I have a SharePoint list that is populated via an InfoPath form. There are two groups of people who have access to the form: end users and owners. While I don't have any issue with assingning permissions to owners, for the end users, this proposition has been tricky.
My requirement is such that - the end users should be able to:
Add new items to the list via InfoPath form
Not interact with the list in any other way
Now if I give the end users contribute permission to the list, they will be able to view and edit other list items in the list (which is the function of owners only). But if I don't give the end users contribute permission, they cannot add to the list. Is this a real catch-22 or am I spawning this out of my ignorance?
How about using a custom web service that performs the task of inserting items. But the real query is - would you want them to view the items as well?
If yes, you can give the view permissions on the list to your end users and addition via your InfoPath form, which would essentially call a web service and execute the code to submit items with correct privileges.
Regards,
Nitin Rastogi
Go to site collection level >> Site Settings >> Site Permissions (under Users and Permissions) >> Permission Levels (under Manage section) >> Add Permission Level.
In this page, find List Permissions in Permissions section. Check "Add Items".
Create a group that you need and give it the Add Items permissions. Add all the users to this group who should only be able to add to the list and not edit it. Give the list unique permission (don't inherit form the parent). Then add the group to the list.
Related
I'm working on requirement, where we have a list with categories we want to maintain list own our own. we want others to restrict from add/ delete/modify, only we want to do that.
Is it possible to do it in SharePoint?
Yes. You can stop inheriting permissions from the site in the list and assign unique permissions to the users.
Go to List sttings > Permissions for this list.
Click Stop Inheriting Permissions in the ribbon > Slect all existing groups and users > Remove User Permissions > Grant full control Permissions to specific users and grant read permission to other users.
I have a SharePoint Site where I created a List and I want to give read and add access to this list only to a limited group of people.
First I created in the SP site the List "ListX"
In the ListX settings I went to list permissions and I stopped inheriting permissions from the site and I created unique permissions
On the site advanced permission settings I created a new permission level "Add and View Only" where I selected the following options:
On the list permissions section
(a) Add Items - Add items to lists and add documents to document libraries
(b) View Items - View items in lists and documents in document libraries
The moment I selected those two options the following options have been automatically selected for me on the site permissions section:
(a) View Pages - View pages in a Web site
(b) Open - Allows users to open a Web site, list, or folder in order to access items inside that container
Then on the site permission I created a SharePoint group "ListX Users" and I gave the permission level "Add and View Only"
Then I added several users in the SP group "ListX Users"
Then I granted permissions on the ListX permissions to the "ListX Users" SP group
However the user gets the message "Sorry you don't have access" when they try to go to the top level of the site so that they can click on the ListX link and they are prompted to request access.
Any idea why that happens and how to give such Add and View access to the ListX only? Thanks
Best (and easiest) imo is to work down. Give them permissions on site level and break inheritance on each library that shouldn't be visible for everyone.
That way the navigation is the easiest and for maintenance has the easiest overview.
I partially solved my issue by adding two more options in the List permissions permission levels of "Add and View Only". See below.
Open Items - View the source of documents with server-side file handlers
View Application Pages - View forms, views, and application pages. Enumerate lists
However in this case the user need to have a direct link to the list and cannot navigate via the site.
I am currently trying to set up a nintex workflow in SP 2010 that will run when an item is created in a list. Basically, users will be set in a custom permissions group before they create an item. When an item is created, the workflow will check for who created the item and then set that person in a different custom permissions group. From what I have found, the only way to do this is by using a call web service action, this requires credentials that I do not have access to. I was curious if there was a way to achieve the same permissions switch workflow without using the call web service action?
You could always use the action "change item permission" which should do the trick for modifying permissions to the item. you can assign it to either a person or group.
I would also suggest looking at a different route for managing item permissions. Change them at the item level is doable but can quickly become a nightmare if you want to revert things or figure out who has what after the 1000th item has been modified.
Hi
I am been looking at the different permissions and I am wondering is it possible to restrict what a person can add?
I just see "add Item" and this seems to allow a user to add anything. Weere I want some users to be only able to add a "page" were other users can add a "page" and a "category"
Just a thought. If we go to the root site -> site settings -> Site permissions. you will be listed with site permissions of the site. Clicking on settings of the list, you get Permission levels, where you can add a new permission level.
In your case, there can be 2 permission levels created - one which allows adding items to lists and other which allows adding pages. These permissions can be used while creating users or groups to assign permissions.
Hope this helps.
Add an event receiver to the list, and if they try to add something of the wrong content type, cancel the add in the event receiver.
I have configured my list so that users can only read and edit items they have created.
I now need to configure this list so that a particular group of users can edit and read all items on this list. I know users with the 'Manage Lists' permission would be able to do this.
My question is can this be configured to be even more granular to apply a permission that works like the 'Manage Lists' permission but only for a particular list, rather than all lists?
Many Thanks,
Nav
Cant you do this:
Create a permission set which has manage lists (do not assign any groups to this)
Create a group for the list itself - do not assign any permissions to the group
Add people to the group
navigate to the list
add the group to the groups allowed access to the list
modify the group permissions on only this list to include the permission set you created in step 1 (which has manage lists permission).