SharePoint Get list items and Effective Permissions on a list via REST API from SharePoint Add-in

The requirement was to build a SharePoint hosted Add-in to allow logged user to create/edit list item from any site from the site collection. The permissions of the user to be able to create/edit an item against the list needed to be checked.

The following script gets list items with effective permissions against the list using jQuery promises from the SharePoint hosted Add-in


function getListItemsAndPermissions(webUrl, listTitle)
{
var appWebUrl = decodeURIComponent(getQueryStringParameter("SPAppWebUrl"));
var deferredPermissions = $.Deferred();
var endpointUrl = appWebUrl + "/_api/SP.AppContextSite(@target)/web/lists/getByTitle('" + listTitle + "')?$select=EffectiveBasePermissions,items/Title&$expand=items&@target='" + webUrl+ "'";
var executor = new SP.RequestExecutor(appWebUrl);
executor.executeAsync(
{
url: endpointUrl,
method: "GET",
dataType: "json",

headers: {
Accept: "application/json;odata=verbose"
},
success: function (data, textStatus, xhr) {
var roles = parseBasePermissions(data);
deferredPermissions.resolve(roles,data);
},
error: function (xhr, textStatus, errorThrown) {
deferredPermissions.reject(JSON.stringify(xhr));
}
});
return deferredPermissions;
}

function parseBasePermissions(value) {
var permissions = new SP.BasePermissions();
permissions.initPropertiesFromJson(JSON.parse(value.body).d.EffectiveBasePermissions);

var permLevels = [];
//more interested in add/edit permissions of the user to the list "Audit"
if (permissions.has(SP.PermissionKind.viewListItems)) {
permLevels.push("viewListItems");
}
if (permissions.has(SP.PermissionKind.editListItem)) {
permLevels.push("editListItem");
}
if (permissions.has(SP.PermissionKind.addListItems)) {
permLevels.push("addListItems");
}
//console.log(permLevels);
return permLevels;
}

function getQueryStringParameter(urlParameterKey, uriString) {
if (!uriString) {
uriString = document.URL;
}
else {
uriString = uriString;
}
if (uriString.indexOf('?') != -1) {
uriString = uriString.split('?')[1];
}
var params = uriString.split('&');
var strParams = '';
for (var i = 0; i < params.length; i = i + 1) {
var singleParam = params[i].split('=');
if (singleParam[0].toLowerCase() == urlParameterKey.toLowerCase())
return singleParam[1];
}
};

Advertisements

2 thoughts on “SharePoint Get list items and Effective Permissions on a list via REST API from SharePoint Add-in

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s