Saturday, March 12, 2016

JQuery to redirect Non Site Collection administrators to Access Denied Page

Hi,

We had certain security urls.

We want to redirect Non site collection administrators to Access Denied Page instead of accessing secured urls.

For this, we have written the jquery as below

// Start .......Admin Settings JS to....................


/************************* Hide ==============*/
$(document).ready(function () {
    console.log('load');
    //check the current user
    SP.SOD.executeFunc('sp.js''SP.ClientContext', IsCurrentUserWithContributePerms);

});

//Logic to Redirect non site collection admins to Access Denied Page
function IsCurrentUserWithContributePerms() {
    console.log('Hi');
    IsCurrentUserMemberOfGroup(function (isCurrentUserInGroup) {

    });
}

//End of edit form validation script

function IsCurrentUserMemberOfGroup(OnComplete) {
    var context = new SP.ClientContext.get_current();
    var currentWeb = context.get_web();
    var currentUser = context.get_web().get_currentUser();
    context.load(currentUser);
    console.log(currentUser);

    context.executeQueryAsync(
            function (sender, args) {
                var userInGroup = IsUserInGroup(currentUser);
                console.log('S');
                OnComplete(userInGroup);
            },
            function OnFailure(sender, args) {
                console.log('F');
                OnComplete(false);
            }
    );

    function IsUserInGroup(user) {

        var isSiteAdmin = user.get_isSiteAdmin();
        if (isSiteAdmin) {
            console.log('Admin');

            return isSiteAdmin;

        }

        else {
            console.log('URL');

            var url = (window.location.href).toString().toLowerCase();
            console.log(url);
            if (url.indexOf("/_layouts/15/people.aspx") != -1 || url.indexOf("/_layouts/15/viewlsts.aspx") != -1 || url.indexOf("/_layouts/15/recyclebin.aspx") != -1 || url.indexOf("/_catalogs/masterpage/forms/allitems.aspx") != -1 || url.indexOf("/_layouts/15/user.aspx") != -1 || url.indexOf("/_layouts/15/groups.aspx") != -1 || url.indexOf("/_layouts/15/managefeatures.aspx") != -1 || url.indexOf("/_layouts/15/changesitemasterpage.aspx") != -1 || url.indexOf("/_layouts/15/settings.aspx") != -1 || url.indexOf("/_layouts/15/sitemanager.aspx") != -1 || url.indexOf("/_layouts/15/savetmpl.aspx") != -1 || url.indexOf("/_layouts/15/mngsiteadmin.aspx") != -1 || url.indexOf("/_layouts/15/mngsubwebs.aspx") != -1 || url.indexOf("/_layouts/15/sitedirectorysettings.aspx") != -1 || url.indexOf("/_layouts/15/mngctype.aspx") != -1 || url.indexOf("/_layouts/15/adminrecyclebin.aspx") != -1 || url.indexOf("/_layouts/15/areanavigationsettings.aspx") != -1 || url.indexOf("/_layouts/15/user.aspx") != -1 || url.indexOf("/_layouts/spusageweb.aspx") != -1 || url.indexOf("/_layouts/15/subedit.aspx") != -1 || url.indexOf("/_layouts/15/subchoos.aspx") != -1 || url.indexOf("/_catalogs/wt/forms/common.aspx") != -1 || url.indexOf("/_catalogs/wt/forms/allitems.aspx") != -1 || url.indexOf("/_layouts/15/mngfield.aspx") != -1 || url.indexOf("/_catalogs/lt/forms/allitems.aspx") != -1 || url.indexOf("/_catalogs/theme/forms/allitems.aspx") != -1 || url.indexOf("/_catalogs/theme/forms/allitems.aspx") != -1 || url.indexOf("/_catalogs/wp/forms/allitems.aspx") != -1 || url.indexOf("/_catalogs/wp") != -1 || url.indexOf("/_catalogs/solutions/") != -1 || url.indexOf("/_layouts/15/sharepointdesignersettings.aspx") != -1 || url.indexOf("/_layouts/15/areawelcomepage.aspx") != -1 || url.indexOf("/_layouts/15/areatemplatesettings.aspx") != -1 || url.indexOf("?contents=1") != -1 || url.indexOf("?pageview=shared&toolpaneview=2") != -1 || url.indexOf("?toolpaneview=2") != -1 || url.indexOf("_catalogs/users/simple.aspx") != -1 || url.indexOf("/_layouts/15/newsbweb.aspx") != -1 || url.indexOf("/_layouts/15/create.aspx") != -1 || url.indexOf("/_layouts/15/spcf.aspx") != -1 || url.indexOf("/_layouts/15/appregnew.aspx") != -1 || url.indexOf("/_layouts/15/srchvis.aspx") != -1 || url.indexOf("/_layouts/15/spcontnt.aspx") != -1 || url.indexOf("/_layouts/15/role.aspx") != -1 || url.indexOf("/_layouts/15/createpage.aspx") != -1 || url.indexOf("/_layouts/15/sitesubs.aspx") != -1 || url.indexOf("/_layouts/15/prjsetng.aspx") != -1) {
                console.log('REdirectURL');
                window.location.replace(_spPageContextInfo.webAbsoluteUrl + "/_layouts/15/AccessDenied.aspx");
            }
            console.log('Exit');

            return isSiteAdmin;

        }

    }
}


//End

Provided the path in the master page that is being used.
Finally non site collection administrators were getting Access Denied Page as below

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)