This repository has been archived by the owner on Jun 18, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 233
/
sharepointqueryablesecurable.ts
130 lines (107 loc) · 4.38 KB
/
sharepointqueryablesecurable.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
import { Web } from "./webs";
import { RoleAssignments } from "./roles";
import { BasePermissions, PermissionKind } from "./types";
import { SharePointQueryable, SharePointQueryableInstance } from "./sharepointqueryable";
export class SharePointQueryableSecurable extends SharePointQueryableInstance {
/**
* Gets the set of role assignments for this item
*
*/
public get roleAssignments(): RoleAssignments {
return new RoleAssignments(this);
}
/**
* Gets the closest securable up the security hierarchy whose permissions are applied to this list item
*
*/
public get firstUniqueAncestorSecurableObject(): SharePointQueryableInstance {
return new SharePointQueryableInstance(this, "FirstUniqueAncestorSecurableObject");
}
/**
* Gets the effective permissions for the user supplied
*
* @param loginName The claims username for the user (ex: i:0#.f|membership|user@domain.com)
*/
public getUserEffectivePermissions(loginName: string): Promise<BasePermissions> {
const q = this.clone(SharePointQueryable, "getUserEffectivePermissions(@user)");
q.query.add("@user", `'${encodeURIComponent(loginName)}'`);
return q.get().then(r => {
// handle verbose mode
return r.hasOwnProperty("GetUserEffectivePermissions") ? r.GetUserEffectivePermissions : r;
});
}
/**
* Gets the effective permissions for the current user
*/
public getCurrentUserEffectivePermissions(): Promise<BasePermissions> {
const w = Web.fromUrl(this.toUrl());
return w.currentUser.select("LoginName").getAs<{ LoginName: string }>().then(user => {
return this.getUserEffectivePermissions(user.LoginName);
});
}
/**
* Breaks the security inheritance at this level optinally copying permissions and clearing subscopes
*
* @param copyRoleAssignments If true the permissions are copied from the current parent scope
* @param clearSubscopes Optional. true to make all child securable objects inherit role assignments from the current object
*/
public breakRoleInheritance(copyRoleAssignments = false, clearSubscopes = false): Promise<any> {
return this.clone(SharePointQueryableSecurable, `breakroleinheritance(copyroleassignments=${copyRoleAssignments}, clearsubscopes=${clearSubscopes})`).postCore();
}
/**
* Removes the local role assignments so that it re-inherit role assignments from the parent object.
*
*/
public resetRoleInheritance(): Promise<any> {
return this.clone(SharePointQueryableSecurable, "resetroleinheritance").postCore();
}
/**
* Determines if a given user has the appropriate permissions
*
* @param loginName The user to check
* @param permission The permission being checked
*/
public userHasPermissions(loginName: string, permission: PermissionKind): Promise<boolean> {
return this.getUserEffectivePermissions(loginName).then(perms => {
return this.hasPermissions(perms, permission);
});
}
/**
* Determines if the current user has the requested permissions
*
* @param permission The permission we wish to check
*/
public currentUserHasPermissions(permission: PermissionKind): Promise<boolean> {
return this.getCurrentUserEffectivePermissions().then(perms => {
return this.hasPermissions(perms, permission);
});
}
/**
* Taken from sp.js, checks the supplied permissions against the mask
*
* @param value The security principal's permissions on the given object
* @param perm The permission checked against the value
*/
/* tslint:disable:no-bitwise */
public hasPermissions(value: BasePermissions, perm: PermissionKind): boolean {
if (!perm) {
return true;
}
const low = parseFloat(value.Low);
const high = parseFloat(value.High);
if (perm === PermissionKind.FullMask) {
return (high & 32767) === 32767 && low === 65535;
}
perm = perm - 1;
let num = 1;
if (perm >= 0 && perm < 32) {
num = num << perm;
return 0 !== (low & num);
} else if (perm >= 32 && perm < 64) {
num = num << perm - 32;
return 0 !== (high & num);
}
return false;
}
/* tslint:enable */
}