cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SPFx Web parts - checking user permissions or user is in a group

Peter Cuttriss
Copper Contributor

‎Oct 16 2017 07:56 PM

‎Oct 16 2017 07:56 PM

SPFx Web parts - checking user permissions or user is in a group

Hi all,

 

Can anyone point me in the direction of any good samples which cover checking if a user is in a given security group or if a user has a defined set of permissions to access a resource?

 

We have a SharePoint Framework SPFx web part (using REACT) which we need to alter the display of based on whether or not the current user is either a member of specific security group(s) or the user has defined permissions to a given subweb.    The defined security groups or subweb's would be configured via the property pane. 

 

In this particular case, using search to power the content and provide the security trimming isn't an option.

 

Thanks for any advice.

Pete.

Labels:
23.6K Views
0 Likes
2 Replies
Reply
2 Replies
kath patterson

‎Oct 17 2017 06:25 AM

‎Oct 17 2017 06:25 AM

Re: SPFx Web parts - checking user permissions or user is in a group

you can check the current users permissions on the current web or listitem via the pageContect

 

this.context.pageContext.listItem.permissions

The current web is

this.context.pageContext.web.permissions

but bear in mind that you have no elevated permisions in SPFx, so you cant check for something you may not have and you can only check in the identify of the current user.

If you have based some functionality on whether the uer has access to a storage area then you may just need to run a request against the storage and see if you get bounced.

 see what the this.context.pageContext.web.permissions object gives you and if that can be useful.

 

an example is below from github https://github.com/SharePoint/sp-dev-solutions/blob/master/solutions/ChangeRequests/src/libraries/co...

 

       public static checkCurrentUserIsAbleToManageList(context: IWebPartContext): boolean {
12             let result = false;
13             let currentPermission = context.pageContext.web.permissions;
14             var isAbleToProvision = currentPermission.hasPermission(SPPermission.manageLists) && currentPermission.hasPermission(SPPermission.managePermissions);
15             console.log("Current user permission: { High:" + currentPermission.value.High + ",Low:" + currentPermission.value.Low + "}");
16             console.log("Current user is" + (isAbleToProvision ? " " : "not ") + "able to manage lists and permissions.");
17             return isAbleToProvision;
18         }

0 Likes
Reply
Peter Cuttriss

‎Oct 17 2017 12:44 PM

‎Oct 17 2017 12:44 PM

Re: SPFx Web parts - checking user permissions or user is in a group

Thanks for your response Kath, this is helpful.

 

In our case, a webpart administrator will be able to configure links to content that the current user may not have access to (the content may be in the existing site collection or subweb or simply an external link), so we are looking at options for how we remove these when the user isn't able to access them. 


Running a request against them will probably be a good option, the other alternative was to allow the webpart administrator to specify local SharePoint groups that the current user must be a member of in order to access/view the items.

 

Thanks for taking the time to respond, regards
Pete

0 Likes
Reply