大家都知道在sharepoint2010登录,系统自动根据登录用户给出有权限的列表记录?但是有些业务场景用户不能登录,如对外提供接口给业务系统调用列表数据,需要根据不同用户返回不同的列表记录。此时需要考虑如何根据登录名获取有权限的列表记录。下面我介绍2个方法来进行
1、通过DoesUserHavePermissions来获取有权限的记录
//申明集合 List<EGNewsEntity> EGNewsEntityList = new List<EGNewsEntity>(); try { //得到列表 SPList m_objList = web.Lists[listName]; //查询 SPQuery query = new SPQuery(); query.Query = strWhere; //查询的字段 if (ViewField.Length > 0) { query.ViewFields = BuildViewFields(ViewField); } SPListItemCollection m_objListItemColl = m_objList.GetItems(query); //根据当前用户判断是否有权限的记录条数 foreach (SPListItem item in m_objListItemColl) { //判断用户是否有有改记录的阅读权限(查看权限) if (item.DoesUserHavePermissions(user, SPBasePermissions.ViewListItems)) { //申明实体类 EGNewsEntity entity = new EGNewsEntity(); //赋值 entity.ID = item["ID"] == null ? string.Empty : item["ID"].ToString(); entity.Title = item["Title"] == null ? string.Empty : item["Title"].ToString(); entity.CreateTime = Convert.ToDateTime(item["ApplyDateTime"]); entity.Content = item["Content"] == null ? string.Empty : item["Content"].ToString(); //加入集合 EGNewsEntityList.Add(entity); } } } catch { } // return EGNewsEntityList; }
2、通过UserToken来获取有权限的记录
//申明集合 DataTable table =null; #region//账号是否存在 if (web.AllUsers[UserAccount] != null) { //获取userToken SPUserToken userToken = web.AllUsers[UserAccount].UserToken; #region//***************************获取token,模拟当前账号登陆 using (SPSite owSite = new SPSite(siteUrl, userToken)) { #region //模拟当前登陆用户打开站点 using (SPWeb owWeb = owSite.OpenWeb(webUrl)) { try { #region//列表名称 string listName = EGNewsConfig.NewsListName; //如果是新闻 if (NewsType == EGNewsEntity.NewsType.News) { listName = EGNewsConfig.NewsListName; } //如果是公告 if (NewsType == EGNewsEntity.NewsType.Notice) { listName = EGNewsConfig.NoticeListName; } #endregion //如果列表名称 if (!string.IsNullOrEmpty(listName)) { #region//查询条件 string strWhere = "<OrderBy><FieldRef Name=\"ApplyDateTime\" Ascending=\"False\" /></OrderBy>"; //如果有关键字 if (!string.IsNullOrEmpty(Key)) { strWhere = "<Where><Eq><FieldRef Name=\"Title\" /><Value Type=\"Text\">" + Key + "</Value></Eq></Where>" + strWhere; } #endregion //申明dataTable table = MakeNamesTable(); #region//获取总的记录 SPQuery query = new SPQuery(); query.Query = strWhere; query.ViewFields = BuildViewFields(new string[]{"Title"}); totalCount = owWeb.Lists[listName].GetItems(query).Count; #endregion // int _totalcount = 0; //得到记录 SPListItemCollection itemCollection = GetPageList(owWeb, listName, PageSize, PageIndex, out _totalcount, strWhere, new string[] { "ID", "Title", "ApplyDateTime", "Content" }); #region//循环 foreach (SPListItem item in itemCollection) { //datatable增加一条记录 DataRow row = table.NewRow(); //ID号码 row["ID"] = item["ID"]; //赋值标题 row["Title"] = item["Title"]; //内容 row["Content"] = item["Content"]; //赋值创建时间 row["CreateTime"] = item["ApplyDateTime"]; //增加记录 table.Rows.Add(row); } #endregion } } catch(Exception ex) { errMsg = ex.Message; } } #endregion } #endregion } #endregion // return table;