大家都知道在sharepoint2010登录,系统自动根据登录用户给出有权限的列表记录?但是有些业务场景用户不能登录,如对外提供接口给业务系统调用列表数据,需要根据不同用户返回不同的列表记录。此时需要考虑如何根据登录名获取有权限的列表记录。下面我介绍2个方法来进行
1、通过DoesUserHavePermissions来获取有权限的记录
//申明集合
List<EGNewsEntity> EGNewsEntityList = new List<EGNewsEntity>();
try
{
//得到列表
SPList m_objList = web.Lists[listName];
//查询
SPQuery query = new SPQuery();
query.Query = strWhere;
//查询的字段
if (ViewField.Length > 0)
{
query.ViewFields = BuildViewFields(ViewField);
}
SPListItemCollection m_objListItemColl = m_objList.GetItems(query);
//根据当前用户判断是否有权限的记录条数
foreach (SPListItem item in m_objListItemColl)
{
//判断用户是否有有改记录的阅读权限(查看权限)
if (item.DoesUserHavePermissions(user, SPBasePermissions.ViewListItems))
{
//申明实体类
EGNewsEntity entity = new EGNewsEntity();
//赋值
entity.ID = item["ID"] == null ? string.Empty : item["ID"].ToString();
entity.Title = item["Title"] == null ? string.Empty : item["Title"].ToString();
entity.CreateTime = Convert.ToDateTime(item["ApplyDateTime"]);
entity.Content = item["Content"] == null ? string.Empty : item["Content"].ToString();
//加入集合
EGNewsEntityList.Add(entity);
}
}
}
catch
{
}
//
return EGNewsEntityList;
}
2、通过UserToken来获取有权限的记录
//申明集合
DataTable table =null;
#region//账号是否存在
if (web.AllUsers[UserAccount] != null)
{
//获取userToken
SPUserToken userToken = web.AllUsers[UserAccount].UserToken;
#region//***************************获取token,模拟当前账号登陆
using (SPSite owSite = new SPSite(siteUrl, userToken))
{
#region //模拟当前登陆用户打开站点
using (SPWeb owWeb = owSite.OpenWeb(webUrl))
{
try
{
#region//列表名称
string listName = EGNewsConfig.NewsListName;
//如果是新闻
if (NewsType == EGNewsEntity.NewsType.News)
{
listName = EGNewsConfig.NewsListName;
}
//如果是公告
if (NewsType == EGNewsEntity.NewsType.Notice)
{
listName = EGNewsConfig.NoticeListName;
}
#endregion
//如果列表名称
if (!string.IsNullOrEmpty(listName))
{
#region//查询条件
string strWhere = "<OrderBy><FieldRef Name=\"ApplyDateTime\" Ascending=\"False\" /></OrderBy>";
//如果有关键字
if (!string.IsNullOrEmpty(Key))
{
strWhere = "<Where><Eq><FieldRef Name=\"Title\" /><Value Type=\"Text\">" + Key + "</Value></Eq></Where>" + strWhere;
}
#endregion
//申明dataTable
table = MakeNamesTable();
#region//获取总的记录
SPQuery query = new SPQuery();
query.Query = strWhere;
query.ViewFields = BuildViewFields(new string[]{"Title"});
totalCount = owWeb.Lists[listName].GetItems(query).Count;
#endregion
//
int _totalcount = 0;
//得到记录
SPListItemCollection itemCollection = GetPageList(owWeb, listName, PageSize, PageIndex, out _totalcount, strWhere, new string[] { "ID", "Title", "ApplyDateTime", "Content" });
#region//循环
foreach (SPListItem item in itemCollection)
{
//datatable增加一条记录
DataRow row = table.NewRow();
//ID号码
row["ID"] = item["ID"];
//赋值标题
row["Title"] = item["Title"];
//内容
row["Content"] = item["Content"];
//赋值创建时间
row["CreateTime"] = item["ApplyDateTime"];
//增加记录
table.Rows.Add(row);
}
#endregion
}
}
catch(Exception ex)
{
errMsg = ex.Message;
}
}
#endregion
}
#endregion
}
#endregion
//
return table;