Using OAuth to prevent unauthorised users calling HTTP Triggered Power Automate Flows
Grokking the AzureAD OAuth2 Implicit Grant Flow
References: Authentication Scenarios for AzureAD The OAuth2 Implicit Grant flow is designed for use by applications which cannot maintain the security of an application registration client secret, typically applications which run in a browser. Unlike the Authorization Code grant flow, the implicit grant flow returns to the client an access token upon successful authentication when the … Continue reading Grokking the AzureAD OAuth2 Implicit Grant Flow
SharePoint: Checking Arbitrary User Permissions and why SPListItem.DoesUserHavePermissions is a Big Fat Dirty Liar
To clarify, the object model method isn’t a big fat dirty liar, but the documentation certainly is. This blog post is about checking permissions of arbitrary users against SharePoint objects which expose the ISecurableObject (this interface is marked obsolete in 2010 in favour of the new SPSecurableObject class) interface using the overloaded DoesUserHavePermissions method of; SPListItem.DoesUserHavePermissions(SPUser … Continue reading SharePoint: Checking Arbitrary User Permissions and why SPListItem.DoesUserHavePermissions is a Big Fat Dirty Liar
Mixing RunWithElevatedPrivileges and SharePoint List Permissions
Checking user permissions against SharePoint artefacts is straightfordward enough, many types within the object model expose a range of overloaded DoesUserHavePermissions(…) methods, the example below checks that the current user has ViewListItems permissions against a list. This example assumes that you’ve already got a reference to the list to check, SharePoint security trimming means that you may … Continue reading Mixing RunWithElevatedPrivileges and SharePoint List Permissions
SharePoint: Security Trim Contents of a Data View Web Part
Security Trimming the Data View Web Part. Security Trim Contents of a Data View Web Part « Rai’s SharePoint Blog.
platinumdogs.me 