupName, SPRoleType.Reader);
AddGroupToParentWeb(parentWeb, administratorsGroupName, SPRoleType.Reader);
AddGroupNameToGroupList(contributorsGroupName, parentWeb);
AddGroupNameToGroupList(membersGroupName, parentWeb);
AddGroupNameToGroupList(administratorsGroupName, parentWeb);
}
private void AddGroupRole(SPWeb web, string groupNames, string ouGuid)
{
SPGroup group = null;
try
{
SPUser user = web.Author;
foreach (string groupName in groupNames.Split(';'))
{
if (!IsExistGroup(web, groupName))
{
//web.AllowUnsafeUpdates = true;
web.SiteGroups.Add(groupName, user, null, ouGuid);//新建组
if (IsExistGroup(web, groupName))
{
group = web.SiteGroups.GetByName(groupName);
//改变站点继承权
if (!web.HasUniqueRoleAssignments)
{
web.BreakRoleInheritance(true);
}
//组权限分配与定义(New)
SPRoleDefinitionCollection roleDefinitions = web.RoleDefinitions;
SPRoleAssignmentCollection roleAssignments = web.RoleAssignments;
SPMember memCrossSiteGroup = web.SiteGroups[groupName];
SPPrincipal myssp = (SPPrincipal)memCrossSiteGroup;
SPRoleAssignment myroles = new SPRoleAssignment(myssp);
SPRoleDefinitionBindingCollection roleDefBindings = myroles.RoleDefinitionBindings;
roleDefBindings.Add(roleDefinitions["Read"]);
roleAssignments.Add(myroles);
}
//web.AllowUnsafeUpdates = false;
}
}
}
catch (Exception)
{
}
}
/// <summary>
/// 组权限分配与定义(New)
/// </summary>
/// <param name="web"></param>
/// <param name="groupname"></param>
/// <param name="roles"></param>
/// <returns></returns>
public bool AddGroupToRoles(SPWeb web, string groupname, string[] roles)
{
try
{
string[] _roles = roles;
int rolemun = _roles.Length;
if (IsExistGroup(web, groupname))
{
//改变站点继承权
if (!web.HasUniqueRoleDefinitions)
{
web.RoleDefinitions.BreakInheritance(true, true);//复制父站点角色定义并且保持权限
}
//站点继承权改变后重新设置状态
web.AllowUnsafeUpdates = true;
//组权限分配与定义(New)
SPRoleDefinitionCollection roleDefinitions = web.RoleDefinitions;
SPRoleAssignmentCollection roleAssignments = web.RoleAssignments;
SPMember memCrossSiteGroup = web.SiteGroups[groupname];
SPPrincipal myssp = (SPPrincipal)memCrossSiteGroup;
SPRoleAssignment myroles = new SPRoleAssignment(myssp);
SPRoleDefinitionBindingCollection roleDefBindings = myroles.RoleDefinitionBindings;
if (rolemun > 0)
{
for (int i = 0; i < rolemun; i++)
{
roleDefBindings.Add(roleDefinitions[_roles[i]]);
}
}
roleAssignments.Add(myroles);
return(true);
}
return(false);
}
catch (Exception)
{
throw;
}
}
private string GetUserName()
{
string userName = "";
SPWeb web = SPContext.Current.Web;
SPUser user = web.CurrentUser;
SPRoleDefinitionBindingCollection usersRoles = web.AllRolesForCurrentUser;
SPRoleDefinitionCollection siteRoleCollection = web.RoleDefinitions;
SPRoleDefinition roleDefinition = siteRoleCollection["完全控制"];
SPRoleDefinition roleDefinition2 = siteRoleCollection["参与讨论"];
if (user != null)//当前有用户登录
{
//if (usersRoles.Contains(roleDefinition) && Page.Request.QueryString["Code"] != null)
//{
// //具有完全控制权限
// userName = Page.Request.QueryString["Code"];
//}
if ((GetGroupofUser("辽宁省数学建模竞赛组委会") || usersRoles.Contains(roleDefinition) || usersRoles.Contains(roleDefinition2)) && Page.Request.QueryString["Code"] != null)
