如何设置SharePoint托管的应用程序'；s通过PowerShell的权限？_Powershell_Sharepoint_Sharepoint 2013

如何设置SharePoint托管的应用程序'；s通过PowerShell的权限？

powershell sharepoint sharepoint-2013

如何设置SharePoint托管的应用程序'；s通过PowerShell的权限？,powershell,sharepoint,sharepoint-2013,Powershell,Sharepoint,Sharepoint 2013,我正在使用导入SPAppPackage和安装SPApp部署应用程序。我希望能够使用Set-AppPrincipalPermission设置权限，但无法使其正常工作我正在使用PowerShell cmdlet导入SPAppPackage和安装SPApp将SharePoint托管的应用程序上载到SharePoint。这对于不需要额外权限的SharePoint托管应用程序来说效果良好但是，一个应用程序需要对该站点进行读取访问，因此这在清单中声明。在Visual Studio中运行时，它工作正常—在

我正在使用

导入SPAppPackage

和

安装SPApp

部署应用程序。我希望能够使用

Set-AppPrincipalPermission

设置权限，但无法使其正常工作

我正在使用PowerShell cmdlet

导入SPAppPackage

和

安装SPApp

将SharePoint托管的应用程序上载到SharePoint。这对于不需要额外权限的SharePoint托管应用程序来说效果良好

但是，一个应用程序需要对该站点进行读取访问，因此这在清单中声明。在Visual Studio中运行时，它工作正常—在第一次启动时，它正确地请求信任该应用程序，以便对该站点进行读取访问

当我通过PowerShell添加此应用程序时，它没有机会询问。安装继续进行，没有问题，但是应用程序无法工作。（由于权限问题而失败，这是绝对正确的行为，因为权限尚未授予。）

我可以通过访问网站内容，单击问题应用程序的“…”，选择“权限”，然后单击“如果应用程序权限有问题，请单击此处再次信任它”的链接来修复权限

但我真的希望能够通过PowerShell完成整个部署

Set-AppPrincipalPermission

cmdlet应允许我设置权限，但我无法使其工作。具体来说，我无法获取应用程序部署时自动创建的应用程序主体的句柄，因此我无法将此应用程序主体传递给

Set-AppPrincipalPermission

应用主体的名称格式为“i:0i.t|ms.sp.int|@”，并在/u layouts/15/appprincipals.aspx上列出。当我使用

Get SPAppPrincipal

时，我得到的只是：

Get-SPAppPrincipal : The app principal could not be found.

我还没有看到任何使用

Get-SPAppPrincipal

的SharePoint托管应用程序的例子，它们似乎都是针对提供商托管的应用程序。它们似乎都只是使用一个应用程序主体ID，该ID是由客户端ID和领域ID构建的，但我的SharePoint托管应用程序没有客户端ID

是否可以获取SharePoint托管应用的应用主体，并使用它通过PowerShell设置权限？我是做错了什么，还是有其他的方法？

我和你一样努力解决同样的问题，最终在以下两个博客中找到了答案：

这是一篇关于通过PowerShell“按下”信任按钮的文章

因为我知道像我这样的程序员有多懒，所以可以随意使用这个合并脚本来安装应用程序：

    param
(
    [string]$Web = $(throw '- Need a SharePoint web site URL (e.g. "http://portal.contoso.com/")'),
[string]$Source = "ObjectModel"
)

Write-Host -ForegroundColor White "-------------------"
Write-Host -ForegroundColor White "| App Installer |"
Write-Host -ForegroundColor White "-------------------"
Write-Host -ForegroundColor White "- "

#Global vars
$AppPackageName = "App.app";

#Loads powershell settings
Write-Host -ForegroundColor White "- Load Powershell context.."
$0 = $myInvocation.MyCommand.Definition
$dp0 = [System.IO.Path]::GetDirectoryName($0)

#Loads the SharePoint snapin
Write-Host -ForegroundColor White "- Load SharePoint context.."
$ver = $host | select version
if ($ver.Version.Major -gt 1) {$host.Runspace.ThreadOptions = "ReuseThread"} 
if ((Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorAction SilentlyContinue) -eq $null) {
    Add-PSSnapin "Microsoft.SharePoint.PowerShell";
}
[void][System.Reflection.Assembly]::Load("Microsoft.SharePoint, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c") 

#Imports the App package
Write-Host -ForegroundColor White "- Import app package '$AppPackageName'..."
$appPath = "C:\Projects\App\App\bin\Debug\app.publish\1.0.0.0" + "\" + $AppPackageName;
if ($Source.Equals("ObjectModel", [System.StringComparison]::InvariantCultureIgnoreCase)) {
$sourceApp = ([microsoft.sharepoint.administration.spappsource]::ObjectModel);
}
elseif ($Source.Equals("Marketplace", [System.StringComparison]::InvariantCultureIgnoreCase)) {
$sourceApp = ([microsoft.sharepoint.administration.spappsource]::Marketplace);
}
elseif ($Source.Equals("CorporateCatalog", [System.StringComparison]::InvariantCultureIgnoreCase)) {
$sourceApp = ([microsoft.sharepoint.administration.spappsource]::CorporateCatalog);
}
elseif ($Source.Equals("DeveloperSite", [System.StringComparison]::InvariantCultureIgnoreCase)) {
$sourceApp = ([microsoft.sharepoint.administration.spappsource]::DeveloperSite);
}
elseif ($Source.Equals("RemoteObjectModel", [System.StringComparison]::InvariantCultureIgnoreCase)) {
$sourceApp = ([microsoft.sharepoint.administration.spappsource]::RemoteObjectModel);
}

$spapp = Import-SPAppPackage -Path "$appPath" -Site $Web -Source $sourceApp -Confirm:$false -ErrorAction SilentlyContinue -ErrorVariable err;
if ($err -or ($spapp -eq $null)) 
{
Write-Host -ForegroundColor Yellow "- An error occured during app import !"
throw $err;
}
Write-Host -ForegroundColor White "- Package imported with success."

