public static bool IsGroupInItemRole(this SPListItem item, SPPrincipal group, int roleId) { SPRoleAssignment AssignmentsOfGroup; SPRoleDefinition roleDefinition = item.Web.RoleDefinitions.GetById(roleId); try { AssignmentsOfGroup = item.RoleAssignments.GetAssignmentByPrincipal(group); } catch { return(false); } SPRoleDefinitionBindingCollection RoleBindingsOfGroup = AssignmentsOfGroup.RoleDefinitionBindings; if (RoleBindingsOfGroup.Contains(roleDefinition)) { return(true); } else { return(false); } }
public static void AssignPermissions(this SPSecurableObject securableObject, SPPrincipal principal, string roleDefinitionName, bool replaceAllDefinitions = false, bool copyRoleAssignments = false, bool clearSubscopes = true) { SPWeb web = principal.ParentWeb; SPRoleDefinition roleDefinition = web.RoleDefinitions[roleDefinitionName]; AssignPermissions(securableObject, principal, roleDefinition, replaceAllDefinitions, copyRoleAssignments, clearSubscopes); }
private string GetRoleType(SPPrincipal principal) { if (principal is SPGroup) { return("SharePoint Group"); } else if (principal is SPUser) { string loginName = (principal as SPUser).LoginName; if (_adHelper.IsWindowsUser(loginName)) { return("User"); } if (_adHelper.IsUser(SquadronContext.DomainName, loginName)) { return("User"); } else if (_adHelper.IsGroup(SquadronContext.DomainName, loginName)) { return("Domain Group"); } } return("System Account"); }
/// <summary> /// 给Item授权 /// </summary> /// <param name="principal"></param> /// <param name="web"></param> /// <param name="ListItem"></param> /// <param name="DelegateName"></param> public static void DelegateForListItem(SPPrincipal principal, SPWeb web, SPListItem ListItem, string DelegateName) { SPSecurity.RunWithElevatedPrivileges(delegate() { try { using (SPSite site = new SPSite(web.Site.ID)) { using (SPWeb _web = site.OpenWeb(web.ServerRelativeUrl)) { SPListItem _listitem = _web.Lists[ListItem.ParentList.ID].GetItemById(ListItem.ID); _web.AllowUnsafeUpdates = true; SPRoleAssignment sra = new SPRoleAssignment(principal); SPRoleDefinition srd = _web.RoleDefinitions[DelegateName]; sra.RoleDefinitionBindings.Add(srd); _listitem.BreakRoleInheritance(true, false); _listitem.RoleAssignments.Add(sra); _listitem.Update(); } } } catch (Exception ex) { } }); }
protected override void OnPreRender(EventArgs e) { try { if (allViews != null) { CurrentViewName = SPContext.Current.ViewContext.View.ToString(); SPPrincipal ObjCurrentUserPrincipal = SPContext.Current.Web.CurrentUser; foreach (ViewSetting objView in allViews) { if (objView.SPVName == CurrentViewName) { if (objView.Permission == "hide" && DoesUserExist(objView.UserGroup, ObjCurrentUserPrincipal)) { SPUtility.Redirect( Constants.Resource.ViewAccessDeniedPage, SPRedirectFlags.RelativeToLayoutsPage, HttpContext.Current); } } } } } catch (Exception exp) { base.OnPreRender(e); Logging.Log(exp); } base.OnPreRender(e); }
public static int GetDelegateCount(SPPrincipal principal, SPWeb web, SPListItem ListItem) { int permissionCount = 0; SPSecurity.RunWithElevatedPrivileges(delegate() { try { if (principal != null) { using (SPSite site = new SPSite(web.Site.ID)) { using (SPWeb _web = site.OpenWeb(web.ServerRelativeUrl)) { SPListItem _listitem = _web.Lists[ListItem.ParentList.ID].GetItemById(ListItem.ID); _web.AllowUnsafeUpdates = true; SPRoleAssignment role = _listitem.RoleAssignments.GetAssignmentByPrincipal(principal); permissionCount = role.RoleDefinitionBindings.Count; } } } else { } } catch (Exception ex) { } }); return(permissionCount); }
private void AddPermissions(SPListItem item, SPPrincipal principal, SPRoleDefinition roleDefinition) { SPRoleAssignment ra = new SPRoleAssignment(principal); ra.RoleDefinitionBindings.Add(roleDefinition); item.RoleAssignments.Add(ra); }
private bool DoesUserExist(string Username, SPPrincipal objPrincipal) { if (!String.IsNullOrEmpty(Username)) { if (Username == "ALL") { return(true); } string[] objsplitUsers = Username.Split(','); foreach (string user in objsplitUsers) { if (!String.IsNullOrEmpty(user) && !user.Equals("")) { if (user.Contains("\\")) { return(user.ToLower() == objPrincipal.LoginName.ToLower()); } else { SPGroup grp = SPContext.Current.Web.Groups[user]; return(grp.ContainsCurrentUser); } } } } return(false); }