//已登录的用户是组委会成员且url中传递了EnrollCode,则查看制定EnrollCode的报名信息
{
userName = Page.Request.QueryString["Code"];
}
else
{
userName = user.LoginName;
if (userName.Contains("|"))
{
userName = userName.Substring(userName.IndexOf("|") + 1);
}
if (userName.Contains("\\"))
{
userName = userName.Substring(userName.IndexOf("\\") + 1);
}
}
}
return(userName);
}
private void AddSecuritySettings(SPFeatureReceiverProperties properties)
{
SPGroup authenticatedGroup = null;
SPGroup designersGroup = null;
SPGroup approversGroup = null;
SPGroup viewersGroup = null;
//SPGroup guestGroup = null;
SPSite site = properties.Feature.Parent as SPSite;
SPWeb rootWeb = site.RootWeb;
try
{
SPGroupCollection siteGroups = rootWeb.SiteGroups;
SPUser currentUser = rootWeb.CurrentUser;
bool addOwnerToGroup = true;
if (rootWeb.Site.SystemAccount.ID == currentUser.ID)
{
addOwnerToGroup = false;
}
authenticatedGroup = AddSecurityGroup(siteGroups, "All Authenticated Users", "All Authenticated Users", currentUser, addOwnerToGroup);
designersGroup = AddSecurityGroup(siteGroups, "Designers", "Designers", currentUser, addOwnerToGroup);
approversGroup = AddSecurityGroup(siteGroups, "Approvers", "Approvers", currentUser, addOwnerToGroup);
viewersGroup = AddSecurityGroup(siteGroups, "Viewers", "Viewers", currentUser, addOwnerToGroup);
//guestGroup = AddSecurityGroup(siteGroups, "Guests", "Guests", currentUser, addOwnerToGroup);
}
catch (Exception ex)
{
SPDiagnosticsService.Local.WriteTrace(0, new SPDiagnosticsCategory(ex.Source, TraceSeverity.High, EventSeverity.Error), TraceSeverity.High, ex.Message, ex.Data);
}
SPRoleDefinition contributerRole = null;
SPRoleDefinition readerRole = null;
SPRoleDefinition designerRole = null;
SPRoleDefinition administratorRole = null;
SPRoleDefinition guestRole = null;
SPRoleDefinition approverRole = null;
SPRoleDefinition viewerRole = null;
try
{
SPRoleDefinitionCollection roleDefinitions = rootWeb.RoleDefinitions;
bool flag2 = false;
foreach (SPRoleDefinition definition7 in roleDefinitions)
{
if ((definition7.Order != 0x7fffffff) && (definition7.Order != 0))
{
flag2 = true;
break;
}
}
if (!flag2)
{
contributerRole = SetRoleDefinitionOrder(rootWeb, SPRoleType.Contributor, 5);
readerRole = SetRoleDefinitionOrder(rootWeb, SPRoleType.Reader, 6);
designerRole = SetRoleDefinitionOrder(rootWeb, SPRoleType.WebDesigner, 2);
administratorRole = SetRoleDefinitionOrder(rootWeb, SPRoleType.Administrator, 1);
guestRole = SetRoleDefinitionOrder(rootWeb, SPRoleType.Guest, 8);
}
else
{
contributerRole = roleDefinitions.GetByType(SPRoleType.Contributor);
readerRole = roleDefinitions.GetByType(SPRoleType.Reader);
designerRole = roleDefinitions.GetByType(SPRoleType.WebDesigner);
administratorRole = roleDefinitions.GetByType(SPRoleType.Administrator);
guestRole = roleDefinitions.GetByType(SPRoleType.Guest);
}