#Installs the App
Write-Host -ForegroundColor White "- Install the APP in web site..."
$app = Install-SPApp -Web $Web -Identity $spapp -Confirm:$false -ErrorAction SilentlyContinue -ErrorVariable err;
if ($err -or ($app -eq $null)) {
Write-Host -ForegroundColor Yellow "- An error occured during app installation !"
throw $err;
}
$AppName = $app.Title;
Write-Host -ForegroundColor White "- App '$AppName' registered, please wait during installation..."
$appInstance = Get-SPAppInstance -Web $Web | where-object {$_.Title -eq $AppName};
$counter = 1;
$maximum = 150;
$sleeptime = 2;

Write-Host -ForegroundColor White "- Please wait..." -NoNewline;

$url = "$($Web)_layouts/15/appinv.aspx?AppInstanceId={$($appInstance.Id)}"
$ie = New-Object -com internetexplorer.application
try
{
    $ie.visible=$true
    $ie.navigate2($url)
    while ($ie.busy)
    {
        sleep -milliseconds 60
    }
    $trustButton = $ie.Document.getElementById("ctl00_PlaceHolderMain_BtnAllow")         
    $trustButton.click() 
    sleep -Seconds 1
    Write-Host "App was trusted successfully!"
}
catch
{
    throw ("Error Trusting App");
}

while (($appInstance.Status -eq ([Microsoft.SharePoint.Administration.SPAppInstanceStatus]::Installing)) -and ($counter -lt $maximum))
{
Write-Host -ForegroundColor White "." -NoNewline;
sleep $sleeptime;
$counter++;
$appInstance = Get-SPAppInstance -Web $Web | where-object {$_.Title -eq $AppName} 
}

Write-Host -ForegroundColor White ".";

if ($appInstance.Status -eq [Microsoft.SharePoint.Administration.SPAppInstanceStatus]::Installed) {
Write-Host -ForegroundColor White "- The App was successfully installed.";
$appUrl = $appInstance.AppWebFullUrl;
Write-Host -ForegroundColor White "- The App is now available at '$appUrl'.";
Write-Host -ForegroundColor White  "- (Don't forget to add app host name in your host file if necessary...).";
Write-Host -ForegroundColor White "- "
}
else {
Write-Host -ForegroundColor Yellow "- An unknown error has occured during app installation. Read SharePoint log for more information.";
}

这将通过powershell完成完全信任部分：

$targetWeb = Get-SPSite "http://dev.my.com"
$clientID = "82ea34fc-31ba-4e93-b89a-aa41b023fa7e"

$authRealm = Get-SPAuthenticationRealm -ServiceContext $targetWeb 
$AppIdentifier = $clientID + "@" + $authRealm 
$appPrincipal = Get-SPAppPrincipal -Site $targetWeb.RootWeb -NameIdentifier $AppIdentifier 

Set-SPAppPrincipalPermission -Site $targetWeb.RootWeb -AppPrincipal $appPrincipal -Scope SiteCollection -Right FullControl

更多信息请点击此处：

想出了一种不用IE的方法

基本上只是使用powershell调用

3属于

SPAppPrincipalPermissionKind

enum，我认为它的价值并不重要。

非常有用-非常感谢！我确实觉得必须自动化IE来完成这项工作的想法有点吓人，但我很高兴这至少是可能的（我很高兴我没有错过一个简单的解决方案）。我对IE也有同样的想法。但是，嘿，它确实行得通。在这个例子中要考虑的一件事是，在信任应用程序之后，它不会关闭IE。在博客帖子中有一个IE.Quit。这在我的机器上不起作用，所以我把它拆了。对我不起作用。找不到应用主体。我尝试通过注册SPAppPrincipal添加，但这会创建一个标识符中带有“ms.sp.ext”的主体。但显然，我们需要“ms.sp.int”，当您通过浏览器UI允许应用程序时，您会得到它。

$rootUrl = "https://ur-sp.com"
$urlSiteName = "ur-site"
$web = Get-SPWeb "$rootUrl/$urlSiteName"
$appPrincipalManager = [Microsoft.SharePoint.SPAppPrincipalManager]::GetManager($web)
$applicationEndPointAuthorities = new-object System.Collections.Generic.List[string]
$applicationEndPointAuthorities.Add("$rootUrl/$urlSiteName");
$symmetricKey = New-Object System.Security.SecureString;
$datetimeNow = [System.DateTime]::Now
$credential = [Microsoft.SharePoint.SPAppPrincipalCredential]::CreateFromSymmetricKey($symmetricKey,$datetimeNow,$datetimeNow)
$creationParameters =New-Object Microsoft.SharePoint.SPExternalAppPrincipalCreationParameters($appid,$appFriendlyName,$applicationEndPointAuthorities,$credential)

$appPrincipal = $appPrincipalManager.CreateAppPrincipal($creationParameters)

$appPrincipalPermissionsManager = New-Object -TypeName 
Microsoft.SharePoint.SPAppPrincipalPermissionsManager -ArgumentList $web

$r = $appPrincipalPermissionsManager.AddAppPrincipalToWeb($appPrincipal, 3)