使用Webservices API确定用户在SharePoint站点/工作区中的角色

Question

如何使用webservices API计算用户在站点中的角色？我必须继续使用的是用户名和域名.

我发现PermissionsService.Permissions.GetPermissionCollection(URL,"网络")将返回允许用户和组的集合与他们的权限口罩,但我仍然需要弄清楚,如果用户是在任何一组,然后转换权限掩盖到角色集合中.

我觉得有更好的方法来做到这一点,我只是想念它.

Answer 1

我已经解决了类似的问题 - 我的方法检查是否为用户分配了特定的角色.首先是算法:

1. 检查用户是否直接在站点上分配了角色
2. 如果是 - 很酷,如果不是 - 获取用户所属的所有组,并获得分配给他们的所有组.
3. 比较两者.如果存在匹配 - 酷,如果不是 - 用户未在该站点级别分配角色.

和代码:

public bool IsAssignedAPermission(string premissionName, string userLoginName)
    {
        XmlNode nodes;
        bool isAssignedAPermission;

        isAssignedAPermission = false;

        //Check if user is directly assigned a Full Control role
        try
        {
            nodes = userGroupService.GetRoleCollectionFromUser(userLoginName);
            using (XmlNodeReader reader = new XmlNodeReader(nodes))
            {
                DataSet ds = new DataSet();
                ds.ReadXml(reader);
                DataTable dt = ds.Tables[1];
                foreach (DataRow row in dt.Rows)
                {
                    string permission = row[1].ToString();
                    if (permission == premissionName)
                    {
                        isAssignedAPermission = true;
                        break;
                    }
                }
            }
        }
        catch
        {
            List<string> groupMemberships;
            List<string> fullControlGroups;

            //Check if user is a member of a Full Control group
            //This is done in three steps:

            //1. Get the list of groups the user is member of
            groupMemberships = new List<string>();
            nodes = userGroupService.GetGroupCollectionFromUser(userLoginName);
            using (XmlNodeReader reader = new XmlNodeReader(nodes))
            {
                DataSet ds = new DataSet();
                ds.ReadXml(reader);
                DataTable dt = ds.Tables[1];
                foreach (DataRow row in dt.Rows)
                {
                    string groupName = row[1].ToString();
                    groupMemberships.Add(groupName);
                }
            }

            //2. Get the list of groups that have Full Control permissions
            fullControlGroups = new List<string>();
            nodes = userGroupService.GetGroupCollectionFromRole(premissionName);
            using (XmlNodeReader reader = new XmlNodeReader(nodes))
            {
                DataSet ds = new DataSet();
                ds.ReadXml(reader);
                DataTable dt = ds.Tables[1];
                foreach (DataRow row in dt.Rows)
                {
                    string groupName = row[1].ToString();
                    fullControlGroups.Add(groupName);
                }
            }

            //3. Check if user belongs to any of the Full Control groups
            foreach (string membership in groupMemberships)
            {
                if (fullControlGroups.Contains(membership))
                {
                    isAssignedAPermission = true;
                    break;
                }
            }
        }

        return isAssignedAPermission;
    }

方法参数userLoginName应该采用域\用户名的形式,例如SHAREPOINT\Boris.我希望我帮忙.干杯