SharePoint 中的权限/拒绝掩码 [英] Permission/Deny Mask in SharePoint

问题描述

我有一个关于 SharePoint 权限掩码的问题.在 SharePoint 中，可以使用掩码设置授予/拒绝权限.详细信息在下面的文章中给出.

I have a question regarding SharePoint permission masks. In SharePoint it is possible to set the grant/deny rights using masks. Details are given the following article.

http://msdn.microsoft.com/en-us/library/dd304243(PROT.13).aspx

我的问题是我们何时拥有许可/拒绝掩码.

My question is when we have a permission/deny mask.

例如，如果您使用 central-admin 拒绝ViewItem"权限，您将获得 4611686844973976575 作为拒绝掩码.此权限掩码由 aping | 计算到几个单独的权限掩码.

For example if you deny "ViewItem" permission using the central-admin, you will get 4611686844973976575 as the deny mask. This permission masks is computed by aping | to several individual permission masks.

那么是否可以提取用于计算权限掩码的单个权限掩码，例如 4611686844973976575?

So is it possible to extract individual permission masks which are used to calculate permission mask such as 4611686844973976575?

谢谢.

推荐答案

如果您对掩码中包含的ViewListItems"的 0x0000000000000001 等值进行逻辑与运算，那么您将获得该值本身(或1).如果您对不在该掩码中的值执行逻辑 AND，例如UseClientIntegration"值 0x0000001000000000，那么您将得到零 (0).这甚至可以通过 Windows 计算器应用程序的科学模式进行测试——也许首先将掩码转换为十六进制，例如以 4611686844973976575 为例，从基数 10 到 400000C072040BFF 十六进制(基数 16).

If you do a logical AND operation on a value such as 0x0000000000000001 for "ViewListItems" which is contained in the mask, then you will get the value itself (or 1). If you do a logical AND on a value not in that mask, like the "UseClientIntegration" value of 0x0000001000000000, then you will get a zero (0). This is something you can even test via the scientific mode of the Windows calculator app -- perhaps first converting the mask to hex, such as taking your example of 4611686844973976575 from base 10 to 400000C072040BFF in hex (base 16).

要从掩码中提取所有值，您必须针对所有可能的值测试初始值.如果该页面上记录了所有已知的权限值，那么您的问题的答案是肯定的.我不知道你可能想用哪种语言来实现这一点，但 C# 的基本思想是:

To extract all values from the mask, you would have to test the initial value against all possible values. If all known permission values are documented on that page, then the answer to your question is yes. I don't know which language you may want to accomplish this, but the basic idea in C# is:

bool CheckMask( long Mask, long TestPermission ) {
    return (Mask && TestPermission) > 0;
}

long mask = 4611686844973976575;

const long ViewListItems = 0x0000000000000001;
bool HasPermission_ViewListItems = CheckMask(mask, ViewListItems);
// HasPermission_ViewListItems is true

const long UseClientIntegration = 0x0000001000000000;
bool HasPermission_UseClientIntegration = CheckMask(mask, UseClientIntegration);
// HasPermission_UseClientIntegration is false

这篇关于SharePoint 中的权限/拒绝掩码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！