Is it possible to create a custom HTML message when a user does not have access to a specific List instead of showing the user that there are no records?
I don't understand what you mean. If the user doesn't have access to a list, they won't be able to see the list at all.
On the other hand, if you mean that the user DOES have access to the list but items in the list have unique permissions and he does not have rights to any of those items, then the answer is "no." He will see an empty list and there is no easy way to tell him that the list isn't really empty.
Related
Hello I am working on a Microsoft Lists project and I want to know, whether it is possible to show an item in the list default view to a person, who has rights to edit this item but is not the author of the item. I have list permissions set to the following picture:
So I have figure it out. The only way how you can view desired list items is creating a new view in SharePoint lists and setting up some advanced access permissions.
I'd like to "hide" certain documents from certain users in all places where lists are displayed. That is, the list of documents will be different for different users. For example, for user1 I want to hide documents containing "abc" and for user2 I want to hide documents containing "def".
Is there a SharePoint web part (or something) that I can deploy which will execute some code that can filter the list for all of the sites? Ideally, this "solution" would take as input a list and a username, and would return a subset of the list. And SharePoint would only display the filtered list. Also, for performance reasons, the input should not be the entire set of documents in the list, but rather just those that are displayed.
Also, I understand that one possible way to accomplish this is via permissions on the documents. Unfortunately, permissions is not something I can take advantage of as the documents have to be, in essence, public.
Also, to be clear, I am not asking about what the code should like like that does the filtering (although examples might be helpful), but rather if there exists a mechanism to accomplish the type of filtering I need.
Thanks for your help,
Eric
the best solution is absolutely permissions but if you cant use it, you can use audience targeting. go to your document library settings and enable audience targeting. after enabling, you will have audience target field in your documents.
you can have more info about audience targetting here http://technet.microsoft.com/en-us/library/cc261958.aspx
if this is not what you are looking for, you can create custom views on your library and create filters by using [Me] parameter for current user. e.g. you can create a multiple user field and write the names of people you dont want to see that document. after that you can create a view with a filter [Me] is not on that field. But you can not deny users access to document if he has permission on the document and knows the url of document.
I have a custom workflow. This workflow removes permissions to items when an item is added (example an item is added by a service account and once added those permissions need to be removed from that item). This works as I have the service account 'hard coded' in the custom workflow.
Now I would like to remove this hard coding and when a item is added to a list I would like to iterate through all users that have access to the list item. If a user matches some algorithm then remove that user from the item permissions which will be 0 to many.
The piece I'm stuggling with is how to iterage all users with permission to a SPListItem. Any thoughts on how to accomplish this?
Thanks in advance!
Check out the SPListItem.RoleAssignments property which is a collection of SPRoleAssignment objects. The Member property then represents a specific SPUser or SPGroup object that is assigned specific permissions in respect to the given list item by binding it to a collection of role definitions.
In your case you need to iterate over all available role assignments, inspect those that denote principals (users or groups) matching your criteria and rearrange the role assignments in a way that fits the desired security policy.
I think I just found the answer to this. I can iterate the RoleAssignments collection and perform my check on that. If anyone has another other ideas I'd be curious to hear about them :)
Thanks1
My requirement is that there are 2 parties
1. User (who creates the item)
2.Approvers who approve the item
When the user creates the item then they should see only their created item in the list (This is easily possible)...the approvers should have only read access and they can see all the items ...when i select the option that only person who creates the item can see the item then approvers are not able to see the items...can somebody plz help that how to work with this...maybe i am missing some simple stuff so can anybody just point me out to the solution..
Thanks
Firstly, if you want the Approvers group to be able to approve the item then they need at least the Approver permission assigned to their group, not just read-only (otherwise they can't update the item to mark it as approved).
However, since the requirement is also that users should only see their own items, I believe the only way the Approvers will also still see the items, is if they have Full Control permissions on the list, therefore you need to break permission inheritance at the list level.
( Regarding Moss 2007 )
i have created a sharepoint list in which one column is called user assigned - this is a lookup column of type - people and group.
i select the users from active directory to enter this field of the list.
So different items in this list have different users assigned
I have create permissions for this list to be read and write to the users in active directory .
so that when a particular user logs in to the sharepoint website with his credentials. he has read and write access to the list.
Now is there any way available in sharepoint by which the user do not see the whole list when they login to the website . He only sees the items of the list which the user assigned field is him only.
If the permissions are indeed setup right, you only have to go to List Settings, Advanced Settings, Item-Level Permissions and on "Read access: Specify which items users can read" you define their own.
If the users are not the creators of the items, you need to go to List Settings, Views (at the far bottom), modify the All Items View (or w/e you have as default), go to the filter section and add a filter like: "Show items only when the following is true", "Show the items when column" Assigned To is equal to [me]
I've been implementing such solutions for some while. It is possible, but
it takes much work to be done
if used in long term and/or the amount of data is large, this will hit performance
If none of these is a problem for you, then you can:
create code which performs BreakRoleInheritance() on the item, then adds ViewListitems permission for the user in "user assigned" column. You can find example code, for instance, here: http://social.msdn.microsoft.com/Forums/en/sharepointecm/thread/581e456c-db3c-44f1-b958-a824d95a2536 (or search in Google for "SPPrincipal" and "SPRoleAssignment" for more info)
make this code be called whenever the item is added or updated (you have to wait for the "-ed" events, because in the synchronous version of these events you can't change the permissions yet, for instance in "ItemAdding" there is no item created yet). You can achieve this by adding an event handler to the list.