private bool DoesUserExist(string Username, SPPrincipal objPrincipal) { if (!String.IsNullOrEmpty(Username)) { if (Username == "ALL") { return true; } string[] objsplitUsers = Username.Split(','); foreach (string user in objsplitUsers) { if (!String.IsNullOrEmpty(user) && !user.Equals("")) { if (user.Contains("\\")) { return user.ToLower() == objPrincipal.LoginName.ToLower(); } else { SPGroup grp = SPContext.Current.Web.Groups[user]; return grp.ContainsCurrentUser; } } } } return false; }
private void CreateConfigurationList(SPWeb web) { SPList configurationList = web.Lists.TryGetList(Resource.ConfigurationList); if (configurationList == null) { Guid configurationListGuid = web.Lists.Add(Resource.ConfigurationList, Resource.ConfigurationListDesc, SPListTemplateType.GenericList); configurationList = web.Lists[configurationListGuid]; configurationList.Fields.Add("Property", SPFieldType.Text, true); configurationList.Fields.Add("Setting", SPFieldType.Text, true); configurationList.EnableVersioning = true; // Only system admins should be able to edit this, but everybody needs to view it configurationList.BreakRoleInheritance(false); SPPrincipal group = web.SiteGroups["Guidewire Owners"]; if (group != null) { SPRoleAssignment roleAssignment = new SPRoleAssignment(group); SPRoleDefinition roleDefinition = web.RoleDefinitions.GetByType(SPRoleType.Administrator); roleAssignment.RoleDefinitionBindings.Add(roleDefinition); configurationList.RoleAssignments.Add(roleAssignment); } configurationList.Update(); Configuration.AddDefaultConfigurationValue(web, Resource.ConfigGWWsUserName, "GWSharePointIntegration"); Configuration.AddDefaultConfigurationValue(web, Resource.ConfigGWWsPassword, "gw"); Configuration.AddDefaultConfigurationValue(web, Resource.ConfigGWWsEndpoint, "http://manclredev02:8080/cc/ws/riverstone/webservice/document/trg_UpdateMetadataAPI"); } }
public SPGroup CreateAndReturn() { var existing = web.SiteGroups.Cast <SPGroup>().SingleOrDefault(g => g.Name.Equals(name)); if (existing != null) { return(existing); } SPPrincipal author = null; if (!string.IsNullOrEmpty(ownerPrincipalName)) { author = web.SiteGroups.Cast <SPGroup>().SingleOrDefault(g => g.Name.Equals(ownerPrincipalName)); } if (author == null) { author = web.Users.Cast <SPUser>().SingleOrDefault(u => u.LoginName.Equals(ownerPrincipalName)); } web.SiteGroups.Add(name, author ?? web.Author, null, description); var newGroup = web.SiteGroups.Cast <SPGroup>().Single(u => u.Name.Equals(name)); if (allowUsersEditMembership) { newGroup.AllowMembersEditMembership = true; newGroup.Update(); } return(newGroup); }
private bool UpdateUserPermissions(SPWeb web, SPRoleAssignmentCollection roleAssignments, XmlNodeList principalUserNodes) { bool dirty = false; foreach (XmlNode principalUserNode in principalUserNodes) { string loginName = principalUserNode.Attributes["login"].Value; string userName = principalUserNode.Attributes["name"].Value; try { SPClaimProviderManager cpm = SPClaimProviderManager.Local; SPClaim userClaim = cpm.ConvertIdentifierToClaim(loginName, SPIdentifierTypes.WindowsSamAccountName); SPUser user = web.EnsureUser(userClaim.ToEncodedString()); if (user == null) { throw new Exception(); } SPPrincipal userPrincipal = (SPPrincipal)user; try { SPRoleAssignment roleAssignment = roleAssignments.GetAssignmentByPrincipal(userPrincipal); if (roleAssignment == null) { throw new Exception(); } UpdatePrincipal(web, principalUserNode, string.Format("{0,20}, '{1,15}'", userName, loginName), roleAssignment); } catch { output.Append(string.Format("permissins missing for user: {0,20} with login: {1,15}, adding new..." + Environment.NewLine, userName, loginName)); SPRoleAssignment roleAssignmentNew = new SPRoleAssignment(userPrincipal); XmlNodeList roleNodes = principalUserNode.SelectNodes("role"); foreach (XmlNode roleNode in roleNodes) { string roleName = roleNode.Attributes["name"].Value; if (roleName.ToLower().Equals("limited access")) { roleName = "Limited User"; } SPRoleDefinition role = web.RoleDefinitions[roleName]; roleAssignmentNew.RoleDefinitionBindings.Add(role); } roleAssignments.Add(roleAssignmentNew); output.Append("completed" + Environment.NewLine); dirty = true; } } catch { output.Append(string.Format("user not found: {0,20} with login: {1,15}" + Environment.NewLine, userName, loginName)); } } return(dirty); }
