Use
EffectiveBasePermissions
to get permissions of the user on a list. Example:http://aissp2013/sites/Team/_api/web/lists/getbytitle('L2')/EffectiveBasePermissions
Note that this will give the permissions of the logged in user. However, if the need is to check for other users permission while being logged in using as a different user then as suggested by @Amit, use
getusereffectivepermissions
. In any case the end result is high and low permission masks which don’t make much sense and a way to decipher what permissions a user has is to use SP.BasePermissions().has
as can be seen in below example:function checkPermissions() {
var call = jQuery.ajax({
url: _spPageContextInfo.webAbsoluteUrl +
"/_api/Web/effectiveBasePermissions",
type: "GET",
dataType: "json",
headers: {
Accept: "application/json;odata=verbose"
}
});
call.done(function (data, textStatus, jqXHR) {
var manageListsPerms = new SP.BasePermissions();
manageListsPerms.initPropertiesFromJson(data.d.EffectiveBasePermissions);
var manageLists = manageListsPerms.has(SP.PermissionKind.manageLists);
var message = jQuery("#message");
message.text("Manage Lists: " + manageLists);
});
}
Code In Rest API To Check Permission in Item Level:(Implemented Code)
function checkPermissions(folderName,selectedLink) {
$.ajax({
url: _spPageContextInfo.webAbsoluteUrl +
"/_api/web/GetFolderByServerRelativeUrl('"+folderName+"')/ListItemAllFields/effectiveBasePermissions",
type: "GET",
dataType: "json",
headers: {
Accept: "application/json;odata=verbose"
},
success: function(data,status,xhr){
var manageListsPerms = new SP.BasePermissions();
manageListsPerms.initPropertiesFromJson(data.d.EffectiveBasePermissions);
var manageLists = manageListsPerms.has(SP.PermissionKind.editListItems);
//console.log(manageLists);
if(manageLists==true)
{
var ht='<a title="Add a new item to this list or library." href="javascript:void(0);" onclick="AddNewDocument(\''+folderName+'\',\''+selectedLink+'\')" target="_self"><i class="add-new">+</i> New Document</a>';
$('#pAddNewDocument').html(ht);
$('#pAddNewDocument').show();
$('#pAddNewDocument').show();
}else
{
$('#pAddNewDocument').hide();
}
},
error: function(xhr, status, error){
$('#pAddNewDocument').hide();
//alert("Error!" + xhr.status);
}
});
/* call.done(function (data, textStatus, jqXHR) {
var manageListsPerms = new SP.BasePermissions();
manageListsPerms.initPropertiesFromJson(data.d.EffectiveBasePermissions);
var manageLists = manageListsPerms.has(SP.PermissionKind.editListItems);
if(manageLists==true)
{
$('#pAddNewDocument').show();
}else
{
$('#pAddNewDocument').hide();
}*/
}
Using SP.PermissionKind ECMAScript\Javascript Client Object model
With SP.PermissionKind you can check if th ecurrent user has permissions of a specfic permission type. See an example where we check if the current user has ListEdit permissions
Lets Look at the Specifies permissions that are used to define user roles
Permission Name emptyMask - Has no permissions on the Web site. Not available through the user interface.
viewListItems - View items in lists, documents in document libraries, and Web discussion comments.
addListItems - Add items to lists, add documents to document libraries, and add Web discussion comments.
editListItems - Edit items in lists, edit documents in document libraries, edit Web discussion comments in documents, and customize Web Part Pages in document libraries.
deleteListItems - Delete items from a list, documents from a document library, and Web discussion comments in documents.
approveItems - Approve a minor version of a list item or document.
openItems - View the source of documents with server-side file handlers.
viewVersions - View past versions of a list item or document.
deleteVersions - Delete past versions of a list item or document.
cancelCheckout - Cancel or check in a document that is checked out to another user.
managePersonalViews - Create, change, and delete personal views of lists.
manageLists - Create and delete lists, add or remove columns in a list, and add or remove public views of a list.
viewFormPages - View forms, views and application pages, and enumerate lists.
open - Open a Web site, list, or folder to access items inside the container.
viewPages - View pages in a Web site.
addAndCustomizePages - Add, change, or delete HTML pages, and edit the Web site using an editor that is compatible with Microsoft SharePoint Server 2010.
applyThemeAndBorder - Apply a theme or borders to the Web site.
applyStyleSheets - Apply a style sheet (.css file) to the Web site.
viewUsageData - View reports on Web site usage.
createSSCSite - Create a Web site using Self-Service Site Creation.
manageSubwebs - Create subsites such as team sites, Meeting Workspace sites, and Document Workspace sites.
createGroups - Create a group of users that can be used anywhere within the site collection.
managePermissions - Create and change permission levels on the Web site and assign permissions to users and groups.
browseDirectories - Enumerate files and folders on a site using Microsoft SharePoint Designer and WebDAV interfaces.
browseUserInfo - View information about the users of the Web site.
addDelPrivateWebParts - Add or remove personal Web Parts on a Web Part Page.
updatePersonalWebParts - Update Web Parts to display personalized information.
manageWeb - Grant the ability to perform all administration tasks for the Web site and manage Web site content.
useClientIntegration - Launch client applications on the server. Otherwise, users must work on documents locally and upload changes.
useRemoteAPIs - Use SOAP, WebDAV, or Microsoft SharePoint Designer interfaces to access the Web site.
manageAlerts - Manage alerts for all users of the Web site.
createAlerts - Create e-mail alerts.
editMyUserInfo - Change user information, such as adding a picture.
enumeratePermissions - Enumerates permissions on the Web site, list, folder, document, or list item.
fullMask - Has all permissions on the Web site. Not available through the user interface.
No comments:
Post a Comment