Dynamics CRM 365 实现某个人没有权限查看记录，但是通过插件共享的方式，成功让他能看

步骤1，在pre共享给当前人

using System;
using Microsoft.Crm.Sdk.Messages;
using Microsoft.Xrm.Sdk;
using Microsoft.Xrm.Sdk.Client;
using Microsoft.Xrm.Sdk.Query;
using Newtonsoft.Json;

namespace SCWCRMSolution.Plugin.authorize
{
    /// <summary>
    /// 授权产品查询后：增加医院对应授权的查看权限：通过共享实现
    /// </summary>
    public class scw_authorize_retrieve_pre : IPlugin
    {

        public void Execute(IServiceProvider serviceProvider)
        {
            ITracingService tracer = (ITracingService)serviceProvider.GetService(typeof(ITracingService));
            IPluginExecutionContext context = (IPluginExecutionContext)serviceProvider.GetService(typeof(IPluginExecutionContext));
            IOrganizationServiceFactory factory = (IOrganizationServiceFactory)serviceProvider.GetService(typeof(IOrganizationServiceFactory));
            IOrganizationService service = factory.CreateOrganizationService(context.UserId);
            IOrganizationService adminService = factory.CreateOrganizationService(null);
            try
            {
                if (context.Depth > 1)
                {
                    return;
                }

                if (context.MessageName.ToLower() == "retrieve")
                {
                    if (context.InputParameters.Contains("Target"))
                    {
                        var enfer = (Microsoft.Xrm.Sdk.EntityReference)context.InputParameters["Target"];

                        #region 将当前记录共享给当前人
                        bool isNeedShare = true;  //是否需要共享
                        RetrieveSharedPrincipalsAndAccessRequest shareRequest = new RetrieveSharedPrincipalsAndAccessRequest();
                        shareRequest.Target = enfer;
                        RetrieveSharedPrincipalsAndAccessResponse shareResponse =(RetrieveSharedPrincipalsAndAccessResponse)adminService.Execute(shareRequest);
                        if (shareResponse.PrincipalAccesses != null)
                        {
                            foreach (PrincipalAccess pa in shareResponse.PrincipalAccesses)
                            {
                                if (pa.Principal.Id.ToString() == context.UserId.ToString())
                                {
                                    isNeedShare = false;
                                }
                            }
                        }

                        if (isNeedShare)
                        {
                            var request = new GrantAccessRequest
                            {
                                PrincipalAccess = new PrincipalAccess
                                {
                                    AccessMask = AccessRights.ReadAccess | AccessRights.AppendAccess | AccessRights.AppendToAccess,
                                    Principal = new EntityReference("systemuser", context.UserId)
                                },
                                Target = enfer
                            };
                            adminService.Execute(request);

                            Entity SysEn = new Entity("systemuser", context.UserId);
                            SysEn["scw_authorizeid"] = enfer.Id.ToString();   //记录手动共享的，在post取消共享
                            adminService.Update(SysEn);
                        }

                        #endregion
                         
                    }
                     
                }
            }
            catch (Exception e)
            {
                throw new InvalidPluginExecutionException(e.Message);
            }
        }

    }
}

View Code

步骤2：在post取消共享给当前人

using System;
using Microsoft.Crm.Sdk.Messages;
using Microsoft.Xrm.Sdk;
using Microsoft.Xrm.Sdk.Client;
using Microsoft.Xrm.Sdk.Query;
using Newtonsoft.Json;

namespace SCWCRMSolution.Plugin.authorize
{
    /// <summary>
    /// 授权产品查询后：增加医院对应授权的查看权限
    /// </summary>
    public class scw_authorize_retrieve_post : IPlugin
    {

        public void Execute(IServiceProvider serviceProvider)
        {
            ITracingService tracer = (ITracingService)serviceProvider.GetService(typeof(ITracingService));
            IPluginExecutionContext context = (IPluginExecutionContext)serviceProvider.GetService(typeof(IPluginExecutionContext));
            IOrganizationServiceFactory factory = (IOrganizationServiceFactory)serviceProvider.GetService(typeof(IOrganizationServiceFactory));
            IOrganizationService service = factory.CreateOrganizationService(context.UserId);
            IOrganizationService adminService = factory.CreateOrganizationService(null);
            try
            {
                if (context.MessageName.ToLower() == "retrieve")
                {
                    if (context.OutputParameters.Contains("BusinessEntity"))
                    {
                        var en = (Microsoft.Xrm.Sdk.Entity)context.OutputParameters["BusinessEntity"];

                        #region 将当前记录共享取消给当前人
                        bool isNeedDeleteShare = false;  //是否需要取消共享
                        RetrieveSharedPrincipalsAndAccessRequest shareRequest = new RetrieveSharedPrincipalsAndAccessRequest();
                        shareRequest.Target = en.ToEntityReference();
                        RetrieveSharedPrincipalsAndAccessResponse shareResponse = (RetrieveSharedPrincipalsAndAccessResponse)adminService.Execute(shareRequest);
                        if (shareResponse.PrincipalAccesses != null)
                        {
                            foreach (PrincipalAccess pa in shareResponse.PrincipalAccesses)
                            {
                                if (pa.Principal.Id.ToString() == context.UserId.ToString())  //存在共享记录
                                {
                                    //判断该共享记录是不是pre共享的
                                    Entity sysEn = adminService.Retrieve("systemuser", context.UserId, new ColumnSet("systemuserid", "scw_authorizeid"));
                                    if (sysEn != null && sysEn.Contains("scw_authorizeid")
                                        && !string.IsNullOrWhiteSpace(sysEn.GetAttributeValue<string>("scw_authorizeid")))
                                    {
                                        isNeedDeleteShare = true;
                                    }

                                }
                            }
                        }

                        if (isNeedDeleteShare)
                        {
                            //取消共享
                            var request = new RevokeAccessRequest
                            {
                                Revokee = new EntityReference("systemuser", context.UserId),
                                Target = en.ToEntityReference()
                            };
                            service.Execute(request);  //这里不能用管理员，不然报：Only owner can revoke access to the owner.

                            //标记已经移除
                            Entity SysEn = new Entity("systemuser", context.UserId);
                            SysEn["scw_authorizeid"] = null;
                            adminService.Update(SysEn);
                        }
                        #endregion
                    }
                }
            }
            catch (Exception e)
            {
                throw new InvalidPluginExecutionException(e.Message);
            }
        }

    }
}

View Code

相关阅读:
Codeforces Round #372 (Div. 1) B. Complete The Graph （枚举+最短路）
HDU6430 Problem E. TeaTree【dsu on tree】
HDU4358 Boring counting【dsu on tree】
HDU6191 Query on A Tre【dsu on tree + 01字典树】
2019 ICPC Asia Yinchuan Regional
广义后缀自动机例题
 2017-2018 ACM-ICPC Northern Eurasia (Northeastern European Regional) Contest (NEERC 17)
BZOJ3238 [Ahoi2013]差异【SAM or SA】
HDU4622 Reincarnation【SAM】
BZOJ1396 识别子串【SAM+SegmentTree】
原文地址：https://www.cnblogs.com/parkerchen/p/16276729.html