Reputation: 341
Checking if current user can view list in SharePoint CSOM
How do I determine if the current user can view list items or read a list in SharePoint Online / Office365?
I have some working code that returns the lists
// Retrieve all lists from the server.
context.Load(web.Lists,
lists => lists.Include(list => list.Title,
list => list.Id,
list => list.Hidden,
list => list.BaseTemplate,
list => list.BaseType));
// Execute query.
context.ExecuteQuery();
// Enumerate the web.Lists.
foreach (List list in web.Lists)
{
if (list.Hidden ||
list.BaseType != BaseType.GenericList) continue;
// .... check permissions here before adding ...
names.Add(list.Id.ToString(), list.Title);
}
But I don't know how to test that they current user can access the list items.
Upvotes: 2
Views: 4719
Answers (2)
Reputation: 59358
- Use List.EffectiveBasePermissions property to retrieve the effective permissions on the list that are assigned to the current user
- Use BasePermissions.Has method by specifying PermissionKind.ViewListItems to determine whether current user could access List
Modified example
ctx.Load(web.Lists,
lists => lists.Include(list => list.Title,
list => list.Id,
list => list.Hidden,
list => list.BaseTemplate,
list => list.BaseType,
list => list.EffectiveBasePermissions));
ctx.ExecuteQuery();
foreach (List list in web.Lists)
{
if (list.Hidden ||
list.BaseType != BaseType.GenericList) continue;
if (!list.EffectiveBasePermissions.Has(PermissionKind.ViewListItems)) continue; //verity List permissions
}
Upvotes: 2
Reputation: 411
You might want to consider doing this at the group level. This would require you set access either based on this group or layered on top of existing group access, but that's pretty straightforward (I can go into more detail there if you need). Here are some benefits of this approach:
- you could tie a single group to multiple lists so your code might peform better
- technically, each list item could have different security, so checking each item individually could perform poorly
These may not apply to you, but what does is that it's relatively easy to check if users are in a particular group. Here's an example function that will return all the users in a group. You would likely want to cache this somewhere and check the current user against it.
public List<User> GetGroupUsersList(string GroupName)
{
var retval = new List<User>();
ClientContext context = GetContext();
var groupList = context.Web.SiteGroups;
context.Load(groupList);
context.ExecuteQuery();
var grp = groupList.Where(x => x.Title == GroupName).FirstOrDefault();
context.Load(grp, y => y.Title, y => y.Users);
context.ExecuteQuery();
if (grp != null && grp.Users != null)
{
foreach (var usr in grp.Users)
{
retval.Add(usr);
}
}
return retval;
}
Upvotes: 0
Related Questions
- Best way to determine if a user can view a window
- Check if specified user belongs to specific group or not
- How to check that a user is Admin in SharePoint CSOM
- Sharepoint 2010, Determine access to SPListItem based on a Current User
- Get all the users based on a specific permission using CSOM in SharePoint 2013
- C# Check SharePoint List permissions using SharePoint Client Object Model
- c# - How to check if current logged in user has access to page in Sharepoint 2013
- Check current user's permission if the user has no enumerate permission in SharePoint
- View permission to check logged in members
- Check if user has access to Content database in SharePoint 2010