How to check SharePoint document permissions? - moss

I have a custom web service deployed in SharePoint, web method of this webservice expects a SharePoint docuentUri as a parameter. As it is deployed in the SharePoint environment i am done with SharePoint authentication, but the question here is that how do i check whether the user reqesting for a perticular document is authroized or not ? In other words web service method should return some unauthorized exception if the user does not have privilege to view the document ? All i have is the SharePoint documentUri to pass as an inpurt parameter.
thanks.

Assuming your web service is deployed in the context of SharePoint in the /_vti_bin virtual directory of your SharePoint site, you can use the SharePoint object model like below to check if the calling user has specific privileges to your document. Unfortunately, the CheckPermissions call will throw an UnauthorizedException if the check fails, so it would have to be caught.
string uri = "http://localhost/Shared%20Documents/Document1.doc"; //full path to doc
using (Microsoft.SharePoint.SPSite site = new Microsoft.SharePoint.SPSite(uri))
using (Microsoft.SharePoint.SPWeb web = site.OpenWeb())
{
Microsoft.SharePoint.SPListItem item = web.GetListItem(uri);
item.CheckPermissions(Microsoft.SharePoint.SPBasePermissions.OpenItems);
}
Hope this helps,
Steve

Related

WPF talking to secured web api using AutoRest

I just can't seem to get anywhere with this.
I have a web api running fine, with a wpf application using the api via AutoRest.
The api has been uploaded to Azure (App Services)
I now want to lock down the api, so users log in via Active Directory. Again, all users are currently there.
RestCredentials = new TokenCredentials(tokenAuthResult.AccessToken);
Using the RestCredentials I pass in the credentials as type
ServiceClientCredentials
using (var db = new BuxtedAPI(Model.Helpers.Credentials.RestCredentials))
{
var res = db.GetComboList();
ComboValueList = new ObservableCollection<ComboValue>(res);
return ComboValueList;
}
I can see on the log in Azure that the user successfully logs in.
But the system just dies with
Operation returned an invalid status code 'InternalServerError'
No more feedback at all.
Just to note, I am using swagger also here.
I am assuming that the BuxtedAPI call that passing the credentials should pass through the bearer token for the api call to authorise.
I have set nothing else on on webapi code base, no [AUTHORIZED] or anything.
Any chance anyone can help me along here.
Thanks Scott
If anyone else gets in this situation.
The process required Resource Id to be the web app and the clientid to be the native app id.
Scott

Microsoft Graph API - /drive/root/children always empty, even though I have files in my onedrive

I'm trying to use the Microsoft Graph API to List Children by Getting access without a user
I have built my URL as you would expect:
https://graph.microsoft.com/v1.0/edffcd1c-e5b2-42f2-b554-XXXXXXXXX/drive/root/children
Where edffcd1c-e5b2-42f2-b554-XXXXXXXXX is the user ID of whom I'm trying to list the files.
Yet when I call this I get an empty result every time:
{
"#odata.context": "https://graph.microsoft.com/v1.0/$metadata#drive/root/children",
"value": []
}
Why is that?
UPDATE: It seems that this API is only returning files from the Sharepoint account... not the OneDrive account. I already have access to the Sharepoint files from the Sharepoint API's themselves. Is there a way to get OneDrive files from the Microsoft Graph API?
This URL https://dev.onedrive.com/README.htm seems to state that we should be able to do this.
Is there a way to get OneDrive files from the Microsoft Graph API?
Yes, there is: you must use the scope Files.Read.All or Files.ReadWrite.All
then, your requests to /drive/root/children will no longer return an empty array.
I just had a typo in the User:
https://graph.microsoft.com/v1.0/edffcd1c-e5b2-42f2-b554-XXXXXXXXX/drive/root/children
was supposed to be
https://graph.microsoft.com/v1.0/users('edffcd1c-e5b2-42f2-b554-XXXXXXXXX')/drive/root/children
You can also use this endpoint
https://graph.microsoft.com/v1.0/me/drive/root/children
and pass authorization header Bearer Token
There are two things:
1) First check if the user has given the permission for
Files.Read.All or Files.ReadWrite.All
2) The following endpoint didn't work for business account
/drive/root/children
I changed it to
/drives/{drive_id}/root/children
and it worked fine. Please check.

