Pnpjs: SPFx Folder Item level check for current user

Created on 12 Jul 2018  路  6Comments  路  Source: pnp/pnpjs

Category

  • [ ] Enhancement
  • [ ] Bug
  • [ #] Question
  • [ ] Documentation gap/issue

Version

We are currently migrating from classic to modern pages. In classic we have out of the box web part of Document libraries where we could set target audience. This automatically handles and hide folders where there is unique permissions and a current user don't have access.

Now i'm trying to replicate similar functionality in SPFx web part, i'm using the following code below to list folders:

web.getFolderByServerRelativeUrl("/sites/siteName/DocLib Name").folders.orderBy("TimeCreated").filter("Name ne 'Forms'") .inBatch(batch).get().then(items => { items.map((item, index) => { // need to check permission on item here (folder item level permission) }); });

I would like to check if the current user has permission to the folder but i can't seem to see how to use the permission explained on this page relates to what i'm trying to achieve
https://pnp.github.io/pnpjs/sp/permissions.html

Also trying something along this line: this.context.pageContext.web.permissions.hasPermission - again not sure how to link it to a folder item level???

If this is not support in SPFx, then what are the alternative of doing this - a request to Azure for a server side check?? Any help would be appreciated.

Cheers

answered question
Source
picture Mike-tech

All 6 comments

If a user has no read permissions to folders and files they are security trimmed when requesting with API too. No need in any additional check. In case of detecting a specific permissions level (e.g. if write permissions then render action button), the effective base permissions can be expanded, then with a utility function, the permissions level can be checked:

import { sp, PermissionKind } from '@pnp/sp';

const folder = sp.web.getFolderByServerRelativeUrl(`${_spPageContextInfo.webServerRelativeUrl}/SitePages`);
folder.files.select('*').expand('ListItemAllFields/EffectiveBasePermissions').top(5).get()
    .then(files => {
        return files.filter(file => {
            return sp.web.hasPermissions(
                file.ListItemAllFields.EffectiveBasePermissions,
                PermissionKind.EditListItems
            );
        });
    })
    .then(console.log);
koltyakov picture koltyakov on 12 Jul 2018

Hi Koltyakov
Thanks for this. I will test this when i get back to the office tomorrow and close this thread if the security trimming works as expected.

While we at this topic of accessing folders/files, do you know why or how to expose the Author/Editor (CreatedBy and EditedBy) fields? These seems to be missing from the returned response fields.

Thanks

Mike-tech picture Mike-tech on 12 Jul 2018

These fields are a part of associated items. ListItemAllFields is a friend.

koltyakov picture koltyakov on 12 Jul 2018

Ah! I suspected they are hidden in ListItemAllFields, but i had no idea how to hook into this guy. I thought i tried expand but obviously must have done it wrong or something. Your code example above gives an insight into this.

Great!

Mike-tech picture Mike-tech on 12 Jul 2018

Hi Koltyakov

Many thanks again sir for pointing me in the right direction. The security trimming worked beautifully.

Top notch for showing how to expose ListItemAllFields and ListItemAllFields/EffectiveBasePermissions, helped immensely.

Mike-tech picture Mike-tech on 13 Jul 2018
👍1

You are welcome buddy! Thanks for coming back with feedback.

koltyakov picture koltyakov on 13 Jul 2018
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

unnieayilliath picture unnieayilliath  路  3Comments
KieranDaviesV picture KieranDaviesV  路  3Comments
AJIXuMuK picture AJIXuMuK  路  3Comments
jcosta33 picture jcosta33  路  3Comments
simonagren picture simonagren  路  3Comments