approverRole = AddRoleDefinition(roleDefinitions, "Approver", "Approver", SPBasePermissions.BrowseDirectories | SPBasePermissions.AddDelPrivateWebParts | SPBasePermissions.BrowseUserInfo | SPBasePermissions.CreateSSCSite | SPBasePermissions.EditMyUserInfo | SPBasePermissions.CreateAlerts | SPBasePermissions.UpdatePersonalWebParts | SPBasePermissions.UseRemoteAPIs | SPBasePermissions.UseClientIntegration | SPBasePermissions.ApproveItems | SPBasePermissions.DeleteListItems | SPBasePermissions.ViewVersions | SPBasePermissions.OpenItems | SPBasePermissions.EditListItems | SPBasePermissions.AddListItems | SPBasePermissions.ViewListItems | SPBasePermissions.ViewPages | SPBasePermissions.Open | SPBasePermissions.ViewFormPages | SPBasePermissions.CancelCheckout | SPBasePermissions.DeleteVersions | SPBasePermissions.ManagePersonalViews, flag2 ? 0x7fffffff : 4);
viewerRole = AddRoleDefinition(roleDefinitions, "Viewer", "Viewer", SPBasePermissions.OpenItems | SPBasePermissions.ViewListItems | SPBasePermissions.ViewPages | SPBasePermissions.Open, flag2 ? 0x7fffffff : 7);
}
catch (Exception ex)
{
SPDiagnosticsService.Local.WriteTrace(0, new SPDiagnosticsCategory(ex.Source, TraceSeverity.High, EventSeverity.Error), TraceSeverity.High, ex.Message, ex.Data);
}
SPUser authenticatedUser = null;
try
{
string logonName = new SecurityIdentifier(WellKnownSidType.AuthenticatedUserSid, null).Translate(typeof(NTAccount)).Value;
authenticatedUser = rootWeb.EnsureUser(logonName);
authenticatedGroup.AddUser(authenticatedUser);
}
catch (Exception ex)
{
SPDiagnosticsService.Local.WriteTrace(0, new SPDiagnosticsCategory(ex.Source, TraceSeverity.High, EventSeverity.Error), TraceSeverity.High, ex.Message, ex.Data);
authenticatedUser = null;
}
/*
* SPUser anonymousUser = null;
* try
* {
* string logonName = new SecurityIdentifier(WellKnownSidType.AnonymousSid, null).Translate(typeof(NTAccount)).Value;
* anonymousUser = rootWeb.EnsureUser(logonName);
* guestGroup.AddUser(anonymousUser);
* }
* catch (Exception ex)
* {
* SPDiagnosticsService.Local.WriteTrace(0, new SPDiagnosticsCategory(ex.Source, TraceSeverity.High, EventSeverity.Error), TraceSeverity.High, ex.Message, ex.Data);
* anonymousUser = null;
* }
*/
try
{
SPClaim claim = SPAllUserClaimProvider.CreateAuthenticatedUserClaim(true);
string str4 = SPClaimProviderManager.Local.EncodeClaim(claim);
authenticatedUser = rootWeb.EnsureUser(str4);
authenticatedGroup.AddUser(authenticatedUser);
}
catch (Exception ex)
{
SPDiagnosticsService.Local.WriteTrace(0, new SPDiagnosticsCategory(ex.Source, TraceSeverity.High, EventSeverity.Error), TraceSeverity.High, ex.Message, ex.Data);
authenticatedUser = null;
}
try
{
/*
* SPList catalog = rootWeb.GetCatalog(SPListTemplateType.MasterPageCatalog);
* SPList styleLibrary = rootWeb.Lists["Style Library"];
*
* catalog.BreakRoleInheritance(true);
* styleLibrary.BreakRoleInheritance(true);
*/
SPRoleAssignmentCollection roleAssignments = rootWeb.RoleAssignments;
//SPRoleAssignmentCollection catalogRoles = catalog.RoleAssignments;
//SPRoleAssignmentCollection styleRoles = styleLibrary.RoleAssignments;
SPRoleAssignment DesignerAssignment = new SPRoleAssignment(designersGroup);
DesignerAssignment.RoleDefinitionBindings.Add(designerRole);
//SPRoleAssignment GuestAssignment = new SPRoleAssignment(guestGroup);
//GuestAssignment.RoleDefinitionBindings.Add(guestRole);
