在這個示例里,我們將創建一個頁面測試 SharePoint APP的權限。這個頁面有二個按鈕,一個從documents里讀數據,一個往documents里寫數據:
1. 打開Visual Studio 2012,創建一個新的 Sharepoint 2013 app: PermissionTest,選擇 Sharepoint-hosted,點擊Finish 
2. 打開Default.aspx :
引入knockoutjs
<script type="text/javascript" src="https://ajax.aspnetcdn.com/ajax/knockout/knockout-2.2.1.js" ></script>
加入二個按鈕:
<asp:Content ID="Content2" ContentPlaceHolderId="PlaceHolderPageTitleInTitleArea" runat="server"> App Permission Test </asp:Content> <asp:Content ID="Content3" ContentPlaceHolderID="PlaceHolderMain" runat="server"> <button data-bind="click: readList">Press here to read from Documents.</button> <br /> <button data-bind="click: writeList">Press here to write to Documents.</button> </asp:Content>
3. 打開APP.js, 加入下面js:
/// <reference path="knockout-3.0.0.debug.js" /> $(function () { ko.applyBindings(new testPermissionsViewModel()); }); function testPermissionsViewModel() { var self = this; self.result = null; self.readList = function () { var context = new SP.ClientContext.get_current(); var hostWebContext = new SP.AppContextSite(context, decodeURIComponent(getQueryStringParameter("SPHostUrl"))); self.result = hostWebContext.get_web().get_lists().getByTitle("Documents").getItems(new SP.CamlQuery.createAllItemsQuery()); context.load(self.result); context.executeQueryAsync( Function.createDelegate(self, self.onSuccess), Function.createDelegate(self, self.onFail) ); } self.writeList = function () { var context = new SP.ClientContext.get_current(); var hostWebContext = new SP.AppContextSite(context, decodeURIComponent(getQueryStringParameter("SPHostUrl"))); self.result = hostWebContext.get_web().get_lists().getByTitle("Documents").getItemById(1); self.result.set_item("Title", "My update book title"); self.result.update(); context.executeQueryAsync( Function.createDelegate(self, self.onSuccess), Function.createDelegate(self, self.onFail) ); } self.onSuccess = function () { if (self.result instanceof SP.ListItemCollection) { if (!self.result.get_item(0)) { alert("Success but no return"); } else { alert("Success, first title = " + self.result.get_item(0).get_item("Title")); } } else { alert("Success"); } } self.onFail = function (sender, args) { alert("Failed: " + args.get_message()); } } function getQueryStringParameter(paramToRetrieve) { var params = document.URL.split("?")[1].split("&"); var strParams = ""; for (var i = 0; i < params.length; i = i + 1) { var singleParam = params[i].split("="); if (singleParam[0] == paramToRetrieve) return singleParam[1]; } }
4. 打開 AppManifest.xml ,選擇 Permissions tab, 創建一個權限請求,scope選擇List, Permission選擇Read:
5. 保存並發布APP, 選擇Documents,點擊Trust it按鈕
6. 現在你能看到APP了:
7. 這時當你點擊第二個按鈕時,你將得到訪問拒絕的信息,回到AppManifest.xml文件,把權限改為Write
8. 再保存並發布,再次點擊第二個按鈕,發現Success了。