Tuesday, January 12, 2016

Objective C SharePoint User Permissions

In my earlier posts, we have seen fetching, creating and deleting content from SharePoint.We have also seen fetching user profile from SharePoint. 

At this point I feel like we forgot one important thing which is very munch needed to play with SharePoint content. Which is nothing but the permissions or the access level that logged in user has for entire list or for particular folder or file.


Fetching permissions id very important before playing with content like creating folders, uploading documents and deleting documents. If user has only read only permissions, doing all the above actions which result in unauthorised operations.

So, instead of calling those services and waiting for their response to know whether user has permissions for that particular action, It is a good practice to fetch the permissions and then alerting the user before the operation.

Let's see how we can fetch user permissions for a list or a folder or a file item in SharePoint.

There are SOAP services available for fetching user role and permissions for a specific group and all. I am not going to discuss those. Where as we can simply get to know the use access level for each SharePoint item (folder/file) at the time of content fetch service response itself.

If we look at the content fetch xml response, It gives the metadata of an item as shown below.

This is the metadata for a folder named 'MyPics'. So, If you want to 

Create a folder  or
Upload a document or
Delete a document

in this folder, we need to check the ows_PermMask property. This value actually tells us the permission level of the user for this folder. Here it is 0x7fffffffffffffff. Which means full access.


Here are the different access level codes in SharePoint.

0xb008431061    =>    Read Only
0x1b03c4312ef   =>    Contribute
0x1b03c431aef   =>    Edit
0x1b03c5f1bff    =>    Design
0x7fffffffffffffff  =>    Full Control

Hope this post is useful. Fell free to comment incase of any queries.