I am new on SharePoint 2010 and trying to make basic web sites.
First, created a new site. Using domain authantication. I've done to hide Site Actions tab. Surrounded the tags with
<SharePoint:SPSecurityTrimmedControl ID = "spstcSiteActions" runat = "server" PermissionsString = "ManageWeb">
When you do this, end-user cant see Site Actions ribbon, but cant see Sign In link too :)
I want to make Site Actions invisible, but Sign In link visible. When the user clicks then link, he can see Site Actions ribbon if authentication is success. My question is How to hide Site Actions tab, but show Sign In link in same tab or at different place.
I've not tried this on SharePoint 2010 but might know a workaround. You could try putting a link on your masterpage that points to /_layouts/authenticate.aspx . Once the user clicks on the url, they will be authenticated and brought back. Then the trimmed control can show the site actions menu depending on permissions.
You'll need a trimmed control around the login link in order to hide it when the user is authenticated.
You might want to look into what CustomActions are available to you. I've used custom actions in SP2007 to add items to the site actions menu. You might be able to leverage something something similar to hide an item.
Here's a related article:
http://msdn.microsoft.com/en-us/library/bb418728(office.12).aspx
Related
I will try to make this as short as possible. I am making a Chrome extension and I wanted to have an integrated settings tab so users can customize their experience. Now, I want this settings tab to be somewhat of an "extension" to an existing settings tab in a website. Let me explain.
The website I am talking about is Roblox.com, a popular gaming platform. When logged in, you have the ability to visit your settings, which look something like this:
Now, in order to navigate the different setting "tabs," you simply click on a button and it takes you to another change. The URL corresponding to each page is https://www.roblox.com/my/account#!/TAB_NAME, with TAB_NAME being the name of the tab. What I want to do is make my own "tab" where once the player clicks, it will bring them to a settings tab where they can tweak the extension's settings. This would look something like this:
I am fully aware on how to this (inject a button into the list and customize said button), but what I don't know what to do is make it so that once the button is clicked, it will not redirect you to another website, but will simply "switch tabs" like it would with any other setting. There is an extension that already does that called "Roblox+", where it adds a button to the list, and once clicked, it takes you to a similar-looking page with the URL https://www.roblox.com/my/account?tab=rplus#!/info. From my understanding, since the tab name isn't a header, the URL does not change, which allows for a custom webpage. Now, if you were to paste that URL in a browser without the extension, then it would simply redirect you to the "Account Info" tab (although the URL remains). Here is how the Roblox+ extension settings page looks like:
Now, from what I can assume, what happens is that right after the normal account information page is loaded, it removes all the HTML elements that are related to the account information tab and re-creates the entire page using custom HTML elements. That is something similar to what I want to do. Regardless of this, I do have one question. Is it possible to somehow "overwrite" a certain domain so that, let's say, the URL https://www.roblox.com/my/account#!/my_plugin_settings led to my custom page (even if that means that the page is made from an HTML file) instead of where it was supposed to lead? If that isn't possible, would it be better to create a custom settings page outside of the Roblox website or somehow inject my own into the current settings?
This is the question that I have. Hopefully I explained it well. If someone could assist me on this, then that would be amazing. Thank you for your time and help, I truly appreciate it.
I am trying to figure out how to email out one item from a list by when you have an item clicking on a button as a web part. Sort of like when you create a print button and it prints out just the one item.
I don't want all of my users to have to download anything. Is there a way just to code the webpart to create a button where your outlook email pops up with a new email and the list item and details are in the body of the email?
While it is possible to build a button that would use JavaScript to scrape the contents of a specific element on a page (since you are building client side script) and put them into the body of an email, there's a lot of formatting issues that can arise there since non-text elements might be lost, styling might drop off and there's the potential for XSS, etc. You would also have to edit the item template for that button to show up.
You can also build a custom action that sends the content of the item through email with a workflow. This requires a bit of dev work in SharePoint that you may or may not be familiar with.
Additionally, if they don't have access to that site, why would you automate sending them content from it? If it's content they should have access to, why not put it in a list/library that is more tailored to their permission level?
I'm trying to implement permission levels in SharePoint hosted app. I've created a custom list "Permissions" where I'm adding different users with their roles.
