标签:style class blog code http tar
在sharepoint中,_layouts下的自定义页面没有特别的权限,只要用户能访问sharepoint站点就可以访问_layouts下的自定义程序页面,现在我们需要给自定义页面做一下权限认证。要求如下:
1)自定义程序页面只为特定的站点服务,如图:
我们的自定义页面只为docs站点服务,只有/docs/_layouts/15/这样的访问路径才是合法的。
2)能访问docs站点的用户不一定就可以访问该页面,所以我们需要给该页面配置一个权限管理的list,如图:
3)有些自定义程序页面比较特殊,比如我们开发一个页面来装在rdl报表,那么这个自定义页面的权限就没有多大的意义了,所以我们给自定义页面加上querystring的识别,如图:同样的一个自定义程序页面querystring不同,可以配置不同的权限
现在来看看我们的实现吧:
protected bool CanAccess
{
get
{
if (SPWebNames != null && SPWebNames.Length > 0)
{
string spwebname = SPContext.Current.Web.Name.ToLower();
bool findwebname = SPWebNames.Any(x => x.ToLower().Equals(spwebname));
if (!findwebname)
{
return false;
}
}
List<string> gpnames = GroupNames;
if (gpnames.Count < 1)
{
return true;
}
else
{
SPUser currentUser = SPContext.Current.Web.CurrentUser;
foreach (string gpname in GroupNames)
{
foreach (SPGroup g in currentUser.Groups)
{
if (g.Name.Trim().Equals(gpname))
{
return true;
}
}
}
return false;
}
}
}
首先看看我们当前的web name是否是在配置的web names,如果不是直接返回为false,如果是就继续检查当前user是否具有指定的权限(当前user是否在指定的组里面)。这个配置我们写在sharepoint list里面,用户第一次访问页面时,我们会往该list插入一条新数据,没有指定特定user group name,然后管理员就可以设置该group names。主要代码如下:
string url = HttpContext.Current.Request.Url.AbsolutePath.ToLower();
if (QueryStringWithPermission)
{
url = HttpContext.Current.Request.Url.PathAndQuery.ToLower() ;
}
string _key = "$LayoutsPageWithPermission$";
.................................................................................................................
lock (_lockObj) //lock to avoid creating more than one cfg list.
{
try
{
list = web.Lists[_key];
}
catch
{
}
if (list == null)
{
web.AllowUnsafeUpdates = true;
Guid listId = web.Lists.Add(_key, "List for config , never delete this list.", SPListTemplateType.GenericList);
list = web.Lists[listId];
SPView view = list.DefaultView;
SPViewFieldCollection viewFields = view.ViewFields;
string fieldname = list.Fields.Add("GroupName", SPFieldType.Text, false);
SPField field = list.Fields.GetFieldByInternalName("GroupName");
viewFields.Add(field);
view.Update();
list.Update();
}
SPListItemCollection listitems = list.Items;
foreach (SPListItem spitem in listitems)
{
if (spitem["Title"].ToString().Equals(url))
{
spem = spitem;
break;
}
}
if (spem == null)
{
web.AllowUnsafeUpdates = true;
SPListItemCollection items = list.Items;
SPListItem item = items.Add();
item["Title"] = url;
item["GroupName"] = string.Empty;
item.Update();
spem = item;
}
..................................................................
