namespace Microsoft.SharePoint { using System; using System.Text; using System.Collections.Generic; using System.Linq; using Microsoft.SharePoint; public static class PermissionManager { //SPGroup group = web.Groups[0]; //SPUser user = web.Users[0]; //SPUser user2 = web.EnsureUser("mangaldas.mano"); //SPUser user3 = web.EnsureUser("Domain Users"); //SPPrincipal[] principals = { group, user, user2, user3 }; #region Adding Permissions to an item /// <summary> /// Set Permissions /// </summary> /// <param name="item">SPListItem</param> /// <param name="user">SPUser</param> /// <param name="roleType">SPRoleType</param> public static void SetPermissions(SPListItem item, SPUser user, SPRoleType roleType) { if (item != null) { SPRoleDefinition roleDefinition = item.Web.RoleDefinitions.GetByType(roleType); SetPermissions(item, (SPPrincipal)user, roleDefinition); } } public static void SetPermissions(SPListItem item, SPUser user, string rolename) { if (item != null) { SPRoleDefinition roleDefinition = item.Web.RoleDefinitions[rolename]; if (roleDefinition != null) SetPermissions(item, (SPPrincipal)user, roleDefinition); } } public static void SetPermissions(SPListItem item, string groupName, string rolename) { if (item != null) { SPRoleDefinition roleDefinition = item.Web.RoleDefinitions[rolename]; SPGroup group = item.Web.Groups[groupName]; if (roleDefinition != null && group != null) SetPermissions(item, (SPPrincipal)group, roleDefinition); } } public static void SetPermissions(SPListItem item, string groupName, SPRoleType roleType) { if (item != null) { SPRoleDefinition roleDefinition = item.Web.RoleDefinitions.GetByType(roleType); SPGroup group = item.Web.Groups[groupName]; if (group != null) SetPermissions(item, (SPPrincipal)group, roleDefinition); } } /// <summary> /// Set Permissions /// </summary> /// <param name="item">SPListItem</param> /// <param name="principals">IEnumerable</param> /// <param name="roleType">SPRoleType</param> public static void SetPermissions(SPListItem item, IEnumerable<SPPrincipal> principals, SPRoleType roleType) { if (item != null) { foreach (SPPrincipal principal in principals) { SPRoleDefinition roleDefinition = item.Web.RoleDefinitions.GetByType(roleType); SetPermissions(item, principal, roleDefinition); } } } /// <summary> /// Set Permissions /// </summary> /// <param name="item">SPListItem</param> /// <param name="principal">SPPrincipal</param> /// <param name="roleType">SPRoleType</param> public static void SetPermissions(SPListItem item, SPPrincipal principal, SPRoleType roleType) { if (item != null) { SPRoleDefinition roleDefinition = item.Web.RoleDefinitions.GetByType(roleType); SetPermissions(item, principal, roleDefinition); } } /// <summary> /// Set Permissions /// </summary> /// <param name="item">SPListItem</param> /// <param name="user">SPUser</param> /// <param name="roleDefinition">SPRoleDefinition</param> public static void SetPermissions(SPListItem item, SPUser user, SPRoleDefinition roleDefinition) { if (item != null) { SetPermissions(item, (SPPrincipal)user, roleDefinition); } } /// <summary> /// Set Permissions /// </summary> /// <param name="item">SPListItem</param> /// <param name="principal">SPPrincipal</param> /// <param name="roleDefinition">SPRoleDefinition</param> public static void SetPermissions(SPListItem item, SPPrincipal principal, SPRoleDefinition roleDefinition) { if (item != null) { BreakRoleSPListItem(item); SPRoleAssignment roleAssignment = new SPRoleAssignment(principal); roleAssignment.RoleDefinitionBindings.Add(roleDefinition); item.RoleAssignments.Add(roleAssignment); } } #endregion #region Deleting all user Permissions from an item /// <summary> /// remove permisions /// </summary> /// <param name="item">SPListItem</param> /// <param name="user">SPUser</param> public static void RemovePermissions(SPListItem item, SPUser user) { if (item != null) { RemovePermissions(item, user as SPPrincipal); } } public static void RemovePermissions(SPListItem item, string groupName) { if (item != null) { SPGroup group = item.Web.Groups[groupName]; if (group != null) RemovePermissions(item, group as SPPrincipal); } } /// <summary> /// remove permisions /// </summary> /// <param name="item">SPListItem</param> /// <param name="principal">SPPrincipal</param> public static void RemovePermissions(SPListItem item, SPPrincipal principal) { if (item != null) { BreakRoleSPListItem(item); item.RoleAssignments.Remove(principal); // item.SystemUpdate(); } } #endregion #region Removing specific roles