Normally, we need to perform tasks such as:
- Is current user an admin on the site
- Does current user have a list of edit permissions
- etc.
SharePoint provides a method called doesUserHavePermissions to perform that. First of all, we need to know how SharePoint defines User roles by assigning permission levels such as Full Control, Contributor, design, etc.
As an example, site admin is assigned by Full Control which is a composite of few permission items we called as permission kind.
Full control - http://office.microsoft.com/en-001/windows-sharepoint-services-help/permission-levels-and-permissions-HA010100149.aspx.
You can get all kinds of permissions by http://msdn.microsoft.com/en-us/library/ee556747(v=office.14).aspx.
Example One
Assume that we want to check whether current user is an admin of the site. For that, we need to check whether user has manageWeb permission kind. (Actually, we need to check other kinds of permission assigned to full control as well but if user has managed web, it is more likely user can perform admin tasks. In my other example, I will show how to check multiple kinds of permission.)
var ctx = new SP.ClientContext.get_current();
var web = context.get_web();
var ob = new SP.BasePermissions();
ob.set(SP.PermissionKind.manageWeb)
var per = web.doesUserHavePermissions(ob)
ctx.executeQueryAsync(
function(){
alert(per.get_value());
},
function(a,b){
alert ("Something wrong");
}
);
Example Two – Check Multiple Permission Kinds
In here, I'm going to check manageweb and managePermissions.
var ctx = new SP.ClientContext.get_current();
var web = context.get_web();
var ob = new SP.BasePermissions();
ob.set(SP.PermissionKind.manageWeb)
ob.set(SP.PermissionKind.managePermissions)
var per = web.doesUserHavePermissions(ob)
ctx.executeQueryAsync(
function(){
alert(per.get_value());
},
function(a,b){
alert ("Something wrong");
}
);
You can find REST interface here.
