SharePoint SPFx: Why you shouldn't use FullMask-Check (yet)
Update: With the SPFx Version 1.14 the bug was marked as fixed
It's been over a year since I reported the bug on GitHub, but it still exists. If you want to use the method
this.context.pageContext.web.permissions.hasPermission
in a SPFx component to check if the currently logged in user has full permission => this.context.pageContext.web.permissions.hasPermission(SPPermission.fullMask)
, you always get FALSE as return value, even if you are administrator. This is due to the bitwise validation in the Microsoft code.
The definition of this function looks like this:
SPPermission.prototype.hasPermission = function (requestedPerm) {
return requestedPerm && ((requestedPerm.value.Low & this.value.Low) === requestedPerm.value.Low) && ((requestedPerm.value.High & this.value.High) === requestedPerm.value.High);
};
This condition returns true:
(requestedPerm.value.High & value.High) === requestedPerm.value.High
But this one returns false:
(requestedPerm.value.Low & value.Low) === requestedPerm.value.Low
The reason is, that the bitwise AND returns -1 and not 4294967295
And this happens because JavaScript can only check bitwise in the range of -2147483648 to 2147483647 (see here)
Workaround
If you still want to check if a user has full access, you can use the following method instead. It checks if a user is siteadmin, or has full access:
public userHasFullMask(): boolean {
let isSiteAdmin: any = this.context.pageContext.legacyPageContext["isSiteAdmin"];
if(isSiteAdmin) {
return true;
}
let permission: SPPermission = this.context.pageContext.web.permissions;
let fullMaskPermission: SPPermission = SPPermission.fullMask;
return permission.value.High == fullMaskPermission.value.High &&
permission.value.Low == fullMaskPermission.value.Low;
}