MSCRM 4.0 里通过客户端编程得到当前用户权限

作者: 傻猫    分类: 搞软件     发布时间: 12-24 14:45    浏览次数: 4458     无留言

MSCRM 4.0 里通过客户端编程得到当前用户权限 

 

 

在MSCRM新闻组里一个常见的问题是:如何通过客户端编程的方式得到当前用户的权限

下面是转刀客的解决方案:(原文地址:http://social.microsoft.com/Forums/zh-CN/crmchinese/thread/ffbd4b92-797a-487c-9d13-40ccc6de28ab),此解决方案经过测试,可以达到控制用户的权限。

加在需要权限的实体ONLOAD事件中

var newName = document.getElementById("crmFormSubmitId").value;

//如果不为"",表明是编辑;否则为新建,不用验证

if (newName != "")

{

    var bVisible = false;

    var xmlHttpRequest = new ActiveXObject("Msxml2.XMLHTTP");

    //1.验证当前用户是否为创建者(如果是,允许编辑)

    var xml = "" + "<?xml version=\"1.0\" encoding=\"utf-8\"?>" +

    "<soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\">" +

        " <soap:Body>" +

        " <query xmlns:q1=\"http://schemas.microsoft.com/crm/2006/Query\" xsi:type=\"q1:QueryExpression\" xmlns=\"http://schemas.microsoft.com/crm/2006/WebServices\">" +

            " <q1:EntityName>new_investment</q1:EntityName>" +

            " <q1:ColumnSet xsi:type=\"q1:ColumnSet\">" +

                " <q1:Attributes>" +

                " <q1:Attribute>createdby</q1:Attribute>" +

                " </q1:Attributes>" +

            " </q1:ColumnSet>" +

            " <q1:Distinct>false</q1:Distinct>" +

            " <q1:Criteria>" +

                " <q1:FilterOperator>And</q1:FilterOperator>" +

                " <q1:Conditions>" +

                    " <q1:Condition>" +

                        " <q1:AttributeName>new_investmentid</q1:AttributeName>" +

                        " <q1:Operator>Equal</q1:Operator>" +

                        " <q1:Values>" +

                        " <q1:Value xmlns:q2=\"http://microsoft.com/wsdl/types/\" xsi:type=\"q2:guid\">" + newName + " </q1:Value>" +

                        " </q1:Values>" +

                    " </q1:Condition>" +

                    " <q1:Condition>" +

                        " <q1:AttributeName>createdby</q1:AttributeName>" +

                        " <q1:Operator>EqualUserId</q1:Operator>" +

                    " </q1:Condition>" +

                " </q1:Conditions>" +

            " </q1:Criteria>" +

        " </query>" +

        " </soap:Body>" +

    "</soap:Envelope>" +"";

    xmlHttpRequest.Open("POST", "/mscrmservices/2006/CrmService.asmx", false);

    xmlHttpRequest.setRequestHeader("SOAPAction","http://schemas.microsoft.com/crm/2006/WebServices/RetrieveMultiple");

    xmlHttpRequest.setRequestHeader("Content-Type", "text/xml; charset=utf-8");

    xmlHttpRequest.setRequestHeader("Content-Length", xml.length);

    xmlHttpRequest.send(xml);

    var resultXml = xmlHttpRequest.responseXML;

    var createdby = resultXml.selectNodes("//BusinessEntity/q1:createdby");

   

    //如果createdbys.length等于0,表明不是创建者,需要继续验证角色

    if (createdby.length == 0)

    {

        //2.验证当前用户是否包含指定的角色

       //此段内容用于查找当前用户的角色。角色存放在数组roles里。

        xml = "" + "<?xml version=\"1.0\" encoding=\"utf-8\"?>" +

            "<soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\">" +

                " <soap:Body>" + GenerateAuthenticationHeader() +

                    " <query xmlns:q1=\"http://schemas.microsoft.com/crm/2006/Query\" xsi:type=\"q1:QueryExpression\" xmlns=\"http://schemas.microsoft.com/crm/2006/WebServices\">" +

