SharePoint 2013 APP 安全示例 (一)
在这个示例里,我们将创建一个页面测试 SharePoint APP的权限。这个页面有二个按钮,一个从documents里读数据,一个往documents里写数据:
1. 打开Visual Studio 2012,创建一个新的 Sharepoint 2013 app: PermissionTest,选择
Sharepoint-hosted,点击Finish
2. 打开Default.aspx :
引入knockoutjs
<script type="text/javascript" src="https://ajax.aspnetcdn.com/ajax/knockout/knockout-2.2.1.js" ></script>
加入二个按钮:
<asp:Content ID="Content2" ContentPlaceHolderId="PlaceHolderPageTitleInTitleArea" runat="server"> App Permission Test </asp:Content> <asp:Content ID="Content3" ContentPlaceHolderID="PlaceHolderMain" runat="server"> <button data-bind="click: readList">Press here to read from Documents.</button> <br /> <button data-bind="click: writeList">Press here to write to Documents.</button> </asp:Content>
3. 打开APP.js, 加入下面js:
/// <reference path="knockout-3.0.0.debug.js" /> $(function () { ko.applyBindings(new testPermissionsViewModel()); }); function testPermissionsViewModel() { var self = this; self.result = null; self.readList = function () { var context = new SP.ClientContext.get_current(); var hostWebContext = new SP.AppContextSite(context, decodeURIComponent(getQueryStringParameter("SPHostUrl"))); self.result = hostWebContext.get_web().get_lists().getByTitle("Documents").getItems(new SP.CamlQuery.createAllItemsQuery()); context.load(self.result); context.executeQueryAsync( Function.createDelegate(self, self.onSuccess), Function.createDelegate(self, self.onFail) ); } self.writeList = function () { var context = new SP.ClientContext.get_current(); var hostWebContext = new SP.AppContextSite(context, decodeURIComponent(getQueryStringParameter("SPHostUrl"))); self.result = hostWebContext.get_web().get_lists().getByTitle("Documents").getItemById(1); self.result.set_item("Title", "My update book title"); self.result.update(); context.executeQueryAsync( Function.createDelegate(self, self.onSuccess), Function.createDelegate(self, self.onFail) ); } self.onSuccess = function () { if (self.result instanceof SP.ListItemCollection) { if (!self.result.get_item(0)) { alert("Success but no return"); } else { alert("Success, first title = " + self.result.get_item(0).get_item("Title")); } } else { alert("Success"); } } self.onFail = function (sender, args) { alert("Failed: " + args.get_message()); } } function getQueryStringParameter(paramToRetrieve) { var params = document.URL.split("?")[1].split("&"); var strParams = ""; for (var i = 0; i < params.length; i = i + 1) { var singleParam = params[i].split("="); if (singleParam[0] == paramToRetrieve) return singleParam[1]; } }
4. 打开 AppManifest.xml ,选择 Permissions tab, 创建一个权限请求,scope选择List, Permission选择Read:
5. 保存并发布APP, 选择Documents,点击Trust it按钮
6. 现在你能看到APP了:
7. 这时当你点击第二个按钮时,你将得到访问拒绝的信息,回到AppManifest.xml文件,把权限改为Write
8. 再保存并发布,再次点击第二个按钮,发现Success了。
郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。