Wednesday, November 4, 2009

Restricting accessing view for admins only

Scenario:
One of the requirement we had was something like this.

Users can submit Feedback forms and should not be able to see other feedback.
But Owners should be able to go to Feedback List and see all the feedbacks.

Solution:
Custom Web Part was the solution. We gave contributor rights to all the users on this list and to avoid them visiting the complete list we added a webpart on top of the AllItems.aspx List.

Code:

using System;
using System.Runtime.InteropServices;

using Microsoft.SharePoint;

namespace ReDirectWebPart
{
public class ReDirectWebPart : System.Web.UI.WebControls.WebParts.WebPart
{
public ReDirectWebPart()
{
}

private const string const_permissionMask = "9223372036854775807";
private string m_permissionMask = const_permissionMask;

// Configuration List Name property.
[Personalizable(PersonalizationScope.Shared)]
[WebBrowsable(true)]
[Category("Custom Properties")]
[WebDisplayName("Permission Mask")]
[Description("Permission Mask (i.e. FullMask = 9223372036854775807")]
[DefaultValue(const_permissionMask)]
public string PermissionMask
{
get
{
return m_permissionMask;
}

set
{
m_permissionMask = value;
}
}

private const string const_urlToRedirect = "/";
private string m_urlToRedirect = const_urlToRedirect;

// Configuration Url to Redirect property.
[Personalizable(PersonalizationScope.Shared)]
[WebBrowsable(true)]
[Category("Custom Properties")]
[WebDisplayName("Url to Redirect")]
[Description("Url to Redirect")]
[DefaultValue(const_urlToRedirect)]
public string UrlToRedirect
{
get
{
return m_urlToRedirect;
}

set
{
m_urlToRedirect = value;
}
}

protected override void OnLoad(EventArgs e)
{
base.OnLoad(e);

SPList list = SPContext.Current.List;

if (!string.IsNullOrEmpty(PermissionMask))
{
if (!list.DoesUserHavePermissions((SPBasePermissions)Enum.Parse(typeof(SPBasePermissions),PermissionMask)))
{
if (string.IsNullOrEmpty(UrlToRedirect))
{
this.Page.Response.Redirect(SPContext.Current.Web.Url);
}
else
{
this.Page.Response.Redirect(UrlToRedirect);
}
}
}
else
{
if (!list.DoesUserHavePermissions(SPBasePermissions.FullMask))
{
if (string.IsNullOrEmpty(UrlToRedirect))
{
this.Page.Response.Redirect(SPContext.Current.Web.Url);
}
else
{
this.Page.Response.Redirect(UrlToRedirect);
}
}
}
}

public override void RenderControl(System.Web.UI.HtmlTextWriter writer)
{
if (string.IsNullOrEmpty(UrlToRedirect) || string.IsNullOrEmpty(PermissionMask))
{
writer.Write("Please configure the webpart with proper custom property values");
}
base.RenderControl(writer);
}
}
}
Enhacements:
1. You can make it generic with what custom properties for what type of permission and the url to redirect. ( Code Updated to include it )

1 comments:

Cornelius J. van Dyk December 7, 2009 at 10:25 PM  

Why extreme care should be taken when using DoesUserHavePermission(SPBasePermissions.FullMask)... :-(
http://www.cjvandyk.com/blog/Lists/Posts/Post.aspx?ID=225
Use DoesUserHavePermission(SPBasePermissions.ManageWeb) instead.

Hope that helps someone out...

Later
C
http://www.cjvandyk.com/blog