I have a SharePoint Wiki that I'm permitting anonymous users read-only access to. However I'd like to make it so that the "Edit-History-Incoming Links" toolbar at the top vanishes if the user accesses the site so they don't get curious about that link, but a logged in editor is allowed access. Is there any easy way to permit this? Thanks!
Look into wrapping whatever renders the links (perhaps on the masterpage) with a SPSecurityTrimmedControl using SharePoint Designer:
http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.webcontrols.spsecuritytrimmedcontrol.aspx
Related
Is there any webpart (free or purchased) that can be set to display the permissions for a list or document library? We want to set up pages that contain a view to a document Library and a section at the top of the page that lists what users can access the library, to ensure that users adding content to the library don't accidentally place it somewhere where the wrong people can see it.
Try the Access Checker Web Part
It offers something that should be much easier out-of-the-box: list user's permissions throughout the site. I can testify it saved me hours of sharepoint permission debugging.
alt text http://i3.codeplex.com/Project/Download/FileDownload.aspx?ProjectName=AccessChecker&DownloadId=43465
Another SharePoint question from myself!
I've created a subsite and from within Sharepoint designer I've created a new aspx page, all nice and simple so far. I can't seem to find where I can change the security on this new page, only site admins can view the page and everyone else gets access denied.
It doesn't seem to inherit the permissions from the parent and I can't see where to change the security settings!
Please help, I'm sure it's something simple!
Thanks
Dan
You've placed your ASPX file in a 'bad' place. It doesn't sit where the normal security structures for SharePoint work so you won't be able to set its item level permissions (because it is not an 'item'). This is the danger of giving people SharePoint Designer ;)
Personally I think your page belongs in the _layouts folder somewhere since it seems to be an admin page. In there you could simply secure it by a call like:
SPUtility.EnsureSiteAdminAccess();
Either you can:
Put your page in a library so you can set item level permissions to it
Create a custom control that allows you to call the code above for any page
Move the page to _layouts
From SharePoint, you should be able to navigate to where you stored your new aspx page (probably in one of your Document Libraries). From that location you can either change the permission of the Document Library, or manage the permissions of an individual aspx page.
Please note that it is best practice to set permissions at the Site Collection level and allow everything under the Site Collection to inherit permissions.
How can I disallow adding item or document to a list or document library? Due to some other feature scenario I cannot break role inheritance and have custom permission set for the list. Today, we restrict the addition using event handler (Item adding) – but this leads to poor UX.
Is there a way to have Role inheritance for a list and still have a base permission mask? Something like, allow everything that parent web offers but not X,Y,Z. Breaking role inheritance in the traditional way introduces the problem of explicit User and role management. Having a SPGoup hold an another SPGoup could help here, but that too is not possible. Let me know your suggestions.
I think you are asking to allow a user to have add permissions to the list but not actually be allowed to add to the list. Event receiver is going to be the best way. The only other solution I can think of is to use a custom item form that will do the check.
You can solve your problem by creating a webpart with the below functionality.
Identify the logged user is in admin group. If he is not in that group ganarte a javascript alert that "you have no permission for add new item" and redirect to (location.href="") allitems.aspx page.
And place this webpart in Newform.aspx page.
(add &toolpaneview=2&sharedview=true in in Newform.aspx url for editing page)
Hope this helps. Let me know if you need more help.
Create an IHTTPModule and subclass the context AuthenticateRequest event.
In the AuthenticateRequest routine you can inspect what type of action is happening and then redirect the user to the SharePoint "Access Denied" page. This is exactly how SharePoint does this functionality so the UX experiance would be the same.
If you want my opinion I would go with the way SharePoint handles permissions out of the box and break role inheritiance. Sure it will add new complexities to your life. But, I think you can better manage these complexities with the SharePoint Admin Toolkit and some custom built utilities for managing permissions. I think that is a better solution than what you are trying to do.
Am I missing something here when I suggest: Just hide the toolbar (or specific button) in the view page? That's an painless CSS hook done in the view page or SharePoint Designer
If you are using a custom List Template, you could create a custom View Toolbar Template. However, you probably will not want to use this on an OOTB List Template and it doesn't look like this will work on an existing list.
Even if you implement this, I would still leave the Event Receiver in place in order to prevent URL spoofing.
I would like to show different tabs in the top navigation of a SharePoint site depending on what 'Audience' the user is in. I can do this fine for pages but for subsites I cannot find an option. Googling reveals a work around, hiding the subsite and adding a link to the subsite URL.
There has to be a better way than this!
The only way to do this is by actually using Usergroups in Sharepoint. Audiences are nothing more than a form of display:none; like in CSS. If you know the URL, you still can get access. SPWeb knows only about allowing security objects (SPUSer / SPGroup) access to it...
I'm reasonably new to SharePoint 2007 and trying to move from an ASP.NET to SharePoint way of thinking has been an interesting experience!
I would like to create a page at the same level as the default.aspx page in a subsite. The "SharePoint way" of doing things involves putting the page into a document library. I am reluctant to do this as the breadcrumb navigation of the page then includes the name of the libarary but I would like the library to be transparent to the user.
I can create a page in the right place in SharePoint designer but I can't find a way to use a SharePoint template. I have tried copying the default.aspx page, but the navigation linkes are not updated.
Am I missing something or can someone suggest a solution?
I see what you are saying. I would like to share my thoughts on how I will do it.
If the Breadcrumb is your only reason why you want to move to a different than lib, the I recommend you to override the ContentPlaceholder that has the BreadCrumb in your Page, so that BreadCrumb wont be there. But URL will be there for the User to Guess ./DocLib/default.aspx.
And if the reason to hide the document library is to make sure that you don't want to allow the user to get into the Lib and change something. I recommend you strip out the permission from the Document Lib and give all the user ReadOnly and add the user with more right who you thing will need to edit the pages.
And finally you wanted to it in a Place, you can try deploying them as a Feature that will provision the pages as Ghostable rather then GhostableInLibray.
While 1,3 cab be packaged in a WSP. 2 one needs bit of a Manual / custom Code if you are trying to automate the process.
Steps to create Ghostable pages you can refer to this
It doesn't seem to be possible. Subsites can be used to be categorise content by topic, but they can't be used very much.