Change log
January 12, 2016
Fixed a bug with using “getByTitle” and not the correct “getByName” in the SP 2010 code example.
This is a workaround for verifying membership in a SharePoint group when the user is added to the group as a member in an AD-group, and not as an individual user.
For this to work, the SharePoint group must be set up to only allow members to view membership in the group:
You find two code examples below. The first one will work in SP 2013 only, but the last will work in both SP 2010 and SP 2013 (not SP 2007).
Disclaimer: I have NOT been able to test this as I don’t have any AD groups to add in my SP 2013 Office 365 test site.
Based on this post by Eric Alexander
How to set up a trigger in DFFS
In DFFS backend – add this code to the Custom JS:
SharePoint 2013:
function spjs_isCurrentUserInGroup(groupIdOrName){
var endpoint;
if(typeof groupIdOrName === "string"){
endpoint = _spPageContextInfo.webAbsoluteUrl+"/_api/web/sitegroups/getbyname('"+groupIdOrName+"')/CanCurrentUserViewMembership"
}else{
endpoint = _spPageContextInfo.webAbsoluteUrl+"/_api/web/sitegroups("+groupIdOrName+")/CanCurrentUserViewMembership"
}
return jQuery.ajax({
"url":endpoint,
"type":"GET",
"contentType":"application/json;odata=verbose",
"headers":{
"Accept": "application/json;odata=verbose"
}
});
}
function checkADGroupMembership(){
// 18 is the ID of the SharePoint group
spjs_isCurrentUserInGroup(18).success(
function(data){
if(data.d.CanCurrentUserViewMembership){
setTimeout(function(){
spjs.dffs.triggerRule(["isInADGroup"]);
},10);
}
}
);
}
SharePoint 2010:
function spjs_isCurrentUserInGroup(groupIdOrName){
var cc, gc, g, u;
cc = new SP.ClientContext.get_current();
gc = cc.get_web().get_siteGroups();
if(typeof groupIdOrName === "string"){
g = gc.getByName(groupIdOrName);
}else{
g = gc.getById(groupIdOrName);
}
u = g.get_users();
cc.load(u);
cc.executeQueryAsync(
function(sender, args){
setTimeout(function(){
spjs.dffs.triggerRule(["isInADGroup"]);
},10);
},
function(sender, args){
// No access
}
);
}
function checkADGroupMembership(){
// 18 is the ID of the SharePoint group
spjs_isCurrentUserInGroup(18);
}
The number 18 in the function “checkADGroupMembership” is the SharePoint group id, but you can also use the display name of the group – change it to match your group.
Add a rule to DFFS with the “Rule friendly name”:
isInADGroup
This rule is set up with the trigger “No trigger (must be triggered manually), and with all the actions you want to apply if the rule is triggered.
As this is a “manual trigger rule”, you must add another rule to trigger this one when the form has loaded. This is necessary because the REST call cannot be used with the trigger “Custom JavaScript functions” directly.
To trigger the REST call / JSOM query, and the following trigger of the DFFS rule if the user is member of the group is done by another DFFS rule triggering on “The form is ready”.
Set this one up with the function name “checkADGroupMembership” in the “Run these functions / trigger these rules” field.
If the logged in user is member of the SharePoint group as a member in an AD-group, the rule “isInADGroup” will be triggered.
I hope this makes sense, and if not – post a comment below or in the forum.
Alexander
Like this:
Like Loading...