roleAssignments.Add(DesignerAssignment);
//roleAssignments.Add(GuestAssignment);
//catalogRoles.Add(DesignerAssignment);
//catalogRoles.Add(GuestAssignment);
//styleRoles.Add(DesignerAssignment);
//styleRoles.Add(GuestAssignment);
AddRoleAssignment(roleAssignments, approversGroup, approverRole, true);
AddRoleAssignment(roleAssignments, viewersGroup, viewerRole, true);
//AddRoleAssignment(roleAssignments, guestGroup, guestRole, true);
/*
* AddRoleAssignment(catalogRoles, approversGroup, readerRole, true);
* AddRoleAssignment(catalogRoles, viewersGroup, readerRole, true);
* AddRoleAssignment(catalogRoles, authenticatedGroup, readerRole, false);
*
* AddRoleAssignment(catalogRoles, guestGroup, guestRole, false);
*
* AddRoleAssignment(catalogRoles, approversGroup, viewerRole, true);
* AddRoleAssignment(catalogRoles, viewersGroup, viewerRole, true);
* AddRoleAssignment(catalogRoles, authenticatedGroup, viewerRole, true);
*
* AddRoleAssignment(styleRoles, approversGroup, viewerRole, true);
* AddRoleAssignment(styleRoles, viewersGroup, viewerRole, true);
* AddRoleAssignment(styleRoles, authenticatedGroup, viewerRole, true);
*
* AddRoleAssignment(styleRoles, guestGroup, guestRole, true);
*/
}
catch (Exception ex)
{
SPDiagnosticsService.Local.WriteTrace(0, new SPDiagnosticsCategory(ex.Source, TraceSeverity.High, EventSeverity.Error), TraceSeverity.High, ex.Message, ex.Data);
}
}
protected override long SaveDocument(string LocalFilePath, DocumentStorage Storage, DocumentStorageArea StorageArea, Document Document, BindingList <DocumentAttributeValue> attributeValue)
{
SPSite site = null;
SPWeb web = null;
byte[] data = null;
SPFile fileUploaded = null;
string RootLibraryName = String.Empty;
SPDocumentLibrary doclib = null;
//Pick up the file in binary stream
data = Document.Content.Blob;
using (site = new SPSite(Storage.MainPath))
{
using (web = site.OpenWeb())
{
web.AllowUnsafeUpdates = true;
//SPFolder Folder = web.GetFolder(StorageArea.Path);
doclib = web.Lists[Storage.Name] as SPDocumentLibrary;
if (doclib == null)
{
web.Lists.Add(Storage.Name, string.Empty, SPListTemplateType.DocumentLibrary);
}
/// **REMOVE**: 20090818
/// viene impostato l'override, altrimenti il documento resterebbe nel transito
/// TODO : da sistemare con la gestione delle versioni in sharepoint
try
{
SPFolder foolder = null;
if (data != null)
{
if (!string.IsNullOrEmpty(StorageArea.Path))
{
try
{
if (doclib.RootFolder.SubFolders[StorageArea.Path] == null)
{
doclib.RootFolder.SubFolders.Add(StorageArea.Path);
}
}
catch (Exception)
{
doclib.RootFolder.SubFolders.Add(StorageArea.Path);
}
foolder = doclib.RootFolder.SubFolders[StorageArea.Path];
}
else
{
foolder = doclib.RootFolder;
}
string fileName = GetIdDocuemnt(Document) + Path.GetExtension(Document.Name);
try
{
fileUploaded = foolder.Files[fileName];
}
catch { }
if (fileUploaded != null)
{
fileUploaded.CheckOut();
fileUploaded.SaveBinary(data);
fileUploaded.CheckIn("BiblosDS", SPCheckinType.MajorCheckIn);
}
else
{
fileUploaded = foolder.Files.Add(fileName, data, true);
}
//Set the file version
