I am developing a sharepoint 2010 visual webpart that will show some sort of ajax content.
I have a property on the webpart for the refresh rate, but I want this property to be set only by an Administrator (or any specific group).
What is the best way to achieve this?
Thank you.
In our organization, everyone by default is granted "Read" permission to our SharePoint sites through an "All Employees" Active Directory group. This allows users to browse the pages, but not edit them; and if you can't edit a page, you can't edit any web parts on the page.
Those who should have elevated privileges are added to other AD groups (you could use SharePoint groups too), and those groups are granted appropriate permissions.
You could create a custom Toolpart. Take a look at this example for a tutorial on how to create one.
Overall, your general steps will be:
Create your custom Toolpart class inheriting from Microsoft.SharePoint.WebPartPages.ToolPart
In your custom Toolpart, override CreateChildControls, write the code to display your textbox as long as the current user has permission (based on whatever rules you choose, ex: SharePoint group).
In your webpart, override GetToolParts and add your custom ToolPart so that it shows up in the right hand side
Related
I have created a custom Regular Role and I have inserted it inside portlet.xml of so-portlet(security-role-ref element) and I have also mapped it with the respective role in liferay-portlet.xml.
However, when a user owns only this custom Regular Role, an error message is displayed "You do not have the roles required to access this portlet".
It is also strange that this happens only in user's personal site, on any other site user is able to view the specific portlet.
Does anyone has any idea about this?
Since you have a Custom Regular Role for your App, you should edit the default Role Permissions
log as an admin
Go to Control Panel, Roles,
Find your Role, and from the Actions menu on the right side, pick Define Permissions
From the left menu, find your application
Edit your permissions. Make sure to have the 'View' action granted for your Role. You can additionally, allow it for all sites (default), or you can just select the 'User Personal Site'
Now, if you want to make an exception for a specific portlet instance (that's what I meant in my question, in the comments) you can:
Log as Admin
Navigate to the specific Page where your portlet instance is added.
Enable Edit Controls, and edit your portlet (mini menu on the upper right side, with the wrench icon)
Pick permissions and have your Role allowed to view the portlet
The Personal Site is a Private Site if I remember well, so i think your user is not a site member, necessary condition to view the private pages.
I have a SharePoint web part that exposes a set of configurable properties - since they have the PersonalizationScope property set to Shared, when a non-admin user edits the webpart settings they do not show up.
There is also a custom property, for which I've implemented a custom EditorPart. How can I hide the my EditorPart from the settings section when the user that modifies the web part is not an admin.?
If you are using the IWebEditable interface, you can add your custom EditorPart to the EditorPartCollection, only if the current user is in the Admin role.
Good luck with it,
Calin :)
What are the minimum SharePoint 2010 permissions required to allow a user to personalize a web part page, allowing updates and adding web parts to the page but completely restrict the user modifying the shared version?
I initially copied the built-in “Read” permission level and added the “Manage Personal Views”, “Add/Remove Personal Web Parts” and “Update Personal Web Parts” permissions from the Personal Permissions group. This custom permission level was then applied to a user who then viewed a web part page created by the Administrator, which contained only a very simple prototype SharePoint web part. This web part contained a modifiable label which was edited using the “Miscellaneous” section from the Edit Web Part from the standard SharePoint chrome.
With the custom permission level applied the “Miscellaneous” option it is not available to the user upon personalizing the page and selecting Edit Web Part. The “Miscellaneous” option only becomes available to the user when the permission level is further modified to have the “Edit Items” from the List Permissions group. This has the undesired effect of allowing the user to be able to modify the shared version of the page.
Is what I’m trying to achieve even possible?
Many thanks
Check this out: http://akifkamalsyed.wordpress.com/2011/01/17/personalizable-web-part-custom-property-not-shown-for-users-with-contribute-permission-level/
It's probably because you don't have a safecontrol for the webpart with the attribute SafeAgainstScript
I want to give a member a privilege to create a sub site or workspace with same permission as that of parent site. I have changed the OOTB "Contribute" permission level i.e. I have given permission to Create a web site. After doing this a Site Action Menu appear and I don't want it to be displayed when member with "Contribute" permission level is logged in. Is is possible to Hide Site Action at all without using designer?
Why not just create a new permission set, lets call it "Site Creators", that has all the option checked that contribute has + create site. Then create a new SharePoint group, add your users and add the new permissions set to the group's permissions.
Below are what I do usually. Hope it works for you too.
No.1 Open up the master page in SharePoint Designer.
No.2 Wrap the html of the Site Actions within a SPSecurityTrimmedControl.
No.3 Set the Permissions String as appropriate.
Can i program custom base permission level? There are many available in SPBasePermissions like
UseRemoteAPIs Use SOAP, WebDAV, or Microsoft Office SharePoint Designer 2007 interfaces to access the Web site.
ViewFormPages View forms, views, and application pages, and enumerate lists.
ViewListItems View items in lists, documents in document libraries, and view Web discussion comments.
However i want to make a custom one, something like:
EditItemsAssignedToMe + ViewItemsAssignedToMe + view/edit items i created.
Still finding my way out to allow users view and edit items created by them or assigned to them.
OOTB you don't have the fine-grained control and can only assign a certain set of permissions as defined on technet and this blog article.
However programmatically you can create a new SPRoleDefinition and assign it the appropriate permissions based on the SPBasePermissions enumeration as per this blog article. You might also want to read this short guide on the basics of SPBasePermissions.
If you want to go even further though and emulate the OOTB behaviour with your own custom permission set try Implementing Custom Security Rights in SharePoint.