stackoom
  简体   繁体   中英

How to run Sharepoint Rest API from server side with elevated privileges?

 原文  2014-04-16 06:30:00       rest/ sharepoint

Question

The Sharepoint Rest API uses a simple URL of the type http://mysite/_api/search/query?querytext='search_key' to return search results as an XML. When I run this directly in a browser, I see a valid XML response:

其余API输出

(1) Am I right in assuming the above response is generated using the current user's authorization?

(2) Can this URL be invoked from server side? I tried it in a web method (WCF web service), but received a 401 - Unauthorized : 

public string GetSearchResults(string searchKey)
{
    string webURL = SPContext.Current.Web.Url;
    string searchURL = webURL + "/_api/search/query?querytext='" + searchKey + "'";
    WebClient client = new WebClient();
    string xmlResponse = client.DownloadString(searchURL); // throws 401

    // parse xmlResponse and return appropriately
}

(3) What I really need is to be able to get the search results irrespective of the current user's access rights (the requirement is that users will see all search results, with an option to "request access" when needed).

I tried this in the above web method, but it still throws the same 401 : 

public string GetSearchResults(string searchKey)
{
    string webURL = SPContext.Current.Web.Url;
    string searchURL = webURL + "/_api/search/query?querytext='" + searchKey + "'";
    string xmlResponse;
    SPSecurity.RunWithElevatedPrivileges(delegate()
    {
        WebClient client = new WebClient();
        xmlResponse = client.DownloadString(searchURL); // still 401
    });

    // parse xmlResponse and return appropriately
}


What is the right way to invoke the Rest URL from server side? Specifically, from a web method? And how can it be run as super user?

2 answers

solution1
 1 ACCPTED  2014-04-16 09:02:07

In order to perform REST request, authenticate the request via WebClient.Credentials Property

On Premise (your scenario) 

WebClient client = new WebClient();
client.Credentials = new NetworkCredential(userName,password,domain);

SharePoint Online 

WebClient client = new WebClient();
client.Credentials = new SharePointOnlineCredentials(username,securedPassword);
client.Headers.Add("X-FORMS_BASED_AUTH_ACCEPTED", "f");

solution2
 0  2014-04-18 02:41:50

Search results are always security trimmed by SharePoint so to make this work, you'd need to run your query after specifying new credentials as mentioned by Vadim. This is almost certainly not a good idea. If you're running code server side already, don't use the REST interface, just query directly using the search API.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to upload and GET the Items in the SharePoint Document Library from client side using REST API as a HOSTED APP? Consuming REST API from the server side? How to upload a “Image only from client side to SharePoint Custom List” using Rest Api ? not in Document Library and not in picture Library How to implement 'fields' paramenter for 'get' in REST API in server side How to consume XML from REST API to SQL for a SharePoint Site How to read the XML response from SharePoint REST api call Adobe Sign server side REST API How to mock a complex REST call from the server side? Is it possible to call Sharepoint REST API with Javascript from outside of Sharepoint? how to renew client secret for sharepoint rest API?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM