I need to restrict a SharePoint list to some users where they all users can add items, but only members of a certain group should be able to view the items.
Is this possible?
I have an html form for creating the item.
Alternatively, can an Infopath form allow users to add item, but not view them?
You could set target audience for your list view.
Related
I have Created the SharePoint custom List with 3 views(Ex.test1,test2,test3).
I want to assign 3 views to 3 user,one should not have permission to view other's view.
Any help would be appreciated.
As far as I know, this is simply not possible, i.e. assigning views to a certain user. You can have 'Public' views (visible to everyone with access to the list as the name implies) and 'Personal' views (visible only to the user who created them, the user must have the relevant permission enabled for this). Personal views cannot be shared.
Also, if it is critical that data is only visible to certain users and not others, a user can look at items not in their View by simply changing the ID in the Item View in the URL so View filtering is not a good way to go about this.
Could you please elaborate on what exactly are you trying to achieve, i.e what is the difference between the views etc.?
UPDATED:
Here you can get another good solution.
https://sharepoint.stackexchange.com/questions/253723/restrict-list-view-to-role-sp-o365
It is really good solution because you need only admin rights and no code.
You need to create folders, break role inheritance and add permissions on folders.
My OLD answer:
From my experience It is depend on what is your expectations from solution, your limits, what you want to get and what things you can sacrifice and in some cases what SharePoint edition you are using.
Note: SharePoint does not have out-of-box fully customizable list item permissions.
I can say about some expectations, some details, some solutions and workarounds and how to implement this.
You can try to get something that applied to you:
.1. You want to disallow users to see other users views. But:
users with specific permissions can create their own views and therefore they can create views with all fields and all list items data from other disallowed views,
users can get data about all fields in list items and all list items from REST API, JSOM API and other SharePoint out-of-box web services,
users can open any list item, change URL item ID to another and see any data from other list item.
To achieve this you can:
.1.1. Open list under each user and create its own Personal View.
Personal Views displayed only for individual users.
.1.2. Create Public View and set its Target Audience.
Open view page -> in right corner click Gear icon -> Edit Page -> on the page click arrow icon on list view web part -> Edit Web Part -> Section "Advanced" -> Field "Target Audiences".
If you does not have this option then enable target audiences.
List Settings -> Audience targeting settings -> Enable audience targeting.
In audiences you can specify SharePoint users or groups who has permissions to see this web part.
Here you can see different uses of audiences and how to enable it on list or library: https://support.office.com/en-us/article/target-content-to-specific-audiences-33d84cb6-14ed-4e53-a426-74c38ea32293
.1.3. Create Public View, open its page, edit page, delete List View Web Part, add Content Query Web Part and set its Target Audience.
Here you can see info about Target Audiences:
https://support.office.com/en-us/article/target-content-to-specific-audiences-33d84cb6-14ed-4e53-a426-74c38ea32293
But I didn't perform this by myself.
.1.4. Add javacript to list view page.
This javascript will check user permissions and hide view or redirect user to some other location or will make other actions.
.2. Users cannot see other users created list items from any source (any list views, any API and web services).
.2.1.
Note: this is limited. User can only read, edit list items which created by him. You cannot apply this on other users created list items.
To achieve this you can:
List Settings -> Section "Advanced settings" -> Block "Item-level Permissions" -> "Read items that were created by the user" and "Create items and edit items that were created by the user" options.
.2.2. Create different lists for different users with different permissions.
.2.3.
Note: this is limited by SharePoint unique permissions limits.
You can create SharePoint workflow that run on list item creation. This workflow will break list item role inheritance and set new permissions for this items by some conditions.
This is may be good but here some limits exists. SharePoint limit list to have more than some limit number of list item unique permissions.
.2.4. I don't know if SharePoint has some limits to this but you can try and I don't know if you can perform this from public API but you can try to investigate.
You can create SharePoint workflow that run on list item creation. This workflow will set Target Audiences on list item.
Here you can see info about Target Audiences:
https://support.office.com/en-us/article/target-content-to-specific-audiences-33d84cb6-14ed-4e53-a426-74c38ea32293
.2.5. If you use SharePoint On-premise edition then you can add:
.2.5.1. List event receiver that run on list item Create event and perform following actions:
- break list item role inheritance and set new permissions for this items by some conditions
OR
- set Target Audiences on list item
.2.5.2. Create Timer job, deploy, schedule it in SharePoint Central Administration.
This timer job will be check newly created list items periodically and:
- break list item role inheritance and set new permissions for this items by some conditions
OR
- set Target Audiences on list item
.2.6. You can create Console Application (c# language) that connect to SharePoint, check newly created list items periodically and:
- break list item role inheritance and set new permissions for this items by some conditions
OR
- set Target Audiences on list item.
This console app can be scheduled on any server in your company through Windows Task Scheduler.
.2.7. You can write Powershell script that connect to SharePoint, check newly created list items periodically and:
- break list item role inheritance and set new permissions for this items by some conditions
OR
- set Target Audiences on list item.
This Powershell script can be scheduled on any server in your company through Windows Task Scheduler.