Document.StorageVersion = fileUploaded.MajorVersion;
if (ConfigurationManager.AppSettings["ForceSharePointSecurity"] != null && ConfigurationManager.AppSettings["ForceSharePointSecurity"].ToString().Equals("true", StringComparison.InvariantCultureIgnoreCase))
{
fileUploaded.Item.BreakRoleInheritance(false);
try
{
for (int i = 0; i < fileUploaded.Item.RoleAssignments.Count; i++)
{
try
{
fileUploaded.Item.RoleAssignments.Remove((SPPrincipal)fileUploaded.Item.RoleAssignments[i].Member);
}
catch (Exception)
{
}
//
}
string SiteGroupsName = ConfigurationManager.AppSettings["SiteGroupsName"] == null ? string.Empty : ConfigurationManager.AppSettings["SiteGroupsName"].ToString();
//foreach (var item in Document.Permissions)
//{
SPRoleDefinitionCollection webroledefinition = web.RoleDefinitions;
SPGroup group = null;
try
{
group = web.SiteGroups[SiteGroupsName];
}
catch (Exception)
{
web.SiteGroups.Add(SiteGroupsName, web.AssociatedOwnerGroup, null, "");
group = web.SiteGroups[SiteGroupsName];
}
//Add user to the group of viewer
//try
//{
// group.AddUser()
//}
//catch (Exception)
//{
// throw;
//}
SPRoleAssignment assignment = new SPRoleAssignment(group);
assignment.RoleDefinitionBindings.Add(webroledefinition.GetByType(SPRoleType.Reader));
fileUploaded.Item.RoleAssignments.Add(assignment);
//}
}
catch (Exception)
{
}
finally
{
fileUploaded.Item.BreakRoleInheritance(true);
}
}
//In questo caso forse conviene salvare gli attributi al momento dell'upload del file.
//SPListItem MyListItem = fileUploaded.Item;
foreach (var item in Document.AttributeValues)
{
try
{
fileUploaded.Item[item.Attribute.Name] = item.Value;
}
catch (Exception)
{
doclib.Fields.Add(item.Attribute.Name, ParseSPFieldType(item.Attribute.AttributeType), item.Attribute.IsRequired);
doclib.Update();
}
}
fileUploaded.Item.SystemUpdate();
}
}
catch (Exception ex)
{
//Write the log
Logging.WriteLogEvent(BiblosDS.Library.Common.Enums.LoggingSource.BiblosDS_Sharepoint,
"SaveDocument",
ex.ToString(),
BiblosDS.Library.Common.Enums.LoggingOperationType.BiblosDS_General,
BiblosDS.Library.Common.Enums.LoggingLevel.BiblosDS_Errors);
throw new FileNotUploaded_Exception("File not uploaded" + Environment.NewLine + ex.ToString());
}
web.AllowUnsafeUpdates = false;
}
}
return(data.Length);
}
/// <summary>
/// Ejecuta acciones en caso de marcar la correspondencia como "Privada"
/// </summary>
/// <param name="properties"></param>
private void EventoHacerCorrespondenciaPrivada(SPItemEventProperties properties)
{
SPSite sitioAdm = null;
SPWeb webAdm = null;
try
{
string UrlFPC = ConfigurationManager.AppSettings["UrlFPC"];
SPSecurity.RunWithElevatedPrivileges(delegate()
{//Como usuario administrador
sitioAdm = new SPSite(UrlFPC);
webAdm = sitioAdm.OpenWeb();
});
bool esPrivada = (bool)properties.ListItem["Privada"];
SPList lista = webAdm.Lists[properties.ListId];
SPListItem listItem = lista.GetItemById(properties.ListItemId);
if (!listItem.HasUniqueRoleAssignments)
{
listItem.BreakRoleInheritance(true);
#region Eliminar grupos
if (esPrivada)
{
try
{
if (webAdm.Lists[properties.ListId].Title.Contains(CORREO_EDUCAPRO_SC))
{