How to access already provided rest api in magento

I am a completely new in Magento. I can say that i am not much familiar with file structure and flow also. My current task is rest web-service.
These steps i have followed.
I have created role and user in system > webservice. and also created key and secret key.
Than i am hitting this url
www.my-magento-store.com/api/rest/products
But still its showing me 404 Page not found. Any one can tell me step by step process with folder structure, how can i use already provided rest api service and how can i create new service. Treat me as fresher.
Please excuse me for bad English. Thank You.
$proxy = new SoapClient('http://magentohost/api/soap/?wsdl');
$sessionId = $proxy->login('apiUser', 'apiKey');
$allCategories = $proxy->call($sessionId, 'category.tree'); // Get all categories.
Run this from your root of magento you will get the result.

Update Sharepoint list view using REST web service

I am developing a plugin using Java for SharePoint 2013, trying to update the list view using SharePoint REST web services, but could not find any way to go.
GetListAndView method fetches the view and field details but dont see anything to update those views.
As a work around , developing the a SharePoint solution in C# and exposing it as web service method to add, update, delete the fields in the view.
Any pointers to achieve using web services would be appreciated.
Using the MSDN help at the LINK
Tried to add/update/remove the fields using the urls as in MSDN
http:///_api/SP.AppContextSite(#target)/web/lists(guid'')/views('')/viewfields/removeviewfield('Jira_x0020_URL')?#target=''
Getting Error:
<m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata">
<m:code>-1, Microsoft.SharePoint.SPException</m:code>
<m:message xml:lang="en-US">There is no app context to execute this request.</m:message>
<m:innererror>
<m:message>There is no app context to execute this request.</m:message>
<m:type>Microsoft.SharePoint.SPException</m:type>
<m:stacktrace>
at Microsoft.SharePoint.SPAppContextSite..ctor(String siteUrl)
at Microsoft.SharePoint.ServerStub.SPAppContextSiteServerStub.InvokeConstructor(ClientValueCollection xmlargs, ProxyContext proxyContext)
at Microsoft.SharePoint.Client.ServerStub.InvokeConstructorWithMonitoredScope(ClientValueCollection args, ProxyContext proxyContext)
at Microsoft.SharePoint.Client.Rest.RestRequestProcessor.GetObjectFromPathRoot(Boolean mainRequestPath, EdmParserNode node, Boolean resourceEndpoint, MethodInformation& methodInfo)
at Microsoft.SharePoint.Client.Rest.RestRequestProcessor.GetObjectFromPath(Boolean mainRequestPath, String path, String pathForErrorMessage)
at Microsoft.SharePoint.Client.Rest.RestRequestProcessor.Process()
at Microsoft.SharePoint.Client.Rest.RestRequestProcessor.ProcessRequest()
at Microsoft.SharePoint.Client.Rest.RestService.ProcessQuery(Stream inputStream, IList`1 pendingDisposableContainer)
</m:stacktrace>
<m:internalexception>
<m:message>There is no app context to execute this request.</m:message>
<m:type>Microsoft.SharePoint.Client.ClientServiceException</m:type>
<m:stacktrace/>
</m:internalexception>
</m:innererror>
</m:error>
Looking for REST api rather than web http url get/post.

How can I upload files to Office365 SharePoint with Perl?

Can someone please advise on uploading files to Office365 SharePoint?
I believe this should be done using the DAV protocol, so HTTP::DAV should be right library for that, but how to code it to make it work with Office365? Each account hosted with Office365 has a TeamSite website, which hopefully can be accessible with DAV. Please advise.
Upload large documents to SharePoint site using WebClient class gives an example of using DAV to upload a document.
WebClient oWebClient = new WebClient();
oWebClient.UseDefaultCredentials = true;
byte[] bFile = System.IO.File.ReadAllBytes(#"C:\Sundar\WEB315.wmv");
string ulr = #"http://lt010593/Shared Documents/WEB315.wmv";
System.Uri oUri = new System.Uri(ulr);
oWebClient.UploadDataAsync(oUri, "PUT", bFile);
oWebClient.UploadDataCompleted += new UploadDataCompletedEventHandler(oWebClient_UploadDataCompleted);
With that example in mind, the task is to look at WebClient documentation to figure out what oWebClient.UseDefaultCredentials = true; really does.
Set this property to true when requests made by this WebClient object should, if requested by the server, be authenticated using the default credentials of the currently logged on user. For client applications, this is the desired behavior in most scenarios. For middle tier applications, such as ASP.NET applications, instead of using this property, you would typically set the Credentials property to the credentials of the client on whose behalf the request is made.
So, it seems, the task is to figure out what credential information is sent. The rest seems to be a simple PUT request.