I have created a page List.aspx where I'm showing my custom list "Products" as a list view web part. Page List.aspx checks the user's role against "Permissions" list, and page can show or hide content in regards to this role. The problem is, when user tries to navigate to "Lists/Products/Allitems.aspx" or "Lists/Permissions/Allitems.aspx" he can see the list items.
All code check is done in JavaScript and I know there is a security risk, but this will work for my users. I just need to find a way to inject custom JavaScript code to Allitems.aspx, and to check if user has permissions to see it or not.
Everything here is done on App web and there's nothing that I use on host web.
I've found a workaround for this. Basically what I did is that I just hide the list view from direct access. To achieve this, open the Schema.xml of the list and replace "JSLink":
from
<JSLink>clienttemplates.js</JSLink>
to
<JSLink>~site/Scripts/OverrideListView.js</JSLink>
Now, create a new file Scripts/OverrideListView.js and add following code to it:
document.write("<style>body {display:none; };</style>");
Try now to access Lists/Permissions/Allitems.aspx directly. You will get a blank page.
This is basically idea how to insert custom JS code into list view. You could add additional code for checking current user's permissions on site level and in regards to it to unhide this view, or even to redirect him to the homepage if he does not have right role or permissions.
I have an unusual scenario in which only one page of our SP 2007 site is throwing this error "You are not authorized to view this page".
Here are some details:
SP 2007 Enterprise
The page in question uses SmartPart to display custom usercontrol.
We have 50+ pages that also use custom user controls in SmartPart, and none of them generate this error.
The page in question has several functions, and it initially loads just fine. First time it loads, user selects a customer from a dropdown, then enters a search query and clicks the search button. That all works, and the page then returns some search results. That works as well. The the user can click on a Modify link for each item. It's clicking on this Modify link that generates the page error. All of these things are done one this one page, it just refreshes accordingly. The Modify link is just a standard asp:commandline field that causes the page to load the line item in editable mode.
Here's the other strange thing. If I login as the SP Administrator account, and go to this page, it all works properly, no errors...and, then all other users can go in and use the page properly, without errors as well. It's as if whatever the security issue is, is being resolved temporarily as a result of the Admin using the page first. But after a code publish, or IISRESET, etc, the page goes back to not working for any general users.
Any ideas on what I should look for in trying to resolve this issue? I can also provide code if anyone thinks that may be relevant.
Thanks!
use SPSecurity.RunWithElevatedPrivileges for running your code with anonymous access user:
SPSecurity.RunWithElevatedPrivileges(delegate()
{
using (SPSite site = new SPSite(web.Site.ID))
{
// implementation details omitted
}
});
I am using MOSS with ADS. I want to display Terms of Use page before the user can login into SharePoint with two button i.e. "Accept","Decline". If user select "Accept" he will be directed to sharepoint site, if not to our companies intranet front page. This will be applicable for the current session. ie. If the user has signed off, then it should prompt the terms of use again when user hits the MOSS site but once accepted user should not get this page again until he/she signs off.
Please advise.
Thank you
You can follow one of the Approach below based on your requirement & Flexibility.
If you have AD Configured with the FBA, Make a copy of Login.aspx and save it as MyLogin.aspx & Edit the Login Control and insert your Terms & Conditions there,keep in a check box AND enable the login button only if I agree is checked.
Next is to have a control that is deployed to the Master Page, this control will not have a UI but it will check in the session to see if the user has agreed the Terms and condition if yes it will redirect to the welcome page or the page user has requested else will navigate him to the Terms page until accepts.On Accept flag that information in session.
If you are using SharePoint 2010 you could use the Dialog framework to show a popup & get this done.
You could create a custom page in /_layouts which has your terms and conditions, along with the buttons for accept/decline.
Hitting the accept button will create a cookie for keeping track of whether or not the user has accepted the conditions for the current session.
Then, you could create a HttpModule which intercepts all requests to the SharePoint site. If the cookie is present, do nothing (ie let the user access the requested page), otherwise redirect the browser to the custom accept/decline page.
You should be able to do this fairly easily. If you dont care about them accepting or denying it, then just use this redirect module http://httpcode.s3.amazonaws.com/httpcode.Redirect.wsp to redirect them once to the page. You can tell this module to do it once. If you need to verify that they accept/decline, you will need to add all the people to a new group, and then on accepting, remove them from that group. That way they will always be directed to the new page.
Hope this helps