深入浅出SharePoint——操作Item权限类

using System; using System.Collections.Generic; using System.Linq; using System.Text; using Microsoft.SharePoint; namespace CR.SharePoint.HR.Common { public static class PermissionManager { //SPGroup group = web.Groups[0]; //SPUser user = web.Users[0]; //SPUser user2 = web.EnsureUser("mangaldas.mano"); //SPUser user3 = web.EnsureUser("Domain Users"); //SPPrincipal[] principals = { group, user, user2, user3 }; #region Adding Permissions to an item /// <summary> /// Set Permissions /// </summary> /// <param name="item">SPListItem</param> /// <param name="principals">IEnumerable</param> /// <param name="roleType">SPRoleType</param> public static void SetPermissions(SPListItem item, IEnumerable<SPPrincipal> principals, SPRoleType roleType) { if (item != null) { foreach (SPPrincipal principal in principals) { SPRoleDefinition roleDefinition = item.Web.RoleDefinitions.GetByType(roleType); SetPermissions(item, principal, roleDefinition); } } } /// <summary> /// Set Permissions /// </summary> /// <param name="item">SPListItem</param> /// <param name="user">SPUser</param> /// <param name="roleType">SPRoleType</param> public static void SetPermissions(SPListItem item, SPUser user, SPRoleType roleType) { if (item != null) { SPRoleDefinition roleDefinition = item.Web.RoleDefinitions.GetByType(roleType); SetPermissions(item, (SPPrincipal)user, roleDefinition); } } /// <summary> /// Set Permissions /// </summary> /// <param name="item">SPListItem</param> /// <param name="principal">SPPrincipal</param> /// <param name="roleType">SPRoleType</param> public static void SetPermissions(SPListItem item, SPPrincipal principal, SPRoleType roleType) { if (item != null) { SPRoleDefinition roleDefinition = item.Web.RoleDefinitions.GetByType(roleType); SetPermissions(item, principal, roleDefinition); } } /// <summary> /// Set Permissions /// </summary> /// <param name="item">SPListItem</param> /// <param name="user">SPUser</param> /// <param name="roleDefinition">SPRoleDefinition</param> public static void SetPermissions(SPListItem item, SPUser user, SPRoleDefinition roleDefinition) { if (item != null) { SetPermissions(item, (SPPrincipal)user, roleDefinition); } } /// <summary> /// Set Permissions /// </summary> /// <param name="item">SPListItem</param> /// <param name="principal">SPPrincipal</param> /// <param name="roleDefinition">SPRoleDefinition</param> public static void SetPermissions(SPListItem item, SPPrincipal principal, SPRoleDefinition roleDefinition) { if (item != null) { SPRoleAssignment roleAssignment = new SPRoleAssignment(principal); roleAssignment.RoleDefinitionBindings.Add(roleDefinition); item.RoleAssignments.Add(roleAssignment); } } #endregion #region Deleting all user Permissions from an item /// <summary> /// remove permisions /// </summary> /// <param name="item">SPListItem</param> /// <param name="user">SPUser</param> public static void RemovePermissions(SPListItem item, SPUser user) { if (item != null) { RemovePermissions(item, user as SPPrincipal); } } /// <summary> /// remove permisions /// </summary> /// <param name="item">SPListItem</param> /// <param name="principal">SPPrincipal</param> public static void RemovePermissions(SPListItem item, SPPrincipal principal) { if (item != null) { item.RoleAssignments.Remove(principal); item.SystemUpdate(); } } #endregion #region Removing specific roles from an item /// <summary> /// remove permission /// </summary> /// <param name="item">SPListItem</param> /// <param name="principal">SPPrincipal</param> /// <param name="roleDefinition">SPRoleDefinition</param> public static void RemovePermissionsSpecificRole(SPListItem item, SPPrincipal principal, SPRoleDefinition roleDefinition) { if (item != null) { SPRoleAssignment roleAssignment = item.RoleAssignments.GetAssignmentByPrincipal(principal); if (roleAssignment != null) { if (roleAssignment.RoleDefinitionBindings.Contains(roleDefinition)) { roleAssignment.RoleDefinitionBindings.Remove(roleDefinition); roleAssignment.Update(); } } } } /// <summary> /// remove permission /// </summary> /// <param name="item">SPListItem</param> /// <param name="principal">SPPrincipal</param> /// <param name="roleType">SPRoleType</param> public static void RemovePermissionsSpecificRole(SPListItem item, SPPrincipal principal, SPRoleType roleType) { if (item != null) { SPRoleDefinition roleDefinition = item.Web.RoleDefinitions.GetByType(roleType); RemovePermissionsSpecificRole(item, principal, roleDefinition); } } #endregion #region Updating or Modifying Permissions on an item /// <summary> /// modify Permissions /// </summary> /// <param name="item">SPListItem</param> /// <param name="principal">SPPrincipal</param> /// <param name="roleType">SPRoleType</param> public static void ChangePermissions(SPListItem item, SPPrincipal principal, SPRoleType roleType) { if (item != null) { SPRoleDefinition roleDefinition = item.Web.RoleDefinitions.GetByType(roleType); ChangePermissions(item, principal, roleDefinition); } } /// <summary> /// modify Permissions /// </summary> /// <param name="item">SPListItem</param> /// <param name="principal">SPPrincipal</param> /// <param name="roleDefinition">SPRoleDefinition</param> public static void ChangePermissions(SPListItem item, SPPrincipal principal, SPRoleDefinition roleDefinition) { SPRoleAssignment roleAssignment = item.RoleAssignments.GetAssignmentByPrincipal(principal); if (roleAssignment != null) { roleAssignment.RoleDefinitionBindings.RemoveAll(); roleAssignment.RoleDefinitionBindings.Add(roleDefinition); roleAssignment.Update(); } } #endregion } }