Many people have been asking me this question as to how they can check user permissions in sites programmatically. This brief tutorial will tell you how you can do this. I have included the complete source code of the application for your convenience.
Figure 1: Application screenshot
Let's take a look at the code:MsgBox(CheckGroupRights(txtSiteURL.Text, txtSubSite.text, txtUserLogin.Text))
We have called the main function, CheckGroupRights in the msgbox function. CheckGroupRights() returns a string telling us whether the user has rights in the subsite or not. Please note that this tool will look for "Reader" privileges only. For example, if you provide a user named as "domainuser1" then this tool will check whether user1 has reader rights or not. You can modify the code to check for any type of rights.
If you look at the screen shot above, you will notice there are three fields where you would have to enter some text. For example, Site URL will contain the main URL of the site. User Login contains the user's login name, that is, complete login name including the domain, for example, domain1johndoe. Sub Site Name is the name of the site where you want to check the permissions. For example, you have a subsite named as subsite1 under the main site which has the following URL:
http://mainsite/sites/site1
The application will form the following URL from the values provided by you:
http://mainsite/sites/site1/subsite1
Here is the code that checks the rights:
Function CheckGroupRights(ByVal FolderPath As String, ByVal SubSite As String, ByVal UserLogin As String) As String
'Notes:
'Folderpath: is the main url where you want to find the permissions. I know this is cumbersome to provide
'both the url of the main site and the name of the subsite but this is just a sample to show you how things
'work. I may make it more simpler in the next version provided i got enough time to make the modifications.
'Examples: Folderpath: http://mainportalsite/sites/site1
' http://mainportalsite
'SubSite: This should be the name of the subsite, it should not be a URL, e.g,
'abc, 123, site1, site2, site3, etc
'final url that will be formed if your folderpath contained http://mainsite/sites/site1 and subsite contained "abc", will be
'http://mainsite/sites/site1/abc
'userlogin: is the users domain login, e.g, domainusername
Try
Dim strStatus As String = "User " & UserLogin & " does not have Reader permissions in " & FolderPath & "/" & SubSite & "."
If Not FolderPath Is Nothing Or Not FolderPath = "" Then
Dim siteCollection As SPSite
siteCollection = New SPSite(FolderPath)
Dim site As SPWeb = siteCollection.OpenWeb(SubSite)
Dim allUsers As SPUserCollection = site.Users
Dim user As SPUser
For Each user In allUsers
If user.LoginName.ToUpper = UserLogin.ToUpper Then
Dim allGroups As SPRoleCollection = user.Roles
Dim group As SPRole
For Each group In allGroups
Dim right As Integer
right = group.PermissionMask And SPRights.ViewListItems
If right = SPRights.ViewListItems Then
strStatus = "User " & UserLogin & " has Reader permissions in " & FolderPath & "/" & SubSite & "."
Return strStatus
Exit Function
End If
Next
End If
Next
Return strStatus
End If
Catch ex As Exception
MsgBox(ex.Message)
End Try
End Function
Code is pretty simple. Nothing fancy! Please look at these lines again:
…..
right = group.PermissionMask And SPRights.ViewListItems
If right = SPRights.ViewListItems Then
…..
SPRights.ViewListItems checks for the "Reader" privileges only. You can modify these lines to check other privileges. For example:
SPRights.ManageLists: Use "ManageLists" if you want to check whether the user has "Approver" rights in the subsite. User with these rights can add, edit, delete, approve content in the sites.
SPRights.EditListItems: User with these permissions can add, delete, modify site content but can not approve items in the site.
Similarly, you can check for many other types of privileges in the site. For complete list of rights, see SPS SDK.
I hope you will find this small tool useful. It is meant for learning purposes only. If you are a beginner, you can pick up hints from this code and can expand and make some other useful application out of this code. I will posting more small applications soon. Stay tuned!
-SSA
No comments:
Post a Comment