from an item /// <summary> /// remove permission /// </summary> /// <param name="item">SPListItem</param> /// <param name="principal">SPPrincipal</param> /// <param name="roleDefinition">SPRoleDefinition</param> public static void RemovePermissionsSpecificRole(SPListItem item, SPPrincipal principal, SPRoleDefinition roleDefinition) { if (item != null) { SPRoleAssignment roleAssignment = item.RoleAssignments.GetAssignmentByPrincipal(principal); if (roleAssignment != null) { if (roleAssignment.RoleDefinitionBindings.Contains(roleDefinition)) { roleAssignment.RoleDefinitionBindings.Remove(roleDefinition); roleAssignment.Update(); } } } } /// <summary> /// remove permission /// </summary> /// <param name="item">SPListItem</param> /// <param name="principal">SPPrincipal</param> /// <param name="roleType">SPRoleType</param> public static void RemovePermissionsSpecificRole(SPListItem item, SPPrincipal principal, SPRoleType roleType) { if (item != null) { SPRoleDefinition roleDefinition = item.Web.RoleDefinitions.GetByType(roleType); RemovePermissionsSpecificRole(item, principal, roleDefinition); } } public static void RemovePermissionsSpecificRole(SPListItem item, SPUser user, string roleName) { if (item != null) { SPRoleDefinition roleDefinition = item.Web.RoleDefinitions[roleName]; if (roleDefinition != null) RemovePermissionsSpecificRole(item, user as SPPrincipal, roleDefinition); } } public static void RemovePermissionsSpecificRole(SPListItem item, string groupName, string roleName) { if (item != null) { SPRoleDefinition roleDefinition = item.Web.RoleDefinitions[roleName]; SPGroup group = item.Web.Groups[groupName]; if (group != null && roleDefinition != null) RemovePermissionsSpecificRole(item, group as SPPrincipal, roleDefinition); } } #endregion #region Updating or Modifying Permissions on an item /// <summary> /// modify Permissions /// </summary> /// <param name="item">SPListItem</param> /// <param name="principal">SPPrincipal</param> /// <param name="roleType">SPRoleType</param> public static void ChangePermissions(SPListItem item, SPPrincipal principal, SPRoleType roleType) { if (item != null) { SPRoleDefinition roleDefinition = item.Web.RoleDefinitions.GetByType(roleType); ChangePermissions(item, principal, roleDefinition); } } public static void ChangePermissions(SPListItem item, SPUser user, string roleName) { if (item != null) { SPRoleDefinition roleDefinition = item.Web.RoleDefinitions[roleName]; if (roleDefinition != null) ChangePermissions(item, user as SPPrincipal, roleDefinition); } } public static void ChangePermissions(SPListItem item, string groupName, string roleName) { if (item != null) { SPRoleDefinition roleDefinition = item.Web.RoleDefinitions[roleName]; SPGroup group = item.Web.Groups[groupName]; if (roleDefinition != null) ChangePermissions(item, group as SPPrincipal, roleDefinition); } } /// <summary> /// modify Permissions /// </summary> /// <param name="item">SPListItem</param> /// <param name="principal">SPPrincipal</param> /// <param name="roleDefinition">SPRoleDefinition</param> public static void ChangePermissions(SPListItem item, SPPrincipal principal, SPRoleDefinition roleDefinition) { //SPRoleAssignment roleAssignment = item.RoleAssignments.GetAssignmentByPrincipal(principal); //if (roleAssignment != null) //{ // roleAssignment.RoleDefinitionBindings.RemoveAll(); // roleAssignment.RoleDefinitionBindings.Add(roleDefinition); // roleAssignment.Update(); //} RemovePermissions(item, principal); SetPermissions(item, principal, roleDefinition); } #endregion public static void BreakRoleSPListItem(SPListItem item) { if (item.HasUniqueRoleAssignments) { item.ResetRoleInheritance(); } item.BreakRoleInheritance(false); } public static SPUser GetSPUserFromSPListItemByFieldName(SPListItem spItem, string fieldName) { SPFieldUser field = spItem.Fields[fieldName] as SPFieldUser; if (field != null && spItem[fieldName] != null) { SPFieldUserValue fieldValue = field.GetFieldValue(spItem[fieldName].ToString()) as SPFieldUserValue; if (fieldValue != null) { return fieldValue.User; } } return null; } class DisabledItemEventsScope : SPItemEventReceiver, IDisposable { public DisabledItemEventsScope() { this.EventFiringEnabled = false; } #region IDisposable Members public void Dispose() { this.EventFiringEnabled = true; } #endregion } public static void SaveListItem(SPListItem item) { using (DisabledItemEventsScope scope = new DisabledItemEventsScope()) { item.SystemUpdate(); } } } }
http://blog.csdn.net/minglelui/article/details/6731824