Wednesday, January 21, 2009
Sunday, October 19, 2008
The blog has moved!
I've moved my blog to my own hosting and plan to be posting more often on my new site.
Please check it out at:
http://corypeters.net
Please check it out at:
http://corypeters.net
Wednesday, August 27, 2008
SharePoint Permission Strings
SharePoint uses permission or rights strings in numerous places including setting permissions for Custom Actions in your feature XML. A colleague asked this question recently and I had to lookup the answer so I decided I would post for my own reference.
AddAndCustomizePages | Add, change, or delete HTML pages or Web Part Pages, and edit the Web site using a Windows SharePoint Services–compatible editor. |
AddDelPrivateWebParts | Add or remove personal Web Parts on a Web Part Page. |
AddListItems | Add items to lists, add documents to document libraries, and add Web discussion comments. |
ApplyStyleSheets | Apply a style sheet (.css file) to the Web site. |
ApplyThemeAndBorder | Apply a theme or borders to the entire Web site. |
ApproveItems | Approve a minor version of a list item or document. |
BrowseDirectories | Enumerate files and folders in a Web site using Microsoft Office SharePoint Designer 2007 and WebDAV interfaces. |
BrowseUserInfo | View information about users of the Web site. |
CancelCheckout | Discard or check in a document which is checked out to another user. |
CreateAlerts | Create e-mail alerts. |
CreateGroups | Create a group of users that can be used anywhere within the site collection. |
CreateSSCSite | Create a Web site using Self-Service Site Creation. |
DeleteListItems | Delete items from a list, documents from a document library, and Web discussion comments in documents. |
DeleteVersions | Delete past versions of a list item or document. |
EditListItems | Edit items in lists, edit documents in document libraries, edit Web discussion comments in documents, and customize Web Part Pages in document libraries. |
EditMyUserInfo | Allows a user to change his or her user information, such as adding a picture. |
EmptyMask | Has no permissions on the Web site. Not available through the user interface. |
EnumeratePermissions | Enumerate permissions on the Web site, list, folder, document, or list item. |
FullMask | Has all permissions on the Web site. Not available through the user interface. |
ManageAlerts | Manage alerts for all users of the Web site. |
ManageLists | Create and delete lists, add or remove columns in a list, and add or remove public views of a list. |
ManagePermissions | Create and change permission levels on the Web site and assign permissions to users and groups. |
ManagePersonalViews | Create, change, and delete personal views of lists. |
ManageSubwebs | Create subsites such as team sites, Meeting Workspace sites, and Document Workspace sites. |
ManageWeb | Grant the ability to perform all administration tasks for the Web site as well as manage content. Activate, deactivate, or edit properties of Web site scoped Features through the object model or through the user interface (UI). When granted on the root Web site of a site collection, activate, deactivate, or edit properties of site collection scoped Features through the object model. To browse to the Site Collection Features page and activate or deactivate site collection scoped Features through the UI, you must be a site collection administrator. |
Open | Allow users to open a Web site, list, or folder to access items inside that container. |
OpenItems | View the source of documents with server-side file handlers. |
UpdatePersonalWebParts | Update Web Parts to display personalized information. |
UseClientIntegration | Use features that launch client applications; otherwise, users must work on documents locally and upload changes. |
UseRemoteAPIs | Use SOAP, WebDAV, or Microsoft Office SharePoint Designer 2007 interfaces to access the Web site. |
ViewFormPages | View forms, views, and application pages, and enumerate lists. |
ViewListItems | View items in lists, documents in document libraries, and view Web discussion comments. |
ViewPages | View pages in a Web site. |
ViewUsageData | View reports on Web site usage. |
ViewVersions | View past versions of a list item or document. |
Source
Monday, July 21, 2008
Properly Populating and Retrieving SharePoint Field Data
SharePoint uses a lot of field types that have different underlying schemas, delimiters and formats. I see a lot of people reverse engineer the field information and "hack" the data into the list using a string such as "1;#Title" for a lookup field. Well this isn't exactly best practice so I've put together a reference table below to assist in using the correct data types for populating or retrieving information from a SharePoint list.
