Friday, September 21, 2012

SharePoint programatically apply claims

Scenario:
Claim based authentication is way to go if you want to have dynamic roles for user based on certain attribute of an item/document. But question is how to apply a claim to the item :)

Solution:
Sample code
Code:

using System;
using Microsoft.SharePoint;
using Microsoft.SharePoint.Administration.Claims;

namespace SKN
{
    class Program
    {
        static void Main(string[] args)
        {
            int i = 0;
            using (SPSite site = new SPSite("http://intranet/Sites/LoadTest"))
            {
                using (SPWeb web = site.OpenWeb())
                {
                    SPList list = web.Lists.TryGetList("Shared Documents");
                    SPView view = list.Views["Missing Claims"];
                    SPQuery query = new SPQuery(view);
                   
                    foreach (SPListItem item in list.GetItems(query))
                    {
                        i = item.ID;
ApplyClaims(web, item, true, "0000" + item.ID.ToString(), true,"Myclient");
                    }
                }
            }

            Console.Write(i);
            Console.ReadKey();
        }

        /// 
        /// Applies claims to the item.
        /// 
public static void ApplyClaims(SPWeb web, SPListItem item,string claimValue , string client)
        {
            item.BreakRoleInheritance(false);

            SPClaimProviderManager claimMgr = SPClaimProviderManager.Local;
            if (claimMgr != null)
            {
               SPClaim claim = new                               SPClaim(Microsoft.IdentityModel.Claims.ClaimTypes.Role,
               claimValue,
Microsoft.IdentityModel.Claims.ClaimValueTypes.String,
SPOriginalIssuers.Format(SPOriginalIssuerType.TrustedProvider, client));

                string userName = claimMgr.EncodeClaim(claim);

                // SPUser spUser = web.EnsureUser(userName);
                SPUserInfo info = new SPUserInfo
                {
                    LoginName = userName,
                    Name = claimValue 
                };

                SPRoleAssignment roleAssignmentClaim = new SPRoleAssignment(info.LoginName, info.Email, info.Name, info.Notes);
                roleAssignmentClaim.RoleDefinitionBindings.Add(web.RoleDefinitions["Read"]);
                item.RoleAssignments.Add(roleAssignmentClaim);
            }
        }

        /// 
        /// Adds the role assignment.
        /// 
        /// The item./// The role assignment.public static void AddRoleAssignment(SPListItem item, SPRoleAssignment roleAssignment)
        {
            bool isNotFound = true;
            foreach (SPRoleAssignment roleAssign in item.RoleAssignments)
            {
                if (roleAssign.Equals(roleAssignment))
                {
                    isNotFound = false;
                    break;
                }
            }

            if (isNotFound)
            {
                item.RoleAssignments.Add(roleAssignment);
            }

            item.SystemUpdate();
        }
    }
}

Posted by Sandeep at @11:43 AM Permanent Link
Tags: ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)