listItem.RoleAssignments.RemoveById(webAdm.Groups[GRUPO_COLABORADORES_SC].ID);
listItem.RoleAssignments.RemoveById(webAdm.Groups[GRUPO_INTEGRANTES_EP_SC].ID);
}
else if (webAdm.Lists[properties.ListId].Title.Contains(CORREO_EDUCAPRO_CB))
{
listItem.RoleAssignments.RemoveById(webAdm.Groups[GRUPO_COLABORADORES_CB].ID);
listItem.RoleAssignments.RemoveById(webAdm.Groups[GRUPO_INTEGRANTES_EP_CB].ID);
}
else if (webAdm.Lists[properties.ListId].Title.Contains(CORREO_EDUCAPRO))
{
listItem.RoleAssignments.RemoveById(webAdm.Groups[GRUPO_COLABORADORES].ID);
listItem.RoleAssignments.RemoveById(webAdm.Groups[GRUPO_INTEGRANTES_EP].ID);
}
else if (webAdm.Lists[properties.ListId].Title.Contains(CORREO_FUNDAPRO))
{
listItem.RoleAssignments.RemoveById(webAdm.Groups[GRUPO_COLABORADORES].ID);
listItem.RoleAssignments.RemoveById(webAdm.Groups[GRUPO_INTEGRANTES_FP].ID);
}
//if (string.Equals(webAdm.Lists[properties.ListId].Title.Trim(),
// CORREO_FUNDAPRO, StringComparison.CurrentCultureIgnoreCase))
//{
// listItem.RoleAssignments.RemoveById(webAdm.Groups[GRUPO_COLABORADORES].ID);
// listItem.RoleAssignments.RemoveById(webAdm.Groups[GRUPO_INTEGRANTES_FP].ID);
//}
//else if (string.Equals(webAdm.Lists[properties.ListId].Title.Trim(),
// CORREO_EDUCAPRO, StringComparison.CurrentCultureIgnoreCase))
//{
// listItem.RoleAssignments.RemoveById(webAdm.Groups[GRUPO_COLABORADORES].ID);
// listItem.RoleAssignments.RemoveById(webAdm.Groups[GRUPO_INTEGRANTES_EP].ID);
//}
//else if (string.Equals(webAdm.Lists[properties.ListId].Title.Trim(),
// CORREO_EDUCAPRO_CB, StringComparison.CurrentCultureIgnoreCase))
//{
// listItem.RoleAssignments.RemoveById(webAdm.Groups[GRUPO_COLABORADORES_CB].ID);
// listItem.RoleAssignments.RemoveById(webAdm.Groups[GRUPO_INTEGRANTES_EP_CB].ID);
//}
//else if (string.Equals(webAdm.Lists[properties.ListId].Title.Trim(),
// CORREO_EDUCAPRO_SC, StringComparison.CurrentCultureIgnoreCase))
//{
// listItem.RoleAssignments.RemoveById(webAdm.Groups[GRUPO_COLABORADORES_SC].ID);
// listItem.RoleAssignments.RemoveById(webAdm.Groups[GRUPO_INTEGRANTES_EP_SC].ID);
//}
}
catch { }
}
#endregion
}
string idEditor = listItem["Editor"].ToString().Remove(
listItem["Editor"].ToString().IndexOf(';'));
SPFieldUserValueCollection usuarios =
(SPFieldUserValueCollection)properties.ListItem["Dirigida a"];
if (Convert.ToInt32(idEditor) != usuarios[0].User.ID)
{
#region Agregar usuario emisor
listItem.RoleAssignments.RemoveById(Convert.ToInt32(idEditor));
SPRoleDefinitionCollection roleDefinitionsColab = webAdm.RoleDefinitions;
SPRoleAssignmentCollection roleAssignmentsColab = webAdm.RoleAssignments;
SPRoleAssignment roleAssignmentColab = new SPRoleAssignment(
webAdm.SiteUsers.GetByID(Convert.ToInt32(idEditor)).LoginName, "", "", "");
SPRoleDefinitionBindingCollection roleDefinitionBindingsColab =
roleAssignmentColab.RoleDefinitionBindings;
roleDefinitionBindingsColab.Add(roleDefinitionsColab["Leer"]);
roleAssignmentsColab.Add(roleAssignmentColab);
listItem.RoleAssignments.Add(roleAssignmentColab);
#endregion
#region Agregar usuarios receptores
for (int i = 0; i < usuarios.Count; i++)
