SharePoint APP Development Reading notes 7

When an app is installed in SharePoint, SharePoint automatically configures some default permissions for the app, such as an app that has full control over the app Web it creates, and the app can manage the app Web, in the app Create lists in the Web, and so on. However, if your app needs to access SharePoint, for example, if you need to create a list in a SharePoint site, you'll need additional configuration permissions.

Remember the app's Manifest.xml profile, where we can specify the app's permissions to SharePoint sites in this configuration file. For example, the following configuration specifies that the app has read permissions on the SharePoint Web and has write permissions on the list (including the library):

<AppPermissionRequests>
  <apppermissionrequest
    scope= "http://sharepoint/content/sitecollection /web "
    right=" Read "/>
  <apppermissionrequest
    scope=" http://sharepoint/content/sitecollection/ Web/list "
    right=" Write "/>
</AppPermissionRequests>

After you specify the permissions, SharePoint pops up a dialog box that tells the user what permissions the app needs, and waits for the user to confirm that they want to give the app permissions, when it's installed:

Here's a brief look at the <AppPermissionRequest> configuration node, which must contain two properties: scope and right. The scope property specifies the object to be accessed by the app, which is specified by the following URL:

Http://sharepoint/content/sitecollection/web

This URL contains several sections, the first part is "SharePoint", which defines the product to be accessed, which is SharePoint, which means that the app needs to access SharePoint, in addition to exchange, Lync and so on, such as http://exchange/...

The second part is "content", which defines the provider of permissions (permission provider), in addition to the content, it can be search,social,bsc and so on.

The last part is the app to access the object, here is "Sitecollection/web", that is, the site.

The right property specifies the app's permissions on the object and contains four basic permissions: Read, Write, manage, and full Control. If you use the Search permission provider (search permission provider), there are additional permissions, such as "Queryasuserignoreappprincipal" permissions:

<apppermissionrequest
    scope= "Http://sharepoint/search"
    right= "Queryasuserignoreappprincipal"
/ >

The following is a list of permissions that can be configured for various objects:

Object Type	URL	Rights
Tenancy	Http://sharepoint/content/tenant	Read, Write, Manage, full Control
Site Collection	Http://sharepoint/content/sitecollection	Read, Write, Manage, full Control
Host Web	Http://sharepoint/content/sitecollection/web	Read, Write, Manage, full Control
Lists	Http://sharepoint/content/sitecollection/web/list	Read, Write, Manage, full Control
Search	Http://sharepoint/search	Queryasuserignoreappprincipal
Bcs	Http://sharepoint/bcs/connection	Read
Managed metadata	Http://sharepoint/taxonomy	Read, Write
Social Core	Http://sharepoint/social/core	Read, Write, Manage, full Control
Social tenancy	Http://sharepoint/social/tenant	Read, Write, Manage, full Control
Microsofeed	Http://sharepoint/social/microfeed	Read, Write, Manage, full Control

We can also more precisely specify that the app has permissions on some type of list, such as the following configuration, using Basetemplateid, which specifies that the app has manage permissions only in the document library:

<apppermissionrequest
    scope= "http://sharepoint/content/sitecollection/web/list"
    right= "Manage" >
    <!--add Filter property to permission request--
    <property name= "Basetemplateid" value= "101"/>< C4/></apppermissionrequest>

The above configuration can be done using the visualizer in vs.

SharePoint APP Development Reading notes 6