我正在尝试检查特定用户是否对特定服务应用程序具有权限,但我运气不佳。到目前为止,我已经设法检查当前用户是否具有类似于以下代码的权限:
SPCentralAdministrationSecurity security = serviceApp.GetAdministrationAccessControl();
var acl = security.ToAcl();
bool hasAccess = acl.DoesUserHavePermissions(SPCentralAdminRights.FullControl);
但是,就像我说的,我需要检查特定用户的权限,不一定是当前用户。有谁知道实现这一目标的方法?
编辑:
我不知何故没有意识到 acl 实际上是一个列表。我通过它循环查找服务应用程序的管理员,这是成功的一半!但我仍然需要找到权限下列出的帐户,以查看哪些帐户有权调用服务应用程序。任何帮助表示赞赏。
经过一番研究,我找到了答案!下面是详细代码:
foreach (SPService service in SPFarm.Local.Services)
{
if (service.Name.Equals("ServiceName"))
{
foreach (SPServiceApplication serviceApp in service.Applications)
{
//This gets the service app administrators
SPCentralAdministrationSecurity serviceAppSecurity = serviceApp.GetAdministrationAccessControl();
SPAcl<SPCentralAdministrationRights> adminAcl = serviceAppSecurity.ToAcl();
foreach (SPAce<SPCentralAdministrationRights> rights in adminAcl)
{
//Handle users
}
//This gets the users that can invoke the service app
SPIisWebServiceApplication webServiceApp = (SPIisWebServiceApplication) app;
SPIisWebServiceApplicationSecurity webServiceAppSecurity = webServiceApp.GetAccessControl();
SPAcl<SPIisWebServiceApplicationRights> invokerAcl = webServiceAppSecurity.ToAcl();
foreach (SPAce<SPIisWebServiceApplicationRights> rights in invokerAcl)
{
//Handle users
}
}
}
}