Sharepoint:如何以编程方式管理SPFolder和SPListItem权限 [英] Sharepoint: How to programmatically manage SPFolder and SPListItem permissions

问题描述

我想知道我是否想念一些东西. 这是我的处理方式: 对于SPFolder，我将更改关联项目的权限(SPFolder.Item). 因此，我想管理SPFolder权限归结为管理SPListItem权限. 对于SPListItem，我将首先使用SPListItem.BreakRoleInheritance()中断角色继承，然后使用RoleAssignments集合在其中添加和删除角色.

I want to know if I'm missing something. Here's how I would do it: For SPFolder I would change the associtaed item's permissions (SPFolder.Item). So I suppose managing SPFolder permissions boils down to managing SPListItem permissions. For SPListItem I would frist break role inheritance with SPListItem.BreakRoleInheritance() and then work with RoleAssignments collections adding and removing roles there.

我想知道RoleAssignments是否是管理SPListItem权限(除了继承)的唯一方法，并且是否有一种方法来管理没有角色的个人权限. 也有EffectiveBasePermissions属性，但我不确定.

I wonder if RoleAssignments is the only way to manage SPListItem's permissions (besides inheritance) and is there a way to manage individual permissions without roles. There is also EffectiveBasePermissions property but I'm not sure.

所以问题是 除了RoleAssignments集合外，还有其他方法(继承之外)来管理SPListItem权限吗?

So the question is is there other ways (besides inheritance) to manage SPListItem permissions apart from the RoleAssignments collection?

@Edit:也有AllRolesForCurrentUser，但是我想您可以从RoleAssignments属性中获得相同的信息，所以这只是为了方便.

@ there's also AllRolesForCurrentUser, but I guess you can get the same info from the RoleAssignments property, so this one is just for convenience.

@Edit:正如Flo在他的回答中指出的那样，设置存在问题

@ As Flo notes in his answer there is a problem with setting

folder.ParentWeb.AllowUnsafeUpdates = true;

并使用参数为'false'的BreakRoleInheritance(即，没有复制父对象的权限).

And using BreakRoleInheritance with argument of 'false' (i.e. without copying permissions of the parent object).

folder.Item.BreakRoleInheritance(false);

BreakRoleInheritance完全不会像您期望的那样，在允许不安全的更新之后无法处理GET请求.大概该方法会将AllowUnsafeUpdates重置为"false".

BreakRoleInheritance simply won't work on GET request as you'd expect after allowing unsafe updates. Presumably the method resets AllowUnsafeUpdates back to 'false'.

为此，我知道一个解决方法是在BreakRoleInheritance(true)之后手动删除继承的权限，如下所示:

One workaround I know for this is to manually delete the inherited permissions after you BreakRoleInheritance(true), like this:

folder.Item.BreakRoleInheritance(false);
while(folder.Item.RoleAssignments.Count > 0) {
    folder.Item.RoleAssignments.Remove(0);
}

谢谢！

推荐答案

您几乎完全正确.我相信RoleAssignments确实是直接管理权限的唯一机制.这是一个帖子，其中显示了如何执行此操作的快速示例.我还使用了这些

You have it pretty much right. I believe that RoleAssignments are indeed the only mechanism for managing permissions directly. Here's a post that shows a quick example of how to do it. I also used these two posts when I did some more complicated things.

这篇关于Sharepoint:如何以编程方式管理SPFolder和SPListItem权限的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！