From 9d47d8c9865ae5a4e4be4d73009820b54a5705e9 Mon Sep 17 00:00:00 2001 From: Elio Struyf Date: Wed, 24 Apr 2019 20:53:17 +0200 Subject: [PATCH] #271 - Better implementation for the item and folder checks --- .../securityTrimmedControl/PermissionLevel.ts | 10 +- .../SecurityTrimmedControl.tsx | 115 ++++++++++-------- 2 files changed, 75 insertions(+), 50 deletions(-) diff --git a/src/controls/securityTrimmedControl/PermissionLevel.ts b/src/controls/securityTrimmedControl/PermissionLevel.ts index 907758ef6..7c30fbc81 100644 --- a/src/controls/securityTrimmedControl/PermissionLevel.ts +++ b/src/controls/securityTrimmedControl/PermissionLevel.ts @@ -17,5 +17,13 @@ export enum PermissionLevel { /** * Checks permissions on the specified list/library URL in combination with the site URL */ - remoteListOrLib + remoteListOrLib, + /** + * Check permissions on a specific item in a list/library + */ + remoteListItem, + /** + * Check permissions on a specific folder + */ + remoteFolder } diff --git a/src/controls/securityTrimmedControl/SecurityTrimmedControl.tsx b/src/controls/securityTrimmedControl/SecurityTrimmedControl.tsx index 016f555ff..7700ed1c9 100644 --- a/src/controls/securityTrimmedControl/SecurityTrimmedControl.tsx +++ b/src/controls/securityTrimmedControl/SecurityTrimmedControl.tsx @@ -62,6 +62,10 @@ export class SecurityTrimmedControl extends React.Component data.json()); - // Check if a result was retrieved - if (result) { - // Check if an error was retrieved - if (result.error) { - // Do not allow rendering when there was an error - this.setState({ - allowRender: false - }); - console.error(`Error retrieved while checking user's remote list or library permissions.`); - return; - } - - // Check the result high and low value are returned - if (typeof result.High !== "undefined" && typeof result.Low !== "undefined") { - // Create the permission mask - const permission = new SPPermission(result); - const hasPermissions = permission.hasAllPermissions(...permissions); - - this.setState({ - allowRender: hasPermissions - }); - return; - } - } else { - this.setState({ - allowRender: false - }); - console.error(`No result value was retrieved when checking the user's remote list or library permissions.`); - return; - } + const apiUrl = `${remoteSiteUrl}/_api/web/GetList(@listUrl)/EffectiveBasePermissions?@listUrl='${encodeURIComponent(relativeLibOrListUrl)}'`; + const hasPermissions = await this.checkRemotePermissions(apiUrl); + this.setState({ + allowRender: hasPermissions + }); } } - private getUrlByResource() { - const { remoteSiteUrl, relativeLibOrListUrl, folderPath, itemId } = this.props; - - // Check permission on a specific item. - if (itemId) { - const splitUrl = relativeLibOrListUrl.split('/'); - var lastSegment = splitUrl.pop() || splitUrl.pop(); // Trims trailing slash if it exists. - - return `${remoteSiteUrl}/_api/web/Lists/GetByTitle(@listTitle)/items(@itemId)/EffectiveBasePermissions?@listTitle='${encodeURIComponent(lastSegment)}'&@itemId='${itemId}'`; + /** + * Check permissions on item level + */ + private async checkRemoteListItem() { + const { remoteSiteUrl, relativeLibOrListUrl, permissions, itemId } = this.props; + // Check if all properties are provided + if (remoteSiteUrl && relativeLibOrListUrl && permissions && itemId) { + const apiUrl = `${remoteSiteUrl}/_api/web/GetList(@listUrl)/Items(${itemId})/EffectiveBasePermissions?@listUrl='${encodeURIComponent(relativeLibOrListUrl)}'`; + const hasPermissions = await this.checkRemotePermissions(apiUrl); + this.setState({ + allowRender: hasPermissions + }); } - // Check permission on a specific folder. - else if (folderPath) { - const folderByServerRelativeUrl: string = `${encodeURIComponent(relativeLibOrListUrl)}/${encodeURIComponent(folderPath)}`; + } - return `${remoteSiteUrl}/_api/web/GetFolderByServerRelativeUrl(@folderByServerRelativeUrl)/ListItemAllFields/EffectiveBasePermissions?@folderByServerRelativeUrl='${folderByServerRelativeUrl}'`; + /** + * Check permissions on folder + */ + private async checkRemoteFolder() { + const { remoteSiteUrl, relativeLibOrListUrl, permissions, folderPath } = this.props; + // Check if all properties are provided + if (remoteSiteUrl && relativeLibOrListUrl && permissions && folderPath) { + const folderByServerRelativeUrl: string = `${encodeURIComponent(relativeLibOrListUrl)}/${encodeURIComponent(folderPath)}`; + const apiUrl = `${remoteSiteUrl}/_api/web/GetFolderByServerRelativeUrl(@folderByServerRelativeUrl)/ListItemAllFields/EffectiveBasePermissions?@folderByServerRelativeUrl='${folderByServerRelativeUrl}'`; + const hasPermissions = await this.checkRemotePermissions(apiUrl); + this.setState({ + allowRender: hasPermissions + }); } - // Check permission on the list or library. - else { - return `${remoteSiteUrl}/_api/web/GetList(@listUrl)/EffectiveBasePermissions?@listUrl='${encodeURIComponent(relativeLibOrListUrl)}'`; + } + + /** + * Check the permissions + * + * @param apiUrl + */ + private async checkRemotePermissions(apiUrl: string) { + const { context, permissions } = this.props; + const data = await context.spHttpClient.get(apiUrl, SPHttpClient.configurations.v1); + // Check if a result was retrieved + if (data && data.ok) { + const result = await data.json(); + // Check if an error was retrieved + if (result.error) { + // Do not allow rendering when there was an error + console.error(`Error retrieved while checking permissions`); + return false; + } + + // Check the result high and low value are returned + if (typeof result.High !== "undefined" && typeof result.Low !== "undefined") { + // Create the permission mask + const permission = new SPPermission(result); + const hasPermissions = permission.hasAllPermissions(...permissions); + return hasPermissions; + } + } else { + console.error(`No result value was retrieved when checking the user's permissions.`); + return false; } }