How to find out permissions for each tree element(folder or file) for another user using sharepoint api?
Question
I want to get answer for question:
Does userA can read the folder/tree ?
Application uses another user to communicate with sharpoint via sharepoint API.
I've googled the following request:
http://aissp2013/sites/Team/_api/web/lists/getbytitle('L2')/EffectiveBasePermissions
But it doesn't resolve my problem because it responds with permissions for current user!
- Is there way to get permissions for another user for concrete element(folder or file or library)
- Is there way to get permissions for another user for all elements and sub-elements ?
1 answers
solution1
2 2018-08-16 18:41:07
To get permissions per user SP.ListItem.getUserEffectivePermissions method is intended:
for SP.Folder
Url /_api/web/getFolderByServerRelativeUrl('<folder-rel-url>')/ListItemAllFields/getusereffectivepermissions(@u)?@u='<account>'
Method: Get
for SP.File
Url /_api/web/getFileByServerRelativeUrl('<file-rel-url>')/ListItemAllFields/getusereffectivepermissions(@u)?@u='<account>'
Method: Get
Note:
accountparameter needs to be provided in claims format
Regarding the question:
Does userA can read the folder/tree ?
the following example demonstrates how to retrieve permissions for a folder
const accountName = "i:0#.f|membership|<name>@<tenant>.onmicrosoft.com";
let endpointUrl = _spPageContextInfo.webAbsoluteUrl + "/_api/web/getFolderByServerRelativeUrl('/Shared Documents/Achive')/ListItemAllFields/getusereffectivepermissions(@u)?@u='" + encodeURIComponent(accountName) + "'";
const content = await executeJson(endpointUrl);
let roles = parseBasePermissions(content.d.GetUserEffectivePermissions);
if(roles.viewListItems)
console.log(`${accountName} has been granted permissions.`);
where
function parseBasePermissions(value)
{
let permissions = new SP.BasePermissions();
permissions.initPropertiesFromJson(value);
let result = {};
for(var levelName in SP.PermissionKind.prototype) {
if (SP.PermissionKind.hasOwnProperty(levelName)) {
var permLevel = SP.PermissionKind.parse(levelName);
if(permissions.has(permLevel))
result[levelName] = true;
else
result[levelName] = false;
}
}
return result;
}
is used to parse permission mask into roles
and
async function executeJson(url,options) {
options = options || {};
options.method = options.method || 'GET';
options.headers = options.headers || {};
options.headers["Accept"] = "application/json;odata=verbose";
options.headers["Content-Type"] = "application/json;odata=verbose";
if(options.method == "POST") {
options.headers["X-RequestDigest"] = document.getElementById("__REQUESTDIGEST").value;
}
if (options.body) {
options.body = JSON.stringify(options.body);
}
const rawResponse = await fetch(url,options);
const content = await rawResponse.json();
return content;
}
to perform REST request
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.