Sharepoint 2010,根据当前用户确定对 SPListItem 的访问权限
我正在使用 CAML Queryy 来获取包含 ContentType 的所有列表项,但我还需要知道当前用户是否有权查看该文件。
那部分我不知道如何检查它。
我使用此示例作为如何获取与内容类型相关的项目的参考。
谢谢。
i am using a CAML Queryy to get all the list items that are cotains a ContentType, but i also need to know if the Current user, has permissions to see that file.
That part i do not know how can i check it.
i use this exmpla as reference of how to get the items related to a content type.
Thanks.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
默认情况下,在 SharePoint 中,我们的代码会在用户执行 Web 请求时模拟运行。因此,CAML 查询返回的项目已经经过安全修整。这意味着,结果集仅包含允许当前用户“查看”的项目。
在某些情况下,您需要使用系统权限执行 CAML 查询。为此,必须使用系统帐户令牌打开
SPSite对象:在这种情况下,您可以使用
DoesUserHavePermissions方法检查/确保某个列表项的权限:重要需要注意的是,您必须使用
SPUser参数调用DoesUserHavePermissions的重载。没有的过载将使用站点的“当前用户”。这是自使用系统帐户令牌打开站点以来的系统帐户。Per default in SharePoint our code runs impersonated as the user executing the web request. Thus the items returned by the CAML query are already security trimmed. Meaning, the result set only contains items the current user is allowed to "see".
Under some circumstances you are required to execute the CAML query with system priveliges. To do so the
SPSiteobject has to be opend with the system account token:In that case you could check / ensure permissions on a certain list item with the method
DoesUserHavePermissions:Important to note is that you have to call the overload of the
DoesUserHavePermissionswith theSPUserargument. The overload without will use the "current user" of the site. Which is the system account since the site was opened with the system account token.