Another SharePoint question from myself!
I've created a subsite and from within Sharepoint designer I've created a new aspx page, all nice and simple so far. I can't seem to find where I can change the security on this new page, only site admins can view the page and everyone else gets access denied.
It doesn't seem to inherit the permissions from the parent and I can't see where to change the security settings!
Please help, I'm sure it's something simple!
Thanks
Dan
You've placed your ASPX file in a 'bad' place. It doesn't sit where the normal security structures for SharePoint work so you won't be able to set its item level permissions (because it is not an 'item'). This is the danger of giving people SharePoint Designer ;)
Personally I think your page belongs in the _layouts folder somewhere since it seems to be an admin page. In there you could simply secure it by a call like:
SPUtility.EnsureSiteAdminAccess();
Either you can:
Put your page in a library so you can set item level permissions to it
Create a custom control that allows you to call the code above for any page
Move the page to _layouts
From SharePoint, you should be able to navigate to where you stored your new aspx page (probably in one of your Document Libraries). From that location you can either change the permission of the Document Library, or manage the permissions of an individual aspx page.
Please note that it is best practice to set permissions at the Site Collection level and allow everything under the Site Collection to inherit permissions.
Related
I have two features that add CustomAction to the SiteSettings page. One feature is at the Site level and the other is at Web level.
The CustomAction that is being added at the Site level is a link to the custom configuration page that manipulates Site level settings for my application. Therefore, I don't want the link displayed for the SiteSettings page of a subsite. I know there is a setting (RequireSiteAdministrator) that hides the page according to access level, but I would still like to have this page show up for Site owners at the top/root level site settings page and not in the sub site level setting page.
There is a RootWebOnly attribute for the CustomAction xml node which would solve my problem. The problem with this attribute is that it only available for SandBoxed solutions.
I know that this is possible, since I see the behavior for the Site collection administrators link in the Users and Permissions section of the Site Settings page. Please notice that if you go to the top/root level settings page, you will see this link. On the other hand, if you navigate to the Site Settings page of a subsite, the link is no longer there.
I have tried using HideCustomAction, but this hides the link on both pages.
After battling with this for two day, I had an ah moment that I thought I would share. This will allow you to place a custom action that will show only at the root web level.
Create 2 features. One at the site level (siteFeature) and one at the web level (webFeature).
Make the web feature hidden so that it can't be accessed (activate/deactivate) though manage features page.
Put the custom actions element xml in the web feature.
In the activation event receiver of the site feature, activate the web feature.
UnfortunlyUnfortunately this is not possible with custom actions and custom group.
All you can do is just to set up permissions on the link that will be shown only to SiteCollection Administrator
Example how it will be is "Site Collection Administation" group where links are hidden when you are not on the top site level and shown when you are.
Hope it helps,
Andrew
I need the ability for users to add, edit, and delete lists/libraries but not have the ability to edit web part pages or delete web part pages. I am boggled that the Edit Items permission allows for editing and deleting web part pages. The alternative I see at the moment is setting Read permissions across the entire site, and then setting specific permissions on each individual List/Library. The problem with this is that I have site templates, so the security does not remain in the site template (it inherits from the parent). Can someone clarify this for me? Or suggest what permission level I should use to accomplish my goal stated above? Thanks.
I had a similar issue at a client site. The workaround I found that worked out rather well was to break the permissions on the 'Pages' document library and set that to read only (with the exception of the groups that actually needed rights to edit pages).
HTH
-CK
Is there any webpart (free or purchased) that can be set to display the permissions for a list or document library? We want to set up pages that contain a view to a document Library and a section at the top of the page that lists what users can access the library, to ensure that users adding content to the library don't accidentally place it somewhere where the wrong people can see it.
Try the Access Checker Web Part
It offers something that should be much easier out-of-the-box: list user's permissions throughout the site. I can testify it saved me hours of sharepoint permission debugging.
alt text http://i3.codeplex.com/Project/Download/FileDownload.aspx?ProjectName=AccessChecker&DownloadId=43465
I have a SharePoint Wiki that I'm permitting anonymous users read-only access to. However I'd like to make it so that the "Edit-History-Incoming Links" toolbar at the top vanishes if the user accesses the site so they don't get curious about that link, but a logged in editor is allowed access. Is there any easy way to permit this? Thanks!
Look into wrapping whatever renders the links (perhaps on the masterpage) with a SPSecurityTrimmedControl using SharePoint Designer:
http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.webcontrols.spsecuritytrimmedcontrol.aspx
I'm reasonably new to SharePoint 2007 and trying to move from an ASP.NET to SharePoint way of thinking has been an interesting experience!
I would like to create a page at the same level as the default.aspx page in a subsite. The "SharePoint way" of doing things involves putting the page into a document library. I am reluctant to do this as the breadcrumb navigation of the page then includes the name of the libarary but I would like the library to be transparent to the user.
I can create a page in the right place in SharePoint designer but I can't find a way to use a SharePoint template. I have tried copying the default.aspx page, but the navigation linkes are not updated.
Am I missing something or can someone suggest a solution?
I see what you are saying. I would like to share my thoughts on how I will do it.
If the Breadcrumb is your only reason why you want to move to a different than lib, the I recommend you to override the ContentPlaceholder that has the BreadCrumb in your Page, so that BreadCrumb wont be there. But URL will be there for the User to Guess ./DocLib/default.aspx.
And if the reason to hide the document library is to make sure that you don't want to allow the user to get into the Lib and change something. I recommend you strip out the permission from the Document Lib and give all the user ReadOnly and add the user with more right who you thing will need to edit the pages.
And finally you wanted to it in a Place, you can try deploying them as a Feature that will provision the pages as Ghostable rather then GhostableInLibray.
While 1,3 cab be packaged in a WSP. 2 one needs bit of a Manual / custom Code if you are trying to automate the process.
Steps to create Ghostable pages you can refer to this
It doesn't seem to be possible. Subsites can be used to be categorise content by topic, but they can't be used very much.