BCS External List individual List Item permissions? RRS feed

  • Question

  • Just curious if it is possible to create an External Content type to some sql table rows and surface it as an external list in sharepoint, but with individual list item permissions.

    Essentially, say you have a table in a sql database

    ID, CompanyID, Description

    And you have a people picker that assigns a Company claim to each user logged into the site.  

    Then you create a BCS Model in Visual studio 2010 and have it surface data from that table to BCS using a Select *, for the ReadList operation, and a Select * where ID = X for the ReadItem operation.

    Now when you create an external list on that in sharepoint it lists out all the items from the table, cool.  But I only want users to see the items that are for X company based on what company that user is in.  (just an example).

    What I'm considering trying, is seeing if the logged in user is what the code runs as in the BDCM model in my Visual studio project.  If it does, then I could do something like

    IClaimsPrincipal companyClaim = //Get current users company claim

    SPClaim companyClaim = new SPClaim(ClaimTypes.MyCompanyClaimType, ClaimProvider.internalName... etc)

    , then for ReadList

    Select * from ... where Company = companyClaim.Value

    , forsecurity on read item

    Select * from ... where ID=X and Company = companyClaim.Value

    Now, this is all theoretical, wondering if anyone has tried something similar, or knows a better way to do individual list item permission on an external list?

    I would like to avoid a scenario requiring an External Content type for each company.


    My Blog: http://www.thesug.org/Blogs/ryan_mann1/default.aspx Website: Under Construction

    Monday, October 29, 2012 12:01 AM


All replies