在访问SecurableObject(或批量更新?)过程中即时自定义角色 [英] Customize roles on the fly during access to SecurableObject (or batch updating?)
问题描述
你好
我们有一个大型的SharePoint安装,其中包含十万个网站和文档库(以及数百万个文档).
We have a large SharePoint installation with over hundred thousand webs and document libraries (and millions of documents).
最重要的是,我们拥有在文档库上设置的自定义权限(继承中断)
On top of that we have custom permissions which are set on document libraries (with broken inheritance)
当需求发生变化时,我们使用PowerShell脚本来重建权限结构.问题在于这些脚本执行时间较长(超过1周),这不是最佳选择.它必须遍历整个结构并添加/删除组,未中断/中断 继承等等.
We have use PowerShell scripts to rebuild the permission structure when requirements change. The problem is these scripts take a long time to execute (1week+) which is not optimal. It has to go through the whole structure and add/remove groups, unbreak/rebreak inheritance and so on..
我的问题是:是否可以在SecurableObjects中添加某种中间件并在访问它们时覆盖权限(而不将覆盖的角色保存到数据库中)?这样,我们可以在代码中声明性地定义我们的权限,而无需 需要更新结构.我们可以删除所有损坏的继承,而根据用户尝试访问的Web/文档库/项目类型来覆盖角色.
My question is: Is it possible to add some kind of middleware to SecurableObjects and override the permissions when they are accessed (without saving the overridden roles to the database)? This way we could define our permissions declaratively in code, without needing to update the structure. We could remove all broken inheritances, and instead override the roles depending on what kind of web/document library/item the user is trying to access.
例如:
void BeforeAccessSecurableObject(SecurableObject o) {
if (o is list and o.name == "<requirement_specific_name>")
{
// Make sure inherited assignments are not used in this context
o.BreakRoleInheritance();
o.RoleAssignments.Clear();
// Add the requirement-specific role for this kind of list
o.RoleAssignments.Add(<construct a role assignment for the group that should have access to lists of name<requirement_specific_name>>);
}
}在服务器场解决方案中是否可能(或类似的东西)?通过部署新版本的解决方案包,我们可以将+1周的时间减少到几分钟.
Is this (or something similar) possible in a farm solution? We could lower that +1week to a couple minutes by just deploying a new version of the solution package.
如果没有,你们还有其他其他秘诀来优化用于更新结构的例程(批量更新吗?).我们需要大量减少数据库调用的次数.
If not, do you guys have any other tips for optimizing the routine that updates the structure in place (batch updates?). We need to lower the amount of database calls a lot.
我希望我足够清楚.. :)
真诚的
Viktor
I hope I was clear enough.. :)
Sincerely,
Viktor
推荐答案
请查看以下有关此问题的博客.
Please check the following blogs on this issue.
http://e- junkie-chronicles.blogspot.dk/2011/03/sharepoint-2010-performance-with-item.html
http://e- junkie-chronicles.blogspot.dk/2011/03/sharepoint-2010-performance-with-item_23.html
这里有一个类似的线程供您参考:
Here is a similar thread for your reference:
https://sharepoint.stackexchange.com/questions/49617/improve-performance -of-powershell-script
最好的问候,
这篇关于在访问SecurableObject(或批量更新?)过程中即时自定义角色的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