public IEnumerable <PrincipalInfo> Resolve(SPUser user, IDisposable implicitContext) { try { CommonHelper.ConfirmNotNull(user, "user"); if (!resolvedIdentities.Contains(user.ID)) { resolvedIdentities.Add(user.ID); parentPrincipal = user; if (SPClaimProviderManager.IsEncodedClaim(user.LoginName)) { SPClaim claim = SPClaimProviderManager.Local.DecodeClaim(user.LoginName); if (claim.OriginalIssuer == "Windows") { if (claim.ClaimType == SPClaimTypes.UserLogonName) { PrincipalInfo userInfo = ResolveActiveDirectoryUser(IdentityType.SamAccountName, claim.Value); if (userInfo != null) { return(new[] { userInfo }); } return(new PrincipalInfo[0]); } if (claim.ClaimType == ClaimTypes_GroupSid) { return(EnumerateActiveDirectoryGroup(IdentityType.SamAccountName, user.Name)); } } if (claim.OriginalIssuer.StartsWith("Forms:")) { string providerName = claim.OriginalIssuer.Substring(6); if (claim.ClaimType == SPClaimTypes.UserLogonName) { PrincipalInfo userInfo = ResolveMembershipUser(providerName, claim.Value); if (userInfo != null) { return(new[] { userInfo }); } return(new PrincipalInfo[0]); } if (claim.ClaimType == ClaimTypes_Role) { return(EnumerateMembershipUsersInRole(providerName, claim.Value)); } } } if (user.IsDomainGroup) { return(EnumerateActiveDirectoryGroup(IdentityType.SamAccountName, user.LoginName)); } return(EnumerateBySamAccountName(user.LoginName)); } return(new PrincipalInfo[0]); } finally { if (implicitContext != null) { implicitContext.Dispose(); } } }
/// <summary> /// Sets the value of a User-Field to an SPPrincipal /// (SPGroup or SPUser). /// </summary> public static void SetFieldValueUser(this SPListItem item, string fieldName, SPPrincipal principal) { if (item != null) { item[fieldName] = principal; } }
public static void ChangePermissions(this SPListItem item, SPPrincipal principal, SPRoleType roleType) { if (item != null) { SPRoleDefinition roleDefinition = item.Web.RoleDefinitions.GetByType(roleType); ChangePermissions(item, principal, roleDefinition); } }
public IEnumerable <PrincipalInfo> Resolve(SPPrincipal member, IDisposable implicitContext) { if (member is SPGroup) { return(Resolve((SPGroup)member, implicitContext)); } return(Resolve((SPUser)member, implicitContext)); }
public void For(SPPrincipal principal) { var assignment = new SPRoleAssignment(principal); assignment.RoleDefinitionBindings.Add(web.RoleDefinitions[roleDefinitionName]); roleAssignments.Add(assignment); }
public void RemoveAllRoles(SPSecurableObject target, SPPrincipal principal) { // Break the Role Inheritance if it's necessary EnsureBrokenRoleInheritance(target); // remove the roleAssignment from the item target.RoleAssignments.Remove(principal); }
public static void ChangePermissions(this SPList list, SPPrincipal principal, SPRoleType roleType) { if (list != null) { SPRoleDefinition roleDefinition = list.ParentWeb.RoleDefinitions.GetByType(roleType); ChangePermissions(list, principal, roleDefinition); } }
public static SPRoleAssignment GetRoleAssignment(SPWeb web, SPPrincipal principal, SPRoleType roleType) { SPRoleAssignment roleAssign = new SPRoleAssignment(principal); SPRoleDefinition roleDef = web.RoleDefinitions.GetByType(roleType); roleAssign.RoleDefinitionBindings.Add(roleDef); return roleAssign; }
internal PrincipalInfo(MembershipUser principal, SPPrincipal parentPrincipal) : this(principal, CommonHelper.ConfirmNotNull(principal, "principal").ProviderUserKey, parentPrincipal) { this.DisplayName = principal.UserName; this.EmailAddress = principal.Email; this.ProviderType = SPIdentityProviderTypes.Forms; this.EncodedClaim = SPClaimProviderManager.Local.ConvertIdentifierToClaim(principal.UserName, SPIdentifierTypes.FormsUser).ToEncodedString(); }
private void UpdateItemPermissions(SPWeb web, SPListItem item, SPPrincipal spPrincipal) { if (!isUserAdded) { result += "AddPermissions" + spPrincipal.LoginName; AddPermissions(item, spPrincipal, web.RoleDefinitions.GetByType(SPRoleType.Contributor)); } }
