I have created a saved search for a custom record with available filters. I have then added a Customer Center category called Information and in this category added a Link to the search form. I have added the necessary permissions to the customer center role to view the record and the search form. However, the search form does not appear in the customer center.
For it to appear I need to set permission on the custom record to No Permissions. The result is that when the search is run in the customer center, the user can view and edit the search result lines and hence the custom record...
Is there any way to avoid this: allow user to view search results but not view and edit the records? I have seen I can publish a saved search, however I would rather have a search form that allows the user to use the available filters.
If you simply want to avoid access to the custom record you can use a WorkFlow or a UserEvent script to blowup the request, with a nice message of course ;)
If I had this requirement I would probably do something like this:
Redirect to a page (SuiteLet) with clietn script deployed to pop-up a message "Access denied, fool!"
Once the user confirmed (i.e. clicked 'OK') I would redirect back to the search results
You'd lose any filters and scrolling settings but that's not a big price to pay. Even then you can get into parsing the nlobjRequest and look for the filters as params that you can pass down the redirect chain and then use nlapiRequestURL with the params to restore your filters. I don't know if that last part is actually possible but it's a concept.
Thanks for your response and solutions.
In my particular case, I'm adding a link to a custom record search.
I found that by restricting the permissions to the custom record to Edit only, than the user is not able to drill down to view or edit the custom record.
I did this as follows:
Setup > Users/Roles > Edit my customer center role > Permissions (sub tab) > Custom Record (sublist) > my custom record > Restrict > set to Edit Only.
Related
So what I am basically trying to do, is to have the ability to add custom field(e.g. Secondary URL) to Content item Meta Tab, so that the user can set it manually on demand. Reading docs did not bring any result
On the attached screenshot, you can see Path, Navigation title fields, so I need to add additional one
to be able to modify the content type - in your case adding a new field - it is required to have the proper permissions via assigned roles. More specifically, you need to have permission to modify content.
Content modeling could be done via UI - see Content modeling tutorial, in your case it is Adding an element into a content group "Metadata". You also can use REST Management API for that.
Here's what I'd like to do but not sure how to. I have a form that's like a typical doctor/school form, where the form has 2 sections: [1] Section 1 at the top is for user (with standard fields like First Name, Last Name etc.), and [2] Section 2 at the bottom is for Admin/Office use only (with fields like Reviewed by, Approved/Not Approved etc.)
what I was able to do is to process Section 1 where I got ALL users' submission and display all their data on a webpage using a RepeaterWithCustomQuery. That's pretty basic. But in order to do what described above, I guess that I'll need to pull the submitted data and populate them back to Section 1 of the form (maybe as readonly data at this time) and then the Office/Admin staff can fill in Section 2.
I hope I made sense and hope that someone can point me to the right direction. I only use Portal Engine, no access to file system or backend.
I think I understand your issue you want to have some sort of an editor for biz form data. Similar to what you have in the admin. And the problem is that you don't have access to backend. :( Such thing is available for custom table data (there is web part), but not for biz form data. There is no ready to use web part. Here is old topic on that https://devnet.kentico.com/questions/how-to-edit-the-information-of-a-record-using-the-bizform-layout.
you want to have something like the admin page for editing form records:
/CMSModules/BizForms/Tools/BizForm_Edit_EditRecord.aspx?formID=7&formRecordID=1
but customized :(. I'd say without back end access the only options I see:
Create a new role "Biz Form Editor" (or use existing) that has rights only to edit biz
form data. So all your people who do "validation" part must have a
Kentico account with role "Biz Form Editor".
Add link above to your repeater with appropriate record id.
P.S. There are special code names for alternative forms (https://docs.kentico.com/k8/configuring-kentico/creating-alternative-forms/code-names-of-automatically-used-alternative-forms). If you create an alternative form with special name update the system will automatically load it when you edit the record.
Not sure that I understood correctly your question. But what you need is to use alternative forms. So the idea is that one form is for "registration" and the 2nd one for "validation".
So in your registration form you show only firstName, lastName etc and you don't show "validation" fields. In the validation form you show firstName, lastname etc as label and show textboxes for validation fields.
We have SharePoint Online site with list. Users can add, edit and delete own items in this list.
How I can resolve new issue - Users can't edit and delete own items older than one week (from creation date).
Is it possible without coding Remote Event Reciever or Azure function?
Per my knowledge, there is not an OOTB way to achieve it, we have to write some custom code.
If you only want to the user can't see some items in list view base on some condition, we can use list view Filter to achieve it. Note:User also access item form through URL.
I suggest you use remote event receiver or azure function to achieve this requirement.
In classic site, we can also add some JavaScript code into master page to prevent users access edit form page and hide the delete button in the page.
For this kind of requirement the solution which is 'no code' and with SP online is Power automate (previously MS Flow).
The best option in Your case would be to create a recurring flow which for example starts every day at 00:10 AM -> please see MS docs with description how to do this.
The Flow should get all items from a specific list for a specific site. You can do that with the 'Get Items' step. After that You can use the 'Apply to each' Step to check each item creation date with a 'Condition' Step. When some item will be older than one week You can use additional steps to break permission inheritance on item and remove all groups from permissions on this item or change the permissions on item from edit to read. Here I found an interesting article where are some predefined steps shown how to remove all permissions, remove and add a group. To tell You the truth I was not aware there already are this kind of steps in Power automate (maybe something new :) ) .
I would use SharePoint HTTP request and use SharePoint API to remove permissions on item and change some group role from edit to read. So I would do a similar procedure like here the only difference is not to break permission on all list but just on a specific item which I would get by ID. You can do all of those API request with a 'SharePoint HTTP request' Step
Please be aware there usually is a 5 000 unique permission levels threshold (50 000 is in on-prem) in list (place check here for latest info on limits in SP Online). So a better option would be to create a folder with view only permissions for the users before and when an item is older than one week You could only move this item to that folder also with Power Automate. That way all the files (items) in this folder would be read only and You would have only one unique item scope in this list and not as many as the old items.
Some other options You could use are:
Also code solution, but not RER and Azure function, would be to create a console app that uses CSOM to look through items in this list and either breaks permission on each item or moves to a folder (like the flow) and schedule this CSOM app on some local or remote server in Task Scheduler... Of Course You would need some local (or other) server for it which is always up and running :)
If You would like to use some 'little coding' and by any chance You are still using classic UI (not modern) You could use JSLink attached to CT or some column like Title and block editing of fields in edit forms etc (this is not the best option as always the users may create a view without a columns with this JSLink and go around this or modify the item using CSOM or Rest API)
You might consider using PowerApps (In case you have it configured in your subscription) to customize the edit form,
Then you use the validate() method, and disable a user from submitting the form in case ("Created" + 7 days) <= Today() or something like that.
I've been tasked with setting up an advanced filter for a customer facing portal - as part of this, I have filters set up for various tags such as Priority, Site, Application, Reference. I've come up with a way to generate a URL that goes to the list and sets the filters to the selections given, by giving an html navigation command using a JavaScript function to splice together the URL.
This works fine for use within my team, however customers shouldn't have full access to our lists, and we have a customer-facing portal that currently has a limited view of these lists displayed to them, with much fewer details and none of our internal notes. These limited views are done through a web part that displays the Soaped in view - this is where I'm wanting to have the filtered list show up, as it's a more user-friendly way to search the list for information that the customer would want.
You can add a Query String (URL) Filler Wepart to the page, configure it for the param in the URL and configure connection or the List WebPart to receive filter value from the Query String Filler.
Add QSF webpart:
Configure the WP:
Establish Connection (go to the WP Edit mode first)
Test the URL param: ...sharepoint.com/sites/dev/SitePages/TestPage.aspx?Disp=1
I have a list with the fields: Title, Client, Project, Description.
There is a view for analysts with the fields visible: Title, Project, Description.
All is fine so far as the analysts work with their views and not with the lists. But when they need to modify the records clicking on Edit, they see and able to modify the 'Client' field too.
How to prevent 'Client' field to be available for editing by the group? is there a way in WSS or I need to look for 3rd party list components?
All fields have a set of properties that determine their visibility in forms, such as "ShowInNewForm", "ShowInEditForm", and "ShowInDisplayForm". There's also some for the file dialog, the list settings page, and a few other places, but that's getting past it. Short answer, yes, you can make the field not show up in the edit form with WSS without needing any 3rd party components.
If you need a field that cannot be seen in the Edit Form by anyone (that is, no one should be able to have it in their form), then you need to modify "ShowInEditForm" to be true. This can't be modified directly through the SharePoint UI, but it is extremely simple using the object model.
If you need certain people to edit it at some point through the SharePoint UI, then you'll instead have to create a custom edit form. That's a bit more complex, so I'll hold off on providing that instruction unless you state you need to go down that route (or someone else passes by this answer and requests it). Nevertheless, it is fully possible with WSS 3.0.
EDIT
If you know already know how to insert inline C# code into an ASPX page, you can perform this very simply using SharePoint Designer. First, follow the instructions from this article, especially make sure you don't delete the default list form web part. Now, in the custom list form you added, make it include every field which anyone will be capable of editing. The last step is to make the form hide those fields for certain people. Let's default them to Visible=false, and flip this switch if the user is allowed them. You can do this either by checking if the current user is part of specified groups, or by checking if the user has a certain permission level only held by people of those groups. You'll basically write some code like the following, I'll use checking for a specified group as the example.
using (SPWeb web = this.Web)
{
SPUser currUser = web.CurrentUser;
string[] listOfGroups = { "Group1Name", "Group2Name", "Group3Name" };
foreach (string groupName in listOfGroups)
{
if (currUser.Groups.Contains(groupName))
{
//Repeat this for each Control, refer to them by their ID. For example, this is for a control with the ID txtTitle.
txtTitle.Visible = true;
}
}
}
If you don't know inline code, you'll have to write a custom ASPX page with a code-behind. Copy EditForm.aspx into a new file - you should do this after setting up a Custom List Form as per the article. You could also build a new ASPX page from scratch, but make sure you include all of the necessary Content placeholders for SharePoint pages. Now, the page currently inherits from Microsoft.SharePoint.WebPartPages.WebPartPage. We need to create custom code that inherits from that class, and change the page to inherit that new custom code instead. In the custom code, override one of the OnLoad or OnInit methods, and include your check for the user's permissions there as detailed earlier. Compile the code, deploy it to your SharePoint server, and it should be functional.
If you want to set fields hidden or display them in new form or edit form page of the list...
Go to the list settings.
In Advanced Settings, enable "Allow management of content types"
By doing so, you will get a List name Link on the List Setting Page.
Open the link and select the fields that you want to hide or uhide using add or remove option.
After saving this, again disable "Allow management of content types" in Advanced Setting...
Thats it :)))