I have a requirement in a Sharepoint 2013 setup wherein I've to give access to external users to a document library. Each User will have a folder by their name, and would be allowed to ACCESS their folder ONLY. They are not even allowed to see each other folder names. They can anytime upload additional or delete the existing documents. External Users are setup using FBA.
Inside the network, there is a Windows user who'll have access to all the folders and documents of that library. I don;t think standard document library can handle this since there is no "Deny View" Permission in Sharepoint.
Sharepoint Folks - Please guide what will be the best way to handle this kind of requirement.
I don't think having a bunch of folders makes sense. However, you could have users upload documents to the shared documents library and have a column in the documents library of the user's username. You could then create a content query on that list to query documents that the current user uploaded. You could then replicate a "folder" type of feel by creating this page, styling it, and directing all users to it.
Let me know what you think of that.
There actually is a way to deny all users. Remove the Authenticated Users, and Remove Anonymous Access from the Library. I agree, that using folders is the wrong idea here. Folders can cause much more harm than help in certain situations.
Create a site to hold multiple libraries, or disinherit the site, remove everyone not essential to the libraries, and use it as a container for the document libraries. Each library can still have it's own unique permissions, and without Authenticated or Anonymous, you'r essentially telling SharePoint that none has access except for the users specified in the ACL's on that library.
You COULD leave the permissions intact on the site and powershell the creation of the document libraries within the site, assigning custom permissions.
Related
I am trying to sync a sharepoint folder, "Testing" shown in the image below to my local device, but I have not been able to figure out how to do this.
I have looked at other sources and they said to find the "Sync" option, however I was unable to find this option. How should I go about doing this?
Edit: This is a shared folder that has been shared to me by another person in the organization, and can be accessed by multiple people
Had to read your post a few time but the answer is in the Edit section. The folder was shared to you by another user in the organization. This is most likely the reason why the sync option is not available. I'm a 365 admin in my organization and would make sure that users could not share SharePoint Doc Lib with other users and defiantly not be able to sync the library if the user could share a folder. This would be down to GDPR or Organization policy in place plus SharePoint Libraries will/should have user access in place. Being able to receive a share link from another user to me would mean that there is an issue with access to the SharePoint Document Libraries security/access settings.
If you return to classic SharePoint, you would see the "Sync" option.
To sync sharepoint folder to local device, you have to allow items from this document library to be downloaded to offline clients. Please go to library settings-> Advanced settings, make sure you select yes.
I would like to give only read permission for a user to entire intranet site. The user must be able to read all the list and libraries in all the sites and subsites. I saw posts related to giving permission for a specific list or library but I didn't see any post related to giving read permission for the entire intranet site. I'm using SharePoint 2013.
Thanks
If you mean Read access to everything in a single site collection, then that is hard to give generic advice to because assorted list, libraries and subwebs can have broken the permission inheritance such that it would be impossible for an outsider to tell you which groups this person needs to be a member of.
Now if you mean you want a user to have Read access to all site collections within a web application, then that is absolutely something that can be accomplished and it is very easy too. That is done via something called: Policy for Web Applications - https://technet.microsoft.com/en-us/library/ff608071.aspx
I am the site collection administrator of one application. One specific user cannot able to see the content of the document library. He is provided with the full control over the site as well as that specific document library. He is able to access the document library but cannot see the contents in it. All other users able to view the contents.
Please suggest me some solution.
Check if library items have item level permission configured.
I have a specific requirement where-in I want only the uploader of the document and a specific team to be able to view it in list / library. 1) is it possible? 2) If yes, how...?
Ok. So I was able to resolve my issue with the steps mentioned below. Soon will be documenting it in form of a blog and share it:
Created the document library and modified the default view to only show documents that were created by/modified by [Me].
Added a new web page to the library and gave exclusive rights to access that to a certain set of users.
Restricted all users from creating a view with the help of creating special permission level where user only had access to upload or delete a document but not creating/updating/deleting lists/views. Also disabled private view creation.
Hope this may be helpful to others too who are looking for restricted views / disabling view creation.
You need to set item level permission through event handler:
http://www.chakkaradeep.com/post/SharePoint-ndash3b-Setting-Item-level-permission.aspx
http://msdnvietnam.net/blogs/quang/archive/2009/07/02/sharepoint-eventhandler-set-item-level-permission.aspx
#Ashish, in SharePoint 2007 GUI you cannot make a query that will show documents that belongs to a specific group, however CAML specification supports it (Membership tag), it wasn't documented until SP2010, but it works on SP2007 (i'm using it)
However this involves custom coding and this doesn't assign permissions automatically, it just enables you to filter documents by groups.
For a solution without custom coding you could consider making a seperate folder/list for every person/group and set permissions to folder/list accordingly. This will also help performance - it's better to have permissions set on high-level container than having fine grained permissions (i'm just assuming that, because i read everywhere that mass fine-grained permissions are bad for performance)
You may use current user filter web part to filter the document by whom logged in into the sharepoint site by passing the value Dispaly Name
To quickly summarise my question:
Is it feasible to programmatically change the name of a directory (with both files and sub-folders) in SharePoint? I am expecting that users will have files checked out on at least some occasions what I am attempting the rename.
The background:
I am currently contracting for a company that produces web based software (ASP.NET) with a configurable document management system. The system can be configured to use different underlying systems, with the most common environment being SharePoint (WSS 3).
I have been assigned a task to extend what has to now been a fairly simple system (simply output files into a fixed directory structure, occasionally read). Having never worked with SharePoint before I am doing some research on best practices, and am attempting to work out what is viable. At this stage I do not have access to a testing environment myself, so am limited to reading up online.
One request is to have the directory structure reflect the name (as one example) of the current client - so all documentation for a client will be in one place, and can be accessed externally via SharePoint or other compatible applications. The specification cites that if the name of the client changes then the directory structure should immediately update. My concern is that this will either directly cause errors (eg. Permission denied) or indirectly cause errors (loss of work for users who have externally checked out files).
As a follow up question if there are concerns with the above, is there a better way to implement the above? I have looked at suggesting the users use views to access the structure in SharePoint, however there is a concern from our BA that users will not be able to directly upload new files into this structure.
Thanks
The issue with Folders in SharePoint is that they are not really folders in the way you would expect of a file system. All files in a SiteCollection are stored in one big-assed table on the Database (checkout the AllDocs table).
I cannot categorically say it is safe to rename the folder without doing a bit of testing, I know that the folders "name" is not the key to accessing the document, despite it appearing to be based on the Url you see in the browser.
The best bet is to do a quick test, but I am pretty sure that your plan will not be a problem.
The potential issue is if any Content Query Web Parts etc rely on specific folders to exist or if any other "code" or "pages" look for that folder and not the folderId.
Save the content of the list before you "attempt" it in production. You don't want to loose data.
Checked out documents will still work the way you expect them to.
You may however have to run a crawl again.