SharePoint permission list-item level
Pergunta
I have a list of projects with three different status based on the user permission. What I want is that some list items will show to the user based on their permission and the rest will be hidden. Is this possible?
Possible to use a web part content query to extract items from a list based on their permission? Or any other way?
Solução
You can use JavaScript code as below:
function breakInheritance() {
var clientContext = new SP.ClientContext.get_current();
var oList = clientContext.get_web().get_lists().getByTitle('TestList');
this.item = oList.getItemById(2);
// Break inheritance. If argument is 'true' then parent list
// permissions are kept as is. If 'false' then parent list
// permission are removed.
item.breakRoleInheritance(true);
this.oUser = clientContext.get_web().ensureUser('DOMAIN\\user');
var collRoleDefinitionBinding = SP.RoleDefinitionBindingCollection.newObject(clientContext);
this.roleDefs = clientContext.get_web().get_roleDefinitions();
//Assign 'Reader' permission level to user
//collRoleDefinitionBinding.add(roleDefs.getByType(SP.RoleType.reader));
//Assign '<CUSTOM PERMISSION LEVEL>' permission level to user
collRoleDefinitionBinding.add(roleDefs.getByName("<CUSTOM PERMISSION LEVEL>"));
item.get_roleAssignments().add(oUser, collRoleDefinitionBinding);
clientContext.load(oUser);
clientContext.load(item);
clientContext.executeQueryAsync(Function.createDelegate(this, this.onQuerySucceeded), Function.createDelegate(this, this.onQueryFailed));
}
function onQuerySucceeded(sender, args) {
console.log(item);
}
function onQueryFailed(sender, args) {
alert('Request failed. ' + args.get_message() + '\n' + args.get_stackTrace());
}
Outras dicas
For classic view, you could hide list item by CSR.
Below is sample script to hide list item if user have not edit permission for list item.
<script type="text/javascript">
(function () {
function OnPostRenderTemplate(ctx) {
SP.SOD.executeOrDelayUntilScriptLoaded(loadContext, 'sp.js');
function loadContext() {
var rows = ctx.ListData.Row;
var call = jQuery.ajax({
url: _spPageContextInfo.webAbsoluteUrl +
"/_api/Web/effectiveBasePermissions",
type: "GET",
dataType: "json",
async: false,
headers: {
Accept: "application/json;odata=verbose"
}
});
var manageLists;
call.done(function (data, textStatus, jqXHR) {
var manageListsPerms = new SP.BasePermissions();
manageListsPerms.initPropertiesFromJson(data.d.EffectiveBasePermissions);
manageLists = manageListsPerms.has(SP.PermissionKind.manageLists);
});
for (var i = 0; i < rows.length; i++) {
var row = document.getElementById(GenerateIIDForListItem(ctx, rows[i]));
if (manageLists) {
row.style.display = 'block';
} else {
row.style.display = 'none';
}
}
}
}
function RegisterListViewTemplate() {
var viewContext = {};
viewContext.Templates = {};
viewContext.Templates.OnPostRender = OnPostRenderTemplate;
SPClientTemplates.TemplateManager.RegisterTemplateOverrides(viewContext);
}
ExecuteOrDelayUntilScriptLoaded(RegisterListViewTemplate, 'clienttemplates.js');
})();
</script>
Licenciado em: CC-BY-SA com atribuição
Não afiliado a sharepoint.stackexchange