I have a list which I've set item-level permissions on. I set it to allow users to read all items and only edit their own items...
The issue is that if I do this then I can still edit all items...
If I change it so that I can only read my own and only edit my own then it works as expected...
Anyone have any thoughts on why this would be occurring and a solution...
I've set the list up to only allow one user account with contribute rights for testing purposes...
when you change permission in a list Advance Settings, it still let contributors to go to EditForm but once contributors try to save item, that doesn't belong to them, it show error message that you don't have permissions.
give it a try, create an item by some user let say User1, then try to modify that item using User2 credentials (User must have only Contributor right on the site/list), it will let you go to EditForm but wont let you save item.
I hope it helps you.
Are you a list manager (e.g., a site owner)? List managers have extra permission.
This only works if your user does not have permissions to edit all items on the list by based on the site permissions. E.g. if your users has contribute permissions to the site, that will override the individual item permissions.
Related
I'm facing the following problem:
I added a custom list setting, which is shown under the general settings of any list. The link in the general settings redirects to an aspx-Site where the admin can set some settings.
The normal users without the right permissions can't see the list-settings (which is correct) but they can open the aspx-site by calling the URL directly and change the values I store in the property-bag of the list.
The aspx-Site seems to inherite the permissions from the root, but I need it to have the exect same permissions I have for the list-setting page.
Does anyone know how to do that?
Thanks in advance!!
I found a solution myself.
I check the permissions in the code behind:
if (!list.DoesUserHavePermissions(SPBasePermissions.ManageLists))
And I added this to the Elements.xml:
Rights="ManageLists"
Now the user isn't able to see the page unless he has the ManageList permission.
Maybe this will help somebody else later.
Thanks!
I have many files that have been added by one user. Now I need to show these file to all user (not only to who that added). I try to make an update directly to db (ResourcePermissin scope = 2). But nothing change..
How can resolve this? (By code or query on db)
Thanks!
I think you can update the permissions for the files and give VIEW permission for Guest Role or give VIEW permission to USER role if you want to show the files only to logged-in Users.
Overview Steps:
Fetch the files
Apply the permissions to the files
Save the updated files
An idea as to how liferay updates the permissions can be taken from portal-web/docroot/html/portlet/portlet_configuration/edit_permissions_algorithm_5_to_6.jsp and
Suppose there's a top-secret list (inherits its permissions from its parent) that contains records that were created earlier by different users. There are several groups with rights to administer, read, write-constrainted.
There is a group of authors of top-secret items. Author can only create a 'secret-item'. But the item shouldn't be viewed by other participants of the group (Authors).
I can't access/change site programmatically. And I'm curious how come I do this manually.
First, keep in mind that you cannot do "top-secret" in SharePoint. The site collection administrator will always have access to all content.
Manually, there are two features that come close to your request:
under advanced options in the list settings: user can only read/write his/her own items
under the same advanced options: activate approval. Content in draft state will remain hidden (except from approvers and site owners)
In addition to the answers from #Christophe, you can also modify the permissions of individual List Items.
If you were able to make programmatic changes, I would suggest attaching an ItemAdded event receiver to a custom Content Type named "Top Secret." But in this case, the permissions changes can be made as a manual step after adding the item.
The risk, of course, is if the author forgets to change the permissions, changes the permissions incorrectly, or changes the permissions very slowly (allowing others to see it before permissions are changed).
For more information on changing the permissions of a List Item, see Break permission inheritance on a folder, document, or list item.
i have a sharepoint site http://spp/sitepages/page2.aspx
I have a group called "Group1" with full control. There are two users "User1" and "User2".So both the users will have full control and both of them can make any changes in page2.aspx. Now this is my requirement, i want to allow only "User1" to access, when "User2" access my page i want to show "Access Denied" is it possible without code.
Since we can't vote to close towards sharepoint.se yet, here it goes:
You need to go to the SitePages library in the browser, select the page you want to change permissions and then go to the dropdown menu for the item > Manage Permissions > Edit Permissions (Stop Inheriting), remove all users / groups and only add User1 to the item.
A more detailed guide is available at the Microsoft Office website online
If you can put your page into a document library - do so. This way you can adjust your permissions properly with no code.
I have site collection and iterating user permissions for each subsites underneath. I have see couple sites have permissions to see. But when i do in the code level (below code) giving results false.
I don't know have to get his permissions other than this. When I go to url he has permission to see.
Please help me out.
sweb.DoesUserHavePermissions(suser.LoginName, SPBasePermissions.ViewPages |
SPBasePermissions.ViewListItems | SPBasePermissions.ViewFormPages)
Your code checks if the user has all three View permissions, which apparently isn't the case. If you just want to check if he has the most basic access, then you should check for SPBasePermissions.Open