public static string grantPermit(string siteUrl, string folderUrl, string userEmail) { try { //SPSite s = new SPSite(siteUrl); //SPWeb w = s.OpenWeb(); int fileCount = 0; SPSecurity.RunWithElevatedPrivileges(delegate() { using (SPSite site = new SPSite(siteUrl)) { using (SPWeb web = site.OpenWeb()) { //get folder SPFolder folder = web.GetFolder(@"RSAs Library/" + folderUrl); //get list of items in folder to grant permission to SPFileCollection folderFiles = folder.Files; //SPFolderCollection subFolders = folder.SubFolders; //select User SPPrincipal user = web.SiteUsers.GetByEmail(userEmail); //define read role SPRoleDefinition readRole = web.RoleDefinitions.GetById(1073741826); web.AllowUnsafeUpdates = true; //remove permissions on files folder.Item.BreakRoleInheritance(true); //create Role Assignment Ref SPRoleAssignment roleAssignment = new SPRoleAssignment((SPPrincipal)user); //grant user permission to the folder roleAssignment.RoleDefinitionBindings.Add(readRole); folder.Item.RoleAssignments.Add(roleAssignment); //grant user permission to all files in folder foreach (SPFile file in folderFiles) { file.Item.BreakRoleInheritance(true); file.Item.RoleAssignments.Add(roleAssignment); fileCount++; } web.AllowUnsafeUpdates = false; } } }); return(String.Format("User {1} has been granted access to View {2} files in {0} Folder", fileCount, userEmail, folderUrl)); } catch (Exception ex) { return(ex.Message); } }
private void UpdateItemPermissions(SPWeb web, SPListItem item, SPPrincipal spPrincipal) { if (!isUserAdded) { //res += "AddPermissions"; //debug += "AddPermissions"; AddPermissions(item, spPrincipal, web.RoleDefinitions.GetByType(SPRoleType.Contributor)); } }
/// <summary>Fixes the SP field type user.</summary> /// <param name="contextSPWeb">The context sp web.</param> /// <param name="fileSPListItem">The file sp list item.</param> /// <param name="sourceValue">The source value.</param> /// <returns>The fix sp field type user.</returns> private string FixSPFieldTypeUser(SPWeb contextSPWeb, SPListItem fileSPListItem, string sourceValue) { string s = "\t\tUser(" + contextSPWeb.Url + "," + sourceValue + "\n"; s += "\t\twas:" + fileSPListItem[this.FileSPField.Id] + "\n"; // transform non-user values into user type string[] userNames = sourceValue.Split(";".ToCharArray(), StringSplitOptions.RemoveEmptyEntries); s += "\t\tuserNamescount:\t" + userNames.Length + "\n"; // create list of user names parsing array of names SPFieldUserValueCollection spFieldUserValues = new SPFieldUserValueCollection(); // update SPPrincipal using user info foreach (string userName in userNames) { string user = userName.Trim(); s += "\t\tuser:\t" + user + "\n"; SPPrincipal spPrincipal = null; // checking if this string is the name of a SharePoint group, add to user collection if (spPrincipal != null) if (this.IsUserSPGroupName(contextSPWeb, user)) { spPrincipal = this.GetUserSPPrincipal(contextSPWeb, user); spFieldUserValues.Add(new SPFieldUserValue(contextSPWeb, spPrincipal.ID, spPrincipal.Name)); } // the value is not a group; try to set it as a user then. // if (spPrincipal == null) else { try { spPrincipal = contextSPWeb.EnsureUser(user); } catch { } } s += "\t\tspPrncipal:\t" + spPrincipal.Name + "\n"; } // set multi-user fields to new user collection if (this.SPFieldUserIsMultiValue) { fileSPListItem[this.FileSPField.Id] = spFieldUserValues; } // set single-user fields to just one user value else { fileSPListItem[this.FileSPField.Id] = spFieldUserValues[0]; } s += "\t\tis_:" + fileSPListItem[this.FileSPField.Id] + "\n"; return(s); }
/// <summary> /// 删除指定角色的权限 /// </summary> /// <param name="principal">角色</param> /// <param name="web"></param> /// <param name="ListItem">item对象</param> /// <param name="DelegateName">权限名称</param> public static void DeleteDelegateFromListItem(SPPrincipal principal, SPWeb web, SPListItem ListItem, string DelegateName) { SPSecurity.RunWithElevatedPrivileges(delegate() { try { if (principal != null) { using (SPSite site = new SPSite(web.Site.ID)) { using (SPWeb _web = site.OpenWeb(web.ServerRelativeUrl)) { SPListItem _listitem = _web.Lists[ListItem.ParentList.ID].GetItemById(ListItem.ID); _web.AllowUnsafeUpdates = true; //断开原来列表项所继承的权限,使其可以设置独立权限 if (!_listitem.HasUniqueRoleAssignments) { _listitem.BreakRoleInheritance(true); } SPRoleAssignment role = _listitem.RoleAssignments.GetAssignmentByPrincipal(principal); if (!string.IsNullOrWhiteSpace(DelegateName)) { SPRoleDefinition def = _web.RoleDefinitions[DelegateName]; if (role != null) { if (role.RoleDefinitionBindings.Contains(def)) { role.RoleDefinitionBindings.Remove(def); role.Update(); _listitem.SystemUpdate(false); } } } else { if (role != null) { role.RoleDefinitionBindings.RemoveAll(); role.Update(); _listitem.SystemUpdate(false); } } } } } else { //throw new Exception("没有可以删除权限的员工或组织!"); } } catch (Exception ex) { } }); }
private string GetOwner(SPPrincipal p) { if (p is SPGroup) { return((p as SPGroup).Owner.ToString()); } return(string.Empty); }
void IterateWebRoles(SPWeb web, SPRoleDefinition instructorRole, SPRoleDefinition learnerRole, bool instructorsOnly, bool hideDisabledUsers) { web.AllowUnsafeUpdates = true; // enable web.AllUsers.AddCollection() foreach (SPRoleAssignment roleAssignment in web.RoleAssignments) { // determine if this role assignment refers to an instructor or a learner; skip it if it's neither bool isInstructor = false; if (instructorRole != null) { isInstructor = roleAssignment.RoleDefinitionBindings.Contains(instructorRole); } bool isLearner = false; if (instructorsOnly == false && learnerRole != null) { isLearner = roleAssignment.RoleDefinitionBindings.Contains(learnerRole); } if (isInstructor == false && isLearner == false) { continue; } // process the role assignment SPPrincipal member = roleAssignment.Member; SPUser spUser = member as SPUser; SPGroup spGroup = member as SPGroup; if (spUser != null) { AddSPUserAsMember(web, spUser, isInstructor, isLearner, startTime, null, hideDisabledUsers); } else if (spGroup != null) { // role assignment member is a SharePoint group... SlkGroup learnerGroup = null; if (isLearner) { learnerGroup = new SlkGroup(spGroup, null); learnerGroup.UserKeys = new List <string>(); } // add users from the domain group to the collections of instructors, learners, and/or this learner group, as appropriate foreach (SPUser spUserInGroup in spGroup.Users) { AddSPUserAsMember(web, spUserInGroup, isInstructor, isLearner, startTime, learnerGroup, hideDisabledUsers); } if (isLearner) { if (learnerGroup.UserKeys.Count > 0) { learnerGroups.Add(learnerGroup); } } } } }
internal PrincipalInfo(object userObject, object providerUserId, SPPrincipal parentPrincipal) { CommonHelper.ConfirmNotNull(userObject, "userObject"); CommonHelper.ConfirmNotNull(providerUserId, "providerUserId"); CommonHelper.ConfirmNotNull(parentPrincipal, "parentPrincipal"); this.ObjectType = userObject.GetType(); this.ProviderUserId = providerUserId; this.IsResolved = true; this.ParentPrincipal = parentPrincipal; }
public static void SetPermissions(this SPList list, SPPrincipal principal, SPRoleDefinition roleDefinition) { if (list != null) { SPRoleAssignment roleAssignment = new SPRoleAssignment(principal); roleAssignment.RoleDefinitionBindings.Add(roleDefinition); list.RoleAssignments.Add(roleAssignment); } }
private void MatchSPFieldTypeUser(SPWeb contextSPWeb, SPListItem targetSPListItem, SPField targetSPField, string sourceValue) { // transform non-user values into user type string[] nameArr = sourceValue.Split(new[] { ';' }, StringSplitOptions.RemoveEmptyEntries); // create list of user names SPFieldUserValueCollection spFieldUserValueCollection = new SPFieldUserValueCollection(); foreach (string name in nameArr) { SPPrincipal spPrincipal = null; // checking if this string is the name of a SharePoint group foreach (SPGroup spGroup in contextSPWeb.SiteGroups) { if (spGroup.Name == name.Trim()) { spPrincipal = spGroup; break; } } // the value is not a group; try to set it as a user then. if (spPrincipal == null) { try { spPrincipal = contextSPWeb.EnsureUser(name.Trim()); } catch { } } // add to user collection if (spPrincipal != null) { spFieldUserValueCollection.Add( new SPFieldUserValue(contextSPWeb, spPrincipal.ID, spPrincipal.Name)); } } // set multi-user fields to new user collection if ((targetSPField as SPFieldUser).AllowMultipleValues) { targetSPListItem[targetSPField.Id] = spFieldUserValueCollection; } // set single-user fields to just one user value else { targetSPListItem[targetSPField.Id] = spFieldUserValueCollection[0]; } }