List<string> groups = new List<string>();
if (spem["GroupName"] == null)
{
return groups;
}
string str = spem["GroupName"].ToString();
groups.AddRange(str.Split(new string[] { ",", ";" }, StringSplitOptions.RemoveEmptyEntries));
return groups;
这里我们首先去读取list,如果该list不存在就创建该list,然后往该list中插入数据,如果list存在那么检查对应的url是否存在不存在 就插入数据,最后返回指定的group names。
最后调用的代码如下:
protected override void OnInit(EventArgs e)
{
base.OnInit(e);
this.SPWebNames = new string[] { "docs" };
this.QueryStringWithPermission = true;
}
运行效果如图:
详细的代码如下:
namespace Microsoft.SharePoint.WebControls
{
using Microsoft.SharePoint;
using Microsoft.SharePoint.WebControls;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Web;
public class LayoutsPageWithPermission : LayoutsPageBase
{
#region Property
private static object _lockObj = new object();
private List<string> GroupNames
{
get
{
string url = HttpContext.Current.Request.Url.AbsolutePath.ToLower();
if (QueryStringWithPermission)
{
url = HttpContext.Current.Request.Url.PathAndQuery.ToLower() ;
}
string _key = "$LayoutsPageWithPermission$";
SPList list = null;
SPSite siteColl = SPContext.Current.Site;
SPWeb site = SPContext.Current.Web;
SPItem spem = null;
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite edsiteColl = new SPSite(siteColl.ID))
{
using (SPWeb web = edsiteColl.OpenWeb(site.ID))
{
lock (_lockObj) //lock to avoid creating more than one cfg list.
{
try
{
list = web.Lists[_key];
}
catch
{
}
if (list == null)
{
web.AllowUnsafeUpdates = true;
Guid listId = web.Lists.Add(_key, "List for config , never delete this list.", SPListTemplateType.GenericList);
list = web.Lists[listId];
SPView view = list.DefaultView;
SPViewFieldCollection viewFields = view.ViewFields;
string fieldname = list.Fields.Add("GroupName", SPFieldType.Text, false);
SPField field = list.Fields.GetFieldByInternalName("GroupName");
viewFields.Add(field);
view.Update();
list.Update();
}
SPListItemCollection listitems = list.Items;
foreach (SPListItem spitem in listitems)
{
if (spitem["Title"].ToString().Equals(url))
{
spem = spitem;
break;
}
}
if (spem == null)
{
web.AllowUnsafeUpdates = true;
SPListItemCollection items = list.Items;
SPListItem item = items.Add();
item["Title"] = url;
item["GroupName"] = string.Empty;
item.Update();
spem = item;
}
}
}
}
});
List<string> groups = new List<string>();
if (spem["GroupName"] == null)
{
return groups;
}
string str = spem["GroupName"].ToString();
groups.AddRange(str.Split(new string[] { ",", ";" }, StringSplitOptions.RemoveEmptyEntries));
return groups;
}
}
protected bool CanAccess
{
get
{
if (SPWebNames != null && SPWebNames.Length > 0)
{
string spwebname = SPContext.Current.Web.Name.ToLower();
bool findwebname = SPWebNames.Any(x => x.ToLower().Equals(spwebname));
if (!findwebname)
{
return false;
}
}
List<string> gpnames = GroupNames;
if (gpnames.Count < 1)
{
return true;
}
else
{
SPUser currentUser = SPContext.Current.Web.CurrentUser;
foreach (string gpname in GroupNames)
{
foreach (SPGroup g in currentUser.Groups)
{
if (g.Name.Trim().Equals(gpname))
{
return true;
}
}
}
return false;
}
}
}
protected string CurrentUserName
{
get
{
string userName = SPContext.Current.Web.CurrentUser.LoginName;
if (userName.Contains("|"))
{
userName = userName.Split(new char[] { '|' }, StringSplitOptions.RemoveEmptyEntries)[1];
}
return userName;
}
}
public bool QueryStringWithPermission { set; get; }
public string[] SPWebNames { set; get; }
#endregion
protected void RedirectAccessDenied()
{
Uri uri = HttpContext.Current.Request.Url;
int index = uri.AbsoluteUri.IndexOf("/_layouts");
string urlprfx = uri.AbsoluteUri.Substring(0, index);
string url = urlprfx + "/_layouts/15/AccessDenied.aspx?Source=" + uri.OriginalString;
HttpContext.Current.Response.Redirect(url);
}
protected override void OnLoad(EventArgs e)
{
base.OnLoad(e);
if (!CanAccess)
{
RedirectAccessDenied();
}
}
}
}SharePoint _layouts下自定义程序页面权限管理,布布扣,bubuko.com
SharePoint _layouts下自定义程序页面权限管理
标签:style class blog code http tar
原文地址:http://blog.csdn.net/ma_jiang/article/details/32371337
