locked
confidential level design RRS feed

  • Question

  • Hi

    my project requirement is that user should have access to reports in a document library based on their confidentiallity level.

    am thinking of having confidentiality level as a metadata on the document library.

    have a list of users with confidentiality level and programmaticaly assign each user permission to the items in the document on itemadded event

    i dont know if this will work or any other better design

    Thanks

    Friday, October 5, 2012 10:09 AM

Answers

  • You can library settings to stop it being searched.

    I mean that if you use views to secure it, it isn't really SECURE, it can be circumvented.

    Therefore I suggest you use proper SharePoint permissions. However per item permissions for example are a pain to manage. So, without some sort of extra solution being written or bought I suggest putting the different documents in different libraries and securing the whole library with each permission needed.


    w: http://www.the-north.com/sharepoint | t: @JMcAllisterCH | c: http://www.b-i.com

    • Marked as answer by anelkab Monday, October 8, 2012 2:39 PM
    Friday, October 5, 2012 3:00 PM

All replies

  • Having it based on metadata might be difficult. Item level permissions or different libraries would be most secure but harder to manage.

    Per Location Views can be used to work with Metadata so that might be a solution, only items with certain metadata would be shown there. You can also secure the views (it's something of a hack) and ensure only certain users can see certain items.

    But if this truly needs to be secure, Item level permissions or (preferably from a management standpoint)different libraries are going to be best.


    w: http://www.the-north.com/sharepoint | t: @JMcAllisterCH | c: http://www.b-i.com

    Friday, October 5, 2012 10:26 AM
  • By the way talking about metadata that means this is a SharePoint 2010 question right? As such it's in the wrong forum - this forum is pre-2010...

    w: http://www.the-north.com/sharepoint | t: @JMcAllisterCH | c: http://www.b-i.com

    Friday, October 5, 2012 10:30 AM
  • thanks let me ask it in right column
    Friday, October 5, 2012 2:00 PM
  • thanks. when you say

    "Having it based on metadata might be difficult. Item level permissions or different libraries would be most secure but harder to manage". what are the challenges

     can the view secure it from being search

    • Marked as answer by anelkab Monday, October 8, 2012 2:39 PM
    • Unmarked as answer by anelkab Monday, October 8, 2012 2:39 PM
    Friday, October 5, 2012 2:22 PM
  • You can library settings to stop it being searched.

    I mean that if you use views to secure it, it isn't really SECURE, it can be circumvented.

    Therefore I suggest you use proper SharePoint permissions. However per item permissions for example are a pain to manage. So, without some sort of extra solution being written or bought I suggest putting the different documents in different libraries and securing the whole library with each permission needed.


    w: http://www.the-north.com/sharepoint | t: @JMcAllisterCH | c: http://www.b-i.com

    • Marked as answer by anelkab Monday, October 8, 2012 2:39 PM
    Friday, October 5, 2012 3:00 PM
  • Hi anelkab,

    We can download the Useful SharePoint Designer Custom Workflow Activities from CodePlex. This project provides some custom workflow activities to manager permissions for item level.

    http://spdactivities.codeplex.com/wikipage?title=Available%20Activities

    Then, instead of use event receiver, you can also use SharePoint Designer workflow.

    Thanks & Regards,
    Emir Liu
    TechNet Subscriber Support in forum
    If you have any feedback on our support, please contact tnmff@microsoft.com


    Emir Liu

    TechNet Community Support

    Monday, October 8, 2012 6:05 AM
  • Will i need to install this package in the production server or only on the development server
    Thursday, October 11, 2012 12:09 PM
  • The WF activities would need to go into all environments where they were used. :/

    w: http://www.the-north.com/sharepoint | t: @JMcAllisterCH | c: http://www.b-i.com

    Thursday, October 11, 2012 12:30 PM