public static void AssignPermissions(this SPSecurableObject securableObject, SPPrincipal principal, SPRoleDefinition roleDefinition, bool replaceAllDefinitions = false, bool copyRoleAssignments = false, bool clearSubscopes = true) { if (securableObject is SPWeb) { if (!securableObject.HasUniqueRoleAssignments) { securableObject.BreakRoleInheritance(copyRoleAssignments, clearSubscopes); } } else { securableObject.BreakRoleInheritance(copyRoleAssignments, clearSubscopes); } SPRoleAssignment roleAssignment = GetAssignment(securableObject, principal); if (roleAssignment != null) { if (replaceAllDefinitions) { roleAssignment.RoleDefinitionBindings.RemoveAll(); roleAssignment.RoleDefinitionBindings.Add(roleDefinition); } else { if (!roleAssignment.RoleDefinitionBindings.Contains(roleDefinition)) { roleAssignment.RoleDefinitionBindings.Add(roleDefinition); } } try { roleAssignment.Update(); } catch (ArgumentException) { //Note: fix for 'Cannot update a permission level assignment that is not part of a permission level assignment collection.' securableObject.RoleAssignments.Add(roleAssignment); } } else { roleAssignment = new SPRoleAssignment(principal); if (!roleAssignment.RoleDefinitionBindings.Contains(roleDefinition)) { roleAssignment.RoleDefinitionBindings.Add(roleDefinition); } securableObject.RoleAssignments.Add(roleAssignment); } }
/// <summary> /// Initializes a new instance of the <see cref="PrincipalValue"/> class. /// </summary> /// <param name="principal">The principal.</param> internal PrincipalValue(SPPrincipal principal) { if (principal == null) { throw new ArgumentNullException("principal"); } this.Id = principal.ID; this.DisplayName = principal.Name; this.LoginName = principal.LoginName; }
/// <summary> /// Initializes a new instance of the <see cref="PrincipalValue"/> class. /// </summary> /// <param name="principal">The principal.</param> internal PrincipalValue(SPPrincipal principal) { if (principal == null) { throw new ArgumentNullException("principal"); } this.Id = principal.ID; this.DisplayName = principal.Name; this.LoginName = principal.LoginName; }
/// <summary> /// Add role assignment for the principal into web /// </summary> /// <param name="web"></param> /// <param name="principal"></param> /// <param name="permissionLevel"></param> public static void AddRoleAssignment(SPWeb web, SPPrincipal principal, string permissionLevel) { var roleDefinition = GetRoleDefinition(web, permissionLevel); if (roleDefinition == null) { throw new ArgumentNullException(permissionLevel); } var roleAssignment = new SPRoleAssignment(principal); roleAssignment.RoleDefinitionBindings.Add(roleDefinition); web.RoleAssignments.Add(roleAssignment); }
protected void bind_role(SPListItem item, SPPrincipal principal, SPRoleDefinition definition) { try { SPRoleAssignment assignment = new SPRoleAssignment(principal); assignment.RoleDefinitionBindings.Add(definition); item.RoleAssignments.Add(assignment); } catch (Exception ex) { throw ex; } }
public void RemoveRole(SPSecurableObject target, SPPrincipal principal, SPRoleType roleType) { if (roleType == SPRoleType.None) { throw new ArgumentException("Removing custom RoleDefinitions is not supported."); } var assignment = target.RoleAssignments.Cast<SPRoleAssignment>().FirstOrDefault(x => x.Member.ID == principal.ID && x.RoleDefinitionBindings.Cast<SPRoleDefinition>().Any(r => r.Type == roleType)); if (assignment != null) { EnsureBrokenRoleInheritance(target); assignment = target.RoleAssignments.Cast<SPRoleAssignment>().FirstOrDefault(x => x.Member.ID == principal.ID); foreach (var role in assignment.RoleDefinitionBindings.Cast<SPRoleDefinition>().Where(x => x.Type == roleType).ToArray()) { assignment.RoleDefinitionBindings.Remove(role); } assignment.Update(); } }
public void RemoveAllRoles(SPSecurableObject target, SPPrincipal principal) { // Break the Role Inheritance if it's necessary EnsureBrokenRoleInheritance(target); // remove the roleAssignment from the item target.RoleAssignments.Remove(principal); }
public void AddRole(SPListItem listItem, SPPrincipal principal, SPRoleType roleType) { AddRole(listItem.Web, listItem, principal, roleType); }
/// <summary> /// Clear role assignment of principal from web /// </summary> /// <param name="web"></param> /// <param name="principal"></param> public static void ClearRoleAssignment(SPWeb web, SPPrincipal principal) { var roleAssignment = web.RoleAssignments.GetAssignmentByPrincipal(principal); roleAssignment.RoleDefinitionBindings.RemoveAll(); }
public void AddRole(SPList list, SPPrincipal principal, string roleDefinitionName) { AddRole(list.ParentWeb, list, principal, roleDefinitionName); }
