grant and revoke SharePoint Permission at run time , for a user , for a list
-
Friday, May 04, 2012 2:06 PM
Hi
can I do this in sharePoint ,
A feature or a code , which sets particular user's (say Thomas)permission , for SharePoint list say "Career", at runtime , means if the feature is activated , Thomas will have my custom permissions, if Feature is deactivated , then he should get all his default /Original permission.
and Feature should only affect Thomas's Permission for List career only , not any other list.
is it possible?
Thank
With Thanks and Regards, Azra
All Replies
-
Friday, May 04, 2012 2:28 PM You could do this fairly easily with a Feature Event Receiver. the one side effect would be that in order to modify Thomas's permissions for just that one list you would need to break security inheritance on the list. You can copy the default permisisons automatically when you do that, but would then need to adjust Thoma's permissions to the list, remove permissions from any groups that Thomas is a member of and re-apply permisisons for any other member of such a group. So it could become pretty involved if Thomas gets his permissions through group membership.
Paul Stork SharePoint Server
MVP Senior Solutions Architect: BlueChip Consulting Group
Blog: http://dontpapanic.com/blog
Twitter: Follow @pstork
Please remember to mark your question as "answered" if this solves your problem.- Proposed As Answer by HeToCMicrosoft Community Contributor Saturday, May 05, 2012 5:36 PM
- Marked As Answer by Qiao WeiMicrosoft Contingent Staff, Moderator Friday, May 11, 2012 10:48 AM
-
Saturday, May 05, 2012 6:29 AM
Thanks, I have another query regarding this.
how will I remember the original permissions? as Feature activated or deactivated will be quite apart in timelines.
i.e. I activated Feature on 1st Jan , but may deactivate it after 2-3 months or anytime.
With Thanks and Regards, Azra
-
Saturday, May 05, 2012 12:38 PM
can anyone please help?
With Thanks and Regards, Azra
-
Saturday, May 05, 2012 5:29 PM
Hi,
Honnestly, I don't know your business scenario but I'd clearly recommend educating site owners to manage permissions in the UI rather than fiddling with it in code. Morevoer, I suppose that you should avoid hard-coding usernames & the types of permissions you want to grant them....This means that in the end you should provide a UI to let business users decide which permissions goes to who.
So in that case, you'd better fallback to the OOTB way of granting/revoking permissions instead of reinventing the wheel.
If, for some obscure reasons, you still need to do everything by code, you can indeed use a feature receiver and to make it a bit configurable, you might consider using a property bag. You could preconfigure some values statically in the feature file and you could also use that property bag to store the original permissions at runtime. But once again, I find this request very strange :)
Best Regards
http://www.silver-it.com - My blog http://sptoolbasket2010.codeplex.com - Rating for 2007 http://sptoolbasket.codeplex.com - Tools for 2010
- Marked As Answer by Qiao WeiMicrosoft Contingent Staff, Moderator Friday, May 11, 2012 10:48 AM
-
Saturday, May 05, 2012 5:41 PM
how will I remember the original permissions? as Feature activated or deactivated will be quite apart in timelines.
The best way is to serialize em (via your own serializable class) to the Webs' PropertyBag.
This is a simple hashtable that is used to store internal properties related to SPWeb, I wish there is one for SPList...
- Proposed As Answer by HeToCMicrosoft Community Contributor Saturday, May 05, 2012 5:41 PM
- Marked As Answer by Qiao WeiMicrosoft Contingent Staff, Moderator Friday, May 11, 2012 10:48 AM
