Custom Field für Berechtigung auf Spaltenebene

Wer mal die Anforderung hat, dass eine Berechtigung bis auf Spaltenebene heruntergebrochen werden kann, kann vielleicht das Secure Field brauchen.

Windows SharePoint Services 3.0 and Microsoft Office SharePoint Server 2007 support a rich security model that allows administrators to control access to sites and content by assigning permissions to users and groups for a specific securable object (such as site, list, library, folder and even an individual document or item).

However, in certain scenarios there is a need to secure access to individual columns in lists or document libraries. Currently, SharePoint does not provide out of the box support for securing columns or views. A typical scenario that would require this might be a list that contains a broad spectrum of information about an employee or a client, where certain columns (salary, revenue to date, potential to promote, etc.) might ideally only be viewable by certain groups within the portal.

To address those scenarios, this paper describes a method to leverage SharePoint extensibility and built-in item to level security to allow applying column-level permissions to a custom field type. This is accomplished through the use of a lookup field as the column, with behind the scenes ties to another list that contains the secure values and a method to provision those values back to the lookup only for users with valid permissions.

The result is that in the view mode authorized users will see the content of a secure column as if it was a normal column, while unauthorized users will not see the content of the column at all. This different behavior is shown in Figure 1. Similarly, only authorized users will be able to access the content of a secure column in new and edit modes.



Kommentar verfassen

Trage deine Daten unten ein oder klicke ein Icon um dich einzuloggen:

Du kommentierst mit Deinem Abmelden /  Ändern )

Google+ Foto

Du kommentierst mit Deinem Google+-Konto. Abmelden /  Ändern )


Du kommentierst mit Deinem Twitter-Konto. Abmelden /  Ändern )


Du kommentierst mit Deinem Facebook-Konto. Abmelden /  Ändern )


Verbinde mit %s