{
SPFieldUserValue usuario = usuarios[i];
SPRoleDefinitionCollection roleDefinitionsLect = webAdm.RoleDefinitions;
SPRoleAssignmentCollection roleAssignmentsLect = webAdm.RoleAssignments;
SPRoleAssignment roleAssignmentLect =
new SPRoleAssignment(usuario.User.LoginName, "", "", "");
SPRoleDefinitionBindingCollection roleDefinitionBindingsLect =
roleAssignmentLect.RoleDefinitionBindings;
if (i == 0)
{
roleDefinitionBindingsLect.Add(roleDefinitionsLect["Colaborar Res."]);
}
else
{
roleDefinitionBindingsLect.Add(roleDefinitionsLect["Leer"]);
}
roleAssignmentsLect.Add(roleAssignmentLect);
listItem.RoleAssignments.Add(roleAssignmentLect);
}
#endregion
}
}
finally
{
if (webAdm != null)
{
webAdm.Dispose();
}
if (sitioAdm != null)
{
sitioAdm.Dispose();
}
}
}
/// <summary>
/// 创建子项目按钮事件
/// </summary>
/// <param name="sender">The source of the event.</param>
/// <param name="e">The <see cref="EventArgs"/> instance containing the event data.</param>
protected void btnCreateSite_Click(object sender, EventArgs e)
{
try
{
SPSite site = SPContext.Current.Web.Site;
//string spwt = SPWebTemplate.WebTemplateSTS;//默认选择工作组网站模板
SPWeb web = site.OpenWeb("/");
web.AllowUnsafeUpdates = true;
SPMember memUser = web.Users[0];
SPUser suser = web.Users[0];
//新建组
//web.SiteGroups.Add("skyteam3", memUser, suser, "new skyteam");
//web.SiteGroups["skyteam3"].AddUser("adr\\administrator", "[email protected]", "蔡", "系统维修人员");
//web.Groups["skyteam2"].AddUser("adr\\pccai", "[email protected]", "蔡", "系统维修人员");
//新建子站点
string currentTemplate = web.WebTemplate;
//web.Webs.Add("Test2", "站点名称2", "站点描述2", 2052, "_GLOBAL_#0", true, false);
//打开子站点
SPWeb web2 = site.OpenWeb("Projects/Test2");
web2.AllowUnsafeUpdates = true;
// web2.SiteGroups.Add("skyteam6", memUser, suser, "new skyteam");//新建组
// web2.SiteGroups["skyteam6"].AddUser("adr\\administrator", "[email protected]", "边", "系统维修人员");
//改变站点继承权
if (!web2.HasUniqueRoleDefinitions)
{
web2.RoleDefinitions.BreakInheritance(true, true);
}
//站点继承权改变后重新设置状态
web2.AllowUnsafeUpdates = true;
//添加权限级别 (Role)
//SPRoleDefinition roleDefinition = new SPRoleDefinition();
//roleDefinition.Name = "项目角色";
//roleDefinition.Description = "项目角色可以批准所有项目情况.";
//roleDefinition.BasePermissions = SPBasePermissions.FullMask ^ SPBasePermissions.ManagePermissions;
//web2.RoleDefinitions.Add(roleDefinition);
//更改权限级别 (Permissions)
SPRoleDefinitionCollection roles = web2.RoleDefinitions;
SPRoleDefinition roleDefinition1 = roles["读取"];
roleDefinition1.BasePermissions = SPBasePermissions.AddListItems |
SPBasePermissions.BrowseDirectories |
SPBasePermissions.EditListItems |
SPBasePermissions.DeleteListItems |
SPBasePermissions.AddDelPrivateWebParts;
roleDefinition1.Update();
//用户权限分配与定义(New)
SPRoleDefinitionCollection roleDefinitions = web2.RoleDefinitions;
SPRoleAssignmentCollection roleAssignments = web2.RoleAssignments;
SPRoleAssignment roleAssignment = new SPRoleAssignment("adr\\administrator", "*****@*****.**", "Display_Name", "Notes");
SPRoleDefinitionBindingCollection roleDefBindings = roleAssignment.RoleDefinitionBindings;
roleDefBindings.Add(roleDefinitions["项目角色"]);
