Programmatic uses of SPBasePermissions to check for or set permissions on various objects in SharePoint
The following are some of the more common components in SharePoint that can be used to get or set permissions, or check if certain permissions are effective for a user on the object.
Get or set the Base Permissions for a Role Definition in a Web
SPWeb.RoleDefinitions.BasePermissions
Get the current or specified user’s effective SPBasePermissions on an object (SPWeb, SPList, SPListItem, etc.) Username passed as String to GetUserEffectivePermissions():
SPSite
SPSite.EffectiveBasePermissions
SPSite.GetEffectiveRightsForAcl(SPReusableAcl)
SPWeb
SPWeb.EffectiveBasePermissions
SPWeb.GetUserEffectivePermissions(String)
SPList
SPList.EffectiveBasePermissions
SPList.EffectiveFolderPermissions
SPList.GetUserEffectivePermissions(String)
SPFolder
SPFolder.EffectiveRawPermissions
SPFile
SPFile.EffectiveRawPermissions
SPListItem
SPListItem.EffectiveBasePermissions
SPListItem.GetUserEffectivePermissions(String)
Check if the current or specified user has the specified permissions and throws UnauthorizedAccessException if not:
SPSite.CheckForPermissions(SPReusableAcl, SPBasePermissions)
SPWeb.CheckPermissions(SPBasePermissions)
SPList.CheckPermissions(SPBasePermissions)
SPListItem.CheckPermissions(SPBasePermissions)
Returns true/false indicating if the user has the specified permission(s)
SPSite
SPSite.DoesUserHavePermissions(SPReusableAcl, SPBasePermissions)
SPSite.DoesUserHavePermissions(SPReusableAcl, SPBasePermissions, SPWeb)
SPWeb
SPWeb.DoesUserHavePermissions(SPBasePermissions)
SPWeb.DoesUserHavePermissions(String, SPBasePermissions)
SPList
SPList.DoesUserHavePermissions(SPBasePermissions)
SPList.DoesUserHavePermissions(SPUser, SPBasePermissions)
SPListItem
SPListItem.DoesUserHavePermissions(SPBasePermissions)
SPListItem.DoesUserHavePermissions(SPUser, SPBasePermissions)
Layout Page Base - Permissions required to access a LayoutPageBase
LayoutsPageBase.RightsRequired
LayoutsPageBase.DefaultLayoutsRights
Trimmed Content on a Page (Get or set permissions)
SPSecurityTrimmedControl.Permissions
Base permissions associated with a SPPermission object
SPPermission.BasePermissions
Get base permissions required to use a ConsoleAction object or ConsoleNode
ConsoleAction.UserRights
ConsoleNode.UserRights
Get permissions required to see the developer dashboard
SPDeveloperDashboardSettings.RequiredPermissions
Get or set the permissions for a web application
SPWebApplication.RightsMask
SPSite.ApplicationRightsMask
Permissions required to access a Mobile Page
SPMobilePage.RightsRequired
Toolbar Menu Button
ToolBarMenuButton.CallbackVisibilityPermission
Others:
SPSecurableObject.GetUserEffectivePermissions(String UserName)
SPRibbon.Permissions
MenuItemTemplate.Permissions
SPUserCustomAction.Rights
Show / Hide content in SharePoint based on the built-in permissions in SharePoint without code.
The SPBasePermissions Enum contains a number of built-in permissions that can be used in a number of ways, including showing or hiding content for a user based on their access level to a site, list or item, restricting custom links and actions added to the UI, securing application pages and much more. When creating a .aspx page or Master Page in SharePoint SPSecurityTrimmedControl class has a PermissionsString parameter that accepts a comma separated list of SPBasePermissions which a user must have for the child content or controls to be displayed to the user.
SharePoint: Show or Hide Content based on Permissions provides an example usage of the SPSecurityTrimmedControl class with various permissions from the SPBasePermissions enum to include content on a Master Page that is visible to users with full access to a site, or a user with access to manage lists on the site. The example includes a “View All Site Content: link as content near the top of the page, which is visible only to users with the matching permissions. References to the relevant documentation
For additional examples for a number of specific scenarios, the article Permission Based Content in SharePoint (With Examples) provides configuration of the SPSecurityTrimmedControl class and various SPBasePermissions to achieve each. Some of the examples include displaying content or controls only to users with full access to a site, showing content for users with access to manage permissions on a site and displaying content to uses with add, edit and modify permissions on list items in a list. The article also demonstrates usage of the SPSecurityTrimmedControl class and the AuthenticationRestrictions attribute to show or hide content to users who are authenticated or anonymous.
SPBasePermissions are also used when adding custom links and actions to the User Interface in SharePoint such as the Site or List Settings page, the Actions or Settings menu on lists and libraries and the list item dropdown (ECB Edit Control Block) menu. Associating one or more of the built-in permissions with these custom actions will mean that a user much have each of the permissions on the item, list or site for the Custom action to be displayed.
No comments:
Post a Comment