SharePoint 2013 APP 安全示例 (一)

在这个示例里,我们将创建一个页面测试 SharePoint APP的权限。这个页面有二个按钮,一个从documents里读数据,一个往documents里写数据:

1. 打开Visual Studio 2012,创建一个新的 Sharepoint 2013 app: PermissionTest,选择 Sharepoint-hosted,点击Finish

2. 打开Default.aspx :

引入knockoutjs

<script type="text/javascript" src="https://ajax.aspnetcdn.com/ajax/knockout/knockout-2.2.1.js" ></script>

加入二个按钮:

<asp:Content ID="Content2" ContentPlaceHolderId="PlaceHolderPageTitleInTitleArea" runat="server">
   App Permission Test
</asp:Content>
<asp:Content ID="Content3" ContentPlaceHolderID="PlaceHolderMain" runat="server">
   <button data-bind="click: readList">Press here to read from Documents.</button>
   <br />
   <button data-bind="click: writeList">Press here to write to Documents.</button>
</asp:Content>

3. 打开APP.js, 加入下面js:

/// <reference path="knockout-3.0.0.debug.js" />
$(function () {
    ko.applyBindings(new testPermissionsViewModel());
});

function testPermissionsViewModel() {
    var self = this;
    self.result = null;

    self.readList = function () {
        var context = new SP.ClientContext.get_current();
        var hostWebContext = new SP.AppContextSite(context, decodeURIComponent(getQueryStringParameter("SPHostUrl")));
        self.result = hostWebContext.get_web().get_lists().getByTitle("Documents").getItems(new SP.CamlQuery.createAllItemsQuery());
        context.load(self.result);
        context.executeQueryAsync(
            Function.createDelegate(self, self.onSuccess),
            Function.createDelegate(self, self.onFail)
            );
    }

    self.writeList = function () {
        var context = new SP.ClientContext.get_current();
        var hostWebContext = new SP.AppContextSite(context, decodeURIComponent(getQueryStringParameter("SPHostUrl")));
        self.result = hostWebContext.get_web().get_lists().getByTitle("Documents").getItemById(1);
        self.result.set_item("Title", "My update book title");
        self.result.update();
        context.executeQueryAsync(
            Function.createDelegate(self, self.onSuccess),
            Function.createDelegate(self, self.onFail)
            );
    }

    self.onSuccess = function () {
        if (self.result instanceof SP.ListItemCollection) {
            if (!self.result.get_item(0)) {
                alert("Success but no return");
            }
            else {
                alert("Success, first title = " + self.result.get_item(0).get_item("Title"));
            }
        }
        else {
            alert("Success");
        }
    }

    self.onFail = function (sender, args) {
        alert("Failed: " + args.get_message());
    }
}


function getQueryStringParameter(paramToRetrieve) {
    var params =
    document.URL.split("?")[1].split("&");
    var strParams = "";
    for (var i = 0; i < params.length; i = i + 1) {
        var singleParam = params[i].split("=");
        if (singleParam[0] == paramToRetrieve)
            return singleParam[1];
    }
}

4. 打开 AppManifest.xml ,选择 Permissions tab, 创建一个权限请求,scope选择List, Permission选择Read:

5. 保存并发布APP, 选择Documents,点击Trust it按钮

6. 现在你能看到APP了:

7. 这时当你点击第二个按钮时,你将得到访问拒绝的信息,回到AppManifest.xml文件,把权限改为Write

8. 再保存并发布,再次点击第二个按钮,发现Success了。

郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。