I write a provider-hosted app for SharePoint 2013 on-premises. The app permissions are set to:
"Web: Write"
In the host web exists a Generic List with the following security settings:
"SecurityBits: 22" (Users can read only their own items | Users can edit only their own items)
In my provider-hosted app I want to read all listitems. For this reason I create a CamlQuery instance an execute the query in app-only context (CMOS .NET), for example:
var spContext = SharePointContextProvider.Current.GetSharePointContext(System.Web.HttpContext.Current);
using (var clientContext = spContext.CreateAppOnlyClientContextForSPHost())
{
CamlQuery camlQuery = new CamlQuery();
var query = "<Query><Where><IsNotNull><FieldRef Name='ID' /></IsNotNull></Where></Query>");
camlQuery.ViewXml = string.Format("<View>{0}</View>", query);
var list = clientContext.Web.Lists.GetByTitle(listName);
ListItemCollection result = list.GetItems(camlQuery);
clientContext.Load(result, items => items.Include(item => item.Id));
clientContext.ExecuteQuery();
return result.Count;
}
After the execution the count of result is always 0.
If I set the SecurityBits of the Generice List to "11" (all read, all edit), to count of the result is > 0.
I understand the app-only context like the implementation "SPSecurity.RunWithElevatedPriviliges()". Is this a mistake? Do I something wrong? Or is it a bug of SharePoint?
0 commentaires:
Enregistrer un commentaire