Set list field permission - security

So you don't have programming privileges on a SharePoint Server but you can use SharePoint Designer. You create lists and you need to separate field permissions. You need fields that all can fill out and fields for administrators to fill out. How do you accomplish this without code?

Have a look at this blog post from Laura Rogers. It shows you how to display (and therefore edit) fields according to permission level using SharePoint Designer.

It'll be awkward.
There is no such functionality out of the box but you can spoof it using multiple lists and workflows.
Something like:
1 list for admins with all fields
1 list for users with user fields
Tie these together with workflows: users have rights on the user list, they can add an entry that fires a workflow that creates or updates an entry in the admin list, copying in all the fields.
You should be able to create these workflows with SharePoint designer.

Related

The items to be shown on the Sharepoint list will depend on the user

Can you please help me on how will I able to filter the items of my list in Sharepoint depending on the user logged. The items that need to be shown will also depend to the team where the user belongs.
Thanks in advance!
So the image below shown is my list.
For example, User 1 and User 2 both have Full Control permission on my list. But User 1 should only see entries for DETE team. And User 2 should only see entries for Service Control Team.
Showing which items to be shown based on the current user can be done using out of the box SharePoint permission features.
The simplest and short answer is to set unique permissions on each item in your list to specific users or groups by breaking permission inheritance for the SharePoint list. Once the inheritance is broken, you can then specify your unique custom permissions on each item in your list. Then SharePoint will only show what is available for the user to see. If you are not familiar with security inheritance in SharePoint, then I suggest reading up on this topic as this is a foundation of SharePoint security.
To do this, use the "Shared With" -> "Advanced" options from the ellipsis menu on that item, then you can break permission inheritance on that item. (If you don't see the tool ribbon, then change the "List Experience" setting to classic via list settings -> advance settings -> list experience)
Then break the permission inheritance on the item:
Then you can grant permission to specific users or groups:
This can work okay for a small list but is a management nightmare for a large list.
One alternative is to use "Folders" and set the appropriate permissions on there instead. Then you can add/remove items from the folder for easier management to control which users can see what. There are pros and cons with this approach but this method has worked for me. What is nice is that you can display the items with or without folders using the Folder display options when creating a custom view.
Another solution is to create a custom workflow that will apply the proper item security permissions for you when an item is created in the list. This is good to automatically set the permissions for you without doing any work but does add maintenance duties if permissions needs changing such as new users, remove users or modifying users.
Setting up the proper security groups and users should give you the flexibility needed for your security requirements. It is always good practice to use groups when possible.

Creating a SharePoint Quiz OOTB

I am trying to create a quiz that users can take in SharePoint to test their knowledge. I can do this by creating a custom list with calculated fields to work out whether they have passed or not.
This is fine but the issue comes in making sure that users cannot see other user's completed quizzes too. I see you can tick the option of 'Read items that were created by the user'. How can I make sure then that I can see all items created by all users in this list?
I am new to SharePoint so any help would be great.
Thanks in advance
What you're doing is setting item-level permissions. Options such as "Read items that were created by the user" and "Create items and edit items that were created by the user" only apply to users with Contribute or Edit permissions. They do not apply to users with at least Design permissions.
So, to see all items created by all users in this list, make yourself a Designer or an Admin.

Microsoft InfoPath Designer

I am trying to create a form in Microsoft InfoPath designer 2013 using a SharePoint list, and I would like to allow users to designate who approves each stage.
Does anyone have any ideas on how I might do this?
Please note that I do not have the access in my organization to use SharePoint Designer in case that was part of your solution.
Is there any reason you can't use an OOTB Approval Workflow for this?
This should be a case of the user kicking off the workflow after the user starting the workflow picks who the various approvers are from the People Editor.
You can add a people picker column in if you wanted to add a field to the form to allow someone to put a user in manually and then read that value in during the workflow. On the downside, a people picker would allow them to choose from any person / person or group on the site. I would advise against basing a workflow on a text input like that (people picker or not).
Better to use a multiple choice field to have someone select that they'd like to go down x path or to notify a set group of people and wait for x number of responses/approvals.

Best way to create Sharepoint forms using Designer 2007 / WSS 3.0

My company is running its own server with WSS 3.0, and I am using Sharepoint Designer 2007 to make changes. I am new to the world of sharepoint (but experienced with webservers and web programming), but basically what I am trying to accomplish is this:
We are trying to automate forms that all employees must fill out (for example, our Employment Application). Since all employees have access to our sharepoint intranet, we will put it on there. It must do the following:
Display a form where users can enter their data. Once submitted, the data is stored in a database (sharepoint uses Lists for this I believe).
A user can go back to the form to edit things if need be (and their old data will be automatically loaded).
User’s should only be able to access their own form and not see everyone else’s. Only admin’s should be able to see everyone’s stuff.
What is the best way to go about accomplishing this? Can I create a standard list and modify it to suit my needs? Do I need to code some ASP forms to make this work? Is there an inexpensive web part that can do this sorta stuff?
I don’t think using Infopath is an option for me since I have wss 3.0 I would need the end user to have infopath as well, and many won’t have it, so that rules that out.
I think you want to adjust the Item Level Permissions setting of the list. (List Settings->Advanced Settings)
The form in SharePoint States:
"Item-level Permissions
Specify which items users can read and edit.
Note: Users with the Manage Lists permission can read and edit all items. Learn about managing permission settings."
There are settings for Read access and Create and Edit access:
Read access: Specify which items users are allowed to read
-Read all items
-Read items that were created by the user
Create and Edit access: Specify which items users are allowed to create and edit
-Create and edit all items
-Create items and edit items that were created by the user
-None
This sounds like you simply need a custom list, possibly with custom forms (edited with SharePoint Designer) in case the default forms aren't adequate.

SharePoint 2007: How to Restrict Access at the Field Level?

Is it possible in a SharePoint 2007 list (MOSS, though I don't think that this is Enterprise Edition) to allow users in one SharePoint group to edit values in some fields and users in another group to edit values in the other fields?
From all the searching I've done, this does not appear to be possible, so as a fallback I'll accept answers that suggest the best way to accomplish something like this (e.g. maintain the items in separate lists, linking them by ID).
I do not have access to Central Admin, but I do have Full Control of the site. Also, this site was not configured for custom code, so besides changing list settings (and site settings) I can make changes via SharePoint Developer (but not Visual Studio).
A big THANKS in advance!
Steve
You are correct that it's not possible to set field-level permissions without custom code. Furthermore, you're on the right track thinking separate lists, though you should be aware that SharePoint list lookups are a rather weak correlation. Usable, but not exceedingly robust.
For presenting the combined data you'll want to look at SharePoint Designer's joined subviews.
Have a look at Displaying SharePoint Fields by Permission Level by Laura Rogers. This is an approach that uses SharePoint Designer.
Also see the SPListDisplaySetting CodePlex project. This is a site collection feature that needs to be installed so may not be an option.
You can customize Edit Forms for SharePoint 2007 Lists (EditForm.aspx).
With custom list definition and custom edit form you can write code to check the user and show different fields depended on the users permissions.
'a' workaround to get this functionality is to change the content type associated with a list item using workflows.
Like so:
User creates list item in content type A (limited fields).
Workflow starts, changes to content type B (all fields).
Admin gets notified, opens listitem, fills out additional form fields.
And so on..

Resources