问题描述
我想知道我是否想念一些东西.这是我的处理方式:对于SPFolder,我将更改关联项目的权限(SPFolder.Item).因此,我想管理SPFolder权限归结为管理SPListItem权限.对于SPListItem,我将首先使用SPListItem.BreakRoleInheritance()中断角色继承,然后使用RoleAssignments集合在其中添加和删除角色.
I want to know if I'm missing something.Here's how I would do it:For SPFolder I would change the associtaed item's permissions (SPFolder.Item).So I suppose managing SPFolder permissions boils down to managing SPListItem permissions.For SPListItem I would frist break role inheritance with SPListItem.BreakRoleInheritance() and then work with RoleAssignments collections adding and removing roles there.
我想知道RoleAssignments是否是管理SPListItem权限(除了继承)的唯一方法,并且是否有一种方法来管理没有角色的个人权限.也有EffectiveBasePermissions属性,但我不确定.
I wonder if RoleAssignments is the only way to manage SPListItem's permissions (besides inheritance) and is there a way to manage individual permissions without roles.There is also EffectiveBasePermissions property but I'm not sure.
所以问题是除了RoleAssignments集合外,还有其他方法(继承之外)来管理SPListItem权限吗?
So the question isis there other ways (besides inheritance) to manage SPListItem permissions apart from the RoleAssignments collection?
@Edit:也有AllRolesForCurrentUser,但是我想您可以从RoleAssignments属性中获得相同的信息,所以这只是为了方便.
@ there's also AllRolesForCurrentUser, but I guess you can get the same info from the RoleAssignments property, so this one is just for convenience.
@Edit:正如Flo在他的回答中指出的那样,设置存在问题
@ As Flo notes in his answer there is a problem with setting
folder.ParentWeb.AllowUnsafeUpdates = true;
并使用参数为'false'的BreakRoleInheritance(即,没有复制父对象的权限).
And using BreakRoleInheritance with argument of 'false' (i.e. without copying permissions of the parent object).
folder.Item.BreakRoleInheritance(false);
BreakRoleInheritance完全不会像您期望的那样,在允许不安全的更新之后无法处理GET请求.大概该方法会将AllowUnsafeUpdates重置为"false".
BreakRoleInheritance simply won't work on GET request as you'd expect after allowing unsafe updates. Presumably the method resets AllowUnsafeUpdates back to 'false'.
为此,我知道一个解决方法是在BreakRoleInheritance(true)之后手动删除继承的权限,如下所示:
One workaround I know for this is to manually delete the inherited permissions after you BreakRoleInheritance(true), like this:
folder.Item.BreakRoleInheritance(false);
while(folder.Item.RoleAssignments.Count > 0) {
folder.Item.RoleAssignments.Remove(0);
}
谢谢!
推荐答案
您几乎完全正确.我相信RoleAssignments确实是直接管理权限的唯一机制.这是一个帖子,其中显示了如何执行此操作的快速示例.我还使用了这些两个 帖子.
You have it pretty much right. I believe that RoleAssignments are indeed the only mechanism for managing permissions directly. Here's a post that shows a quick example of how to do it. I also used these two posts when I did some more complicated things.
这篇关于Sharepoint:如何以编程方式管理SPFolder和SPListItem权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!