.2.8. You can create Windows Service (c# language) that connect to SharePoint, check newly created list items periodically and:
- break list item role inheritance and set new permissions for this items by some conditions
OR
- set Target Audiences on list item.
This windows service can be installed on any server in your company.
.2.9. May be you can create some other periodically running code (like Workflow, Console App, PowerShell script, Windows Service) in any server.
This code will:
- break list item role inheritance and set new permissions for this items by some conditions
OR
- set Target Audiences on list item.
I think code wrapper not limited to any implementation.
I think this ways is applicable to many cases.
If you want more customizable control, or you have some limits in implementation, then you can create many workarounds by many ways. Workaround can close many permissions holes but may be not all holes:
.1. You don't want user can create views from list view page UI.
You can add javascript to hide ribbon, buttons or some other UI elements to disallow user to create its own view or to switch to another user view.
If user is smart he can avoid this by using REST API, JSOM or web services to get neccessary list item data.
.2. You don't want user can see any list item data changing URL list item ID to another.
.2.1. You can add some javascript on default form pages.
On New Item form page, on Display Item form page and on Edit Item form page.
This javascript will be check user permissions and hide data or redirect user back to list view page or somewhere.
.2.2. You can create HttpModule that intercept web requests and check user permissions and redirect him to another page if he don't have permissions.
HttpModule must be added to IIS and SharePoint web config.
.3. You can try to disallow REST API, JSOM using but I didn't do that.
I think you can add HttpModule to IIS that will intercept web requests and check user permissions and return bad request HTTP status codes and error messages.
But I didn't yet try this by myself.
Here you must know all API endpoints to close access to them.
May be here exists many other different workarounds but I don't remember about them now.
Try something from what I said. May be it help you.
I have a list which I need to filter based on the group of currently logged-in users using an out-of-the-box feature.
For example: I created a list named "test".
Now I have created 3 folders in the test list using the names of a SharePoint User Group and added 1 item in each. Then I add that list web-part to another page.
I want to display, for example, to "user1" only the folder "user1" along with its item.
In SharePoint Designer 2010, I am trying to show three list view web parts on a page. The three views are of a list (for example, Key Requests), the workflow items associated with that list and then the tasks associated with that list. I want to be able to click on a item in the list and it refreshes the workflow and task list view web parts. I am able to connect the workflow items to the list by joining the list item ID to the Primary Item ID field on the workflow list (under Managing Connections). But connecting the list item to the task items seems a little more difficult. Does anyone know how to do this?
I am trying to add a customised announcement list to the main page of my SharePoint site on this list, there will be 7 columns on the list but the challenge i'm having now is how to only display 3 out of the 7 columns on the site and the other columns will only be displayed when user clicks on add new announcement or clicks on the list itself. Please can anyone give me an idea of how to achieve this.
E.g: Assuming i customised an announcement list to have column: management, operations, Assets, Finance,HR,QHSE and Technical and added it on my SharePoint page via web-part, How can i make it to only display 3 of the 7 columns like management, operations, Assets while other columns will only be seen whenever users click on the add new announcement or go directly to the list itself. Thanks
For displaying only 3 columns, create a view and set it in the webpart options.
When you create a new view of a SharePoint list, it essentially creates a new .aspx page with the view customized per your definition. This can be done for standard views easily from the SharePoint list's web interface. This is the suggestion from Le_Freddo and should work for creating custom views but not for creating custom edit pages.
For that I believe you need to use SharePoint Designer. Open the site in SharePoint Designer then locate the list you're working on under 'Lists' in the 'FolderList'. You'll see 4 pages, AllItems, DispForm, EditForm, and NewForm. Make a copy of the EditForm (before you modify it), then open the EditForm to make your changes to it. You can add or remove fields from the page. In this way you can customize the Edit form to show all fields or only a subset.
You can also use this method to customize the other views (removing columns you don't want users to see).
When you're done, you can direct your List to use the new pages or define which page to use for each operation (View-All, Display, Edit, Create New) by setting the List's properties (right click the list in the Folder View, select Properties, then the 'Supporting Files' tab will have links to the pages configured for these actions).
Good luck...
I have a custom list created in Sharepoint 2007 and displayed by a content query web part.
I would like to
Show all items to general admin users except those items created by two users.
The two admin users need to see all items in the list.
The first requirement is easily done by adding a filter to the view on the created by field.
The second one is where I need help, is there a way to set the view of a list based on the user logged in to acheive the second requirement?
Or is this achievable another way?
Many Thanks,
Nav
If user has SPBasePermissions.ManageLists permissions, he will have permissions to view all items in the list.
If its not about permissions, but just which view which user sees by default, then it will involve some sort of coding :
Either you create webpart which will switch to desired view for desired user. (Involves coding, building, deploying)
Use content editor web part to switch with javascript - not that nice solution. (Because page would reload when you open it).
In the end I created two pages one called restricted and the other for all users configured the views on each page for each group of users. Then I restricted access to the 'restricted' page to the relevant users.
I used audiencing to display a link to the 'restricted' page to selected users