locked
User permissions in Sharepoint Enabled Lightswitch Apps RRS feed

  • Question

  • Hi all

    I would like to create user permissions within my Sharepoint enabled lightswitch app for certain read/edit add access to various screens or data, and can totally see how to do this if you are using forms authentication.

    Of course once you make your app lightswitch enabled you cannot create these permissions.  Is there a work around?

    Thursday, October 31, 2013 8:48 PM

Answers

  • Authorization is not available for SharePoint enabled LightSwitch apps.  There is no good workaround.

    However, you can write some logic to grant/deny access using the new properties available in Application.User object.  For example, in your app you want to allow only users from a particular department, say "Human Resources" to delete records.  In this case you can write the following logic in Can_Delete method:

    partial void Table1Items_CanDelete(ref bool result)
    {
        result = this.Application.User.Department.Equals("Human Resources");
    }
    Hope this helps.

    Friday, November 1, 2013 3:02 AM
    Moderator

All replies

  • Authorization is not available for SharePoint enabled LightSwitch apps.  There is no good workaround.

    However, you can write some logic to grant/deny access using the new properties available in Application.User object.  For example, in your app you want to allow only users from a particular department, say "Human Resources" to delete records.  In this case you can write the following logic in Can_Delete method:

    partial void Table1Items_CanDelete(ref bool result)
    {
        result = this.Application.User.Department.Equals("Human Resources");
    }
    Hope this helps.

    Friday, November 1, 2013 3:02 AM
    Moderator
  • thanks so much for replying....

    so there is nothing like the above where except for Department we can use user group?  Where are you calling Department from the user.info table?

    Friday, November 1, 2013 4:10 AM
  • User object is of type PrincipalInfo (see PrincipalInfo members) so that brings in all the members of that class.

    Friday, November 1, 2013 2:35 PM
    Moderator
  • Hey Ravi,

    that link is 404, can you point us to the correct place?

    I like Skolle, get very frustrated with the permissions on Lists in SharePoint, such as being able to limit a persons form or view on a list based on who they are or what SG they are in.

    It always lets you edit everything , or nothing. I was looking at LightSwitch to implement a issue logging system. I need to be able to let some people edit a field and other people to be able to view and not edit.

    This is never clear, so anything that can be used to make this easier would be greatly appreciated.

    Rob


    Rob

    Wednesday, March 5, 2014 6:19 PM
  • Hi Rob

    I am glad someone shares my pain....

    A work around I am using is having the original app as a Azure web application (thus creating an Azure SQL database).  Then creating different SharePoint apps based on this Azure external datasource according to role and function. eg. an administrator app and staff app

    Thne burying these separate apps in permission controlled sites within SharePoint.

    Not bullet proof, but something.

    Cheers

    Sally

    Wednesday, March 5, 2014 10:31 PM
  • Hey Sally,

    That is a very clever solution to the problem. I feel that that took you a lot of deep thinking to implement.

    However, the fact that we are driven to find workarounds to a "feature" of SharePoint speaks to the lack of foresight from Microsoft on the permission model as they move to the cloud. It is not a massive jump in thinking to be able to let people have different levels of access to a List depending on their roles or permissions. This is the 3rd if I count correctly, attempt from them to implement a "model".

    • IIS webpart - visual Studio
    • InfoPath - Dead, but still as the default form editor.
    • SharePoint designer - hmmmm
    • Visual Studio

    And now, another "thing" , LightSwitch. I know from personal experience and my customers experience is that we are all sick of this hopping around different technologies. I know that with some customers I am speaking to looking at SharePoint in the cloud, that they are waiting to see how the LightSwitch app model works out, and if it begins to show cracks , they are finished with SharePoint as a technology.

    Rob


    Rob

    Friday, March 7, 2014 12:42 PM
  • I hate to pile on here but agree with Rob. We need a bullet proof way to create more complex forms in SharePoint without full blown custom Visual Studio.

    My primary frustration is Master/Details functionality which lightswitch seems perfect for. I have a great application up but now want to show a button to admin view of form that allows more data input. Unfortunately, with no way to access the SharePoint permissions or create custom permissions from the HTML client with SharePoint that is exceedingly difficult.

    If this last piece can be added for LS HTML Apps + SharePoint then I'm sold on this tool. As of now... I'm stuck trying to create a wonky workaround :(

    Friday, March 7, 2014 4:50 PM
  • If I can just add to that pile.....

    The limitation of External Lists (i.e. no inline editing or workflows) is also a huge aggravation, particularly when using the work around as I described above.

    Friday, March 7, 2014 9:27 PM
  • Hi.

    I don't know if you'll like the idea, but..

    One possible work around is: Create an Entity "USER_LS" that is relationed (1 - 0.1) with the UserInformationList, using IdUserO365 like key to "USER_LS.NameKey". (It's going to use the email of the account).

    After, just create Fields that represents permissions on the "USER_LS".

    When you need to verify some permission, just do a search in "USER_LS" that has the "USER_LS.NameKey" equals to "Application.User.Id" - May be other property, I don't remender.

    And That's it. Now you can control permissions =)

    Sorry about the bad english, I'm brazilian and English is not my specialty.

     


    Thursday, September 17, 2015 2:49 AM