public void AddRole(SPWeb web, SPPrincipal principal, SPRoleType roleType) { AddRole(web, web, principal, roleType); }
public static void AssignPermissions(this SPSecurableObject securableObject, SPPrincipal principal, string roleDefinitionName, bool replaceAllDefinitions = false, bool copyRoleAssignments = false, bool clearSubscopes = true) { SPWeb web = principal.ParentWeb; SPRoleDefinition roleDefinition = web.RoleDefinitions[roleDefinitionName]; AssignPermissions(securableObject, principal, roleDefinition, replaceAllDefinitions, copyRoleAssignments, clearSubscopes); }
public static SPRoleAssignment GetAssignment(this SPSecurableObject securableObject, SPPrincipal principal) { var roleAssignments = securableObject.RoleAssignments; if (securableObject.RoleAssignments == null) return null; try { return roleAssignments.GetAssignmentByPrincipal(principal); } catch (ArgumentException) { return null; } }
internal static void AddRole(SPWeb web, SPSecurableObject target, SPPrincipal principal, string roleDefinitionName) { var roleToAdd = web.RoleDefinitions.Cast<SPRoleDefinition>().FirstOrDefault(x => x.Name == roleDefinitionName); if (roleToAdd != null) { EnsureBrokenRoleInheritance(target); var assignments = target.RoleAssignments.Cast<SPRoleAssignment>().FirstOrDefault(x => x.Member.ID == principal.ID); if (assignments == null) { assignments = new SPRoleAssignment(principal); assignments.RoleDefinitionBindings.Add(roleToAdd); target.RoleAssignments.Add(assignments); } else { assignments.RoleDefinitionBindings.Add(roleToAdd); assignments.Update(); } } else { throw new ArgumentException("No RoleDefinition found for the name " + roleDefinitionName); } }
public static SPControlMode Handle(string spInternalName, SPControlMode formMode, Tabs tabs, FieldPermissions fPerms, SPPrincipal princ, out bool isHidden) { SPControlMode result = SPControlMode.Invalid; isHidden = false; if (tabs != null) { foreach (Tab tab in tabs) { foreach (TabPermission tp in tab.Permissions) { if (ConditionEvaluator.EvaluateFromListItem(tp.Conditions) && PrincipalEvaluator.Check(tp.ForSPPrinciples, tp.BySPPrinciplesOperator)) { if (tab.Fields.Any<Field> (f => f.SPName.Equals(spInternalName, StringComparison.InvariantCultureIgnoreCase))) { if (tp.OnForms.Contains(Enums.SPForms.New) && formMode == SPControlMode.New || tp.OnForms.Contains(Enums.SPForms.View) && formMode == SPControlMode.Display || tp.OnForms.Contains(Enums.SPForms.Edit) && formMode == SPControlMode.Edit) { switch (tp.Level) { case Enums.PermissionLevel.Read: result = SPControlMode.Display; isHidden = false; break; case Enums.PermissionLevel.Write: if (formMode == SPControlMode.Edit) result = SPControlMode.Edit; else result = SPControlMode.New; isHidden = false; break; case Enums.PermissionLevel.Deny: isHidden = true; result = SPControlMode.Invalid; break; } } } } } } } //FieldPermissionCheck: if (fPerms != null) { foreach (FieldPermission fp in fPerms) { if (ConditionEvaluator.EvaluateFromListItem(fp.Conditions) && PrincipalEvaluator.Check(fp.ForSPPrinciples, fp.BySPPrinciplesOperator)) { if (fp.OnField.SPName.Equals(spInternalName, StringComparison.InvariantCultureIgnoreCase)) { if (fp.OnForms.Contains(Enums.SPForms.New) && formMode == SPControlMode.New || fp.OnForms.Contains(Enums.SPForms.View) && formMode == SPControlMode.Display || fp.OnForms.Contains(Enums.SPForms.Edit) && formMode == SPControlMode.Edit) { switch (fp.Level) { case Enums.PermissionLevel.Read: result = SPControlMode.Display; isHidden = false; goto FinishPermissionCheck; case Enums.PermissionLevel.Write: if (formMode == SPControlMode.Edit) result = SPControlMode.Edit; else result = SPControlMode.New; isHidden = false; goto FinishPermissionCheck; case Enums.PermissionLevel.Deny: isHidden = true; result = SPControlMode.Invalid; break; } } } } } } FinishPermissionCheck: return result; }
public void AddRole(SPList list, SPPrincipal principal, SPRoleType roleType) { AddRole(list.ParentWeb, list, principal, roleType); }
private static bool DoesPrincipalHasPermissions(ISecurableObject item, SPPrincipal principal, SPBasePermissions permissions) { SPRoleAssignment roleAssignment = null; try { roleAssignment = item.RoleAssignments.GetAssignmentByPrincipal(principal); } catch { //if the user has no permission on the item (SPPrincipal is not in permissionlist -> item.RoleAssignments is empty), an exception is thrown. return false; } foreach (SPRoleDefinition definition in roleAssignment.RoleDefinitionBindings) { if ((definition.BasePermissions & permissions) == permissions) { return true; } } return false; }