roleAssignments.Add(roleAssignment);
//权限定义(Old)
//SPRoleCollection siteGroups = web2.Roles;
//siteGroups.Add("skyteam6", "Description", SPRights.ManageWeb | SPRights.ManageSubwebs);
//获得权限定义
SPRoleDefinition sprole = roleDefinitions.GetByType(SPRoleType.Reader);
string spname = sprole.Name;
//组权限分配与定义(New)
SPRoleDefinitionCollection roleDefinitions1 = web2.RoleDefinitions;
SPRoleAssignmentCollection roleAssignments1 = web2.RoleAssignments;
SPMember memCrossSiteGroup = web2.SiteGroups["skyteam6"];
SPPrincipal myssp = (SPPrincipal)memCrossSiteGroup;
SPRoleAssignment myroles = new SPRoleAssignment(myssp);
SPRoleDefinitionBindingCollection roleDefBindings1 = myroles.RoleDefinitionBindings;
roleDefBindings1.Add(roleDefinitions1["设计"]);
roleDefBindings1.Add(roleDefinitions1["读取"]);
roleAssignments1.Add(myroles);
//组权限分配与定义(Old)
//SPMember member = web2.Roles["skyteam"];
//web2.Permissions[member].PermissionMask =
// SPRights.ManageLists | SPRights.ManageListPermissions;
//更改列表权限(Old)
//SPList list = site.Lists["通知"];
//SPPermissionCollection perms = list.Permissions;
//SPUserCollection users = site.Users;
//SPMember member = users["ADR\\pccai"];
//list.Permissions[member].PermissionMask = SPRights.AddListItems | SPRights.EditListItems;
// PermissionCollection perc = web.Permissions;
//perc.AddUser("adr\\administrator", "[email protected]", "title", "Notes", PortalRight.AllSiteRights);
// SecurityManager.AddRole(context, "title", "descriptions", PortalRight.ManageSite);
}
catch (Exception)
{
throw;
}
}
private bool isCurrentUserRolesGreaterOrEqualThan(string role)
{
//User's permission level
bool limitedAccess = false;
bool read = false;
bool contribute = false;
bool design = false;
bool fullControl = false;
//Current web
SPWeb web = SPContext.Current.Web;
//Gets all user's roles
SPRoleDefinitionBindingCollection usersRoles = web.AllRolesForCurrentUser;
//Role definitions to compare with user's roles
SPRoleDefinitionCollection roleDefinitions = web.RoleDefinitions;
//Checks user's permission level-Read, Contribute, Design, Full Control, and Limited Access
if (usersRoles.Contains(roleDefinitions["Read"]))
{
read = true;
}
if (usersRoles.Contains(roleDefinitions["Contribute"]))
{
contribute = true;
}
if (usersRoles.Contains(roleDefinitions["Design"]))
{
design = true;
}
if (usersRoles.Contains(roleDefinitions["Full Control"]))
{
fullControl = true;
}
if (usersRoles.Contains(roleDefinitions["Limited Access"]))
{
limitedAccess = true;
}
//Compares given role with user's permission level
if (role == "Limited Access")
{
if (limitedAccess || read || contribute || design || fullControl)
{
return(true);
}
}
if (role == "Read")
{
if (read || contribute || design || fullControl)
{
return(true);
}
}
if (role == "Contribute")
{
if (contribute || design || fullControl)
{
return(true);
}
}
if (role == "Design")
{
if (design || fullControl)
{
return(true);
}
}
if (role == "Full Control")
{
if (fullControl)
{
return(true);
}
}
SPUser currentUser = web.CurrentUser;
if (currentUser.IsSiteAdmin || web.UserIsWebAdmin)
{
return(true);
}
return(false);
}