Lookup Field
Field Class: SPFieldLookup
Field Value Class: SPFieldLookupValue
Populating Information:
item["FieldName"] = new SPFieldLookupValue("Title"); // SharePoint will do the lookup as long as the LookupValue's are unique
item.Update();
or
item["FieldName"] = new SPFieldLookupValue(1, "Title");
item.Update();
Retrieving Information:
SPFieldLookupValue itemValue = item["FieldName"] as SPFieldLookupValue;
int id = itemValue.LookupId;
string value = itemValue.LookupValue;
Multiple Lookup Field
Field Class: SPFieldLookup
Field Value Class: SPFieldLookupValueCollection
Populating Information:
SPFieldLookupValueCollection itemValues = SPFieldLookupValueCollection();
itemValues.Add(new SPFieldLookupValue(1, "Title"));
item["FieldName"] = itemValues;
item.Update();
Retrieving Information:
SPFieldLookupValueCollection itemValues = item["FieldName"] as SPFieldLookupValueCollection;
foreach (SPFieldLookupValue itemValue in itemValues)
{
int id = itemValue.LookupId;
string value = itemValue.LookupValue;
}
User Field
Field Class: SPFieldUser
Field Value Class: SPFieldUserValue
Populating Information:
web.EnsureUser(@"domain\username");
SPUser user = web.AllUsers[@"domain\username"];
item["FieldName"] = user;
item.Update();
Retrieving Information:
string currentValue = item["FieldName"].ToString();
SPFieldUser userField = list.Fields.GetFieldByInternalName("FieldName");
SPFieldUserValue itemValue = (SPFieldUserValue)userField.GetFieldValue(currentValue);
SPUser user = itemValue.User;
URL Field
Field Class: SPFieldUrl
Field Value Class: SPFieldUrlValue
Populating Information:
SPFieldUrlValue urlValue = new SPFieldUrlValue();
urlValue.Url = "http://www.google.com";
urlValue.Description = "Google";
item["FieldName"] = urlValue;
item.Update();
Retrieving Information:
SPFieldUrlValue urlValue = new SPFieldUrlValue(item["FieldName"].ToString());
string url = urlValue.Url;
string description = urlValue.Description;
Multiple Choice Field
Field Class: SPFieldMultiChoice
Field Value Class: SPFieldMultiChoiceValue
Populating Information:
SPFieldMultiChoiceValue itemValue = new SPFieldMultiChoiceValue();
itemValue.Add("Choice 1");
itemValue.Add("Choice 2");
itemValue.Add("Choice 3");
item["FieldName"] = itemValue;
item.Update();
Retrieving Information:
SPFieldMultiChoiceValue itemValue = new SPFieldMultiChoiceValue(item["FieldName"].ToString());
foreach (string choice in itemValue)
{
// value is in choice
}
Thursday, June 26, 2008
Creating MySites Programmatically
Instead of asking every user to click on "My Site" and have the site provisioned for them it's sometimes nice to already have the site created... or create it as part of the Employee Intake process. This is especially true if the My Site plays a role in a custom application as it did for one of my clients.
Here's a snippet to get you started:
However, I kept getting the following error message:
You do not have access to create this personal site.
Now.. I'm an admin on the box and within SharePoint but it turns out you will see this error if your user does not have access to Shared Services. You'll either need to impersonate a higher user using SPSecurity or, in my case, simply right click on your command line application and choose "Run as..." and enter the credentials for your Shared Services administrator.
Here's a snippet to get you started:
using (SPSite site = new SPSite(url))
{
UserProfileManager profileManger = new UserProfileManager(ServerContext.GetContext(site));
UserProfile profile = profileManger.GetUserProfile(@"domain\user");
profile.CreatePersonalSite();
}
However, I kept getting the following error message:
You do not have access to create this personal site.
Now.. I'm an admin on the box and within SharePoint but it turns out you will see this error if your user does not have access to Shared Services. You'll either need to impersonate a higher user using SPSecurity or, in my case, simply right click on your command line application and choose "Run as..." and enter the credentials for your Shared Services administrator.
