本文讲述SharePoint 2010/2013 使用Javascript来判断权限的三种方法的实现方式及其优缺点。
1. 根据用户所在的SharePoint组(比如用户在Leader 组才可以使用审批按钮)
a. 优点,简单明了,容易理解,要获得这个权限只有一个入口,就是将用户加入到SharePoint组
b. 缺点, 不能兼容AD group套SharePoint组的情况,只能将用户直接加入到SharePoint组的情况下起作用
c. 实现代码如下:
function IsCurrentUserMemberOfGroup(strGroupName, functionComplete) {
//Setup Vars
currentContext = null;
currentWeb = null;
allGroups = null;
leaderGroup = null;
currentUser = null;
groupUsers = null;
//Get an instance of the Client Content.
currentContext = new SP.ClientContext.get_current();
//Grab the client web object.
currentWeb = currentContext.get_web();
//Get the current user object
currentUser = currentContext.get_web().get_currentUser();
currentContext.load(currentUser);
//Setup the groupColletion.
allGroups = currentWeb.get_siteGroups();
currentContext.load(allGroups);
//Now populate the objects above.
currentContext.executeQueryAsync(
Function.createDelegate(this, GetAllGroupsExecuteOnSuccess),
Function.createDelegate(this, ExecuteOnFailure)
);
// GroupCollection - Load - SUCCESS
function GetAllGroupsExecuteOnSuccess(sender, args) {
// CHECK THE GROUPS
// Time to Enumerate through the group collection that was returned.
var groupEnumerator = allGroups.getEnumerator();
// Loop for the collection.
while (groupEnumerator.moveNext()) {
//Grab the Group Item.
var group = groupEnumerator.get_current();
if (group.get_title().indexOf(strGroupName) > -1) {
// Now that we have the group let's grab the list of users.
groupUsers = group.get_users();
currentContext.load(groupUsers);
currentContext.executeQueryAsync(
Function.createDelegate(this, SingleGroupExecuteOnSuccess),
Function.createDelegate(this, ExecuteOnFailure)
);
}
}
}
// Single Group - Load - SUCCESS
function SingleGroupExecuteOnSuccess(sender, args) {
// Time to setup the Enumerator
var groupUserEnumerator = groupUsers.getEnumerator();
// This is the flag to set to true if the user is in the group.
var boolUserInGroup = false;
// and start looping.
while (groupUserEnumerator.moveNext()) {
//Grab the User Item.
var groupUser = groupUserEnumerator.get_current();
// and finally. If a Group User ID Matches the current user ID then they are in the group!
if (groupUser.get_id() == currentUser.get_id()) {
boolUserInGroup = true;
}
}
//Run the delegate function with the bool;
functionComplete(boolUserInGroup);
}
// GroupCollection or Single Group - Load - FAILURE
function ExecuteOnFailure(sender, args) {
//Run the delegate function and return false because there was no match.
functionComplete(false);
}
}
IsCurrentUserMemberOfGroup("Lead", function (isCurrentUserInGroup) {
if(isCurrentUserInGroup)
{
// Do something for the user in the correct SP group
}
});
2. 使用User 类的isSiteAdmin属性
a. 优点:需要写代码少,效率高
b. 缺点:只能判断用户是否为当前站点集管理员,适用场景很少
c. 代码实现如下:
var currentUser;
SP.SOD.executeFunc('sp.js', 'SP.ClientContext', GetCurrentUser);
function GetCurrentUser() {
var clientContext = new SP.ClientContext.get_current();
var oWeb = clientContext.get_web();
currentUser = oWeb.get_currentUser();
clientContext.load(currentUser);
clientContext.executeQueryAsync(Onsuccess, OnFailed);
}
function Onsuccess()
{
if(currentUser.get_isSiteAdmin())
{
// Do something for the user who is the current site collection admin
}
}
function OnFailed(request, message)
{
alert('error' + message);
}
3. 使用 EffectiveBasePermissions,这个也是微软推荐的做法
a. 优点:功能上基本没有限制,可以检查所有SharePoint的权限级别: http://msdn.microsoft.com/en-us/library/ee556747(v=office.14).aspx
b. 缺点:获得权限的入口不是唯一的,可以单独给用户权限,也可以由用户加入到某个组来获取权限
c. 代码实现如下:
<script type="text/javascript">
SP.SOD.executeFunc('sp.js', 'SP.ClientContext', CheckPermissionOnWeb);
function CheckPermissionOnWeb() {
context = new SP.ClientContext.get_current();
web = context.get_web();
this._currentUser = web.get_currentUser();
context.load(this._currentUser);
context.load(web, 'EffectiveBasePermissions');
context.executeQueryAsync(Function.createDelegate(this, this.onSuccessMethod), Function.createDelegate(this, this.onFailureMethod));
}
function onSuccessMethod(sender, args) {
if (web.get_effectiveBasePermissions().has(SP.PermissionKind.manageWeb)) {
// User Has permission to manage web
// Do something you want to do for the user who can manage the web
}
}
Function onFailureMethod(sender, args)
{
alert('error' +args.message);
}
</script>