                        " <q1:EntityName>role</q1:EntityName>" +

                        " <q1:ColumnSet xsi:type=\"q1:ColumnSet\">" +

                            " <q1:Attributes>" +

                                " <q1:Attribute>name</q1:Attribute>" +

                            " </q1:Attributes>" +

                        " </q1:ColumnSet>" +

                        " <q1:Distinct>false</q1:Distinct>" +

                        " <q1:LinkEntities>" +

                            " <q1:LinkEntity>" +

                                " <q1:LinkFromAttributeName>roleid</q1:LinkFromAttributeName>" +

                                " <q1:LinkFromEntityName>role</q1:LinkFromEntityName>" +

                                " <q1:LinkToEntityName>systemuserroles</q1:LinkToEntityName>" +

                                " <q1:LinkToAttributeName>roleid</q1:LinkToAttributeName>" +

                                " <q1:JoinOperator>Inner</q1:JoinOperator>" +

                                " <q1:LinkEntities>" +

                                    " <q1:LinkEntity>" +

                                        " <q1:LinkFromAttributeName>systemuserid</q1:LinkFromAttributeName>" +

                                        " <q1:LinkFromEntityName>systemuserroles</q1:LinkFromEntityName>" +

                                        " <q1:LinkToEntityName>systemuser</q1:LinkToEntityName>" +

                                        " <q1:LinkToAttributeName>systemuserid</q1:LinkToAttributeName>" +

                                        " <q1:JoinOperator>Inner</q1:JoinOperator>" +

                                        " <q1:LinkCriteria>" +

                                            " <q1:FilterOperator>And</q1:FilterOperator>" +

                                            " <q1:Conditions>" +

                                                " <q1:Condition>" +

                                                    " <q1:AttributeName>systemuserid</q1:AttributeName>" +

                                                    " <q1:Operator>EqualUserId</q1:Operator>" +

                                                " </q1:Condition>" +

                                            " </q1:Conditions>" +

                                        " </q1:LinkCriteria>" +

                                    " </q1:LinkEntity>" +

                                " </q1:LinkEntities>" +

                            " </q1:LinkEntity>" +

                        " </q1:LinkEntities>" +

                    " </query>"+

                " </soap:Body>" +

            "</soap:Envelope>" +"";

        xmlHttpRequest.Open("POST", "/mscrmservices/2006/CrmService.asmx", false);

        xmlHttpRequest.setRequestHeader("SOAPAction","http://schemas.microsoft.com/crm/2006/WebServices/RetrieveMultiple");

        xmlHttpRequest.setRequestHeader("Content-Type", "text/xml; charset=utf-8");

        xmlHttpRequest.setRequestHeader("Content-Length", xml.length);

        xmlHttpRequest.send(xml);

        resultXml = xmlHttpRequest.responseXML;

        var roles = resultXml.selectNodes("//BusinessEntity/q1:name");

             

        //允许使用的角色列表

        var roleAllowList = [

     '系统管理员','市场营销副总裁','销售经理'

   ];

        //比较角色

        if(roles != null)

        {

            for(i = 0; i<roles.length; i++)

            {

                for(var j=0; j<roleAllowList.length; j++)

      {

        if(roles[i].text == roleAllowList[j])

                    {

                        bVisible = true;   

                        break;

                    }

      }

      

      if(bVisible)

          break;

            }

        }

    }

    else

        bVisible = true;                    //是创建者,允许显示

   

    //判断当前文档是否为当前用户创建

   

    //禁止显示

    if (!bVisible)

    {

        document.getElementById("new_tel_mobile").style.display = "none";//需要隐藏的字段

        //document.getElementById("new_otherpreference").value = "你没有'" + roleName + "'的角色,不能显示'某些内容'!";

        //document.getElementById("new_otherpreference").style.color = "red";

    }

}

Tags: mscrm, 权限

添加新评论