Thursday, June 12, 2008
Denying User Access At The Site Level
It's a pretty well known fact that SharePoint cannot deny access for a user below the Web Application level as shown in the screenshot below. Sadly there will be no code samples for this one as it's pretty proprietary stuff.
Well, one of my clients had this exact problem. Except that the answer "Sorry, SharePoint doesn't do that." didn't solve the underlying business problem. Here is a scenario and the provided "Out-Of-The-Box Solution".
We chose to do the latter in an automated fashion. What we ended up with is as follows.
This solution has the following pluses
Well, one of my clients had this exact problem. Except that the answer "Sorry, SharePoint doesn't do that." didn't solve the underlying business problem. Here is a scenario and the provided "Out-Of-The-Box Solution".
- Users are given access to a site through a single group "SharePoint Users".
- This "SharePoint Users" group is used throughout the rest of the site collection so simply modifying it is not an option.
- John Doe is a member of this "SharePoint Users" group but because of an "Ethical Wall" (Law Firm jargon for blocking one lawyer from seeing another lawyers documents) John Doe cannot have access to this site.
We chose to do the latter in an automated fashion. What we ended up with is as follows.
- A custom SQL table that holds the list of people that should be denied access to a particular site.
- A Timer Job that constantly ensures that those people are actually denied.
- A configuration panel in Central Administration to maintain which web applications are using the functionality and to hold configuration options.
- A data input panel built into each SharePoint site to allow administrators to deny users and to view who is currently denied.
This solution has the following pluses
- Will loop through both SharePoint Groups and AD Groups no matter how complicated the nested group structure is
- Makes a manual process somewhat automated to ensure less user error
- Although it creates an administrative problem for adding new users (users will not have acecss when they should) it does protect against the more dangerous scenario (a user does have access when they shouldn't)
Wednesday, June 11, 2008
Hiding Empty Publishing Fields in a Page Layout
Most of the time when you're rendering web content that content will exist in a container or have a header or a footer, etc. If you're rendering an HTML publishing field within SharePoint the user could have simply left the field blank (unless you make the field required of course). In this case you probably don't want to render the container/header/footer if there isn't going to be any content. So let's get down to business...
First you have you're normal code
This is fine but we don't want "Publishing Header" showing if there is no content in the field. So what do we do? First drop the following code at the beginning of the "PlaceHolderMain" in your custom page layout.
Now we just have to use some inline ASP to check the field before we do our rendering.
<%
%>
First you have you're normal code
<h3>Publishing Header</h3>
<publishingwebcontrols:richhtmlfield id="PublishingContent1" fieldname="PublishingContent" runat="server"></publishingwebcontrols:richhtmlfield>
This is fine but we don't want "Publishing Header" showing if there is no content in the field. So what do we do? First drop the following code at the beginning of the "PlaceHolderMain" in your custom page layout.
<script runat="server">
public static bool FieldHasValue(SPListItem item, string fieldName)
{
if (item.Fields.ContainsField(fieldName) && item[fieldName] != null)
{
string html = item[fieldName].ToString();
Regex regex = new Regex(@"?\w+((\s+\w+(\s*=\s*(?:"".*?""|'.*?'|[^'"">\s]+))?)+\s*|\s*)/?>", RegexOptions.Singleline);
MatchCollection matches = regex.Matches(html);
foreach (Match match in matches)
{
html = html.Replace(match.Value, "");
}
html = html.Replace("\n", "").Trim();
return (html.Length > 0);
}
return false;
}
</script>
Now we just have to use some inline ASP to check the field before we do our rendering.
<%
if (FieldHasValue(item, "PublishingContent"))
Response.Write("<h3>Publishing Header</h3>");
%>
<publishingwebcontrols:richhtmlfield id="PublishingContent1" fieldname="PublishingContent" runat="server"></publishingwebcontrols:richhtmlfield>
Subscribe to:
Posts (Atom)