public void AddRole(SPListItem listItem, SPPrincipal principal, string roleDefinitionName) { AddRole(listItem.Web, listItem, principal, roleDefinitionName); }
/// <summary> /// Gets the users of the SharePoint principal. /// This method will also check users in the active directory groups. /// </summary> /// <param name="principal">The SharePoint principal.</param> /// <returns>A list of the SPUsers in the SharePoint principal</returns> /// <exception cref="System.ArgumentNullException"> /// Principal is null /// </exception> public IList<SPUser> GetUsersInPrincipal(SPPrincipal principal) { if (principal == null) { throw new ArgumentNullException("principal"); } List<SPUser> allUsers = new List<SPUser>(); principal.ParentWeb.RunAsSystem(elevatedWeb => { try { elevatedWeb.AllowUnsafeUpdates = true; SPUser user = principal as SPUser; if (user != null) { if (user.IsDomainGroup) { bool reachedMaxCount; // Be careful, this method return AD groups too regardless to their permissions in the current SharePoint site SPPrincipalInfo[] groupMembers = SPUtility.GetPrincipalsInGroup(elevatedWeb, principal.LoginName, 9999, out reachedMaxCount); if (groupMembers != null) { foreach (SPPrincipalInfo member in groupMembers) { switch (member.PrincipalType) { case SPPrincipalType.SecurityGroup: case SPPrincipalType.DistributionList: { var usersInPrincipal = GetUsersInPrincipal(elevatedWeb.EnsureUser(member.LoginName)); // Only add users to the all users list if they are not already there. allUsers.AddRange(usersInPrincipal.Where(u => !HasUserInList(allUsers, u))); break; } case SPPrincipalType.User: { var memberUser = elevatedWeb.EnsureUser(member.LoginName); if (!HasUserInList(allUsers, memberUser)) { allUsers.Add(memberUser); } break; } } } } } else { // Only add the user to the all users list if they are not already there. if (!HasUserInList(allUsers, user)) { allUsers.Add(user); } } } else { SPGroup group = principal as SPGroup; foreach (SPUser groupUser in group.Users) { var usersInPrincipal = GetUsersInPrincipal(groupUser); // Only add users to the all users list if they are not already there. allUsers.AddRange(usersInPrincipal.Where(u => !HasUserInList(allUsers, u))); } } } finally { elevatedWeb.AllowUnsafeUpdates = false; } }); return allUsers; }
public void AddRole(SPWeb web, SPPrincipal principal, string roleDefinitionName) { AddRole(web, web, principal, roleDefinitionName); }
public static bool AssignmentExists(this SPSecurableObject securableObject, SPPrincipal principal) { return (GetAssignment(securableObject, principal) != null); }
/// <summary> /// Gets the role assignement. /// </summary> /// <param name="securableObject">The securable object.</param> /// <param name="principal">The principal.</param> /// <returns></returns> private static SPRoleAssignment GetRoleAssignement(SPSecurableObject securableObject, SPPrincipal principal) { SPRoleAssignment ra = null; try { ra = securableObject.RoleAssignments.GetAssignmentByPrincipal(principal); } catch (ArgumentException) { } return ra; }
/// <summary> /// Verifies if the target SharePoint group was granted permissions at the site level. /// </summary> /// <param name="spWeb">Represents an instance of the Homework Tracking Site as a SPWeb object.</param> /// <param name="spRoleType">Represents the permission to check </param> /// <param name="spTargetGroup">Represents an instance of the target SharePoint group.</param> /// <returns>True/Fase if group was granted permissions or not.</returns> private static bool CheckSiteLevelPermissions(SPWeb spWeb, SPRoleType spRoleType, SPPrincipal spTargetGroup) { bool SiteLevelUser = false; foreach (SPRoleAssignment roleAssignment in spWeb.RoleAssignments) { if (roleAssignment.Member.Name == spTargetGroup.Name) { SiteLevelUser = true; //SPRoleDefinition currentRoleDef = spWeb.RoleDefinitions.GetByType(spRoleType); //SPRoleDefinitionBindingCollection spRoleDefs = roleAssignment.RoleDefinitionBindings; //foreach (SPRoleDefinition spRoleDef in spRoleDefs) //{ // if (spRoleDef == currentRoleDef) // { // SiteLevelUser = true; // } //} } } return SiteLevelUser; }