Home > General > SharePoint Security Trimmers – A smart fish

SharePoint Security Trimmers – A smart fish


From the day one when i started playying with sharepoint (pardon me for that but for atleast 6 mnths I was doing that only 😐 ) I had a doubt that, is there any easy, clean and powerful way to manage user access to links and items of sharepoint. And one fine day I came across a sweet littel cuty called “Security Trimmers”.
So now what is this?
Ok. as per definition from msdn: Conditionally renders the contents of the control to the current user only if the current user has permissions defined in the PermissionString .

So what is PermissionString?

Its usual attribute of SecurityTrimmer control as like any other control. This attribute allows to display the HTML content and/or control(s) encapsulated within the SecurityTrimmer element to the users falling in the specified permission level. Sample of he same can be as below:

<Sharepoint:SPSecurityTrimmedControl runat=”server” PermissionsString=”ViewFormPages” Visible=”false”>
<div>
<SharePoint:SPLinkButton id=”idNavLinkViewAll” runat=”server” NavigateUrl=”~site/_layouts/viewlsts.aspx” Text=”<%$Resources:wss,quiklnch_allcontent%>” AccessKey=”<%$Resources:wss,quiklnch_allcontent_AK%>”>
</SharePoint:SPLinkButton>
</div>
</SharePoint:SPSecurityTrimmedControl>

The possible permission strings with their details can be found at like below:

http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.spbasepermissions.aspx

now the question arises what are these permission strings actually and how they help to enforce security?

So these permission strings are nothing but the set of permissions which contributes to create default sharepoint permission levels (Full Control, Viewer, Reader, Contributor etc.) and custom ones. Based on these permission levels we can allow access to user(s) and/ or group(s). To enforce the security sharepoint makes use of the Permission Levels after identifying the user, group.

A catch here:  Please never try to use Permission Levels into the PermissionString attribute of the control.  It is not supported that way.

There is one more interesting thing I would like to share here but for that need to wait. till I explore this http://msdn.microsoft.com/en-us/library/microsoft.sharepoint.sprights.aspx

Advertisements
Categories: General
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: